A settlement between Enova International, Inc., an online lender that extends unsecured payday and installment loans, and lines of credit based in Chicago, Ill., and the Consumer Financial Protection Bureau (CFPB) requires Enova to pay a $3.2 million civil money penalty related to illegal debiting of consumers accounts and other violations, the bureau announced Friday.
The consent order says Enova engaged in “unfair acts or practices” that are prohibited by the Consumer Financial Protection Act (CFPA – part of the Dodd-Frank Wall Street Reform and Consumer Protection Act, or Dodd-Frank) by debiting consumers’ bank accounts without authorization. “While consumers authorized Enova to deduct payments from certain accounts, the company in many instances debited different accounts that the consumers had not authorized it to use,” CFPB said in Friday’s announcement. “The Bureau found also that Enova failed to honor loan extensions it granted to consumers.”
The order was signed Jan. 22 by CFPB Director Kathy Kraninger. Among the specifics noted are:
- Beginning in 2010, Enova began using consumer bank account information it obtained from loan applications it had purchased from lead generators to overwrite consumer bank account information related to consumers’ outstanding loans that Enova maintained in its systems.
- Enova then electronically debited payments on 5,520 consumers’ outstanding loans from the new bank accounts. It did not have authorization to debit these new accounts.
- Enova overwrote consumers’ bank account information using information obtained from lead-generator loan applications it purchased until June 2014, at which time it stopped overwriting existing bank account information on newly purchased loan applications.
- After June 2014, Enova continued to debit or attempt to debit 265 consumers’ bank accounts that had already been overwritten, at least 6,425 times, in most instances without obtaining consumers’ authorization to debit these accounts. Enova continued this practice until December 2018 for the consumers who still had outstanding lines of credit. In December 2018, the company stopped debiting any accounts for which it did not have a valid authorization.
- Enova’s debits or attempted debits of consumers’ updated bank accounts without authorization injured consumers. Enova extracted millions of dollars in unauthorized debits from consumers’ accounts. As a result, consumers experienced or were likely to experience unexpectedly low or negative balances and were unable to use funds for other purposes as anticipated. Enova also made unsuccessful attempts to debit consumers’ accounts, which resulted in consumers being charged insufficient funds (NSF) fees and other bank fees.
- Between 2010 and October 2014, Enova did not inform consumers that it would debit, or had debited, their bank accounts without obtaining consumers’ authorization to do so, so consumers could not reasonably have avoided the injury they suffered as a result of Enova’s illegal debiting.
- Because of a coding error at Enova, 308 consumers also did not actually receive extensions for which they were approved, but they were debited for the full loan amounts requested rather than the fee for extension. After a coding fix failed, the fix was disabled, and consumers were not informed about the debiting of full loan amounts for more than a year.
Under the terms of the consent order, Enova is, among other things, barred from making or initiating electronic fund transfers without valid authorization.