States, Including CT, Reach $575M Settlement with Wells Fargo

In a settlement described as  "the most significant engagement to date by state attorneys general involving a national bank without a federal law enforcement partner, Connecticut Attorney General George Jepsen announced that Wells Fargo Bank N.A. will pay $575 million to resolve claims that the bank violated state consumer protection laws by (1) opening millions of unauthorized accounts and enrolling customers into online banking services without their knowledge or consent, (2) improperly referring customers for enrollment in third-party renters and life insurance policies, (3) improperly charging auto loan customers for force-placed and unnecessary collateral protection insurance, (4) failing to ensure that customers received refunds of unearned premiums on certain optional auto finance products, and (5) incorrectly charging customers for mortgage rate lock extension fees. Connecticut served on a multistate investigation leadership and negotiating team, along with the attorneys general of Arizona, Iowa and Pennsylvania. Connecticut's share of the settlement is $5,242,279, which will be deposited into the state's General Fund.

Through this settlement with all 50 states and the District of Columbia, the company will also create a consumer redress review program through which consumers who have not been made whole through other remediation programs already in place can seek to have their inquiry or complaint reviewed by an escalation team for possible relief, officials said.

"Wells Fargo engaged in conduct that violated the public's trust and ran afoul of state laws," said Attorney General Jepsen. "This settlement resolves Connecticut's consumer protection claims against the bank and creates an important avenue for Connecticut consumers seeking redress for the bank's  improper conduct. I'm proud of the strong, bipartisan work of the states in this investigation that has helped bring this matter to a close."

As part of its settlement with the states, Wells Fargo has agreed to implement within 60 days a program through which consumers who believe they were affected by the bank's conduct, but fell outside the prior restitution programs, can contact Wells Fargo to be reviewed for potential redress. Wells Fargo will create and maintain a website for consumers to use to access the program and will provide periodic reports to the states about ongoing restitution efforts.

According to the Attorney General's office, Wells Fargo has identified more than 3.5 million accounts where customer accounts were opened, funds were transferred, credit card applications were filed, and debit cards were issued without the customers’ knowledge or consent. The bank has also identified 528,000 online bill pay enrollments nationwide that may have resulted from improper sales practices at the bank.  In addition, Wells Fargo improperly submitted more than 6,500 renters insurance and/or simplified term life insurance policy applications and payments from customer accounts without the customers’ knowledge or consent.

The states alleged that Wells Fargo imposed aggressive and unrealistic sales goals on bank employees and implemented an incentive compensation program where employees could qualify for credit by selling certain products to customers. The states further alleged that the bank's sales goals and the incentive compensation program created an impetus for employees to engage in improper sales practices in order to satisfy such sales goals and earn financial rewards. Those sales goals became increasingly harder to achieve over time, the states alleged, and employees who failed to meet them faced potential termination and career-hindering criticism from their supervisors.

The states also alleged that Wells Fargo improperly charged premiums, interest, and fees for force-placed collateral protection insurance to more than two million auto financing customers, despite evidence that the customers’ regular auto insurance policy was in effect, and despite numerous customer complaints about such unnecessary placements.  Wells Fargo has agreed to provide remediation of more than $385 million to approximately 850,000 auto finance customers.  The remediation will include payments to over 51,000 customers whose cars were repossessed.

Additionally, the states alleged that Wells Fargo failed to ensure that customers received proper refunds of unearned portions of optional Guaranteed Asset/Auto Protection (GAP) products sold as part of motor vehicle financing agreements.  As a result, the bank has agreed to provide refunds totaling more than $37 million to certain auto finance customers.

Finally, the states alleged that Wells Fargo improperly charged residential mortgage loan consumers for rate lock extension fees even when the delay was caused by Wells Fargo, a practice contrary to the bank’s policy.  Wells Fargo has identified and contacted affected consumers and has refunded or agreed to refund over $100 million of such fees.

It is the latest major settlement involving government action against Wells Fargo practices.

Wells Fargo has previously entered consent orders with federal authorities – including the Office of the Comptroller of the Currency (OCC) and the Consumer Financial Protection Bureau (CFPB) – related to its alleged conduct. Wells Fargo has committed to or already provided restitution to consumers in excess of $600 million through its agreements with the OCC and CFPB as well as through settlement of a related consumer class-action lawsuit and will pay over $1 billion in civil penalties to the federal government. Additionally, under an order from the Federal Reserve, the bank is required to strengthen its corporate governance and controls, and is currently restricted from exceeding its total asset size.

More information on the redress review program, including Wells Fargo escalation phone numbers and the Wells Fargo dedicated website address for the program will be available on or before February 26, 2019.  Consumers with questions about the redress program can contact the Office of the Attorney General's Finance Department at 860-808-5270.

NY Settlement with Outlet Mall Owner Eliminates Non-Compete Extending into Southwestern Connecticut

Most Connecticut residents are likely unfamiliar with Woodbury Common, an outlet mall in the town of Central Valley in Orange County, New York brimming with 240-plus retailers.  Due to a contract provision with those retailers that prevented them from opening another location within a 60 mile radius of Woodbury Common, however, the impact of that mall may have been felt throughout southwestern Connecticut for decades. A settlement in pending litigation reached between the New York Attorney General’s Office and Simon Property Group (SPG), owner of Woodbury Common, and announced late last month, could open the door to new retail outlet opportunities in Southern and Western Connecticut – regions that had long been under the restrictions.

"No business should be allowed to stifle an entire industry at the expense of consumers—but for years, that's exactly what Simon Property Group did to New Yorkers," said New York Attorney General Schneiderman. "Simon's anticompetitive conduct blocked competition and drove up prices for New York consumers. That ends today. I am pleased this agreement will allow for new shopping outlets to finally open within New York City, and make affordable shopping more accessible for residents across the region."

While Schneiderman focused on New York, the possible consumer benefits from the agreement extend further.  The region under the now-eliminated restrictions extends beyond New York into Connecticut, including much of Fairfield County – including Norwalk, Stamford, Danbury and Bridgeport - and extending nearly into New Haven.  (The straight line distance from Central Valley, NY to New Haven is 62 miles; to Milford is 55 miles.)

In a press release, Simon said Woodbury Common's 60 mile radius provision has been used since 1985, well before SPG acquired Woodbury Common as part of its 2004 acquisition of Chelsea Property Group. The statement pointed out that Woodbury's radius provisions have been upheld as lawful, reasonable and consistent with industry practice in the courts, as recent as 2010.

“While we have agreed to reduce the reach of the radius provisions in Woodbury Common leases, these provisions will continue to cover Woodbury Common's essential trade area, extending to all of Manhattan,” the company noted.

Simon Property Group described Woodbury Common as “an economic engine for Orange County, the lower Hudson Valley, and New York State,” indicating that “it regularly granted exceptions to radius provisions and understands the importance of competition and consumer choice in the market.”  In Connecticut, SPG operates two properties in southeastern Connecticut - Clinton Crossing Premium Outlet in Clinton and Crystal Mall in Waterford.

Reached via the New York State Thruway at exit 16 in Harriman, Woodbury Common Premium Outlets features “the most sought after, high-end fashion and designer retail brands in the world,” SPG said in its news release, highlighting stores including Tory Burch, Nike, Celine, Bottega Veneta, Polo Ralph Lauren, Michael Kors, Burberry, Coach, and The North Face.

As part of the settlement, Simon Property agreed to revise their existing leases with Woodbury Common retailers to remove the radius restrictions; not to engage in exclusionary tactics, including radius restrictions, for the next 10 years; and pay a $945,000 fine to New York State.

Even as negotiations proceeded on the settlement, Woodbury Common announced last month that 10 new retailers would be opening at the premium outlet mall, including Zadig & Voltaire, a high-end French ready-to-wear brand, and Sayki, a Turkish menswear designer.  The outlet mall also recently completed extensive multi-million dollar renovations. Simon Property Group, based in Indianapolis, owns nearly 100 outlet malls around the world and is an S&P 100 company.

Jepsen Stresses CyberSecurity at Home and Business, with Settlements and Warnings

National Cyber Security Awareness Month isn’t until October, but Connecticut Attorney General George Jepsen and just over a dozen of his colleagues across the country are getting a head start in warning the public about the dangers of so-called pirate websites. In televised public service announcements now airing in Connecticut, along with social media and radio psa’s, Jepsen shares hackers can infect visitors’ computers with malware and viruses that can leave consumers’ personal and financial information vulnerable.

Cyber security is a topic Jepsen has been involved with for some time.  This past March, the Attorney General announced the creation of a new department within the Connecticut Office of the Attorney General – the Privacy and Data Security Department – that works exclusively on investigations and litigation related to privacy and data security.

The new department has been responsible for all investigations involving consumer privacy and data security. It also helps to educate the public and business community about their responsibilities, which include protecting personally identifiable and sensitive data and promptly notifying affected individuals and the Office of the Attorney General when breaches do occur.

Jepsen is immediate past president of the National Association of Attorneys General (his one-year term ended in June) and has been a member of the organization’s Internet Safety/Cyber Privacy and Security Committee.

National Cyber Security Awareness Month, a month-long collaborative effort between the United States Department of Homeland Security and the National Cyber Security Alliance, began in 2004 and is held every October. During the campaign, individuals are encouraged to take advantage of resources that can help them be safer and more secure while online.

This week, Jepsen’s office announced that Connecticut has joined with 31 other states and the District of Columbia in a $5.5 million settlement with Nationwide Mutual Insurance Company and its subsidiary, Allied Property & Casualty Insurance Company, which resolves the states' investigation into a 2012 data breach that exposed sensitive personal information of 1.2 million consumers across the country. Approximately 774 Connecticut residents were impacted by the breach, the Office said. Connecticut's share of the settlement funds totals $256,559.28, which will be deposited in the state's general fund. The Connecticut Attorney General's office was a co-leader of the investigation and negotiations, along with the Offices of the Attorney General of the District of Columbia, Florida and Maryland.

In May, Jepsen announced that Connecticut joined with 46 other states and the District of Columbia in an $18.5 million settlement with the Target Corporation to resolve the states' investigation into the retail company's 2013 data breach. The settlement represented the largest multistate data breach settlement achieved to date.  That breach affected more than 41 million customer payment card accounts and contact information for more than 60 million customers. Connecticut will receive $1,012,936 from the settlement, which will be deposited in the state's General Fund.

In the new public service announcement, Jepsen stresses that “Nowadays, all of you have to worry about cybersecurity,” Jepsen tells viewers in his ad. “Hackers are always looking for new ways to break into our computers. Something as simple as visiting pirate websites can put your computer at risk.”

"State AGs often serve as the consumer protection agency for their citizens, so we appreciate the leadership they are taking in alerting consumers to the new danger that consumers face from malware and content theft websites," said Tom Galvin, Executive Director of the Digital Citizens Alliance, a consumer-focused group that looks at how to make the Internet safer. "Criminals are exploiting stolen content by baiting consumers to view videos and songs and then stealing their IDs and financial information. It should be a wake-up call for consumers."

Among the states whose Attorneys General are participating in the initiative are Arizona, Hawaii, Idaho, Indiana, Kansas, Kentucky, Louisiana, Montana, North Carolina, North Dakota, Oregon, South Dakota and Wisconsin.

The Connecticut Attorney General's office has previously issued a series of tips for consumers:

TIP #1: When it doubt, throw it out:

Be very cautious about clicking on a link or opening an email, social media post or tweet (or its attachment) from someone you do not know and trust, and always keep virus protection software up to date. Consumers that use Facebook or Twitter should regulate their privacy settings to ensure personal information is protected and not accessible. Also, only allow those that you know into your social network rather than those that you may not recognize.

TIP #2: Watch out for phishing emails or scams:

You may do business online with financial institutions that you know and trust, however, always keep in mind that legitimate businesses will never ask you to reply in an email with any personal information such as your Social Security number, PIN number. If you question the validity of an email you received, call the number on your credit card, bank statement, or on the financial institution's actual website (which you should find online without clicking on any links in a suspicious email).  If available, always use a safe payment option when making online purchases, such as a credit card.

TIP #3: Keep your machine clean and up to date:

Online users can reduce the risk of their computers being infected with malware by keeping antivirus software up to date and having the latest versions of apps, Web browsers and operating systems. Many but not all software programs will automatically update in order to avoid risks.  Consumers should consider turning on automatic updates when available to be sure that critical updates are not missed while waiting for manual download.

TIP #4: Help to educate your children about online safety and security:

Remind your family to limit how and with whom they share any information on line.  When made available, set privacy and security settings on accounts and web browsers used by children to your comfort level for surfing the Web and information sharing.  If your browser does not support such settings, consider using one that does.  From social media to simple internet searches, it is important to talk to children about online security before they potentially confront risks on line.   

TIP #5: Regularly change and update passwords and web keys:

If you use the Internet for banking, bill-paying or other monetary transactions, be sure to select secure, difficult-to-guess passwords and PINs, and get in the habit of changing them on a regular basis whenever possible. Consumers can also protect their personal and communications data by encrypting their own wireless Internet networks and regularly changing their wifi passwords. Try not to login into any social media accounts on a public computer and if you must, be sure to never save passwords or login information.