1 UNITED STATES OF AMERICA BEFORE THE BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM WASHINGTON, D.C. In the Matter of: GREEN DOT BANK Provo, Utah GREEN DOT CORPORATION Austin, Texas Docket Nos. 24-005-B-SM 24-005-B-HC 24-005-CMP-SM 24-005-CMP-HC Order to Cease and Desist and Order of Assessment of a Civil Money Penalty Issued Upon Consent Pursuant to the Federal Deposit Insurance Act, as Amended WHEREAS, Green Dot Corporation, Austin, Texas, (the “Holding Company”) is a registered bank holding company that owns and controls Green Dot Bank, Provo, Utah, (the “Bank”) a state member bank, and various nonbank subsidiaries (collectively, “Green Dot”); WHEREAS, the Board of Governors of the Federal Reserve System (the “Board of Governors”) is the appropriate federal supervisor of the Bank and the Holding Company; WHEREAS, recent examinations of Green Dot, conducted by the Federal Reserve Bank of San Francisco (the “San Francisco Reserve Bank”) and the Federal Reserve Bank of Dallas (the “Dallas Reserve Bank”) (collectively, “Reserve Banks”) identified certain significant deficiencies relating to Green Dot’s compliance risk management framework, including, but not limited to deficiencies in consumer compliance and compliance with applicable federal and state laws, rules, and regulations relating to anti-money laundering (“AML”) compliance, including the Bank Secrecy Act (“BSA”) (31 U.S.C. § 5311 et seq.); the rules and regulations issued thereunder by the U.S. Department of the Treasury (31 C.F.R. Chapter X); and the requirements
2 of Regulation H of the Board of Governors to report suspicious activity and to maintain an adequate BSA/AML compliance program (12 C.F.R. §§ 208.62 and 208.63) (collectively, the “BSA/AML Requirements”); WHEREAS, to address the deficiencies and manage the risks described in this Order, Green Dot is making enhancements to their consumer compliance risk management program and BSA/AML compliance program, but additional substantive corrective actions are required; WHEREAS, following the submission of consumer complaints, the Board of Governors and the San Francisco Reserve Bank conducted a review of Green Dot’s practices related to the marketing, selling, and servicing of general purpose reloadable (“GPR”) prepaid debit card accounts and Green Dot’s offering of tax return preparation payment services with a third party that have revealed certain consumer compliance deficiencies resulting in unfair or deceptive acts or practices in or affecting commerce, within the meaning of section 5(a)(1) of the Federal Trade Commission Act (“FTC Act”) (15 U.S.C. § 45(a)(1)), and unsafe or unsound practices. Specifically, the review found that: Assessment of Fees on Zero Balance Accounts A. From November 2017 through January 2021, the Bank engaged in a deceptive act or practice by misrepresenting through GPR prepaid debit card packaging, cardholder agreements, and online disclosures that such accounts would be closed after consumers spent their account balances down to zero dollars when, in fact, many accounts remained open despite having a zero-dollar account balance and those consumers continued to incur monthly fees. Telephone Registration of Prepaid Debit Card Accounts B. From June 2019 through December 2020, the Bank engaged in a deceptive act or practice by misrepresenting through GPR prepaid debit card packaging, point-of-sale advertising
3 and online disclosures that consumers could register their GPR prepaid debit card accounts by telephone or online when, in fact, consumers could not register the cards telephonically and only could register their accounts online. This violation resulted from the Bank’s discontinuation of the telephonic registration option without updating the card packaging, which prevented customers who lacked internet access from registering and using their cards. Blocking Access to Prepaid Card Accounts Without Reasonable Policies and Procedures C. From May 2020 through June 2020, the Bank engaged in unfair acts or practices through its lack of reasonable policies and procedures to permit the Bank’s legitimate customers to cure account blocks and obtain access to their funds in their GPR prepaid debit card accounts receiving Washington state unemployment insurance benefits. Extended Authorization Holds D. From August 2020 through at least September 2020, due to a third-party payment processor’s data migration error, the Bank engaged in an unfair act or practice by failing to timely release extended authorization holds in connection with certain GPR prepaid debit card transactions made by consumers (including at gas station point-of-sale terminals) until several days after the settlement of the transactions, thereby reducing available account balances and denying consumers access to their funds. Tax Return Preparation Payment Services Fees E. From January 2017 through December 2022, Santa Barbara Tax Products Group (“TPG”), a wholly owned nonbank subsidiary of the Holding Company that has contracted with a third party, a major tax preparer, to offer tax return preparation payment services to the major tax preparer’s customers, engaged in a deceptive act or practice by failing to disclose clearly and conspicuously to the major tax preparer’s customers the full cost of their tax refund processing
4 fee. The Holding Company is responsible for the disclosure of its fees on the major tax preparer’s website. The major tax preparer’s website offered customers the option to “pay nothing out of pocket” by deducting the tax preparation fee from the amount of their tax refund, but the website did not clearly and conspicuously disclose that customers also must pay a separate tax refund processing fee. Consumers had to click on hyperlinks located at the bottom of web pages or click on drop-down menus to reveal a lengthy list of small-print statements including the disclosure of the separate tax refund processing fee. Under the agreement with the major tax preparer, TPG received a small portion of the tax refund processing fee paid by consumers. By 2022, TPG implemented several enhancements on the website regarding the tax refund processing fee. WHEREAS, the Bank and the Holding Company took actions to cease and remediate the practices as described in WHEREAS clauses paragraphs A. through E. above, but additional improvements related to unfair or deceptive acts or practices controls are required; WHEREAS, the unfair or deceptive acts or practices in or affecting commerce in violation of section 5 of the FTC Act and unsafe or unsound practices in consumer compliance, as described in WHEREAS clauses paragraphs A. through E. above, warrant a combined Order to Cease and Desist and Order of Assessment of a Civil Money Penalty (the “Order”) by the Board of Governors against Green Dot under sections 8(b)(1), (b)(2), (b)(3) and 8(i)(2) of the Federal Deposit Insurance Act, as amended (“FDI Act”) (12 U.S.C. §§ 1818(b)(1), (b)(2), (b)(3) and 1818(i)(2)); WHEREAS, the Board of Governors, the Bank, and the Holding Company have mutually agreed to enter into this Order;
5 WHEREAS, it is the common goal of the Board of Governors, the Reserve Banks, the Bank, and the Holding Company that the Bank and the Holding Company operate in a safe and sound manner and comply with all applicable federal and state laws, rules, and regulations, including, but not limited to, the BSA/AML Requirements and section 5(a)(1) of the FTC Act; and WHEREAS, the boards of directors of the Bank and the Holding Company, at duly constituted meetings, adopted resolutions authorizing and directing the undersigned to enter into this Order on behalf of the Bank and the Holding Company, respectively, and consenting to compliance with each and every provision of this Order by the Bank and the Holding Company, and waiving all rights that the Bank and the Holding Company may have pursuant to section 8 of the FDI Act (12 U.S.C. § 1818), including but not limited to: (i) the issuance of a notice of charges on any and all matters set forth in this Order; (ii) a hearing for the purpose of taking evidence on any matters set forth in this Order; (iii) judicial review of this Order; and (iv) challenging or contesting, in any matter, the basis, issuance, validity, terms, effectiveness or enforceability of this Order or any provision hereof. NOW THEREFORE, before the filing of any notices, or taking of any testimony, or adjudication of or finding on any issues of fact or law herein, and without the Bank and the Holding Company admitting or denying any allegation made or implied by the Board of Governors in connection herewith, and solely for the purpose of settling this matter without a formal proceeding being filed and without the necessity for protracted or extended hearings or testimony, it is hereby ordered, pursuant to sections 8(b)(1), (b)(2), (b)(3) and 8(i)(2) of the FDI Act (12 U.S.C. §§1818(b)(1), (b)(2), (b)(3) and 1818(i)(2)), that:
6 Source of Strength 1. The board of directors of the Holding Company shall take appropriate steps to fully utilize the Holding Company’s financial and managerial resources, pursuant to section 38A of the FDI Act (12 U.S.C. § 1831o-1) and section 225.4(a) of Regulation Y of the Board of Governors (12 C.F.R. § 225.4(a)), to serve as a source of strength to the Bank, including, but not limited to, taking steps to ensure that the Bank complies with any supervisory action taken by its federal or state regulators. BSA/AML Compliance Program 2. Within 90 days of this Order, the Bank shall submit a written revised BSA/AML compliance program that is acceptable to the San Francisco Reserve Bank. The revised program shall include the following seven items: (a) a system of internal controls designed to ensure compliance with the BSA/AML Requirements; (b) measures to ensure adherence to approved compliance policies, procedures, and standards; (c) a comprehensive BSA/AML risk assessment that appropriately identifies and considers all products and services of the Bank, customer types, and geographic locations, as appropriate, in determining inherent and residual risks; (d) enhanced policies and procedures for the Customer Identification Program sufficient to ensure the Bank has a reasonable belief that it knows the true identity of its customers;
7 (e) management of the Bank’s BSA/AML compliance program by a qualified compliance officer, who is given full autonomy, independence, and responsibility for implementing and maintaining an effective BSA/AML compliance program that is commensurate with the Bank’s size and risk profile, has meaningful decision-making authority, and is supported by adequate staffing levels and resources; (f) independent testing procedures to ensure that comprehensive and timely reviews of the Bank’s BSA/AML compliance program are performed on a regular basis by qualified parties who are independent of the Bank’s business lines and compliance function; and (g) effective training for all personnel, including targeted training for personnel with compliance-related responsibilities, in all aspects of the BSA/AML Requirements and applicable internal policies and procedures. Suspicious Activity Monitoring and Reporting 3. Within 90 days of this Order, the Bank shall submit a written program acceptable to the San Francisco Reserve Bank and reasonably designed to ensure the identification and timely, accurate, and complete reporting by the Bank of all known or suspected violations of law or suspicious transactions to law enforcement and supervisory authorities, as required by applicable suspicious activity reporting laws and regulations. The program shall include the following four items: (a) a well-documented methodology for establishing monitoring rules and thresholds appropriate for the Bank’s risk profile, which considers factors such as type of customer, type of product or service, geographic location, and banking activities; (b) policies, procedures, and processes that provide for periodic review of the monitoring rules;
8 (c) effective monitoring of customer accounts and transactions; and (d) policies, procedures, and processes with respect to the review and analysis of suspicious activity, including the escalation and resolution of concerns, and measures to ensure that alert dispositions are supported with adequate rationale and documentation to evidence the research performed and the due diligence that was relied upon to arrive at the Bank’s conclusion. Transaction Review 4. (a) Within 30 days of this Order, the Bank shall engage an independent third party acceptable to the San Francisco Reserve Bank to conduct a review of the Bank’s transaction monitoring activity from August 1, 2021 through and including October 31, 2022 to determine whether suspicious activity involving high risk customers or transactions at, by, or through the Bank was properly identified and reported in accordance with applicable suspicious activity reporting regulations (the “Transaction Review”). Within 60 days of completing the Transaction Review, the Bank shall provide to the San Francisco Reserve Bank a written report detailing the independent third party’s findings (the “Transaction Review Report”). (b) Based on the San Francisco Reserve Bank’s evaluation of the results of the Transaction Review, the San Francisco Reserve Bank may direct the Bank to engage the independent third party to conduct a review of the types of transactions described in paragraph 4(a) for additional time periods. 5. Within 30 days of the engagement of the independent third party, but prior to the commencement of the Transaction Review, the Bank shall submit to the San Francisco Reserve Bank for approval an engagement letter that sets forth: (a) the scope of the Transaction Review;
9 (b) the methodology for conducting the Transaction Review, including any sampling procedures to be followed; (c) the expertise and resources to be dedicated to the Transaction Review; (d) the anticipated date of completion of the Transaction Review and the Transaction Review Report; and (e) a commitment that supporting material and any drafts thereof associated with the final Transaction Review and the Transaction Review Report will be made available to the San Francisco Reserve Bank upon request. 6. Throughout the Transaction Review, Green Dot shall ensure that all matters or transactions required to be reported that have not previously been reported are reported in accordance with applicable rules and regulations. No Misrepresentations or Omissions 7. Green Dot shall continue to take all actions necessary to correct and prevent the re-occurrence of all violations of section 5(a)(1) of the FTC Act and maintain future compliance with section 5(a)(1) of the FTC Act. 8. Green Dot shall refrain from making, or allowing to be made, in connection with any product or service, whether offered by the Bank directly or through a third party, any misleading or deceptive representation, statement, or omission, expressly or by implication, including but not limited to with respect to the marketing, selling, and servicing of GPR prepaid debit cards and tax return preparation payment services. 9. Green Dot shall make no representations to any insured depository institution, any consumers, or any other person or entity that the Board of Governors, the Reserve Banks, or any
10 employee, agent, or representative of the Board of Governors or the Reserve Banks have endorsed or approved any aspect of any product or service offered by the Bank. 10. (a) Within 30 days of the effective date of this Order, Green Dot shall provide a copy of this Order to any existing third-party service provider or other third-party partner, including a federal, state, or municipal entity that: (i) provides services to Green Dot that are material to the offering of products, services, or benefits to consumers by Green Dot; or (ii) to which Green Dot provides services that are material to the offering of products, services, or benefits to consumers by such third-party service provider or third-party partner; and (b) Green Dot shall provide a copy of this Order to a prospective third-party service provider or other third-party partner prior to entering into any contract or other arrangement described in paragraph 10(a) with such third-party service provider or other partner. 11. Green Dot shall develop policies and procedures that provide reasonable standards for applying and removing a fraud-related block to a GPR prepaid debit card account, and for permitting legitimate customers to cure such account blocks. Consumer Compliance Board Oversight Plan 12. Within 90 days of this Order, the board of directors of the Holding Company shall submit to the San Francisco Reserve Bank an acceptable written plan to strengthen the board of directors’ oversight of the enterprise-wide consumer compliance risk management program (“Board Oversight Plan”). The Board Oversight Plan shall describe the actions that the board of directors has taken and/or will take to improve the enterprise-wide consumer compliance risk
11 management program and a timeline for the actions to be taken. The Board Oversight Plan shall include the following four items: (a) measures to communicate the board of directors’ clear expectations regarding compliance with consumer protection laws and regulations, including section 5(a)(1) of the FTC Act; (b) measures to ensure adherence to approved consumer compliance policies, procedures, and standards for consumer protection laws and regulations, including section 5(a)(1) of the FTC Act; (c) measures to ensure the appropriate and timely resolution of audit findings, consumer compliance risk assessments, and examination findings for consumer protection laws and regulations, including section 5(a)(1) of the FTC Act; and (d) measures to enhance reports on the status and results of consumer complaints, the measures taken, or to be taken, by senior management to remediate outstanding consumer compliance deficiencies identified by consumer complaints; and any initiatives necessary to comply fully with this Order. Consumer Compliance Risk Management Plan 13. Within 60 days of this Order, the Holding Company shall retain an independent consultant, acceptable to the San Francisco Reserve Bank, in consultation with the Board of Governors, to assist in developing an acceptable written plan to enhance the enterprise-wide consumer compliance risk management program to ensure that the marketing, selling, and servicing of consumer products and services, including, but not limited to, GPR prepaid debit cards and tax return preparation payment services, whether offered by Green Dot directly or
12 through a third party, comply with all consumer protection laws and regulations, including section 5(a)(1) of the FTC Act (“Consumer Compliance Risk Management Plan”). 14. Within 120 days of the engagement of the independent consultant, Green Dot and the independent consultant shall submit to the San Francisco Reserve Bank an acceptable Consumer Compliance Risk Management Plan. The Consumer Compliance Risk Management Plan shall include the following seven items: (a) measures to ensure that Green Dot takes the actions required by paragraphs 7 through 11 of this Order; (b) measures to enhance Green Dot’s marketing materials, disclosures, instructions, and similar documentation for consumer products and services to ensure that consumers receive material information in a manner that is accurate, clear, complete, and conspicuous; (c) measures to minimize unfair or deceptive acts and practices risk, as reflected by consumer complaints, with respect to the provision of consumer products and services, including, but not limited to: the disclosure of information related to account balances; minimum monthly deposit requirements; account transfer limitations; geographic use restrictions; refund limitations; the maintenance of reasonable policies and procedures for customer identity verification, account closures, and negative account balance resolution; and the assessment of account fees; (d) measures to enhance Green Dot’s policies and procedures for: (i) the review, approval, and maintenance of all materials documenting the service-level standards for services provided by third parties as well as their partners, servicers, vendors, and any of their providers or sub-servicers;
13 (ii) promptly addressing and resolving consumer complaints and regulatory inquiries arising in connection with consumer products or services with adequate levels and types of staff who have the requisite skills, knowledge, and abilities, monitoring such complaints and inquiries and identifying any trends concerning the nature of the complaints and inquiries, and promptly addressing the root causes of such complaints and inquiries, with a view to significantly reducing the volume of consumer complaints, as defined by Green Dot, to Green Dot and the San Francisco Reserve Bank, respectively, from the levels prior to this Order; (iii) remediating consumers who are harmed by Green Dot’s products or services or related misconduct, including requiring the issuance of prompt refunds; and (iv) updating policies and procedures on an ongoing basis as necessary to incorporate new or changes to existing consumer protection laws and regulations; (e) measures to ensure on-going, periodic training of appropriate Green Dot personnel, including the board of directors and senior management, that addresses compliance with consumer protection laws and regulations, including section 5(a)(1) of the FTC Act; (f) measures to enhance the risk monitoring process and management information systems to identify, manage, and promptly correct consumer compliance weaknesses, including any weaknesses in compliance with consumer protection laws and regulations, including section 5(a)(1) of the FTC Act; and (g) measures to enhance the internal controls for compliance with consumer protection laws and regulations, including section 5(a)(1) of the FTC Act. Assessment of Civil Money Penalty 15. The Board of Governors hereby assesses Green Dot a civil money penalty in the amount of $44,000,000 which shall be paid upon the execution of this Order by Fedwire transfer
14 of immediately available funds to the Federal Reserve Bank of Richmond ABA No.051000033, beneficiary, Board of Governors of the Federal Reserve System. This penalty is a penalty paid to a government agency for a violation of law for purposes of 26 U.S.C. § 162(f) and 26 C.F.R. § 1.162-21. The Federal Reserve Bank of Richmond, on behalf of the Board of Governors, shall distribute this sum to the U.S. Department of the Treasury, pursuant to section 8(i) of the FDI Act (12 U.S.C. § 1818(i)). Approval, Implementation, and Progress Reports 16. (a) The board of directors of the Holding Company and the Bank, as applicable, shall submit engagement letters, plans, and programs that are acceptable to the San Francisco Reserve Bank within the applicable time periods set forth in paragraphs 2, 3, 4, 5, 12, 13, and 14 of this Order. Each plan and program shall contain a timeline for full implementation with specific deadlines for completion of each component. Each plan and program shall also include and clearly identify any requirements under the applicable paragraphs that the Holding Company and the Bank, as applicable, previously submitted and were approved or not objected to by the Reserve Banks. (b) Within 10 days of approval by the San Francisco Reserve Bank, the board of directors of the Holding Company and the Bank, as applicable, shall adopt the approved plans and programs. Upon adoption, the board of directors of the Holding Company and the Bank, as applicable, shall promptly implement the approved plans and programs and thereafter fully comply with them. (c) During the term of this Order, the approved plans and programs shall not be amended or rescinded without the prior written approval of the San Francisco Reserve Bank.
15 17. Within 45 days after the end of the first full calendar quarter following the date of this Order and each quarter thereafter, the board of directors of the Holding Company and the Bank shall submit to the Reserve Banks consolidated written progress reports detailing the form and manner of all actions taken to comply with the provisions of this Order, a timetable, and schedule to implement specific remedial actions to be taken, and the results thereof. The San Francisco Reserve Bank may, in writing, discontinue the requirement for the progress reports, request modification of form or content, or modify the reporting schedule. Primary Contact 18. Within 10 days of this Order, the Holding Company and the Bank shall designate officer(s) to be responsible for coordinating and submitting to the San Francisco Reserve Bank the engagement letters, plans and programs required under the terms of this Order. Communications 19. All communications regarding this Order shall be sent to: (a) Mongkha Pavlick Senior Vice President Federal Reserve Bank of San Francisco 101 Market Street San Francisco, California 94105 (b) Emily Greenwald Senior Vice President Federal Reserve Bank of Dallas 2200 North Pearl Street Dallas, Texas 75201 (c) Richard M. Ashton Deputy General Counsel Jason A. Gonzalez Deputy Associate General Counsel Board of Governors of the Federal Reserve System Washington, DC 20551
16 (d) George Gresham Chief Executive Officer and President Green Dot Corporation 114 West 7th Street, Suite 240 Austin, Texas 78701 (e) Amy Pugh General Counsel and Interim Chief Risk Officer Green Dot Bank 1675 North Freedom Boulevard Provo, Utah 84064 With a copy to: (f) Richard K. Kim, Esq. Wachtell, Lipton, Rosen & Katz 51 West 52nd Street New York, New York, 10019 (g) Juan Azel, Esq. Carl Fornaris, Esq. Winston & Strawn LLP 200 South Biscayne Boulevard Miami, Florida 33131 (h) John H. Cobb, Esq. Winston & Strawn LLP 300 South Tryon Street, 16th Floor Charlotte, North Carolina 28202 Miscellaneous 20. Notwithstanding any provision of this Order to the contrary, the San Francisco Reserve Bank may, in consultation with the Board of Governors, grant written extensions of time to the Holding Company and the Bank to comply with any provision of this Order. The Holding Company and the Bank must submit a written request to the San Francisco Reserve Bank for any extension of time. 21. The provisions of this Order shall be binding on the Holding Company and the Bank and each of their institution-affiliated parties, as defined in sections 3(u) and 8(b)(3) of the
17 FDI Act, as amended (12 U.S.C. §§ 1813(u) and 1818(b)(3)), in their capacities as such, and their successors and assigns. 22. Each provision of this Order shall remain effective and enforceable until stayed, modified, terminated, or suspended in writing by the Board of Governors. 23. Except as otherwise provided in this paragraph, the Board of Governors hereby agrees not to initiate any further enforcement actions, including for civil money penalties, against the Holding Company, the Bank, and their affiliates, successors, and assigns, with respect to the conduct described in the WHEREAS clauses paragraphs A. through E. above, to the extent known by the Board of Governors as of the effective date of this Order. This release and discharge shall not preclude or affect: (i) any right of the Board of Governors to determine and ensure compliance with this Order, including further proceedings brought by the Board of Governors necessary to remedy unsatisfactory implementation of required corrective actions; (ii) any proceedings brought by the Board of Governors to enforce the terms of this Order; or (iii) any proceedings brought by the Board of Governors against individuals who are or were institution-affiliated parties of the Holding Company or the Bank. 24. Except as provided in paragraph 23, the provisions of this Order shall not bar, estop, or otherwise prevent the Board of Governors, the Reserve Banks, or any other federal or state agency from taking any other action affecting the Holding Company, the Bank, or any subsidiary thereof, or any of their current or former institution-affiliated parties and their successors and assigns. 25. Nothing in this Order, expressed or implied, shall give to any person or entity, other than the parties hereto and their successors hereunder, any legal or equitable right, remedy, or claim under this Order.
18 By Order of the Board of Governors of the Federal Reserve System effective as of the 19th day of July, 2024. GREEN DOT CORPORATION BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM By: /s/ George Gresham By: /s/ Ann E. Misback George Gresham Ann E. Misback Chief Executive Officer and President Secretary of the Board GREEN DOT BANK By: /s/ George Gresham George Gresham Chief Executive Officer and President