Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On September 21, the CFPB announced the beginning of its anticipated rulemaking regarding consumer reporting, including a proposal to remove medical bills from credit reports. This announcement builds upon a hearing the CFPB held in July 2023 on medical billing and collections, highlighting its range of negative impact on marginalized communities (covered by InfoBytes here). In the CFPB’s announcement, Director Rohit Chopra emphasized the inconsequential “predictive value” of medical bills in credit reports despite their prevalence in American households, thus the agency's goal is to alleviate the burden on individuals facing medical debt. The Bureau’s press release highlighted components to its outline of proposals and alternatives under consideration, such as (i) prohibiting consumer reporting companies from including medical bills in consumers’ credit reports; (ii) prohibiting creditors from relying on medical bills for underwriting decisions; and (iii) prohibiting debt collectors from leveraging the credit reporting system to pressure consumers into paying their debts. The rule would not prevent creditors from accessing medical bill information, such as validating need for medical forbearances, or evaluating loan applications for paying medical debt.
In addition to the proposed removal of medical debt from consumer reports, the Bureau’s outline includes other notable proposals regarding consumer reports. The Bureau’s proposals include”
- As previously covered by InfoBytes, applying the FCRA to data brokers by altering the FCRA definitions of “consumer report” and “consumer reporting agency”, to “address whether and how the FCRA applies to newer actors and practices in the credit reporting marketplace, including questions such as coverage of data brokers and certain consumer reposting agency practices regarding marketing and advertising.” In particular, the Bureau is also considering a proposal that would provide that data brokers selling “consumer reports” containing consumers’ payment history, income, and criminal records would be considered a consumer reporting agency. The Bureau is also exploring clarifications on when data brokers qualify as consumer reporting agencies and furnish consumer reports.
- Clarifying whether “credit header data” qualifies as a consumer report, which could limit the disclosure or sale of credit header data without valid reasoning.
- Clarifying that certain targeted marketing activities that do not directly share information with a third party nevertheless are subject to the FCRA.
- Proposing a definition of the terms “assembling” and “evaluating” to include intermediaries or vendors that “transmit consumer data electronically between data sources and users.”
- Clarifying whether and when aggregated or anonymized consumer report information constitutes or does not constitute a consumer report. Specifically, the Bureau contemplates providing that a data broker’s sale of particular data points such as “payment history, income, and criminal records” would “generally be a consumer reports, regardless of the purpose for which the data was actually used or collected, or the expectations of that data broker
- Establishing the steps that a company must take to obtain a consumer’s written instructions to a obtain a consumer report.
- Addressing a consumer reporting agency’s obligation under the FCRA to protect consumer reports from a data breach or unauthorized access.
On September 14, U.S. District Judge Karen K. Caldwell issued an order granting an injunction sought by the Kentucky Bankers Association and eight Kentucky-based banks to enjoin the CFPB from implementing and enforcing requirements for small business lenders until the U.S. Supreme Court rules on the CFPB’s funding structure (previously covered by InfoBytes here and here).
As previously covered by InfoBytes, the plaintiff banks filed their motion for a preliminary injunction seeking an order to enjoin the CFPB from enforcing the Small Business Lending Rule against them for the same reasons that a Texas district court enjoined enforcement of the rule (Texas decision covered by InfoBytes here). The CFPB argued, among other things, that the plaintiff banks failed to satisfy the factors necessary for preliminary relief, that the plaintiff banks are factually wrong in asserting that the Rule would require lenders to compile “‘scores of additional data points’ about their small business loans,” and the “outlier ruling of the 5th Circuit” in the Texas case does not demonstrate that the plaintiff banks are entitled to the relief they seek.
In the order granting the preliminary injunction, Judge Caldwell discussed the factors for determining whether injunctive relief is appropriate. Notably, Judge Caldwell determined that the irreparable harm factor weighs in favor of the plaintiffs, stating “[p]laintiffs are already incurring expenses in preparation for enforcement of the Rule and will not be able to recover upon a Supreme Court ruling that the CFPB’s funding structure is unconstitutional.” Additionally, Judge Caldwell indicated that the likelihood of success factor “does not tip the scale in either direction,” and the substantial harm to others if the preliminary injunction is granted, and the public interest factors “carry little weight” because “[b]efore the Rule becomes enforceable, a decision on the merits will be issued by the highest court in the land.”
Judge Caldwell found that the imposition of the preliminary injunction “will create no harm to the CFPB nor the public since the rule would not otherwise be enforceable in the interim” and granted the preliminary injunction “in the interest of preserving the status quo until the Supreme Court has made its decision.”
On September 19, the CFPB issued guidance about legal requirements that creditors must follow when using artificial intelligence and other complex models.
In prior guidance, the agency stated that lenders must provide specific and accurate reasons for adverse actions against consumers. The latest guidance expanded upon that prior guidance to clarify that lenders cannot simply use CFPB sample adverse action forms and checklists when taking adverse actions against consumers, but must explain the reasons for such adverse actions to help improve consumers’ chances for future credit, and protect consumers from illegal discrimination.
In its announcement of the updated guidance, the CFPB discussed the potential that consumers may be denied credit as a result of the increased use of complex, predictive decision-making technologies to analyze large datasets that may include consumer surveillance data or other information that the consumer may not believe is relevant to their finances. The agency confirmed that creditors must disclose the specific reasons for adverse action, even if consumers may be surprised, upset, or angered to learn their credit applications were being graded on data that may not intuitively relate to their finances. According to the guidance, a creditor is not absolved from the requirement to specifically and accurately inform consumers of the reasons for adverse actions because the use of predictive decision-making technologies in their underwriting models makes it difficult to pinpoint the specific reasons for such adverse actions.
On September 18, the CFPB released a final rule revising the dollar amounts for provisions implementing TILA and its amendments that impact loans under the Home Ownership and Equity Protection Act of 1994 (HOEPA) and qualified mortgages (QM). The Bureau is required to make annual adjustments to dollar amounts in certain provisions in Regulation Z, and has based the adjustments on the annual percentage change reflected in the Consumer Price Index for Urban Wage Earners and Clerical Workers (CPI-W) in effect on June 1, 2023. The following thresholds are effective January 1, 2024:
- For HOEPA loans the adjusted total loan amount threshold for high-cost mortgages will be $26,092, and the adjusted points-and-fees dollar trigger for high-cost mortgages will be $1,305;
- For qualified mortgages under the General QM loan definition, the thresholds for the spread between the annual percentage rate and the average prime offer rate will be: “2.25 or more percentage points for a first-lien covered transaction with a loan amount greater than or equal to $130,461; 3.5 or more percentage points for a first-lien covered transaction with a loan amount greater than or equal to $78,277 but less than $130,461; 6.5 or more percentage points for a first-lien covered transaction with a loan amount less than $78,277; 6.5 or more percentage points for a first-lien covered transaction secured by a manufactured home with a loan amount less than $130,461; 3.5 or more percentage points for a subordinate-lien covered transaction with a loan amount greater than or equal to $78,277; or 6.5 or more percentage points for a subordinate-lien covered transaction with a loan amount less than $78,277”; and
- For all QM categories, the adjusted thresholds for total points and fees will be “3 percent of the total loan amount for a loan greater than or equal to $130,461; $3,914 for a loan amount greater than or equal to $78,277 but less than $130,461; 5 percent of the total loan amount for a loan greater than or equal to $26,092 but less than $78,277; $1,305 for a loan amount greater than or equal to $16,308 but less than $26,092; and 8 percent of the total loan amount for a loan amount less than $16,308.”
With respect to credit card annual adjustments, the Bureau noted that its 2024 annual adjustment analysis on the CPI-W in effect on June 1, did not result in an increase to the current minimum interest charge threshold (which requires “creditors to disclose any minimum interest charge exceeding $1.00 that could be imposed during a billing cycle”).
On September 14, the CFPB released a report highlighting risks associated with college tuition payment plans. Analyzing nearly 450 college websites, the report found that many plans lack clear disclosures and have confusing repayment terms, potentially causing students to miss payments and accumulate debt. Additionally, the CFPB noted that some institutions use transcript withholding as a debt collection tool, a practice deemed illegal and detrimental to students' career prospects.
Key findings include:
- Inconsistent and confusing disclosures in tuition payment plans.
- Substantial fees, including enrollment fees, returned payment fees, and late fees, leading to high costs for students.
- Intrusive debt collection practices, such as withholding transcripts, negatively impacting students' futures.
- High costs for missed payments and potential conversion of no-interest plans into interest-bearing loans.
- Contracts that may force students to waive legal rights and protections.
- Lack of standardized disclosure requirements, leading to inconsistency in how plans are presented on school websites.
The CFPB plans to continue monitoring tuition payment plans and school-based lending practices to protect consumers from potential violations of federal consumer financial laws.
On September 11, the CFPB issued a consent order against an Ohio-based nonbank consumer finance company (respondent), for deceptive practices related to consumer leasing agreements. The CFPB, along with 41 states and the District of Columbia, addressed respondent’s conduct in a parallel multi-state settlement. According to the consent order, respondent, operating through major retailers, allegedly concealed contract terms and costs from consumers, leading them to unknowingly enter into costly leasing agreements. The Bureau claims that deceptive practices left consumers unable to return products and burdened with unexpectedly high payments, violating the CFPA and Regulation M, implementing the Consumer Leasing Act.
The consent order states that respondent concealed lease agreement terms, often providing consumers with copies of the agreements after transactions or relying on verbal descriptions from store employees. Consumers were also allegedly trapped by unreasonable return practices, as respondent did not accept returns for many items, forcing consumers to pay excessively high prices. Additionally, the CFPB claimed respondent failed to provide legally required disclosures, leading to revenues of approximately $192 million from around 325,000 consumers.
As a result of the consent order, respondent is permanently prohibited from offering consumer leases and is required to close all outstanding consumer accounts. Consumers will be allowed to keep leased merchandise without further payment, amounting to approximately $33.6 million in released payments. Respondent must also pay a $2 million penalty, with $1 million going to the CFPB's victims’ relief fund and the remaining $1 million allocated to the participating states.
The CFPB's director, Rohit Chopra, emphasized the significance of the order, stating that it permanently bans respondent from engaging in such agreements. The alleged deceptive practices, which occurred from January 1, 2015 to the present, and allegedly affected over 1.8 million consumers who entered into financial agreements with the company covering a wide range of items, from auto parts to furniture and jewelry. Respondent neither admitted nor denied the CFPB’s claims.
On September 5, the CFPB filed an opposition to a motion for a preliminary injunction made by a group of Kentucky banks (plaintiff banks) in the U.S. District Court for the Eastern District of Kentucky. As previously covered by InfoBytes, the plaintiff banks filed their motion for a preliminary injunction seeking an order to enjoin the CFPB from enforcing the Small Business Lending Rule against them for the same reasons that a Texas district court enjoined enforcement of the rule (Texas decision covered by InfoBytes here). The CFPB argues that the plaintiff banks have not satisfied any of the factors necessary for preliminary relief, including that they have not shown that their claim is likely to succeed on the merits, and they have not shown that they face imminent irreparable harm. The Bureau also argues that the plaintiff banks are factually wrong in asserting that the Rule would require lenders to compile “‘scores of additional data points’ about their small business loans,” and that the additional data requirements are consistent with the Bureau’s statutory authority to require such additional data if it assists in “‘fulfilling the purposes of [the statute].’” The CFPB argues, among other things, that the “outlier ruling of the 5th Circuit” in the Texas case does not demonstrate that the plaintiff banks are entitled to the relief they seek.
On September 1, the CFPB posted guidance to its website that affirms guidance on the Real Estate Settlement Procedures Act (RESPA) that the Department of Housing and Urban Development previously issued. In 2011, the Dodd-Frank Act transferred responsibility for RESPA from HUD to the CFPB. At the time, the Bureau stated that it would apply “the official commentary, guidance, and policy statements” that HUD had issued on RESPA “pending further CFPB action” and would give “due consideration” to other (i.e., informal) guidance and interpretations. Although the Bureau has issued certain consent orders and other statements that may cast doubt on whether it interprets RESPA in the same manner that HUD did, in the most recent posting, the Bureau confirms that the list of documents posted by the Bureau generally “continue to be applied today by the CFPB.”
On August 28, the CFPB announced a proposed settlement with Utah-based credit repair telemarketers and various affiliates (collectively, "defendants") for allegedly committing deceptive acts and practices in violation of the Telemarketing Sales Rule (TSR) and the Consumer Financial Protection Act (CFPA) by collecting illegal advance fees. As previously covered by InfoBytes, in its initial lawsuit the CFPB alleged the defendants requested and received payment of “prohibited” upfront fees for telemarketed credit repair services when they signed up. In June, a district court ruling put a hold on the Bureau’s initial attempt to impose the settlement because of “outstanding issues of fact” which precluded it from entering the agency’s requested relief at that time (covered by InfoBytes here). The Bureau and defendants have now agreed to a new settlement which will, among other things, (i) impose over $2.7 billion in redress (understanding that the principal corporate defendant is in Chapter 11 bankruptcy proceedings); (ii) impose over $64 million in civil money penalties; (iii) ban defendants from telemarketing and from doing business with certain marketing affiliates for ten years; and (iv) require defendants to send a notice of the settlement to “any remaining enrolled customers who were previously signed up through telemarketing.”
The proposed settlement is subject to final approval by the court.
On August 22, the U.S. District Court for the Western District of New York refused to dismiss CFPA and FDCPA claims brought by the CFPB that alleged violations related to misrepresentations made to debtors by debt collectors. The CFPB’s complaint alleged that defendants purchased defaulted consumer debt and then placed it for collection with, or sold it to, a network of debt collectors who consistently violated consumer protection laws by making false statements to debtors. These false statements included informing consumers that (i) they would be sued for failing to pay the debts; (ii) that their credit score would be impacted by paying or not paying the debt; and (iii) that they could face criminal charges for failing to pay the debt. The complaint additionally alleged that defendants were aware of the allegedly unlawful acts by the debt collectors they used through monitoring of the debt collectors and consumer complaints made to defendants.
The CFPB’s complaint alleged violations against a variety of corporate entities responsible for the alleged debt collection practices, as well as individual executives at those entities. Defendants moved to dismiss the complaint on several grounds. The defendants argued that they are not “covered persons” under the CFPA, because they do not actually collect debts themselves. The district court held that the defendants were “covered persons” under the CFPA since they were engaged in the collection of consumer debt, writing that it would “strain ordinary understanding to say that a company is not engaged in collecting debt when it purchases defaulted debt, places that debt with other companies for collection, and then receives some of the money recovered by those debt collectors.” Similarly, the defendants argued that they are not “debt collectors” under the FDCPA. The court also rejected this argument, reasoning that defendants’ principal purpose was debt collection making them a “debt collector” for FDCPA purposes, because they purchased portfolios of debts and derived most of their revenue from collecting those debts.
The district court also rejected defendants’ arguments that they could not be held vicariously liable for the conduct of the third-party debt collectors under the CFPA or FDCPA, reasoning that parties can be found vicariously liable for the acts of their agents under both statutes. The court held that because the CFPB’s complaint alleged that the defendants exercised authority over the debt collectors, vicarious liability for the violations by the debt collectors was appropriate.
The district court further held that the complaint adequately alleged violations of the CFPA by the individual defendants. The court held that the individual defendants enabled violations of the CFPA, relying on the fact that the individual defendants had both knowledge of the violations and the ability to control the violations, by either providing instructions to the debt collectors or by refusing to place debts with those collectors. Further, the court held that the individual defendants could be liable for “substantially assisting” violations of the CFPA, because the complaint alleged that the individual defendants recklessly disregarded unlawful behavior by the debt collectors and continued to place or sell debts to those collectors.
Finally, defendants also argued that both the CFPA and the FDCPA claims are time barred by the statute of limitations. The court rejected the defendants’ argument that the CFPB’s FDCPA claims were barred by the FDCPA’s one-year statute of limitations, holding that this provision applies only to private plaintiffs. The court held that FDCPA claims brought by the CFPB are subject to the CPFA’s statute of limitations, which bars claims brought more than three years after the CFPB’s discovery of the violations. The court further rejected the defendants’ argument that the claims were barred by this three-year statute of limitations, holding that it is unclear from the complaint when the CFPB became aware of facts constituting the violation and that the receipt of a consumer complaint by the CFPB will not necessarily constitute the date that the CFPB discovered or should have discovered the facts constituting the violation.