Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On May 6, the U.S. Court of Appeals for the 9th Circuit held that (i) the CFPB’s single-director structure is constitutional, and that (ii) the district court did not err when it granted the Bureau’s petition to enforce a law firm’s compliance with a 2017 civil investigative demand (CID). As previously covered by InfoBytes, the CFPB previously determined that none of the objections raised by the law firm warranted setting aside or modifying the CID, which sought information to determine whether the law firm violated the Telemarketing Sales Rule (TSR) when providing debt-relief services. The law firm contended that the CFPB’s single-director structure was unconstitutional and therefore the CID was unlawful. It argued further that the CFPB lacked statutory authority to issue the CID.
On review, the 9th Circuit held that the for-cause removal restriction of the CFPB’s single director is constitutionally permissible based on existing Supreme Court precedent. The panel agreed with the conclusion reached by the U.S. Court of Appeals for the D.C. Circuit majority in the 2018 en banc decision in PHH v. CFPB (covered by a Buckley Special Alert) stating, “if an agency’s leadership is protected by a for-cause removal restriction, the President can arguably exert more effective control over the agency if it is headed by a single individual rather an a multi-member body.” The 9th Circuit noted that the dissenting opinion of then Court of Appeals Judge Brett Kavanaugh found that the single-director structure was unconstitutional and noted that “[t]he Supreme Court is of course free to revisit those precedents, but we are not.”
The 9th Circuit next addressed the law firm’s argument that the CFPB lacked statutory authority when it issued the CID. The panel held that the TSR “does not exempt attorneys from its coverage even when they are engaged in providing legal services,” and therefore, the Bureau has investigative authority without regard to the Consumer Financial Protection Act’s (CFPA) practice-of-law exclusion. In addition, the panel rejected the law firm’s argument that the CID was vague or overly broad, and stated that the CID fully complied with the CFPA’s requirements and identified the allegedly illegal conduct and violations.
On April 23, the CFPB announced updates to its policy on Civil Investigative Demands (CIDs). According to the Bureau, the new policy is consistent with comments received in response to a 2018 Request for Information, which solicited public feedback on “how best to achieve meaningful burden reduction or other improvement to the CID processes while continuing to achieve the Bureau’s statutory and regulatory objectives” (previously covered by InfoBytes here). Going forward, CIDs will (i) provide additional information on potentially applicable provisions of law that may have been violated; (ii) specify business activities subject to Bureau authority; and (iii) “[i]n investigations where determining the extent of the Bureau’s authority over the relevant activity is one of the significant purposes of the investigation, staff may specifically include that issue in the CID in the interests of further transparency.”
On March 6, the FTC’s Office of Legal Counsel warned recipients that subpoenas and civil investigative demands (CID) issued by the agency are legally enforceable demands and should be taken seriously. The FTC stated it is willing “to work with parties and their counsel to determine the scope of the agency’s subpoena or CID and a timeframe for compliance” and issued a reminder that under the FTC’s Rules of Practice, parties are required to meet and confer to identify issues or concerns that may affect a party’s ability to comply. The FTC additionally discussed measures the Office of Legal Counsel may undertake in order to compel compliance, including the possibility of federal court action.
On February 25, the CFPB petitioned the U.S. District Court for the Southern District of New York for an order requiring a debt collection law office to comply with a civil investigative demand (CID) issued by the Bureau in June 2017. The CID requested information from the debt collection firm as part of a Bureau investigation into whether debt collectors, furnishers, or other persons associated with the collection of debt and furnishing of information have engaged or are engaging in unfair, deceptive, or abusive acts or practices in violation of the CFPA, FDCPA, and FCRA. According to the petition, the firm partially responded but withheld several responses asserting that doing so would require the firm's principal to violate professional responsibility rules in the states of New York and New Jersey. Withheld information, the Bureau claims, includes telephone calls and written correspondence with indebted consumers, disputes with consumers over the firm's credit reporting activities to third party agencies, and service contracts with creditors on whose behalf the firm collects debt. The Bureau argued that the court should direct the law firm to comply with the CID because, aside from following all applicable procedural requirements for the issuance of a CID contained within the CFPA, it “has shown that the investigation is being conducted for a legitimate purpose, that the inquiries may be relevant to that purpose, that the information sought is not already within the Bureau's possession, and that the administrative steps required by the [CFPA] and its implementing regulations have been followed. . . .” The Bureau further requested an order that the firm show cause and explain why it should not be compelled to comply with the CID.
On September 6, the U.S. Court of Appeals for the 5th Circuit declined to enforce a Civil Investigative Demand (CID) issued by the CFPB against a Texas public records company, after holding the Bureau did not comply with Dodd-Frank when it issued the CID. After initially receiving the CID, the Texas company objected to its Notification of Purpose as inadequate, as it read, “whether consumer reporting agencies, persons using consumer reports, or other persons have engaged or are engaging in unlawful acts and practices in connection with the provision or use of public records information in violation of the Fair Credit Reporting Act . . . or any other federal consumer law.” In response, the Bureau filed a petition in federal court seeking to enforce the CID and the lower court granted the petition, holding that the Notification of Purpose provided fair notice of the violations under investigation as required by the Dodd-Frank Act. The 5th Circuit disagreed, however, finding that the CID did not identify an alleged violation. The court noted that the CID only made references to the FCRA, a “broad provision of law that the CFPB has authority to enforce,” and “any other federal consumer financial law,” which subsequently “defeats any specificity provided by the reference to the FCRA.” The court emphasized that it could not review the CID under the “reasonable relevance” standard, because the CID failed to identify the conduct under investigation and concluded that the Bureau does not have “unfettered authority to cast about for potential wrongdoing.”
On August 13, in a divided opinion that is not precedential, the U.S. Court of Appeals for the 3rd Circuit affirmed a lower court’s decision to grant a petition filed by the CFPB to enforce a civil investigative demand (CID) issued to a student loan servicer, rejecting arguments that the scope of the Bureau’s investigation was too broadly defined. The Notification of Purpose in the CID at issue named the entirety of the servicer’s business operations, without identifying any specific conduct, when the CFPB sought records to determine whether the servicer’s practices violated federal consumer financial laws. The servicer objected to the Notification of Purpose and petitioned the Bureau to set aside or modify the CID because it did not adequately “state the nature of the conduct constituting the alleged violation which is under investigation and the provision of law applicable to such violation.” The appellate court held that the servicer’s “contention rests on the flawed assumption that the CFPB could not investigate all of [the servicer’s] conduct,” and that, moreover, “[n]othing prohibits the CFPB from investigating the totality of [the servicer’s] business activities, and courts have previously enforced administrative subpoenas regarding conduct that is coextensive with the recipient’s business activity.”
On July 23, the CFPB denied a petition by a debt collector to modify or set aside a civil investigative demand (CID) issued by the Bureau in September 2017. The CID requested information from the debt collector “to determine whether debt collectors, depository institutions, or other persons have engaged or are engaging in unlawful acts and practices in connection with the collection of debt. . . .” The debt collector petitioned the Bureau to set aside or modify the CID, which requests were denied. The Bureau rejected the company’s argument that the CID should be set aside because the purported violations of the Fair Debt Collection Practices Act are not actionable under the “bona fide error rule.” The order emphasizes that the Bureau is not required to establish there was a violation of law in order to issue a CID, and the debt collector’s arguments “prematurely assert substantive defenses to claims the Bureau has not yet asserted.” The order also rejects the company’s argument that the CID be modified because certain requests are “disproportionate” and would impose an undue burden on the company, requiring the manual review of numerous audio files, which the Bureau denies because “[c]onclusory allegations of burdensomeness are insufficient.” The Bureau did allow for some of the information in the petition to be redacted because it could constitute confidential supervisory information but denied the request for confidential treatment of the rest of the materials.
On April 25, a coalition of 16 state Attorneys General issued a comment letter responding to the CFPB’s Request for Information (RFI) on Civil Investigative Demands (CIDs). (See previous InfoBytes coverage on the RFI here and here.) According to the letter, the coalition opposes “any effort to curtail the Bureau’s civil investigative demand authority,” noting, among other things, that (i) the CFPB’s implementation of its final rule relating to investigations was “non-controversial” and based on established FTC enforcement practices; (ii) federal agencies are allowed to fulfill their mandates through the legislative grant of civil investigative demand authority; (iii) judicial supervision over CIDs protects recipients’ rights; and (iv) the CFPB “has used its investigative authority responsibly and effectively.”
On April 17, the U.S. District Court for the Western District of Pennsylvania ordered a student loan servicer to comply with a CFPB Civil investigative Demand (CID), while the servicer awaits appeal. As previously covered by InfoBytes, in February the court enforced a CFPB CID issued against the student loan servicer in June 2017. In granting the Bureau’s petition to enforce the CID, the court found that the CID’s Notification of Purpose met the statutory notice requirements because nothing in the law bars the CFPB “from investigating the totality of a company’s business operations.” The court also found that the investigation was for a “legitimate purpose,” the information requested is relevant and not already known by the Bureau, and the request is not unreasonably broad or burdensome. On March 26, the servicer filed a motion to stay the court’s order pending appeal to the U.S. Court of Appeals for the 3rd Circuit. In denying the servicer’s motion, the court held that the servicer would not be irreparably harmed if it responded to the CID should the 3rd Circuit reverse the court’s decision as the Appeals Court could order all documents to be returned and prevent the CFPB from acting upon information learned through the CID. Additionally, the servicer argued that the CFPB would not be injured if the court granted the stay because the agency has not yet brought an enforcement action. The court disagreed with this argument, holding that the CFPB cannot bring an enforcement action without reviewing the relevant documents and granting the stay would only “further stall the CFPB’s efforts to obtain documents and information that it requested nine months ago.”
On March 27, the FTC’s Bureau of Consumer Protection (BCP) released its comment letter responding to the CFPB’s Request for Information (RFI) on Civil Investigative Demands (CIDs) – the first RFI in a series seeking feedback on the CFPB’s operations (previously covered by InfoBytes here). According to the BCP, good government requires an agency to use restraint both when deciding to issue compulsory CIDs and when making specific demands, because courts are deferential to an agency’s request. The BCP emphasizes the need for a balance between the enforcement of laws by an agency and the potential burden on the party whom receives the demand.
The FTC response is notable as it is not common for a federal agency to submit comments to another agency’s RFI. However, as the BCP points out, the CFPB originally used the FTC’s Rules of Practice and Procedure as a model when establishing its CID process, and in July 2017, the BCP implemented several reforms to its consumer protection CID process. (Previously covered by InfoBytes here.) The comment letter notes the BCP’s belief that the reforms “have been quite successful in lessening burdens on recipients and improving transparency while continuing to allow the agency to obtain the information it needs to enforce the law.” In response to the CFPB’s specific requests, the BCP outlined its internal processes and provided the Bureau with specific recommendations, while recognizing the inherent differences in each agency’s authority, mission and organizational structure. The BCP recommendations include:
- Opening/closing investigations. Increase oversight by senior agency leadership with respect to the opening and closing of investigations by staff in the Office of Enforcement.
- Issuing CIDs. Delegate authority to issue CIDs to more senior officials (as opposed to the Deputy Assistant Directors of the Office of Enforcement) or to officials who are not directly involved in the investigation.
- Explaining purpose of investigation. Ratify the Bureau’s currently informal process of articulating a more specific purpose for the CID and using the CFPB’s “meet-and-confer” requirement under 12 C.F.R. § 1080.6(c) to constructively engage with the recipient to better improve their understanding of the CID’s purpose.
- Scope of requests. Use the meet-and-confer process to resolve or narrow concerns regarding potentially broad CID requests in order to avoid unnecessary burdens on the recipient and delays caused by a petition to limit or quash a CID.
- Incorporating certain Federal Rules by reference. For the taking of testimony of an entity and the handling inadvertent production of privileged information, publicly acknowledge the intent to follow the relevant standards under the Federal Rules of Civil Procedure and Evidence.
- Rights afforded to individuals in investigational hearings. Continue to prevent witnesses from consulting with counsel while a question is pending and counsel from objecting to a question or instructing the witness not to answer (except with regard to privilege). The BCP stated that, in addition to being consistent with its rules, these limitations are “consistent with federal court practice and are appropriate given that the investigational hearing is part of the agency’s non-public investigation to determine whether a violation has occurred and whether an action would be in the public interest.”
- Response requirements. Consider streamlining guidelines for document submission of electronically stored information
As for the process for petitions to modify or set aside CIDs, without providing a specific recommendation to the Bureau, the BCP spent considerable time outlining certain outside criticisms of its own process, including that petitioners do not receive the BCP rely brief given to the assigned Commissioner in response to a petitions and that the Commissioner’s ruling on the petition is placed on the public record, revealing the underlying non-public investigation. The BCP defended these practices, emphasizing that the reply briefs contain protected information regarding the FTC’s internal investigation process and the burden to redact the information outweighs the minimal benefit to the petitioner. Additionally, the BCP stated that publicly disclosing the Comissioner’s ruling is consistent with ensuring the government is subject to the “watchful eye” of the public.
As previously covered by InfoBytes, all comments to the CFPB RFI are now due by April 26.
- Buckley Webcast: The next consumer litigation frontier? Assessing the consumer privacy litigation and enforcement landscape in 2019 and beyond
- Buckley Webcast: The CFPB’s proposed debt collection rule
- Buckley Webcast: Trends in e-discovery technology and case law
- Brandy A. Hood to discuss "What the flood? Don’t get washed away by a flood of changes" at the American Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano to discuss "Mitigating the risks of banking high risk customers" at the American Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano, Kari K. Hall, Brandy A. Hood, and H Joshua Kotin to discuss "Regulations that matter in a deregulatory environment" at the American Bankers Association Regulatory Compliance Conference Power Hour
- Buckley Webcast: Data breach litigation and biometric legislation
- Hank Asbill to discuss "Pay no attention to the man behind the curtain: Addressing prosecutions driven by hidden actors" at the National Association of Criminal Defense Lawyers West Coast White Collar Conference
- Daniel P. Stipano to discuss "Keep off the grass: Mitigating the risks of banking marijuana-related businesses" at the ACAMS AML Risk Management Conference
- Daniel P. Stipano to discuss "Mid-year policy update" at the ACAMS AML Risk Management Conference
- Amanda R. Lawrence to discuss "Navigating the challenges of the latest data protection regulations and proven protocols for breach prevention and response" at the ACI National Forum on Consumer Finance Class Actions and Government Enforcement
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program
- Brandy A. Hood to discuss "RESPA Section 8/referrals: How do you stay compliant?" at the New England Mortgage Bankers Conference
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference
- Douglas F. Gansler to discuss "Role of state AGs in consumer protection" at a George Mason University Law & Economics Center symposium