Skip to main content

CFPB Takes Action Against Fintech Company GreenSky for Enabling Merchants to Secure Loans for Consumers Without Their Authorization

WASHINGTON, D.C. – The Consumer Financial Protection Bureau (CFPB) took action against GreenSky, LLC for enabling contractors and other merchants to take out loans on behalf of thousands of consumers who did not request or authorize them. The CFPB issued a consent order against GreenSky requiring the company to refund or cancel up to $9 million in loans for customers harmed by its illegal conduct, pay a $2.5 million civil penalty, and implement new procedures to prevent future fraudulent loans.

“GreenSky’s careless business and customer service practices enabled its merchants to take advantage of vulnerable consumers who needed financial help to repair their homes and to pay for other critical retail services by setting up loans without consumers’ consent,” said CFPB Acting Director Dave Uejio. “For consumers to wind up in debt to GreenSky for loans they never knew about is simply wrong. The CFPB will not stand for practices that allow conduct like this in the marketplace.”

GreenSky, a non-bank institution headquartered in Atlanta, used merchants, primarily those providing home improvements, to promote and offer financing to customers before making on-the-spot lending decisions based on criteria provided by its partner banks. Proceeds from GreenSky’s loans, ranging from a few thousand to tens of thousands of dollars, bypass consumers and are disbursed directly to merchants following the merchants’ application for payment. Some consumers complained that they never applied for a loan or even heard of GreenSky before receiving billing statements, collection letters, and calls from the company.

Processing and Enabling Unauthorized Loans

The CFPB found that GreenSky engaged in unfair practices against their customers in violation of the Consumer Financial Protection Act of 2010 (CFPA). The violations involved the company’s loan origination and servicing activities, which included:

  • Processing and servicing unauthorized loans: GreenSky serviced and facilitated the origination of loans to consumers who did not request or authorize them. Between 2014 and 2019, GreenSky received at least 6,000 complaints from consumers who stated they did not authorize submission of a loan application. The company’s complaint investigations found that in at least 1,600 instances its merchants were at fault.
  • Structuring the GreenSky Program in a manner that enabled unauthorized loans: GreenSky failed to create and implement appropriate and effective controls during the loan application, approval, and funding processes, failed to implement adequate merchant training and oversight, and neglected to effectively manage consumer complaints.

Enforcement Action

Under the CFPA, the CFPB has the authority to take action against institutions violating federal consumer financial laws, including by engaging in unfair, deceptive, or abusive acts or practices. The consent order issued today requires GreenSky to:

  • Refund and cancel loans for harmed consumers: GreenSky will provide up to $9 million in cash refunds and loan cancellations.
  • Pay a civil penalty: GreenSky will pay $2.5 million to the CFPB, which will be deposited into the CFPB’s Civil Penalty Fund
  • Prevent future abuses: GreenSky is required to prevent future illegal practices by verifying consumers’ identities and confirming their authorizations prior to activating loans or disbursing loan proceeds. GreenSky must also implement an effective consumer complaint management program, exercise effective oversight of third-party merchant partners, and implement consistent standards to govern the write-off of illegal loans.

Read the CFPB’s consent order .


The Consumer Financial Protection Bureau is a 21st century agency that implements and enforces Federal consumer financial law and ensures that markets for consumer financial products are fair, transparent, and competitive. For more information, visit www.consumerfinance.gov.