{"took":3138,"timed_out":false,"_shards":{"total":5,"successful":5,"skipped":0,"failed":0},"hits":{"total":{"value":42,"relation":"eq"},"max_score":null,"hits":[{"_index":"complaint-public-v1","_id":"17021741","_score":20.719208,"_source":{"product":"Debt collection","complaint_what_happened":"XXXX XXXX XXXX XXXX XXXX XXXX, GA XXXX Email : XXXX Phone : ( XXXX ) XXXX Date : XX/XX/year>XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX Subject : Immediate Action Required Regarding Data Breach Incident Dear XXXX  Support Team, I am writing to express my concern and request immediate clarification regarding the recent data breach that has affected XXXX  systems. As a consumer who relies on the integrity and security of your services, I am deeply troubled by this incident and its potential impact on my personal information.\n\nAccording to reports, this breach may have compromised sensitive personal data, which could expose consumers to identity theft, fraud, and other malicious activities. As a precaution, I am formally requesting the following : 1. Confirmation of Impact : Please confirm whether my personal data ( including but not limited to my Social Security number, credit account details, or any other sensitive information ) was affected by the breach.\n\n2. Security Measures : Explain what specific actions XXXX  has taken to mitigate the risks of this breach and what measures have been implemented to prevent future data security failures. \n3. Credit Monitoring and Identity Protection : I am requesting complimentary credit monitoring, identity theft protection, and related services for affected consumers. Please provide clear enrollment instructions.\n\n4. Consumer Protection Guidance : Advise me of the additional steps I should take to protect my credit and personal information, such as credit freezes, fraud alerts, or account monitoring options.\n\nThis matter is urgent and I expect a prompt written response outlining the actions XXXX  is taking to protect my data and restore consumer trust. Please respond within 14 days of receipt of this letter.\n\nShould my concerns not be addressed in a timely manner, I will escalate this matter to the Consumer Financial Protection Bureau ( CFPB ), the Federal Trade Commission ( FTC ), and other appropriate agencies.\n\nThank you for your immediate attention to this matter. I look forward to your prompt and thorough","date_sent_to_company":"2025-11-04T16:48:52.000Z","issue":"Took or threatened to take negative or legal action","sub_product":"I do not know","zip_code":"30815","tags":null,"has_narrative":true,"complaint_id":"17021741","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"EQUIFAX, INC.","date_received":"2025-11-04T16:41:29.000Z","state":"GA","company_public_response":null,"sub_issue":"Collected or attempted to collect exempt funds"},"highlight":{"complaint_what_happened":["Confirmation of Impact : Please confirm whether my personal data ( including but not limited to my Social <em>Security</em> number, credit account details, or any other sensitive information ) was affected by the breach.\n\n2. <em>Security</em> <em>Measures</em> : <em>Explain</em> <em>what</em> <em>specific</em> <em>actions</em> <em>XXXX</em>  has taken to mitigate the risks of this breach and <em>what</em> <em>measures</em> have been implemented to prevent future data <em>security</em> failures. \n3."],"issue":["Took or threatened to take negative or legal <em>action</em>"]},"sort":[20.719208,"17021741"]},{"_index":"complaint-public-v1","_id":"7383462","_score":20.49212,"_source":{"product":"Credit card or prepaid card","complaint_what_happened":"The purpose of this complaint is to formally address the unauthorized issuance of a duplicate credit card by Wells Fargo, which was subsequently exploited for fraudulent activities. This issue is in clear violation of the provisions outlined in the Electronic Fund Transfer Act ( EFTA ). \n\nThis unauthorized credit card was sent to an unfamiliar address, XXXX XXXX XXXX ( no state or zip code listed ), which I have no affiliation with or knowledge of. \n\nThis incident is particularly alarming considering that the unauthorized duplicate credit card was subsequently used for fraudulent transactions. I was not only left financially compromised but also deeply concerned about the safety of my personal information and the security measures maintained by Wells Fargo. \n\nAccording to the provisions of the Electronic Fund Transfer Act ( EFTA ), financial institutions are obligated to ensure the security and integrity of electronic fund transfers, including the issuance and use of credit cards. The unauthorized issuance of a duplicate credit card, combined with its subsequent fraudulent use, represents a failure to adhere to the EFTA 's stipulations.\n\nI demand that Wells Fargo take immediate and comprehensive action to address this matter : Reversal of Charges : I insist on the immediate reversal of all charges associated with the unauthorized transactions made using the duplicate credit card. As per the EFTA, I am entitled to a refund for any unauthorized transactions. \nThorough Investigation : I request that Wells Fargo conduct a thorough investigation into how the duplicate credit card was produced and distributed without my consent. \nWritten Explanation : I demand a detailed written explanation of the investigation 's findings, all documents used to determine the case, including a clear account of how the unauthorized issuance of the duplicate credit card occurred. This explanation should be submitted to me in writing, in accordance with the EFTA 's requirements for transparency.\n\nYour explanation should include the following : Issuance of Duplicate Card : Provide a detailed explanation of the process by which credit cards are issued and distributed. \nWhat safeguards are in place to prevent the issuance of duplicate cards without the account holder 's explicit consent? \nExplain the specific circumstances that led to the unauthorized issuance and distribution of the duplicate credit card ending in XXXX  without my knowledge or consent and the subsequent distribution of the card to an address not associated with the account. \nSecurity Measures : What security measures does Wells Fargo have in place to prevent the unauthorized issuance of duplicate credit cards? \nProvide details on any recent security enhancements made to prevent such incidents from occurring in the future. \nAre there any specific protocols or authentication methods in place to ensure the accuracy of credit card issuance requests? \n\nFraud Detection and Prevention : How does Wells Fargo monitor for potentially fraudulent transactions and irregularities on customer accounts? \nWhat steps were taken to identify and prevent the fraudulent transactions made using the duplicate credit card in question? \nHow does the bank ensure that transactions made using a duplicate card are flagged for verification or declined to prevent unauthorized activities Investigation Process : What steps did Wells Fargo 's Claims and Recovery Credit Card Fraud Claims department undertake during its investigation of the unauthorized charges? \nWhat evidence, documents, or information were considered during the investigation process to determine that I authorized the transactions? Notification and Communication : Why was I not notified or contacted by your analyst during the investigation process, especially given the seriousness of the matter? \n\nLegal and Regulatory Compliance : How does Wells Fargo ensure compliance with the Electronic Fund Transfer Act ( EFTA ) regarding the security of credit card issuance?\n\nWhat steps does Wells Fargo take to ensure that its practices align with the EFTA 's provisions and guidelines?\n\nExplain how Wells Fargo intends to rectify this incident to ensure full compliance with the EFTA My expectations align with the EFTA 's standards and regulations, which prioritize the security and well-being of your consumers.","date_sent_to_company":"2023-08-10T21:31:22.000Z","issue":"Problem with a purchase shown on your statement","sub_product":"General-purpose credit card or charge card","zip_code":"320XX","tags":null,"has_narrative":true,"complaint_id":"7383462","timely":"Yes","company_response":"Closed with monetary relief","submitted_via":"Web","company":"WELLS FARGO & COMPANY","date_received":"2023-08-10T20:46:33.000Z","state":"FL","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Card was charged for something you did not purchase with the card"},"highlight":{"complaint_what_happened":["<em>Security</em> <em>Measures</em> : <em>What</em> <em>security</em> <em>measures</em> does Wells Fargo have in place to prevent the unauthorized issuance of duplicate credit cards? \nProvide details on any recent <em>security</em> enhancements made to prevent such incidents from occurring in the future. \nAre there any <em>specific</em> protocols or authentication methods in place to ensure the accuracy of credit card issuance requests?"]},"sort":[20.49212,"7383462"]},{"_index":"complaint-public-v1","_id":"12645534","_score":16.907177,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"This is in reference to a prior complaint in which I have attached. \nTransUnion XXXX XXXX XXXX XXXX XXXX  XXXX, PA 19016 Subject : Unauthorized Lifting of Security Freeze & Failure to Provide Requested Documentation Dear TransUnion Disputes Department, I am following up on my recent dispute regarding the charge-off accounts inaccurately reported on my credit file. In your response, you stated that the accounts in question were \" Verified as Reported '' without providing the legally required documentation. Additionally, you referenced Federal Freeze Lifted, which is alarming, as I had an active security freeze on my account that I did not request to be removed. \n\nOutstanding Issues That XXXX XXXX Attention XXXX. XXXX XXXX XXXX Was It Lifted? \nI previously placed a security freeze on my credit report as a protective measure against fraud and unauthorized activity. Your response states that a XXXX XXXX was lifted, yet : I did not request or authorize the removal of this freeze. \n\nI received no prior notification from TransUnion regarding the removal. \n\nI was given no explanation for why this action was taken. \n\nI demand an immediate written response explaining : What Federal Freeze Lifted means in this context.\n\nWho authorized the removal of my security freeze.\n\nWhen and how this removal was processed.\n\nThe steps required to reinstate my security freeze immediately.\n\nIf this action was taken in error, it needs to be corrected immediately, as unauthorized changes to my credit file compromise my security.\n\n2. Failure to Provide Legally Required Documentation on Charge-Offs Your response to my dispute failed to provide the specific documentation I requested under 611 of the Fair Credit Reporting Act ( FCRA ) : Proof of Charge-Off Dates ( Exact Dates ) A record from the original creditor confirming the precise date of charge-off.\n\nSource and Verification Documentation showing which entity provided this charge-off information to TransUnion and records of how it was verified.\n\nTransmission Records A timeline showing when and how TransUnion received and processed the charge-off data.\n\nMerely stating that the accounts were \" Verified as Reported '' without furnishing the actual records is insufficient under 611 ( a ) ( 5 ) of the FCRA. If you can not provide verifiable proof from the original creditors, you are legally required to delete the inaccurate information from my credit file.\n\nFinal Demand & Next Steps I am requesting : Immediate reinstatement of my security freeze ( if it was lifted without authorization ).\n\nA written explanation of why my security freeze was removed.\n\nThe full documentation requested regarding the charge-off accounts within 10 business days.\n\nFailure to comply will result in : A formal complaint to the Consumer Financial Protection Bureau ( CFPB ) for failure to uphold FCRA requirements.\n\nA complaint to the Federal Trade Commission ( FTC ) regarding unauthorized actions on my credit file, particularly the lifting of my security freeze.\n\nPotential legal action under 611 and 623 of the FCRA if my requests are not addressed. \n\nThis is your final opportunity to resolve these issues before escalation. Please respond in writing to the CFPB complaint and not by mail!","date_sent_to_company":"2025-03-24T21:20:57.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"34758","tags":"Older American","has_narrative":true,"complaint_id":"12645534","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","date_received":"2025-03-24T21:13:54.000Z","state":"FL","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["I was given no explanation for why this <em>action</em> was taken. \n\nI demand an immediate written response <em>explaining</em> : <em>What</em> Federal Freeze Lifted means in this context.\n\nWho authorized the removal of my <em>security</em> freeze.\n\nWhen and how this removal was processed.\n\nThe steps required to reinstate my <em>security</em> freeze immediately.\n\nIf this <em>action</em> was taken in error, it needs to be corrected immediately, as unauthorized changes to my credit file compromise my <em>security</em>.\n\n2."]},"sort":[16.907177,"12645534"]},{"_index":"complaint-public-v1","_id":"14515260","_score":16.141382,"_source":{"product":"Checking or savings account","complaint_what_happened":"1. I am a XXXX XXXX XXXX XXXX and joined USAA Bank in XXXX. \n\n2. On XXXX XX/XX/XXXX I logged into my USAA account as I do every week and noticed a transaction I did not make nor authorize in the amount of {$4400.00} taken from my USSA Bank clearing my back account to - {$500.00}. \n\nXXXX. The payment record showed the funds being pulled from my checking account to a XXXX XXXX XXXXXXXX account without my authorization or approval from me. Additionally, USAA charged me fees for overdraft protection from my XXXX XXXX  ( NOTE : I dont own a XXXX XXXX XXXXXXXX Credit Card nor do I have a XXXX XXXX XXXXXXXX account in way shape or form ). \n\n4. Upon realizing {$4400.00} was stolen from my USSA Bank checking account, I immediately called USAA on XXXX XX/XX/XXXX and quickly reported this theft. \n\n5. From XXXX XXXX to present I have made over 17 calls to USAA and I have received NOT one call from USAA explaining to me what happened. I cant pay my bills as my account was frozen. \n\n6. I pleaded with USAA bank attendants on the phone to help me during this emergency, but all the attendants told me they didnt give out extensions. They told me to keep calling the USAA XXXX phone line. \n\n7. Since XXXX XX/XX/XXXX I have been calling this USAA phone line and have been re-routed everywhere, numerous times day or night, without a single point of contact, or single point of assistance from a person that knows my case. USAA allowed a criminal to steal {$4400.00} from my USAA checking account and I cant get answers to any of my questions. I now have to pay my bills and creditors. \n\n8. I asked the following questions from USAA but they refused to answer them. As a result, I am seeking assistance from the Consumer Financial Protection Bureau to assist me in getting the following answers which USAA is refusing to provide me after they let someone steal {$4400.00} from my account : 1 ) Why did USAA allow a cyber criminal to steal my {$4400.00} in funds using a XXXX XXXX XXXXXXXX account without my authorization or permission? \n2 ) How did the cyber criminal steal my funds from a XXXX XXXX XXXXXXXX account without my authorization or permission? \n3 ) What specific security protocols were in place to prevent unauthorized access to my account? \n4 ) How was the cyber criminal able to access my account despite these security measures? \n5 ) What steps are being taken to investigate the incident and identify the perpetrator? \n6 ) Has the bank identified any vulnerabilities in its security systems that allowed this to happen? \n7 ) What is the bank 's policy regarding unauthorized transactions and liability?\n\n8 ) What is the bank 's process for reimbursing customers for fraudulent transactions? \n9 ) When can I expect to see the stolen funds returned to my account?\n\n10 ) Are there any specific actions I need to take to initiate the reimbursement process?\n\n11 ) What resources are available to help me monitor my account for further suspicious activity?\n\n12 ) What steps can I take to protect my account from future attacks?\n\n13 ) Does the bank offer any specific fraud protection services or insurance options?\n\n14 ) Why doesnt USAA have a specific Fraud Department that I can deal with directly.\n\n15 ) Why doesnt USAA give out extensions so that I can have a point of contact at USAA ? \n16 ) Why doesnt USAA use positive ACH transfers?\n\n9. USAA Bank allowed my hard earned funds to be taken from my account through an unauthorized and fraudulent transaction and USAA has not called me or communicated with me to let me know what occurred. This theft has caused me grave damage as I have not been able to pay my bills. \n\n10. I have come to realize that at its core, USAA does not have my best interest, nor is it interested in securing my funds. USAA is not a good company and does not care about its military members. \nMy USAA Bank Membership # is XXXX  Address is : USAA Federal Savings Bank, XXXX XXXX XXXX, XXXX XXXX, TX XXXX Phone is XXXX ( XXXX ) or XXXX ( XXXX ) I need answers to these questions immediately. \nThank you for your assistance. \n\nXXXX XXXX","date_sent_to_company":"2025-07-21T14:47:20.000Z","issue":"Problem with a lender or other company charging your account","sub_product":"Checking account","zip_code":"33186","tags":"Servicemember","has_narrative":true,"complaint_id":"14515260","timely":"Yes","company_response":"Closed with monetary relief","submitted_via":"Web","company":"UNITED SERVICES AUTOMOBILE ASSOCIATION","date_received":"2025-07-08T18:06:13.000Z","state":"FL","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Transaction was not authorized"},"highlight":{"complaint_what_happened":["3 ) <em>What</em> <em>specific</em> <em>security</em> protocols were in place to prevent unauthorized access to my account? \n4 ) How was the cyber criminal able to access my account despite these <em>security</em> <em>measures</em>? \n5 ) <em>What</em> steps are being taken to investigate the incident and identify the perpetrator? \n6 ) Has the bank identified any vulnerabilities in its <em>security</em> systems that allowed this to happen? \n7 ) <em>What</em> is the bank 's policy regarding unauthorized transactions and liability?"]},"sort":[16.141382,"14515260"]},{"_index":"complaint-public-v1","_id":"16982463","_score":14.369177,"_source":{"product":"Checking or savings account","complaint_what_happened":"b'Dear Executive Customer Relations Team,\\n\\nI am submitting this formal complaint regarding the repeated mishandling of fraudulent activity on my Bank of America account, the ongoing failure of your customer service line, and the lack of follow-up or resolution despite multiple good-faith attempts to obtain assistance.\\n\\nOver the past several months, I have experienced repeated instances of fraudulent transactions on my account. Each time I report the issue, Bank of America reimburses the stolen funds, only for similar charges to reappear within one to two days. This ongoing pattern strongly suggests that my account remains compromised and that current security measures are insufficient to protect my money.\\n\\nEach time I contact your customer service number provided in the mobile app XXXX XXXX), I am placed on hold for approximately 30 minutes and then spend another 30 minutes explaining my case in detail. Without fail, the call disconnects near the one-hour markwithout any callback or attempt by a representative to resume contact. This has occurred repeatedly. Despite providing all necessary information and cooperating fully, my claims have gone unresolved, and I have been forced to start over each time.\\n\\nAttempts to resolve this issue in person at my local branch have also been unsuccessful, as I am continually directed back to the same phone line that disconnects. Efforts to contact support through the app or website have been equally unproductive, as the secure messaging option is unavailable for fraud cases.\\n\\nAt this point, I believe Bank of Americas lack of follow-up and ongoing service failures represent a serious breach of responsibility. I am therefore requesting immediate escalation and written documentation of the following:\\n\\t1.\\tConfirmation of all active and closed fraud claims on my account, including claim numbers and outcomes.\\n\\t2.\\tDirect contact from a senior fraud specialist or executive relations representative to discuss resolution.\\n\\t3.\\tA detailed explanation of how these repeated breaches occurred and what specific measures will be implemented to prevent further fraud.\\n\\t4.\\tImmediate closure and reissuance of my account and card number, if necessary, to ensure future protection.\\n\\nPlease treat this as a formal complaint under the Fair Credit Billing Act (FCBA) and Regulation E regarding electronic fund transfers. I request written acknowledgment of this complaint within 15 days and a full resolution within 30 days.\\n\\nThank you for your attention to this matter. I expect a prompt, written response outlining the actions taken to resolve this issue and protect my account from further unauthorized transactions.\\n\\nSincerely,XXXX XXXX XXXX XXXX XXXX XXXX","date_sent_to_company":"2025-11-03T22:24:37.000Z","issue":"Managing an account","sub_product":"Checking account","zip_code":"323XX","tags":null,"has_narrative":true,"complaint_id":"16982463","timely":"Yes","company_response":"Closed with monetary relief","submitted_via":"Web","company":"BANK OF AMERICA, NATIONAL ASSOCIATION","date_received":"2025-11-03T22:12:50.000Z","state":"FL","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Deposits and withdrawals"},"highlight":{"complaint_what_happened":["I expect a prompt, written response outlining the <em>actions</em> taken to resolve this issue and protect my account from further unauthorized transactions.\\n\\nSincerely,<em>XXXX</em> <em>XXXX</em> <em>XXXX</em> <em>XXXX</em> <em>XXXX</em> <em>XXXX</em>"]},"sort":[14.369177,"16982463"]},{"_index":"complaint-public-v1","_id":"16736487","_score":12.969873,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"Subject : Urgent Follow-Up/ Reopen Complaint Experian Dispute Issue * * To Whom It May Concern : * * I am submitting this follow-up regarding my CFPB complaint filed on * * XX/XX/year> * *, concerning an unexplained dispute notice from Experian. My original complaint has been marked closed, but * * my concerns remain unresolved * *, and Experians response demonstrates that they * * did not read or consider my complaint * *. Instead, they provided * * generic, canned responses * * about the dispute process that are completely inapplicable to my situation. \nMy original complaint clearly stated : 1. I did * * not * * initiate any dispute.\n\n2. I want written clarification on the nature of this dispute.\n\n3. I want to know whether it was triggered internally by Experian, by a third-party service, or by a system error.\n\n4. I want confirmation that I did not initiate t\nhis action.\n\nExperians response * * failed to address any of these points * *. They did not provide : * Written confirmation that the dispute was internal.\n\n* Documentation of the source or reason for the dispute label.\n\n* Assurance that my long-standing credit freeze and fraud alert were not bypassed or compromised. \n\nUnder the * * Fair Credit Reporting Act ( FCRA ) * *, Experian is legally required to ensure that the information in my credit report is accurate and complete, provide proper notification of any changes or corrections, and respect security measures such as fraud alerts and credit freezes. The failure to provide written clarification, the issuance of a dispute without my initiation, and the use of irrelevant canned responses * * raise serious concerns regarding potential violations of FCRA obligations * *. \nI am therefore requesting that the CFPB : 1. * * Reopen my complaint * * immediately.\n\n2. * * Require Experian to provide written documentation * * addressing all the specific points of my complaint.\n\n3. Ensure that Experian confirms, in writing, that no unauthorized actions occurred on my account, and that my credit freeze and fraud alert remained fully in effect. \n4. Confirm that Experian properly reviewed my complaint rather than relying solely on generic responses.\n\nThis matter is of urgent concern due to the potential implications for my credit security and identity protection. I respectfully request the CFPBs assistance in ensuring a complete and proper resolution. \n\nSincerely, XXXX XXXX XXXX This was the original complaint : On XX/XX/year>, I received an email from Experian stating that my dispute results are ready. I NEVER FILED A DISPUTE. I called Experian and spoke with a dispute specialist who kept insisting that I must have filed the dispute, even though I told her repeatedly that I DID NOT. She put me on hold for over 15 minutes and never came back to the line. I called back and spoke with another representative who told me that dispute is the internal label Experian uses when they make corrections to a credit report even if the consumer didnt initiate it. He said there is no other title they can use. I want written clarification from Experian regarding : What exactly was this dispute that I never filed? Why it was initiated? Whether it was triggered by Experian internally, by a third-party service, or by a system error? And confirmation that I did not initiate this action. I have had a credit freeze and fraud alert active on my report for many years. I received no alerts, verification requests, or notifications that a dispute was filed. This situation is confusing and concerning, and I want it documented and explained in writing.","date_sent_to_company":"2025-10-21T19:54:23.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"48127","tags":"Older American","has_narrative":true,"complaint_id":"16736487","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Experian Information Solutions Inc.","date_received":"2025-10-21T19:37:44.000Z","state":"MI","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Reporting company used your report improperly"},"highlight":{"complaint_what_happened":["This matter is of urgent concern due to the potential implications for my credit <em>security</em> and identity protection. I respectfully request the CFPBs assistance in ensuring a complete and proper resolution. \n\nSincerely, <em>XXXX</em> <em>XXXX</em> <em>XXXX</em> This was the original complaint : On XX/XX/year>, I received an email from Experian stating that my dispute results are ready. I NEVER FILED A DISPUTE."]},"sort":[12.969873,"16736487"]},{"_index":"complaint-public-v1","_id":"12355748","_score":12.936188,"_source":{"product":"Checking or savings account","complaint_what_happened":"To Whom It May Concern, I am writing to file a formal complaint with the Consumer Financial Protection Bureau ( CFPB ) against Cash App, operated by Block , Inc., due to their persistent failure to address a recurring issue with my account. Despite multiple attempts to resolve the matter through their customer support channels, I have been met with inadequate responses and no meaningful resolution. I am seeking the CFPBs assistance to investigate Cash Apps practices and ensure they provide a proper solution to my issue, while also protecting other consumers from similar experiences. \n\nBackground I have been a Cash App user since XX/XX/XXXX, relying on the platform for convenient and reliable financial transactions. Until recently, my experience with Cash App was largely positive. However, beginning in XX/XX/XXXX, I started experiencing frequent cancellations of my payments. These cancellations have occurred despite my strict adherence to Cash Apps guidelines, including using only personal payment methods registered in my name and transacting exclusively with trusted individuals or reputable businesses. \n\nSpecific Issues The primary issue is the repeated and unexplained cancellation of my payments. Each time this occurs, Cash Apps support team provides only vague and generic explanations, such as citing unusual activity and claiming the cancellations are for my protection. When I request specific details about what triggers these cancellations or actionable steps to prevent them, I receive no meaningful answers. For example, in a recent response from Cash App Support Manager XXXX, I was told : We review payment data to help keep Cash App safe. If anything appears out of the ordinary, the payment is canceled. Since you mentioned this being a repeat issue, I recommend making the payments outside of Cash App. \n\nThis response is insufficient for the following reasons : It fails to explain why my account is being flagged, despite my compliance with Cash Apps policies. \nIt suggests abandoning the service rather than addressing the issue, which undermines the purpose of using Cash App. \nIt does not provide a solution or any assurance that the problem will be resolved. \nIn subsequent communications, I was informed that no further action could be taken and that my concerns were merely documented for internal review, leaving the issue unresolved. \n\nImpact These payment cancellations have significantly disrupted my ability to manage my finances. I rely on Cash App for timely transactions, and the frequent cancellationsoften followed by delays in refund processinghave caused considerable inconvenience. Additionally, the lack of transparency and accountability from Cash App has eroded my confidence in their service, which I initially chose for its ease of use and reliability. \n\nActions Taken I have made every reasonable effort to resolve this matter directly with Cash App, including : Contacting their support team multiple times via email and in-app messaging. \nProviding all requested information and offering additional details to aid their investigation. \nRequesting specific reasons for the cancellations and steps to prevent future occurrences. \nAsking for my case to be escalated to a senior representative and for a clear timeline for resolution. \nDespite these efforts, Cash App has failed to provide a satisfactory response or a resolution. Their replies remain evasive, and my requests for escalation have been ignored or dismissed. \n\nRequest for Investigation and Resolution I respectfully urge the Consumer Financial Protection Bureau to investigate Cash Apps business practices, with a focus on : Their handling of customer complaints, which has been dismissive and unhelpful in my case. \nThe transparency of their security measures, particularly why payments are canceled without clear explanation or recourse for affected users. \nTheir failure to resolve recurring issues, instead deflecting responsibility onto consumers. \nFor my specific case, I request that the CFPB compel Cash App to : Conduct a detailed review of my account to determine the cause of the payment cancellations. \nProvide a clear, specific explanation of the issue and actionable steps to prevent it from recurring. \nImplement a lasting solution to ensure my account functions as intended. \nAdditionally, I hope your intervention will encourage Cash App to improve their customer support and transparency, thereby preventing other users from facing similar frustrations. \n\nConclusion Having used Cash App for over two years, I would prefer to continue relying on their services. However, their inability to resolve this ongoing issue has left me with no choice but to seek your assistance. I trust that the CFPB will take this complaint seriously and hold Cash App accountable for addressing my concerns effectively.","date_sent_to_company":"2025-03-06T16:19:30.000Z","issue":"Managing an account","sub_product":"Other banking product or service","zip_code":"98520","tags":null,"has_narrative":true,"complaint_id":"12355748","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Block, Inc.","date_received":"2025-03-06T16:10:29.000Z","state":"WA","company_public_response":null,"sub_issue":"Problem making or receiving payments"},"highlight":{"complaint_what_happened":["The transparency of their <em>security</em> <em>measures</em>, particularly why payments are canceled without clear explanation or recourse for affected users. \nTheir failure to resolve recurring issues, instead deflecting responsibility onto consumers. \nFor my <em>specific</em> case, I request that the CFPB compel Cash App to : Conduct a detailed review of my account to determine the cause of the payment cancellations."]},"sort":[12.936188,"12355748"]},{"_index":"complaint-public-v1","_id":"3750815","_score":12.254309,"_source":{"product":"Credit reporting, credit repair services, or other personal consumer reports","complaint_what_happened":"Experian could you explain what the XXXX this mean? This is all you say in every response I have news for Im just building paper work up on you because I have sent in all Government issues drivers license utility bills passports federal employee ID badge and you still claim that the information wasnt attached with the certified mail I think your office is just full of XXXX all the way around but like I said you dont have to investigate anything else as possible legal action will be fine Im against you or refusing to do any type of investigation Company 's Response Thank you for submitting your complaint on XX/XX/2020 through the CFPB Complaint Portal. We reviewed and considered the information you have supplied through the CFPB portal. Your CFPB complaint regarding your reinvestigation does not appear to have been sent directlyby youor to be authorized by you. As a precautionary measure, we have not taken any action on the request. According to the federal Fair Credit Reporting Act, \" if the completeness or accuracy of any item of information contained in a consumers file at a national consumer credit reporting company is disputed by the consumer and the consumer notifies the company directly of such dispute, the company shall reinvestigate free of charge. '' Therefore, you can dispute any inaccurate information directly with Experian for free. If you believe that information in your personal credit report is inaccurate or incomplete, please call us at the phone number that displays on your Experian personal credit report, or visit our secure web site at www. experian.com/dispute. You also may write to us at the address on your Experian personal credit report. Be sure to include the following information : Your full name including middle initial ( and generation such as XXXX, XXXX, XXXX, XXXX ) Social Security number Complete addresses for the past two years Date of birth One copy of a government issued identification card, such as a drivers license, state ID card, etc. One copy of a utility bill, bank or insurance statement, etc. Make sure that each copy is legibleand displays your name and current mailing address and the date of issue ( statement dates must be recent ). We are unable to accept credit card statements, voided checks, lease agreements, magazine subscriptions, or postal service forwarding orders as proof of your address and identity. To protect your personal information, Experian requires your authorization for any request on your behalf and we donot return correspondence sent to us. Send copies of any documents you wish to provide to us and always retain your original documents. Include the account name and number for any item on your credit report that you wish to dispute, and state the specific reason why you feel the information is inaccurate. The dispute process may take up to 30 days ( 45 days when disputing information in your annual free credit report ). Once we complete the processing of your dispute, we will promptly notify you of the outcome. In addition, there is nothing a credit repair company can do for you, including removing inaccurate credit information that you cant do for yourself for free. We believe it is important to supply you with information about specific credit repair laws. The Credit Repair Organization Act, a federal law, prohibits credit repair companies from taking consumers money until they have fully completed the services they promised. It also requires such firms to provide consumers with a written contract stating all the services to be provided and the terms and conditions of payment. Under this law, consumers also have three days to withdraw from the contract. Please contact your local Attorney Generals office for further information regarding your specific state laws. For additional assistance, you may call the toll free telephone number provided on your personal credit report obtained directly from Experian, or write to Experian at XXXX. XXXX XXXX, XXXX, TX XXXX. For more information regarding your credit and frequently asked questions, you may visit : http : //www.experian.com/blogs/ask-experian. Please note that you may also submit your request or documents supporting your claim electronically at www.experian.com/upload. You may also visit Experians dispute center by visitingwww.experian.com/dispute. Thank you for submitting your complaint through the CFPB Complaint Portal. It is our policy to respond to consumer complaints swiftly and to take each complaint seriously. We appreciate you letting us know about your experiences with Experian.","date_sent_to_company":"2020-07-17T19:25:09.000Z","issue":"Incorrect information on your report","sub_product":"Credit reporting","zip_code":"553XX","tags":null,"has_narrative":true,"complaint_id":"3750815","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Experian Information Solutions Inc.","date_received":"2020-07-17T19:20:28.000Z","state":"MN","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Information is missing that should be on the report"},"highlight":{"complaint_what_happened":["Experian could you <em>explain</em> <em>what</em> the <em>XXXX</em> this mean?"]},"sort":[12.254309,"3750815"]},{"_index":"complaint-public-v1","_id":"4219256","_score":11.610569,"_source":{"product":"Checking or savings account","complaint_what_happened":"On XX/XX/2020 my XXXX year old daughter and I made a trip to XXXX. We are actually still here. We were told that we need to quarantine for 14 days due to the coronavirus. We had no problem as we were staying with family. Once quarantine was over, we needed to get food and supplies. So on XX/XX/2020 I decided to log into my Wells Fargo account and transfer some funds to my personal account for use while I'm here. To my surprise, the mobile app did not work. I thought well maybe they're having technical issues. So I logged into my computer and tried to login. I got a message that my login was incorrect. My credentials are saved so there's no way my account password was incorrect. Another try and I was notified that my password was locked out and I needed to reset it. I followed the steps and it still denied me access to my account. There was a number listed to call for assistance. As you can imagine, I was furious. I never received a fraud alert, email nor phone call and I had no way to access my account. I tried calling and was on hold for more than 30 minutes, so i hung up. I had to decide to either create a large phone bill by staying on hold until I got someone, or face the dehumanizing and humiliating reality of asking relatives and friends for money to sustain myself and my daughter. We faced another issue, power went out for several days, and we had no way to recharge phones, laptops, etc. When power returned on friday, I called and still no answer. The weekend was now upon us and we still had no access to money. We would have literally starved if I did not muster up and ask for small loans for people we know. Finally on monday  XX/XX/2020, I got someone on the phone. They said my account needed to be reset and I needed to confirm a few things before I could get access back into my account. I asked why was my account locked and the rep said he didn't have specific details but it seems to be some sort of security issue. I explained that I needed a better answer than that, because I am in an international country and just faced a big problem not being able to access neither my personal nor business accounts. He explained that since both accounts have the same login, it is the login that was locked out, hence, locking out all accounts associated with the login. After verifying everything and getting back access, I asked again, what triggered this security issue. He said there was a fraud alert placed on the account by a transaction but I needed to speak to the fraud department about it. I got transferred and the other person told me exactly what transaction caused the issue. My cousin had sent me less than {$200.00} via XXXX and wells fargo claims my cousin placed a fraud alert on the transaction so they shut down the account. I contacted my cousin and she said she faced the same issue at her bank and she confirmed she DID NOT place a fraud alert on the transaction. She said she is also willing to write a statement confirming this. I am so hurt and humiliated and had to put aside my pride asking friends and family for money. This situation should NEVER have happened. Fraud alerts should ALWAYS be confirmed with a phone call and follow up of some kind. My phone has international access so if they called I would have definitely known. The mobile app is also a secondary means to communicate with consumers. Simply locking people out of their account with no explanation and no notification is a terrible way to do business. All my auto payment bills and subscriptions are tied to these accounts. So if I was not needing to access the account immediately, I would have never known that this happened. \n\nA rep from wells fargo replied to the original complaint with completely generic information and did not address my specific issue. \n\nHere is my response to the reply from Wells Fargo, including the additional attachment in letter form. I will address each inaccurate point as follows : 1. As stated in the first paragraph, you state, \" We are sorry to learn of the difficulties you encountered when attempting to access your account. Our objective has always been and continues to be to meet our customers financial needs and drive customer satisfaction ... '' Answer : However, I find this extremely difficult to believe. This is NOT the first incident with the bank and I see communication as a key underlying factor causing disruption in my life. A bank has more personal information about a person than any other entity, so why not call or email someone? You already send out fraud alerts via phone and email, you already ask for pin verification via phone, and so many more online systems. So why would you even think of using the slowest means of communication to alert a customer of such a critical banking issue preventing access to my account? 2. In the second paragraph you state, \" Our records show on XX/XX/2020, we received a request for the return of funds in the amount of {$340.00} that was transferred to your account ending in XXXX through XXXX on XX/XX/2020. Our records show your Online Banking was disabled due to suspicious activity on the account, and an email advising you of this was sent out on the same day. '' Answer : As I've asked multiple times, WHO requested these funds be returned? The sender? The bank? Who? You do not have to name names obviously, but this makes no sense to claim someone ask for the funds to be returned and I spoke to the sender and no such claim was made. SECONDLY, What \" suspicious activity '' did you detect on my account? THIRDLY, when and from what address was this supposed email sent out? I've combed through all my associated emails and no such email was found. Please advise. 3. In the third paragraph you state, \" Further research show case number XXXX was opened on XX/XX/2020, to determine if the transaction was in fact fraud and whether or not funds needed to be retracted and returned to the partner bank ... '' Answer : I'm not sure if you read this letter, but it does not explain what \" irregular activity '' you're referring to. The letter also does not say my account would be completely restricted. It only talks about the transaction amount being unavailable during your investigation. So again, in case you did not see this part in my original communication, WHY was my ENTIRE account with ALL my personal and business accounts completely inaccessible? 4. In the Fourth paragraph you state, \" Please ensure that our ultimate goal is to provide a safe and secure banking environment for all of our clients by safeguarding our customer information carefully in every transaction and at every level of our organization. Wells Fargo has strict security standards and procedures in place to protect our clients account information. Should we detect potentially fraudulent activity, we take immediate steps to protect our customers. This sometimes requires that we temporarily restrict the account until we can verify activity with the account holder. These blocks can typically be lifted within minutes once a customer contacts us to verify activity ( provided there are no unauthorized transactions ). Our records show the block was removed from your account once we were able to speak with you and verify your information. '' Answer : This is absolutely a surprise. You want to tell me you can restrict my account, because of a single incoming transaction? A transaction you DID NOT verify with the sending bank before freezing my account and removing or restricting access? Why did you not just restrict the funds? That's normal, not taking someone's access to their funds. I mean it was like the perfect storm, you restricted access as soon as I needed it the most. Along with that, no proper notification. Please look at your communication again, that was a total disaster for me and my family. 5. In the Fifth paragraph you state, \" Please understand that our intent is to provide hassle-free service to all customers with the most professional, courteous and efficient customer assistance possible. Team members are required to follow certain verification and security measures to help protect consumers from fraudulent activity. It is not the banks intent to make your banking experience difficult, but to ensure we are consistent in applying bank policy and our security measures to all of the banks customers. We feel it is a necessary process in order to protect our customers. We truly apologize for any inconvenience this matter may have caused. '' Answer : This entire paragraph, I believe, is inadequate in this case. I seriously believe this was one of the most difficult banking experiences I've had to date. I'm not sure if you can picture the horror, and yes it was definitely horror. My daughter and I had to deal with the humiliation caused by your bank and systems in place. 6. I believe you need to truly reconsider the answers I've provided above, re-conduct your research and see whether you reach the same decision. An apology is simply not enough in this case. I believe if you ignore the evidence presented you're ignoring the fact that your actions caused undue distress and anguish for my daughter and myself in a foreign country with no other means of survival but to beg and borrow money unnecessarily to survive. If we were not around people we know, we could have died without the means to acquire food. Think about that before you respond again with vague information.","date_sent_to_company":"2021-03-16T23:26:23.000Z","issue":"Managing an account","sub_product":"Checking account","zip_code":"30044","tags":null,"has_narrative":true,"complaint_id":"4219256","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"WELLS FARGO & COMPANY","date_received":"2021-03-16T23:14:06.000Z","state":"GA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Problem accessing account"},"highlight":{"complaint_what_happened":["Team members are required to follow certain verification and <em>security</em> <em>measures</em> to help protect consumers from fraudulent activity. It is not the banks intent to make your banking experience difficult, but to ensure we are consistent in applying bank policy and our <em>security</em> <em>measures</em> to all of the banks customers. We feel it is a necessary process in order to protect our customers."]},"sort":[11.610569,"4219256"]},{"_index":"complaint-public-v1","_id":"10873982","_score":11.503971,"_source":{"product":"Checking or savings account","complaint_what_happened":"Compliant Subject : WellsFargo Bank Reasons for Complaint : 1. Fraudulent and predatory actions by bank employee ( s ) resulting in theft of {$9000.00} from savings account 2. Lack of internal security measures or alerts to prevent and safeguard against fraudulent activity.\n\n3. Bank Executive Boards lack of action to investigate theft. Even sending an email to the CEO did not elicit a response. Unwillingness to speak to customer or contact local police department to obtain the police report, which was written at the bank branch within minutes of the theft. Police officer discussed the next steps with the bank manager at that time. There was no collaboration with the police department to investigate this theft.\n\n4. Weeks of misleading the customer to believe that they were actively investigating the facts of the case, only to learn that they opened the case 25 days ( XX/XX/XXXX ) after the theft occurred. Then they send an email on XX/XX/XXXX stating that the case was closed since they found no fraud. No details of the investigation were disclosed. The XXXX XXXX Police Department was never contacted. \n\n5. Complete failure of fiduciary responsibility to protect customers financial information. Demonstrated by : In response to one of my emails, the WellsFargo Assistance Center sent me an email with someone elses name, case number and the last 4 digits of his Account Number. This is an egregious example of total disregard for security of information. \n\nFraud Activity : On XX/XX/XXXX, my daughter who has been on my account for almost 30 years, received a call from WellFargo at this number, XXXX which is the XXXX XXXX branch in XXXX. ( This is a legitimate number for this WellsFargo branch ) The phone number came up as WellsFargo. The caller announced that they were calling from WellsFargo 's fraud department and that they noticed fraudulent activity on my account. To confirm, the caller verified all account numbers, date of births and last 4 digits of social security numbers. He even knew how much money was in the account. Only a bank employee would have that level of specific information. \n\nThe fraud dept representative instructed her to withdraw {$9000.00} in cash from my savings account ; the bank teller at our usual branch did not inquire about the large cash withdrawal she was making. The money was then deposited into the bank 's ATM machine at the branch where our accounts are held. The bank representative instructed her to deposit the money into an account number that he provided. When she then looked at the account the money was not there. Immediately, she informed the bank manager about this occurrence with the expectation that it could be immediately rectified. However, bank employees did not make any effort to trace the account numbers. This all happened in real time at our branch location in XXXX, GA, which we have been customers of for almost 9 years. Fortunately, there was a police officer, XXXX. XXXX, at a nearby parking lot and she asked him to come into the bank and make a report. He took all of the information and explained to the bank manager what the bank needed to do in order for the police dept to investigate this theft. \n\nTimeline : XX/XX/XXXX Bank manager XXXX gave the name and number for a contact at the executive office, XXXX XXXX XXXX. When I called, I was informed that she is not handling the case and instead XXXX is at XXXX. I left a message, but never received a return call. \n\nXX/XX/XXXX Called again and was informed that a person named XXXX ( XXXX possibly ) left message but did not receive a return call. \n\nXX/XX/XXXX and XX/XX/XXXX Called again and left message did not receive a return call. \n\nXX/XX/XXXX Spoke with XXXX  at XXXX. He advised that there is a new case number, and he will be working on the case. Advised that he would call back. \n\nXX/XX/XXXX Received a generated email response from the Executive Office stating that they are looking into my concern. See Document 1 XXXX I sent an email to the Executive Office responding to their general email response. \nSee Document 2 XXXX Received a call from XXXX from phone # XXXX, she provided a new case number. We spoke and she advised that she will be checking into the case and will call me back. \n\nXXXX Received an Acknowledgement Email from WellsFargo which had another customers name ( a mans name ), his case number and the last 4 digits of his bank account. See Document 3 ( I blacked out the persons account number to avoid further breach of information ). \n\nXXXX XXXX called, from # XXXX. I did not answer my phone because it came up as Spam. She did leave a message, and I called her back ; however, she did not answer and I left a message. I never heard back from her. \n\nXX/XX/XXXX Not receiving any further calls or information, I again called the number above and asked for XXXX. Then I was the informed that XXXX was no longer handling my case. Instead a person named XXXX, located out of the US was in charge of my case. I then briefly spoke to him, and he informed me that XXXX was not capable of handling the case and that he now has it, and he just received it today, XX/XX/XXXX. He was very curt and dismissive. I asked to speak to a manager in the US and he connected me to XXXX XXXX XXXX XXXX who informed me that I had to work with XXXX because he was assigned to the case. ( During this conversation, I informed XXXX that I had received and automated response to one of my emails which was addressed to another customer and it contained the last 4 digits of his bank account plus his case number ; however, he gave no response ). No one could give me an explanation of why for almost two weeks I was led to understand that XXXX was actively investigating my case ; we had several discussions and now she was no longer was involved? I was then transferred back to XXXX who was clearly just going through the motions. When I informed him that I would be sending an email to the CEO, he responded, Go ahead. \n\nXX/XX/XXXX Following the phone call, I received another automated email from the Claims Assistance Center. See Document 4. \n\nXX/XX/XXXX Spoke with a secretary at the Executive Board and requested an email address that the CEO would actually receive. She provided me with one and I sent an email to his attention. See Document 5.\n\nReceived an automated response to my email. See Document 6. \n\nXX/XX/XXXX Received an email from XXXX stating that the case is closed as they determined that the transaction was authorized. See Document 7 In two days, XXXX was able to make this unsubstantiated determination. WellsFargo never collaborated with the police department, and never spoke with us. This was a calculated scheme on the part of an employee ( s ) of WellsFargo to involve the customer in order for it to appear authorized. Rather than investigating the origin of this fraud, to root out thieving employees and protect their customers, it is easier to just blame this on their customer. \n\nWellsFargo should be held in government oversight to investigate employees initial and ongoing vetting practices and security clearances. They should be held accountable for mismanagement of customers funds, the lack of security measures, ( exposing customer banking information is a clear failure in security measures ) substandard operational business practices as well as poor customer service. WellsFargos deficiency in all of these banking standards and their blatant disregard to uphold the primary function of all banks, which is to secure customers funds, are all the reasons that resulted in my {$9000.00} being stolen.","date_sent_to_company":"2024-11-18T18:01:29.000Z","issue":"Managing an account","sub_product":"Savings account","zip_code":"30518","tags":null,"has_narrative":true,"complaint_id":"10873982","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"WELLS FARGO & COMPANY","date_received":"2024-11-18T17:02:56.000Z","state":"GA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Problem using a debit or ATM card"},"highlight":{"complaint_what_happened":["WellsFargo should be held in government oversight to investigate employees initial and ongoing vetting practices and <em>security</em> clearances. They should be held accountable for mismanagement of customers funds, the lack of <em>security</em> <em>measures</em>, ( exposing customer banking information is a clear failure in <em>security</em> <em>measures</em> ) substandard operational business practices as well as poor customer service."]},"sort":[11.503971,"10873982"]},{"_index":"complaint-public-v1","_id":"11922091","_score":11.039266,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"15 USC 6801 through 3, part of the Gramm-Leach-Bliley Act ( GLBA ), focuses on protecting the privacy of consumers ' nonpublic personal information held by financial institutions. Here 's a breakdown of what these sections mean for consumers : 15 USC 6801 - Protection of nonpublic personal information : Privacy Obligation Policy : This section establishes the fundamental principle that financial institutions have a responsibility to respect the privacy of their customers and safeguard the confidentiality of their nonpublic personal information.\n\nFinancial Institutions Safeguards : It mandates that financial institutions implement security measures to : Ensure the security and confidentiality of customer records and information. \nProtect against potential threats to the security and integrity of these records. \nPrevent unauthorized access to or use of information that could harm customers. \n15 USC 6802 - Disclosure of nonpublic personal information : Limits on Disclosure : This section restricts financial institutions from disclosing nonpublic personal information to nonaffiliated third parties without providing consumers with a notice and the opportunity to opt out. \nExceptions : It outlines specific situations where disclosure is permitted, such as when necessary to process transactions, with consumer consent, or to comply with legal requirements. \nAccount Number Restrictions : It prohibits financial institutions from sharing account numbers with nonaffiliated third parties for marketing purposes.\n\n15 USC 6803 - Disclosure of privacy policy : Privacy Notice : This section requires financial institutions to provide consumers with a clear and conspicuous privacy notice that explains : The types of information the institution collects. \nHow the information is used. \nThe institution 's policies for protecting the confidentiality of the information. \nHow consumers can opt out of information sharing with nonaffiliated third parties. \n\nIn simpler terms, these sections of the GLBA mean that : Financial institutions must protect your personal information.\n\nThey can not share your information with other companies without your permission ( with some exceptions ).\n\nThey must tell you how they use your information and give you a chance to opt out of sharing.\n\nFor consumers, this translates to : Greater control over their personal information : You have the right to know how your financial institution uses your information and to limit certain types of sharing. \nIncreased security : Financial institutions are required to implement safeguards to protect your information from unauthorized access. \nTransparency : You have the right to receive a clear explanation of your financial institution 's privacy practices. \nIt's important for consumers to be aware of their rights under the GLBA and to take advantage of the opt-out options provided by their financial institutions if they wish to limit information sharing.\n\nGramm-Leach-Bliley Act | Federal Trade Commission 15 USC 6801 : Protection of nonpublic personal information Gramm-Leach-Bliley Act - Federal Trade Commission XXXX XXXX XXXX XXXX XXXX, XXXX XXXX XXXX, XXXX, IA XXXX XXXX XXXX XX/XX/year> Experian Dispute of Inaccurate Information Multiple Accounts Violation of 15 USC 6801-6803 ( Gramm-Leach-Bliley Act ) Dear Experian, I am writing to dispute the inaccurate reporting of personal information related to multiple accounts on my credit report. I have previously contacted Experian on XXXX of previous communications regarding these inaccuracies and requested their removal. Despite these requests, the following accounts continue to be reported on my credit report : XXXX XXXX XXXX- XXXX. XXXX XXXX and XXXXXXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXXXXXX XXXX XXXX XXXX XXXXXXXX XXXX XXXX XXXX XXXX I have previously provided documentation supporting my claim that these accounts are inaccurate/should be removed. I have called and made dispute, and I also tried online and didnt get anywhere. I am again requesting the immediate removal of these accounts from my credit report. \n\nExperian 's continued reporting of this inaccurate information constitutes a violation of the Fair Credit Reporting Act ( FCRA ) and potentially the Gramm-Leach-Bliley Act ( GLBA ), specifically 15 USC 6801-6803. These sections of the GLBA mandate that financial institutions, which include credit reporting agencies, protect the privacy of consumer information and provide clear privacy notices. By failing to correct these inaccuracies after being notified, Experian may be in violation of these provisions. Specifically : 15 USC 6801 : Experian has a duty to protect the confidentiality of my nonpublic personal information and ensure its accuracy. The continued reporting of these inaccurate accounts demonstrates a failure to meet this obligation.\n\n15 USC 6802 : By continuing to report this inaccurate information, Experian may be improperly disclosing my nonpublic personal information to third parties without my consent or a permissible purpose. \n15 USC 6803 : I request that Experian provide me with a copy of their privacy policy and demonstrate how their practices comply with the requirements of the GLBA, given the continued reporting of these disputed accounts.\n\nI demand that Experian immediately investigate this matter and correct the inaccuracies on my credit report. I request written confirmation of the corrections within 30 days of the date of this letter. Failure to comply will leave me no choice but to pursue further action, including filing complaints with the appropriate regulatory agencies and potentially pursuing legal action to protect my rights under the FCRA and GLBA. \n\nCFPB Lawsuit Against Experian In XX/XX/year>, the Consumer Financial Protection Bureau ( CFPB ) sued Experian, one of the \" Big Three '' credit reporting agencies. The lawsuit alleges that Experian has been engaging in several practices that harm consumers and violate the Fair Credit Reporting Act ( FCRA ) and the Consumer Financial Protection Act ( CFPA ). \n\n\nSincerely, XXXX XXXX XXXX","date_sent_to_company":"2025-02-05T01:41:59.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"52806","tags":null,"has_narrative":true,"complaint_id":"11922091","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Experian Information Solutions Inc.","date_received":"2025-02-05T00:14:40.000Z","state":"IA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["Financial Institutions Safeguards : It mandates that financial institutions implement <em>security</em> <em>measures</em> to : Ensure the <em>security</em> and confidentiality of customer records and information. \nProtect against potential threats to the <em>security</em> and integrity of these records."]},"sort":[11.039266,"11922091"]},{"_index":"complaint-public-v1","_id":"18572847","_score":10.979597,"_source":{"product":"Checking or savings account","complaint_what_happened":"SUMMARY OF NEW COMPLAINT I am filing this new complaint regarding Wells Fargo XXXX  response to my previous CFPB complaint ( Case # XXXX ), which reveals additional violations and demonstrates a pattern of unfair, deceptive, and abusive acts or practices ( UDAAP ). \nThis complaint addresses NEW violations that occurred in Wells Fargo XXXX XX/XX/year> response : Admission of False Data Usage - Wells Fargo admitted using fabricated \" {$200000.00} in new money '' figure to deny my bonus Withholding Exculpatory Evidence - Refusal to provide security footage that would prove or disprove assault allegations Admission That Customer Assault \" Follows Policy '' - Claiming physical restraint and threats against peaceful customers is standard procedure Contradictory Statements Proving Bad Faith - Shifting explanations that contradict their own prior written denials Amount in Dispute : {$2500.00} ( promotional bonus ) + damages for assault, civil rights violations, and bad faith dealing DETAILED FACTS A. Wells Fargo XXXX Admission of Using False Data ( New Violation - XX/XX/year> ) In their XX/XX/year> response to CFPB, Wells Fargo made a critical admission that exposes their previous denials as fraudulent : What Wells Fargo Previously Claimed ( XX/XX/year> ) : Denied my {$2500.00} promotional bonus Stated I only brought in \" {$200000.00} in new money '' Used this specific figure to justify why I didn't meet the \" {$250000.00} new money '' requirement What Wells Fargo NOW Admits ( XX/XX/year> ) : \" You are correct, you did not bring in {$200000.00} in new money '' \" You did not bring in any funds from an outside banking institution '' The Violation : Wells Fargo has admitted they fabricated the \" {$200000.00} '' figure. This proves : The bank knowingly used false data to deny a contractual obligation The bank 's internal systems generated fraudulent calculations The denial was pretextual and made in bad faith Legal Standard : Using fabricated data to avoid contractual obligations constitutes fraud and UDAAP violations under XXXX U.S.C. XXXX. \n\nB. Withholding Evidence of Criminal Conduct ( New Violation - XX/XX/year> ) Wells Fargo XXXX response to my assault allegations demonstrates obstruction and bad faith : The Evidence Exists : Wells Fargo admits security footage from XX/XX/year> exists but refuses to provide it without a subpoena. \nThe Logic Failure : If the footage showed I was the aggressor or that guards acted appropriately, Wells Fargo would release it immediately to exonerate themselves If the footage showed \" policy was followed, '' it would support their defense Their refusal to provide the footage is an admission that it contradicts their narrative Specific Incidents Not Addressed : Wells Fargo 's response completely ignores : XXXX XXXX XXXX XXXX ( Badge XXXX ) threatening : \" I will slap you if you say anything further '' Discriminatory statement : \" This is how you all should be treated '' Gender-based harassment : \" My girl also does not take orders '' XXXX hours of restraint in handcuffs Inappropriate XXXX contact while restrained Police XXXX XXXX XXXX XXXX XXXX XXXX ) being called to scene The New Violation : By stating these events \" followed policy, '' Wells Fargo is either : Lying to the CFPB about their investigation, OR Admitting that threatening, restraining, and verbally abusing customers IS their policy Either scenario requires CFPB enforcement action. \n\nXXXX Bad Faith Investigation and False Statements to CFPB Contradictions in Wells Fargo 's Response : On the XX/XX/year> Meeting : Wells Fargo now claims : \" The customized summary is only signed by yourself ; the banker nor branch XXXX signed the form '' Wells Fargo now claims : \" It does not state the manager assisted you '' The Truth : Branch XXXX XXXX XXXX was physically present, confirmed my eligibility verbally, and the digital summary was generated in her presence Challenge : I request CFPB subpoena Wells Fargo XXXX security footage from XX/XX/year> ( approximately XXXX XXXX  ) to prove XXXX XXXX was present during the meeting. \nOn the XX/XX/year> Meeting : The XX/XX/XXXX summary shows ONLY Banker XXXX XXXX XXXX XXXX ' signature because XXXX XXXX was on leave that day. This proves that when the XXXX XXXX WAS present ( XX/XX/XXXX ), her presence was documented. \n\nXXXX Pattern of Providing False Information to Avoid Liability Wells Fargo XXXX response demonstrates a systematic pattern of shifting explanations : Timeline of Contradictions : XX/XX/year> ( Internal Denial ) : Claimed I brought in \" {$200000.00} in new money '' Denied bonus because this didn't meet $ XXXX threshold XX/XX/year> ( Previous CFPB Response ) : Representative XXXX XXXX falsely claimed Branch XXXX XXXX XXXX \" confirmed she has not had any contact with you '' This contradicted the signed XX/XX/year> document XX/XX/year> ( Current Response ) : NOW admits I brought in \" {$0.00} in new money '' NOW admits the $ XXXX figure was false Still denies the bonus using the same false reasoning The Pattern : Each time confronted with evidence, Wells Fargo changes its story but maintains the same denial. \n\nWELLS FARGO XXXX INADEQUATE RESPONSE CREATES NEW VIOLATIONS The XX/XX/year> response itself constitutes new violations : XXXX. Deceptive Practices Admitting to using fabricated data ( $ XXXX figure ) while still denying liability Claiming \" no evidence '' exists while simultaneously withholding that evidence XXXX. Unfair Practices Requiring a subpoena for evidence in the bank 's possession that would resolve the dispute Using technical arguments about signatures while ignoring the substance of the contractual promise XXXX. Abusive Practices Dismissing assault allegations with \" policy was followed '' without explaining what investigation occurred No disclosure of disciplinary action taken ( if any ) No apology or acknowledgment of customer harm REQUESTED RELIEF I request that the CFPB : XXXX. Investigation and Enforcement Open a formal investigation into Wells Fargo 's use of fabricated data to deny contractual obligations Investigate whether Wells Fargo XXXX security policies include threatening and restraining peaceful customers Determine if Wells Fargo XXXX response to CFPB complaints constitutes obstruction XXXX. Mandate Evidence Production Order Wells Fargo to provide security footage from : XX/XX/year> ( XXXX XXXX  ) : Proving Branch XXXXXXXX XXXX presence and confirmation of eligibility XX/XX/year> ( XXXX XXXX  ) : Documenting the assault and restraint XXXX. Financial Remedies {$2500.00} : Promotional bonus promised in writing by authorized bank representatives Compensatory damages : For physical assault, false imprisonment, emotional distress Punitive damages : For bad faith dealing and UDAAP violations XXXX. Accountability Measures Require Wells Fargo to provide a detailed investigation report on : XXXX XXXX XXXX XXXX ( Badge XXXX ) Branch XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX How the fraudulent \" {$200000.00} '' figure was generated XXXX. XXXX XXXX XXXX Wells Fargo to review and report on branch security policies Mandate training on appropriate customer treatment Require public disclosure if restraining peaceful customers is indeed \" policy '' WHY THIS IS A NEW COMPLAINT This complaint is distinct from Case # XXXX because : New violations occurred in Wells Fargo XXXX XX/XX/year> response ( admission of false data, withholding evidence ) Wells Fargo XXXX response itself demonstrates UDAAP violations XXXX bad faith, obstruction ) New evidence has emerged ( admission that $ XXXX figure was fabricated ) The bank 's response reveals systemic issues requiring separate regulatory review SUPPORTING DOCUMENTATION I am attaching the following : Wells Fargo XXXX XX/XX/year> response to CFPB ( showing admission of false data ) Customized Visit Summary from XX/XX/year> Customized Visit Summary from XX/XX/year> Previous CFPB complaint and resolution ( Case # XXXX ) Timeline of contradictory statements from Wells Fargo CONCLUSION Wells Fargo XXXX response to my CFPB complaint has created new violations by : Admitting they used false data while maintaining the denial Withholding evidence of assault while claiming innocence Providing contradictory explanations that prove bad faith The bank 's conduct demonstrates a pattern of unfair, deceptive, and abusive practices that require CFPB XXXX action to protect consumers and ensure accountability. \nI respectfully request the CFPB investigate these new violations and mandate appropriate remedies.","date_sent_to_company":"2026-01-08T18:33:33.000Z","issue":"Opening an account","sub_product":"Checking account","zip_code":"381XX","tags":null,"has_narrative":true,"complaint_id":"18572847","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"WELLS FARGO & COMPANY","date_received":"2026-01-08T18:30:29.000Z","state":"TN","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Account opened without my consent or knowledge"},"highlight":{"complaint_what_happened":["Unfair Practices Requiring a subpoena for evidence in the bank 's possession that would resolve the dispute Using technical arguments about signatures while ignoring the substance of the contractual promise <em>XXXX</em>. Abusive Practices Dismissing assault allegations with \" policy was followed '' without <em>explaining</em> <em>what</em> investigation occurred No disclosure of disciplinary <em>action</em> taken ( if any ) No apology or acknowledgment of customer harm REQUESTED RELIEF I request that the CFPB : <em>XXXX</em>."]},"sort":[10.979597,"18572847"]},{"_index":"complaint-public-v1","_id":"13994097","_score":10.910484,"_source":{"product":"Vehicle loan or lease","complaint_what_happened":"Open date of loan : XX/XX/XXXX Complaint Against : Capital One Auto Group/Kohls Capital One Credit Card Description of the Issues with Capital One Auto Group/Kohls Capital One Credit Card Violations noted below : 1 ) What Occurred/Issue # 1 : Unauthorized credit inquiries, hard checks on my credit report, specific dates documented ; have full documentation ( credit reports ) to support my claim, which I am prepared to provide upon request. Both done by Capital One Auto and Kohl 's Capital One Credit card company Violation # 1 : \" Fair Credit Reporting Act '' ( FCRA ). This law is designed to promote fairness and privacy of my information in the files of consumer reporting agencies. They were not obtained for a permissible purpose in which I had not initiated a transaction related to my existing account, and they also pulled my credit unauthorized as a \" hard inquiry '' multiple times without myself initiating any type of application, and without any other valid permissible purpose. They were essentially illegally accessing my private financial information. \n\nViolation # 2 : \" Permissable Purpose ''. The unauthorized hard credit checks were done by the same company in two separate divisions that handle both my auto loan and credit card. That significantly amplifies the violations, especially under MA law resulting in heightened FCRA violations and damages leading to a higher number of violations.\n\nViolation # 3 : \" Proof of Willfulness/Pattern : The fact that both divisions have been doing it strengthens my argument that it is not an isolated mistake, but potentially a systematic issue or a \" reckless disregard '' for FCRA compliance. This also indicates the possibility of \" willful noncompliance '' potentially leading to higher punitive damages. \n\nViolation # 4 : Compounding Harm : The multiple hard inquiries by the same company in two separate divisions ( Capital One Auto/Kohls Capital One Credit Card ) had an even more severe impact on my credit score. It led to higher actual damages debilitating my ability to seek any other alternative options such as auto refinancing etc. In conclusion the amplification of this matter is a two fold double activity.\n\n2 ) What Occurred/Issue # 2 : Not adhering to the fifteen day grace period for the whole period from XX/XX/XXXX to when I voluntarily surrendered the vehicle recently Capital One Auto Group did not comply with the original loan terms for one month since day one of the contract, every month I was considered past due at the end of the month, my payments and percentage rates increased, they would excessively call me if I was even one day overdue, I redundantly reminded them about the 15 day grace period, it was never comprehended or adhered to, and my credit score was impacted. Have full documentation and prepared to provide upon request.\n\nViolation # 1 : \" Breach of Contract ''. My auto loan was a legal contract. It outlined the terms and conditions, including the payment due dates, interest rates, and any grace periods for late payments which is a contractual allowance of extra time beyond the payment due date. These actions repeatedly and continuously repeatedly damaged my credit, APR, and monthly payments.\n\nViolation # 2 : \" Duty to furnish accurate information under the FCRA ''. Inaccurate Furnishings of information that requires the company to provide accurate information to credit bureaus. If I missed a payment on the due date for any month it was considered \" late '' and reported to the credit bureaus before the contractual grace period expired and before the customary 30 day reporting threshold of 30 days past the original due date. \n\nViolation # XXXX : \" Unfair or Deceptive Acts or Practices ''. What occurred strongly suggests unfair and deceptive practices. They were contractually obligated to honor the grace period in the contract and consistently failing to honor especially after multiple requests by myself is deceptive. This unfair practice caused repeated harm to my credit score, APRs, and monthly payments. After reviewing my total payment amounts towards the car itself and interest paid last month the interest paid gradually increasing throughout the course of time based on their actions ultimately concluding I had made more total payments in interest than in the vehicle itself. \n\nXXXX ) What Occurred/Issue # XXXX : Capital One has a history of aggressive, harassing, and excessive calling. When I did speak with that is what occurred with myself on a very frequent basis. When I did speak with them to try to compromise or have them understand what they were doing there was no accountability or responsibility for anything. It was always on me. When I did speak to them they were rude, I had to block them multiple times, and they still found a way to call me. They also called me more frequently on the weekends than during the week from observing all of the call records. I have all of the years, months, days, and times documented for every phone call if needed. \n\nViolation : Telephone Consumer Protection Act and Under Federal Law the Fair Debt Collection Practices Act. Specific FDCPA violations relating to this matter. \nViolation : Harassment or Abuse : This is the most direct violation for annoying phone calls. \n\nViolation : Unfair Debt Collection Practices. Repeated and Continuous Calls, Calling on the weekends during prohibited calling times, harassment or abuse. I also had the right to revoke consent asking them to stop calling me, blocking them multiple times after explaining my situation, and then continuing to find a way to call me. This indicates a violation of the telephone consumer protection act. NOTE : This company has a long standing history of class action lawsuits due to this and other violations. \n\nPossible Violation : \" Common Law Harrassment '' / '' Intentional Infliction of Emotional Distress '' : Despite this law being more extreme I had to make note of this and will express the fact that this all did cause XXXX XXXX XXXX XXXX XXXX and at times I really did feel like it was intentional despite being difficult to fully prove that I felt like their conduct was intentional and reckless. \n\nWhat Occurred/Issue # XXXX : On XX/XX/XXXX of XXXX Capital One reported an update regarding that as an issuer of the Kohls credit card that additional consumers had been identified as impacted by the breach and should receive letters about the incident. I found out about it on the class action website, inquired with them, and was informed that I was impacted by it. I was never notified by Capital One Kohl 's credit card and would have not known if I did not find out and inquire about it myself. They did not take or ensure proper steps to protect the information that was entrusted with their company. \n\nViolation by Kohl 's Capital One Credit Card : Violation # 1 : \" Massachusetts Data Breach Notification Law ''. I was not directly notified, especially given the Massachusetts Data Breach Notification Laws.\n\nI was not provided with : 1 ) The duty to notify residents. I was not given notice as soon as practical, there was not only a delay but no notification at all finding out myself, they were aware of the breach of security, and were aware that my personal information was acquired or used by an unauthorized person or used for an unlawful purpose. \n\n2 ) Violated my personal information : My full name could have been revealed as well as my social security number, driver 's license number, financial account number, medical information, other credit related information, and clearly falls under the definition of personal information triggering the notification requirement that never occurred.\n\nHow has this all impacted me : 1 ) The delayed mitigation not being promptly notified of the data breach : Not only was it delayed it was more than delayed having to notify and find out myself of what occurred. I was completely unaware that my information was compromised, if I was informed I could have taken immediate and necessary protective measures such checking my credit history, being offered credit monitoring services if I was informed, change passwords, or take any other prompt protective measures. If I had not found out myself it would have significantly increased my identity vulnerability and risk of harm. \n\nXXXX ) Emotional Distress and Time Spent : The discovery that my information was exposed while unlawfully not being notified in addition to my discovery that my information was exposed caused significant emotional distress, XXXX, and have been feeling more than violated not only due to this matter but the multiple prior matters in this letter. Words can't describe the overall impact all of this has had in every avenue of my life.\n\n3 ) This also led to the loss of opportunity to proactively protect my private information and if they had complied with MA law and notified me in a timely manner I would have been able to proactively do so. I was never offered any protection services let alone not being notified at all. As a XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXXXXXX XXXX XXXX XXXX XXXX XXXX XXXX  I was also a victim of the XXXX XXXX XXXX breach a couple years ago, lost my XXXX XXXX  never received any type of support for my billing lost medical claims, other breaches have compiled since then, and have not recovered since. This just added to the XXXX XXXX XXXX and stress that I have experienced on a consistent basis since then and this situation made it even worse. \n\nXXXX ) Out of pocket costs : In addition to having to make higher car and credit card payments due to the prior occurrences noted in this letter in addition to this data breach I have no definitive number of how much additional costs have come out of my pocket but am aware of the amount of additional money I made in car and credit card payments due to what has been noted. \n\nXXXX ) What Occurred/Issue # 4 : I was not properly informed of the repossession per MA General Laws Chapter 255B, section 20 ( The Right to Cure Default Statute ) Violation # XXXX ) I was never given a clear opportunity to have repossession prevented, they failed to properly inform me prior to me surrendering the vehicle, and there was a lack of proper notice before potential repossession was threatened or implied. \n\nViolation # 2 ) Condition Precedent to Repossession : They can not repossess the vehicle or accelerate the maturity of the loan/meaning demand the full amount immediately unless they first sent me a very specific notice. That never happened. \n\nViolation # XXXX ) \" Required Title '' : I never received notice titled \" rights of defaulting buyer under the MA Motor Vehicle Installment Sales Act '' / '' Notice of right to cure ''. I was never sent this and was not informed or ensured that I fully understood the seriousness of my rights. \n\nViolation # 4 ) I was never given notice of the nature of the default, the specific missed payments, the exact amount necessary to cure the default, the specific dates in which any amount was to be paid, and was never given notice that if an amount was not paid by that date that they could repossess the vehicle. Nothing in that nature was ever received via regular mail, registered, or certified mail.\n\nIn conclusion, there is strong evidence to conclude that they did not meet any of the strict requirements indicating a violation of M.G.L c. 255B, 20A.\n\nViolation # 5 ) \" Failing to provide a legally mandated pre repossession notice ''. Violation of MA Consumer Protection Act : Capital One Auto failed to provide the legally mandated pre possession notice. A lender 's failure to comply with the requirement is considered an \" unfair and deceptive act or practice '' under Chapter 93A. \n\nConsequences of the Violations : Loss of Deficiency Balance. There was no proper 21 day \" right to cure '' notice as required by MA, Capital One should be held accountable for the deficiency balance, and they should not have any right to collect any deficiency balance from myself. \n\nRights Violated as a Consumer : Even with my voluntary surrender I honestly felt like I was more threatened than repossession, they made it seem inevitable, they hadn't sent the proper M.G.L c. 255B, 20 A notice, and strongly believe should be treated as an unlawful repossession.\n\nThe actual damages that occurred with myself : There is evidence to conclude that Capital One Auto 's violation was willful and knowing ignoring a the clear statutory requirement and if anything the amount of damages that occurred with myself and led to more actual damages to myself due to the multiple consumer laws that were broken by Capital One Auto and Kohl 's Capital One Credit Card Company. \n\nThe situation I am dealing with now : In addition to everything I have explained, in addition the negative remarks related to the repossession of my car are based on multiple unlawful acts by Capital One. \n\nAll of this lack of proper information contributed to me feeling compelled to surrender the vehicle and more than prevented me from exercising my legal right to cure the default. There were also other companies XXXX XXXX XXXX XXXX XXXX who engaged in unfair and deceptive practices and also contributed to the recent surrendering of the vehicle in which you will likely be hearing about in the near future. \n\nThey were all major contributors to the condition of the car when it was voluntarily surrendered because I am sure you will be informed of the condition of the car. Briefly to explain when I was moving out of my apartment in the end of XXXX I shut the trunk door and the window shattered pretty much on me, XXXX XXXX claimed I did not have full comprehensive coverage when I did, and I found out the windows were recalled years ago due to breaking easily with XXXX XXXX with the specific year, make, and model of my XXXX XXXX XXXX due to being poorly calibrated. \n\nI had to drive to PA to my Father 's due to having to move out of my apartment with an artificial rear windshield and on the way to my Father 's the front windshield got pebbled when going to visit my Father in PA ultimately not being able to drive the car due to the other two companies above. Also the interior got damaged from an interior restoration company who did a horrible job restoring the car after I attempted to superglue the front calibrated computer unit that was constantly falling down. The superglue leaked into the middle console, hired a company to restore, and made it worse. Not very good luck with the car period. \n\nI had made multiple claims to XXXX and they did nothing. There was also a recall on my fuel injection, they made appointments for me to come into their shop, I constantly told them I could n't drive the car, and they didn't comprehend. You will be hearing about these other XXXXwo companies in the near future. Words can't describe how much of an overall toll this has taken on me. But regardless, I hope you get a better understanding of my side of the story and a bigger picture. \n\nDue to all of the occurrences in this letter Capital One Ultimately filed to repossess the car from me, and these violations specifically their failure to accurately disclose fees as required by the Truth in Lending Act and their persistent harassment regarding payments that were already disputed created an untenable financial burden that directly impaired my ability to continue making timely payments. \n\nDespite my best efforts to keep up with everything before being fully aware of the unlawful practices I attempted to resolve these discrepancies and work on a solution with them multiple times and honestly felt like I was being punished, harrassed, or not compromised with every single time. The cumulative impact of their non compliance left me with no viable option but to surrender the vehicle to mitigate further damages. \n\nIt was only after their actions in addition to the other two companies XXXX XXXX XXXX XXXX XXXX where it came to the specific point where it made it impossible for me to continue as Capital One refused to acknowledge my disputes regarding their excessive charges or their illegal collection practices that began to impact me significantly. I was forced to conclude that continuing the financed loan was unsustainable due to their unlawful conduct. \n\nI would like to be unequivocally clear that I did not wish to surrender this vehicle. This action was taken under duress, as a direct consequence of Capital One Auto/Kohls Capital One egregious and unlawful behaviors. I firmly believe that their actions are the sole reason for this unfortunate outcome. \n\nThank you for taking the time to read this letter. Sometime in the near future you will be receiving the information on XXXX XXXX and XXXX XXXX, their unlawful and deceptive practices, and feel free to contact me if you have any questions. \n\nRegards, XXXX XXXX","date_sent_to_company":"2025-06-10T20:42:50.000Z","issue":"Repossession","sub_product":"Loan","zip_code":"020XX","tags":null,"has_narrative":true,"complaint_id":"13994097","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"CAPITAL ONE FINANCIAL CORPORATION","date_received":"2025-06-10T20:00:01.000Z","state":"MA","company_public_response":null,"sub_issue":"Damage caused or loss of personal items in vehicle during the actual repossession"},"highlight":{"complaint_what_happened":["Briefly to <em>explain</em> when I was moving out of my apartment in the end of <em>XXXX</em> I shut the trunk door and the window shattered pretty much on me, <em>XXXX</em> <em>XXXX</em> claimed I did not have full comprehensive coverage when I did, and I found out the windows were recalled years ago due to breaking easily with <em>XXXX</em> <em>XXXX</em> with the <em>specific</em> year, make, and model of my <em>XXXX</em> <em>XXXX</em> <em>XXXX</em> due to being poorly calibrated."]},"sort":[10.910484,"13994097"]},{"_index":"complaint-public-v1","_id":"5572167","_score":10.515825,"_source":{"product":"Money transfer, virtual currency, or money service","complaint_what_happened":"Dear Consumer Financial Protection Bureau, I am one of hundreds of victims of theft of cryptocurrency off the exchange run by Gemini Trust Company , LLC ( d/b/aXXXX Gemini XXXX, XXXX ) ( Gemini ) that resulted from Geminis unfair, deceptive, or abusive acts or practices ( UDAAPs ), in violation of the Dodd-Frank Act, 12 U.S.C. 5531. In short, as a result of Geminis failure to adequately safeguard self-directed retirement assets on its exchange from foreseeable misconduct, hackers were able to fraudulently transfer tens of millions of dollars worth of cryptocurrency off the exchange on XX/XX/XXXX, including [ Amount ] ETH from my account. \n\nGemini lured myself and the other victims in by selling security and trust : Trust is our product, they tell the public. We bought it and were led to believe Gemini would adequately safeguard our valuable retirement assets. Gemini advertises its industry leading security, and broadcasts unequivocally that All crypto held online in our exchange wallet is insured. It was precisely statements like these that led me ( and others ) to believe my self-directed retirement funds would be safe on the Gemini exchange and therefore to select a custodian that advertised a partnership with Gemini for this very purpose. At no time, prior to the theft of assets, did Gemini provide any indication that they would not put the full force of their company resources and highly touted security program behind the protection of my assets. To the contrary, upon signing up with Gemini, they sent welcome letters, reiterating promises of their security-first mentality and an ethos of asking for permission, not forgiveness, and they promised the full Gemini experience. \n\nI, and other victims, had every reason to rely on Geminis representations in establishing trust and selecting a place to buy and store valuable retirement assets. However, based on Geminis responses to my inquiries ( and those of other victims ) to date, these representations proved to be unbelievably deceptive. Gemini now claims that all security measures to protect the tens of millions of crypto held on Geminis exchange fell on XXXX XXXX relatively small company that, among other things, takes miniscule fees compared to those taken by Gemini for buying and holding crypto, and that does not sell its product based on its own security but rather that of Gemini. Even though Gemini promised ( among other industry-leading security ) two-factor authentication ( 2FA ), protections against single point of failure, and that in any event crypto is insured against fraud, victims were not notified ( via 2FA or otherwise ) of the withdrawals that Gemini says was due 100 % to IRA Financial ( a single-point of failure ) being severely compromised, and the assets were not insured against this loss. \n\nGemini violated the Dodd-Frank Act by engaging in UDAAPs and harming the victims in several ways. This included unfair acts and practices in the form of inadequate safeguards that caused injuries not reasonably avoidable by consumers. It also included deceptive practices in the form of material misrepresentations reasonably misleading and injuring consumers. Gemini also appears to have violated both state law and possibly the Electronic Funds Transfer Act ( EFTA ), each of which violation would constitute an actionable UDAAP under Dodd-Frank Act as well as a violation of the underlying laws These violations are detailed below.\n\nI. Geminis Unfair Acts and Practices : Failure to Establish Appropriate Policies and Procedures to Prevent, Detect, or Remedy Fraudulent Activity Harming Consumers The fraud that occurred on XX/XX/XXXX was stark. Hackers were able to compromise XXXX XXXX Geminis partner in providing consumers with an option to invest their self-directed retirement funds in cryptocurrency. Amazingly, Gemini had no safeguards against a single point of failure at XXXX  XXXX, where hacked administrative accounts were able to transfer tens of millions of dollars from hundreds of different individual customer accounts under their control into one account, and then transfer from the one account off the exchange, all within dozens of minutes. In statements to victims after this egregious security failure, Gemini has said The subject transactions appeared, from Geminis perspective, to be routine, authorized, and legitimate. This statement from Gemini is incredible and highlights the extreme lack of anything close to proper safeguards.\n\nThe standard for unfairness in the Dodd-Frank Act is that an act or practice is unfair when : ( 1 ) It causes or is likely to cause substantial injury to consumers ; ( 2 ) The injury is not reasonably avoidable by consumers ; and ( 3 ) The injury is not outweighed by countervailing benefits to consumers or to competition. See 15 U.S.C. 45 ( n ) ( The standard for unfairness in the Dodd-Frank Act has the same three-part test as the FTC Act, which was first stated in the FTC Policy Statement on Unfairness ( XXXX XXXX, XXXX ), available at : http : //www.ftc.govXXXX, and later specifically included in the FTC Act. ) As an example, in In re XXXX XXXX, XXXX XXXX, the Office of the Comptroller of the Currency ( OCC ) brought an enforcement action where a bank maintained deposit account relations with telemarketers and payment processors without adequately safeguarding against fraud. In that case, the telemarketers regularly deposited large numbers of remotely created checks drawn against consumers accounts, a large proportion of which were not authorized by consumers. OCCs investigation indicated the bank failed to establish appropriate policies and procedures to prevent, detect, or remedy such activities. Under the three-part test for unfairness, ( 1 ) the consumers lost money from the fraudulent checks was a substantial injury, ( 2 ) consumers could not have avoided the injury from transactions to which they had not consented, and ( 3 ) the cost to the bank of establishing a minimum level of due diligence, monitoring, and response procedures sufficient to remedy the problem would have been far less than the amount of injury to consumers that resulted from the banks avoiding those costs. See CFPB Consumer Laws and Regulations, UDAAPs Manual v.3 at pp.4-5 ( XX/XX/XXXX ) ( discussing the analysis ). \n\nGeminis failures in the present case easily meet the three-part test for unfairness. First, the lost tens of millions of dollars worth of crypto is obviously a substantial injury. Second, there is nothing the consumers could have done to avoid this injuryin fact, not only had the victims not consented to the transfers, but we relied on notifications and two-factor authentication to make any transfers on the Gemini exchange, and yet no notice was provided by Gemini at any time as the accounts were being drained. No protections were offered by Gemini and there was nothing consumers could have done, reasonable or otherwise, to prevent this. Third, as in In re XXXXXXXX XXXX XXXXXXXX XXXX, the cost to Gemini of establishing a minimum level of due diligence, monitoring, and response procedures sufficient to remedy the problem would have been far less than the injury resulting from Geminis avoiding these costs. In other words, Geminis failures were clearly unfair under the meaning of Dodd-Frank , and in accordance with precedent, and CFPB should take action to compel Gemini to restore the victims accounts.\n\nII. Geminis Deceptive Acts and Practices : Misleading Claims and Omissions About Security and Insurance that Consumers Reasonably Relied Upon to their Detriment When I was looking for a platform I could use to invest my self-directed retirement funds in crypto, I picked XXXX  XXXX due to their advertised partnership with Gemini, which holds itself out as an industry leader in security and advertises that all crypto on its exchange is insured. Gemini got my business, and those of countless others no doubt, by promoting a reputation for safety and security. I, and other victims, reasonably relied on Geminis assurances that our assets were safe on the Gemini exchange, and we reasonably believed that, should they be somehow stolen or otherwise compromised, our assets would be protected by Geminis insurance. But all of this appears based on Geminis current position to be egregiously misleading. In other words, Geminis representations were extremely deceptive.\n\nUnder the Dodd-Frank Act, a representation, omission, act, or practice is deceptive when ( 1 ) The representation, omission, act, or practice misleads or is likely to mislead the consumer ; ( 2 ) The consumers interpretation of the representation, omission, act, or practice is reasonable under the circumstances; and ( 3 ) The misleading representation, omission, act, or practice is material. See CFPB Consumer Laws and Regulations, UDAAPs Manual v.3 at p. 5 ( XX/XX/XXXX ) ( citing FTC Policy Statement on Deception, available at http : //www.ftc.govXXXX XXXX \n\nCFPB has explained that, in addition to affirmative representations that are misleading, if material information is necessary to prevent a consumer from being misled, it may be deceptive to omit that information. Id. Examples of deceptive practices may include, among other things, offering to provide a product or service that is not in fact available ;... omitting material limitations or conditions from an offer ; or failing to provide the promised services. Id. \n\nGeminis acts and practices easily meet the test under Dodd-Frank because they lured consumers in with statements creating reasonable expectations for security and insurance, which proved to be totally false and which materially harmed the consumers who relied on these reasonable expectations. Below, I set forth some of the specific statements and representations made or omitted by Gemini, the reasonable expectations these created, and the reality of what occurred and what Gemini is saying now.\n\nA. What Gemini Said : That They Are Safe, Trusted, Leaders in Security, and that Their Protections Include 2FA, Protections Against Single-Points of Failure , and Insurance Against Fraud Geminis entire sales pitch is that they are safe and secure, and that people should trust them to safeguard their valuable assets. Gemini tells the public they are the Safest Crypto Exchange, and make the following representations, among others : Trust is our product.\n\nGeminis founders built Gemini to deliver the first trusted platform that focused on strong security controls and compliance. \nGemini has built a leading security program focused on developing innovative security solutions to help protect and secure our customers and their assets. \nAll crypto held online in our exchange wallet is insured and we use best-in-industry cold storage coverage with leading insurance providers. \n\nSee Gemini Advertising and Marketing Materials, Exhibit A. \n\nAlong the same lines, XXXX  XXXX distinguished itself in advertisements by stressing its partnership with Gemini and underscoring the safety, security, and insurance of the Gemini XXXX. XXXX  XXXX advertised about its partner and their collective products and services, among other things : Gemini is a regulated crypto exchange with over {$10.00} billion in assets. \nHow it works... XXXX  XXXX creates your crypto account on Gemini. Gemini then emails you onboarding instructions. \nGemini is a regulated trust company and offers its clients insurance against fraud. \n\nXXXX  XXXX XXXX and Marketing Materials, Exhibit B. \n\nGemini participated in this partnership and at no time qualified or corrected any statements advertised about the safety, security, and insurance that would protect customers. \n\nNotably, I recall seeing and relying on similar communications and advertisements about the safety and security of Gemini ( and XXXX  XXXX as a result of their partnership with Gemini ), and I understand some materials have since been taken down by one or both companies. I do not have access to all of these, but I believe other victims may have some of these materials that they have provided or may provide to CFBP.\n\nOne stark example of this is Geminis prior claims about insurance, which has now been heavily qualified.\n\nGeminis prior representation about insurance was : All crypto held online in our exchange wallet is insured and we use best-in-industry cold storage coverage with leading insurance providers.\n\nAs of the date of this letter, Gemini has taken this down, tacitly acknowledging its inaccuracy, and Gemini now represents to the public only that : We maintain insurance against certain types of crypto losses from our exchange wallet and from Gemini Custody. To learn more about our insurance, and what it does and does not cover, please visit our User Agreement.\n\nSee Exhibit A. \n\nIn addition to these general promises, Gemini advertises specific details of their industry leading security that protect customers. Some particularly relevant representations include those concerning two-factor authentication and protections against single points of failure : In discussing its specific security practices, Gemini states that Two-Factor Authentication ( 2FA ) is required by default, in order to access your account and make withdrawals.\n\nSimilarly, Gemini toutes its asset security, stating The multisignature digital signature scheme ( multisig ) used eliminates single points of failure and improves our resilience against the loss or compromise of any individual private key.\n\nIt bears noting here that Gemini never corrected any statements advertised by XXXX  XXXX ( or itself ) about the security that would apply to holding retirement account assets on its exchange. In addition, none of the affirmative statements made above were qualified in any way that would communicate to a potential customer of the XXXX  XXXX XXXX Gemini partnership that investing retirement funds are any less protected than investing non-retirement funds. In fact, when onboarding through Gemini after singing up with XXXX  XXXX and Gemini, Gemini communicates the oppositethey sent victims welcome letters, reiterating promises of their security-first mentality and an ethos of asking for permission, not forgiveness, and they promised the full Gemini experience. \n\nB. What Victims Reasonably Understood and Expected : That Our Crypto Was Safe and Insured and that Gemini Would Not Allow Tens of Millions to Be Withdrawn From Our Accounts Without Our Permission or Even Notification, Among other Reasonable Expectations All these statements of assurance and trust workedI and other victims believed Gemini ( and purchased their product ). I and other victims came to the expectation and belief that our crypto was safe from fraud on Geminis exchange, and that in the event anything did happen, Gemini protected our crypto with insurance so there was no appreciable risk of catastrophe. The entire point of selecting XXXX XXXX and Gemini as a place to hold valuable retirement assets was the promised security, safety, and insurance. \n\nSpecific beliefs reasonably held as a result of Geminis representations included that no crypto would be withdrawn from victims accounts without consent via 2FA, that Gemini had adequate protections in place to prevent catastrophic loss from a single-point-of failure, and that in any event our assets were protected against fraudulent withdrawals by Geminis insurance coverage. These beliefs and expectations were eminently reasonable based on the statements above.\n\nFor example, the statement that Geminis security eliminates single points of failure communicates to consumers that we can trust there are multiple layers of security protecting our assets, so that there is no risk of one compromise causing catastrophic loss.\n\nGeminis statement that 2FA is required to make withdrawals gave us the expectation that our accounts would not be able to be drained without our consent or knowledge. My expectations and beliefs on this were also reinforced along the way, including by Geminis requirement for 2FA anytime I executed any transaction on Geminis platform. \n\nThis misrepresentation is particularly egregious given Geminis direct communications to us that they founded Gemini with a security-first mentality and an ethos of asking for permission, not forgiveness. We reasonably expected that they would not allow tens of millions in retirement assets to be withdrawn from our accounts without our permission. This expectation was more than reasonable given their explicit statement that 2FA was required for withdrawals and subsequent practice of asking our permission via 2FA for any buy or trade prior. Not only did they fail to ask for our permission, now they are not even asking our forgivenessto date they have taken zero responsibility for allowing our retirement funds to be funneled off the safest crypto exchange. \n\nGeminis unqualified statement that all crypto on their exchange is insured gave us all confidence that, should anything happen, there is insurance available to cover loss. This was advertised by both Gemini and XXXX XXXX, and a material inducement for us to give them business. Given these broad, unqualified statements, it was reasonable for customers to expect that Gemini would in fact cover crypto with insurance against loss if their security practices failed to prevent the loss, as was the case here. \n\nAs to the rest of my expectations around security and insurance, at no time did I have any reason to question any of the representations and promises initially made that I relied upon in signing up with XXXX XXXX and Gemini. \n\nC. What Actually Happened and What Gemini Now Says About it On XX/XX/XXXX, XXXX  XXXX was hacked. Hackers gained control of XXXX  XXXX administrator accounts, transferred tens of millions of dollars worth of assets from hundreds of victims to one account, created a new external wallet, and transferred the assets off Gemini exchange without notifying victims or apparently raising any flags at Gemini whatsoever. In fact, Gemini told victims The subject transactions appeared, from XXXX perspective, to be routine, authorized, and legitimate. Gemini XX/XX/XXXX Response to Victim CFPB Claim, Exhibit C. As presented to Gemini, these actions satisfied all of Geminis transaction approval requirements and appeared to be authorized transactions made from XXXX  XXXX known and approved devices. Gemini XX/XX/XXXX Response to EFTA Notice, Exhibit D. Further, Gemini has stated their insurance does not cover the loss because Geminis systems were not compromised.\n\nIn other words, the expectations we reasonably held based on Geminis representations proved dramatically false : Our expectation that Gemini was a safe, secure, trustworthy place to store crypto was eviscerated by their total failure to prevent bad actors from summarily and fraudulently transferring tens of millions of dollars worth of assets off the exchange. \nOur expectation that Gemini would notify us with 2FA and ask permission to withdraw funds proved shockingly false as we heard nothing from Gemini while they allowed our funds to be drained.\n\nOur expectation that their security included multiple layers to protect against single-points of failure such as the hack of an administrator with the power to create new external wallets and transfer off assets without safeguards proved similarly false.\n\nFinally, our expectation that Gemini maintained insurance that would protect our crypto as a fail-safe in case there was a dramatic unexpected breach also proved false. \n\nD. Clear Violation of Standard under XXXX XXXX These misrepresentations easily meet the test for deceptive under the Dodd-Frank Act. First, they are likely to mislead customers. As noted, the whole point of the advertising is to garner trust in Geminis security and get customers to buy their product. Second, as explained above, believing these representations under the circumstances is reasonable. Customers had no reason to question what Gemini and XXXX  XXXX were selling until the catastrophic failures came to light. Finally, the representations were material. The entire reason I ( and others, presumably ) chose Gemini was for the advertised safety and security. \n\nIt is critical to note that, even if all of Geminis claims were technically accurate ( for example, if their 2FA applied to XXXX  XXXX and not the consumer, and if the coins were insured just not against this type of fraud ), these claims remain highly misleading and illegal under XXXX XXXX I was led to believe, as any reasonable consumer would be through these claims, that my crypto was safethat it would not be withdrawn without my own 2FA ( which was required for purchases and transfers ) ; that Geminis systems were not susceptible to single-point of failure attacks ( including, what a reasonable consumer would think constitutes single-point of failurethe hack of Geminis partner administrator ) ; and that in any event, my crypto was protected via Geminis touted insurance policy. All of these beliefs turned out to be false and inaccurate, and yet they are totally reasonable and foreseeable based on Geminis advertising, representations, communications, acts, and practices. These misrepresentations were hugely materialthe trust was the foundation of my ( and other customers ) decision to go with Gemini. In no event would any of us have considered putting our retirement assets on the Gemini exchange had we known that our assets were not in fact protected in the way Gemini led us to believe they would be. \n\nIn other words, whether or not Gemini technically provided all the security they advertised, the fact remains that it was totally inadequate to prevent massive, foreseeable fraud, and this was shocking to customers who reasonably relied on their statements to believe that Gemini would be able to prevent, or at minimum insure loss from, such massive fraud. \n\nIII. Geminis Violations of State and Federal Law In addition the the violations outlined above, violations of applicable state and federal law also constitute UDAAPs, enforceable as violations under Dodd-Frank.\n\nA few noteworthy violations of applicable New York state law include : Gemini was required to conduct risk-assessment of XXXX XXXX platform and evaluate the adequacy of XXXX XXXX cybersecurity practices and protections under 23 NYCRR 500.11 . Gemini failed to do this. This is particularly egregious since Gemini now points to the breach at XXXX  XXXX and says Gemini holds no responsibility, putting all of the weight of responsibility on a security link that they themselves did not evaluate, in contravention of state law. \n\nGemini was required to provide its telephone number for the receipt of complaints under 23 NYCRR 200.20 ( b ) ( 1 ), but had only provided XXXX XXXX with its email address. This violation resulted in delays and significant loss after XXXX  XXXX detected the ongoing theft and Gemini was unresponsive to initial email notifications, with no ability to immediately notify Gemini. \n\nGeminis false, misleading, and deceptive representations and omissions, discussed above, are violations of New York law on advertising and marketing, 23 NYCRR 200.18. Gemini claims that its unqualified advertising that all crypto held on its exchange are insured was modified by language buried in its user agreement. However, as discussed above, even if this is technically true, the unqualified advertisement was highly misleading and deceptive, and itself is false without the separate qualification. Similarly, as discussed above, Geminis advertisements and representations that 2FA was required for withdrawals was misleading, deceptive, and ultimately false. \n\nGemini was required to implement adequate anti-money laundering measures and protections under 23 NYCRR 200.15 ( b ), ( c ). Criminals were able to steal assets from hundreds of accounts, transfer those assets ( one coin at a time ) to a single, unrelated account and then remove the stolen assets to a money-laundering tornado, thereby hiding the identity/ownership of the assets. This criminal laundering scheme involved several hundred transfers that went completely undetected by Gemini, in violation of New York anti-money laundering law. \n\nSimilarly, Gemini was required to monitor its system for transactions that might signify money laundering, tax evasion, or other illegal or criminal activity. 23 NYCRR 200.15 ( e ) ( 3 ). Gemini did not monitor for such activity here, as evidenced by the fact that it permitted hundreds of illegal transfers to occur, one coin at a time, into a single, unrelated account having no connection to its customers XXXX  accounts, and then allowed all of the stolen assets to be removed from its exchange. Subsequently, Gemini stated The subject transactions appeared, from Geminis perspective, to be routine, authorized, and legitimate. \n\nCritically, Gemini was also required to maintain, as part of its anti-money laundering program, a customer identification program. 23 NYCRR 200.15 ( h ). As part of this, Gemini was required to verify the identity of any accountholder initiating a transaction with a value greater than {$3000.00}. Here, as discussed above, Gemini did not verify the identity of the hundreds of customers via 2FA or otherwise of the withdrawals of hundreds of millions of dollars worth of crypto via voluminous transactions, all over {$3000.00} in value.\n\nGemini further failed to have in place appropriate policies and procedures to block or reject specific or impermissible transactions that violate Federal or State laws, rules, or regulations in violation of 23 NYCRR 200.15 ( j ). As discussed above, Geminis failures to monitor for, flag, or notify customers of hundreds of millions of dollars worth of crypto being fraudulently transferred to one account then to a new external wallet off exchange and into the abyss was an egregious failure.\n\nGemini also violated Californias Unfair Competition Law, Cal. Bus. Prof. Code 17200 et seq., which prohibits unfair business practices, including misleading advertising, similar to the federal violations of XXXX discussed above. Geminis unfair and misleading business practices were violations of state law in California because Gemini advertised its services here in California where I and other California victims reside, and Gemini got my business and that of other California victims, who all suffered a loss as a result of these practices.\n\nGemini may also have violated the Electronic Funds Transfer Act. I provided Gemini with notice of unauthorized transfer and requested correction under Regulation E. Gemini responded that Regulation E did not apply to the unauthorized transfer from my Gemini account because the account was a retirement account. It is unclear to me whether this is accuratethe exemption from retirement accounts appears to be focused on exempting the entity complying with IRS retirement obligations, which in this case would be XXXX  XXXX. It is not clear that the exemption would apply to Gemini, who is not regulated as a custodian. Thus, it appears Gemini may also have violated the EFTA. See EFTA Correspondence, Exhibit E.\n\nIV. Conclusion and Request for Remedy Geminis promises of security, notifications, insurance, and trust succeeded in getting the business of hundreds of victims that put tens of millions of dollars of critically important retirement funds on Geminis exchange and trusted Gemini to deliver on its promises, including to ask permission not forgiveness. Yet we found out Gemini failed us dramatically by allowing thieves to fraudulently transfer our retirement savings to one account, create an external wallet, and transfer our savings off Geminis exchange, without so much as notifying us, much less performing any of the promised or required verifications. Gemini did not even flag this as unusual, but instead told victims The subject transactions appeared, from Geminis perspective, to be routine, authorized, and legitimate. And they say it was not insured after all. \n\nThis is an outrageous failure on so many levels. The violations of XXXX are stark and numerous, as set forth above. We were misled by Gemini into buying the trust they were selling. But in the end, they did not protect our assets, and they are not putting the force of their company behind their initial promises of security and insuranceinstead it appears they are putting the force of their company toward gearing up to defend claims and making all the hundreds of victims pay out of pocket to hire private attorneys to enforce their clear rights. It is reprehensible. \n\nI am asking the CFPB to enforce XXXX and require Gemini to make the victims wholespecifically to reimburse victims in-kind for all of the crypto that was allowed to be transferred fraudulently off Geminis exchange, and to reimburse victims for any attorney fees and other costs actually incurred as a result. If CFPB has the power and inclination, I also request further penalties to be issues and further compensation to victims to be paid for their non-monetary damages, including the severe mental stress and emotional turmoil it has had on their lives as theyve dealt with drained retirement accounts and an about-face from the company that promised trust and security. \n\n\nThank you for your immediate care and attention to this matter. \n\nSincerely,","date_sent_to_company":"2022-05-18T00:46:37.000Z","issue":"Fraud or scam","sub_product":"Virtual currency","zip_code":"94107","tags":null,"has_narrative":true,"complaint_id":"5572167","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Winklevoss Exchange LLC","date_received":"2022-05-18T00:20:35.000Z","state":"CA","company_public_response":null,"sub_issue":null},"highlight":{"complaint_what_happened":["As to the rest of my expectations around <em>security</em> and insurance, at no time did I have any reason to question any of the representations and promises initially made that I relied upon in signing up with <em>XXXX</em> <em>XXXX</em> and Gemini. \n\nC. <em>What</em> Actually Happened and <em>What</em> Gemini Now Says About it On XX/XX/<em>XXXX</em>, <em>XXXX</em>  <em>XXXX</em> was hacked."]},"sort":[10.515825,"5572167"]},{"_index":"complaint-public-v1","_id":"2553676","_score":10.340217,"_source":{"product":"Money transfer, virtual currency, or money service","complaint_what_happened":"I am responding to a previous response to my previous complaint as it contains inaccurate information, here is what paypal sent via CFPB in response to my previous complaint : -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - Company 's Response Response : On  XX/XX/XXXX , you created a PayPal account ( Account ) at which time you agreed to PayPals user agreemen t (  User Agreement ). On the same day, you provided your  XXXX   XXXX   XXXX  checking account ( Bank Account ) information to PayPal to use as a funding source and for withdrawals from your Account. On  XX/XX/XXXX , you applied for a  PayPal Business Debit Card  ( \" Debit Card '' ) for your Account. Your application was approved on  XX/XX/XXXX . Subsequently, the  Debit Card  was sent to you vi a US M ail ; and you activated the card on  XX/XX/XXXX . In order to prevent fraud and help ensure the safety of the  PayPal system, PayPal  routinely reviews account activity. On  XX/XX/XXXX , a review of your Account identified the potentially suspicious activity of adding funds to your Account via a PayPal Cash prepaid card (  \" PayPal Cash '' ) an d then exiting those funds via withdrawals to your Bank Account. As a result, we limited your Account as permitted under the  Restricted A ctivities & Holds section of the User Agreement. At that time, we notified you of this action through email and requested that you explain your activity via affidavit. On  XX/XX/XXXX , you completed the affidavit ; and, as a result, we restored access to your Account. Between  XX/XX/XXXX , and  XX/XX/XXXX , you added a total of {$1000.00} to your Account via  PayPal Cash. Duri ng that same timeframe, you continued to exit those funds via withdrawals to your Bank Account, and for purchases using your  Debit Card.  Because you continued to use PayPal Cash cards, your Bank Account, and your Debit Card in a suspicious manner, after having received a prior warning, we permanently limited your Account on  XX/XX/XXXX . As provided in the Restricted Activities & Holds section of the User Agreement,  PayPal may  suspend, or limit access to your Account or  PayPal  services if we believe that you  may  have engaged in any Restricted Activities. Because the activity on your Account was consistent with potentially illegal activiti es, Pa  yPal considers this a Restricted Activity ;  and we reasonably believed a limitation was necessary to prevent further violations. Therefore, we will not be restoring access to your Account. Further, pursuant to the Restricted Activities & Holds section of the User Agreement,  PayPal may  hold your Account balance for up to 180 days if reasonably needed to protect against the risk of liability. Nonetheless,  PayPal r eleased your remaining Account balance of {$5.00} on  XX/XX/XXXX . On the same day, you withdrew your Account balance to your Bank Account. Please note that  PayPal  must be in a position to protect its interests in relation to limited accounts. The regulatory and legitimate interests of  PayPal, a s they relate to the retention of user records, compel us not to close an account if it is not in good standing. Therefore, we are declining your request to close your Account. Explanation o f Closure :   We believe th at PayPal acted in good faith and in accordance with the User Agreement  when denying you access to our services as a reasonable measure to maintain the security of  PayPal 's  system. As your Account is not in good standing, we are not closing the Account or restoring access to the Account.  PayPal  considers this matter resolved, as we made your funds available for you to withdraw on  XX/XX/XXXX . Please feel free to contact me should you have any questions or concerns, or if I can be of further assistance to you.   DESCRIPTION OF NON-MONETARY RELIEF Description of Relief :  PayPal rel eased your remaining Account balance of {$5.00} on  XX/XX/XXXX . On the same day, you withdrew your Account balance to your Bank Account.  <P/> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- SPECIFICALLY, THE FOLLOWING IS INACCURATE : \" At that time, we notified you of this action through email and requested that you explain your activity via affidavit. On XX/XX/XXXX , you completed the affidavit ; and, as a result, we restored access to your Account. Between  XX/XX/XXXX , and  XX/XX/XXXX , you added a total of {$1000.00} to your Account via  PayPal Cash.  During that same timeframe, you continued to exit those funds via withdrawals to your Bank Account, and for purchases using yo ur Debit Card. B ecause you continued to use PayPal Cash cards, your Bank Account, and your Debit Card in a suspicious manner, after having received a prior warning, we permanently limited your Account on  XX/XX/XXXX . '' -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - At no point was I told that this behavior was putting my account at risk of permanent limitation, the only notification I got was that they needed to know what the funds would be used for, which I explained entirely, my account was restored with no problem. A large portion of the funds I place into my account are withdrawn because I am unable to make payments on my credit cards without withdrawing the money to my bank account because Paypal does not furnish me with a routing or account number necessary to do so. I was merely asked to explain what I was using the money for and explained by responding to them. In addition, at no point was the request for an explanation referred to as an affidavit until now. I have been extremely forward with  Paypal  and revealed extensive personal details about my entire life going back several years and explained the use of all the money in question when asked. In addition to this, the person who gave me the cash to deposit into my account on both occasions, my partner, has sent messages to paypal attempting to confirm that they are the source of these deposits and the reasoning behind them.  <P/> In any regards, the communication with me regarding the cash deposits/withdrawal to my bank was misleading and incomplete and  PayPal i s entirely miscategorizing it in their response to my previous complaint. At no point in the entire situation was I made aware of any issue with withdrawing to my bank account ( the only thing that was sent to me was specifically referring to the cash deposits into my  PayPal,  my withdraws to my bank were never mentioned in any form ) and at no point was I informed that making use of the cash deposit and then withdrawing it to my bank account to pay bills in this manner again in the future would put my account at risk. Nothing  in Paypal 's  terms of service makes any specific mention of this behavior either. There is no mention of using  PayPal  in this manner in the  Restricted A ctivities & Holds sections whatsoever. The only reason I ever used this service is because its repeatedly advertised all over  Paypal 's  app as a convenient way to deposit cash -- my   XXXX   XXXX    does not have a branch any closer than  40 mi nutes away and following the advertising o f PayPal Cash  which bills is at a convenient way to deposit cash without having to go to the bank, I utilized it for exactly that purpose.","date_sent_to_company":"2017-06-19T05:38:39.000Z","issue":"Confusing or missing disclosures","sub_product":"Mobile or digital wallet","zip_code":"34684","tags":null,"has_narrative":true,"complaint_id":"2553676","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Paypal Holdings, Inc","date_received":"2017-06-19T04:54:06.000Z","state":"FL","company_public_response":null,"sub_issue":null},"highlight":{"complaint_what_happened":["I was merely asked to <em>explain</em> <em>what</em> I was using the money for and <em>explained</em> by responding to them. In addition, at no point was the request for an explanation referred to as an affidavit until now. I have been extremely forward with  Paypal  and revealed extensive personal details about my entire life going back several years and <em>explained</em> the use of all the money in question when asked."]},"sort":[10.340217,"2553676"]},{"_index":"complaint-public-v1","_id":"21174274","_score":9.695799,"_source":{"product":"Money transfer, virtual currency, or money service","complaint_what_happened":"SUMMARY PayPal, Inc. restricted my account, imposed a 120-day hold on my funds, compelled disclosure of private correspondence with a third-party business, and informed me that I \" present a risk to our platform '' after I received a {$64.00} deposit from XXXX, a gift card resale platform that PayPal itself promotes in its own help documentation. The restriction was imposed within hours of a PayPal agent confirming in writing that my account was \" fully usable. '' During the chat session in which the restriction was delivered, I disclosed twice that I am a terminally ill, end-stage XXXX XXXX patient on continuous IV life support medication and that the {$64.00} was the difference between eating or not eating. The agent acknowledged the disclosure, took no escalation action, and returned to script. PayPal has refused to identify any specific policy, term of service, or legal basis for the restriction. \n\nA. ACCOUNT BACKGROUND AND PAYPAL 'S INITIAL INSTRUCTION On or about XX/XX/XXXX or XXXX, 2026, I applied for a PayPal XXXX XXXX through my existing PayPal account. The application was rejected on the basis that my Social Security XXXX was allegedly associated with another account. I contacted PayPal support, and an agent instructed me to close and reopen my account to \" reset '' the issue. I followed that instruction. \n\nB. AGENT XXXX 'S \" FULLY USABLE '' REPRESENTATION ( XX/XX/year> ) On XX/XX/year>, I attempted to reapply for the Debit Card and was directed to contact support again. I disclosed to the agent that I had previously operated a business that XXXX have used PayPal. XXXX XXXX informed me I was not eligible for the card at this time, but stated clearly and in writing that my account was \" fully usable '' and that I could \" send and receive payments, shop online wherever PayPal is accepted, and move funds using your linked bank account or card. '' This representation was unambiguous. It confirmed that my account was in good standing and that I could transact freely, including receiving deposits and moving funds to my linked bank account. \n\nXXXX XXXX XXXX AND IMMEDIATE RESTRICTION ( XX/XX/year> ) On XX/XX/year>, at approximately XXXX AM CT, a {$64.00} deposit from XXXX posted to my PayPal balance. XXXX is a legitimate gift card resale platform. I had sold a XXXX XXXX gift card I had received. This is a legal transaction with a legal company. I attempted to transfer the funds to my linked checking account. Within hours of the deposit posting, PayPal flagged my account and presented me with a set of XXXX steps it described as necessary \" to secure my account. '' The window between XXXX XXXX 's written confirmation that the account was \" fully usable '' ( XX/XX/XXXX ) and the account restriction ( XX/XX/XXXX ) was approximately XXXX hours. The only intervening variable was the XXXX deposit. \n\nXXXX THE 8-STEP PROCESS I completed all 8 steps. Four were identity verification measures : email verification ( already completed ), facial recognition using my driver 's license, verification of two linked card transactions with 4-digit codes, and providing the full number of my new XXXX XXXX debit card. Step XXXX required me to photograph my driver 's license again for address verification, duplicating the document already provided during facial recognition. Steps XXXX and XXXX are the most significant. PayPal required me to provide a written synopsis of the {$64.00} XXXX transaction, including copies of all transaction-related emails between myself and XXXX, and the same for an earlier XXXX deposit. These steps had nothing to do with identity verification. They compelled me to explain what XXXX is as a business, describe how the transaction worked, and surrender my private correspondence with a third-party company. PayPal conditioned my access to my own funds on the production of this information. I complied because I needed the {$64.00} to buy groceries. \n\nXXXX PAYPAL 'S OWN PROMOTION OF CARDCASH ( XXXX ) PayPal 's own help documentation actively directs its users to XXXX. PayPal XXXX XXXX XXXX, currently live at XXXX XXXX XXXXXXXX, states in plain language that users can \" exchange unwanted gift cards for cash in your PayPal balance via XXXX. '' The page provides step-by-step instructions : go to XXXX, enter the merchant 's name and balance amount, click GET OFFER, connect with PayPal, and receive XXXX PayPal balance. I followed this exact process. PayPal is marketing XXXX as a feature of its platform while simultaneously restricting accounts that use it and compelling consumers to justify the very transactions PayPal promoted. \n\nXXXX XXXX XXXX 'S CONDUCT : THE DUAL-FRAMING CONTRADICTION ( XX/XX/year> ) PayPal XXXX XXXX delivered XXXX account restriction via live chat on XX/XX/year>, beginning at approximately XXXX AM CT. I have preserved timestamped screenshots. XXXX XXXX XXXX contradictory framings of the same restriction within the same conversation. \n\nXXXX XXXX ( XXXX ) : XXXX stated : \" Your account is temporarily blocked. We noticed a new PayPal account has been created using your name. We understand this might be concerning, and we want to make sure you're aware of it. For now, some of your account features are temporarily blocked. '' She further stated : \" To protect your account, some of your account features have been blocked. Although you can still receive money, you are blocked from the following ... '' This framing presents the restriction as a protective measure, as though PayPal were safeguarding me from identity theft. \n\nXXXX XXXX ( XXXX ) : Later in the same conversation, after I disclosed my medical condition, XXXX delivered a fundamentally different characterization : \" After a thorough review of your account, we've determined that it presents a risk to our platform. We regularly review all accounts on our platform, and if we identify any potential risk to PayPal, our customers, or our banking partners, an email is sent to notify you that you can no longer use our services. To help protect our security systems, we're unable to disclose the specific details of the risk identified. Any funds in this account will be held for 120 days to help minimize the risk to PayPal from customers who may file disputes or chargebacks. '' These are opposite characterizations delivered by the same agent in the same session. One says PayPal is protecting me ; the other says PayPal is protecting itself from me. The only variable that changed between the XXXX framings was my disclosure of my terminal medical condition and the urgency of my need for funds. The phrase \" presents a risk to our platform '' accuses me, as a person, of being a threat to PayPal. The refusal to \" disclose the specific details of the risk identified '' removes any ability to contest the characterization. \n\nXXXX MEDICAL DISCLOSURES ABSORBED WITHOUT ESCALATION During the XX/XX/XXXX chat session with XXXX, I disclosed my medical condition twice and offered to provide documentation. \n\nXXXX XXXX : I stated : \" What is the address of your XXXX XXXX? I am a endstage XXXX XXXX patient currently at a Status XXXX and on a continuous IV life support medication. These funds are the difference between me eating or not today. '' XXXX 's XXXX : \" I understand this is a critical situation, and I want to help you with your account. However, I can not provide the address of our XXXX XXXX. '' She did not escalate, did not flag it for supervisory review, and did not offer any accommodation. \n\nXXXX XXXX : I stated : \" When will I have access to my balance? I am terminal. '' I offered : \" If you would like a photo of the iv pump as proof, I am happy to provide it. '' XXXX 's XXXX : \" I'm looking into your issue and will update you shortly. Please stay connected. '' A terminally ill person on IV life support disclosed twice, offered photographic documentation, and received a hold-pattern response identical to what would be delivered for a routine login issue. \n\nI had to rephrase my request from \" General Counsel '' to \" mailing address for legal correspondence '' before XXXX would provide : PayPal, Attn : Legal Dept./Civil, XXXX North XXXX XXXX XXXX XXXX XXXX XXXX CA XXXX. This information is required to be provided upon request under Wisconsin law. Its initial refusal created an additional barrier to the exercise of my rights during an interaction in which the agent had full knowledge of my medical condition. \n\nH. MY MEDICAL CONDITION I am an end-stage XXXX XXXX patient, currently classified at Status XXXX on the transplant waiting list at XXXX XXXX XXXX XXXX, Wisconsin. I receive continuous intravenous life support medication. I recorded a video during this experience documenting my medical condition and the circumstances under which PayPal 's restriction was imposed. This video is available upon request.\n\nREQUESTED RELIEF 1. Immediate release of all funds held in my PayPal account, including the {$64.00} XXXX deposit and any other balance. \nXXXX. Written confirmation that no adverse information has been or will be reported to any consumer reporting agency, banking database, or partner institution. \nXXXX. Written explanation identifying the specific policy, term of service, or legal basis for the restriction, which PayPal has refused to provide.\n\n4. Deletion or return of all information collected during Steps 5 and 6 of the 8-step process, including my written narratives about XXXX and my private email correspondence, compelled under duress of a fund hold.\n\n5. Review of PayPal 's practice of restricting accounts for transactions promoted by its own help documentation ( XXXX ). \n6. Review of PayPal 's agent protocols regarding medical disclosures and whether a terminally ill consumer disclosing an immediate food-access emergency warrants escalation rather than scripted responses.\n\nSUPPORTING DOCUMENTATION 1. Chat transcript, XX/XX/year> ( XXXX XXXX, \" fully usable '' representation ) XXXX. Chat transcript, XX/XX/year> ( XXXX XXXX, dual-framing restriction, medical disclosures, General Counsel refusal ) XXXX. Timestamped screenshots of XX/XX/XXXX chat session XXXX. XXXX transaction confirmation ( {$64.00} ) XXXX. XXXX account security process records ( On Request ) XXXX. Video recording of medical condition during restriction event ( On Request ) XXXX. PayPal XXXX XXXX XXXX ( archived ) XXXX. PayPal XXXX record ( NMLS ID XXXX, Wisconsin License # XXXX ) ( On request )","date_sent_to_company":"2026-04-12T20:32:06.000Z","issue":"Trouble accessing funds in your mobile or digital wallet","sub_product":"Mobile or digital wallet","zip_code":"54304","tags":null,"has_narrative":true,"complaint_id":"21174274","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Paypal Holdings, Inc","date_received":"2026-04-12T20:01:49.000Z","state":"WI","company_public_response":null,"sub_issue":null},"highlight":{"complaint_what_happened":["PayPal required me to provide a written synopsis of the {$64.00} <em>XXXX</em> transaction, including copies of all transaction-related emails between myself and <em>XXXX</em>, and the same for an earlier <em>XXXX</em> deposit. These steps had nothing to do with identity verification. They compelled me to <em>explain</em> <em>what</em> <em>XXXX</em> is as a business, describe how the transaction worked, and surrender my private correspondence with a third-party company."]},"sort":[9.695799,"21174274"]},{"_index":"complaint-public-v1","_id":"6482545","_score":9.071038,"_source":{"product":"Money transfer, virtual currency, or money service","complaint_what_happened":"Consumer Financial Protection Bureau\nP.O. Box 2900\nClinton, \nIA 52733-2900 TRUIST BANK  BREACH OF DUTY OF CARE\n \t \t \t \nDear Sir/Madam of the Consumer Financial Protection Bureau,  \n\nPlease take the time to read this information pack as it will explain the reason for my complaint to the Consumer Financial Protection Bureau. \n\nOn XXXX XXXX XXXX, I fell victim to a multilayered scam operation orchestrated\nby XXXX XXXX (the Scammer) and innocently lost XXXX  USD of my hard-earned life-savings.  I advised Truist Bank of this fact on XXXX XXXX XXXX and I havent received any satisfactory response so far.\n\nTruist Bank had a duty to exercise reasonable professionalism, care, pay due to regards to the interest of their customers and follow good industry practices (GIP) to keep customers accounts safe. This includes identifying vulnerable consumers who may be particularly susceptible to scams and looking out for payments which might indicate the consumer is at risk of financial harm.   \n \nSince XXXX XXXX, I have been attempting to resolve this matter with Truist Bank, but they have failed to settle this matter satisfactorily. I have been dealing with Truist Bank in good faith and am deeply disappointed in how they have handled this matter thus far.  \n   \nI find it baffling and reprehensible that my money has been so egregiously misused in a fashion that violates their principles, which call me to defend my rights. This is poorly thought out and vaguely defined nonsense. I doubt they care however since nonsense is what renders unscrupulous businesses financially successful. \nAccordingly, I respectfully insist that Truist Bank covers all overdrafts (560,000.00 USD) on the account. This is fair and reasonable given I was given no appropriate warning about the possibility of a scam. I have been a loyal customer of Truist Bank and have never had any difficulties of this kind before.\n\nFURTHER POINTS FOR CONSIDERATION \n\nThe examples of good and bad practices around investment fraud. Good practice included but was not limited to:\n\tA bank regularly assesses the risk to itself and its customers of losses from fraud, including investment fraud, in accordance with their established risk management framework. The risk assessment does not only cover situations where the bank could cover losses, but also where customers could lose and not be reimbursed by the bank. Resource allocation and mitigation measures are informed by this assessment.\n\tA bank contacts customers if it suspects a payment is being made to an investment fraudster.\n\tA bank has transaction monitoring rules designed to detect specific types of investment fraud. Investment fraud subject matter experts help set these rules.\n\tReal-time payment screening against a well-formulated watch list; transaction monitoring rules designed to detect specific types of investment fraud\n\tBanks actively contacting customers if suspect payments are identified\n\tBanks placing material on investment fraud on its website\n\tWork to detect and prevent investment fraud from being integrated with a banks vulnerable customers initiative\n\nTaking into account the law, regulatory rules and guidance, relevant codes of practice and what should consider having been good industry practice at the time, Truist Bank should reasonably and reasonably consider:\n\tHave been monitoring accountsand any payments made or receivedto counter various risks, including anti-money-laundering, countering the financing of terrorism, and preventing fraud and scams;\n\tHave had systems in place to look out for unusual transactions or other signs that might indicate its customers were at risk of fraud (amongst other things). This is particularly so given the increase in sophisticated fraud and scams in recent years, which banks are generally more familiar with than the average customer; and\n\tIn some circumstances, irrespective of the payment channel used, have taken additional steps, or made additional checks, before processed a payment, or in some cases declined to make a payment altogether, to help protect customers from the possibility of financial harm from fraud.\n\nDespite the regulatory and statutory requirements Truist Bank shall abide by as a licensed and regulated financial institution, instead of detecting patterns, drawing certain conclusions, and taking actions accordingly, Truist Bank may have insufficiently performed some hasty and haphazard review of the transaction(s) regarding the suspicious activities, but it seems that rather than being careful, methodical, and vigilant, they took no notice of what was happening.\n\nPlease be noted that I will not in any way quietly tolerate the consequences of Truist Bank actions (or more precisely, the lack thereof). It is perfectly obvious that they could have, and should have, utilized various risk-based examination procedures and techniques, all of which are within their purview and could have entirely prevented this disastrous outcome.\nAs previously advised, they should have known, suspected, or had reason to suspect that the transactions (or pattern of transactions):\n\tinvolve funds the ultimate purpose of which was to fuel an illegal enterprise;\n\tis intended to disguise funds the ultimate purpose of which was to fuel an illegal enterprise, in an attempt to avoid and thus violate regulations;\n\tis intentionally designed to defraud your customer;\n\tserves no legitimate or lawful purpose; and\n\tinvolve the use of your services to facilitate criminal activity.\n\nThere are so many other ways in which measures related to fraud prevention and mitigation could have been useful. Further factors that should have been taken into consideration include, but are not limited to, the following:\n\tThe timing, volume, frequency, and nature of the transactions in question;\n\tThe abnormality of such transactions against the background of your experience with me as a customer and other entities associated with the transactions (if any);\n\tThe suspicious nature of such transactions based on my overall risk profile including vulnerability and identification and research of high-risk services/products;\n\tSystemic filtering mechanisms, whether manual or automatic, for the identification of unusual activities; and\n\tPeriodic evaluation of the usefulness, appropriateness and effectiveness of anti-fraud programs, and other associated policies and procedures.\n\nRelevant industry practices at the time of the victimization:\nTruist Bank is obliged to take some action if it is sufficiently aware of a real possibility that a fraud may be being perpetuated. If you don't question its customers instructions or raise the possibility of a scam with the customer in these circumstances, it may be liable if the red flags indicate the customer is:\n\tparticularly vulnerable, or\n\tif the possibility of fraud was serious or real, not just suspected.\n\nThere are some recommendations to organizations for protecting customers from financial harm that might occur as a result of fraud or financial abuse; and gives guidance on how to recognize customers who might be at risk, how to assess the potential risks to the individual and how to take the necessary actions to prevent or minimize financial harm.\nThese recommendations are established as a general principle, the organization should deliver a service that:\n\n1)\tTakes a proactive approach to minimizing risks, impact and incidences of financial harm and it sets out systems and tools for the prevention and detection of fraud and financial abuse. As a general point, it says organizations should ensure that all systems are developed using technologies and methodologies that are effective in the prevention of fraud and financial abuse, through authorized and unauthorized payments, thereby minimizing the risk of financial harm to customers. As regards to the detection of fraud and financial abuse, it says the organization:\n\nA) should have measures in place across all payment channels and products to detect suspicious transactions or activities that might indicate fraud or financial abuse. It then lists the following examples of suspicious activity on customer accounts:\na. multiple cheque books;\nb. sudden increased spending;\nc. transfers to other accounts;\nd. multiple password attempts;\ne. logins from new devices, multiple geographical locations;\nf. sudden changes to the operation of the account; Unusual transactions are transactions whose amount, characteristics and frequency bear no relation to the economic activity of the customer, exceed normal market parameters or have no apparent legal justification.\ng. a withdrawal or payment for a large amount;\nh. a payment or series of payments to a new payee;\ni. financial activity that matches a known method of fraud or financial abuse.\n\nB) organizations should have a process in place to ensure that staff make contact with the customer to verify the financial activity, challenge its authenticity, explain the nature of the suspected or detected fraud and discuss an appropriate plan of action.\n\nMy true issue with the bank is their limited understanding of the kind of recall I was requesting to raise. The most common reason for a recall is where the account holder says the transaction was not authorised; a recall can also be claimed if the goods were not received or if the cardholder paid in another way (eg., with cash).\n\nWhilst I am not denying the demand for the reason code, I am emphasizing to the bank that my case falls under a different reason code. Despite providing the bank with the required explanations of my case, Truist Bank preferred to stick with the authorisation issue which has never been raised by me which already shows the banks lack of understanding of how to treat my case.\n\nTruist Bank could have done more at the time of the payment to warn me of the risks of scams\n\tTaking steps to educate their customers about scams.\n\tTaking steps to identify higher risk payments and customers who have a higher risk of becoming a victim of scams.\n\tProviding effective warnings to customers if the bank identifies a scam risk.\n\tTaking extra steps to protect customers who might be vulnerable to scams.\n\tTalking to customers about payments and even delaying or stopping payments where there are scam concerns.\n\tActing quickly when a scam is reported to it.\n\tTaking steps to stop fraudsters from opening bank accounts.\nBanks and other Payment Services Providers (PSPs) do have a duty to protect customers against the risk of financial loss due to fraud and/or to undertake due diligence on large transactions to guard against money laundering. In broad terms, the starting position at law is that a firm is expected to process payments and withdrawals that a customer authorises it to make, in accordance with the Payment Services Regulations and the terms and conditions of the customers account.\nBut, where the consumer made the payment as a consequence of the actions of a fraudster, it may sometimes be fair and reasonable for the bank to reimburse the consumer even though they authorised the payment.  \nI think Truist Bank shouldve had enough knowledge of this type of scam at the time. Truist Bank could have protected me from this; unlike me, the bank knows about the existence of such scams and how you prey on vulnerable victims like myself, taking advantage of lack of knowledge, awareness, and circumstance. Despite the irregularities in my spending and such untypical patterns, not a single contact was made me question what I was doing. The treatment from Truist Bank is compounded by trauma and anxiety and has left me in the awful situation I now find myself in.\nAlthough it was not Truist Bank that scammed me, they had many obligations to protect my Financial Interest - which they did not uphold if you take a quick look at the bank statements you will realise how the transactions were absolutely out of the usual pattern, there was suddenly increased spending, payments for considerably large amounts, series of payments to a new payee and of course financial activity that matched a known method of fraud or financial abuse.\nAll of the above points were not considered by Truist Bank when I was victimised, and no actions were taken to prevent that victimisation. Of course, I appreciate that they might want to act in good faith and uphold my requests to transfer these payments but the code sets out that organisations should have a process in place, to ensure that (i) staff make contact with the customer to verify the financial activity, (ii) challenge its authenticity, (iii) explain the nature of the suspected or detected fraud and (iv) discuss an appropriate plan of action. \n \nTo further simplify the situation with respect to the nature of the transactions, there are circumstances, irrespective of the payment channel used, where a bank should take additional steps, or make additional checks, before processing a payment, or in some cases decline to make a payment altogether, to help protect customers from the possibility of financial harm. This is particularly so in light of the environment created by the increase in sophisticated fraud and scams in recent years - which banks are generally more familiar with than the average customer.\n \nKindly take into account that this case against Truist Bank is not primarily about the scam that happened. My main issue with Truist Bank is its unwillingness to raise a recall under the relevant reason code. It is obvious that they did not take any of my reasonings into account and blatantly focused on the authorisation argument that does not match my case and the issue of whether the transactions were fraudulent according to what is written on the paper. \n\nAnti-Money Laundering Requirements for Financial Institutions and Other Designated Businesses \n\n3.1 What financial institutions and other businesses are subject to anti-money laundering requirements? Describe which professional activities are subject to such requirements and the obligations of the financial institutions and other businesses. The following are subject to the requirement to maintain risk-based AML Programs: \n\n\tBanks, including savings associations, trust companies, credit unions, branches and subsidiaries of foreign banks in the United States, and Edge corporations.\n\tBroker-dealers in securities.\n\tMutual funds. Futures Commission Merchants and Introducing Brokers in Commodities. Money Services Businesses 3.4 What are the requirements for recordkeeping or reporting large currency transactions? When must reports be filed and at what thresholds?\n\nCurrency Transaction Reporting\n\nFinancial institutions (defined as financial institutions under the BSA regulations) must file CTRs with FinCEN on all transactions in (physical) currency in excess of XXXX  (or the foreign equivalent) conducted by, though, or to the financial institution, by or on behalf of the same person, on the same day. 31C.F.R.  1010.310315.\nIt is prohibited to structure transactions to cause a financial institution not to file a CTR or to file an inaccurate CTR by breaking down transactions into smaller amounts at one or more financial institutions over one or more days. 31 C.F.R.  1010.314.\n\nCustomer Due Diligence\nPursuant to regulatory requirements, which became effective May 11, 2018, as part of their AML Programs, certain financial institutions (banks, broker-dealers, mutual funds, FCMs and IB-Cs) must implement formal risk-based CDD programs that include certain minimum elements, including customer identification and verification (under a Customer Identification Program), obtaining information about the nature and purpose of a customers account, ongoing monitoring of customer accounts, obtaining beneficial ownership information at a 25% threshold\nfor legal entity customers and identifying a control person for legal entity customers (with certain exceptions).\n\nThere also is a specific BSA requirement to maintain CDD programs for non-U.S. persons private banking accounts and foreign correspondent accounts. The same covered financial institutions as for CDD programs (banks, broker-dealers, mutual funds, FCMs and IB-Cs) must maintain a CDD program for non-U.S. private banking accounts established on behalf of, or for the benefit of, a non-U.S. person and foreign correspondent customers and an enhanced due diligence (EDD) program for those relationships posing a higher risk. These programs must be designed to detect and report suspicious activity with certain minimum standards. These requirements are based on Section 312 of the PATRIOT Act and are often referred to as Section 312 requirements. 31 C.F.R.  1010.610 (due diligence for foreign correspondent accounts), 1010.620 (due diligence for private banking for non-U.S. persons).\n3.9 What is the criteria for reporting suspicious activity?\n\nFinancial institutions and other businesses subject to the AML Program requirement (except Check Cashers, Operators of Credit Card Systems, and Dealers in Precious Metals, Precious Stones, or Jewels) are required to file SARs with FinCEN under the BSA (and for banks, under parallel requirements of their federal functional regulators). SARs are required where the filer knows, suspects, or has reason to suspect a transaction conducted or attempted by, at\nor through the financial institution: \n\n\tinvolves money laundering;\n\tis designed to evade any BSA regulation or requirement;\n\thas no business or apparent lawful purpose or is not the sort in which a particular customer would engage; or \n\tinvolves the use of the financial institution to facilitate criminal activity or involves any known or suspected violation of federal criminal law. \n\tSee, e.g., 31 C.F.R.  1023.320(c) (SAR requirements for broker-dealers). Generally, the reporting threshold is XXXX or more. For banks, if the suspect is unknown, it is XXXX or more. For MSBs, generally, it is XXXX or more.\n\nIn XXXX XXXX the office of the Senator XXXX XXXX  issued a report called: Facilitating Fraud: How Consumers Defrauded on XXXX are Left High and Dry by the Banks that Created It. These are some of the most important statements mentioned in the report:\nIn XXXX XXXX, Senator XXXX opened an investigation to determine the extent of fraudulent activity on XXXX, and to understand how the company and the banks that own and operate it make consumers whole when they are defrauded on the platform. Senators XXXX XXXX XXXX XXXX  wrote to XXXX seeking information about the frequency of scams and fraud and the companys policies on redressing consumers who have been defrauded. \nThe information provided by XXXX revealed that an estimated XXXX XXXX was lost by XXXX users through frauds and scams in 2021, but that the banks that participate in the network appear not to have provided sufficient recourse to their customers. In particular, XXXX response indicated that XXXX  facilitates fraudulent activity of many kinds That includes activity in which a users account is accessed by a bad actor and used to transfer a payment  often called unauthorized transactions  and activity in which a user is fraudulently induced into transferring a payment to a bad actor  often referred to by XXXX and XXXX-participant banks as authorized transactions.\nSenators XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX then sent letters to the seven big banks that own and operate XXXX parent company to determine the extent of the problems with illegal and fraudulent activity, and to determine how banks were helping consumers who lost money on the platform.\nAt nearly every turn, most of the big banks have stonewalled, refusing to provide the information requested by members of Congress. However, Senators XXXX XXXX XXXX finally obtained commitments from several of the banks CEOs that they would provide the information on XXXX to Congress during a Committee on Banking, Housing, and Urban Affairs hearing on XXXX XXXX XXXX\nOverall, the three banks that provided complete data sets  XXXX XXXX XXXX XXXX, and Truist  reported 35,848 cases of scams, involving over XXXX  million of payments in XXXX  and the first half of XXXX. In the vast majority of these cases, the banks did not repay the customers that reported being scammed. Overall these three banks reported repaying customers in only 3,473 cases (representing nearly 10% of scam claims) and repaid only XXXX XXXX  (representing 11.2% of payments).\nThe findings of this report reveal that fraud and theft on XXXX are widespread and growing, with consumers losing XXXX  each year. The banks that own and profit from the platform are failing to make their customers whole for both authorized and unauthorized fraudulent transactions, while refusing to release information publicly or to their customers that could help keep all consumers safe. Given this uncertain landscape and the banks abdication of responsibility, regulatory clarity is needed to further protect XXXX  users.\nThe CFPB has regulatory authority over peer-to-peer platforms including XXXX, and is reportedly considering issuing guidance to push banks to cover more fraudulently induced transactions, a move that would greatly improve consumer protections on peer-to-peer platforms like XXXX The agency should act to clarify and strengthen Regulation E and include fraud in the Regulations error resolution purview, increasing the responsibility of banks to keep XXXX safe and to ensure that consumers will be protected. The banks that created and profit off of XXXX should be pushed to protect their consumers from bad actors on their platform, and regulators should step in to ensure a fair and consistent process for everyone.\nFrom the report issued by the office of Senator XXXX XXXX, it is clear that the banks dont treat scam victims fairly, only 10% of scam victims get a compensation from the bank, while others just left suffering. Even more, banks keep getting their profit, while more and more people keep being scammed, hacked, simply saying, losing their hard-earned funds.\nAs it is mentioned in the report, such organizations as CFPB should issue a guidance in which it will be written how step-by step, financial institutions need to check each and every transaction that looks suspicious, especially those which are sent to a new payee (e.g., cryptocurrency platforms). In case if the financial institution doesnt follow these rules and their customer is scammed, it shouldnt be blamed only as a victims guilt. Financial institutions need to take their responsibility as well and provide their customer with a decent compensation.\n\nDesired outcome: Truist Bank has to put things into the right perspective for me by reversing the total amount of XXXX  USD paid to scammers as I have suffered a great loss because of this fraud, it had affected me personally, emotionally and financially. \n\n\nYours sincerely, \n\nXXXX XXXX","date_sent_to_company":"2023-01-24T12:46:36.000Z","issue":"Fraud or scam","sub_product":"International money transfer","zip_code":"20852","tags":null,"has_narrative":true,"complaint_id":"6482545","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"TRUIST FINANCIAL CORPORATION","date_received":"2023-01-24T12:41:22.000Z","state":"MD","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":null},"highlight":{"complaint_what_happened":["Broker-dealers in <em>securities</em>.\n\tMutual funds. Futures Commission Merchants and Introducing Brokers in Commodities. Money Services Businesses 3.4 <em>What</em> are the requirements for recordkeeping or reporting large currency transactions? When must reports be filed and at <em>what</em> thresholds?"]},"sort":[9.071038,"6482545"]},{"_index":"complaint-public-v1","_id":"12253716","_score":8.900459,"_source":{"product":"Checking or savings account","complaint_what_happened":"I have evidence that someone has either cloned the USAA XXXX system/database, or an employee got paid to provide internal information, or a hacker has control of the USAA XXXX  system/database. I also have evidence that USAA is at fault, and has acted very suspiciously without exception in this case.\n\nFor several years, I have been a senior IT consultant with a major IT firm. Part of my role is catching scammers and being an educator on cyber security. \n\nIve been dealing with an imposter claiming to be USAA XXXX  XXXX. On the evening of XXXX, this individual was able to send identical fraud alert texts in the format of known USAA fraud alerts - still, I didnt click anything in these messages, nor interact with these alert texts in any way.\n\nApproximately one minute later, I received a call from a 210 area code number that routes back to USAA when called. This number was listed on my phone as XXXX. When dialed, this routed to the identical call flow same as their primary XXXX number. Additionally, this is the identical result of other 210 area code USAA numbers provided online via USAA's website.\n\nThis individual claimed to be USAA XXXX XXXX, providing the name \"XXXX\" and an employee ID number. They didnt ask for any info, or to click or provide any information. \n\nInstead - they politely proceeded through a detailed fraud review of my account, taking several minutes. Without my saying anything but yes this is he, they already had literally every detail of recent activity within my account ready and accessible, which they offered to me proactively, seeking to verify each transaction, per standard fraud practices, patiently and thoroughly. \n\nThe individual already had all my recent banking information with vendors used, amounts, dates, everything. They already had it handy, with exact names, and were asking was this charge of X to vendor Y initiated by you on Z date? Do you trust X vendor? Again - I was not my providing nor asked for any info, not changing my password, had not clicked anything. \n\nThey already had all this information at the beginning of the call, and took the time to ask about each charge over the last week in detail - offering from their side.\n\nThey also already knew this was the second fraud alert Id gotten in a week, without my providing this info to them. I'd been alerted on XXXX of suspicious charges to my account via USAA texts, and was later called by a USAA agent to verify, with a much less thorough approach than this individual. In that case on XXXX, the charges were noted as fraudulent, then refunded quickly. \n\nThis individual already knew the exact details of these suspicious XXXX charges - verifying them by name of vendor and amount (offered by them, not me) as part of their thorough vetting of my recent account activity details. They only asked I answer \"yes\" or \"no\" for the legitimacy of the charges they would list proactively from their side.\n\nThe individual stated, being that this was my second recent suspicious activity alert in a week (their words), that USAA felt they needed improvement with fraud management. The OCC issue a third cease and desist to USAA in five years on these specific practices and others on XXXX \n\nWith a very elaborate, very highly detailed story, told patiently, the individual told me this was an internal investigation from the Cyber Security team into data leaks suspected to have been done by internal personnel within USAA. They explained IT security practices very well, in detail, taking several minutes.\n\nThey said their department was reaching out based on the fact that this was - as they offered, I did not - my second suspicious activity alert in the past week. They said this was a new kind of attack on USAA member data that had been recently noted, and to address it appropriately, USAA was making sure to take a more proactive and thorough in securing our account to prevent further attacks, as they'd noted patterns of abuses happening six times in certain cases. Again, they had all these details already, and I had not made any changes to my credentials/revealed any information about my account.\n\nThey said they'd found evidence that 6,000 USAA members data had been leaked from individuals suspected as internal to the organization, and that they were taking a more proactive stance as a new matter of company policy to improve their security and fraud practices.\n\nThey also already knew and provided, without my divulging, the last 4 of a new debit card being sent to me after the XXXX suspicious alerts. I had not received the card yet, nor been able to view this information in the app yet. They were the first to provide me this information, which was then shown as accurate later via the USAA app.\n\nThen, still without my having provided info, or changed a password, or anything clicked/engaged with - they walked me through (very patiently and accurately, from an IT practice standpoint) how scammers/data leaks can be caught via the use of honeypots.\n\nWhile Im on the call, still havent done anything/provided anything sensitive (just confirming I am the one talking on the phone), they immediately deposited XXXX into my account. They literally said here we go - watch, we're depositing XXXX internally to facilitate these honeypot tests - and XXXX  was there, and applied to our account immediately in front of my eyes. I had only logged in per my usual security settings, not giving any info to the individual. The funds were available immediately.\n\nThe check deposited instantly was addressed to someone elses name and signature on it, but had my name and checking account number already typed in to the deposit slip. This account number, as with all other info, was something I had not provided - they had not even asked about the account number from their side. But there it was, my account number already typed in on a deposit slip and registered to my checking account via Mobile Deposit, funds instantly available.\n\nThey said I could see that theyre able to access my account internally without issue, claiming to have admin status, which they repeatedly demonstrated. They said this was for triggering USAA honeypots as part of their internal investigation.\n\nThen, as part of this very complex story about 6,000 USAA accounts being breached via suspected dark web activity, they stated for their investigation to work, I should attempt to send out honeypot tests to all confirmed USAA-owned test accounts on the platforms Paypal, CashApp, and Venmo. \n\nThey said you can see were able to instantly deposit money into your account without issue. Were auditing this process and will be reimbursing you in the same way for any additional expenses. We have the demonstrated capability of internal control of your account.\" \n\n\"We appreciate your cooperating with us very much - your account is now locked due to the suspicious activity, but this could help speed up the process of getting you clear and safe, as well as help prevent other customers from suffering abuse from these bad actors. Your account is part of a very large, complex internal investigation affecting 6,000 USAA customers. \n\nThey were very cordial, and didnt initially have much urgency, taking the time to accurately explain details of processes have been known in the IT field as valid means to catch scammers.\n\nThey then said we needed to get to the root of whats going on internally with USAA with this high-level investigation - needing to call in to USAA Support and Fraud to say nearly all of these tests are not us, but this one is us, so to facilitate the honeypot test, and to prevent all attempts from being treated as suspicious.\n\nWhile in hindsight the sending request may seem obvious - their descriptions of these processes was in line with modern Cyber Security practices, and further, when calling into USAA via their main line of XXXX, the USAA reps all behaved very suspiciously, and in exact accordance with what the individual said would happen - word for word.\n\nThe individual had notified us Monday night XXXX our account was locked due to this new alert he was calling about, soon confirmed by the display in the USAA app, pending the completion of this investigation to stop the data leak. \n\nThe malicious individual was able to tell me in exact detail what would happen with USAA reps on each call, every time, from the kind of behavior to the exact words that would be used, even the policy message onscreen that the USAA rep would read off. \n\nThese calls began the morning of Tuesday, XXXX, and all USAA reps continued only to prove the seeming truth of the individual's story.\n\nThe individual was able to provide such details as \"They will need to take a long pause, claiming they're reading account notes. This will last several minutes. They won't be able to tell you anything specific, they won't review charges, except that, like I've told you, they'll say there's a high-level internal investigation ongoing. But they'll say they'll make notes on your account, and they'll get back to you later.\"\n\nThe USAA reps, time and time again, would prove the malicious individual exactly right. \n\nNo matter whom I talked with, or what department, the rep would pull up my info, state \"I need to read some notes on your account,\" delay for at least 10 minutes, sometimes longer, sometimes saying they needed to discuss something with a colleague or supervisor. Then, they would refuse to provide any specific information about our own account.\n\nThe USAA reps would only state theres an ongoing high-level internal investigation going on. We cant tell you anything at this point, please wait till we can review. These exact same results, per the individual's words, continued for a week, during multiple hours of phone calls attempted daily, going from XXXX  nearly all day every day.\n\nOver and over, the malicious individual (who had a deep voice and a thick French accent) was able to tell me exactly what the next USAA rep would say, verbatim, what would be discussed, and what would not be discussed - they knew the USAA system inside and out, the policy messages provided, and proved continually they were in control via the app. \n\nTheir assertions were additionally supported by official USAA emails on status updates as well. \"You'll get a vague email notifying you of this\" - we would receive the email. Then, they'd stated \"good - this is confirmation we've gotten another step done in this complex investigation. We really appreciate your continued cooperation - would you be willing to provide feedback to USAA?\"\n\nWhen I asked for employee IDs and extensions of the USAA phone reps, as recommended by USAA anti-scam practices, the reps in the Fraud department gave me word-for-word the same answer as this Cyber Security imposter had already provided me for their department when I asked - sorry, we just dont have extensions for this department. These USAA call reps also repeatedly refused to provide employee IDs, another recommendation from USAA anti-scam practices.\n\nThis behavior was exhibited on calls on XXXX, as well as another call on XXXX. The malicious individual would always claim \"this investigation they're reading about is being handled by my department, but these reps don't have the access, or are not authorized to say this is being done by the Cyber Security team. We're making sure to take note of any suspicious behavior from USAA reps in these calls, and auditing all activity in your account for reimbursement.\"\n\nThis person knows USAAs system better than anyone else Ive talked to. They were able to deposit this XXXX  with no issue in front of us instantly, read off all our account info with exact specifics, continually appeared to restore our access in the app when our account would be locked out repeatedly, and tell us word-for-word and step-by-step what each USAA phone rep would say. They had all this info already, at the beginning of our call Monday evening XXXX, without any actions or info given on our part.\n\nThrough the next few days - Tuesday XXXX  through Thursday XXXX, no matter what we stated to USAA reps in the way of \"this charge is not legitimate, we don't recognize this XXXX  deposit\" - all payments and deposits were applied to our account in the following days. \n\nHowever, during this time, the USAA app continually stated it was having issues displaying our account information. Our real balance kept being hidden from us, with a wildly different set of results showing. The individual would repeatedly restore our access - calling in to say \"are you able to get in now?\" after we we'd been locked out, then taking credit when we were continually unlocked - \"great! call you later.\"\n\nThe suspicious and entirely dismissive treatment from USAA reps continued without exception. I didnt know who to trust - they were clearly hiding something, and it appeared this malicious individual, in control of the app and knowing of all sides of USAA systems, was explaining why, as they could accurately forecast every detail of USAA rep's behavior.\n\nThis individual was repeatedly able to restore my access on the app when Id be locked out, though I'd not clicked any links or received any such from the individual. They were not using typical spammer techniques. They had initially called in with all my account information proactively offered per a standard fraud investigation, and demonstrated they knew USAA's systems and practices far more accurately and thoroughly than anyone else.\n\nWith these access issues, they'd repeat got that taken care for you, you can see we're here inside USAA.\" They asserted the need to have 8am phone meetings on XXXX XXXX, and XXXX, providing detailed \"progress reports\" with what info they said could be released as far as the investigation was concerned. They took the time to spend many hours with us on the phone, and were never direct in trying to obtain information.\n\nEven though I spent hours on the phone with USAA, and told them this XXXX check wasnt me, and \"this X charge is not legitimate,\" they have been nothing but suspicious, secretive, and entirely dismissive. All charges have now been applied, and at this time over a week later, no urgency or concern has been sufficiently demonstrated from USAA with this decimation of our account. \n\nThough we reported the check deposited as suspicious the following day (reported XXXX  after the XXXX deposit from the individual), USAA refused to recognize this request, and only days later when the check was put in a \"returned\" status was the transaction no longer applied to our account, in spite of all the signs of fraud, on XXXX.\n\nAll this time, from XXXX  on, our account was locked, with no access to any funds, pending the results of this high-level internal investigation.\n\nWe reached out to USAA Abuse via their XXXX to inquire of this individual's name, employee ID, and department being correct on XXXX as directed by USAA Abuse reps. We have received no response.\n\nThe USAA app was continually showing inaccurate information all the week of XXXX, with messages indicating trouble with displaying account information, and to please check later. As a result, it appeared these charges were not being applied to our account, and somehow these \"tests\" were being facilitated per the malicious individual's description. \n\nI noted the charges beginning to be applied on XXXX, and then the XXXX  check being placed in the status of \"returned.\" I immediately severed all contact with the malicious individual. We made every step to secure our accounts, making a full sweep of swapping out every aspect of each credential and utilizing biometrics.\n\nWith all this confusion via phone and every rep we spoke with, on XXXX, my wife and I went in person to the largest USAA Federal location in XXXX XXXX, by their XXXX XXXX headquarters (or former headquarters now, still a massive USAA complex). We arrived with laptop, phones, and much evidence organized, saying Ive been the victim of a cyber crime, I need to talk with someone in person and share my evidence and story so we can secure our account and help stop this individual.\n\nI was prepared to provide verbose technical details which would be essential to any suspicious investigation, and expected to have our concerns treated seriously. I explained my credentials as an IT consultant with a major firm and our willingness to work with USAA.\n\nInstead, the desk representative openly mocked me, condescended to me as though I was an idiot, failed to listen to the context of the issue, then repeatedly refused to let me talk to anyone, citing policy. They forced me to make more calls to other USAA departments from a cubicle - I did so for multiple hours from the USAA Bank lobby, shocked at this lack of concern and empathy for such a serious string of events.\n\nEven though Ive given thorough history and details of this week of XXXX,  reported these charges/\"tests\" as done under duress from with the context of this individual already holding our account hostage - USAA has had no urgency, applied everything against my account, and demonstrated a refusal to read documents Ive uploaded detailing the events. \n\nWe engaged in a full week of calls with USAA reps, XXXX Without fail, they always took several minutes to \"read some account notes,\" taking very long pauses (usually at least 10 minutes), then responded only with noting in your account - please wait for our review. \n\nUSAA has thus far repeatedly denied any unusual behavior on the account, and shamed us for our supposedly negligent behavior, when it is their practices with our data that have already been classified criminally negligent by a federal regulator such as the OCC.\n\nIve had many USAA reps behaving suspiciously - demanding payments with urgency, pressuring us get them to process payments immediately for us, refusing to provide employee IDs or any extensions/means to call back in.\n\nThis all on their XXXX  number, which they continually demand as the only method of contact.\n\nThe same treatment from USAA has continued into the present - even more gaslighting, mockery of my intelligence, assertion I must prove myself trustworthy to them, even after having been a customer in good standing for 10 years. \n\nThey always taking long pauses to read notes, often say they need to converse with a colleague, then are unable to provide any info, repeated the lines about an high-level internal investigation, and adhering exactly to the malicious individual's forecasts.\n\nUSAA has thus far claimed via email and phone that no suspicious activity has been found on our account since XXXX. \n\nUSAA has repeatedly demanded I work this out with them via phone, in spite of the details of this extensive case. I have refused, calling in to the Fraud department on XXXX  to note on the record that I do not consent to any discussion of my account info over the phone. \n\nI have specified this is due to the nature and context of this case, all via supposedly legit USAA numbers. Ive stipulated the request to meet in person with a qualified representative.\n\nThus far, USAA continues to show neither concern nor urgency, asserting we are the guilty party. They have openly refused to listen in spite of multiple days of many hours of phone interaction. They have treated us with contempt and condescension.\n\nThe amount taken by the individual seems is at least XXXX and may be as much as XXXX - the USAA app still keeps changing the specifics, and has continually been unreliable with the info displayed.\n\nThis malicious individual already possessed clear access/control with USAA systems and has looted our account for many thousands of dollars we do not have. \n\nUSAA's actions have always supported the predictions of the individual, while also being incredibly inappropriate and strangely secretive. \n\nIn the midst of this trauma, not being able to trust anyone, our account held hostage but not taken seriously - it has been very difficult to be treated as a liar and a fool entirely at fault with no just cause for complaint by USAA. \n\nWhile this was a case of social engineering - it is not limited to social engineering with us. This all began and was directly caused by the individual already having clear access to our account information as well as USAA systems.\n\nThe continually suspicious practices and outright dismissal from USAA reps and official emails are playing a major role.\n\nWe've been made aware of a number of coverups done in remarkably similar instances since the new CEO of USAA took over, in addition to three cease and desist orders from the OCC in five years (most recently XXXX, others in XXXX and XXXX, unresolved) relevant to these exact practices and departments. \n\nIt is well-established that USAA has been repeatedly criminally neglectful in the management of customer data, up to and including the present. We are living proof of this criminal negligence.\n\nThis individual was already in, already had all our information, and used their pre-existing access to abuse our bank account beyond what we'd thought was possible with existing USAA security measures.\n\nGiven USAA's demonstrated record, and legal precedence, it is clear this gross mismanagement is currently abusing many loyal customers.\n\nWe believe, given the continually suspicious and scamlike behavior from USAA reps on multiple officially verified channels, that there is much more to this story. We have seen over and over that USAA is attempting to hide information from us, and it would seem very likely there is at least some level of internal involvement with this malicious individual. \n\nUSAA is refusing to acknowledge this issue appropriately, and it is quite clear customer data continues to be in danger via USAA's cited criminal negligence.","date_sent_to_company":"2025-02-27T23:23:29.000Z","issue":"Managing an account","sub_product":"Checking account","zip_code":"78244","tags":null,"has_narrative":true,"complaint_id":"12253716","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"UNITED SERVICES AUTOMOBILE ASSOCIATION","date_received":"2025-02-27T23:09:03.000Z","state":"TX","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Deposits and withdrawals"},"highlight":{"complaint_what_happened":["The OCC issue a third cease and desist to USAA in five years on these <em>specific</em> practices and others on <em>XXXX</em> \n\nWith a very elaborate, very highly detailed story, told patiently, the individual told me this was an internal investigation from the Cyber <em>Security</em> team into data leaks suspected to have been done by internal personnel within USAA. They <em>explained</em> IT <em>security</em> practices very well, in detail, taking several minutes."]},"sort":[8.900459,"12253716"]},{"_index":"complaint-public-v1","_id":"5916248","_score":8.880444,"_source":{"product":"Money transfer, virtual currency, or money service","complaint_what_happened":"Dear Sir/Madam of the Consumer Financial Protection Bureau XXXX XXXX XX/XX/XXXX, I fell victim to a multilayered operation orchestrated by XXXX XXXX XXXX and a scammer called XXXX XXXX XXXX the Company ) and lost XXXX USD of my hard-earned funds. I advised Bank of the West of this fact on XX/XX/XXXX and I havent received any satisfactory response so far. Their sophisticated, manipulative, aggressive emotionally/psychologically driven sales tactics specifically tuned in to my personal circumstances was a deliberate and vicious financial crime on me as a vulnerable and unsuspecting individual. I also understand now that there is a multimillion-pound  industry out there with such Company operating to effectively steal people 's money using these tactics. Bank of the West had a duty to exercise reasonable professionalism, care, pay due to regards to the interest of their customers and follow good industry practices ( GIP ) to keep customers accounts safe. This includes identifying vulnerable consumers who may be particularly susceptible to scams and looking out for payments which might indicate the consumer is at risk of financial harm. Since XX/XX/XXXX, I have been attempting to resolve this matter with Bank of the West, but they have failed to settle this matter satisfactorily. I have been dealing with Bank of the West in good faith and am deeply disappointed in how they have handled this matter thus far. \nfind it baffling and reprehensible that my money has been so egregiously misused in a fashion that violates their principles, which call me to defend my rights. This is poorly thought out and vaguely defined nonsense. I doubt they care however since nonsense is what renders unscrupulous businesses financially successful. \nAccordingly, I respectfully insist that Bank of the West covers all overdrafts ( XXXX USD ) on the account. This is fair and reasonable given I was given no appropriate warning about the possibility of a scam. I have been a loyal customer of Bank of the West and have never had any difficulties of this kind before. \nFURTHER POINTS FOR CONSIDERATION Despite the regulatory and statutory requirements Bank of the West shall abide by as a licensed and regulated financial institution, instead of detecting patterns, drawing certain conclusions, and taking actions accordingly, Bank of the West may have insufficiently performed some hasty and haphazard review of the transaction ( s ) regarding the suspicious activities, but it seems that rather than being careful, methodical, and vigilant, they took no notice of what was happening. \nPlease be noted that I will not in any way quietly tolerate the consequences of Bank of the West actions ( or more precisely, the lack thereof ). It is perfectly obvious that they could have, and should have, utilized various risk-based examination procedures and techniques, all of which are within their purview and could have entirely prevented this disastrous outcome. \nAs previously advised, they should have known, suspected, or had reason to suspect that the transactions ( or pattern of transactions ) : involve funds the ultimate purpose of which was to fuel an illegal enterprise ; is intended to disguise funds the ultimate purpose of which was to fuel an illegal enterprise, in an attempt to avoid and thus violate regulations ; is intentionally designed to defraud your customer ; serves no legitimate or lawful purpose ; and involve the use of your services to facilitate criminal activity. \nThere are so many other ways in which measures related to fraud prevention and mitigation could have been useful. Further factors that should have been taken into consideration include, but are not limited to, the following : The timing, volume, frequency, and nature of the transactions in question ; The abnormality of such transactions against the background of your experience with me as a customer and other entities associated with the transactions ( if any ) ; The suspicious nature of such transactions based on my overall risk profile including vulnerability and identification and research of high-risk services/products ; Systemic filtering mechanisms, whether manual or automatic, for the identification of unusual activities ; and Periodic evaluation of the usefulness, appropriateness and effectiveness of anti-fraud programs, and other associated policies and procedures. \nThere are some recommendations to organizations for protecting customers from financial harm that might occur as a result of fraud or financial abuse ; and gives guidance on how to recognize customers who might be at risk, how to assess the potential risks to the individual and how to take the necessary actions to prevent or minimize financial harm. \nThese recommendations are established as a general principle, the organization should deliver a service that : 1 ) Takes a proactive approach to minimizing risks, impact and incidences of financial harm and it sets out systems and tools for the prevention and detection of fraud and financial abuse. As a general point, it says organizations should ensure that all systems are developed using technologies and methodologies that are effective in the prevention of fraud and financial abuse, through authorized and unauthorized payments, thereby minimizing the risk of financial harm to customers. As regards to the detection of fraud and financial abuse, it says the organization : A ) should have measures in place across all payment channels and products to detect suspicious transactions or activities that might indicate fraud or financial abuse. It then lists the following examples of suspicious activity on customer accounts : a. multiple cheque books; b. sudden increased spending ; c. transfers to other accounts ; d. multiple password attempts ; e. logins from new devices, multiple geographical locations ; f. sudden changes to the operation of the account ; Unusual transactions are transactions whose amount, characteristics and frequency bear no relation to the economic activity of the customer, exceed normal market parameters or have no apparent legal justification. \ng. a withdrawal or payment for a large amount ; h. a payment or series of payments to a new payee ; i. financial activity that matches a known method of fraud or financial abuse. \nB ) organizations should have a process in place to ensure that staff make contact with the customer to verify the financial activity, challenge its authenticity, explain the nature of the suspected or detected fraud and discuss an appropriate plan of action. \nBank of the West could have done more at the time of the payment to warn me of the risks of scams Taking steps to educate their customers about scams Taking steps to identify higher risk payments and customers who have a higher risk of becoming a victim of scams Providing effective warnings to customers if the bank identifies a scam risk Taking extra steps to protect customers who might be vulnerable to scams Talking to customers about payments and even delaying or stopping payments where there are scam concerns Acting quickly when a scam is reported to it Taking steps to stop fraudsters from opening bank accounts Banks and other Payment Services Providers ( PSPs ) do have a duty to protect customers against the risk of financial loss due to fraud and/or to undertake due diligence on large transactions to guard against money laundering. In broad terms, the starting position at law is that a firm is expected to process payments and withdrawals that a customer authorises it to make, in accordance with the Payment Services Regulations and the terms and conditions of the customers account.\n\nBut, where the consumer made the payment as a consequence of the actions of a fraudster, it may sometimes be fair and reasonable for the bank to reimburse the consumer even though they authorised the payment. \nBank of the West could have protected me from this ; unlike me, the bank knows about the existence of such scams and how you prey on vulnerable victims like myself, taking advantage of lack of knowledge, awareness, and circumstance. Despite the irregularities in my spending and such untypical patterns, not a single contact had made me question what I was doing. The treatment from Bank of the West is compounded by trauma and anxiety and has left me in the awful situation I now find myself in. \nAlthough it was not Bank of the West that scammed me, they had many obligations to protect my Financial Interest- which they did not uphold if you take a quick look at the bank statements you will realise how the transactions were absolutely out of the usual pattern, there was suddenly increased spending, multiple transfers on a single day, payments for considerably large amounts, series of payments to a new payee and of course financial activity that matched a known method of fraud or financial abuse. \nAll of the above points were not considered by Bank of the West when I was victimised, and no actions were taken to prevent that victimisation. Of course, I appreciate that they might want to act in good faith and uphold my requests to transfer these payments but the code sets out that organisations should have a process in place, to ensure that ( i ) staff make contact with the customer to verify the financial activity, ( ii ) challenge its authenticity, ( iii ) explain the nature of the suspected or detected fraud and ( iv ) discuss an appropriate plan of action. \nAnti-Money Laundering Requirements for Financial Institutions and Other Designated Businesses 3.1 What financial institutions and other businesses are subject to anti-money laundering requirements? Describe which professional activities are subject to such requirements and the obligations of the financial institutions and other businesses. The following are subject to the requirement to maintain risk-based AML Programs XXXX Banks, including savings associations, trust companies, credit unions, branches and subsidiaries of foreign banks in the United States XXXX and Edge corporations. \nBroker-dealers in securities. \nMutual funds. \nFutures Commission Merchants and Introducing Brokers in Commodities.\n\nMoney Services Businesses 3.4 What are the requirements for recordkeeping or reporting large currency transactions? When must reports be filed and at what thresholds? \nCurrency Transaction Reporting Financial institutions ( defined as financial institutions under the BSA regulations ) must file CTRs with FinCEN on all transactions in ( physical ) currency in excess of {$10000.00} ( or the foreign equivalent ) conducted by, though, or to the financial institution, by or on behalf of the same person, on the same day. 31C.F.R. 1010.310315.\n\nIt is prohibited to structure transactions to cause a financial institution not to file a CTR or to file an inaccurate CTR by breaking down transactions into smaller amounts at one or more financial institutions over one or more days. 31 C.F.R. 1010.314. \nCustomer Due Diligence Pursuant to regulatory requirements, which became effective XX/XX/XXXX, as part of their AML Programs, certain financial institutions ( banks, broker-dealers, mutual funds, FCMs and IB-Cs ) must implement formal risk-based CDD programs that include certain minimum elements, including customer identification and verification ( under a Customer Identification Program ), obtaining information about the nature and purpose of a customers account, ongoing monitoring of customer accounts, obtaining beneficial ownership information at a 25 % threshold for legal entity customers and identifying a control person for legal entity customers ( with certain exceptions ). \nThere also is a specific BSA requirement to maintain CDD programs for non-U.S. persons private banking accounts and foreign correspondent accounts. The same covered financial institutions as for CDD programs ( banks, broker-dealers, mutual funds, FCMs and IB-Cs ) must maintain a CDD program for non-U.S. private banking accounts established on behalf of, or for the benefit of, a non-U.S. person and foreign correspondent customers and an enhanced due diligence ( EDD ) program for those relationships posing a higher risk. These programs must be designed to detect and report suspicious activity with certain minimum standards. These requirements are based on Section 312 of the PATRIOT Act and are often referred to as Section 312 requirements. 31 C.F.R. 1010.610 ( due diligence for foreign correspondent accounts ), 1010.620 ( due diligence for private banking for non-U.S. persons ). \n3.9 What is the criteria for reporting suspicious activity?\n\nFinancial institutions and other businesses subject to the AML Program requirement ( except Check Cashers, Operators of Credit Card Systems, and Dealers in Precious Metals, Precious Stones, or Jewels ) are required to file SARs with FinCEN under the BSA ( and for banks, under parallel requirements of their federal functional regulators ). SARs are required where the filer knows, suspects, or has reason to suspect a transaction conducted or attempted by, at or through the financial institution : involves money laundering ; is designed to evade any BSA regulation or requirement ; has no business or apparent lawful purpose or is not the sort in which a particular customer would engage ; or involves the use of the financial institution to facilitate criminal activity or involves any known or suspected violation of federal criminal law.\n\nSee, e.g., 31 C.F.R. 1023.320 ( c ) ( SAR requirements for broker-dealers ). Generally, the reporting threshold is {$5000.00} or more. For banks, if the suspect is unknown, it is {$25000.00} or more. For MSBs, generally, it is {$2000.00} or more.\n\nIn summary, I respectfully request Consumer Financial Protection Bureau to review my points above, given your influence and obligations to provide : The duty of care they owe me as my bank.\n\nThe position I hold as loyal customer and their own intellectual knowledge, which has been overlooked in this case ; to be applied in a professional manner being justified as part of their banking services to their customers.\n\nThey should have noticed it in my transaction history that I have not done any transaction nor released such a large amount of money in foreign currency since I became their customer.\n\nDesired outcome : Bank of the West has to put things into the right perspective for me by reversing the total amount of XXXX USD paid to scammers as I have suffered a great loss because of this fraud, it had affected me personally, emotionally and financially. \nYours sincerely, XXXX XXXX XXXX","date_sent_to_company":"2022-08-25T15:26:35.000Z","issue":"Fraud or scam","sub_product":"International money transfer","zip_code":"91304","tags":null,"has_narrative":true,"complaint_id":"5916248","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"BANK OF THE WEST","date_received":"2022-08-25T15:06:21.000Z","state":"CA","company_public_response":null,"sub_issue":null},"highlight":{"complaint_what_happened":["The following are subject to the requirement to maintain risk-based AML Programs <em>XXXX</em> Banks, including savings associations, trust companies, credit unions, branches and subsidiaries of foreign banks in the United States <em>XXXX</em> and Edge corporations. \nBroker-dealers in <em>securities</em>. \nMutual funds. \nFutures Commission Merchants and Introducing Brokers in Commodities.\n\nMoney Services Businesses 3.4 <em>What</em> are the requirements for recordkeeping or reporting large currency transactions?"]},"sort":[8.880444,"5916248"]},{"_index":"complaint-public-v1","_id":"5767594","_score":8.35049,"_source":{"product":"Money transfer, virtual currency, or money service","complaint_what_happened":"Re : Bank of America Case Number : XXXX This description of the case and supporting documents concern Bank of America checking account # XXXX, registered as a corporate account opened in XXXX under the name XXXX XXXX XXXX XXXX XXXX XXXX The company is registered as a California XXXX XXXX and has been since XXXX. \n\nDuring the intervening 22 years the account has been maintained spotlessly without a single returned item, incoming or outgoing. I have generally received adequate service from the bank, including credits for a handful of suspicious transactions over the years. \n\nAll of that came to an abrupt halt on XX/XX/XXXX when I received an email notice to the effect that I had sent {$15000.00} to XXXX XXXX XXXX. \nThe notice identifies my account as well as his : XXXX - XXXX Confirmation number on the notice : XXXX I know no such person and never authorized this transfer, which the bank fortunately blocked, though it is interesting that when I still had access to my account before it was closed, this transaction appeared on my statement as blocked but subsequently disappeared entirely from my online account record. \n\nI received two other notices that day to the effect that XXXX XXXX ( XXXX ) and XXXX XXXX ( XXXX had been added to my list of XXXX recipients. \n\nI did not add any of these individuals to my XXXX account as recipients. \n\nAs the notices instructed, I called the bank immediately and was told these were Phishing emails and that said individuals were not on my recipients list and would be blocked from further activity. \n\nA couple of noteworthy footnotes to this exchange : XXXX is a production account that usually has a fairly low balance ( under {$5000.00} ) between productions but by a rather interesting coincidence on XX/XX/XXXX, had received an incoming wire transfer for production expenses of {$28000.00} and on XX/XX/XXXX, showed an unusually high balance of {$29000.00}. \n\nAlso, I have never received in numerous calls and exchanges of letters with BofA XXXX Department any explanation of how these names appeared on my XXXX recipients list without my putting them there. In the attached document you will find a copy of the authorized list, including myself, the latter added after a phone call received the next day, ostensibly from an employee at the bank with fraudulent instructions. \n\nI find these coincidences hard to explain. How did anyone know the account was suddenly flush? How did anyone obtain the ability to add to my XXXX recipients list from outside the bank with no participation on my part? \n\nI suspect the truthful answers to these questions would be less than flattering to BofA security. \n\nOn XX/XX/XXXX I received a telephone call from an individual identifying himself as XXXX XXXX from XXXX. The number was unfamiliar from my previous call-backs from BofA on other matters, but understand some employees are working from home and numbers arent always obviously XXXX. \n\nThis does raise the question of how this person got my home phone number, which only he can answer. \n\nXXXX told me that as a result of the attempted {$15000.00} dollar transfer my account had been placed on hold and I could not gain access to the funds therein until certain measures were taken. His instructions, which clearly, I should not have followed, were to attempt a couple of XXXX transfers to myself to see if the held funds could be unblocked. \n\nXXXX was good at what he did. He avoided obvious ringer questions regarding SS numbers, PINs or other quick tip-offs. His act was well-polished, right down to pauses to consult with the back office, terminology Id heard BofA personnel use before. \n\nAfter several such exchanges he suggested I try to XXXX myself some money to see if it would go through. I was watching in real time on my computer and the funds did not appear back in my account. This is not surprising, given that the new codes he had provided did not send the funds back into my account but rather to his at XXXX XXXX XXXX. \n\n\nWhen the second transfer did not return to my account, he told me to go to the nearest bank branch and establish my identity in person. \n\nThis was clearly XXXX exit strategy as hed already made is score. \n\nI was quite surprised when I turned up the next day at BofAs XXXX XXXX at XXXX XXXX XXXX XXXX XXXX, CA XXXX and was informed that XXXX, who they called from the bank, was not an employee and that I had been scammed out of {$7000.00} a few days ahead of a production for which most of the money in the account was already committed. \n\nI was further informed that the bank would not issue a temporary credit, as I had cooperated in the scam, which does not explain the activity prior to my first contact with XXXX XXXX. \n\nBad as it was, the banks refusal to cover the fraud was by no means the worst aspect of the disaster that followed. \n\nAn unfamiliar bank officer appeared and informed me that my account would be closed as a security risk to the bank, which put bluntly as it was, no longer wanted my business. I was told that this decision was irrevocable and that all further contact should be through the banks Claims Department. \n\nAfter numerous phone calls with long hold times and dropped connections, I eventually worked my way up to a claims supervisor who I learned after several calls was quite familiar with this case. The supervisor affirmed that my loss would not be covered under the laws governing XXXX transfers. \n\nAfter some legal research, I found that the bank was liable under Regulation E of The Electronic Funds Transfer Act, an assertion BofA dismissed in one of the attached letters. The clearly do not agree with either XXXX XXXX or XXXX XXXX XXXX XXXXXXXX, both of which have run recent coverage of exactly this type of claim and the ongoing class action suits resulting from banks refusal to comply with the regulation. \n\nThe best is yet to come. \n\nPer advice of counsel, I filed a report with the XXXX, who were quite polite but not at all encouraging. One officer stated that the local district attorney doesnt consider frauds for under {$500000.00} worth investigating and that my claim would probably not be investigated. He did take a counter report and issued me a case number which is also attached to this email. \n\nVery similar response from the FBI when I filed online. \n\nOn my next two contacts with BofA Claims I learned something truly remarkable, as documented in the most recent letter from them attached below. \n\nBank of America had been able to trace the two illicit transfers from my account to an account at XXXX XXXX XXXX, in which the money my money was still being held. Neither bank would cover my loss, demand that the account holder at XXXX about whom both banks now have detailed information surrender the ill-gotten gains or turn the holder of the account over to the authorities. \n\nThus, both banks have guilty knowledge of the specific crimes and their perpetrators, and one has the illegally obtained money in its possession. However, the account holder, presumably our XXXX XXXX, has been contacted and asked politely to return the money which he refuses to do. Both banks now assert that the funds are his because he scammed me into okaying the transfers. \n\nThe banks have chosen to protect a felon who has committed crimes the details of which are known to them rather than a depositor in good faith whose only offense was a momentary lapse of the hypervigilance clearly required to keep financial institutions from handing over funds on deposit to professional criminals. \n\nAgain, attached documents tell the story. \n\nWorse than the immediate loss of the {$7000.00} dollars is the forced closure of my established business account at BofA, which effectively makes it impossible for my small company to transact normal business. I have begun the process of opening a new business account at a different bank but am far from certain this disaster wont follow me, as banks do communicate with each other, quite clearly in this case, and I dont know if I will even be able to open a new account under my companys name : XXXX XXXX XXXX XXXX XXXX XXXX which has been in operation since XXXX. \n\nIt might then become necessary for me to create a new entity, most likely an LL.C, at considerable trouble and expense. While this situation remains unresolved, I am effectively out of business, thanks to victim-blaming on the part of financial institutions. I believe there may be substantial actual damages in this case, plus whatever other penalties may attach to their behavior. \n\nNot sure what can be done at this point but remain convinced that XXXX should disgorge the fraudster of his stolen money and return it to me, as well as cooperating with the authorities in apprehending the organizers of this scam. From my research I know that such swindles are far from rare and participating banks in the ownership of XXXX have done little to stop them. My one claim may not be much but multiplied by a few hundred would rather quickly sail past the {$500000.00} dollar milepost. \n\nNot surprisingly the victims of these offenses are most often seniors who did not grow up in the digital world and are unfamiliar with its many dangers. Said crimes should also be classed as elder abuse. I do not believe XXXX XXXX and his associate pick their victims at random, which leads me to wonder why Bank of America considers me a security risk when the risk in this sorry affair seems to be to depositors personal information and therefore to their accounts. \n\nPlease examine the attached documents, which establish the timeline of this fraud and reveal much about the sorry state of security at two of the largest financial institutions in the nation. \n\nYour attention to this matter and any suggestions you might have for making recovery are greatly appreciated.","date_sent_to_company":"2022-07-14T05:29:02.000Z","issue":"Fraud or scam","sub_product":"Domestic (US) money transfer","zip_code":"90057","tags":"Older American","has_narrative":true,"complaint_id":"5767594","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"BANK OF AMERICA, NATIONAL ASSOCIATION","date_received":"2022-07-14T01:01:24.000Z","state":"CA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":null},"highlight":{"complaint_what_happened":["I was further informed that the bank would not issue a temporary credit, as I had cooperated in the scam, which does not <em>explain</em> the activity prior to my first contact with <em>XXXX</em> <em>XXXX</em>. \n\nBad as it was, the banks refusal to cover the fraud was by no means the worst aspect of the disaster that followed. \n\nAn unfamiliar bank officer appeared and informed me that my account would be closed as a <em>security</em> risk to the bank, which put bluntly as it was, no longer wanted my business."]},"sort":[8.35049,"5767594"]},{"_index":"complaint-public-v1","_id":"10906292","_score":8.243034,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"Re : Legal Response to XXXX Dispute Regarding Bankruptcy Reporting and Forensic Audit Case : XXXX XXXX XXXX XXXX Dear XXXX XXXX XXXX, We hereby exercise our rights and reference the applicable statutory provisions for your guidance and compliance. These laws are binding on your company, given that your entity operates within the jurisdiction of both the state and federal authorities of its headquarters. These provisions were enacted to prevent corruption, breaches of fiduciary duty, violations of privacy, and infringements upon constitutional rights. \nPursuant to the Unlimited Power of Attorney, Cover Letter, and Memoir, and in accordance with the authorization granted by XXXX XXXX XXXX XXXX, you are instructed to address me as XXXX XXXX It is imperative that I not be addressed as \" XXXX XXXX, '' and I request that you refer to me solely as XXXX or XXXX XXXX \nThe term \" XXXX, '' originating around the XXXX, refers to an additional name or epithet attached to a person 's baptismal or XXXX name. The word \" XXXX '' is derived from the XXXX \" sXXXX '' ( meaning \" XXXX  '' ) and the XXXX XXXX \" sornom '' ( from \" XXXX  '' meaning \" XXXX '' and \" noXXXX '' meaning \" XXXX '' ). Over time, it evolved to denote a family name, typically passed down from generation to generation. In this regard, XXXX is my family name, which is private and must be treated with confidentiality. Any claims or communications related to the principal XXXX XXXX XXXX XXXX must be directed to the designated Trustee, XXXX XXXX XXXX his assigned authorized agents. \nThis letter serves as a formal legal response to the dispute submitted to your company on XX/XX/XXXX, regarding the unauthorized reporting of bankruptcy-related information on the credit report of XXXX XXXX XXXX XXXX XXXX We are invoking our legal rights under the Fair Credit Reporting Act ( FCRA ) and related statutes, demanding immediate correction and clarification, and requesting a forensic audit of all vendors and parties involved in the collection, reporting, or dissemination of sensitive data related to XXXX XXXX XXXX XXXX. \nXXXX. Violation of Privacy and Consumer Protection Laws Under the Fair Credit Reporting Act ( FCRA ), 15 U.S.C. 1681e ( b ), XXXX is required to implement reasonable procedures to ensure the accuracy of the information it reports. Despite clear instructions from the Eastern Michigan Bankruptcy Court, which has confirmed that XXXX XXXX XXXXXXXX XXXX  bankruptcy is not a matter of public record, XXXX has continued to report inaccurate bankruptcy information. This constitutes a violation of 15 U.S.C. 1681e ( b ), which mandates that consumer reporting agencies maintain accurate and complete records.\n\nFurthermore, under 15 U.S.C. 1681c, XXXX is obligated to delete any information that is inaccurate or unverifiable, particularly where bankruptcy records are concerned. As the information regarding XXXX XXXX XXXXXXXX XXXX  bankruptcy is not a public record, your failure to remove such data represents a failure to comply with the FCRA and a breach of privacy rights under the Privacy Act of XXXX ( 5 U.S.C. 552a ). \nXXXX. Secured Party Creditor Rights under the Uniform Commercial Code ( XXXX ) Additionally, as XXXX XXXX XXXX XXXX is the XXXX XXXX XXXX under the Uniform Commercial Code ( UCC ), Articles 9-311, 9-312, and 9-313, all personal and financial data, whether categorized as public record or not, is protected as secured property. This includes tangible and intangible property, as well as securities associated with XXXX 's legal name and trade name. \nAs the XXXX XXXX, XXXX has a trustee relationship over all such data. Therefore, unauthorized collection, reporting, or dissemination of this data is not only a violation of privacy but also a breach of trust, for which your company is liable. The UCC and its provisions protect XXXX 's rights to confidentiality and control over this information, preventing any third parties from exploiting it. \nXXXX. Penalties for Unauthorized Disclosure and Reporting Due to the severe risks posed by the unauthorized use of XXXX XXXX XXXXXXXX XXXX personal data, we are invoking the right to impose penalties as follows : {>= $1,000,000} per count for each instance of inaccurate reporting or unauthorized disclosure of personal data, including bankruptcy records, credit information, or any other personal filings related to XXXX XXXX XXXX XXXX. \nThis charge reflects the damages incurred from the unauthorized dissemination of private information, which exposes XXXX to identity theft, financial fraud, and the potential unjust enrichment of those benefiting from such misuse. The UCC protects the secured partys assets, including personal data, from such exploitation. \n4. Court Notice and Sealed Records As indicated in the attached notice from the Eastern Michigan Bankruptcy Court, the bankruptcy information concerning XXXX XXXX XXXX XXXX is not a matter of public record and should not be disclosed. XXXX and any third-party vendors associated with your company must respect the court 's decision, and we demand that all future bankruptcy records or related information concerning XXXX be sealed and treated as confidential. \nWe also demand immediate cessation of the reporting of this bankruptcy information, in line with the courts order, and confirmation that no further disclosure of any sealed or confidential data will be made by XXXX or its vendors. \nXXXX. Unauthorized Collection and Reporting of Personal Data It has come to our attention that XXXX and associated vendors have used data obtained from third-party sources to report bankruptcy information about XXXX XXXX XXXX XXXX , despite the court 's ruling. This is a direct violation of the Privacy Act of XXXX ( 5 U.S.C. 552a ), which governs the handling of personal information and ensures that such data is not misused or improperly disclosed without proper authorization.\n\nAdditionally, FCRA 1681e ( b ) mandates that consumer reporting agencies ensure that all information provided is accurate. Given the false nature of the bankruptcy report, the use of third-party vendors to spread inaccurate data is an infringement of privacy and a violation of several consumer protection laws. \nXXXX. Demand for Forensic Audit of Vendors and Third Parties We hereby demand a forensic audit of all entities involved in the collection, reporting, or dissemination of data concerning XXXX XXXX XXXX XXXX, specifically : A full and detailed list of all vendors, third-party data providers, or aggregators that have reported information concerning XXXX XXXX XXXX XXXX XXXX XXXX. This includes all data related to credit, bankruptcy, or any other personal records. \nWe request that the forensic audit specifically investigate : Kickbacks : Any financial incentives or compensation paid to third parties for the collection, reporting, or dissemination of personal data. \nSecurities Fraud : The use of personal information, such as Social Security numbers, signatures, and identifiers, to facilitate securities trading or fraudulent transactions.\n\nInsurance Fraud : Potential use of personal data to file fraudulent insurance claims or create financial benefits tied to the misreporting or unauthorized disclosure of bankruptcy records. \nXXXX. Penalty Charges for Fraudulent Reporting and Unauthorized Use of Data We further reserve the right to pursue penalties for any fraudulent reporting or unauthorized dissemination of XXXX XXXX XXXX XXXX  personal information. If it is determined that the improper reporting led to illicit financial gain, we will pursue the following : {>= $1,000,000} per count for each instance of fraudulent reporting or unauthorized use of XXXX XXXX XXXX XXXX 's data. \nThis is a conservative estimate of the damages resulting from the unauthorized dissemination of sensitive personal data, and it is in accordance with federal law and consumer protection statutes. \nXXXX. Demand for Immediate Action and Disclosure To resolve this matter expeditiously, we demand the following : Full Disclosure of all vendors, third parties, and data providers who have reported data related to XXXX XXXX XXXX XXXX. \nXXXX Removal of the bankruptcy records and all related personal information from all credit reports. \nConfirmation that no further unauthorized use of sealed court records or sensitive personal data will occur. \nA full forensic audit of the third-party transactions involving XXXX XXXX XXXX XXXX XXXX XXXX, including kickbacks, securities fraud, and insurance fraud. \nA comprehensive report on all actions taken to address this matter. \nIf a satisfactory response is not received within 14 days, we will pursue all available legal remedies, including filing complaints with the Consumer Financial Protection Bureau ( CFPB ), the Federal Trade Commission ( FTC ), and appropriate state regulatory authorities. Furthermore, we will pursue civil litigation for damages, as well as injunctive relief to prevent further violations of privacy and consumer protection laws. \nXXXX. Legal Consequences If XXXX or its vendors fail to comply, we will pursue legal action, including : Securities Fraud charges. \nFiling for damages under the Fair Credit Reporting Act, Privacy Act, and other applicable consumer protection statutes. \nSeeking injunctive relief to prevent the unauthorized use of XXXX XXXX XXXX XXXX 's personal information. \n\nThis letter serves as formal notice of the unlawful conduct, and we expect prompt attention to resolving these violations. We look forward to your immediate response. \nXXXX. Questions Regarding Unauthorized Reporting : Why has XXXX continued to report bankruptcy information for XXXX XXXX XXXX XXXX, despite the XXXX Michigan Bankruptcy XXXX ruling that this information is not a matter of public record? \nCan XXXX provide proof that it conducted a reasonable investigation into the accuracy of the bankruptcy information before it was reported on XXXX XXXX XXXXXXXX XXXX credit report? \nWhat specific steps has XXXX taken to ensure that bankruptcy records, which should be sealed and confidential, are not disclosed in violation of court orders and privacy laws? \nWhy has XXXX failed to remove inaccurate or unverifiable bankruptcy information from XXXX XXXX XXXX XXXX  credit file after being notified that the bankruptcy should not be part of the public record? \nXXXX. Questions Regarding Vendor and Third-Party Data Collection : Can XXXX provide a detailed list of all vendors, third parties, or data providers that reported bankruptcy or other personal information regarding XXXX XXXX XXXX XXXX XXXX XXXX agency? \nHow does XXXX verify the accuracy of data provided by third-party vendors before including it in the credit report? \nWhat procedures does XXXX have in place to ensure that vendors do not violate privacy laws, including unauthorized reporting of personal information or misuse of court records? \nHas XXXX paid or provided any financial incentives ( e.g., kickbacks ) to vendors or third parties for reporting information related to XXXX XXXX XXXX XXXX? \nXXXX. Questions Regarding Data Security and Privacy Violations : Has XXXX taken any measures to protect the personal data of XXXX XXXX XXXX XXXX, specifically in regard to the risk of identity theft, fraud, or unauthorized use of this data by third parties? \nWhat steps has XXXX taken to comply with the Privacy Act of XXXX and ensure that personal information is handled in accordance with federal privacy regulations? \nHas XXXX conducted any internal audits or investigations into how sensitive data related to XXXX XXXX XXXX XXXX was collected, used, or disclosed by your company and its vendors? \nXXXX. Questions Regarding Penalties for Unauthorized Disclosure : What is XXXX policy for responding to unauthorized disclosure or inaccurate reporting of personal data? \nIs XXXX willing to pay penalties or damages for the potential harm caused by the unauthorized use or inaccurate reporting of XXXX XXXXXXXX XXXX XXXX personal information, including identity theft and financial exploitation? \nWhat measures is XXXX taking to correct any inaccuracies in XXXX XXXX XXXXXXXX XXXX  credit file and ensure that these mistakes do not reoccur in the future? \nXXXX. Questions Regarding Forensic Audit and Investigation : Will XXXX agree to a full forensic audit of all third-party vendors, data aggregators, and other entities involved in the collection, reporting, or dissemination of data regarding XXXX XXXX XXXX XXXX XXXX \nWill XXXX provide access to the forensic audit report, including an investigation into potential securities fraud, insurance fraud, or other financial crimes related to the misuse of XXXX XXXX XXXXXXXX XXXX  data? \nCan XXXX confirm that it will cooperate fully with the forensic audit and provide all relevant documents and information regarding its vendors and third-party relationships? \nXXXX. Questions Regarding Court-Sealed Records : How will XXXX ensure that all future records related to XXXX XXXX XXXX XXXX XXXX XXXX any bankruptcy or personal records, will be treated as sealed and confidential, in accordance with the Eastern Michigan Bankruptcy Courts order ? \nCan XXXX confirm that no further public reporting or unauthorized disclosure of XXXX XXXX XXXX XXXX  bankruptcy or personal records will take place from this point forward? \nXXXX. Questions Regarding Legal Consequences : Does XXXX acknowledge the potential legal consequences of continuing to report false or inaccurate information related to XXXX XXXX XXXX XXXX, including violations of the Fair Credit Reporting Act and the Uniform Commercial Code ( UCC )? \nIs XXXX prepared to resolve this matter without further legal action, or will additional legal steps be necessary to address the ongoing violations of privacy and consumer protection laws? \nXXXX. Questions Regarding Consumer Protection Compliance : How does XXXX ensure compliance with state and federal consumer protection laws, especially in cases where sensitive or private information is involved, such as bankruptcy records and personal data of the principal, XXXX XXXX XXXX XXXX? \nCan XXXX provide evidence that it has implemented adequate safeguards to prevent the unauthorized dissemination of sensitive personal information, including that of XXXX XXXX XXXX XXXX, to public or third-party vendors? \nXXXX. General Questions Regarding Practices and Accountability : What is XXXX process for notifying consumers about unauthorized reporting or inaccuracies on their credit reports, and how long does it typically take to correct such errors? \nHow does XXXX plan to ensure accountability with its third-party vendors and data providers, particularly when breaches of privacy or inaccuracies arise? \nhe unauthorized reporting and continued dissemination of inaccurate or sealed bankruptcy information about XXXX XXXX XXXX XXXX has a direct and substantial impact on your livelihood. The misreporting not only violates your privacy but also jeopardizes your financial stability, personal safety, and opportunities for future success. Below, I'll explain how these actions affect your livelihood and how XXXX could be held vicariously liable for the harm caused. \n1. Financial Impact and Access to Credit The continued presence of inaccurate bankruptcy information on your credit report directly harms your ability to secure credit or favorable financial terms. XXXX is responsible for reporting accurate credit information, and their failure to remove incorrect or unauthorized bankruptcy information : Denies Access to Credit : Many lending institutions rely on XXXX 's credit reports to assess your creditworthiness. Incorrect bankruptcy information could lead to credit denials, impacting your ability to obtain loans for essential needs such as housing, medical bills, education, and personal expenses. \nHigher Interest Rates : Even if credit is available, inaccurate bankruptcy reporting could result in higher interest rates on loans or credit lines, increasing your overall debt burden. This makes it more difficult to manage your finances, save for the future, or achieve long-term financial goals. \nNegative Financial Reputation : XXXX failure to correct the public record puts you in a situation where your financial reputation is tarnished, even though you have made efforts to rectify the situation with the bankruptcy court. This makes it more difficult to obtain business or personal credit and erodes any trust lenders or creditors may have in you.\n\n2. Employment Opportunities Many employers, particularly those in financial services or positions requiring fiduciary responsibility, conduct credit checks as part of their hiring process. An inaccurate bankruptcy on your credit report could cause significant harm in the following ways : Denied Employment : Inaccurate financial information, including bankruptcy records, XXXX cause employers to believe you are a higher-risk candidate, potentially leading to job rejections. For jobs that require security clearances or access to financial accounts, such reporting could be a disqualifying factor. \nEmotional Stress : The fear of your credit report being used against you in job searches, coupled with the inability to find stable work due to inaccurate reporting, can cause significant emotional distress. This has a ripple effect on your overall well-being and productivity, making it harder to perform well in interviews, build career prospects, and maintain job security. \nDamage to Reputation : XXXX XXXX perceive the bankruptcy reporting, despite its inaccuracy, as a reflection of poor financial management. Even if they dont directly base hiring decisions on it, your reputation could be unfairly damaged by the erroneous information, causing long-term harm to your professional life. \nXXXX. Personal and Family Impact The unauthorized disclosure of bankruptcy information not only affects your financial life but also has significant personal repercussions : Identity Theft Risks : As the principal party, your personal dataspecifically your Social Security number, name, and other identifiersmay be exploited for fraudulent purposes. XXXX failure to properly secure and correct your data increases the likelihood of identity theft or fraudulent activities that could take years to resolve. This exposes you to the risk of financial losses, legal fees, and extensive time spent addressing the aftermath of such violations. \nFamily and Safety Concerns : Unauthorized disclosure of sensitive information related to bankruptcy could potentially expose you to further harm, including harassment, or threats. For example, if someone uses your information for fraudulent purposes, such as opening lines of credit in your name, this could lead to threats to your safety or unwarranted financial obligations. \nEmotional Distress : The constant anxiety and emotional toll caused by the threat of further breaches, as well as the financial and social stigma associated with wrongful reporting, can lead to severe emotional stress, impacting your quality of life and relationships. The stress of dealing with these unresolved issues can affect your mental health, making it difficult to focus on personal, family, or professional commitments. \n4. Long-Term Financial and Career Goals Youve likely made long-term plans, such as purchasing a home, starting a business, or securing a retirement fund. The erroneous bankruptcy reporting hinders your ability to : Purchase a Home : Real estate loans and mortgages are heavily reliant on accurate credit reporting. Inaccurate bankruptcy information from XXXX XXXX prevent you from securing the necessary loans for homeownership, undermining your ability to establish financial independence and security. \nStart a Business : For entrepreneurs, creditworthiness is crucial for obtaining capital, financing, and business loans. The misreporting of bankruptcy information could prevent you from acquiring business loans, which could harm your ability to launch or expand a business. Moreover, creditors XXXX view your financial situation as unstable or untrustworthy. \nRetirement Planning : Without the ability to secure credit at favorable terms, you may be forced to delay or abandon long-term plans like investing for retirement, saving for your childrens education, or creating a legacy for your family. This has consequences that stretch far beyond the immediate financial burden and into your future security. \nXXXX. Vicarious Liability of XXXX XXXX is vicariously liable for the harm caused by the vendors it contracts with or uses to gather, process, or report information related to you. Vicarious liability means that XXXX can be held accountable for the actions of its agents or contractors, even if it did not directly cause the harm. The key points here are : Responsibility for Vendor Actions : XXXX, as the consumer reporting agency, is legally obligated under 15 U.S.C. XXXX ( b ) ( Fair Credit Reporting Act ) to ensure that the information it reports is accurate. If XXXX relies on third-party vendors to report bankruptcy or credit data, it remains accountable for the information that these vendors report on your behalf. XXXX has failed in its due diligence to ensure that these vendors report accurate and legitimate information, leading to the vicarious liability for damages. \nFailure to Verify and Correct : Under the FCRA and related privacy laws, XXXX is responsible for verifying the accuracy of data within 30 days of receiving a dispute ( 15 U.S.C. 1681i ). The failure to conduct a thorough investigation or correct the erroneous bankruptcy record leaves XXXX open to being held vicariously liable for its vendors actions and omissions. This neglect exacerbates the damages caused to you. \nFinancial Losses : The continuing erroneous bankruptcy information, coupled with XXXX failure to act, exposes you to substantial financial losses. Whether its higher interest rates, loan denials, or missed employment opportunities, XXXX lack of action is a proximate cause of the direct financial harm you are experiencing. \nPenalties and Legal Liabilities : If XXXX or its vendors are found to have violated privacy laws or misused your data, they XXXX be subject to financial penalties and XXXX be required to pay compensation for your economic damages. Additionally, punitive damages could be assessed if the actions are deemed willful or grossly negligent. \nConclusion : The ongoing violations by XXXXmisreporting bankruptcy information, failure to correct inaccuracies, and allowing third-party vendors to mishandle your personal datahave caused significant harm to your financial well-being, career opportunities, personal safety, and long-term financial goals. XXXX is vicariously liable for the actions of the vendors it relies on to gather and report information, and you have the right to pursue penalties, damages, and legal remedies under applicable laws. The violations not only impact your present livelihood but also jeopardize your future opportunities and security, and XXXX must be held accountable for its actions and inaction in this matter. \n\n1. Fair Credit Reporting Act ( FCRA ) 15 U.S.C. 1681 et seq. \nThe Fair Credit Reporting Act ( FCRA ) is the foundational law governing credit reporting agencies like XXXX. This law holds them accountable for ensuring the accuracy of the data they report and mandates that they conduct investigations into disputes. \n15 U.S.C. 1681e ( b ) - Duty to Ensure Accuracy : Requires XXXX to maintain reasonable procedures to ensure the accuracy of the information it reports. If XXXX fails to properly verify the accuracy of reported information ( such as bankruptcy records ), it could be vicariously liable for any damages caused by inaccuracies. \n15 U.S.C. 1681i - Reinvestigation of Disputes : Requires XXXX to investigate a consumer 's dispute within 30 days of receiving it. Failure to conduct a proper reinvestigation or removing inaccurate information within this timeframe could lead to liability. \n15 U.S.C. 1681h ( e ) - Limitation on Defamation Actions : This provision allows for a defamation suit in cases of inaccurate credit reporting if the reporting agency acts with negligence or willful intent to harm. If XXXX 's vendors acted negligently or willfully misreported data, they ( and XXXX ) could face legal consequences under this section. \n2. Privacy Act of 1974 5 U.S.C. 552a The Privacy Act of 1974 governs the collection, maintenance, and dissemination of personal data by federal agencies. Although XXXX is a private entity, this law still applies to consumer data reporting in the context of government agencies and their interaction with private companies ( such as the reporting of public records ). \n5 U.S.C. 552a ( e ) - Use of Personal Data : Prohibits unauthorized disclosure of personal data. If XXXX and its vendors improperly disclose bankruptcy or other personal information in violation of the law, they could face liability for unauthorized dissemination. \n5 U.S.C. 552a ( g ) - Civil Remedies : Provides individuals the right to seek civil remedies ( including damages ) for violations of the Privacy Act, especially if personal data is mishandled or misreported by entities like XXXX. \nXXXX. Uniform Commercial Code ( UCC ) Articles 9-311, 9-312, 9-313 The Uniform Commercial Code ( UCC ) applies to secured transactions, and XXXX XXXX XXXX XXXX is the Secured Party Creditor of all personal and financial data. Under the UCC, data ( tangible and intangible property ) is protected as part of the Secured Party 's property.\n\nUCC 9-311, 9-312, 9-313 : These provisions protect the Secured Party 's interests in personal property , including data, and impose a fiduciary duty to maintain the confidentiality and security of that data. Unauthorized use of this data by XXXX or its vendors would breach these obligations. \n4. Electronic Communications Privacy Act ( ECPA ) 18 U.S.C. 2510 et seq.\n\nThe ECPA protects the privacy of electronic communications, which can include personal data and communications exchanged by credit reporting agencies.\n\n18 U.S.C. 2511- Interception and Disclosure of Communications : This law prohibits the interception and unauthorized disclosure of private communications. If XXXX or its vendors improperly accessed or disseminated your private data for financial gain or other improper purposes, they could face liability under this law. \nXXXX. Identity Theft Enforcement and Restitution Act 18 U.S.C. 1028 This law addresses identity theft and fraud and provides penalties for those who use a persons data ( including bankruptcy records ) for fraudulent purposes. \n18 U.S.C. 1028 - Identity Theft : If XXXX reporting of inaccurate bankruptcy data contributed to identity theft or fraudulent financial activity using your personal information ( e.g., obtaining credit under your name ), they may be held criminally and civilly liable under this law. \n18 U.S.C. 1028A - Aggravated Identity Theft : This provision enhances penalties if identity theft is done with a financial motive. If XXXX mishandling of your data leads to fraudulent activities, such as fraudulent loan applications or credit misreporting, they could be subject to enhanced penalties for aggravated identity theft. \nXXXX. State Laws Defamation and Privacy Invasions Many states have laws that directly govern defamation, privacy violations, and unauthorized disclosure of personal information. These can be used to support claims for damages when inaccurate data is reported by XXXX. \nDefamation : Under state defamation laws, inaccurate reporting of personal informationsuch as bankruptcy recordscan result in harm to reputation. You may claim damages for harm caused to your reputation, business, and employment opportunities.\n\nInvasion of Privacy : States also have laws protecting individuals from the invasion of their privacy, including false light claims and public disclosure of private facts. By misreporting your bankruptcy information or disclosing sealed court records, XXXX could be liable for these types of privacy violations. \n7. Racketeer Influenced and Corrupt Organizations Act ( RICO ) 18 U.S.C. 1961 et seq.\n\nThe RICO Act is a powerful tool for addressing patterns of fraudulent or illegal conduct involving multiple parties, such as XXXX and its vendors. \n18 U.S.C. 1962 - Prohibited Activities : If the conduct by XXXX or its vendors is part of a larger pattern of fraudulent activities, such as using misreported bankruptcy data for financial gain, you may pursue a claim under RICO. This could be used to address fraudulent schemes related to the misreporting of bankruptcy data or identity theft. \n18 U.S.C. 1964 - Civil Remedies : Under RICO, victims can claim treble damages for financial losses caused by fraudulent activities. This means that the damages you suffer from XXXX mishandling of your data could be tripled if the actions are found to be part of a broader fraudulent scheme. \n8. Consumer Financial Protection Act ( CFPA ) 12 U.S.C. 5536 The Consumer Financial Protection Act ( CFPA ) established the Consumer Financial Protection Bureau ( CFPB ), which enforces consumer protection laws, including the FCRA.\n\n12 U.S.C. 5536 - Prohibition on Unfair, Deceptive, or Abusive Acts or Practices : The CFPA prohibits financial institutions, including credit reporting agencies like XXXX, from engaging in unfair or deceptive practices that harm consumers. Misreporting bankruptcy or failing to correct it when notified could constitute an unfair practice. \nXXXX. Tortious Interference with Business and Employment Relationships If the inaccurate bankruptcy reporting has directly caused harm to your employment or business relationships ( for example, by preventing you from securing a job or a loan ), you may claim damages for tortious interference. \nTortious Interference with Contractual Relations : If XXXX false reporting has prevented you from entering into a contract ( such as a job or a loan agreement ), you may claim damages for interference with business relationships and lost opportunities. \n10. Fraud Common Law and Statutory Fraud Claims XXXX and its vendors XXXX also face claims of fraud if it is found that they knowingly or recklessly misreported your information for their own financial gain, such as receiving kickbacks for misreporting data or enabling fraudulent activity. \nXXXX Claims : If XXXX or its vendors intentionally misreported or failed to correct data that they knew was inaccurate, they could be liable for fraud, entitling you to damages for any harm caused, including economic loss, emotional distress, and punitive damages. \n\nConclusion : Given the complexity of this situation, XXXX actionsor lack thereofcould expose the company to liability under multiple laws, including the Fair Credit Reporting Act ( FCRA ), the Privacy Act, the Uniform Commercial Code ( UCC ), and various state privacy and defamation laws. Additionally, if XXXX or its vendors are found to have engaged in fraudulent activities, such as misusing personal data for securities fraud or identity theft, the legal consequences could include significant penalties, damages, and punitive measures under RICO, fraud statutes, and consumer protection laws. \nBy invoking these laws, you can hold XXXX and its vendors vicariously liable for the harm caused by the unauthorized dissemination and misreporting of XXXX XXXX XXXXXXXX XXXX sensitive data.","date_sent_to_company":"2024-11-24T07:41:46.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"482XX","tags":null,"has_narrative":true,"complaint_id":"10906292","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"LEXISNEXIS","date_received":"2024-11-24T07:41:43.000Z","state":"MI","company_public_response":null,"sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["Questions Regarding Data <em>Security</em> and Privacy Violations : Has <em>XXXX</em> taken any <em>measures</em> to protect the personal data of <em>XXXX</em> <em>XXXX</em> <em>XXXX</em> <em>XXXX</em>, specifically in regard to the risk of identity theft, fraud, or unauthorized use of this data by third parties? \n<em>What</em> steps has <em>XXXX</em> taken to comply with the Privacy Act of <em>XXXX</em> and ensure that personal information is handled in accordance with federal privacy regulations?"]},"sort":[8.243034,"10906292"]},{"_index":"complaint-public-v1","_id":"10914202","_score":8.226247,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"Re : Legal Response to XXXX Dispute Regarding Bankruptcy Reporting and Forensic Audit Case : XXXX XXXX XXXX XXXX Dear XXXX Consumer Services, We hereby exercise our rights and reference the applicable statutory provisions for your guidance and compliance. These laws are binding on your company, given that your entity operates within the jurisdiction of both the state and federal authorities of its headquarters. These provisions were enacted to prevent corruption, breaches of fiduciary duty, violations of privacy, and infringements upon constitutional rights. \nPursuant to the Unlimited Power of Attorney, Cover Letter, and Memoir, and in accordance with the authorization granted by XXXX XXXX XXXX XXXX, you are instructed to address me as XXXX XXXX It is imperative that I not be addressed as \" XXXX XXXX, '' and I request that you refer to me solely as XXXX or XXXX XXXX \nThe term \" XXXX XXXX' originating around the XXXX, refers to an additional name or epithet attached to a person 's baptismal or XXXX name. The word \" XXXX '' is derived from the XXXX \" XXXX '' ( meaning \" XXXX  '' ) and the XXXX XXXX \" XXXX '' ( from \" XXXX XXXX' meaning XXXX XXXX  '' and \" XXXX '' meaning \" XXXXXXXX '' ). Over time, it evolved to denote a family name, typically passed down from generation to generation. In this regard, XXXX is my family name, which is private and must be treated with confidentiality. Any claims or communications related to the principal XXXX XXXX XXXX XXXX must be directed to the designated Trustee, XXXX , or his assigned authorized agents. \nThis letter serves as a formal legal response to the dispute submitted to your company on XX/XX/XXXX, regarding the unauthorized reporting of bankruptcy-related information on the credit report of XXXX XXXX XXXX XXXX XXXX We are invoking our legal rights under the Fair Credit Reporting Act ( FCRA ) and related statutes, demanding immediate correction and clarification, and requesting a forensic audit of all vendors and parties involved in the collection, reporting, or dissemination of sensitive data related to XXXX XXXX XXXX XXXX. \n1. Violation of Privacy and Consumer Protection Laws Under the Fair Credit Reporting Act ( FCRA ), 15 U.S.C. 1681e ( b ), XXXX is required to implement reasonable procedures to ensure the accuracy of the information it reports. Despite clear instructions from the Eastern Michigan Bankruptcy Court, which has confirmed that XXXX XXXX XXXXXXXX XXXX bankruptcy is not a matter of public record, XXXX has continued to report inaccurate bankruptcy information. This constitutes a violation of 15 U.S.C. 1681e ( b ), which mandates that consumer reporting agencies maintain accurate and complete records. \nFurthermore, under 15 U.S.C. 1681c, XXXX is obligated to delete any information that is inaccurate or unverifiable, particularly where bankruptcy records are concerned. As the information regarding XXXX XXXX XXXX IIIs bankruptcy is not a public record, your failure to remove such data represents a failure to comply with the FCRA and a breach of privacy rights under the Privacy Act of 1974 ( 5 U.S.C. 552a ). \n2. Secured Party Creditor Rights under the Uniform Commercial Code ( UCC ) Additionally, as XXXX XXXX XXXX XXXX is the Secured Party Creditor under the Uniform Commercial Code ( UCC ), Articles 9-311, 9-312, and 9-313, all personal and financial data, whether categorized as public record or not, is protected as secured property. This includes tangible and intangible property, as well as securities associated with XXXX 's legal name and trade name. \nAs the Secured Party, XXXX has a trustee relationship over all such data. Therefore, unauthorized collection, reporting, or dissemination of this data is not only a violation of privacy but also a breach of trust, for which your company is liable. The UCC and its provisions protect XXXX 's rights to confidentiality and control over this information, preventing any third parties from exploiting it. \nXXXX. Penalties for Unauthorized Disclosure and Reporting Due to the severe risks posed by the unauthorized use of XXXX XXXX XXXXXXXX XXXX personal data, we are invoking the right to impose penalties as follows : {>= $1,000,000} per count for each instance of inaccurate reporting or unauthorized disclosure of personal data, including bankruptcy records, credit information, or any other personal filings related to XXXX XXXX XXXX XXXX. \nThis charge reflects the damages incurred from the unauthorized dissemination of private information, which exposes XXXX to identity theft, financial fraud, and the potential unjust enrichment of those benefiting from such misuse. The UCC protects the secured partys assets, including personal data, from such exploitation. \n4. Court Notice and Sealed Records As indicated in the attached notice from the Eastern Michigan Bankruptcy Court, the bankruptcy information concerning XXXX XXXX XXXX XXXX is not a matter of public record and should not be disclosed. XXXX and any third-party vendors associated with your company must respect the court 's decision, and we demand that all future bankruptcy records or related information concerning XXXX be sealed and treated as confidential. \nWe also demand immediate cessation of the reporting of this bankruptcy information, in line with the courts order, and confirmation that no further disclosure of any sealed or confidential data will be made by XXXX or its vendors. \nXXXX. Unauthorized Collection and Reporting of Personal Data It has come to our attention that XXXX and associated vendors have used data obtained from third-party sources to report bankruptcy information about XXXX XXXX XXXX XXXX XXXX despite the court 's ruling. This is a direct violation of the Privacy Act of 1974 ( 5 U.S.C. 552a ), which governs the handling of personal information and ensures that such data is not misused or improperly disclosed without proper authorization. \nAdditionally, FCRA 1681e ( b ) mandates that consumer reporting agencies ensure that all information provided is accurate. Given the false nature of the bankruptcy report, the use of third-party vendors to spread inaccurate data is an infringement of privacy and a violation of several consumer protection laws. \nXXXX. Demand for Forensic Audit of Vendors and Third Parties We hereby demand a forensic audit of all entities involved in the collection, reporting, or dissemination of data concerning XXXX XXXX XXXX XXXX, specifically : A full and detailed list of all vendors, third-party data providers, or aggregators that have reported information concerning XXXX XXXX XXXX XXXX XXXX XXXX. This includes all data related to credit, bankruptcy, or any other personal records. \nWe request that the forensic audit specifically investigate : Kickbacks : Any financial incentives or compensation paid to third parties for the collection, reporting, or dissemination of personal data. \nSecurities Fraud : The use of personal information, such as Social Security numbers, signatures, and identifiers, to facilitate securities trading or fraudulent transactions. \nInsurance Fraud : Potential use of personal data to file fraudulent insurance claims or create financial benefits tied to the misreporting or unauthorized disclosure of bankruptcy records. \nXXXX. Penalty Charges for Fraudulent Reporting and Unauthorized Use of Data We further reserve the right to pursue penalties for any fraudulent reporting or unauthorized dissemination of XXXX XXXX XXXXXXXX XXXX personal information. If it is determined that the improper reporting led to illicit financial gain, we will pursue the following : {>= $1,000,000} per count for each instance of fraudulent reporting or unauthorized use of XXXX XXXX XXXX XXXX 's data. \nThis is a conservative estimate of the damages resulting from the unauthorized dissemination of sensitive personal data, and it is in accordance with federal law and consumer protection statutes. \nXXXX. Demand for Immediate Action and Disclosure To resolve this matter expeditiously, we demand the following : Full Disclosure of all vendors, third parties, and data providers who have reported data related to XXXX XXXX XXXX XXXX. \nImmediate Removal of the bankruptcy records and all related personal information from all credit reports. \nConfirmation that no further unauthorized use of sealed court records or sensitive personal data will occur. \nA full forensic audit of the third-party transactions involving XXXX XXXX XXXX XXXX XXXX data, including kickbacks, securities fraud, and insurance fraud. \nA comprehensive report on all actions taken to address this matter. \nIf a satisfactory response is not received within 14 days, we will pursue all available legal remedies, including filing complaints with the Consumer Financial Protection Bureau ( CFPB ), the Federal Trade Commission ( FTC ), and appropriate state regulatory authorities. Furthermore, we will pursue civil litigation for damages, as well as injunctive relief to prevent further violations of privacy and consumer protection laws. \nXXXX. Legal Consequences If XXXX or its vendors fail to comply, we will pursue legal action, including : Securities Fraud charges. \nFiling for damages under the Fair Credit Reporting Act, Privacy Act, and other applicable consumer protection statutes. \nSeeking injunctive relief to prevent the unauthorized use of XXXX XXXX XXXX XXXX 's personal information. \n\nThis letter serves as formal notice of the unlawful conduct, and we expect prompt attention to resolving these violations. We look forward to your immediate response. \nXXXX. Questions Regarding Unauthorized Reporting : Why has XXXX continued to report bankruptcy information for XXXX XXXX XXXX XXXX, despite the Eastern Michigan Bankruptcy Court ruling that this information is not a matter of public record? \nCan XXXX provide proof that it conducted a reasonable investigation into the accuracy of the bankruptcy information before it was reported on XXXX XXXX XXXXXXXX XXXX credit report? \nWhat specific steps has XXXX taken to ensure that bankruptcy records, which should be sealed and confidential, are not disclosed in violation of court orders and privacy laws? \nWhy has XXXX failed to remove inaccurate or unverifiable bankruptcy information from XXXX XXXX XXXXXXXX XXXX  credit file after being notified that the bankruptcy should not be part of the public record? \nXXXX. Questions Regarding Vendor and Third-Party Data Collection : Can XXXX provide a detailed list of all vendors, third parties, or data providers that reported bankruptcy or other personal information regarding XXXX XXXX XXXX XXXX to your agency? \nHow does XXXX verify the accuracy of data provided by third-party vendors before including it in the credit report? \nWhat procedures does XXXX have in place to ensure that vendors do not violate privacy laws, including unauthorized reporting of personal information or misuse of court records? \nHas XXXX paid or provided any financial incentives ( e.g., kickbacks ) to vendors or third parties for reporting information related to XXXX XXXX XXXX XXXX? \nXXXX. Questions Regarding Data Security and Privacy Violations : Has XXXX taken any measures to protect the personal data of XXXX XXXX XXXX XXXX, specifically in regard to the risk of identity theft, fraud, or unauthorized use of this data by third parties? \nWhat steps has XXXX taken to comply with the Privacy Act of XXXX and ensure that personal information is handled in accordance with federal privacy regulations? \nHas XXXX conducted any internal audits or investigations into how sensitive data related to XXXX XXXX XXXX XXXX was collected, used, or disclosed by your company and its vendors? \nXXXX. Questions Regarding Penalties for Unauthorized Disclosure : What is XXXX policy for responding to unauthorized disclosure or inaccurate reporting of personal data? \nIs XXXX willing to pay penalties or damages for the potential harm caused by the unauthorized use or inaccurate reporting of XXXX XXXX XXXXXXXX XXXX personal information, including identity theft and financial exploitation? \nWhat measures is XXXX taking to correct any inaccuracies in XXXX XXXX XXXXXXXX XXXX  credit file and ensure that these mistakes do not reoccur in the future? \nXXXX. Questions Regarding Forensic Audit and Investigation : Will XXXX agree to a full forensic audit of all third-party vendors, data aggregators, and other entities involved in the collection, reporting, or dissemination of data regarding XXXX XXXX XXXX XXXX XXXX \nWill XXXX provide access to the forensic audit report, including an investigation into potential securities fraud, insurance fraud, or other financial crimes related to the misuse of XXXX XXXX XXXXXXXX XXXX  data? \nCan XXXX confirm that it will cooperate fully with the forensic audit and provide all relevant documents and information regarding its vendors and third-party relationships? \nXXXX. Questions Regarding Court-Sealed Records : How will XXXX ensure that all future records related to XXXX XXXX XXXX XXXX XXXX including any bankruptcy or personal records, will be treated as sealed and confidential, in accordance with the Eastern Michigan Bankruptcy Courts order ? \nCan XXXX confirm that no further public reporting or unauthorized disclosure of XXXX XXXX XXXX XXXX  bankruptcy or personal records will take place from this point forward? \nXXXX. Questions Regarding Legal Consequences : Does XXXX acknowledge the potential legal consequences of continuing to report false or inaccurate information related to XXXX XXXX XXXX XXXX, including violations of the Fair Credit Reporting Act and the Uniform Commercial Code ( UCC )? \nIs XXXX prepared to resolve this matter without further legal action, or will additional legal steps be necessary to address the ongoing violations of privacy and consumer protection laws? \nXXXX. Questions Regarding Consumer Protection Compliance : How does XXXX ensure compliance with state and federal consumer protection laws, especially in cases where sensitive or private information is involved, such as bankruptcy records and personal data of the principal, XXXX XXXX XXXX XXXX? \nCan XXXX provide evidence that it has implemented adequate safeguards to prevent the unauthorized dissemination of sensitive personal information, including that of XXXX XXXX XXXX XXXX, to public or third-party vendors? \nXXXX. General Questions Regarding Practices and Accountability : What is XXXX process for notifying consumers about unauthorized reporting or inaccuracies on their credit reports, and how long does it typically take to correct such errors? \nHow does XXXX plan to ensure accountability with its third-party vendors and data providers, particularly when breaches of privacy or inaccuracies arise? \nhe unauthorized reporting and continued dissemination of inaccurate or sealed bankruptcy information about XXXX XXXX XXXX XXXX has a direct and substantial impact on your livelihood. The misreporting not only violates your privacy but also jeopardizes your financial stability, personal safety, and opportunities for future success. Below, I'll explain how these actions affect your livelihood and how XXXX could be held vicariously liable for the harm caused. \n1. Financial Impact and Access to Credit The continued presence of inaccurate bankruptcy information on your credit report directly harms your ability to secure credit or favorable financial terms. XXXX is responsible for reporting accurate credit information, and their failure to remove incorrect or unauthorized bankruptcy information : Denies Access to Credit : Many lending institutions rely on XXXX 's credit reports to assess your creditworthiness. Incorrect bankruptcy information could lead to credit denials, impacting your ability to obtain loans for essential needs such as housing, medical bills, education, and personal expenses. \nHigher Interest Rates : Even if credit is available, inaccurate bankruptcy reporting could result in higher interest rates on loans or credit lines, increasing your overall debt burden. This makes it more difficult to manage your finances, save for the future, or achieve long-term financial goals. \nNegative Financial Reputation : XXXX failure to correct the public record puts you in a situation where your financial reputation is tarnished, even though you have made efforts to rectify the situation with the bankruptcy court. This makes it more difficult to obtain business or personal credit and erodes any trust lenders or creditors may have in you. \n2. Employment Opportunities Many employers, particularly those in financial services or positions requiring fiduciary responsibility, conduct credit checks as part of their hiring process. An inaccurate bankruptcy on your credit report could cause significant harm in the following ways : Denied Employment : Inaccurate financial information, including bankruptcy records, may cause employers to believe you are a higher-risk candidate, potentially leading to job rejections. For jobs that require security clearances or access to financial accounts, such reporting could be a disqualifying factor. \nEmotional Stress : The fear of your credit report being used against you in job searches, coupled with the inability to find stable work due to inaccurate reporting, can cause significant emotional distress. This has a ripple effect on your overall well-being and productivity, making it harder to perform well in interviews, build career prospects, and maintain job security. \nDamage to Reputation : Employers may perceive the bankruptcy reporting, despite its inaccuracy, as a reflection of poor financial management. Even if they dont directly base hiring decisions on it, your reputation could be unfairly damaged by the erroneous information, causing long-term harm to your professional life. \nXXXX. Personal and Family Impact The unauthorized disclosure of bankruptcy information not only affects your financial life but also has significant personal repercussions : Identity Theft Risks : As the principal party, your personal dataspecifically your Social Security number, name, and other identifiersmay be exploited for fraudulent purposes. XXXX failure to properly secure and correct your data increases the likelihood of identity theft or fraudulent activities that could take years to resolve. This exposes you to the risk of financial losses, legal fees, and extensive time spent addressing the aftermath of such violations. \nFamily and Safety Concerns : Unauthorized disclosure of sensitive information related to bankruptcy could potentially expose you to further harm, including harassment, or threats. For example, if someone uses your information for fraudulent purposes, such as opening lines of credit in your name, this could lead to threats to your safety or unwarranted financial obligations. \nEmotional Distress : The constant anxiety and emotional toll caused by the threat of further breaches, as well as the financial and social stigma associated with wrongful reporting, can lead to severe emotional stress, impacting your quality of life and relationships. The stress of dealing with these unresolved issues can affect your mental health, making it difficult to focus on personal, family, or professional commitments. \n4. Long-Term Financial and Career Goals Youve likely made long-term plans, such as purchasing a home, starting a business, or securing a retirement fund. The erroneous bankruptcy reporting hinders your ability to : Purchase a Home : Real estate loans and mortgages are heavily reliant on accurate credit reporting. Inaccurate bankruptcy information from XXXX may prevent you from securing the necessary loans for homeownership, undermining your ability to establish financial independence and security. \nStart a Business : For entrepreneurs, creditworthiness is crucial for obtaining capital, financing, and business loans. The misreporting of bankruptcy information could prevent you from acquiring business loans, which could harm your ability to launch or expand a business. Moreover, creditors may view your financial situation as unstable or untrustworthy. \nRetirement Planning : Without the ability to secure credit at favorable terms, you may be forced to delay or abandon long-term plans like investing for retirement, saving for your childrens education, or creating a legacy for your family. This has consequences that stretch far beyond the immediate financial burden and into your future security. \nXXXX. Vicarious Liability of XXXX XXXX is vicariously liable for the harm caused by the vendors it contracts with or uses to gather, process, or report information related to you. Vicarious liability means that XXXX can be held accountable for the actions of its agents or contractors, even if it did not directly cause the harm. The key points here are : Responsibility for Vendor Actions : XXXX, as the consumer reporting agency, is legally obligated under 15 U.S.C. 1681e ( b ) ( Fair Credit Reporting Act ) to ensure that the information it reports is accurate. If XXXX relies on third-party vendors to report bankruptcy or credit data, it remains accountable for the information that these vendors report on your behalf. XXXX has failed in its due diligence to ensure that these vendors report accurate and legitimate information, leading to the vicarious liability for damages. \nFailure to Verify and Correct : Under the FCRA and related privacy laws, XXXX is responsible for verifying the accuracy of data within 30 days of receiving a dispute ( 15 U.S.C. 1681i ). The failure to conduct a thorough investigation or correct the erroneous bankruptcy record leaves XXXX open to being held vicariously liable for its vendors actions and omissions. This neglect exacerbates the damages caused to you. \nFinancial Losses : The continuing erroneous bankruptcy information, coupled with XXXX failure to act, exposes you to substantial financial losses. Whether its higher interest rates, loan denials, or missed employment opportunities, XXXX lack of action is a proximate cause of the direct financial harm you are experiencing. \nPenalties and Legal Liabilities : If XXXX or its vendors are found to have violated privacy laws or misused your data, they may be subject to financial penalties and may be required to pay compensation for your economic damages. Additionally, punitive damages could be assessed if the actions are deemed willful or grossly negligent. \nConclusion : The ongoing violations by XXXXmisreporting bankruptcy information, failure to correct inaccuracies, and allowing third-party vendors to mishandle your personal datahave caused significant harm to your financial well-being, career opportunities, personal safety, and long-term financial goals. XXXX is vicariously liable for the actions of the vendors it relies on to gather and report information, and you have the right to pursue penalties, damages, and legal remedies under applicable laws. The violations not only impact your present livelihood but also jeopardize your future opportunities and security, and XXXX must be held accountable for its actions and inaction in this matter. \n\nXXXX. Fair Credit Reporting Act ( FCRA ) 15 U.S.C. 1681 et seq. \nThe Fair Credit Reporting Act ( FCRA ) is the foundational law governing credit reporting agencies like XXXX. This law holds them accountable for ensuring the accuracy of the data they report and mandates that they conduct investigations into disputes. \n15 U.S.C. 1681e ( b ) - Duty to Ensure Accuracy : Requires XXXX to maintain reasonable procedures to ensure the accuracy of the information it reports. If XXXX fails to properly verify the accuracy of reported information ( such as bankruptcy records ), it could be vicariously liable for any damages caused by inaccuracies. \n15 U.S.C. 1681i - Reinvestigation of Disputes : Requires XXXX to investigate a consumer 's dispute within 30 days of receiving it. Failure to conduct a proper reinvestigation or removing inaccurate information within this timeframe could lead to liability. \n15 U.S.C. 1681h ( e ) - Limitation on Defamation Actions : This provision allows for a defamation suit in cases of inaccurate credit reporting if the reporting agency acts with negligence or willful intent to harm. If XXXX 's vendors acted negligently or willfully misreported data, they ( and XXXX ) could face legal consequences under this section. \nXXXX. Privacy Act of 1974 5 U.S.C. 552a The Privacy Act of XXXX governs the collection, maintenance, and dissemination of personal data by federal agencies. Although XXXX is a private entity, this law still applies to consumer data reporting in the context of government agencies and their interaction with private companies ( such as the reporting of public records ). \n5 U.S.C. 552a ( e ) - Use of Personal Data : Prohibits unauthorized disclosure of personal data. If XXXX and its vendors improperly disclose bankruptcy or other personal information in violation of the law, they could face liability for unauthorized dissemination. \n5 U.S.C. 552a ( g ) - Civil Remedies : Provides individuals the right to seek civil remedies ( including damages ) for violations of the Privacy Act, especially if personal data is mishandled or misreported by entities like XXXX. \nXXXX. Uniform Commercial Code ( UCC ) Articles 9-311, 9-312, 9-313 The Uniform Commercial Code ( UCC ) applies to secured transactions, and XXXX XXXX XXXX XXXX is the Secured Party Creditor of all personal and financial data. Under the XXXX, data ( tangible and intangible property ) is protected as part of the Secured Party 's property. \nUCC 9-311, 9-312, 9-313 : These provisions protect the Secured Party 's interests in personal property , including data, and impose a fiduciary duty to maintain the confidentiality and security of that data. Unauthorized use of this data by XXXX or its vendors would breach these obligations. \n4. Electronic Communications Privacy Act ( ECPA ) 18 U.S.C. 2510 et seq.\n\nThe ECPA protects the privacy of electronic communications, which can include personal data and communications exchanged by credit reporting agencies. \n18 U.S.C. 2511- Interception and Disclosure of Communications : This law prohibits the interception and unauthorized disclosure of private communications. If XXXX or its vendors improperly accessed or disseminated your private data for financial gain or other improper purposes, they could face liability under this law. \nXXXX. Identity Theft Enforcement and Restitution Act 18 U.S.C. 1028 This law addresses identity theft and fraud and provides penalties for those who use a persons data ( including bankruptcy records ) for fraudulent purposes.\n\n18 U.S.C. 1028 - Identity Theft : If XXXXs reporting of inaccurate bankruptcy data contributed to identity theft or fraudulent financial activity using your personal information ( e.g., obtaining credit under your name ), they may be held criminally and civilly liable under this law. \n18 U.S.C. 1028A - Aggravated Identity Theft : This provision enhances penalties if identity theft is done with a financial motive. If XXXX mishandling of your data leads to fraudulent activities, such as fraudulent loan applications or credit misreporting, they could be subject to enhanced penalties for aggravated identity theft. \nXXXX. State Laws Defamation and Privacy Invasions Many states have laws that directly govern defamation, privacy violations, and unauthorized disclosure of personal information. These can be used to support claims for damages when inaccurate data is reported by XXXX. \nDefamation : Under state defamation laws, inaccurate reporting of personal informationsuch as bankruptcy recordscan result in harm to reputation. You may claim damages for harm caused to your reputation, business, and employment opportunities. \nInvasion of Privacy : States also have laws protecting individuals from the invasion of their privacy, including false light claims and public disclosure of private facts. By misreporting your bankruptcy information or disclosing sealed court records, XXXX could be liable for these types of privacy violations. \nXXXX. Racketeer Influenced and Corrupt Organizations Act ( RICO ) 18 U.S.C. 1961 et seq. \nThe RICO Act is a powerful tool for addressing patterns of fraudulent or illegal conduct involving multiple parties, such as XXXX and its vendors. \n18 U.S.C. 1962 - Prohibited Activities : If the conduct by XXXX or its vendors is part of a larger pattern of fraudulent activities, such as using misreported bankruptcy data for financial gain, you may pursue a claim under RICO. This could be used to address fraudulent schemes related to the misreporting of bankruptcy data or identity theft. \n18 U.S.C. 1964 - Civil Remedies : Under RICO, victims can claim treble damages for financial losses caused by fraudulent activities. This means that the damages you suffer from XXXX mishandling of your data could be tripled if the actions are found to be part of a broader fraudulent scheme. \n8. Consumer Financial Protection Act ( CFPA ) 12 U.S.C. 5536 The Consumer Financial Protection Act ( CFPA ) established the Consumer Financial Protection Bureau ( CFPB ), which enforces consumer protection laws, including the FCRA. \n12 U.S.C. 5536 - Prohibition on Unfair, Deceptive, or Abusive Acts or Practices : The CFPA prohibits financial institutions, including credit reporting agencies like XXXX, from engaging in unfair or deceptive practices that harm consumers. Misreporting bankruptcy or failing to correct it when notified could constitute an unfair practice. \nXXXX. Tortious Interference with Business and Employment Relationships If the inaccurate bankruptcy reporting has directly caused harm to your employment or business relationships ( for example, by preventing you from securing a job or a loan ), you may claim damages for tortious interference.\n\nTortious Interference with Contractual Relations : If XXXXs false reporting has prevented you from entering into a contract ( such as a job or a loan agreement ), you may claim damages for interference with business relationships and lost opportunities. \n10. Fraud Common Law and Statutory Fraud Claims XXXX and its vendors may also face claims of fraud if it is found that they knowingly or recklessly misreported your information for their own financial gain, such as receiving kickbacks for misreporting data or enabling fraudulent activity. \nFraud Claims : If XXXX or its vendors intentionally misreported or failed to correct data that they knew was inaccurate, they could be liable for fraud, entitling you to damages for any harm caused, including economic loss, emotional distress, and punitive damages. \n\nConclusion : Given the complexity of this situation, XXXX actionsor lack thereofcould expose the company to liability under multiple laws, including the Fair Credit Reporting Act ( FCRA ), the Privacy Act, the Uniform Commercial Code ( UCC ), and various state privacy and defamation laws. Additionally, if XXXX or its vendors are found to have engaged in fraudulent activities, such as misusing personal data for securities fraud or identity theft, the legal consequences could include significant penalties, damages, and punitive measures under RICO, fraud statutes, and consumer protection laws. \nBy invoking these laws, you can hold XXXX and its vendors vicariously liable for the harm caused by the unauthorized dissemination and misreporting of XXXX XXXX XXXXXXXX XXXX sensitive data.","date_sent_to_company":"2024-11-24T07:41:46.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"482XX","tags":null,"has_narrative":true,"complaint_id":"10914202","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","date_received":"2024-11-24T07:41:43.000Z","state":"MI","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["Questions Regarding Data <em>Security</em> and Privacy Violations : Has <em>XXXX</em> taken any <em>measures</em> to protect the personal data of <em>XXXX</em> <em>XXXX</em> <em>XXXX</em> <em>XXXX</em>, specifically in regard to the risk of identity theft, fraud, or unauthorized use of this data by third parties? \n<em>What</em> steps has <em>XXXX</em> taken to comply with the Privacy Act of <em>XXXX</em> and ensure that personal information is handled in accordance with federal privacy regulations?"]},"sort":[8.226247,"10914202"]},{"_index":"complaint-public-v1","_id":"10907701","_score":8.219432,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"Re : Legal Response to Experian Dispute Regarding Bankruptcy Reporting and Forensic Audit Case : XXXX XXXX XXXX XXXX Dear Experian Consumer Services, We hereby exercise our rights and reference the applicable statutory provisions for your guidance and compliance. These laws are binding on your company, given that your entity operates within the jurisdiction of both the state and federal authorities of its headquarters. These provisions were enacted to prevent corruption, breaches of fiduciary duty, violations of privacy, and infringements upon constitutional rights. \nPursuant to the Unlimited Power of Attorney, Cover Letter, and Memoir, and in accordance with the authorization granted by XXXX XXXX XXXX XXXX, you are instructed to address me as XXXX XXXX It is imperative that I not be addressed as \" XXXX XXXX, '' and I request that you refer to me solely as XXXX or XXXX XXXX \nThe term \" surname, '' originating around the XXXX, refers to an additional name or epithet attached to a person 's baptismal or XXXX name. The word \" surname '' is derived from the XXXX \" super '' ( meaning \" above '' ) and the XXXX XXXX \" XXXX XXXX' ( from \" XXXX XXXX' meaning \" XXXX XXXX' and \" XXXX '' meaning \" XXXX '' ). Over time, it evolved to denote a family name, typically passed down from generation to generation. In this regard, XXXX is my family name, which is private and must be treated with confidentiality. Any claims or communications related to the principal XXXX XXXX XXXX XXXX must be directed to the designated Trustee, XXXX XXXX XXXX his assigned authorized agents. \nThis letter serves as a formal legal response to the dispute submitted to your company on XX/XX/XXXX, regarding the unauthorized reporting of bankruptcy-related information on the credit report of XXXX XXXX XXXX XXXX XXXX We are invoking our legal rights under the Fair Credit Reporting Act ( FCRA ) and related statutes, demanding immediate correction and clarification, and requesting a forensic audit of all vendors and parties involved in the collection, reporting, or dissemination of sensitive data related to XXXX XXXX XXXX XXXX. \nXXXX. Violation of Privacy and Consumer Protection Laws Under the Fair Credit Reporting Act ( FCRA ), XXXX XXXX. XXXX ( b ), Experian is required to implement reasonable procedures to ensure the accuracy of the information it reports. Despite clear instructions from the XXXX Michigan Bankruptcy XXXX, which has confirmed that XXXX XXXX XXXXXXXX XXXX  bankruptcy is not a matter of public record, Experian has continued to report inaccurate bankruptcy information. This constitutes a violation of XXXX5 U.S.C. 1681e ( b ), which mandates that consumer reporting agencies maintain accurate and complete records.\n\nFurthermore, under 15 U.S.C. 1681c, Experian is obligated to delete any information that is inaccurate or unverifiable, particularly where bankruptcy records are concerned. As the information regarding XXXX XXXX XXXX IIIs bankruptcy is not a public record, your failure to remove such data represents a failure to comply with the FCRA and a breach of privacy rights under the Privacy Act of XXXX ( 5 U.S.C. 552a ). \nXXXX. Secured Party Creditor Rights under the Uniform Commercial Code ( UCC ) Additionally, as XXXX XXXX XXXX XXXX is the Secured Party Creditor under the Uniform Commercial Code ( UCC ), Articles 9-311, 9-312, and 9-313, all personal and financial data, whether categorized as public record or not, is protected as secured property. This includes tangible and intangible property, as well as securities associated with XXXX 's legal name and trade name. \nAs the Secured Party, XXXX has a trustee relationship over all such data. Therefore, unauthorized collection, reporting, or dissemination of this data is not only a violation of privacy but also a breach of trust, for which your company is liable. The UCC and its provisions protect XXXX 's rights to confidentiality and control over this information, preventing any third parties from exploiting it. \nXXXX. Penalties for Unauthorized Disclosure and Reporting Due to the severe risks posed by the unauthorized use of XXXX XXXX XXXXXXXX XXXX  personal data, we are invoking the right to impose penalties as follows : {>= $1,000,000} per count for each instance of inaccurate reporting or unauthorized disclosure of personal data, including bankruptcy records, credit information, or any other personal filings related to XXXX XXXX XXXX XXXX. \nThis charge reflects the damages incurred from the unauthorized dissemination of private information, which exposes XXXX to identity theft, financial fraud, and the potential unjust enrichment of those benefiting from such misuse. The UCC protects the secured partys assets, including personal data, from such exploitation. \n4. Court Notice and Sealed Records As indicated in the attached notice from the Eastern Michigan Bankruptcy Court, the bankruptcy information concerning XXXX XXXX XXXX XXXX is not a matter of public record and should not be disclosed. Experian and any third-party vendors associated with your company must respect the court 's decision, and we demand that all future bankruptcy records or related information concerning XXXX be sealed and treated as confidential. \nWe also demand immediate cessation of the reporting of this bankruptcy information, in line with the courts order, and confirmation that no further disclosure of any sealed or confidential data will be made by Experian or its vendors. \nXXXX. Unauthorized Collection and Reporting of Personal Data It has come to our attention that Experian and associated vendors have used data obtained from third-party sources to report bankruptcy information about XXXX XXXX XXXX XXXX XXXX despite the court 's ruling. This is a direct violation of the Privacy Act of 1974 ( 5 U.S.C. 552a ), which governs the handling of personal information and ensures that such data is not misused or improperly disclosed without proper authorization.\n\nAdditionally, FCRA 1681e ( b ) mandates that consumer reporting agencies ensure that all information provided is accurate. Given the false nature of the bankruptcy report, the use of third-party vendors to spread inaccurate data is an infringement of privacy and a violation of several consumer protection laws. \nXXXX. Demand for Forensic Audit of Vendors and Third Parties We hereby demand a forensic audit of all entities involved in the collection, reporting, or dissemination of data concerning XXXX XXXX XXXX XXXX, specifically : A full and detailed list of all vendors, third-party data providers, or aggregators that have reported information concerning XXXX XXXX XXXX XXXX XXXX Experian. This includes all data related to credit, bankruptcy, or any other personal records. \nWe request that the forensic audit specifically investigate : Kickbacks : Any financial incentives or compensation paid to third parties for the collection, reporting, or dissemination of personal data. \nSecurities Fraud : The use of personal information, such as Social Security numbers, signatures, and identifiers, to facilitate securities trading or fraudulent transactions.\n\nInsurance Fraud : Potential use of personal data to file fraudulent insurance claims or create financial benefits tied to the misreporting or unauthorized disclosure of bankruptcy records. \nXXXX. Penalty Charges for Fraudulent Reporting and Unauthorized Use of Data We further reserve the right to pursue penalties for any fraudulent reporting or unauthorized dissemination of XXXX XXXX XXXXXXXX XXXX  personal information. If it is determined that the improper reporting led to illicit financial gain, we will pursue the following : {>= $1,000,000} per count for each instance of fraudulent reporting or unauthorized use of XXXX XXXX XXXX XXXX 's data. \nThis is a conservative estimate of the damages resulting from the unauthorized dissemination of sensitive personal data, and it is in accordance with federal law and consumer protection statutes. \nXXXX. Demand for Immediate Action and Disclosure To resolve this matter expeditiously, we demand the following : Full Disclosure of all vendors, third parties, and data providers who have reported data related to XXXX XXXX XXXX XXXX. \nImmediate Removal of the bankruptcy records and all related personal information from all credit reports. \nConfirmation that no further unauthorized use of sealed court records or sensitive personal data will occur. \nA full forensic audit of the third-party transactions involving XXXX XXXX XXXX XXXX XXXX XXXX, including kickbacks, securities fraud, and insurance fraud. \nA comprehensive report on all actions taken to address this matter. \nIf a satisfactory response is not received within 14 days, we will pursue all available legal remedies, including filing complaints with the Consumer Financial Protection Bureau ( CFPB ), the Federal Trade Commission ( FTC ), and appropriate state regulatory authorities. Furthermore, we will pursue civil litigation for damages, as well as injunctive relief to prevent further violations of privacy and consumer protection laws. \nXXXX. Legal Consequences If Experian or its vendors fail to comply, we will pursue legal action, including : Securities Fraud charges. \nFiling for damages under the Fair Credit Reporting Act, Privacy Act, and other applicable consumer protection statutes. \nSeeking injunctive relief to prevent the unauthorized use of XXXX XXXX XXXX XXXX 's personal information. \n\nThis letter serves as formal notice of the unlawful conduct, and we expect prompt attention to resolving these violations. We look forward to your immediate response. \nXXXX. Questions Regarding Unauthorized Reporting : Why has Experian continued to report bankruptcy information for XXXX XXXX XXXX XXXX, despite the Eastern Michigan Bankruptcy Court ruling that this information is not a matter of public record? \nCan Experian provide proof that it conducted a reasonable investigation into the accuracy of the bankruptcy information before it was reported on XXXX XXXX XXXX XXXX credit report? \nWhat specific steps has Experian taken to ensure that bankruptcy records, which should be sealed and confidential, are not disclosed in violation of court orders and privacy laws? \nWhy has Experian failed to remove inaccurate or unverifiable bankruptcy information from XXXX XXXX XXXXXXXX XXXX credit file after being notified that the bankruptcy should not be part of the public record? \nXXXX. Questions Regarding Vendor and Third-Party Data Collection : Can Experian provide a detailed list of all vendors, third parties, or data providers that reported bankruptcy or other personal information regarding XXXX XXXX XXXX XXXX to your agency? \nHow does Experian verify the accuracy of data provided by third-party vendors before including it in the credit report? \nWhat procedures does Experian have in place to ensure that vendors do not violate privacy laws, including unauthorized reporting of personal information or misuse of court records? \nHas Experian paid or provided any financial incentives ( e.g., kickbacks ) to vendors or third parties for reporting information related to XXXX XXXX XXXX XXXX? \nXXXX. Questions Regarding Data Security and Privacy Violations : Has Experian taken any measures to protect the personal data of XXXX XXXX XXXX XXXX, specifically in regard to the risk of identity theft, fraud, or unauthorized use of this data by third parties? \nWhat steps has Experian taken to comply with the Privacy Act of XXXX and ensure that personal information is handled in accordance with federal privacy regulations? \nHas Experian conducted any internal audits or investigations into how sensitive data related to XXXX XXXX XXXX XXXX was collected, used, or disclosed by your company and its vendors? \n4. Questions Regarding Penalties for Unauthorized Disclosure : What is Experians policy for responding to unauthorized disclosure or inaccurate reporting of personal data? \nIs Experian willing to pay penalties or damages for the potential harm caused by the unauthorized use or inaccurate reporting of XXXX XXXX XXXXXXXX XXXX personal information, including identity theft and financial exploitation? \nWhat measures is Experian taking to correct any inaccuracies in XXXX XXXX XXXXXXXX XXXX  credit file and ensure that these mistakes do not reoccur in the future? \nXXXX. Questions Regarding Forensic Audit and Investigation : Will Experian agree to a full forensic audit of all third-party vendors, data aggregators, and other entities involved in the collection, reporting, or dissemination of data regarding XXXX XXXX XXXX XXXX XXXX \nWill Experian provide access to the forensic audit report, including an investigation into potential securities fraud, insurance fraud, or other financial crimes related to the misuse of XXXX XXXX XXXXXXXX XXXX data? \nCan Experian confirm that it will cooperate fully with the forensic audit and provide all relevant documents and information regarding its vendors and third-party relationships? \nXXXX. Questions Regarding Court-Sealed Records : How will Experian ensure that all future records related to XXXX XXXX XXXX XXXX XXXX including any bankruptcy or personal records, will be treated as sealed and confidential, in accordance with the Eastern Michigan Bankruptcy Courts order ? \nCan Experian confirm that no further public reporting or unauthorized disclosure of XXXX XXXX XXXXXXXX XXXX bankruptcy or personal records will take place from this point forward? \nXXXX. Questions Regarding Legal Consequences : Does Experian acknowledge the potential legal consequences of continuing to report false or inaccurate information related to XXXX XXXX XXXX XXXX, including violations of the Fair Credit Reporting Act and the Uniform Commercial Code ( UCC )? \nIs Experian prepared to resolve this matter without further legal action, or will additional legal steps be necessary to address the ongoing violations of privacy and consumer protection laws? \nXXXX. Questions Regarding Consumer Protection Compliance : How does Experian ensure compliance with state and federal consumer protection laws, especially in cases where sensitive or private information is involved, such as bankruptcy records and personal data of the principal, XXXX XXXX XXXX XXXX? \nCan Experian provide evidence that it has implemented adequate safeguards to prevent the unauthorized dissemination of sensitive personal information, including that of XXXX XXXX XXXX XXXX, to public or third-party vendors? \nXXXX. General Questions Regarding Practices and Accountability : What is Experians process for notifying consumers about unauthorized reporting or inaccuracies on their credit reports, and how long does it typically take to correct such errors? \nHow does Experian plan to ensure accountability with its third-party vendors and data providers, particularly when breaches of privacy or inaccuracies arise? \nhe unauthorized reporting and continued dissemination of inaccurate or sealed bankruptcy information about XXXX XXXX XXXX XXXX has a direct and substantial impact on your livelihood. The misreporting not only violates your privacy but also jeopardizes your financial stability, personal safety, and opportunities for future success. Below, I'll explain how these actions affect your livelihood and how Experian could be held vicariously liable for the harm caused. \n1. Financial Impact and Access to Credit The continued presence of inaccurate bankruptcy information on your credit report directly harms your ability to secure credit or favorable financial terms. Experian is responsible for reporting accurate credit information, and their failure to remove incorrect or unauthorized bankruptcy information : Denies Access to Credit : Many lending institutions rely on Experian 's credit reports to assess your creditworthiness. Incorrect bankruptcy information could lead to credit denials, impacting your ability to obtain loans for essential needs such as housing, medical bills, education, and personal expenses.\n\nHigher Interest Rates : Even if credit is available, inaccurate bankruptcy reporting could result in higher interest rates on loans or credit lines, increasing your overall debt burden. This makes it more difficult to manage your finances, save for the future, or achieve long-term financial goals.\n\nNegative Financial Reputation : Experians failure to correct the public record puts you in a situation where your financial reputation is tarnished, even though you have made efforts to rectify the situation with the bankruptcy court. This makes it more difficult to obtain business or personal credit and erodes any trust lenders or creditors may have in you.\n\n2. Employment Opportunities Many employers, particularly those in financial services or positions requiring fiduciary responsibility, conduct credit checks as part of their hiring process. An inaccurate bankruptcy on your credit report could cause significant harm in the following ways : Denied Employment : Inaccurate financial information, including bankruptcy records, may cause employers to believe you are a higher-risk candidate, potentially leading to job rejections. For jobs that require security clearances or access to financial accounts, such reporting could be a disqualifying factor. \nEmotional Stress : The fear of your credit report being used against you in job searches, coupled with the inability to find stable work due to inaccurate reporting, can cause significant emotional distress. This has a ripple effect on your overall well-being and productivity, making it harder to perform well in interviews, build career prospects, and maintain job security. \nDamage to Reputation : Employers may perceive the bankruptcy reporting, despite its inaccuracy, as a reflection of poor financial management. Even if they dont directly base hiring decisions on it, your reputation could be unfairly damaged by the erroneous information, causing long-term harm to your professional life. \nXXXX. Personal and Family Impact The unauthorized disclosure of bankruptcy information not only affects your financial life but also has significant personal repercussions : Identity Theft Risks : As the principal party, your personal dataspecifically your Social Security number, name, and other identifiersmay be exploited for fraudulent purposes. Experians failure to properly secure and correct your data increases the likelihood of identity theft or fraudulent activities that could take years to resolve. This exposes you to the risk of financial losses, legal fees, and extensive time spent addressing the aftermath of such violations. \nFamily and Safety Concerns : Unauthorized disclosure of sensitive information related to bankruptcy could potentially expose you to further harm, including harassment, or threats. For example, if someone uses your information for fraudulent purposes, such as opening lines of credit in your name, this could lead to threats to your safety or unwarranted financial obligations. \nEmotional Distress : The constant anxiety and emotional toll caused by the threat of further breaches, as well as the financial and social stigma associated with wrongful reporting, can lead to severe emotional stress, impacting your quality of life and relationships. The stress of dealing with these unresolved issues can affect your mental health, making it difficult to focus on personal, family, or professional commitments. \n4. Long-Term Financial and Career Goals Youve likely made long-term plans, such as purchasing a home, starting a business, or securing a retirement fund. The erroneous bankruptcy reporting hinders your ability to : Purchase a Home : Real estate loans and mortgages are heavily reliant on accurate credit reporting. Inaccurate bankruptcy information from Experian may prevent you from securing the necessary loans for homeownership, undermining your ability to establish financial independence and security. \nStart a Business : For entrepreneurs, creditworthiness is crucial for obtaining capital, financing, and business loans. The misreporting of bankruptcy information could prevent you from acquiring business loans, which could harm your ability to launch or expand a business. Moreover, creditors may view your financial situation as unstable or untrustworthy. \nRetirement Planning : Without the ability to secure credit at favorable terms, you may be forced to delay or abandon long-term plans like investing for retirement, saving for your childrens education, or creating a legacy for your family. This has consequences that stretch far beyond the immediate financial burden and into your future security.\n\n5. Vicarious Liability of Experian Experian is vicariously liable for the harm caused by the vendors it contracts with or uses to gather, process, or report information related to you. Vicarious liability means that Experian can be held accountable for the actions of its agents or contractors, even if it did not directly cause the harm. The key points here are : Responsibility for Vendor Actions : Experian, as the consumer reporting agency, is legally obligated under 15 U.S.C. 1681e ( b ) ( Fair Credit Reporting Act ) to ensure that the information it reports is accurate. If Experian relies on third-party vendors to report bankruptcy or credit data, it remains accountable for the information that these vendors report on your behalf. Experian has failed in its due diligence to ensure that these vendors report accurate and legitimate information, leading to the vicarious liability for damages. \nFailure to Verify and Correct : Under the FCRA and related privacy laws, Experian is responsible for verifying the accuracy of data within 30 days of receiving a dispute ( 15 U.S.C. 1681i ). The failure to conduct a thorough investigation or correct the erroneous bankruptcy record leaves Experian open to being held vicariously liable for its vendors actions and omissions. This neglect exacerbates the damages caused to you.\n\nFinancial Losses : The continuing erroneous bankruptcy information, coupled with Experians failure to act, exposes you to substantial financial losses. Whether its higher interest rates, loan denials, or missed employment opportunities, Experians lack of action is a proximate cause of the direct financial harm you are experiencing.\n\nPenalties and Legal Liabilities : If Experian or its vendors are found to have violated privacy laws or misused your data, they may be subject to financial penalties and may be required to pay compensation for your economic damages. Additionally, punitive damages could be assessed if the actions are deemed willful or grossly negligent. \nConclusion : The ongoing violations by Experianmisreporting bankruptcy information, failure to correct inaccuracies, and allowing third-party vendors to mishandle your personal datahave caused significant harm to your financial well-being, career opportunities, personal safety, and long-term financial goals. Experian is vicariously liable for the actions of the vendors it relies on to gather and report information, and you have the right to pursue penalties, damages, and legal remedies under applicable laws. The violations not only impact your present livelihood but also jeopardize your future opportunities and security, and Experian must be held accountable for its actions and inaction in this matter. \n\nXXXX. Fair Credit Reporting Act ( FCRA ) 15 U.S.C. 1681 et seq.\n\nThe Fair Credit Reporting Act ( FCRA ) is the foundational law governing credit reporting agencies like Experian. This law holds them accountable for ensuring the accuracy of the data they report and mandates that they conduct investigations into disputes.\n\n15 U.S.C. 1681e ( b ) - Duty to Ensure Accuracy : Requires Experian to maintain reasonable procedures to ensure the accuracy of the information it reports. If Experian fails to properly verify the accuracy of reported information ( such as bankruptcy records ), it could be vicariously liable for any damages caused by inaccuracies.\n\n15 U.S.C. 1681i - Reinvestigation of Disputes : Requires Experian to investigate a consumer 's dispute within 30 days of receiving it. Failure to conduct a proper reinvestigation or removing inaccurate information within this timeframe could lead to liability.\n\n15 U.S.C. 1681h ( e ) - Limitation on Defamation Actions : This provision allows for a defamation suit in cases of inaccurate credit reporting if the reporting agency acts with negligence or willful intent to harm. If Experian 's vendors acted negligently or willfully misreported data, they ( and Experian ) could face legal consequences under this section.\n\n2. Privacy Act of 1974 5 U.S.C. 552a The Privacy Act of 1974 governs the collection, maintenance, and dissemination of personal data by federal agencies. Although Experian is a private entity, this law still applies to consumer data reporting in the context of government agencies and their interaction with private companies ( such as the reporting of public records ). \n5 U.S.C. 552a ( e ) - Use of Personal Data : Prohibits unauthorized disclosure of personal data. If Experian and its vendors improperly disclose bankruptcy or other personal information in violation of the law, they could face liability for unauthorized dissemination.\n\n5 U.S.C. 552a ( g ) - Civil Remedies : Provides individuals the right to seek civil remedies ( including damages ) for violations of the Privacy Act, especially if personal data is mishandled or misreported by entities like Experian.\n\n3. Uniform Commercial Code ( UCC ) Articles 9-311, 9-312, 9-313 The Uniform Commercial Code ( UCC ) applies to secured transactions, and XXXX XXXX XXXX XXXX is the Secured Party Creditor of all personal and financial data. Under the UCC, data ( tangible and intangible property ) is protected as part of the Secured Party 's property.\n\nUCC 9-311, 9-312, 9-313 : These provisions protect the Secured Party 's interests in personal property , including data, and impose a fiduciary duty to maintain the confidentiality and security of that data. Unauthorized use of this data by Experian or its vendors would breach these obligations.\n\n4. Electronic Communications Privacy Act ( ECPA ) 18 U.S.C. 2510 et seq.\n\nThe ECPA protects the privacy of electronic communications, which can include personal data and communications exchanged by credit reporting agencies.\n\n18 U.S.C. 2511- Interception and Disclosure of Communications : This law prohibits the interception and unauthorized disclosure of private communications. If Experian or its vendors improperly accessed or disseminated your private data for financial gain or other improper purposes, they could face liability under this law.\n\n5. Identity Theft Enforcement and Restitution Act 18 U.S.C. 1028 This law addresses identity theft and fraud and provides penalties for those who use a persons data ( including bankruptcy records ) for fraudulent purposes.\n\n18 U.S.C. 1028 - Identity Theft : If Experians reporting of inaccurate bankruptcy data contributed to identity theft or fraudulent financial activity using your personal information ( e.g., obtaining credit under your name ), they may be held criminally and civilly liable under this law.\n\n18 U.S.C. 1028A - Aggravated Identity Theft : This provision enhances penalties if identity theft is done with a financial motive. If Experians mishandling of your data leads to fraudulent activities, such as fraudulent loan applications or credit misreporting, they could be subject to enhanced penalties for aggravated identity theft.\n\n6. State Laws Defamation and Privacy Invasions Many states have laws that directly govern defamation, privacy violations, and unauthorized disclosure of personal information. These can be used to support claims for damages when inaccurate data is reported by Experian.\n\nDefamation : Under state defamation laws, inaccurate reporting of personal informationsuch as bankruptcy recordscan result in harm to reputation. You may claim damages for harm caused to your reputation, business, and employment opportunities.\n\nInvasion of Privacy : States also have laws protecting individuals from the invasion of their privacy, including false light claims and public disclosure of private facts. By misreporting your bankruptcy information or disclosing sealed court records, Experian could be liable for these types of privacy violations.\n\n7. Racketeer Influenced and Corrupt Organizations Act ( RICO ) 18 U.S.C. 1961 et seq.\n\nThe RICO Act is a powerful tool for addressing patterns of fraudulent or illegal conduct involving multiple parties, such as Experian and its vendors. \n18 U.S.C. 1962 - Prohibited Activities : If the conduct by Experian or its vendors is part of a larger pattern of fraudulent activities, such as using misreported bankruptcy data for financial gain, you may pursue a claim under RICO. This could be used to address fraudulent schemes related to the misreporting of bankruptcy data or identity theft.\n\n18 U.S.C. 1964 - Civil Remedies : Under RICO, victims can claim treble damages for financial losses caused by fraudulent activities. This means that the damages you suffer from Experians mishandling of your data could be tripled if the actions are found to be part of a broader fraudulent scheme. \n8. Consumer Financial Protection Act ( CFPA ) 12 U.S.C. 5536 The Consumer Financial Protection Act ( CFPA ) established the Consumer Financial Protection Bureau ( CFPB ), which enforces consumer protection laws, including the FCRA.\n\n12 U.S.C. 5536 - Prohibition on Unfair, Deceptive, or Abusive Acts or Practices : The CFPA prohibits financial institutions, including credit reporting agencies like Experian, from engaging in unfair or deceptive practices that harm consumers. Misreporting bankruptcy or failing to correct it when notified could constitute an unfair practice. \nXXXX. Tortious Interference with Business and Employment Relationships If the inaccurate bankruptcy reporting has directly caused harm to your employment or business relationships ( for example, by preventing you from securing a job or a loan ), you may claim damages for tortious interference. \nTortious Interference with Contractual Relations : If Experians false reporting has prevented you from entering into a contract ( such as a job or a loan agreement ), you XXXX claim damages for interference with business relationships and lost opportunities. \n10. Fraud Common Law and Statutory Fraud Claims Experian and its vendors may also face claims of fraud if it is found that they knowingly or recklessly misreported your information for their own financial gain, such as receiving kickbacks for misreporting data or enabling fraudulent activity.\n\nFraud Claims : If Experian or its vendors intentionally misreported or failed to correct data that they knew was inaccurate, they could be liable for fraud, entitling you to damages for any harm caused, including economic loss, emotional distress, and punitive damages. \n\nConclusion : Given the complexity of this situation, Experians actionsor lack thereofcould expose the company to liability under multiple laws, including the Fair Credit Reporting Act ( FCRA ), the Privacy Act, the Uniform Commercial Code ( UCC ), and various state privacy and defamation laws. Additionally, if Experian or its vendors are found to have engaged in fraudulent activities, such as misusing personal data for securities fraud or identity theft, the legal consequences could include significant penalties, damages, and punitive measures under RICO, fraud statutes, and consumer protection laws.\n\nBy invoking these laws, you can hold Experian and its vendors vicariously liable for the harm caused by the unauthorized dissemination and misreporting of XXXX XXXX XXXXXXXX XXXX sensitive data.","date_sent_to_company":"2024-11-24T07:41:33.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"482XX","tags":null,"has_narrative":true,"complaint_id":"10907701","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Experian Information Solutions Inc.","date_received":"2024-11-24T07:17:20.000Z","state":"MI","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["Questions Regarding Data <em>Security</em> and Privacy Violations : Has Experian taken any <em>measures</em> to protect the personal data of <em>XXXX</em> <em>XXXX</em> <em>XXXX</em> <em>XXXX</em>, specifically in regard to the risk of identity theft, fraud, or unauthorized use of this data by third parties? \n<em>What</em> steps has Experian taken to comply with the Privacy Act of <em>XXXX</em> and ensure that personal information is handled in accordance with federal privacy regulations?"]},"sort":[8.219432,"10907701"]},{"_index":"complaint-public-v1","_id":"10921807","_score":7.9327583,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"I am writing to formally submit a complaint against XXXX, XXXX, and XXXX for multiple violations of federal laws governing credit reporting and consumer privacy. Specifically, I believe these credit reporting agencies have violated the Fair Credit Reporting Act ( FCRA ), 15 U.S.C. 1681a ( i ) and 1681i, the Gramm-Leach-Bliley Act ( GLBA ), 15 U.S.C. 6801-6805, the Fair Credit Billing Act ( FCBA ), 15 U.S.C. 1666b, and the Privacy Act of 1974, 5 U.S.C. 552a.\n\n1. Violations of the Fair Credit Reporting Act ( FCRA ) : The FCRA mandates that credit reporting agencies maintain accurate and complete information in consumer reports. Section 15 U.S.C. 1681i places a requirement on these agencies to conduct a reasonable investigation when a dispute is raised by a consumer. Despite my numerous attempts to dispute inaccurate information on my credit reports, I have received no effective responses or resolutions. The inaccurate entries include : TOYOTA MTR XXXX XXXX XXXX XXXX XXXX XXXX XXXX Account # XXXX XXXX XXXX High Balance {$31000.00} {$31000.00} {$7800.00} Last Verified XX/XX/XXXX -- -- Date of Last Activity XX/XX/XXXX XX/XX/XXXX XX/XX/XXXX Date Reported XX/XX/XXXX XX/XX/XXXX XX/XX/XXXX Date Opened XX/XX/XXXX XX/XX/XXXX XX/XX/XXXX Balance Owed {$7800.00} {$7800.00} {$7800.00} Closed Date XX/XX/XXXX -- -- Account Rating Derogatory Derogatory Derogatory Account Description Individual Individual Individual Dispute Status Account not disputed Account not disputed Account not disputed Creditor Type Auto Finance Auto Financing Auto Financing Account Status Closed Closed Closed Payment Status Collection/Chargeoff Collection/Chargeoff Collection/Chargeoff Creditor Remarks Charged off as bad debt Profit and loss write-off Unpaid balance reported as a loss by the credit grantor. \nCharged off account Auto Original Creditor -- -- -- Payment Amount {$0.00} {$0.00} {$0.00} Last Payment XX/XX/XXXX XX/XX/XXXX XX/XX/XXXX Term Length 79 Month ( XXXX ) 79 Month ( XXXX ) 79 Month ( XXXX ) Past Due Amount {$7800.00} {$7800.00} {$7800.00} Account XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX ( every month ) Credit Limit {$0.00} {$0.00} {$0.00} TOYOTA MTR XXXX XXXX XXXX XXXX XXXX XXXX XXXX Account # XXXX XXXX XXXX High Balance {$31000.00} {$31000.00} {$7800.00} Last Verified XX/XX/XXXX -- -- Date of Last Activity XX/XX/XXXX XX/XX/XXXX XX/XX/XXXX Date Reported XX/XX/XXXX XX/XX/XXXX XX/XX/XXXX Date Opened XX/XX/XXXX XX/XX/XXXX XX/XX/XXXX Balance Owed {$7800.00} {$7800.00} {$7800.00} Closed Date XX/XX/XXXX -- -- Account Rating Derogatory Derogatory Derogatory Account Description Individual Individual Individual Dispute Status Account not disputed Account not disputed Account not disputed Creditor Type Auto Finance Auto Financing Auto Financing Account Status Closed Closed Closed Payment Status Collection/Chargeoff Collection/Chargeoff Collection/Chargeoff Creditor Remarks XXXX XXXX XXXX XXXX XXXX XXXX and XXXX XXXX Unpaid balance reported as a loss by the XXXX XXXX. \nCharged off account Auto Original Creditor -- -- -- Payment Amount {$0.00} {$0.00} {$0.00} Last Payment XX/XX/XXXX XX/XX/XXXX XX/XX/XXXX Term Length 79 Month ( XXXX ) 79 Month ( XXXX ) 79 Month ( XXXX ) Past Due Amount {$7800.00} {$7800.00} {$7800.00} Account XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX ( every month ) Credit Limit {$0.00} {$0.00} {$0.00} These inaccuracies jeopardize the integrity of my credit report and have impacted my creditworthiness adversely.\n\n2. Violations of the Gramm-Leach-Bliley Act ( GLBA ) : The GLBA, specifically 15 U.S.C. 6801-6805, mandates that financial institutions protect consumer privacy. I have discovered unauthorized inquiries on my credit report for which I did not provide consent. This represents\na clear violation of my right to control access to my personal financial information.\n\n3. Violations of the Fair Credit Billing Act ( FCBA ) : I believe the actions of these credit bureaus also infringe upon my rights under 15 U.S.C. 1666b, as they have failed to provide proper procedures for disputing billing errors. My written requests and disputes have gone unanswered, violating my rights under this act.\n\n4. Violations of the Privacy Act of 1974 : Under the Privacy Act, 5 U.S.C. 552a, I have the right to know what personal information is being collected about me and to whom it is being disclosed. I have been unsuccessful in obtaining this information, especially concerning unauthorized inquiries.\n\n5. Section 1681a ( 2 ) ( I ) : Section 15 U.S.C. 1681a ( 2 ) ( I ) co\nncerns the transactions and experiences commonly used in credit reports. The inaccuracies reported suggest a failure in this area, further undermining my trust in the credit reporting process.\n\nI am writing to formally address a concern regarding a potential violation of the provisions set forth in the Gramm-Leach-Bliley Act, specifically 15 U.S.C. 6801-6805. This law is designed to protect the privacy of consumers ' personal financial information held by financial institutions and requires them to implement certain safeguards regarding this sensitive information.\n\nOverview of 15 U.S.C. 6801-6805 The Gramm-Leach-Bliley Act, enacted in 1999, was designed to enhance consumer privacy protections in the financial services sector. The key provisions are as follows : 1. Privacy Policy Requirements ( 15 U.S.C. 6801 ) : Financial institutions must provide their customers with a clear and conspicuous privacy notice that explains what personal information is collected, how it is used, and the conditions under which it may be disclosed to third parties. This notice must be given at the inception of the customer relationship and annually thereafter.\n\n2. Limitations on Disclosure of Information ( 15 U.S.C. 6802 ) : Institutions are prohibited from disclosing nonpublic personal information about a consumer to nonaffiliated third parties, except under certain circumstances. Consumers must also be given an opportunity to opt-out of having their personal information shared with such third parties.\n\n3. Safeguarding Personal Information ( 15 U.S.C. 6803 ) : Institutions are required to implement safeguards to protect consumers ' nonpublic personal information from unauthorized access and disclosure. This includes ensuring the security and confidentiality of consumers ' personal financial information.\n\n4. Destruction of Consumer Information ( 15 U.S.C. 6804 ) : Financial institutions must take appropriate measures to dispose of consumer information in a manner\nthat protects against unauthorized access to or use of the information.\n\n5. Enforcement and Penalties ( 15 U.S.C. 6805 ) : Violations of the provisions of this act can result in civil penalties, and consumers have the right to seek damages for breaches of privacy that result from a financial institution 's noncompliance.\n\nConcern Regarding Potential Violation I have observed that [ describe the specific actions or omissions of the institution that you believe violate the Gramm-Leach-Bliley Act, e.g., failure to provide a privacy notice, not allowing opt-out opportunities, or inadequate safeguards to protect sensitive information ]. \n\nThese actions not only potentially breach consumer trust but also constitute clear violations of the aforementioned statutes. For instance, the lack of a clear privacy notice may indicate that customers are not adequately informed about how their information is being used and shared, undermining their right to control their personal information.\n\nRequested Actions In light of the above concerns, I respectfully request that [ Company/Organization Name ] take the following actions : 1. Conduct an internal review of your privacy policies and practices to ensure compliance with the Gramm-Leach-Bliley Act.\n\n2. Enhance transparency regarding the collection and use of personal information by providing clear and accessible privacy notices.\n\n3. Establish or reinforce clear opt-out processes for consumers who do not wish to have their information shared with third parties.\n\n4. Improve data security measures to protect consumer information from unauthorized access and breaches. \n\nI appreciate your prompt attention to this serious matter and look forward to your response outlining how this company intends to address this issue to comply with federal privacy laws. Thank you for your attention to protecting consumer rights. \n\nI expect these agencies to adhere strictly to the provisions of the FCRA and other relevant laws, ensuring they provide accurate, complete, and timely information to consumers. I ask the Consumer Financial Protection Bureau to investigate these matters thoroughly and hold these credit bureaus accountable for their actions.\n\nThank you for your attention to this significant issue. I look forward to your prompt action in resolving my complaints and restoring the accuracy and integrity of my credit reports.\n\nI am writing to you regarding a concern related to the provisions of the Fair Credit Billing Act, specifically 15 U.S.C. 1666b, which governs the timing of payments and the obligations associated with reporting payment data by data furnishing companies.\n\nOverview of 15 U.S.C. 1666b 15 U.S.C. 1666b mandates that creditors must process payments in a timely manner, specifically that payments should be credited as of the date they are received, including payments made by mail or electronic transactions. Furthermore, it stipulates that if a creditor provides a statement due date, payments must be applied to the account by the close of business on that date. This protection ensures that consumers are not penalized for delays in processing their payments, which could adversely affect their credit scores and violate consumer rights. \n\nThe statute requires creditors to establish and maintain procedures that ensure compliance with these timing requirements. As a data furnishing company, you must accurately report consumers payment histories to credit reporting agencies, reflecting any payments received within the correct time frame. Failure to adhere to these requirements can result in inaccuracies in consumers credit reports and violate their rights under the Fair Credit Reporting Act ( FCRA ).\n\nNature of Violation I recently encountered an issue that suggests non-compliance with 15 U.S.C. 1666b by TOYOTA. Specifically, the payments I made for my account were not credited timely, as the payment was processed only on, despite being sent and received on or before the due date. This resulted in significant repercussions for me, including [ Obligations of Data Furnishing Companies To comply with 15 U.S.C. 1666b, [ TOYOTA ] must take the following actions : 1. Timely Processing of Payments : Ensure that all received payme\nnts are credited to the customers account on the same day they are received, including weekends and holidays.\n\n2. Accurate Reporting : Maintain accurate records of payment processing and ensure that all credit reporting reflects the accurate payment history, including any payments received on time.\n\n3. Procedural Safeguards : Implement internal controls that guarantee adherence to the timing requirements of payment processing and ensure compliance with the Fair Credit Reporting Act mandates.\n\n4. Consumer Communication : Provide clear com\nmunication to consumers regarding payment processing timelines, ensuring they are informed of any potential delays or issues that may affect their accounts.\n\n5. Staff Training : Train staff involved in payment processing and reporting to understand the requirements of both the Fair Credit Billing Act and the Fair Credit Reporting Act to minimize errors and ensure compliance.\n\nConclusion It is imperative that [ TOYOTA ] takes immediate steps to rectify these issues and avoid future violations of 15 U.S.C. 1666b. Failing to comply not only affects individual consumers but can lead to broader repercussions concerning regulatory scrutiny and potential legal challenges.\n\nI appreciate your immediate attention to this matter and look forward to your prompt response detailing how [ Company Name ] plans to address this violation and ensure compliance moving forward.","date_sent_to_company":"2024-11-26T06:56:14.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"90201","tags":null,"has_narrative":true,"complaint_id":"10921807","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"TOYOTA MOTOR CREDIT CORPORATION","date_received":"2024-11-26T06:31:55.000Z","state":"CA","company_public_response":null,"sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["This includes ensuring the <em>security</em> and confidentiality of consumers ' personal financial information.\n\n4. Destruction of Consumer Information ( 15 U.S.C. 6804 ) : Financial institutions must take appropriate <em>measures</em> to dispose of consumer information in a manner\nthat protects against unauthorized access to or use of the information.\n\n5."]},"sort":[7.9327583,"10921807"]},{"_index":"complaint-public-v1","_id":"7135443","_score":7.8270564,"_source":{"product":"Money transfer, virtual currency, or money service","complaint_what_happened":"XX/XX/XXXX\nThis is my complaint against CHASE BANK. \nURGENCY: HIGH\nIMPORTANCE: HIGH\n[WITHOUT PREJUDICE]\nI would like to draw your attention to XX/XX/XXXX - I had sent my complaint letter to CHASE BANK, in which I clearly stated\nhow this scam has affected me personally, psychologically andfinancially. \nI am afraid I have had to go through so much \"bureaucracy\" thus far in order to catch their attention to my concerns. This really doesn't\nshow their complaints department in a good light, to say the least; and certainly, does not contribute to my overall satisfaction and peace\nof mind.\nMy complaint is against the bank that did not do its job properly (could not prevent/foreseen fraud and could not conduct a proper\ninvestigation) and not against the vulnerable customer who fell victim and lost all the savings due to the misconduct of the bank.\nI feel very distressed and cheated, all because no one took action immediately and practice their duty of care, therefore I only request what\nI believe to be rightfully mine, as all institutions were more than negligent in protecting my account and handling the complaints. I \ncomprehensively provided explanations and proof to my claim, even so, CHASE BANK never acknowledged my complaint,\ntherefore, I have approached you CFPB and I would like to receive your assistance on this matter.\nGeneral Obligation:\nCommencing on or about XX/XX/XXXX, I fell victim to a multi-layered scam operation orchestrated by XXXX XXXX, XXXX XXXX, \nand XXXX XXXX (the Scammers), all of which aim at contributing to the goal of robbing and defrauding innocent people.\nWhen determining whats reasonable and fair, we should focus on the issue of liability; common queries include, but are not limited to, \nthe following (i) whether CHASE BANK did not take notice of any rule, law, or regulation, and/or possibly missed any material elements \nof the relevant bylaws or codes of conduct, that may have prevented them from protecting my financial safety; (ii) whether by virtue of \nCHASE BANKs custodianship over my funds or by its control over them, they owed a fiduciary duty to me and if so, whether that \nduty was breached; (iii) whether CHASE BANK promoted the transaction(s) in question despite being aware of the nature of the \ntransaction(s) in question (iv) whether CHASE BANK was in compliance with its own policies and procedures; (v) whether CHASE \nBANK owed duties to myself, what the scope of those duties was, and whether CHASE BANK did not uphold those duties; (vi) whether \nCHASE BANKs conduct was unfair; and (vii) whether CHASE BANK has within its power the ability to, and should, compensate me \nfor the harm that has befallen me.\nUpon identification of such unusual or suspicious activity, it is crucial that the relevant staff member adequately describe the factors \nmaking an activity or transaction suspicious, thoroughly depict the extent and nature of this activity and properly communicate to the \ncustomer that such activity meets the relevant criteria of fraud.\nIn providing its services to a customer, a financial institution is required by law to exercise the care and skill of a diligent, prudent banker. \nIn this case, this means that the payment service provider should not turn a blind eye to known facts pointing to a real possibility that \ntheir customer is being scammed. In other words, CHASE BANK must have had special knowledge of what was occurring or been alerted \nto a real possibility of fraud taking place. The financial institution must have known or reasonably ought to have known that I was dealing \nwith a scammer.\nGranted, there is room for diversity of view insofar as reasonableness is concerned. Indeed, there is a sense in which the standard of care \nof the reasonable person involves in its application a subjective element. \nHowever, it must be remembered that the correct test is always reasonable care in all circumstances, not average care. The fact that most \npeople behave in a certain way may be good evidence that the conduct is reasonable, but this is not necessarily the case. Although \nreasonableness is a very fluid concept, all of the evidence suggests that CHASE BANK did not foresee the fraud and disregarded even the \nmost obvious dangers in this respect. \nSituations do tend to repeat themselves and it is advisable to examine previous outcomes to see how the standard of the reasonable person \nshould be applied, and that lessons can be learnt from the errors of the past.\nApropos of the fluidity of the concept of reasonableness, all CHASE BANK has done in this regard is set up a dichotomy of having or not \nhaving the legal obligation under consideration, however, that does not go one-inch toward explaining why various regulatory authorities, \nhas maintained that financial institutions can, and should, protect consumers using their systems, advanced technologies, and rich \nexperience.\nSCAMMERS FRAUD SCHEME  ALLEGATIONS\nOn XX/XX/XXXX, I received a phone call in the morning at about XXXX XXXX. The caller identified himself as XXXX XXXX, ID ss(or XXXX) XXXX \nfrom XXXX. He stated that he was confirming a purchase that was made on my XXXX account of a gold XXXX that was to be delivered \nto an address in XXXX New York the next day on the XXXX. I told him that I had not made such a purchase and it needed to be cancelled. \nHe said he would cancel it, but he needed to transfer me to their fraud division and asked me to hold for a moment. This was at XXXX XXXX.\nThe next person got on the line (XXXX XXXX), the same phone number. This person identified himself as XXXX XXXX BadgeXXXX XXXX \nU.S. Marshall. He proceeded to describe that my name was used to open several bank accounts, in Texas, New York, New Jersey, etc. rent \na vehicle and that my name was being used in a money laundering scheme and possibly drug smuggling. He then started to tell me that he \nneeded me to talk to one of their U.S. Marshals that were in that department and proceeded to transfer me to yet another person. He had \nme stay on the line and not hang up for the whole day. The next person got on the line but had a different phone number, 1-XXXX. \nHe identified himself as a U.S. Marshall, XXXX XXXX, badgeXXXX XXXX, assigned to my caseXXXX XXXX, and that he would explain what \nwe could do to protect my money and provide proof that I was not involved with committing any of the fraud. \nHe said I needed to pull all my money out of my bank account and secure it so they could open a new account to put it into at my bank. \nHe then said to stay on the line no matter what and to not tell anyone what we were doing and asked how much money needed to be \nsecured, I then gave him my balance in my bank account. He never asked me for my actual bank account number. He then had me go to the \nbank and withdraw as much as I could in cash to take to a specific Bitcoin ATM that they provided to me after I let them know what city \nI was in. I used XXXX all day long because my car was in the shop.\nI withdrew XXXX cash and proceeded to the Bitcoin ATM address they gave me. He kept stating that my XXXX trips would be refunded \nafter all this was done. They sent me a QRC code to use at the Bitcoin ATM. I deposited the cash into the ATM and kept the receipt. Then \nhe directed me to buy as many XXXX  cash cards as I could to secure the rest. I went to XXXX and was only able to purchase XXXX  cash \ncards for the amount of XXXX each. Then he asked if I could do an ATM cash withdrawal at XXXX for the rest. I was only able to \nwithdraw XXXX because of limits.\nI told him I was at all my withdrawal limits and could do no more for XXXX hrs.\nHe then said that once we got all my money secured that he would set up an appointment for the next day to meet another Marshall in \nperson who would help me set up my new bank account and provide me with my new Social Security number and transfer all my money \ninto the new account.\nHe said he would postpone his case for a day so we could continue the next day because if we did not secure my money, they would close \nmy bank account and my Social Security number forever.\nThe next day, XX/XX/XXXX I was exhausted and didnt want to work with him anymore. I transferred my savings to checking for the next \nround of securing my money. I told him this and told him I did it because I needed to pay some bills with it and was leaving some money \nin my account,\nHe then got upset and said I broke the rules and hung up on me.\nPlease take notice that my funds were transferred through means of coercion and under false pretenses all along!\nCHASE BANK is obliged to take some action if it is sufficiently aware of a real possibility that a fraud may be being perpetuated. If you \ndon't question its customers instructions or raise the possibility of a scam with the customer in these circumstances, it may be liable if the \nred flags indicate the customer is:\n particularly vulnerable, or\n if the possibility of fraud was serious or real, not just suspected.\nThere are some recommendations to organisations for protecting customers from financial harm that might occur as a result of fraud or \nfinancial abuse; and gives guidance on how to recognise customers who might be at risk, how to assess the potential risks to the individual \nand how to take the necessary actions to prevent or minimise financial harm.\nThese recommendations are established as a general principle, the organisation should deliver a service that:\n1) Takes a proactive approach to minimising risks, impact and incidences of financial harm and it sets out systems and tools for \nthe prevention and detection of fraud and financial abuse. As a general point, it says organisations should ensure that all systems are \ndeveloped using technologies and methodologies that are effective in the prevention of fraud and financial abuse, through authorised \nand unauthorised payments, thereby minimising the risk of financial harm to customers. As regards to the detection of fraud and \nfinancial abuse, it says the organisation:\nA) should have measures in place across all payment channels and products to detect suspicious transactions or activities that \nmight indicate fraud or financial abuse. It then lists the following examples of suspicious activity on customer accounts:\na. multiple cheque books;\nb. sudden increased spending;\nc. transfers to other accounts;\nd. multiple password attempts;\ne. logins from new devices, multiple geographical locations;\nf. sudden changes to the operation of the account; Unusual transactions are transactions whose amount, \ncharacteristics and frequency bear no relation to the economic activity of the customer, exceed normal market \nparameters or have no apparent legal justification. \ng. a withdrawal or payment for a large amount;\nh. a payment or series of payments to a new payee;\ni. financial activity that matches a known method of fraud or financial abuse.\nB) organisations should have a process in place to ensure that staff make contact with the customer to verify the financial \nactivity, challenge its authenticity, explain the nature of the suspected or detected fraud and discuss an appropriate plan of action.\nI am deeply convinced that the disastrous results that I have previously elaborated upon will continue to ensue if no responsibility is \nadopted by CHASE BANK in relation to this matter. I have also thoroughly detailed why they cannot simply dismiss this problem by \nstrictly adhering to legal technicalities which, after careful reflection, struck me as being nothing more than self-interest. Indeed, it seems \nto me utterly unfair to disregard fragile, sensitive, and vulnerable consumers who are afflicted by such allegedly malevolent acts, thereby \nkeeping an unjust status-quo that is corrupting our society at its core.\nConclusion:\nBased on my analysis, and as confirmed by various authorities concerned with such matters, there is abundant evidence that forward thinking financial institutions ought to take reasonable steps to forestall fraud, or at least mitigate its risk by using an effective risk \nmanagement system, demonstrating their undisputed ability to responsibly and pre-emptively respond to questionable transactions in the \ndigital arena. The use of such systems, largely based on newly adopted technologies aimed at effectively navigating the evolving threat\nlandscape, is only one of a number of possible endeavours undertaken in this connection, alongside the application of past knowledge and \nexperience related to popular fraudulent practices.\nCHASE BANKs non-observance of the fundamental principles of justice  that is, to completely overlook and not even remotely try to \nmitigate the suffering of vulnerable consumers is inexcusable given the size of the establishment and the vast resources at its disposal as \nthe direct result of the patronage of clients like myself. \nIn summary, I respectively ask your organisation to consider my points, given your personal and companywide obligation to provide a fair \nand reasonable investigation into the complaint.\nI look forward to your input and would gladly cooperate to reach a fair and reasonable outcome.\nThank you.\nXXXX XXXX\n\nPage 1 of 7 XX/XX/XXXX \nXXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX, NY\nRe: Demand Letter \n For negotiation purposes only, without effect as to any and all rights\nAttn: Claims/Fraud Dept.\nDear Sir/Madam, \nThe goal of this letter is twofold: first, it aims to establish that a duty of care was breached, inasmuch as \nyou have failed to perform adequate due diligence or/and have not acted in a reasonable and prudent \nmanner to prevent foreseeable substantial damages I suffered as a result of a fraud [1]. Second, it shall \nserve as a formal written demand for reimbursement based on the aforementioned grounds, among \nothers.\nA very comprehensive analysis of fraud prevention suggests that by processing an atypical, non-routine \ntransaction(s), and/or by being aware of other fraudulent schemes similar to the one alleged herein \nand/or ignorance of obvious warning signs of fraud, you engaged in/ is a pattern or a practice of wrongful \nand negligent conduct which provided substantial assistance to advance the commission of a fraud that \nresulted in my financial and psychological damages. The facts and details concerning the actions in \nquestion are set forth hereunder.\nOVERVIEW\n Commencing on or about XX/XX/XXXX, I fell victim to a multilayered scam operation\norchestrated by XXXX XXXX, XXXX XXXX, and XXXX XXXX (the Scammers), all of which aim \nat contributing to the goal of robbing and defrauding innocent people.\n Money was transferred from my account via debit card, and through an intermediary named\nBitcoin Of America in the total amount of XXXX XXXX USD utilizing your services.\n This letter shall thrust into the spotlight, inter alia, the increasingly important role financial\ninstitutions play in the fight against financial crime and fraud, and the pressing need for higher\nlevels of supervision and vigilance within your organization.\n Additionally, it is vital that you will immediately take all actions within your power to remedy the\nsituation, whether by raising chargeback in respect of the transaction in question or reimbursing\nme and crediting my account, for the full amount of these payments, in the total amount of XXXX XXXX USD\n Heres an indisputable fact: had you looked at the wider circumstances surrounding the abovereferenced transaction, this illicit transfer of wealth could have been prevented.\n Executing transactions without proper authority is not only a severe regulatory offense but also\nan irresponsible and reckless disregard for the customers financial safety.\n1 FCA: A more effective approach to combatting financial crime (XX/XX/XXXX)\nPage 2 of 7 XX/XX/XXXX \n2 \n Against this background, and without derogating any of my rights, I hereby hold you liable for\nfinancial and emotional harm as well as medical problems relating to this victimization and\ndemand that you reimburse my account in full within 10 days from the date of this letter.\nINTRODUCTION\nFinancial crimes and fraud investigations often involve a high degree of sophistication, complexity, and \nsensitivity to detail. Accordingly, this letter aims to address the issue at hand as profoundly and fairly as \npossible, by taking into consideration contextual regulations, laws, and bylaws, as well as guidance, \nstandards, and rules promoted by supervisory authorities, relevant codes of practice and (where \nsuitable) what was good industry practice (GIP) at all times relevant hereto. The allegations contained \nherein are predicated either upon knowledge with respect to myself and my own experience or upon \nfacts obtained through investigations conducted by qualified third parties. I strongly believe that \nsubstantive evidence in support of the allegations set forth herein will be found after an appropriate \nopportunity for discovery. Key facts supporting the allegations contained herein are known only to the \nScammer or/and are exclusively within their control.\nI did not know, and through the exercise of reasonable diligence could not have discovered, the \nfraud that was being perpetrated upon myself by the Scammer. Fraud is commonly conceptualized \nas withholding from the weaker party in a financial transaction information which is necessary to make \nan informed, rational or autonomous decision.\nIn this regard, even access to adequate information is insufficient to achieve complete autonomy. A \ncomplication here is that the weaker party might have trouble analyzing the data at hand sufficiently well \nto identify fraudulent schemes. A reasonable solution is that financial institutions would be required \nto promote transparent communication in which they track the understanding of its customers. \nThe false representations and omissions made by the Scammer have a tendency or capacity to deceive \nvictims, such as myself, into unwittingly providing funds that fueled the Scammers fraudulent scheme \nand therefore are, by their very nature immoral, unethical, oppressive, unscrupulous, and substantially \ninjurious to consumersall at once.\nAs a result of the Scammers deceptive practices, I was deceived into transferring my funds to them. The \nfalse statements of material facts and omissions as described above; and the sham transaction(s) the \nScammer perpetrated upon myself; were unfair, unconscionable, and deceptive practices perpetrated on \nme which would have likely tricked a reasonable person under the circumstances.","date_sent_to_company":"2023-06-20T02:01:40.000Z","issue":"Fraud or scam","sub_product":"Virtual currency","zip_code":"92071","tags":"Servicemember","has_narrative":true,"complaint_id":"7135443","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"JPMORGAN CHASE & CO.","date_received":"2023-06-20T01:04:48.000Z","state":"CA","company_public_response":null,"sub_issue":null},"highlight":{"complaint_what_happened":["He then said to stay on the line no matter <em>what</em> and to not tell anyone <em>what</em> we were doing and asked how much money needed to be \nsecured, I then gave him my balance in my bank account. He never asked me for my actual bank account number. He then had me go to the \nbank and withdraw as much as I could in cash to take to a <em>specific</em> Bitcoin ATM that they provided to me after I let them know <em>what</em> city \nI was in. I used <em>XXXX</em> all day long because my car was in the shop."]},"sort":[7.8270564,"7135443"]}]},"aggregations":{"has_narrative":{"meta":{},"doc_count":42,"has_narrative":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":1,"key_as_string":"true","doc_count":42}]}},"product":{"doc_count":42,"product":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit reporting or other personal consumer reports","doc_count":14,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit reporting","doc_count":14}]}},{"key":"Checking or savings account","doc_count":9,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Checking account","doc_count":6},{"key":"Other banking product or service","doc_count":2},{"key":"Savings account","doc_count":1}]}},{"key":"Money transfer, virtual currency, or money service","doc_count":8,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Mobile or digital wallet","doc_count":3},{"key":"International money transfer","doc_count":2},{"key":"Virtual currency","doc_count":2},{"key":"Domestic (US) money transfer","doc_count":1}]}},{"key":"Credit reporting, credit repair services, or other personal consumer reports","doc_count":3,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit reporting","doc_count":3}]}},{"key":"Debt collection","doc_count":3,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit card debt","doc_count":2},{"key":"I do not know","doc_count":1}]}},{"key":"Mortgage","doc_count":3,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"VA mortgage","doc_count":3}]}},{"key":"Credit card or prepaid card","doc_count":1,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"General-purpose credit card or charge card","doc_count":1}]}},{"key":"Vehicle loan or lease","doc_count":1,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Loan","doc_count":1}]}}]}},"issue":{"doc_count":42,"issue":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Improper use of your report","doc_count":8,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Reporting company used your report improperly","doc_count":5},{"key":"Credit inquiries on your report that you don't recognize","doc_count":3}]}},{"key":"Fraud or scam","doc_count":6,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}},{"key":"Managing an account","doc_count":6,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Deposits and withdrawals","doc_count":2},{"key":"Funds not handled or disbursed as instructed","doc_count":1},{"key":"Problem accessing account","doc_count":1},{"key":"Problem making or receiving payments","doc_count":1},{"key":"Problem using a debit or ATM card","doc_count":1}]}},{"key":"Problem with a company's investigation into an existing problem","doc_count":6,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Their investigation did not fix an error on your report","doc_count":6}]}},{"key":"Trouble during payment process","doc_count":3,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}},{"key":"Incorrect information on your report","doc_count":2,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Account status incorrect","doc_count":1},{"key":"Information is missing that should be on the report","doc_count":1}]}},{"key":"Written notification about debt","doc_count":2,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Didn't receive enough information to verify debt","doc_count":1},{"key":"Didn't receive notice of right to dispute","doc_count":1}]}},{"key":"Closing an account","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Company closed your account","doc_count":1}]}},{"key":"Confusing or missing disclosures","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}},{"key":"Opening an account","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Account opened without my consent or knowledge","doc_count":1}]}},{"key":"Problem with a credit reporting company's investigation into an existing problem","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Their investigation did not fix an error on your report","doc_count":1}]}},{"key":"Problem with a lender or other company charging your account","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Transaction was not authorized","doc_count":1}]}},{"key":"Problem with a purchase shown on your statement","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Card was charged for something you did not purchase with the card","doc_count":1}]}},{"key":"Repossession","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Damage caused or loss of personal items in vehicle during the actual repossession","doc_count":1}]}},{"key":"Took or threatened to take negative or legal action","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Collected or attempted to collect exempt funds","doc_count":1}]}},{"key":"Trouble accessing funds in your mobile or digital wallet","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}}]}},"timely":{"doc_count":42,"timely":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Yes","doc_count":42}]}},"company_response":{"doc_count":42,"company_response":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Closed with explanation","doc_count":33},{"key":"Closed with non-monetary relief","doc_count":6},{"key":"Closed with monetary relief","doc_count":3}]}},"submitted_via":{"doc_count":42,"submitted_via":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Web","doc_count":42}]}},"company":{"doc_count":42,"company":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","doc_count":7},{"key":"Experian Information Solutions Inc.","doc_count":5},{"key":"WELLS FARGO & COMPANY","doc_count":5},{"key":"EQUIFAX, INC.","doc_count":3},{"key":"UNITED SERVICES AUTOMOBILE ASSOCIATION","doc_count":3},{"key":"BANK OF AMERICA, NATIONAL ASSOCIATION","doc_count":2},{"key":"CITIBANK, N.A.","doc_count":2},{"key":"Paypal Holdings, Inc","doc_count":2},{"key":"BANK OF THE WEST","doc_count":1},{"key":"Block, Inc.","doc_count":1},{"key":"CAPITAL ONE FINANCIAL CORPORATION","doc_count":1},{"key":"Coinbase, Inc.","doc_count":1},{"key":"First Federal Credit Control, Inc.","doc_count":1},{"key":"Indie Technology DBA Found","doc_count":1},{"key":"JPMORGAN CHASE & CO.","doc_count":1},{"key":"LEXISNEXIS","doc_count":1},{"key":"Mr. Cooper Group Inc.","doc_count":1},{"key":"PHH Mortgage Services Corporation","doc_count":1},{"key":"TOYOTA MOTOR CREDIT CORPORATION","doc_count":1},{"key":"TRUIST FINANCIAL CORPORATION","doc_count":1},{"key":"Winklevoss Exchange LLC","doc_count":1}]}},"state":{"doc_count":42,"state":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"FL","doc_count":8},{"key":"CA","doc_count":6},{"key":"MI","doc_count":4},{"key":"NE","doc_count":4},{"key":"GA","doc_count":3},{"key":"NJ","doc_count":3},{"key":"OH","doc_count":3},{"key":"IA","doc_count":1},{"key":"IL","doc_count":1},{"key":"IN","doc_count":1},{"key":"MA","doc_count":1},{"key":"MD","doc_count":1},{"key":"MN","doc_count":1},{"key":"MO","doc_count":1},{"key":"TN","doc_count":1},{"key":"TX","doc_count":1},{"key":"WA","doc_count":1},{"key":"WI","doc_count":1}]}},"company_public_response":{"doc_count":42,"company_public_response":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","doc_count":24},{"key":"Company believes it acted appropriately as authorized by contract or law","doc_count":3}]}},"tags":{"doc_count":42,"tags":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Servicemember","doc_count":6},{"key":"Older American","doc_count":3}]}}},"_meta":{"license":"CC0","last_updated":"2026-07-15T12:00:00-05:00","last_indexed":"2026-07-15T12:00:00-05:00","total_record_count":16469162,"is_data_stale":false,"has_data_issue":false,"break_points":{"2":[7.828228,"7135443"]}}}