Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On June 6, the FTC announced that it submitted its 2018 Annual Financial Acts Enforcement Report to the CFPB. The report—which the Bureau requested for its use in preparing its 2018 Annual Report to Congress—covers the FTC’s enforcement activities regarding Regulation Z (the Truth in Lending Act or TILA), Regulation M (the Consumer Leasing Act or CLA), and Regulation E (the Electronic Fund Transfer Act or EFTA). Highlights of the enforcement matters covered in the report include:
- Auto Lending and Leasing. The report discusses two enforcement matters related to deceptive automobile dealer practices. The first, filed in August 2018, alleged that a group of four auto dealers, among other things, advertised misleading discounts and incentives in their vehicle advertisements, and falsely inflated consumers’ income and down payment information on financing applications. The charges brought against the defendants allege violations of the FTC Act, TILA, and the CLA. The FTC sought, among other remedies, a permanent injunction to prevent future violations, restitution, and disgorgement. (Detailed InfoBytes coverage of the filing is available here.) In the second, in December 2018, the FTC mailed over 43,000 checks, totaling over $3.5 million, to consumers allegedly harmed by nine dealerships and owners engaged in deceptive and unfair sales and financing practices, deceptive advertising, and deceptive online reviews. (Detailed InfoBytes coverage is available here.)
- Payday Lending. The report covers two enforcement matters, including the U.S. Court of Appeals for the 9th Circuit’s December 2018 decision upholding the $1.3 billion judgment against defendants responsible for operating an allegedly deceptive payday lending program. The decision is the result of a 2012 complaint in which the FTC alleged that the defendants engaged in deceptive acts or practices in violation of Section 5(a) of the FTC Act by making false and misleading representations about costs and payment of the loans. (Detailed InfoBytes coverage is available here.) The report also indicates that, in February 2018, the FTC issued over 72,000 checks totaling more an $2.9 million to consumers stemming from a July 2015 settlement, that alleged that online payday operators used personal financial information purchased from third-party lead generators or data brokers to make unauthorized deposits into and withdrawals from consumers’ bank accounts, regardless of whether the consumer applied for a payday loan. (Detailed InfoBytes coverage is available here.)
- Negative Option. The report covers six enforcement matters related to alleged violations of the EFTA and Regulation E for “negative option” plans, including three new filings against online marketers for allegedly advertising “free trial” offers for products that enrolled consumers in expensive, ongoing plans without their knowledge or consent. The report notes that, in 2018, the FTC reached a settlement with one entity and obtained a court judgment against another, both resulting in injunctive relief and monetary settlements (which were suspended due to the defendants’ inability to pay). The report also notes that the FTC mailed 2,116 refund checks totaling more than $355,000 to people who bought an allegedly deceptive “memory improvement” supplement.
Additionally, the report addresses the FTC’s research and policy efforts related to truth in lending and leasing, and electronic fund transfer issues, including (i) a study of consumers’ experiences in buying and financing automobiles at dealerships; and (ii) the FTC’s Military Task Force’s work on military consumer protection issues. The report also outlines the FTC’s consumer and business education efforts, which include several blog posts warning of new scams and practices.
On April 17, Kathy Kraninger, Director of the CFPB, spoke before the Bipartisan Policy Center where she reiterated the Bureau’s focus on prevention of harm and announced a symposium that will explore the meaning of “abusive acts or practices” under Section 1031 of the Dodd-Frank Act. In her remarks, Kraninger touched on the four “tools” the Bureau has at its disposal to execute its mission: education, rulemaking, supervision, and enforcement.
- Education. The Bureau wants to help consumers protect their own interests and choose the right products and service to help themselves. Specifically, the Bureau is focusing on ensuring that American consumers learn to save to be able to absorb a financial shock.
- Rulemaking. The Bureau will comply with Congressional mandates to promulgate rules or address specific issues through rulemaking, but when the Bureau has discretion, it will focus on “preventing consumer harm by maximizing informed consumer choice, and prohibiting acts or practices which undermine the ability of consumers to choose the products and services that are best for them.” In the coming weeks, the Bureau will release its proposed rules to implement the FDCPA, which will include (i) bright line limits on the number of calls consumers can receive from debt collectors on a weekly basis; (ii) clarity on how collectors may communicate through new technology such as, email and text messages; and (iii) requiring more information at the outset of collection to help consumers better identify debts and understand payment and dispute options. Kraninger stated, “the CFPB must acknowledge that the costs imposed on regulated entities absolutely affect access to, and the availability of, credit to consumers.”
- Supervision. This tool is the “heart of the agency,” according to Kraninger, as it helps to prevent violations of laws and regulations from happening in the first place. The Bureau will keep in mind that it is not the only regulator examining most entities and will focus on coordination and collaboration with the other regulators so as not to impose unmanageable burdens in examinations.
- Enforcement. The Bureau will continue to enforce against bad actors that do not comply with the law, as enforcement is “an essential tool that Congress gave the Bureau.” The Bureau will have a “purposeful enforcement regime” to foster compliance and help prevent consumer wrongs. Kraninger is “committed to ensuring that enforcement investigations proceed carefully and purposefully to ensure a fair and thorough evaluation of the facts and law… [and ensuring they] move as expeditiously as possible to resolve enforcement matters, whether through public action or a determination that a particular investigation should be closed.”
Kraninger also touched on how the Bureau plans to measure success going forward. Kraninger noted that in the past, the Bureau touted its outgoing statistics as a measurement, such as amount of consumer redress and number of complaints handled. However, according to Kraninger, if the Bureau succeeds in fostering a goal of prevention of harm, certain outputs like meritorious complaints would actually be lower. Therefore, the Bureau’s success should be based on how it uses all of its tools. Lastly, Kraninger announced a symposia series that would convene to discuss consumer protections in “today’s dynamic financial services marketplace.” The first will explore the meaning of “abusive acts or practices” under Section 1031 of the Dodd-Frank Act, specifically, to address issues with the “reasonableness” standard. There are no additional details on the date for the symposium but Kraninger noted that this would be the next step in exploring future rulemaking on the issue. The series will also have future events discussing behavioral law and economics, small business loan data collection, disparate impact and the Equal Credit Opportunity Act, cost-benefit analysis, and consumer authorized financial data sharing.
Additionally, on April 9, acting Deputy Director, Brian Johnson, spoke at the George Mason University Law & Economics Center's Ninth Annual Financial Services Symposium. In his prepared remarks, Johnson emphasized that regulatory rules should be “as simple as possible” when dealing with complex markets as they are easier for a greater portion of actors to understand and adapt to and also promote compliance, “which has the ancillary benefit of making it easier for consumers (not to mention regulators) to distinguish between good and bad actors.” Johnson argued that regulators should not try and dictate specific outcomes in rulemaking. Instead, Johnson stated that “financial regulators should recognize that complex market systems are not a means to accomplish their specific goals” and should “narrowly-tailor rules to address a discrete market failure.” Johnson also touched on the Bureau’s new Office of Innovation, noting that the Bureau’s proposed No Action Letter Program and Product Sandbox will offer firms “the opportunity to expand credit while still preserving important consumer protections,” while assisting the Bureau in learning about new technologies and potential consumer risks. As for the Bureau’s cost-benefit analysis, Johnson said that this activity will not be limited to future actions, but will also be used for “periodic retrospective analysis” because financial markets are “constantly changing, requiring constant reappraisal and verification of the rules that govern the system.”
On March 20, the CFPB and the FTC released (here and here) their annual report to Congress on the administration of the FDCPA, which highlights the 2018 efforts of the agencies. The agencies coordinate in enforcement; share supervisory and consumer complaint information; and collaborate on education under a memorandum of understanding that was reauthorized in February. (Covered by InfoBytes here.) In the report, the Bureau acknowledges its intent to release a Notice of Proposed Rulemaking on debt collection covering issues such as “communication practices and consumer disclosures” in spring 2019. In addition to highlighting the Bureau’s debt collection education efforts, the report also states that in 2018 the Bureau (i) received approximately 81,500 debt collection complaints related to first-party and third-party collections; (ii) initiated six public enforcement actions alleging violations of the FDCPA, one resulting in an $800,000 civil money penalty; and (iii) identified one or more violations of the FDCPA through supervisory examinations.
As for the FTC, in addition to education efforts, the report states that in 2018 the agency (i) initiated or resolved seven enforcement actions, three of which were related to phantom debt collection, obtaining more than $58.9 million in judgments; (ii) returned money to thousands of consumers who were targeted by phantom debt collection operations; and (iii) banned 32 companies and individuals from working in the debt collection market.
On March 3, the 21st annual National Consumer Protection Week (NCPW) began. According to the FTC announcement, NCPW will run from March 3 through March 9 and aims to help consumers understand their rights while giving them access to free educational materials. The FTC, together with its federal, state and local partners, consumer groups, and other national advocacy organizations intend to provide advice on scams, identity theft, and other fraudulent business practices. A schedule of three specific social media events hosted by the FTC is provided in the announcement.
On August 3, the FDIC published a special edition of its quarterly FDIC Consumer News publication, recognizing the 25th anniversary of the newsletter, titled “25 Years of Tips You Can Bank On: Time-Tested Strategies for Managing and Protecting Your Money.” The quarterly newsletter intends to deliver “timely, reliable and innovative tips and information” about financial matters to consumers. The special edition reprises and updates an old article from each year going back to 1993 and includes topics such as (i) retirement planning and saving; (ii) how to know what is FDIC insured; (iii) minimizing the risk of identity theft; (iv) refinancing loans; and (v) cybersecurity checklists.
On July 12, the Senate Committee on Banking, Housing, and Urban Affairs held a hearing entitled “An Overview of the Credit Bureaus and the Fair Credit Reporting Act” to discuss the scope and enforcement of the Fair Credit Reporting Act (FCRA), the measures undertaken by the CFPB and the FTC to oversee credit bureau data security and accurate credit reporting, and other laws and regulations as they pertain to credit bureaus. Committee Chairman Mike Crapo, R-Idaho, opened the hearing by discussing the need to understand the “current state of data security, data accuracy, data breach policy” given consumers’ increased reliance on technology and recent cybersecurity incidents.
Associate Director for the Division of Privacy and Identity Protection at the FTC, Maneesha Mithal, discussed in prepared remarks the FTC’s role in implementing, enforcing, and interpreting the FCRA, as we all as the importance of educating consumers and businesses about FCRA requirements. According to Mithal, the FCRA continues to be a “top priority” for the FTC as the consumer reporting system evolves and new technologies emerge. Mithal discussed consumer reporting agency (CRA) FCRA compliance requirements concerning, among other things, dispute resolution processes, furnisher obligations, and credit reporting accuracy. Specifically, Mithal commented on the FTC’s more than 30 FCRA enforcement actions, in addition to the more than 60 law enforcement actions taken against companies for allegedly failing to implement reasonable data security practices. Mithal also touched upon the FTC’s business guidance and consumer education efforts concerning FCRA rights and obligations.
Assistant Director for Supervision Policy at the Bureau, Peggy Twohig, similarly discussed the Bureau’s authority over CRAs and furnishers with respect to the agency’s supervisory and enforcement authority, and noted, among other things, that while the agency possesses broad authority to promulgate rules as required to enforce the FCRA, it lacks rulemaking authority under certain sections of the FCRA related to red flags and the disposal of records, which fall under the FTC’s purview. Twohig further commented on the Bureau’s efforts to educate consumers on a variety of topics, including data breaches, credit freezes, and credit and identity monitoring.
On April 4, the CFPB released its eleventh Request for Information (RFI) in a series seeking feedback on the Bureau’s operations. This RFI solicits public comment to assist the Bureau in “assessing the overall efficiency and effectiveness of its consumer financial education programs.” Pursuant to the Dodd-Frank Act, the CFPB develops education programs to educate and empower consumers to make better informed financial decisions, and to improve consumers’ financial literacy. The Bureau develops programs for the general public as well as programs designed for special populations. While the Bureau is seeking feedback on all aspects of its financial education initiatives, the RFI specifically seeks comments related to (i) the topics and delivery functions of the programs; (ii) the effectiveness of the programs, including how the Bureau should measure program success; and (iii) how to avoid duplication and improve coordination with other federal agencies. The RFI is expected to be published in the Federal Register on April 9. Comments will be due 90 days from publication.
On March 1, the FTC issued its annual summary on consumer complaints received by the agency over the past year, highlighting trends in various categories such as fraud and identity theft. The report, Consumer Sentinel Network Data Book 2017 (2017 Data Book), provides category breakdowns and national and state specific data extrapolated from the Consumer Sentinel Network (CSN)—a secure online database of millions of consumer complaints available only to law enforcement agencies. In compiling the 2017 Data Book, CSN collected and analyzed nearly 2.7 million consumer complaints—a decrease from the nearly 3 million complaints it received in 2016. However, total loses reported for 2017 increased by $63 million to nearly $905 million in total losses due to fraud.
The 2017 Data Book provides a breakdown of complaints sorted into 30 top categories. Highlights include the following:
- States. Florida, Georgia, and Nevada were the top states for fraud complaints, while Michigan, Florida, and California were the top states for identity theft complaints.
- Top categories. While there were 1.1 million fraud reports filed overall (42.5 percent of all reports), debt collection remained the top complaint in 2017, amounting to 22.7 percent of all complaints. Identity theft (13.8 percent) and imposter scams (13 percent) rounded out the top three. “While we received fewer overall complaints in 2017, consumers reported losing more money to fraud than they did the year before,” said Tom Pahl, Acting Director of the FTC’s Bureau of Consumer Protection in a press release issued by the agency. “This underscores the importance of the FTC’s work in educating consumers and cracking down on the scammers who try to take their money.” Rounding out the top ten consumer complaints for 2017 were: telephone and mobile services; banks and lenders; prizes, sweepstakes, and lotteries; shop-at-home and catalog sales; credit bureaus, information furnishers, and report users, auto related complaints, and television and electronic media.
- Military. Fraud and identify theft were the largest category of complaints from military consumers—the majority reporting imposter scams, credit card fraud, and bank fraud. Military retirees and veterans submitted the highest number of reports.
- Fraud losses by age. The 2017 Data Book includes data broken out by age groups for the first time. Younger consumers aged 20-29 reported losing money to fraud more than consumers over age 70, but for older consumers who reported losing money, the median amount lost was greater.
Additional information about the 2017 Data Book is available here.
On February 12, the CFPB released its five-year strategic plan, which establishes the agency’s long-term strategic goals with corresponding objectives and achievement strategies. The strategic plan also introduces a new stated mission for the CFPB, which is based on Sections 1011(a) and 1013(d) of the Dodd-Frank Act:
“To regulate the offering and provision of consumer financial products or services under the Federal consumer financial laws and to educate and empower consumers to make better informed financial decisions.”
The new mission focuses on regulation and education but is silent on enforcement, as compared to the Bureau’s previous mission:
“The CFPB helps consumer financial markets work by making rules more effective, by consistently and fairly enforcing those rules, and by empowering consumers to take more control over their economic lives.”
In addition to the mission, with the exception of the achievement strategies, the plan’s goals and corresponding objectives are all also restatements of various sections of title X of the Dodd-Frank Act. According to the plan, the Bureau will act with “humility and moderation” in achieving the three stated goals, which are:
- “Ensure that all consumers have access to markets for consumer financial products and services.”
- “Implement and enforce the law consistently to ensure that markets for consumer financial products and services are fair, transparent, and competitive.”
- “Foster operational excellence through efficient and effective processes, governance and security of resources and information.”
Notable, are the strategies the Bureau has outlined to achieve its goals and objectives. Among others, these strategies include, (i) reviewing individual regulations for clarification opportunities and considering alternative approaches to regulation; (ii) enhancing institutional regulatory compliance to protect consumers from discrimination and UDAAP violations; (iii) focusing enforcement resources on institutions and product lines that pose the greatest risk to consumers; (iv) promoting the development of compliance technology solutions. The strategic plan also focuses on internal strategies to achieve the Bureau’s mission, such as, maintaining a responsive cybersecurity program and promoting budget discipline.
The final strategic plan is a significant rewrite of the draft strategic plan published in October 2017 under the Bureau’s previous leadership (covered by InfoBytes here). The final plan represents a “more coherent strategic direction” compared to the draft version, according to a letter written by acting Director Mick Mulvaney, which accompanies the final plan.
On the same day as the strategic plan was released, President Trump issued his 2019 budget proposal which outlines a plan to place the CFPB under the congressional appropriations process, cut the Bureau’s budget by more than $6 billion over 10 years, and restrict the Bureau’s enforcement authority of federal consumer financial laws. More InfoBytes details about the budget proposal are available here.
On November 21, the CFPB released a report summarizing findings from a qualitative study about consumers’ experiences with overdraft programs. The study consisted of one-on-one interviews by telephone with 88 individual consumers from May 2014 through June 2014 (the report does not comment on the three-year gap between the interviews and the release). According to the CFPB, the study was not designed to identify systematic trends but instead to provide an in-depth review of consumers’ experiences. The report concluded that consumers need a wide range of educational resources to support the varying experiences and perceptions they have with overdraft services. For example, the report notes that while some consumers commented on unexpected overdraft fees after miscalculating the timing of transaction processing, others noted their intentional use of overdraft options to make purchases or pay bills. The CFPB encouraged financial educators to develop their own overdraft resources with the awareness that consumers may use and interpret programs in varying ways and provided a list of CFPB resources available for use.
- Amanda R. Lawrence to discuss "Navigating the challenges of the latest data protection regulations and proven protocols for breach prevention and response" at the ACI National Forum on Consumer Finance Class Actions and Government Enforcement
- Tim Lange to discuss "Ease your pain at the state level: Recommendations for navigating the licensing issues in the states" at the Online Lenders Alliance Compliance University
- Amanda R. Lawrence, Aaron C. Mahler, and Jonice Gray Tucker to discuss "Expanded role for the FTC ahead: Implications for bank and nonbank financial institutions" at an American Bar Association Banking Law Committee Webinar
- Buckley Webcast: Flirting with alternatives — Opportunities and challenges created by alternative data, modeling, and technology
- Daniel P. Stipano to discuss "Reporting requirements for credit unions: CTRs and SARs" at the National Association of Federally-Insured Credit Unions BSA Seminar
- Daniel P. Stipano and Moorari K. Shah to discuss "Vendor management: What is the NCUA looking for?" at the National Association of Federally-Insured Credit Unions BSA Seminar
- Sasha Leonhardt and John B. Williams to discuss "Privacy" at the National Association of Federally-Insured Credit Unions Summer Regulatory Compliance School
- Warren W. Traiger to discuss "CRA modernization" at the National Association of Industrial Bankers and the Utah Association of Financial Services Annual Convention
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program
- Hank Asbill to discuss "Ethical guidance in conducting internal investigations – The intersection of Yates and Upjohn" at the American Bar Association Southeastern White Collar Crime Institute
- Brandy A. Hood to discuss "RESPA Section 8/referrals: How do you stay compliant?" at the New England Mortgage Bankers Conference
- Daniel P. Stipano to discuss "Risk management in enforcement actions: Managing risk or micromanaging it" at the American Bar Association Business Law Section Annual Meeting
- Daniel P. Stipano to discuss "Navigating the conflicting federal and state laws for doing business with cannabis companies" at the American Bar Association Business Law Section Annual Meeting
- Tim Lange to discuss "Services and value" at the North American Collection Agency Regulatory Association Annual Conference
- Amanda R. Lawrence to discuss "Data privacy litigation" at the Mortgage Bankers Association Regulatory Compliance Conference
- Brandy A. Hood to discuss "How to ace your TRID exam" at the Mortgage Bankers Association Regulatory Compliance Conference
- Jonice Gray Tucker to discuss "HMDA data is out, now what?" at the Mortgage Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Melissa Klimkiewicz to discuss "Navigating FHA rules and regs" at the Mortgage Bankers Association Regulatory Compliance Conference
- Kathryn L. Ryan to discuss "The state’s role in fintech: Providing an industry framework for innovation" at Lend360
- Amanda R. Lawrence to discuss "How to balance a successful (and stressful) career with greater personal well-being" at the American Bar Association Women in Litigation Joint CLE Conference