Amanda Lawrence


Washington, D.C.

Amanda Lawrence partners with financial services companies, including fintechs and traditional financial institutions, in a wide range of consumer litigation, enforcement and regulatory matters. From reviewing and establishing compliance programs, to providing regulatory advice, to defending against government enforcement actions and commercial complaints, Amanda’s full-service practice works to secure the client’s future.

She is a trusted adviser to and first call in high-stakes litigation and enforcement matters, including government investigations, regulatory examinations, class action and complex litigation, and internal investigations. Her matters include investigations, examinations, and enforcement actions before the CFPB, FTC, federal and state bank regulators and state attorneys general, including defending a leading bank in one of the CFPB’s first enforcement actions—a joint investigation and enforcement action with the FDIC.

Amanda also represents clients in bet the company litigation, including financial institutions and lenders in residential mortgage-backed securities (RMBS) matters, consumer class actions and other complex civil litigation matters.

Amanda is well versed in all aspects of her clients’ business and is known for providing thoughtful and practical advice. She leverages her experience with litigation and enforcement agencies to stay ahead of regulatory trends impacting the finance and fintech industries. Key among these is data monetization and regulators’ heightened focus on how data is collected, used, stored and transferred. Amanda’s practice started in the cyber and privacy spheres, and today she helps clients manage compliance with the Gramm-Leach-Bliley Act (GLBA) and Regulation P, the Safeguards Rule, the Fair Credit Reporting Act (FCRA), the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Prior to joining Orrick, Amanda was a partner at Buckley LLP, where she was a member of the partner board. She also has an active pro bono practice.
  • Financial Services Litigation and Enforcement

    • Representing a large bank in one of the CFPB’s first enforcement actions—a joint investigation and enforcement action with the Federal Deposit Insurance Corporation (FDIC), alleging deceptive sales practices in connection with add-on products
    • Several CFPB examinations and investigations, including examinations and investigations related to sales practices, fees, including overdraft, add-on products, student loan servicing, payments, including garnishment, setoff, and escheatment, and lending by nonbank institutions
    • Representing company in FTC investigation into fees and tenant screening practices
    • Representing numerous NYDFS licensed lenders in examinations and investigations by NYDFS into compliance with its Cybersecurity Regulations, including representing a lender in the Department’s first public consent order and just the second enforcement action.
    • Acting as national litigation counsel for a home mortgage loan servicer and its subsidiaries in connection with more than 30 cease and desist orders from state banking commissioners
    • Defending multiple sellers and correspondent lenders in breach of contract and indemnification lawsuits brought by mortgage loan securitizers alleging that purported defects in mortgage loans securitized into GSE or private RMBS
    • Defending a student loan trust securitizer and its subsidiaries in a putative state class action alleging federal and state Fair Debt Collection Practices Act (FDCPA) violations and unfair trade practices
    • Defending multifamily housing property owner and related entities in putative nationwide class action alleging Fair Housing Act and habitability claims

    Cyber and Privacy Counsel

    • Assisting multiple clients, including financial and non-financial institutions, in designing and implementing CCPA compliance programs, including advising on GLBA and FCRA exemptions
    • Advising fintech and cryptocurrency clients in privacy and information security requirements, including data sharing and use of data in algorithms
    • Advising clients on consent requirements, including evaluating websites and application flows for dark patterns