InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Split 9th Circuit: Nevada’s medical debt collection law is not preempted
The U.S. Court of Appeals for the Ninth Circuit recently issued a split decision upholding a Nevada medical debt collection law after concluding the statute was neither preempted by the FDCPA or the FCRA, nor a violation of the First Amendment. SB 248 took effect July 1, 2021, in the wake of the Covid-19 pandemic, and requires debt collection agencies to provide written notification to consumers 60 days “before taking any action to collect a medical debt.” Debt collection agencies are also barred from taking any action to collect a medical debt during the 60-day period, including reporting a debt to a consumer reporting agency.
Plaintiffs, a group of debt collectors, sued the Commissioner of the Financial Institutions Division of Nevada’s Department of Business and Industry after the bill was enacted, seeking a temporary restraining order and a preliminary injunction. In addition to claiming alleged preemption by the FDCPA and the FCRA, plaintiffs maintained that SB 248 is unconstitutionally vague and violates the First Amendment. The district court denied the motion, ruling that none of the arguments were likely to succeed on the merits.
In agreeing with the district court’s decision, the majority concluded that SB 248 is not unconstitutionally vague with respect to the term “before taking any action to collect a medical debt” and that any questions about what constitute actions to collect a medical debt were addressed by the statute’s implementing regulations. With respect to whether SB 248 violates the First Amendment, the majority held that debt collection communications are commercial speech and thus not subject to strict scrutiny. As to questions of preemption, the majority determined that SB 248 is not preempted by either the FDCPA or the FCRA. The majority explained that furnishers’ reporting obligations under the FCRA do not include a deadline for when furnishers must report a debt to a CRA and that the 60-day notice is not an attempt to collect a debt and therefore does not trigger the “mini-Miranda warning” required in a debt collector’s initial communication stating that “the debt collector is attempting to collect a debt.”
The third judge disagreed, arguing, among other things, that the majority’s “position requires setting aside common sense” in believing that the FDCPA does not preempt SB 248 because the 60-day notice is not an action in connection with the collection of a debt. “The only reason that a debt collector sends a Section 7 Notice is so that he can later start collecting a debt,” the dissenting judge wrote. “It is impossible to imagine a situation where a debt collector would send such a notice except in pursuit of his goal of ultimately obtaining payment for (i.e., collecting) the debt.” The dissenting judge further argued that by delaying the reporting of unpaid debts, SB 248 conflicts with the FCRA’s intention of ensuring credit information is accurately reported.
Bowman skeptical about higher capital requirements
On June 25, Federal Reserve Governor Michelle W. Bowman expressed skepticism about calls for higher capital requirements following a string of recent bank failures, warning that stricter capital standards could hinder bank lending and diminish competition. In prepared remarks delivered during a global financial seminar held in Salzburg, Austria, Bowman said that while efforts have been taken to understand what went wrong, which have revealed “some uncomfortable realities about the lead-up to the bank failures,” the majority of the work was prepared internally by Fed supervision staff “relying on a limited number of unattributed source interviews, and completed on an expedited timeframe with a limited scope.” She commented that a necessary next step would be to engage an independent third party to analyze what factors and circumstances contributed to the recent bank failures. Independent reviews, Bowman said, “should play an important role in informing the future path of supervision and regulation.”
Bowman further stressed that banks are currently better capitalized and more closely supervised than before the 2008 financial crisis. The banking system is strong and resilient, Bowman said, which “begs the question—what are the justifications for higher capital requirements?” Instead, regulators should consider whether examiners are armed with the appropriate tools and support to identify material risks and demand prompt remediation. “Increasing capital requirements simply does not get at this underlying concern about the effectiveness of supervision,” she said. She commented that if regulators think about what tools are most effective and efficient in addressing shortcomings, they will find ways to improve supervision, revise liquidity requirements, or improve banks’ preparedness to access liquidity. Bowman cautioned that while “higher capital implies greater resiliency,” this resiliency comes at the cost of decreased credit availability and higher cost of credit in normal times, which “can have broad impacts on banks, the broader financial system, and the economy.” Rising bank capital requirements, Bowman added, may also “exacerbate the competitive dynamics that result in advantages to non-bank competitors and push additional financial activity out of the regulated banking system.”
OCC updates asset management handbook
On June 22, the OCC issued version 1.0 of the Asset Management booklet of the Comptroller’s Handbook. The booklet rescinds the booklet of the same title, issued in December 2000. Among other things, the booklet: (i) clarifies OCC expectations for fiduciary audit requirements; (ii) provides for consistency in the OCC’s examination of bank fiduciary audit activities; (iii) adds language from 12 CFR 150 applying to federal savings associations; and (iv) defines a robust, well documented risk assessment to support the development of a meaningful audit plan and support fiduciary activities.
OCC updates cybersecurity exam procedures
On June 26, the OCC issued Bulletin 2023-22 announcing recent updates to the agency’s approach to cybersecurity assessment procedures. The Cybersecurity Supervision Work Program (CSW) provides high-level examination objectives and procedures aligned with the National Institute of Standards and Technology Cybersecurity Framework (NIST-CFS) and is part of the agency’s risk-based bank information technology supervision process. The CSW is intended to provide examiners an effective approach for identifying cybersecurity risks in supervised banks.
According to an overview provided by the OCC, the CSW “provides examiners with a common framework and terminology in discussions with bank management” and is structured according to the following NIST-CSF functions: identify, protect, detect, respond, and recover (as well as related categories and subcategories). The OCC also developed an additional function, Specialty Areas, to address areas of risk that may be part of OCC cybersecurity assessments, where applicable. Examiners will use these procedures to supplement those outlined in the “Community Bank Supervision,” “Large Bank Supervision,” and “Federal Branches and Agencies Supervision” booklets of the Comptroller’s Handbook, the FFIEC’s Information Technology Examination Handbook booklets, and other related supervisory guidance.
The OCC encourages supervised banks to use standardized approaches to assess and improve cybersecurity preparedness. Banks may choose from a variety of standardized tools and available frameworks, and should use the agency’s CSW cross-references table for further guidance. No new regulatory expectations are established with the issuance of the CSW.
Agencies release 2023 list of distressed, underserved communities
On June 23, the FDIC, Federal Reserve Board, and the OCC released the 2023 list of distressed or underserved nonmetropolitan middle-income geographies where revitalization or stabilization activities are eligible to receive Community Reinvestment Act (CRA) consideration. According to the joint release, the list of distressed nonmetropolitan middle-income geographies and underserved nonmetropolitan middle-income geographies are designated by the agencies under their CRA regulations and reflect local economic conditions such as unemployment, poverty, and population changes. Under CRA, banks are encouraged to help meet the credit needs of the local communities listed. For any geographies that were designated by the agencies in 2022 but not in 2023, the agencies apply a one-year lag period, so such geographies remain eligible for CRA consideration for another 12 months.
Waters asks Treasury, SEC to comment on crypto framework
On June 23, Representative Maxine Waters solicited viewpoints, analysis, and recommendations in letters sent to the Department of Treasury and the SEC regarding a recently introduced discussion draft of cryptocurrency framework. In her letters, Waters requested insight on how the proposed legislation would impact the federal regulators’ ability to conduct oversight, among other things. Waters specifically asked the SEC for recommended amendments to existing law, outside of the bill, to further protect investors in the digital assets space. In her letter to the Treasury, she asked for insight on how the bill would address or conflict with its policy recommendations, and if the bill or specific provisions of it are needed. Waters requested that both regulators provide a written response by June 30 and be prepared to brief the House Financial Services Committee.
Introduced on June 2, the discussion draft to which Waters referred would impact the jurisdiction of the CFTC over digital commodities and the SEC’s authority over digital assets. Committee Chairman Patrick McHenry is a co-author of the discussion draft and also the primary sponsor of newly proposed bills regarding financial statement requirements of emerging growth companies that if passed, will indirectly impact regulators’ oversight in the crypto space. HR 2608 would limit the financial information an emerging growth company would be required to submit to the SEC, among other things. Specifically, “an emerging growth company is not required to present a financial statement for any period prior to the earliest audited period of the emerging growth company in connection with its initial public offering, such as a statement for an acquired company.” Additionally, HR 2610 would amend the Securities Exchange Act of 1934, so emerging growth companies would only need to submit the last 2 years of their profit and loss statements (previously 3 years). Among other things, the bill allows an issuer of securities to submit a draft registration statement to the SEC for confidential review prior to a public filing. Both bills have passed the House.
FTC updates its Endorsement Guide after 14 years
On June 29, the FTC announced the finalized updated version if its Endorsement Guide, to help the agency combat deceptive reviews and endorsements. The FTC says its endorsement guides, which were previously updated in 2009, advise businesses on what practices are considered unfair and deceptive in violation of the FTC Act. The FTC explained that the current, updated version takes into consideration comments solicited earlier this year, to reflect the ways advertisers now reach consumers. The revisions: (i) “articulate[] a new principle regarding procuring, suppressing, boosting, organizing, publishing, upvoting, downvoting, or editing consumer reviews so as to distort what consumers think of a product”; (ii) “address[] incentivized reviews, reviews by employees, and fake negative reviews of a competitor;” (iii) “add[] a definition of ‘clear and conspicuous’ and saying that a platform’s built-in disclosure tool might not be an adequate disclosure”; (iv) “[change] the definition of ‘endorsements’ to clarify the extent to which it includes fake reviews, virtual influencers, and tags in social media;” (v) “better explain[] the potential liability of advertisers, endorsers, and intermediaries”; and (vi) highlight[] that child-directed advertising is of special concern. The FTC concurrently issued an updated version of its guidance regarding frequently asked questions about its endorsement guides.
FTC orders sweepstakes company to pay $18.5 million for using “dark patterns”
On June 26, the FTC filed a complaint against a sweepstakes company alleging they used “dark patterns” (via the use of “manipulative phrasing and website design”) to trick consumers into purchasing products in order to enter the increase the chances of winning the company’s sweepstakes. The FTC further claimed the defendant engaged in other unlawful practices in violation of the FTC Act, including (i) failing to disclose the true price of goods and failing to inform consumers they were responsible for return shipping costs for unwanted products; (ii) misleading consumers with fictitious email subject lines; and (iii) sharing consumer data with third parties despite disclosing in its privacy policy prior to January 2019 that it did sell or rent consumer data to third parties.
Under the terms of the proposed court order filed June 27 stipulating to an injunction, monetary judgement, and other relief, the defendant would be required to pay $18.5 million in monetary relief and make numerous changes to its email and internet operations. Among other things, the defendant would be required to clearly and conspicuously disclose on every shopping page that a purchase is not required to enter a sweepstakes and that purchasing will not help a consumer win. Consumers would also be required, in many cases, to acknowledge this disclosure when responding to a call to action that results in an order. The defendant must also clearly disclose material costs and terms of purchase, as well as any additional fees, and cancellation and return policies. Additionally, the defendant would be required to delete all consumer data collected prior to January 1, 2019, unless required for processing transactions, and stop misrepresenting its data collection and sharing practices.
FHA requires info on language preference, homeowner education in mortgage originations
On June 27, FHA announced lenders will have to submit information about borrowers’ language preferences and homeownership education or housing counseling history through the Supplemental Consumer Information Form when originating mortgages for FHA insurance. According to FHA, borrowers may choose to provide all, some, or none of the information requested on the form, and lenders must transmit any information the borrower disclosed. The information collected from the form will allow the administration to have a better aggregate view of language preferences, which FHA stated, “will influence its future actions to continue breaking down language and other barriers to homeownership.” On June 13, FHA also announced the availability of Chinese, Korean, Spanish, Tagalog, and Vietnamese versions of more than 30 single family mortgage documents and related resources associated with FHA programs.
CFPB levies $25 million penalty for EFTA violations
On June 27, the CFPB entered a consent order against a Nebraska-based payment processor and its Delaware-based subsidiary for alleged violations of the EFTA (Regulation E), and the Consumer Financial Protection Act’s prohibition against unfair acts and practices. According to the Bureau, in 2021 the respondent’s employees allegedly used sensitive consumer financial information while conducting internal testing, without employing the proper information safety protocols. The internal tests allegedly created payment processing files that were treated as containing legitimate consumer bill payment orders. According to the Bureau, the erroneous bill payment orders were allegedly sent to consumers’ banks for processing, which resulted in approximately $2.3 billion in mortgage payments being debited from nearly 500,000 borrower bank accounts without their knowledge or authorization. The Bureau alleged in its order that some consumers accounts were depleted, “depriving Affected Consumers of the use of their funds, including by being prevented from making purchases or completing other legitimate transactions, and many were charged fees, including fees for insufficient funds or overdrawn accounts.” While neither admitting nor denying any of the allegations, the respondent has agreed to pay a $25 million penalty, stop activities the Bureau deemed unlawful, and adopt and enforce reasonable information security practices.