For many Americans, a home mortgage is the biggest, most important debt they'll ever carry. So it's crucial for everything from your credit score to your basic liquidity that monthly mortgage payments be handled correctly. The Consumer Financial Protection Bureau's (CFPB) latest enforcement action highlights a nightmare scenario, where a major payment processor illegally made unscheduled mortgage payments from half a million customers, causing untold stress and financial pain.
ACI's mortgage payment fiasco
ACI is a payment processing company that offers services across industries including healthcare, student loans, telecommunications, and mortgage servicing. ACI claims to process more than 225 billion transactions every year across more than 6,000 companies. The payments firm reported net income of $142 million against revenue of $1.422 billion last year.
Mortgage servicer Mr. Cooper handles mortgage payments for more than four million customers. The company offered ACI's Speedway payment product to its mortgage loan customers until at least 2021. The product created an instant bridge for the transferring of funds between clients' bank accounts and Mr. Cooper.
From just $107.88 $24.99 for Kiplinger Personal Finance
Become a smarter, better informed investor. Subscribe from just $107.88 $24.99, plus get up to 4 Special Issues
Sign up for Kiplinger’s Free Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
ACI tested its electronic payments platform on Friday, April 23, 2021. During the test, ACI's employees somehow used extensive real data obtained from Mr. Cooper, rather than dummy data. The Speedway software inadvertently sent customer data containing real names, bank account numbers and more through the ACH payment network.
The result? ACI illegally submitted $2.3 billion in electronic mortgage payments from nearly 500,000 homeowners’ accounts.
Affected customers noticed bank errors and financial consequences as early as Saturday, April 24. More than 60,000 customers at one bank had more than $330 million illegally leave their accounts. Over 7,300 customers saw their balances drop by more than $10,000 unexpectedly.
The CFPB's findings
Fast forward to June 27, 2023, when the CFPB reported that ACI’s actions violated several consumer financial protection laws. The federal agency catalogued distinct violations of the Electronic Fund Transfer Act and its implementing rule, Regulation E, as well as the Consumer Financial Protection Act.
Illegal account withdrawals
CFPB held that "ACI initiated approximately 1.4 million ACH withdrawals on behalf of Mr. Cooper from homeowners’ accounts on April 23, 2021, without a valid written authorization. This included initiating electronic fund transfers on days when they were not scheduled and initiating multiple transfers from the same accounts on the same day."
Improper handling of consumer data:
CFPB also found that ACI's illegal transactions and the resulting harms stemmed from the company’s improper use of consumer data during its payment test. The agency contends that ACI dropped the ball on creating reasonable data security practices, which could have stopped real customer data from slipping into a live payment system test.
The CFPB's enforcement action
The CFPB invoked the Consumer Financial Protection Act and Electronic Fund Transfer Act to enact the following punishments:
- ACI ordered to pay $25 million in civil penalties:
- The fine will be paid to the CFPB for inclusion in the CFPB victims relief fund, which compensates victims of shady company practices broadly.
- ACI ordered to stop illegal payment practices:
- ACI is ordered to adopt stronger info security rules. CFPB further prohibits the company from processing payments without customer authorization, and from using real customer data in software development and testing without consumer consent.
The bottom line
It's a fact of life that major institutions charged with protecting your money and personal information will inevitably experience fraud, breaches, and even honest yet damaging mistakes. There are a few things customers can do to protect themselves.
Sign up for free credit monitoring from services like Capital One’s CreditWise or Chase’s Credit Journey credit score and monitoring services. Set alerts that inform you whenever your bank account or credit card registers large transactions above a certain threshold.
Get to know your money personality by writing down income, expenses, and regular financial behaviors. Check on your major accounts a few times a month at least, so you can catch erroneous charges and payments and maintain financial peace of mind. And if you see bad or careless corporate behavior, file a complaint with the CFPB.
Related Content
-
Dow Adds 646 Points, Hits New Highs: Stock Market TodayIt was "boom" for the Dow but "bust" for the Nasdaq following a December Fed meeting that was less hawkish than expected.
-
5 Types of Gifts the IRS Won’t Tax: Even If They’re BigGift Tax Several categories of gifts don’t count toward annual gift tax limits. Here's what you need to know.
-
The 'Scrooge' Strategy: How to Turn Your Old Junk Into a Tax DeductionTax Deductions We break down the IRS rules for non-cash charitable contributions. Plus, here's a handy checklist before you donate to charity this year.
