The Consumer Financial Protection Bureau (CFPB) terminated a consent order with VyStar Credit Union and its CEO related to consumer harm caused by the company’s botched rollout of its mobile and online banking system.
The consent order, issued in October 2024, was originally intended to remain in effect until at least 2029 to ensure compliance, but the bureau wrote that VyStar had “fulfilled certain obligations” in its notice terminating the order. This included paying $1.5 million to redress harmed consumers, among other actions deemed necessary to protect its members’ financial interests.
The charges against the institution stemmed from a coordinated supervisory effort between the CFPB and the National Credit Union Administration (NCUA).
According to the consent order, the credit union anticipated banking services to be inaccessible for several days as it transitioned to a new digital platform in May 2022. Instead, the new system crashed upon launch and was taken offline.
The company brought a “limited” version of the platform online for members, but it lacked essential banking services. Some features were unavailable to users for more than six months, examiners found.
Members’ inability to view their account balances made it impossible for them to determine whether funds had been deposited, transactions had cleared or fees had been incurred. By extension, this impaired their ability to properly prioritize payment decisions.
The terminated consent order cited the credit union for violations of Sec. 1031 and 1036(a)(l)(B) of the Consumer Financial Protection Act (CFPA).
VyStar is a Florida state-chartered credit union headquartered in Jacksonville with 70 branches in Florida and 10 branches in Georgia. VyStar is one of the largest credit unions in the country, with approximately $14.75 billion in total assets and over 980,000 members.