IN THE UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF NORTH CAROLINA ____________________________________ : UNITED STATES OF AMERICA, : : Plaintiff, : : v. : CIVIL ACTION NO. : FOUR OAKS FINCORP, INC., and : FOUR OAKS BANK & TRUST : COMPANY, : : Defendants. : ____________________________________: COMPLAINT FOR INJUNCTIVE RELIEF AND CIVIL MONEY PENALTIES Plaintiff, the United States of America, by its undersigned attorneys, alleges as follows: 1. This is an action for injunctive relief and civil penalties by the United States of America against Four Oaks Fincorp, Inc., and Four Oaks Bank & Trust Company (collectively, “Four Oaks Bank” or the “Bank”). 2. From at least July 2009 until the present, Four Oaks Bank knew or was deliberately ignorant of the use of its accounts and its access to the national banking system in furtherance of a scheme to defraud consumers. 3. Four Oaks Bank is obligated pursuant to federal statutes and regulations to have effective procedures to prevent the Bank from providing access to the national banking system to entities engaged in unlawful activity. The Bank is required to acquire information sufficient to know the true identities of the entities to which it provides access to the national banking system, as well as the nature of their business activities. Four Oaks Bank is failing to comply with these Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 1 of 39 obligations and is ignoring red flags that signal unlawful practices by business account holders, including a third-party payment processor and its fraudulent merchant-clients. 4. As a consequence, Four Oaks Bank is permitting millions of unauthorized debit transactions against consumers’ bank accounts. I. JURISDICTION AND VENUE 5. This Court has jurisdiction over this action pursuant to 28 U.S.C. § 1331 (federal question) and 28 U.S.C. § 1345 (United States as plaintiff). 6. Venue is proper in the Eastern District of North Carolina pursuant to 28 U.S.C. § 1391(b) because defendant Four Oaks Bank operates and maintains its management offices and its operations center in this district, and a substantial part of the events or omissions giving rise to the claims alleged in this complaint occurred in this district. II. PARTIES 7. Plaintiff is the United States of America. 8. Defendant Four Oaks Fincorp, Inc., is the holding company of defendant Four Oaks Bank & Trust Company, a federally-insured commercial bank established in 1912 under the laws of North Carolina. 9. Four Oaks Bank maintains its principal executive office at 6114 U.S. 301 South, Four Oaks, North Carolina. It has approximately 14 offices, all located in North Carolina, and approximately 195 employees. 2 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 2 of 39 10. As of September 30, 2013, Four Oaks Bank had total assets of approximately $811.6 million. 11. Four Oaks Bank is regulated by the Federal Reserve Bank of Richmond and the Office of the Commissioner of Banks of the State of North Carolina. III. PRINCIPAL STATUTES A. The Anti-Fraud Injunction Act. 12. The United States seeks statutory equitable relief under Title 18, United States Code, Section 1345 (“Section 1345”). Section 1345 authorizes the government to commence a civil action to enjoin a person from engaging in enumerated, predicate federal criminal offenses, including an ongoing wire fraud scheme. 13. Wire fraud is committed by sending a “wire . . . in interstate or foreign commerce” for the purpose of executing, or attempting to execute, “[a] scheme or artifice to defraud, or for obtaining money or property by means of false or fraudulent pretenses, representations, or promises.” 18 U.S.C. § 1343. 14. Section 1345 authorizes asset restraints to prevent a person from “alienating or disposing of property . . . obtained as a result” of a predicate violation “or property which is traceable to such violation.” 18 U.S.C. § 1345(a)(2). Section 1345 also authorizes the appointment of a temporary receiver to administer the asset restraints. See 18 U.S.C. § 1345(a)(2)(B)(ii). 3 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 3 of 39 B. The Financial Institutions Reform, Recovery and Enforcement Act. 15. The United States seeks civil money penalties from Four Oaks Bank under the Financial Institutions Reform, Recovery and Enforcement Act, 12 U.S.C. § 1833a (“FIRREA”). 16. In 1989, Congress enacted FIRREA as part of a comprehensive legislative plan to reform and strengthen the banking system and the federal deposit insurance system that protects the public from bank failures. Toward that end, FIRREA authorizes civil enforcement for violations of enumerated, predicate federal criminal offenses. 17. Several criminal offenses can form the basis of liability under FIRREA, including wire fraud affecting a federally-insured financial institution. FIRREA’s penalty provisions provide that the United States may recover civil money penalties of up to $1 million per violation, or for a continuing violation, up to $1 million per day or $5 million, whichever is less. See 12 U.S.C. § 1833a(b)(1) and (2). The statute further provides that the penalty can exceed these limits to permit the United States to recover the amount of any gain to the person committing the violation, or the amount of the loss to a person other than the violator stemming from such conduct, up to the amount of the gain or loss. See 12 U.S.C. § 1833a(b)(3). C. Federal Law Prohibits Banks From Knowingly Providing Banking Services in Furtherance of Unlawful Conduct. 18. Federal laws prohibit banks from knowingly providing to those engaged in unlawful conduct access to the national payment systems, including the Automated Clearing House (“ACH”) electronic payment network. 19. Four Oaks Bank, like all banks in the United States, is required by law to have an effective program in place to assure that the Bank understands the identities of its customers and 4 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 4 of 39 the nature of their business activities. Similarly, Four Oaks Bank is required to have an effective compliance program to prevent illegal use of the banking system by the Bank’s customers. See generally Bank Secrecy Act, 31 U.S.C. § 5311 et seq.; USA Patriot Act, § 326, 31 U.S.C. § 5318; 31 C.F.R. § 1020 et seq. (formerly 31 C.F.R. § 103 et seq.). 20. During the time period relevant to this action, Four Oaks Bank has been required to conduct meaningful due diligence investigations of new clients at the time of a new account opening. Before opening a new account for a new client, Four Oaks Bank has been required to have a Customer Identification Program (“CIP”) that was appropriate for its size and type of business, and that included certain minimum requirements. A CIP is a required component of the Bank’s Bank Secrecy Act/Anti-Money Laundering compliance program. A CIP is intended to provide sufficient information to a bank to enable the bank to form a reasonable belief that it knows the true identity of each customer. A CIP is required to include account opening procedures that specify the identifying information obtained from each customer. A CIP is required to include reasonable and practical risk-based procedures for verifying the identity of each client, including an assessment of the client’s customer base and product offerings. See 31 C.F.R. § 103.121 (amended 31 C.F.R. § 1020, et seq.). 21. By conducting a meaningful “know-your-customer” analysis, Four Oaks Bank is required to collect information sufficient for the Bank to determine whether a client pose a threat of criminal or other improper conduct. See Federal Financial Institutions Examination Council, Bank Secrecy/Anti-Money Laundering Examination Manual at 21-23 (2006) (information required to be collected includes purpose of the account, actual and anticipated activity in the 5 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 5 of 39 account, the nature of the client’s business, the client’s location, and the types of products and services the client intended to offer). 22. Banks are the gateway for both legitimate merchants and fraudulent mass market merchants that seek access to the ACH payment system, an electronic network for financial transactions in the United States. Banks access the ACH system to process both credits into accounts and debits out of accounts. To execute a valid ACH debit, the originating merchant must provide to its own bank: (a) a consumer’s bank routing number; (b) a consumer’s bank account number; and (c) proof that the consumer authorized the transaction. 23. The ACH network is governed by rules of the Federal Reserve Board and by agreements among member banks of NACHA, the Electronic Payments Association, which manages the development, administration, and governance of the ACH network. In 2012, the ACH network handled more than 21 billion transactions with a value of approximately $37 trillion. 24. These various rules, among other things, essentially prohibit a bank in the United States from knowingly establishing a direct relationship with a merchant that it recognizes to be engaged in consumer fraud or abuse. D. The Role of Third-Party Payment Processors in Executing ACH Transactions for Merchants. 25. Merchants sometimes use third-party payment processors to gain access to the national payment systems, such as the ACH network. Third-party payment processors are intermediaries between banks and all types of merchants. Third-party payment processors open bank accounts in their own names and use these accounts to conduct banking activities on behalf 6 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 6 of 39 of the merchants. Typically, when a third-party payment processor is involved, there is no direct relationship between the bank and the merchant. 26. The following are the steps by which a bank, a third-party payment processor, and a merchant, transfer money from a consumer’s bank account to the merchant’s account: a. The merchant transmits a debit instruction to its payment processor to withdraw money from a consumer’s bank account; b. The payment processor transmits the debit instruction to the payment processor’s bank; c. The payment processor’s bank introduces the debit instruction into the ACH network, and it is directed to the consumer’s bank; d. The consumer’s bank debits money from the consumer’s account and transmits that money through the banking system to the payment processor’s bank; e. The payment processor’s bank credits the money into the payment processor’s bank account; and f. The payment processor transmits the money from its own bank account to the merchant’s bank account. 27. Through this series of transactions, the bank receives fees from the third-party payment processor. The third-party payment processor receives fees from the merchant. And the merchant keeps whatever money remains from the amount withdrawn from the consumer’s account. 7 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 7 of 39 28. Harm to consumers arises when a fraudulent merchant engages a third-party payment processor to interface with a bank to gain access to the national payment systems and to execute unauthorized debits against consumers’ bank accounts. IV. BANKING REGULATORS HAVE WARNED BANKS ABOUT RISKS TO CONSUMERS AND BANKS ASSOCIATED WITH THIRD-PARTY PAYMENT PROCESSORS 29. Bank regulators have advised banks to be cognizant of a heightened risk of consumer fraud in situations where banks provide services to third-party payment processors working with high-risk merchants. 1 Bank regulators have advised banks that this risk arises (in part) because a bank does not have a direct relationship with the merchant on behalf of which it is originating debit transactions against consumers’ accounts. 30. For example, by 2008 the Federal Deposit Insurance Corporation (“FDIC”) already had warned banks of heightened risks to consumers associated with third-party payment processors. See FDIC, Guidance on Payment Processor Relationships, FDIC FIL-127-2008 (November 7, 2008). The FDIC stated that banks should assure that they are not abetting consumer fraud by taking additional precautions when dealing with payment processor customers, including: (a) monitoring all transaction returns (unauthorized returns and total returns); (b) reviewing the third-party payment processor’s promotional materials to determine its 1 Fraudulent merchants use an unlimited variety of ruses to induce consumers to disclose their bank account numbers and to provide purportedly genuine authorizations for debits. These schemes include phony, deceptive or fraudulent offers to sell products and services, including but not limited to medical discount cards, pharmaceutical products, payday loans, guaranteed government grants, debt relief services, foreclosure rescue programs, vacation discounts, amusement park vouchers, computer hardware and services, and Medicare reimbursements. These products are not per se fraudulent; but rather, they often are the bait by which fraudulent merchants take advantage of consumers. 8 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 8 of 39 target clientele; (c) determining whether the third-party payment processor re-sells its services to other entities; (d) reviewing the third-party payment processor’s policies and procedures to determine adequacy of merchant due diligence; (e) reviewing main lines of business and return volumes for the third-party payment processor’s merchants; and (f) requiring that the third-party payment processor provide the bank with information about its merchants to enable the bank to assure that the merchants are operating legitimate businesses. Id.; see also FDIC, Guidance for Managing Third-Party Risk, FDIC FIL-44-2008 (June 2008). This guidance plainly highlighted for banks the significant risks to consumers posed by third-party payment processors and their clients. 2 31. Similarly, before the events giving rise to this lawsuit, the Office of the Comptroller of the Currency (“OCC”) had warned the banking industry of certain risks that may result from providing banking services to third-party payment processors. See OCC, Payment Processor, Risk Management Guidance, OCC-2008-12 (April 24, 2008). The OCC specifically warned banks to implement a risk management program that included procedures for monitoring processor information such as merchant data, transaction volume, and return/charge-back history. 2 FDIC issued updated guidance in 2011 and 2012. See FDIC, Payment Processor Relationships – Revised Guidance, FIL-3-2012 (January 31, 2012) (“Financial institutions that fail to adequately manage [third-party payment processor] relationships may be viewed as facilitating a payment processor’s or merchant client’s fraudulent or unlawful activity and, thus, may be liable for such acts or practices” (italics in original); Managing Risks in Third-Party Payment Processor Relationships, FDIC Supervisory Insights Journal (Summer 2011). 9 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 9 of 39 32. Moreover, the Federal Financial Institutions Examination Council (“FFIEC”), which is comprised of all federal bank regulatory agencies and empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions, issued to the banking industry additional guidance concerning risks to consumers and the banking system implicated by business with some payment processors. The FFIEC explicitly advised that banks with third-party payment processor customers “should be aware of the heightened risk of unauthorized returns and use of services by higher-risk merchants.” The FFIEC continued: Some higher-risk merchants routinely use third parties to process their transactions because of the difficulty they have in establishing a direct bank relationship. These entities might include certain mail order and telephone order companies, telemarketing companies, illegal online gambling operations, online payday lenders, businesses that are located offshore, and adult entertainment businesses. Payment processors pose greater money laundering and fraud risk if they do not have an effective means of verifying their merchant clients’ identities and business practices. Risks are heightened when the processor does not perform adequate due diligence on the merchants for which they are originating payments. FFIEC, Bank Secrecy Act/Anti-Money Laundering Examination Manual: Third-Party Payment Processors – Overview at 240 (2010) (emphasis added). 33. Other federal agencies have issued similar guidance. For example, the Financial Crimes Enforcement Network of the U.S. Department of the Treasury (“FinCEN”), which is charged with protecting the nation’s financial system from money laundering and terrorist financing, issued an Advisory that further emphasized the risks arising from bank relationships with third-party payment processors. FinCEN highlighted the need for banks to conduct due diligence of third-party processors and their clients and to assure that processors have obtained all 10 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 10 of 39 necessary state licenses, registrations, and approvals. See FinCEN, Risk Associated with Third-Party Payment Processors, FIN-2012-A010 (October 22, 2012). 3 3 In addition to federal regulatory guidance and advisories, legal actions by the Department of Justice and others have highlighted the risk of consumer fraud posed by certain third-party payment processor relationships. For example, in 2010, the United States prosecuted Wachovia Bank for criminal violations of the Bank Secrecy Act arising in part out of its relationships with four different third-party payment processors and their fraudulent merchants. See United States v. Wachovia Bank, NA, Criminal Action No. 10-10265 (S.D. Fla.). Wachovia also settled private class action litigation and an enforcement action by the Office of the Comptroller of the Currency arising from the same activity. These matters were resolved by Wachovia agreeing to pay more than $160 million in restitution to consumers, a $10 million fine to the U.S. Treasury, a $9 million payment to independent consumer protection education programs, and other conditions. See Faloney v. Wachovia Bank, N.A., Civil Action No. 07-CV-1455 (E.D. Pa.); see also United States v. First Bank of Delaware, Civil Action No. 12-6500 (E.D. Pa.) (FIRREA action against bank transacting unauthorized debits from consumers’ bank accounts on behalf of fraudulent merchants). Other federal government litigation concerning third-party payment processors and their involvement in unlawful activity includes: FTC v. Innovative Wealth Builders, Civil Action No. 13-CV-00123 (M.D. Fla.); FTC v. Automated Electronic Checking, Inc., Civil Action No. 13-CV-00056 (D. Nev.); FTC v. WV Universal Management, LLC, Civil Action No. 12-CV-1618 (M.D. Fla.); United States v. Donald Hellinger, et al., Crim No. 11-0083 (E.D. Pa.) (operating an illegal money transmitting business, 18 U.S.C. § 1960); FTC v. Landmark Clearing Inc., Civil Action No. 11-CV-00826 (E.D. Tex.); FTC v. Your Money Access, Civil Action No. 07-CV-5147 (E.D. Pa.); United States v. Payment Processing Center, LLC, Civil Action 06-0725 (E.D. Pa.) (18 U.S.C. § 1345 anti-fraud injunction); FTC v. Interbill, Ltd., Civil Action No. 06-CV-1644 (D. Nev.); FTC v. Global Marketing Group, Civil Action No. 06-CV-02272 (M.D. Fla.); FTC v. Universal Processing, Inc., Civil Action No. 05-CV-60542005 (C.D. Cal.); FTC v. First American Payment Processing, Civil Action No. 04-CV-0074 (D. Ariz.); FTC v. Electronic Financial Group, Civil Action No. 03-CV-211 (W.D. Tex.); FTC v. Woofter Investment Corp., Civil Action No. 97-CV-515 (D. Nev.); FTC v. Windward Marketing Ltd., Civil Action No. 96-CV-615 (N.D. Ga.). Pending private litigation involving a bank and a third-party payment processor relationship includes Reyes v. Zions First National Bank, Civil Action No. 10-CV-345 (E.D. Pa.) (district court denied motion to dismiss putative class action finding that allegations that Zions Bank processed debit transactions on behalf of telemarketing scammer stated a claim under civil RICO; petition for interlocutory appeal of denial of class certification pending). 11 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 11 of 39 V. THE SCHEME BY FOUR OAKS BANK, A THIRD-PARTY PAYMENT PROCESSOR, AND NUMEROUS FRAUDULENT INTERNET-BASED ENTITIES TO DEFRAUD CONSUMERS A. Four Oaks Bank’s Relationship with a Third-Party Payment Processor Servicing Fraudulent Internet-based Entities. 34. On July 13, 2009, Four Oaks Bank entered into a five-year agreement with a privately-owned third-party payment processor located in Texas, referred to as “TPPP-TX” herein. 35. In a twist on the ordinary relationship between a bank and a payment processor in which the processor submits ACH debit requests to its bank and the bank forwards the ACH debit requests to the Federal Reserve (or another ACH clearing house), Four Oaks Bank provides TPPP-TX with direct access to the Federal Reserve Bank of Atlanta. Describing the anticipated business model with TPPP-TX, a Four Oaks Bank executive stated that the Bank would be “sponsoring” TPPP-TX to provide it with direct access to the Federal Reserve Bank of Atlanta, a primary clearing house for the ACH network. According to the Four Oaks Bank executive, TPPP-TX would “create ACH files and send [them] directly to the Fed” and Four Oaks Bank “would not receive and process files, but would be responsible for their content.” Four Oaks Bank would have access to TPPP-TX’s transaction activity; however, the Bank anticipated it would likely only “monitor weekly for a while, then monthly when we are comfortable with the processes.” 36. Four Oaks Bank officials recognized that its business model with TPPP-TX created a significantly increased fraud risk for the Bank and for consumers because TPPP-TX could bypass any direct controls that the Bank should have in place to detect and prevent unauthorized 12 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 12 of 39 transactions and other abuses. Referring to the high risk inherent in its anticipated relationship with TPPP-TX, one Bank executive stated: “If we can get comfortable, it would be some nice revenue.” 37. Since the inception of Four Oaks Bank’s relationship with TPPP-TX, Four Oaks Bank has permitted TPPP-TX to originate more than 9.8 million ACH debits on behalf of TPPP-TX’s merchants. In dollar value, Four Oaks Bank has permitted TPPP-TX to process more than $2.4 billion in ACH network transactions for its merchants. In return for access to the ACH network, TPPP-TX has paid Four Oaks Bank more than $850,000 in gross fees. 38. As of today, approximately 97 percent of TPPP-TX’s merchants for which Four Oaks Bank permits debits to consumers’ accounts are Internet payday lenders. A payday loan typically is a short-term, high interest loan that is not secured (made without collateral) and that has a repayment date coinciding with or close to the borrower’s next payday. Most payday loans are for $250 to $700. Annualized interest rates for Internet payday loans frequently range from 400 percent to 1,800 percent or more – far in excess of most states’ usury laws. 39. As discussed further below, Four Oaks Bank has permitted TPPP-TX to originate ACH network debits against consumers’ accounts on behalf of Internet payday lenders engaged in fraud. Moreover, Four Oaks Bank also has permitted TPPP-TX to originate ACH debit transactions on behalf of other merchant-clients engaged in allegedly illegal activity, including alleged Internet gambling entities and an alleged Ponzi fraud scheme. 13 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 13 of 39 B. Four Oaks Bank Facilitated Fraudulent ACH Transactions Involving TPPP-TX’s Internet Payday Lender Merchants. 40. TPPP-TX’s Internet payday lender merchants operate through a series of websites. The websites are the only place where the lenders and borrowers “meet” to agree to loan terms. On these websites and in loan documents, TPPP-TX’s Internet payday lenders purport to state the total payment necessary for borrowers to satisfy a loan (which is the sum of the principal borrowed plus a stated finance charge) and the term of the loan. TPPP-TX’s fraudulent Internet payday lending merchant-clients affirmatively lead their respective borrowers to understand that their loans will be repaid by a single debit from their bank accounts on a date certain. Borrowers expect that, with that one debit on that specific date, the loan will be paid off and their obligation to the lender will terminate. 41. Many of TPPP-TX’s Internet payday lenders’ actual practices, however, are not consistent with the expectations the lenders create for the borrowers. The lenders affirmatively mislead the borrowers by hiding in small print and in confusing language steps required for borrowers to avoid a loan rollover trap. Contrary to the expectations created by these lenders, the relevant TPPP-TX merchant-clients do not deduct the full amount owed (principal and interest and fees) on the loan due date so that the loan is fully satisfied and all obligations to the Internet payday lender end. Instead, these lenders manipulate repayment withdrawals for the purpose of extending the loans and racking up additional, unexpected finance charges against the borrowers. In some cases, TPPP-TX’s Internet payday lenders unilaterally and without notice to borrowers – and in direct contradiction to the reasonable expectations of the borrowers based upon their Internet communications – unilaterally manipulate ACH debits against borrowers’ accounts to achieve greater profits at the expense of borrowers. 14 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 14 of 39 42. The design, intent, and effect of these fraudulent Internet payday lenders’ conduct creates a false pretext to withdraw money from borrowers’ bank accounts in amounts far exceeding the reasonable understanding and expectations of borrowers. Through this process of misleading and deceptive Internet payday lending, many of the borrowers are sucked into a vortex of debt and their bank accounts are debited until they are bled dry. Moreover, as a consequence of unanticipated loan extensions, rollovers, and unanticipated interest payments debited from their bank accounts, many of the borrowers incur further harm in the form of substantial overdraft or “insufficient funds” fees from their own banks. 43. Four Oaks Bank permits TPPP-TX’s fraudulent Internet payday lending merchants access to the ACH network to credit (deposit) loan proceeds into borrowers’ bank accounts, and then to debit (withdraw) money for the repayment of the loans, with interest and fees. These fraudulent Internet payday lenders unilaterally access borrowers’ bank accounts based upon authority purportedly granted through fraudulent and misleading loan agreements. TPPP-TX’s fraudulent Internet payday lenders’ ability to control the timing and amount of debits from borrowers’ bank accounts is the key to their ability to commit fraud. Without direct, unilateral access to borrowers’ bank accounts through the ACH network, the Internet payday lenders would need borrowers to initiate each loan repayment. Borrowers that find lenders’ demands for repayment to be inconsistent with their respective understandings of their loan agreements would have an opportunity – before money is unilaterally taken from their bank accounts – to question, reject, or dispute the demand for payment. 15 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 15 of 39 C. Four Oaks Bank Facilitated Fraudulent ACH Transactions Despite Active and Specific Notice of the Fraud. 44. Four Oaks Bank has been on notice that many borrowers from whose accounts it permits debits believe they have been misled with respect to their particular payday loan terms. Four Oaks Banks receives from other banks (the borrowers’ banks) large numbers of Requests for Proof of Authorization. Four Oaks Bank knows that a Request for Proof of Authorization means that a borrower has represented to his or her own bank under penalty of perjury that debits to the borrower’s bank account are not authorized. 45. During the 20-month period from January 2011 until August 2012, Four Oaks Bank received at least hundreds of Requests for Proof of Authorization from borrowers’ banks in connection with debits originated by TPPP-TX on behalf of some of its Internet payday lenders. In nearly all cases, the only evidence that a debit had been authorized is an Internet payday loan contract with the kind of facially misleading and deceptive loan repayment language described above. The borrowers who have stated under penalty of perjury that their bank accounts have been debited without authority include: a. A.H. is a resident of Arizona, which prohibits loans with an annualized interest rate above 36 percent. Over the Internet, A.H. received a $400 loan from Payday Lender 2, purportedly of Montana, at an annualized interest rate of 664.38 percent. b. L.N. is a resident of Colorado, which effectively prohibits payday lending. Over the Internet, L.N. received a $355 loan from Payday Lender 3, purportedly of Montana, at an annualized interest rate of 664.38 percent. c. C.D. is a resident of Georgia, which prohibits payday lending. Over the Internet, C.D. received a $305 loan from Payday Lender 4, at an annualized interest rate of 762.14 percent. d. D.H. is a resident of Maryland, which prohibits loans with an annualized interest rate above 33 percent. Over the Internet, D.H. received a $1,000 16 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 16 of 39 loan from Payday Lender 1, purportedly located in Belize, Central America, at an annualized interest rate of 995.45 percent. e. I.C. is a resident of Massachusetts, which prohibits loans with annualized interest rates above 23 percent. Over the Internet, I.C. received a $305 loan from Payday Lender 5, at an annualized interest rate of 644.12 percent. f. A.H. is a resident of Missouri, which prohibits loans in which the interest and fees exceed 75 percent of the loan amount, and loans of less than 14 days in duration. Over the Internet, A.H. received a $500 loan from Payday Lender 6 (operating under a fictitious name), purportedly of San Jose, Costa Rica, at an annualized interest rate of 1,825 percent for a term of seven days. g. D.A. is a resident of New Jersey, which prohibits loans with an annualized interest rate above 30 percent. Over the Internet, D.A. received a $200 loan from Payday Lender 7, at an annualized interest rate of 612.13 percent. h. A.W. is a resident of New York, which prohibits loans with an annualized interest rate above 25 percent. Over the Internet, A.W. received a $305 loan from Payday Lender 4, at an annualized interest rate of 1,095 percent. i. D.M. is a resident of New York, which prohibits loans with an annualized interest rate above 25 percent. Over the Internet, D.M. received a $500 loan from Payday Lender 8, at an annualized interest rate of 1,161.36 percent. j. D.H. is a resident of New York, which prohibits loans with an annualized interest rate above 25 percent. Over the Internet, D.H. received a $200 loan from Payday Lender 7, purportedly of Utah, at an annualized interest rate of 1,804.72 percent. k. D.G. is a resident of New York, which prohibits loans with an annualized interest rate above 25 percent. Over the Internet, D.G. received a $500 loan from Payday Lender 6, at an annualized interest rate of 1,825 percent. l. D.R. is a resident of New York, which prohibits loans with an annualized interest rate above 25 percent. Over the Internet, D.R. received a $200 loan from Payday Lender 7, at an annualized interest of 1,804.72 percent. m. A.F. is a resident of North Carolina, which prohibits loans with an annualized interest rate above 36 percent. Over the Internet, A.F. received a $600 loan from Payday Lender 1, purportedly of Belize, Central America, at an annualized interest rate of 608.33 percent. 17 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 17 of 39 n. o. 46. D.M. is a resident of Pennsylvania, which prohibits loans with an interest rate above 24 percent. Over the Internet, D.M. received a $1,000 loan from Payday Lender 1, at an annualized interest rate of 782.14 percent. A.L. is a resident of Virginia, which effectively limits annualized interest rates on loan to 36 percent. Over the Internet, A.L. received a $500 loan from Payday Lender 8 (operating under a fictitious name), purportedly of Michigan, at an annualized interest of 491.35 percent. All of these borrowers have sworn that debits against their bank accounts were unauthorized. 4 Nevertheless, Four Oaks Bank continues to permit TPPP-TX to take money from consumers’ bank accounts. 5 47. Four Oaks Bank also knows the specific manner by which borrowers subjected to TPPP-TX’s merchants’ unauthorized debiting claim to have been misled about payday loan terms. Four Oaks Bank’s own files contain many examples of how borrowers said they were deceived with respect to the design of certain Internet payday loans for which Four Oaks Bank allows debits against borrowers’ bank accounts. For example, a borrower from Payday Lender 1, one of TPPP-TX’s Internet payday lender merchant-clients, described her experience as follows: 4 On August 31, 2012, Four Oaks Bank stopped keeping a log of the Requests for Proof of Authorization it received in connection with TPPP-TX transactions. If Four Oaks Bank had maintained a log of Requests for Proof of Authorization during the entire period of its relationship with TPPP-TX, the total number of sworn statements of unauthorized debits likely would be far higher. 5 TPPP-TX’s fraudulent Internet payday lenders sometimes omit from loan documents any reference to the borrower’s home state in an effort to conceal the fact that the loans are made into states where the loans would be unlawful. For example, the loan agreement between Payday Lender 4 and I.C., dated October 28, 2011, omits I.C.’s city and state. The loan agreement between Payday Lender 8 and A.L., dated on or about December 22, 2011, omits A.L.’s city and state. The loan agreement between Payday Lender 4 and C.D., dated February 17, 2012, omits C.D.’s city and state. The United States has determined that C.D. resides in Georgia, where payday lending is strictly prohibited. All of these loan agreements were in the files of Four Oaks Bank. 18 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 18 of 39 I borrowed $600 and expected to pay $800-900 total including fees for the loan. After 3-4 months I noticed $900 in withdrawals for the loan, which I thought was acceptable. I did not expect to see any more debits. Debits occurred every two weeks, not monthly, so I was paying back $350 per month. When the debits totaled $1150, I called the company to ask why they were still debiting money from my account. They informed me that the first $600 were fees for the loan and did not reduce the principle [sic]. The subsequent $187 payments were paying down the loan at $50 per month, this was after I had already been charged $900 or so. . . . So I ended up paying $1800 for a $600 loan . . . . They are complete crooks!! 48. Four Oaks Bank was in a position to know, given its access to loan documents and complaints, that certain of TPPP-TX’s Internet payday lenders operated in a manner inconsistent with federal consumer protection laws designed to protect consumers from abusive lending practices and unauthorized debits. Unlike most lenders, fraudulent Internet payday lenders do not obtain collateral or other security from borrowers to protect their own interests in the event borrowers default on loans. To mitigate against that risk, fraudulent Internet payday lenders require borrowers to preauthorize ACH debits in connection with the repayment of payday loans. Federal law, however, specifically prohibits a lender from conditioning a loan on preauthorization of electronic debits, including but not limited to ACH debits. 6 6 See Electronic Funds Transfer Act, 15 U.S.C. § 1693k (“No person may – (1) condition the extension of credit to a consumer on such consumer’s repayment by means of preauthorized electronic funds transfer . . . .”); Regulation E, 12 C.F.R. § 205.10 (“Compulsory use – (1) Credit. No financial institution or other person may condition an extension of credit to a consumer on the consumer’s repayment by preauthorized electronic funds transfer, except for credit extended under an overdraft credit plan or extended to maintain a specified minimum balance in the consumer’s account.”). 19 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 19 of 39 49. Documents in the possession of Four Oaks Bank show that TPPP-TX’s Internet payday lenders regularly required borrowers to preauthorize electronic debits as a condition of the loan. For example, J.B. of Blanchester of Ohio received an Internet payday loan from Payday Lender 9 (business location not disclosed in loan documents). To receive the loan, J.B. was required to preauthorize Payday Lender 9 to electronically debit her bank account. Payday Lender 9 and most of TPPP-TX’s other payday lenders effectively condition their loans on preauthorized electronic debits in violation of federal law. 50. Some of TPPP-TX’s fraudulent Internet payday lenders operate inconsistently with federal law in yet other respects. The Credit Practices Rule prohibits lenders, in connection with extending credit to consumers, from obligating a consumer to assign wages or earnings to the lender, except in limited circumstances not applicable here. See 16 C.F.R. § 444.2(a)(3). Four Oaks Bank nevertheless permits fraudulent Internet payday lenders to debit borrowers’ accounts even where the loan documents require a wage assignment as a condition of the payday loan. For example, Payday Lender 9 required J.B. to execute a Declaration of Wage Assignment as a condition of receiving a payday loan. 7 7 TPPP-TX’s Internet payday lenders also engaged in other predatory and anti-consumer conduct, such as harassment. For example, according to documents located in Four Oaks Bank’s files, N.S. of Georgia reported that, after misleading her concerning the amount of her loan repayment that would be applied to reduce principal, a representative of one of TPPP-TX’s payday lenders repeatedly called her place of employment in an effort to intimidate her. P.T. of North Carolina, and A.M. of New York, also experienced the same conduct by other TPPP-TX payday lenders. 20 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 20 of 39 D. Four Oaks Bank Knows of, Or Is Deliberately Ignorant to, The Warning Signs of the Scheme To Defraud Consumers, As Described Above. 51. During the course of its relationship with TPPP-TX, Four Oaks Bank recognized – yet deliberately ignored – numerous warning signs that fraudulent Internet payday lenders are deceiving consumers about the terms of payday loans, making loans that are unlawful and unenforceable under state and federal laws, and using their access to the ACH network – which is sponsored by Four Oaks Bank – to take borrowers’ money without authorization. 1. 52. Four Oaks Bank is disregarding extraordinarily high return rates by TPPP-TX’s Internet payday lenders. The banking industry has been informed that high rates of returned transactions – regardless of the specific reason for the return – indicate suspicious activity. As reiterated by FinCEN: Fraud: High numbers of consumer complaints about Payment Processors and/or merchant clients, and particularly high numbers of returns or chargebacks (aggregate or otherwise), suggest that the originating merchant may be engaged in unfair or deceptive practices or fraud, including using consumers’ account information to create unauthorized RCCs or ACH debits. FinCEN Advisory: Risk Associated with Third-Party Payment Processors, FIN-2012-A010 (October 22, 2012) (bold added). 53. Four Oaks Bank knows that TPPP-TX’s Internet payday lenders experience abnormally high “return” or “chargeback” rates – the percentage of transactions that are reversed – which Four Oaks Bank also knows is a primary indicator of consumer fraud. In addition to “unauthorized” returns that represent explicit proof that a consumer denies authorizing a debit, high rates of “total” returned transactions also indicates potential fraud. For example, 21 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 21 of 39 “insufficient funds” returns may reflect consumers who had money taken from their accounts unexpectedly, or repeatedly without authorization. And high rates of “closed account” returns may reflect consumers who were forced to close their bank accounts as a consequence of unauthorized debits. In short, Four Oaks Bank knows that a high percentage of total returns indicates potential fraud or questionable business practices. 54. According to NACHA, based on 2012 data of all ACH transactions for all types of businesses (including those where fraud is most prevalent, such as Internet and telemarketing business), the national average rate of returned transaction is 1.38 percent. 8 55. Even before Four Oaks Bank commenced business with TPPP-TX in 2009, the Bank knew of serious cause for concern regarding TPPP-TX’s unauthorized return rates. During the Bank’s due diligence of TPPP-TX, a Bank official remarked with concern that it took TPPP-TX several months to address merchants with “really high charge-backs.” 56. In March 2009, four months prior to Four Oaks Bank opening bank accounts for TPPP-TX as a third-party payment processor, Bank employees discussed the unauthorized returns TPPP-TX had experienced with its prior bank. A Four Oaks Bank employee noted that in 2008 TPPP-TX had experienced more than 8,000 unauthorized transactions with its former bank in California. Indeed, Four Oaks Bank concluded that TPPP-TX had experienced a return rate far greater than NACHA’s warning threshold for seven of the prior ten months solely for returns coded as “unauthorized, improper, or ineligible.” 8 This excludes the aberrational return rate for check redeposit businesses, which is not relevant here. 22 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 22 of 39 57. On March 26, 2010, NACHA informed Four Oaks Bank that it had reason to believe the return rate for unauthorized ACH debit entries exceeded the warning threshold of one percent for TPPP-TX and another of the Bank’s third-party payment processors. 58. In July 2012, three years after Four Oaks Bank first gave TPPP-TX access to the ACH network, the Board of Directors of Four Oaks Bank approved a policy for third-party payment processors. The policy provided that merchants with a return rate of 30 percent or more would be given 30 days to reduce the return rate. 59. Four Oaks Bank’s new policy was not designed to protect consumers from fraud. The policy allowed merchants to continue to debit consumers’ bank accounts despite return rates more than 21 times higher than the industry’s combined average for ACH returns of 1.38 percent. 60. Moreover, Four Oaks Bank’s new policy was not designed to stop abuses in the ACH network. Rather, the policy was expressly designed to protect TPPP-TX’s business and the Bank’s profits. Referring to the new policy, Senior Bank Official No. 1 candidly explained to TPPP-TX Manager No. 1 that the Bank was “apparently supposed to have [a policy] for some time.” In an admission of the Bank’s willingness to protect its relationship with TPPP-TX at the expense of the public, Senior Bank Official No. 1 further explained that the Bank designed its policy to protect its relationship with TPPP-TX: “The [return rate limit] was set based on the performance of your portfolio. At the time we were putting the policy together, your overall return rate was around 25%, so we added another 5% as a cushion.” 61. But even that Bank policy, which ignored industry standards and was designed to protect the Bank and TPPP-TX, was too strict for some of TPPP-TX’s merchants. Senior Bank Official No. 1 continued to explain to TPPP-TX Manager No. 1: 23 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 23 of 39 While some of your merchants . . . have return rates of 15-25%, others are now at 40, 50, and even 60% consistently. I understand that these companies can still make good money with such [high insufficient fund returns rates], since they are charging APRs of 1500-1800%, but I don’t think we make enough money to take on the extra risk and monitoring that would come with accepting those extreme ratios. 62. TPPP-TX expressed its unhappiness about the new 30 percent return warning threshold. In response, Senior Bank Official No. 1 suggested possible further leniency in the policy, stating that “35% would not be unreasonable, maybe even 40% might be palatable, but I don’t think our risk appetite will stomach return rates of 40-65%, so some of these clients may need to be moved to your other bank.” 63. Four Oaks Bank continued to sponsor TPPP-TX’s direct access to the Federal Reserve Bank of Atlanta’s ACH payment system despite incredibly high return rates. The Bank, for example, was aware that for October 2012 – despite the new policy – all of the following TPPP-TX merchants had total return rates in excess 30 percent: Merchant Payday Lender 2 Payday Lender 4 Payday Lender 7 Payday Lender 10 Payday Lender 11 Payday Lender 12 Payday Lender 13 Payday Lender 14 Payday Lender 15 Payday Lender 16 Payday Lender 17 Payday Lender 18 Payday Lender 19 Return Rate/Percentage 33.25 36.11 38.02 39.6 55.85 37.32 33.6 63.85 35.61 70.02 31.42 33.17 48.15 24 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 24 of 39 64. In another instance, Senior Bank Official No. 1 candidly reminded TPPP-TX that three of its merchants that were previously projected to have return rates of up to 7 percent, 15 percent, and 2.8 percent, respectively, in fact had return rates of 44 percent, 60 percent, and 44 percent. Senior Bank Official No. 1 admitted that from these return rates it would appear that “we don’t know our customers and we don’t do due diligence and risk grade them properly.” Senior Bank Official No. 1 also mentioned several TPPP-TX merchants with unauthorized return rates above NACHA’s one percent warning threshold for unauthorized returns, including a TPPP-TX merchant with a seven percent unauthorized return rate. 65. In addition to TPPP-TX’s Internet payday lenders’ extraordinarily high return rates, Four Oaks Bank ignored other warnings of serious ACH debit originations problems in its ACH network activity. On or about April 31, 2011, and again on or about October 18, 2011, NACHA sent letters to Four Oaks Bank advising the Bank of potential ACH rule violations in connection with debit originations. Despite these NACHA warnings, Four Oaks Bank continued to process transactions against consumer accounts. 25 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 25 of 39 2. Four Oaks Bank is aware that TPPP-TX’s Internet merchants seek to conceal their true identities, a warning to Four Oaks Bank that the merchants are attempting to hide their operations from scrutiny. 66. Four Oaks Bank ignores clear indications that TPPP-TX’s merchant-clients are attempting to conceal their identities. As noted above, every bank has been required for years to know who their customers are and what they are doing to ensure that they are not using the bank for unlawful activity. Yet, several of the fraudulent Internet payday lenders for which Four Oaks Bank provides access to the ACH network attempt to maintain anonymity from the public and law enforcement – and Four Oaks Bank itself – through corporate layering, sham contractual relationships, fictitious names, and other artifices. As further described below, Four Oaks Bank knows that many of these fraudulent Internet payday lenders prevent others from learning about their operations by obscuring their identities, ownership, corporate forms, locations, and even website registrations. 67. For example, Four Oaks Bank knows that some of these fraudulent Internet payday lenders purport to be located in foreign countries or affiliated with a federal-recognized Native American tribe, despite specific knowledge by Four Oaks that these various lenders actually have little to no meaningful connection with the named tribe or foreign country. 68. Other merchants disguise their identities by cloaking themselves within “nested” payment processor structures. In such structures, the merchant-processor-bank relationship is modified and becomes a merchant-processor-processor-bank relationship. The addition of a second payment processor between the merchant and the bank makes it more difficult for banks to prevent merchants from conducting unlawful activity through the banks, and more difficult for 26 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 26 of 39 aggrieved consumers and law enforcement to learn the true identity of merchants and the nature of the merchants’ operations. 69. Four Oaks Bank knows that TPPP-TX’s Internet payday lenders engage in suspicious concealment efforts. In January 2012, for example, a Four Oaks Bank official became concerned about the Bank’s lack of knowledge about the identity of Payday Lender 20. By that time, Four Oaks Bank knew that many consumers had alleged that Payday Lender 20 had caused unauthorized withdrawals from consumers’ bank accounts and continued to debit consumers’ bank accounts even after loans had been fully paid-off. 70. Senior Bank Official No. 1 and another Bank official, attempting to understand Payday Lender 20’s true identity and operations, discovered that a year earlier it had changed its name. The name change concealed the true identity of the payday lender and created the false impression that the lender was owned and operated by a tribal entity. Senior Bank Official No. 1 conceded his own understanding that a tribal entity was not the genuine party in interest: “[TPPP-TX Senior Manager No. 1] said the money was coming from the tribes, but that is more of a technicality, as the former entity is loaning those moneys to the tribes.” 71. The newly-discovered information about the identity of Payday Lender 20, along with complaints and other evidence of unauthorized debit transactions against consumers’ accounts, caused concern for at least one Four Oaks Bank official. That Bank employee informed Senior Bank Official No. 1 of a recent FDIC pronouncement, which stated: [F]inancial institutions should consider the potential for legal, reputational, and other risks, including risks associated with a high or increasing number of customer complaints and returned items, and the potential for claims of unfair or deceptive practices. Financial institutions that fail to adequately manage these relationships may be viewed as facilitating a payment processor’s 27 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 27 of 39 or merchant client’s fraudulent or unlawful activity and, thus, may be liable for such acts or practices. (Italics in original) In light of this warning, the concerned Bank employee commented to Senior Bank Official No. 1: “I thought you may be interested in this portion in particular, since we had the email conversation last week about the Native American tribes and the payday lenders [i.e., Payday Lender 20] operating through them.” Notwithstanding these concerns, Four Oaks Bank continued to allow TPPP-TX to process for Payday Lender 20. 72. Other red flags revealed to the Bank the lengths to which TPPP-TX’s payday lenders would go to avoid detection. In March 2012, TPPP-TX informed Four Oaks Bank that it would begin processing payments for Payday Lender 19. TPPP-TX described Payday Lender 19 as “a corporation, owned by a corporation, which is owned by another corporation.” The Bank knew that Payday Lender 19 was merely the new face of an entity that had been operating using other names. After attempting to research the corporate entity behind Payday Lender 19, a Bank officer concluded: “The main company, [Payday Lender Holdings 1], is based out of Canada so we were unable to locate any Lexis Nexis information for them.” The absence of information identifying who was really running this triple-layered international corporate structure did not dissuade Four Oaks Bank from providing Payday Lender 19 direct access to consumers’ bank accounts via the ACH network. 73. Four Oaks Bank also provided Payday Lender 16 access to consumers’ bank accounts. TPPP-TX initially represented to the Bank that Payday Lender 16 was a United States entity. Upon further inquiry, Four Oaks Bank learned that Payday Lender 16 was owned by a resident of the United Kingdom. Four Oaks Bank also learned that Payday Lender 16 did not 28 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 28 of 39 have a United States presence except for a mail-drop at a “virtual office” space. In April 2012, Four Oaks Bank concluded that Payday Lender 16 “appears to be a US company in name only.” Four Oaks Bank nevertheless provided Payday Lender 16 access to the ACH network, resulting later in 2012 in an astoundingly high return rate of 70.02 percent. 74. In May 2012, a Four Oaks Bank official questioned TPPP-TX about whether the Bank ought to process payments for a new TPPP-TX merchant. The Bank official stated: This one is tough. From a [Bank Secrecy Act] perspective, we have a high risk business, owned by a foreign person that we can’t due diligence, born in a “country of concern”, living in a “country of concern”. With the projected volumes being 1,000 items daily for $600,000 a month, I don’t think the reward justifies the risk here. Feel free to provide any additional rational for me to change my mind. 75. Despite these serious concerns, Four Oaks Bank accepted the new merchant and allowed it direct access to the ACH network so that it could debit consumers’ bank accounts. 76. As early as February 2010, Four Oaks Bank knew that, in violation of their agreement, TPPP-TX was providing ACH access to additional, new merchants without notifying Four Oaks Bank. Four Oaks Bank nonetheless allowed TPPP-TX to add new merchants, in some cases without pre-approval by the Bank. This created a situation in which Four Oaks Bank had no knowledge whatsoever of some of the entities to which it was providing access to the ACH network. 77. In May 2012, a senior Bank officer acknowledged that the Bank had not completed risk matrices (an analysis of the risk posed by a bank’s customer) for 42 of 68 (62 percent) of TPPP-TX’s merchants. The senior Bank official expressed no concern that the Bank’s failure to conduct risk assessments posed a threat to consumers. Rather, the official was concerned that the 29 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 29 of 39 Bank would suffer consequences from its regulator, stating that the Bank needed to re-create due diligence it had not previously performed and have completed risk matrices on file “for all the ones we are missing prior to the examiners arriving.” 78. Officials at the Bank recognized that TPPP-TX was not trustworthy – yet continued to rely upon it and conduct its banking business. In June 2012, two Bank officials had the following exchange in connection with TPPP-TX adding new merchants: Bank Official No. 1: “I just wish we could rely a little on them, but at every turn, it seems there is something else. I don’t know how we could allow them to approve anything (haha).” Bank Official No. 2: “Motto with them – always verify and double check yourself!” Bank Official No. 1: “My opinion, we don’t need a customer like that originating ACH direct to the [Federal Reserve].” 79. Despite knowing that TPPP-TX could not be trusted to oversee due diligence of merchants, Four Oaks Bank officials relied on TPPP-TX heavily – and sometimes exclusively – to complete the critically important function of deciding which merchants would have access to the ACH network, and the power to debit consumers’ bank accounts. Not surprising, the consequences for consumers were disastrous. 80. By April 2010, Four Oaks Bank knew that TPPP-TX had been providing ACH network access as a conduit to yet other third-party payment processors through “nested” relationships. One of the nested processors was an entity identified as Redfall. Redfall’s conduct eventually was disclosed to the public in United States v. Pokerstars, et al., 11-CV-02564 (S.D.N.Y.), a federal money laundering action, which alleged (in part) that Redfall had been 30 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 30 of 39 illegally processing payments for Internet gambling entities. In that case, a federal court restrained gambling-related money held by TPPP-TX on behalf of Redfall in bank accounts at Four Oaks Bank. No later than July 11, 2012, Four Oaks Bank knew that TPPP-TX had conceded to federal law enforcement authorities that more than $6 million in TPPP-TX’s accounts at Four Oaks Bank were connected to illegal conduct. Despite knowing that TPPP-TX had allowed Redfall to use Four Oaks Bank’s accounts for illegal purposes, Four Oaks Bank continued to rely upon TPPP-TX to vet new merchants for whom Four Oaks Bank sponsored ACH network access to debit consumers’ bank accounts. 81. In Spring 2012, Four Oaks Bank agreed to provide ACH access to a TPPP-TX merchant-client, Rex Venture Group, LLC, despite knowing that: (1) Rex Venture’s principals could not be identified through business database searches; (2) the Bank could not independently verify the type of legitimate business in which Rex Venture Group was engaged; (3) one of the two addresses reported by the company was a vacant lot, and the other was a different business; and (4) the Social Security Number of one of the company’s purported principals was associated with a different person. A Bank official even concluded that the purported owner of Rex Venture Group “keeps changing company names so his reputation will not catch up with him.” 82. These red flags did not stop Four Oaks Bank from providing access to the ACH network through TPPP-TX and another nested payment processor to Rex Venture Group. By August 17, 2012, the public learned what Four Oaks Bank already knew or should have known – Rex Ventures Group allegedly was a massive Ponzi and pyramid scheme. In S.E.C. v. Rex Ventures Group, LLC d/b/a/ Zeekrewards.com, et al., Civil Action 12-CV-519 (W.D.N.C.), the government alleged that Rex Venture Group had illegally raised more than $600 million from 31 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 31 of 39 approximately one million investors. Four Oaks Bank had allowed Rex Ventures Group (through TPPP-TX and a nested relationship) to process close to $60 million in ACH transactions in furtherance of the illegal scheme. 3. 83. Four Oaks Bank ignored explicit notice from state law enforcement that at least one TPPP-TX fraudulent Internet payday lender was engaged in illegal activity. Four Oaks Bank ignored evidence from state law enforcement that TPPP-TX’s Internet payday lenders were misleading borrowers and violating state laws. For example, Four Oaks Bank received a letter dated December 4, 2012, from the Attorney General of Arkansas. The letter was directed to Payday Lender 1 in care of Four Oaks Bank. The Attorney General explained in the letter that payday lending “in the State of Arkansas is illegal” and that Payday Lender 1 had engaged in such activity in Arkansas. The Attorney General demanded that Payday Lender 1 “cease engaging in payday lending transactions with Arkansas consumers and cancel all outstanding payday lending transactions where the annual percentage rate is greater than 17 per annum.” 84. The Arkansas Attorney General’s letter attached a complaint by a consumer, M.J.S. M.J.S. explained: My initial loan was $400. I have already paid 1,140. They claim that there is still a balance of $480. I [have now been told] that the first 4 payments were “interest” payments and the 5th payment and afterward would be the start of my payments toward the loan. . . . I also found out that the company is based out of Central America (Belize City) and is not an American-based company. . . . I have made the following payments: $120, $240, $290, $260 and $230. As you can see, I have paid more than triple the original loan amount. I contacted them about illegal payday lending and they told me they were legal to hold their business in Arkansas. 32 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 32 of 39 85. Four Oaks Bank reviewed the letter with TPPP-TX and tussled about how to respond. TPPP-TX Manager No. 1 told the Bank: But my point is: legally, they addressed the letter to you. I think legally we should have you reply that you aren’t doing [payday loans] in AR. And then wipe your hands. Don’t mention us or our client. . . . It would be my opinion that you should use caution in what is said to them, for fear of saying something that opens a legal can of worms. Just my advice. 86. Based on TPPP-TX Manager No. 1’s “advice” to Four Oaks Bank, the Bank “wiped its hands” of the Attorney General of Arkansas’s letter. Four Oaks Bank elected not to communicate with the Attorney General or to disclose the identity of TPPP-TX, or that of the payday lender’s principal and beneficial owner. (The only information known to the Attorney General was the payday lender’s trade name, and later in connection with a letter from the payday lender to the Attorney General, a post office box number in Belize.) Moreover, despite having received the Attorney General’s statement that offering payday loans to Arkansas residents is illegal, Four Oaks Bank did not take steps to assure that in the future TPPP-TX’s payday lenders did not originate ACH debits against Arkansas consumers in connection with illegal payday loans, or that existing illegal and unenforceable loans to Arkansas residents were cancelled. 87. By November 2012, Four Oaks Bank decided to end its relationship with TPPP-TX. But the Bank decided to wait another 20 months and terminate only when its contract with TPPP-TX expired in July 2014. The Bank continues to sponsor TPPP-TX’s access to the ACH payments system for the benefit of TPPP-TX’s Internet payday lenders. 88. On December 19, 2012, TPPP-TX informed the Bank that it intended to open nine “doing business as” accounts on behalf of Payday Lender 22. By using a series of fictitious 33 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 33 of 39 names, Payday Lender 22 would be able to conceal its true identity and its past history of law enforcement actions and consumer complaints. 89. A concerned Bank employee conducted further due diligence on Payday Lender 22 and its proposed fictitious names. The employee determined that, in addition to other negative information, Payday Lender 22 was the subject of a Cease and Desist order from the Commonwealth of Pennsylvania for lending to Pennsylvania residents in violation of Pennsylvania’s interest rate cap on short term loans, and operating without a license. The Bank employee discovered that Payday Lender 22 charged consumers interest rates of 521.26 percent – far in excess of the rate allowed in Pennsylvania and most other states. The Bank employee also found a large number of consumer complaints about Payday Lender 22. 90. The Bank employee further found substantial negative history regarding virtually all of the fictitious names proposed by TPPP-TX. For example, for virtually all of the names, the Bank employee found “many, many sites of complaints” from consumers. And in some cases, the numbers of complaints were rising. The Bank employee concluded: Based on the amount of negative news, operating in states while being unlicensed and it appears to be more than the two listed. They just haven’t gotten caught yet. I cannot approve this one based on all of the negative news. I think we would end up wishing we had let this one go. 91. Despite knowing this history, Senior Bank Official No. 1 overrode the preliminary decision not to allow TPPP-TX to establish the nine new accounts on behalf for Payday Lender 22. Senior Bank Official No. 1 concluded: “We already have the relationship, so we already have the risk. Plus, to deny based on consumer complaints, I think we’d need to look at shutting down the current business, for the same reason.” 34 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 34 of 39 92. Four Oaks Bank’s management apparently was not troubled by TPPP-TX Manager No. 1’s disdain for state consumer protection efforts. Confronted with the fact that the Washington State Department of Financial Institutions had issued a public warning that Payday Lender 23 (one of TPPP-TX’s merchants) was unlicensed and violating state and federal collections laws, TPPP-TX Manager No. 1 stated to Senior Bank Official No. 1: “Its [sic] why lenders choose to be offshore. They don’t want to have to deal with each state’s laws – none of them being the same.” E. Four Oaks Bank’s Policy Toward TPPP-TX and its Fraudulent Internet Payday Lenders Continues to Cause Substantial Consumer Harm. 93. In sum, Four Oaks Bank recognizes that it is facilitating a scheme by TPPP-TX and its fraudulent Internet payday lenders to deceive consumers and evade authorities. The Bank’s approach is epitomized in an email exchange between Senior Bank Official No. 1 and TPPP-TX Manager No. 1. Four Oaks Bank requested information about a new merchant’s licensing. In response to the request, TPPP-TX Manager No. 1 stated: We do not ask what States [our lenders] are licensed to lend in, nor for any licensing. . . . Asking opens legal issues that are not worth the time or trouble. We are not their regulator from a lending point of view. . . . I want no legal responsibility for whether it is it [sic] legal to lend into a state based on their model, and my strong guess is that you don’t either. It is irrelevant to the business we do with them. . . . We are very involved in this industry, understand the legal challenges, and I am not interested in getting involved in their right to lend. It can only expose both of us to unneeded regulation and risk. 94. Four Oaks Bank affirmed to TPPP-TX that it would not request that Internet payday lenders provide information about state lending licenses. In further response, Senior Bank Official No. 1 revealed the unspoken truth of the scheme Four Oaks Bank is facilitating: 35 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 35 of 39 You don’t think there’s huge potential liability for ignoring the fact that certain transactions could potentially be illegal, and not doing the due diligence and monitoring to ensure they aren’t? . . . I’m not sure “don’t ask/ don’t tell” is going to be a reasonable defense, if a state comes after one of our originators. 95. Four Oaks Bank continues to profit from its relationship with TPPP-TX, at the expense of consumers. In April 2013 alone, on behalf of TPPP-TX and its Internet payday lenders, Four Oaks Bank permitted 340,203 debit transactions to be submitted to the ACH network, for a total dollar value of approximately $99.5 million, against consumers’ bank accounts. For these transactions, the return rate was an extraordinarily high 25.61 percent. Approximately 25 percent of the transactions were on behalf of purportedly overseas companies. The Bank’s revenue from TPPP-TX in that month was $24,724.55. 96. As recently as August 8, 2013, Four Oaks Bank received a letter from NACHA informing it that “purported authorizations to pay illegal loans that are unenforceable under applicable state law do not constitute valid authorizations under NACHA Rules.” 97. Four Oaks Bank’s illegal conduct continues to this day. COUNT I (18 U.S.C. § 1345 – Injunctive Relief) 98. The government incorporates by reference paragraphs 1 through 97 as if fully set forth in this paragraph. 99. Four Oaks Bank violated and continues to violate the Wire Fraud statute, 18 U.S.C. § 1343, by participating in a scheme or artifice to defraud, or for obtaining money or property by means of false or fraudulent pretenses with the intent to defraud, using wire communication. 36 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 36 of 39 100. Four Oaks Bank’s conduct constitutes a continuing and substantial injury to the United States and its citizens. 101. The United States seeks, pursuant to 18 U.S.C. § 1345(b), a permanent injunction restraining all future fraudulent conduct and any other action that the Court deems just in order to prevent a continuing and substantial injury to the persons and entities affected by the Defendants’ fraudulent scheme. COUNT II (12 U.S.C. § 1833a – Civil Penalties) 102. The government incorporates by reference paragraphs 1 through 101 as if fully set forth in this paragraph. 103. Four Oaks Bank violated the Wire Fraud statute, 18 U.S.C. §1343, by participating in a scheme or artifice to defraud, or for obtaining money or property by means of false or fraudulent pretenses with the intent to defraud, using wire communication. 104. This wire fraud scheme affected numerous federally-insured financial institutions, including the banks of the consumer victims from whom money was taken without authorization, and Four Oaks Bank itself. 105. Accordingly, Four Oaks Bank is liable to the United States for civil penalties as authorized under 12 U.S.C. § 1833a(b). WHEREFORE, the United States requests judgment against Defendants, as follows: a. An injunction under 18 U.S.C. § 1345 enjoining Defendants from continuing to process payments for TPPP-TX and the fraudulent Internet payday lending industry; 37 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 37 of 39 b. A judgment imposing a civil penalty against Defendants up to the maximum amount allowed by law; c. Such further relief, including but not limited to equitable relief under the Court’s inherent powers, as the Court deems just. Respectfully, STUART F. DELERY Assistant Attorney General Civil Division MAAME EWUSI-MENSAH FRIMPONG Deputy Assistant Attorney General Civil Division MICHAEL S. BLUME Director Consumer Protection Branch RICHARD GOLDBERG Assistant Director Consumer Protection Branch /s/ Joel M. Sweet /s/ John W. Burke /s/ James W. Harlow JOEL M. SWEET JOHN W. BURKE JAMES W. HARLOW Trial Attorneys Consumer Protection Branch 450 Fifth Street, NW 6th Floor South Washington, D.C. 20001 Telephone: (202) 532-4663 (202) 353-2001 (202) 514-6786 E-mail: joel.sweet@usdoj.gov josh.burke@usdoj.gov james.w.harlow@usdoj.gov 38 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 38 of 39 THOMAS G. WALKER United States Attorney Eastern District of North Carolina /s/ G. Norman Acker III G. NORMAN ACKER, III Assistant United States Attorney 310 New Bern Avenue Suite 800, Federal Building Raleigh, NC 27601-1461 Telephone: (919) 856-4049 Facsimile: (919) 856-4821 E-mail: Norman.Acker@usdoj.gov NC Bar #12839 Attorneys for Plaintiff United States of America Dated: January 8, 2014 39 Case 5:14-cv-00014-BO Document 1 Filed 01/08/14 Page 39 of 39