GreenSky, LLC
Atlanta, Georgia
On July 13, 2021, the CFPB took action against GreenSky, a fintech company that partnered with banks for point-of-sale consumer financing, finding it had engaged in unfair practices under the Consumer Financial Protection Act. Between 2014 and 2019, GreenSky processed at least 1,600 unauthorized loans identified through approximately 6,000 consumer complaints, where merchants submitted loan applications without consumer knowledge, sometimes using their own contact details. The consent order required up to $9 million in consumer redress through refunds or loan cancellations and imposed a $2.5 million civil money penalty. GreenSky was also required to implement remediation measures including verifying consumer authorization before loan disbursement, enhancing merchant oversight, improving complaint resolution processes, and implementing effective third-party controls. The action underscored regulatory focus on fintechs' third-party risk management responsibilities, particularly in bank-partnered point-of-sale lending programs.
Verified from source: The CFPB issued a consent order against GreenSky, LLC for enabling merchants to originate loans without consumer authorization, requiring up to $9 million in consumer refunds/loan cancellations and a $2.5 million civil penalty.
- Fintechs acting as intermediaries in bank-partnered lending programs face direct CFPB enforcement for inadequate third-party (merchant) oversight
- BaaS platforms enabling point-of-sale financing must implement robust consumer authorization verification before loan disbursement
- Regulators expect fintechs to maintain effective complaint management processes that detect patterns of unauthorized activity by third parties
- Bank partners in fintech lending arrangements should review merchant onboarding and monitoring procedures to mitigate shared regulatory risk
- OfficialCFPB Newsroom
- BlogConsumer Finance Monitor