Today, the Consumer Financial Protection Bureau (CFPB) ordered Bank of America to pay more than $100 million to customers for systematically double-dipping on fees imposed on customers with insufficient funds in their account, withholding reward bonuses explicitly promised to credit card customers, and misappropriating sensitive personal information to open accounts without customer knowledge or authorization.
The Office of the Comptroller of the Currency (OCC) also found that the bank’s double-dipping on fees was illegal. Bank of America will pay a total of $90 million in penalties to the CFPB and $60 million in penalties to the OCC.
“Bank of America wrongfully withheld credit card rewards, double-dipped on fees, and opened accounts without consent,” said CFPB Director Rohit Chopra. “These practices are illegal and undermine customer trust. The CFPB will be putting an end to these practices across the banking system.”
Bank of America (NYSE:BAC) is a global, systemically important bank serving 68 million people and small business clients, and has one of the largest coverages in consumer financial services in the country. As of March 31, 2023, the bank had $2.4 trillion in consolidated assets and $1.9 trillion in domestic deposits, which makes it the second- largest bank in the United States.
Bank of America harmed hundreds of thousands of consumers over a period of several years and across multiple product lines and services. Specifically, Bank of America:
Deployed a double-dipping scheme to harvest junk fees: Bank of America had a policy of charging customers $35 after the bank declined a transaction because the customer did not have enough funds in their account. The CFPB’s investigation found that Bank of America double-dipped by allowing fees to be repeatedly charged for the same transaction. Over a period of multiple years, Bank of America generated substantial additional revenue by illegally charging multiple $35 fees.
Withheld cash and points rewards on credit cards: To compete with other credit card companies, Bank of America targeted individuals with special offers of cash and points when signing up for a credit card. Bank of America illegally withheld promised credit card account bonuses, such as cash rewards or bonus points, to tens of thousands of consumers. The bank failed to honor rewards promises for consumers who submitted in-person or over-the-phone applications. The bank also denied sign-up bonuses to consumers due to the failure of Bank of America’s business processes and systems.
Misused Sensitive Customer Information to Open Unauthorized Accounts: From at least 2012, in order to reach now disbanded sales-based incentive goals and evaluation criteria, Bank of America employees illegally applied for and enrolled consumers in credit card accounts without consumers’ knowledge or authorization. In those cases, Bank of America illegally used or obtained consumers’ credit reports, without their permission, to complete applications. Because of Bank of America’s actions, consumers were charged unjustified fees, suffered negative effects to their credit profiles, and had to spend time correcting errors.
This is not the first enforcement action Bank of America has faced for illegal activity in its consumer business. In 2014, the CFPB ordered Bank of America to pay $727 million in redress to its victims for illegal credit card practices. In May 2022, the CFPB ordered Bank of America to pay a $10 million civil penalty over unlawful garnishments and, later in 2022, the CFPB and OCC fined Bank of America $225 million and required it to pay hundreds of millions of dollars in redress to consumers for botched disbursement of state unemployment benefits at the height of the COVID-19 pandemic.
Enforcement Action
Under the Consumer Financial Protection Act, the CFPB has the authority to take action against institutions violating consumer financial protection laws. Bank of America’s practices violated the Act’s prohibition on unfair and deceptive acts or practices. Bank of America also violated the Fair Credit Reporting Act by using or obtaining consumer reports without a permissible purpose in connection with unauthorized credit cards, as well as the Truth in Lending Act and its implementing Regulation Z, by issuing credit cards to consumers without their knowledge or consent.
The CFPB’s orders require Bank of America to:
Stop its repeat offenses: Under the terms of today’s orders, Bank of America must stop opening unauthorized accounts, and the bank must disclose material limitations on any rewards cards bonuses and provide bonuses as advertised. Additionally, while Bank of America has generally reduced its reliance on junk fees, the bank is also strictly prohibited from charging repeat non-sufficient funds fees in the future.
Pay redress to harmed consumers: The orders require Bank of America to compensate consumers charged unlawful non-sufficient funds fees and who have not already been made whole by the bank, totaling approximately $80.4 million in consumer redress. The bank must also compensate consumers who incurred costs stemming from the unauthorized opening of new credit card accounts, and any customers improperly denied bonuses whom the bank has not already made whole. The bank previously paid around $23 million to consumers who were denied rewards bonuses.
Pay $90 million in penalties to the CFPB: Bank of America will pay a $60 million penalty to the CFPB for charging repeat non-sufficient funds fees, and a $30 million penalty to the CFPB for its credit card rewards practices and for opening unauthorized accounts. The penalties will be deposited into the CFPB’s victims relief fund. Separately, Bank of America will also pay a $60 million penalty to the OCC for its double-dipping fee practices.