If your business sells its wares only to other businesses, then you don’t need to worry about consumer protection laws, right?
Not so fast.
It’s true that many consumer protection laws are expressly limited to natural persons or to personal/household purposes, including the Consumer Financial Protection Bureau’s authorizing statute.
But the Federal Trade Commission takes a different tack.
Its own prohibition on unfair or deceptive acts or practices in Section 5 of the FTC Act does not include any similar express definition or limitation on the “consumers” who can be injured. Relying on this authority, the FTC has long interpreted the FTC Act to apply to cases where the alleged victims are small- and medium-sized businesses.
This position has not been litigated extensively, and it has been challenged in only a handful of district court cases, all of which seem to side with the FTC. It’s imperative to look at how these issues arise in practice.
Because the FTC typically speaks through its enforcement actions, it’s best to start there. The agency has brought cases involving alleged harms to business clients in a wide range of contexts. These include small business lending, payment processors, payments, and labor practices.
Small Business Lending
In 2020, the FTC took interest in an SMB lending product known as a merchant cash advance, bringing two cases in that space.
In one of the cases, filed against Yellowstone Capital., the FTC brought several unfair and deceptive practices, or UDAP, allegations. This included charges of providing customers with significantly less than the total amount of financing promised because of how fees were disclosed and unauthorized withdrawals from customer accounts after the customers had fully repaid. (One of the authors litigated this case when at the FTC).
Yellowstone and two corporate principals agreed to pay nearly $10 million to settle the case.
The FTC this year sued First American Payment Systems and its affiliates, alleging that it made false representations in sales pitches regarding fees, savings opportunities, and the ease of canceling automatically-renewing accounts.
The auto-renew aspect was noteworthy because it allowed the FTC to sue not only for UDAP violations, but also for a claim under the Restore Online Shoppers’ Confidence Act, which allows the FTC to obtain civil penalties and restitution.
This concern has been of paramount importance to the agency since the US Supreme Court in 2021 took away the commission’s ability to obtain money penalties for first-time UDAP violations.
To settle the claims, the defendants agreed to return $4.9 million to harmed businesses and make it easier for businesses to cancel their services.
The FTC notched a major win this summer in a case against a business-to-business, or B2B, payments company. The commission alleged that the company made deceptive representations regarding possible savings and fraud controls, and charged various unauthorized fees. (One of the authors represented the FTC in this case).
In August, a district court agreed with the FTC, granting the agency summary judgment on liability issues against the company and its CEO.
Although the agency can’t obtain money penalties at this stage—it hypothetically could through a convoluted procedural path—the company disclosed in litigation that it had spent $10 million during the four years of investigations and litigation.
The FTC also has gotten into the employment space, where the “consumers” are workers or other independent contractors. Among other things, the FTC just released a policy statement on earnings claims for gig-economy work and recently agreed to an memorandum of understanding with the National Labor Relations Board to share information on labor-related investigations.
This is not all talk. In 2021, the FTC settled claims that a company engaged in deceptive acts or practices when it failed to pay its independent contractor drivers tips they earned, requiring the company to pay more than $60 million to settle the matter.
What Does This Mean for Your Business?
The FTC’s UDAP enforcement is largely principles-based, so companies in the B2B space should look at compliance principles to avoid regulatory scrutiny.
First, review your customer complaints and take them seriously. The FTC and other regulators often use customer complaints—sent to the agencies, not to your company—to decide who to investigate.
Second, don’t be afraid to fix problems you find. At the very least, fixing a problem cuts off liability and starts the clock running on any applicable statute of limitations.
And third, but hardly last, design your products and disclosures so that an ordinary consumer—not just a sophisticated business person—would understand how your product works, the fees you charge, how you use and collect customer data, and any other important feature of your product.
The FTC and other regulators will treat SMB decision-makers as “reasonable consumers,” so you should too.
This article does not necessarily reflect the opinion of The Bureau of National Affairs, Inc., the publisher of Bloomberg Law and Bloomberg Tax, or its owners.
Christa Bieker is an associate in Mayer Brown’s Washington, D.C., office. Her practice focuses on representing financial services clients in connection with government investigations, supervisory examinations, and other government interactions.
Christopher Leach is a litigation partner in Mayer Brown’s Washington, D.C., office. He joined from the FTC’s Division of Financial Practices, where his enforcement practice focused on fintech and fair lending issues.