On May 15, the DFPI announced a consent order with a fintech company over allegations that the company engaged in deceptive acts or practices in violation of the California Consumer Financial Protection Law. The DFPI alleged that the company misled consumers regarding the safety and FDIC-insured status of customer funds.
According to the consent order, the company operated a prize-linked savings platform that encouraged consumers to maintain deposits in exchange for sweepstakes-style rewards. The DFPI alleged that the company falsely marketed customer accounts as fully protected and risk free despite risks associated with the underlying account structure. Specifically, the consent order alleges that the company:
- Misrepresented FDIC insurance protections. The DFPI alleged that the company repeatedly represented customer accounts as “safe,” “100% secure,” and risk free, including statements that consumers “can’t lose” their money because deposits were FDIC insured through a partner bank.
- Transitioned customers into brokerage accounts despite internal concerns. According to the consent order, the company moved customer accounts into a brokerage structure to access a broader network of partner banks and expanded FDIC coverage, despite internal concerns regarding the third-party provider’s operational reliability and execution capabilities.
- Left consumers unable to access funds following the third-party provider’s bankruptcy. The DFPI alleged that, after the provider filed for Chapter 11 bankruptcy in April 2024, more than 18,000 California consumers lost access to at least $28 million in funds and later learned FDIC insurance would not cover those losses.
The consent order requires the company to pay a $1 million penalty, notify affected California consumers regarding possible relief through the CFPB’s Civil Penalty Fund, provide account statements and balance information, and maintain a designated customer contact for 120 days.
Putting It Into Practice: California continues to be one of the more aggressive states in fintech oversight (previously discussed here and here). Fintech companies, program managers, and partner banks should review relevant disclosures, marketing claims, and customer communications and update compliance controls as necessary.