InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
District Court denies delay on payday lending compliance
On September 30, the U.S. District Court for the Western District of Texas denied a request made by two trade groups to stay the implementation of the payment provisions of the CFPB’s 2017 final rule covering “Payday, Vehicle Title, and Certain High-Cost Installment Loans” (2017 Rule) while they appeal an earlier decision allowing the provisions to take effect. As previously covered by InfoBytes, the court upheld the 2017 Rule’s payment provisions, finding that the Bureau’s ratification “was valid and cured the constitutional injury caused by the 2017 Rule’s approval by an improperly appointed official.” The court also concluded that the payment provisions, as a matter of law, “are consistent with the Bureau’s statutory authority and are not arbitrary and capricious,” and that the Bureau properly considered the costs and benefits of such payment provisions. The court’s order, however, granted the plaintiffs’ request to stay the compliance date, which had been set as August 19, 2019, until 286 days after final judgment.
The plaintiffs appealed to the U.S. Court of Appeals for the Fifth Circuit and asked the district court to stay the running of the 286-day stay pending appeal, such that compliance would not be required until 286 days after the appeal is resolved. The court rejected that request, stating that the plaintiffs “failed to make a sufficient showing to warrant a stay pending resolution of the appeal” and that “the equities do not support extending the stay of the compliance date beyond the court's 286-day stay from August 30, 2021.”
FCC proposes obligations on international robocalls
On October 1, the FCC released a notice of proposed rulemaking (NPRM) to impose obligations on gateway providers to prevent illegal robocalls originating abroad from reaching U.S. consumers and businesses. Among other things, the NPRM seeks to require domestic gateway providers “to apply STIR/SHAKEN caller ID authentication to, and perform robocall mitigation on, foreign-originated calls with U.S. numbers.” As previously covered by InfoBytes, the STIR/SHAKEN framework addresses “unlawful spoofing by confirming that a call actually comes from the number indicated in the Caller ID, or at least that the call entered the US network through a particular voice service provider or gateway.” According to the FCC, the STIR/SHAKEN framework decreases illegal spoofing, provides assistance to law enforcement, and strengthens voice service providers’ blocking of robocalls using illegally spoofed caller ID information. The notice also proposes ensuring that gateway providers are engaged in the fight against illegal robocalls by requiring them to timely respond to traceback requests, which are utilized to block illegal robocalls and inform FCC enforcement investigations. Additionally, the NPRM seeks to require that both the gateway provider and the network accepting questionable traffic from the gateway provider actively block such calls. In a statement, acting Chairwoman Jessica Rosenworcel stated that such measures “will help [the FCC] tackle the growing number of international robocalls.” Comments on the proposed rules are due 30 days after the date of publication in the Federal Register.
CFPB releases debt collection FAQs
On October 1, the CFPB released a set of FAQs discussing limited-content messages and the call frequency provisions under the Debt Collection Rule in Regulation F. As previously covered by InfoBytes, in October 2020 the CFPB issued its final rule amending Regulation F, which implements the Fair Debt Collection Practices Act, addressing debt collection communications and prohibitions on harassment or abuse, false or misleading representations, and unfair practices. Among other things, the FAQs clarify: (i) the qualifications of a “limited-content message”; (ii) that debt collectors can utilize a pre-recorded voice message for limited-content messages; (iii) that the final rule “establishes a presumption of a violation of, and a presumption of compliance with, the prohibition against harassing, oppressive, or abusive conduct, based on the frequency of a debt collector’s telephone calls and conversations”; (iii) that the final rule “does not preempt a state law that affords greater protection to consumers, including, for example, by imposing limits or more restrictive presumptions related to telephone call frequency”; (iv) that seven days is the maximum time a consumer’s direct prior consent applies to additional telephone calls; and (v) the factors that may rebut the presumption of a violation.
FHA publishes draft HECM sections of handbook
On September 29, FHA requested stakeholder review and feedback on the draft Home Equity Conversion Mortgage (HECM) Origination through Servicing sections of its Single Family Housing Policy Handbook 4000.1. The new draft sections are a continuation of the agency’s move toward a consolidated, authoritative Handbook 4000.1, and contain revisions to policy language to improve clarity and consistency along with proposed new policies. FHA stated that once the final version is published, the HECM Origination through Servicing sections will conform to the new organizational structure of Handbook 4000.1 and will replace existing HECM guidance on: (i) origination through post-closing and endorsement; (ii) appraiser and property requirements; (iii) servicing and loss mitigation; and (iv) glossary and acronyms. Feedback on the draft sections (posted on the agency’s drafting table) are due by November 15.
California Privacy Protection Agency seeks preliminary comments on CPRA proposed rulemaking
On September 22, the California Privacy Protection Agency (CPPA) formally called on stakeholders to provide preliminary comments on proposed rulemaking under the California Privacy Rights Act (CPRA). The CPRA, which established the CPPA to administer, implement, and enforce the act, was approved by ballot measure in November 2020 (covered by InfoBytes here) and updated the existing California Consumer Privacy Act. The invitation for comments highlights several areas of interest for the CPPA as it begins the rulemaking process, including topics related to: (i) cybersecurity audits and risk assessments to be performed by businesses processing personal information that presents a significant risk to consumers’ privacy or security; (ii) matters concerning automated decision-making; (iii) audits performed by the CPPA; (iv) issues related to consumer rights, including consumers’ right to delete, right to correct, and right to know what personal data has been collected or shared, as well as consumers’ rights to opt-out of the selling or sharing of their personal information and to limit the use and disclosure of their sensitive personal information; (v) information to be provided when responding to a consumer’s request to know; and (vi) definitions and categories of information and activities, including what updates or additions should be added to “personal information,” “sensitive personal information,” “precise geolocation,” and “dark patterns,” among other terms. Comments must be submitted by November 8.
The CPRA will become effective January 1, 2023, with enforcement delayed until July 1, 2023. However, the CPRA will apply to personal information collected by a business on or after January 1, 2022. The CPPA notes that this invitation for comments is not a proposed rulemaking action and states that the public will have additional opportunities to provide comments on proposed regulations or modifications when it proceeds with a notice of proposed rulemaking action.
FinCEN seeks comments on antiquities trading
On September 23, the Financial Crimes Enforcement Network (FinCEN) issued an Advance Notice of Proposed Rulemaking (ANPRM) to solicit public comments on implementing Section 6110 of the Anti-Money Laundering Act of 2020 (Act) regarding the trade in antiquities. FinCEN noted that this is the first of several regulatory actions that the agency intends to undertake to implement Section 6110. As previously covered by InfoBytes, the Act made numerous changes to the Bank Secrecy Act (BSA), including amendments to the definition of “financial institution” to include a “person engaged in the trade of antiquities, including an advisor, consultant, or any other person who engages as a business in the solicitation or the sale of antiquities.” FinCEN explained that crimes related to the trade in antiquities may include money laundering and sanctions violations, and may also be exploited by terrorist financiers seeking to evade detection when laundering illicit funds through the U.S. financial system. In March, FinCEN issued an advisory notice (covered by InfoBytes here) alerting financial institutions with existing BSA obligations about illicit activity associated with trade in antiquities and art. According to FinCEN, the ANPRM “is an important step in strengthening U.S. national security by protecting the U.S. financial system from money launderers and terrorist financiers that seek to exploit the antiquities trade.”
In developing the ANPRM, FinCEN coordinated with the FBI, the Attorney General, and Homeland Security Investigations to consider several factors, including “the degree to which the regulations should focus on high-value trade in antiquities, and on the need to identify the actual purchasers of such antiquities, in addition to the agents or intermediaries acting for or on behalf of such purchasers,” whether thresholds should apply when determining persons to regulate, and what exemptions, if any, should apply to the regulations. The ANPRM seeks comments regarding, among other things: (i) “the potential for money laundering, financing of terrorism, and other illicit financial activity in the antiquities industry”; (ii) “the existence of any safeguards in the industry to guard against this potential”; (iii) “the effect that compliance with BSA requirements could have on the antiquities industry”; (iv) “what additional steps may be necessary to protect the industry from abuse by money launderers and other malign actors”; and (v) “which actors within the antiquities trade should be subject to BSA requirements.” Comments are due October 25.
SEC letter illustrates climate-change disclosures
Recently, the SEC’s Division of Corporation Finance issued guidance to companies that may be required to include information concerning climate change risks and opportunities in “disclosures related to a company’s description of business, legal proceedings, risk factors, and management’s discussion and analysis of financial condition and results of operations.” Such disclosures, as discussed in the SEC’s 2010 Climate Change Guidance, address the following: (i) the effect of pending or existing legislation, regulations, and international agreements related to climate change; (ii) the indirect impact of regulations or the direction of business trends; and (iii) the physical effects of climate change. An illustrative letter provided by the Division outlines “sample comments that the Division may issue to companies regarding their climate-related disclosure or the absence of such disclosure.” The Division clarified that the letter does not provide an exhaustive list of issues that companies should consider, and that any comments issued “would be appropriately tailored to the specific company and industry, and would take into consideration the disclosure that a company has provided in Commission filings.”
Democratic senators ask FTC to reconsider privacy rulemaking
On September 20, nine Democratic Senators sent a letter to FTC Chair Lina M. Khan requesting that the FTC draft new rules that better protect consumers’ personal data and privacy. The Senators argued that ongoing data breaches and privacy violations have “shown the limits of the FTC's general prohibition on unfair and deceptive practices.” Among other things, the Senators urged the agency to consider a rulemaking process that has “strong protections for the data of members of marginalized communities, prohibitions on certain practices (such as the exploitative targeting of children and teens), opt-in consent rules on use of personal data, and global opt-out standards.” The Senators also pointed out that the FTC has substantial expertise in the legal process regarding enforcement and privacy authorities, such as those under the Children’s Online Privacy Protection Act and the Fair Credit Reporting Act. Therefore, a rulemaking initiative led by the FTC would advance congressional efforts in developing federal privacy legislation through “research, public comment record, and dialogue.”
OCC updates earnings and regulatory Comptroller’s Handbook
On September 22, the OCC issued Bulletin 2021-44 announcing versions 1.0 of the “Earnings” and “Regulatory Reporting” booklets of the Comptroller’s Handbook. The new booklets apply to national banks, federal savings associations, and federal branches and agencies of foreign banking organizations, as well as the OCC’s supervision of community banks. The revised “Earnings” booklet rescinds the “Analytical Review of Income and Expense” booklet issued in March 1990 (with examination procedures issued in March 1998). The revised “Regulatory Reporting” booklet rescinds the “Review of Regulatory Reports” booklet, which was also issued in March 1990. The “Earnings” booklet, among other things, “supplements the earnings core assessments and provides examiners with expanded procedures to use when reviewing earnings for a specific line of business or the bank as a whole.” The “Regulatory Reporting” booklet, among other things: (i) pertains to call reports and similar financial reports but not, for instance, annual reports or those concerning nonfinancial activities; (ii) highlights sound risk management principles regarding regulatory reporting; and (iii) provides examiners procedures regarding assessing activities for a bank’s regulatory reporting. Although the rating system for federal branches does not include an earnings rating, examiners perform an earnings review, tailored to the activities of the federal branch, and, as such, the “Earnings” booklet is helpful guidance.
CFPB requests comments on credit card data collections
On September 21, the CFPB published a notice and request for comments in the Federal Register seeking input on revisions to an existing, currently approved information collection, related to reporting terms of credit card plans and consumer and college credit card agreements. The notice relates to credit card data collected by the Bureau as required under TILA regarding agreements between issuers and consumers under a credit card account for open-end consumer credit plans, as well as “any college credit card agreements to which the issuer is a party and certain additional information regarding those agreements.” The data collections will enable the Bureau to provide “a centralized and searchable repository for consumer and college credit card agreements and information regarding the arrangements between financial institutions and institutions of higher education.” Comments must be received by October 21.