New York (CNN)The fifth-largest commercial bank in the US was fined by the Consumer Financial Protection Bureau for illegally accessing consumer credit reports and opening accounts without their permission.
U.S. Bank, which is based in Minneapolis and has over $559 billion in assets, pressured its employees to meet sales goals as part of their job requirements, offering them incentives for selling bank products, the regulator said. In order to meet those goals, the bank’s employees illegally accessed customer credit reports and personal data to open accounts without permission, the investigation found.
The CFBP announced Thursday that it fined U.S. Bank $37.5 million, after a five-year investigation.
“For over a decade, U.S. Bank knew its employees were taking advantage of its customers by misappropriating consumer data to create fictitious accounts,” said CFPB Director Rohit Chopra in a press release.
In a statement to CNN Business, U.S. Bank said it has “made process and oversight improvements” since 2016 regarding sales practice concerns. Employees now receive incentives only for accounts where the customer uses the service.
The settlement is “related to legacy sales practices involving a small percentage of accounts dating back to 2010,” U.S. Bank said in a statement Saturday. “We are pleased to put this matter behind us.”
U.S. Bank has over 2,800 branches throughout the United States.
The CFBP said its investigation found evidence that the bank was aware that its employees were opening accounts without customers’ authorization, and did not have measures in place to prevent and detect them. The bank’s sales campaigns and compensation programs rewarded employees for selling bank products, the agency added
Regulators found that the employees opened deposit accounts, credit cards and lines of credit that carried high interest rates and expensive fees that were passed on to the customer.
“U.S. Bank’s conduct harmed its customers in the form of unwanted accounts, negative effects on their credit profiles, and the loss of control over personally identifiable information,” the CFBP said in its release, saying customers were forced to close the unauthorized accounts in their names and seek refunds themselves.