Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On May 21, the CFPB issued two orders partially modifying civil investigative demands (CID) issued by the Bureau in 2017 and 2018. In 2017, a revised CID was issued to a provider of tax debt relief products and services concerning potential violations of UDAAP provisions under the Consumer Financial Protection Act (CFPA). Thereafter, the company petitioned the Bureau to set aside or modify the CID, arguing, among other things, that (i) the CFPA does not empower the CFPB to issue a CID to a tax preparation company given it does not provide a “‘consumer financial product or service’”; (ii) the investigation should be limited initially to information relevant to determining whether the Bureau has enforcement authority over the company; and (iii) the CID is overly broad because the notification of purpose does not comply with the CFPA’s requirements for authorizing Bureau CIDs. In the order, the Bureau rejected the company’s argument that it is not subject to the Bureau’s enforcement authority, stating that the agency is authorized to issue a CID to any person who may have information relevant to a violation, and moreover, the Bureau need not accept as true the company’s factual assertions that its business conduct does not include any activities covered by the CFPA. It also declined the company’s request that the CID be modified to focus solely on information relevant to determining whether the Bureau has enforcement authority over the company, stating that an agency may simultaneously investigate jurisdictional facts and possible violations. The Bureau further noted that the CFPA does not require a notification of purpose to identify particular persons who engaged in the conduct at issue or whether the company itself is under investigation. However, the CFPB modified the notification of purpose to include a statement reflecting that an additional purpose of the investigation is to determine whether false and misleading representation have been made to consumers regarding tax debt relief products and services.
In 2018 a second CID was issued to a financial services company to investigate whether it has engaged in any potential UDAAP violations concerning its marketing and servicing of deferred- interest financing. The company petitioned the Bureau to set aside the CID on the grounds that it (i) provides an inadequate notification of purpose; (ii) seeks information not relevant to any investigation; (iii) is unduly broad and burdensome; and (iv) “is fundamentally at odds” with the Bureau’s mission. Among other things, the Bureau’s order rejected the company’s argument that oral misrepresentations related to deferred-interest financing “are not relevant because no such representations were made to consumers (or, if they were, they were not so numerous as to merit the Bureau’s attention),” or they were not made by the company. According to the Bureau, these objections go to whether the company complied with the law, not whether the information the Bureau seeks is relevant. The Bureau also rejected the company’s arguments related to whether the agency could seek information related to transactions outside of the limitations period for potential violations of the CFPA, stating that the information may allow the Bureau to develop an understanding of the company’s practices and operations. However, while the Bureau emphasized that the company failed to demonstrate that complying with the CID would be overly burdensome, it did make some modifications to the notification of purpose on the recommendation of enforcement counsel, and extended the production timeline.
On May 6, the U.S. Court of Appeals for the 9th Circuit held that (i) the CFPB’s single-director structure is constitutional, and that (ii) the district court did not err when it granted the Bureau’s petition to enforce a law firm’s compliance with a 2017 civil investigative demand (CID). As previously covered by InfoBytes, the CFPB previously determined that none of the objections raised by the law firm warranted setting aside or modifying the CID, which sought information to determine whether the law firm violated the Telemarketing Sales Rule (TSR) when providing debt-relief services. The law firm contended that the CFPB’s single-director structure was unconstitutional and therefore the CID was unlawful. It argued further that the CFPB lacked statutory authority to issue the CID.
On review, the 9th Circuit held that the for-cause removal restriction of the CFPB’s single director is constitutionally permissible based on existing Supreme Court precedent. The panel agreed with the conclusion reached by the U.S. Court of Appeals for the D.C. Circuit majority in the 2018 en banc decision in PHH v. CFPB (covered by a Buckley Special Alert) stating, “if an agency’s leadership is protected by a for-cause removal restriction, the President can arguably exert more effective control over the agency if it is headed by a single individual rather an a multi-member body.” The 9th Circuit noted that the dissenting opinion of then Court of Appeals Judge Brett Kavanaugh found that the single-director structure was unconstitutional and noted that “[t]he Supreme Court is of course free to revisit those precedents, but we are not.”
The 9th Circuit next addressed the law firm’s argument that the CFPB lacked statutory authority when it issued the CID. The panel held that the TSR “does not exempt attorneys from its coverage even when they are engaged in providing legal services,” and therefore, the Bureau has investigative authority without regard to the Consumer Financial Protection Act’s (CFPA) practice-of-law exclusion. In addition, the panel rejected the law firm’s argument that the CID was vague or overly broad, and stated that the CID fully complied with the CFPA’s requirements and identified the allegedly illegal conduct and violations.
On April 23, the CFPB announced updates to its policy on Civil Investigative Demands (CIDs). According to the Bureau, the new policy is consistent with comments received in response to a 2018 Request for Information, which solicited public feedback on “how best to achieve meaningful burden reduction or other improvement to the CID processes while continuing to achieve the Bureau’s statutory and regulatory objectives” (previously covered by InfoBytes here). Going forward, CIDs will (i) provide additional information on potentially applicable provisions of law that may have been violated; (ii) specify business activities subject to Bureau authority; and (iii) “[i]n investigations where determining the extent of the Bureau’s authority over the relevant activity is one of the significant purposes of the investigation, staff may specifically include that issue in the CID in the interests of further transparency.”
On March 6, the FTC’s Office of Legal Counsel warned recipients that subpoenas and civil investigative demands (CID) issued by the agency are legally enforceable demands and should be taken seriously. The FTC stated it is willing “to work with parties and their counsel to determine the scope of the agency’s subpoena or CID and a timeframe for compliance” and issued a reminder that under the FTC’s Rules of Practice, parties are required to meet and confer to identify issues or concerns that may affect a party’s ability to comply. The FTC additionally discussed measures the Office of Legal Counsel may undertake in order to compel compliance, including the possibility of federal court action.
On February 25, the CFPB petitioned the U.S. District Court for the Southern District of New York for an order requiring a debt collection law office to comply with a civil investigative demand (CID) issued by the Bureau in June 2017. The CID requested information from the debt collection firm as part of a Bureau investigation into whether debt collectors, furnishers, or other persons associated with the collection of debt and furnishing of information have engaged or are engaging in unfair, deceptive, or abusive acts or practices in violation of the CFPA, FDCPA, and FCRA. According to the petition, the firm partially responded but withheld several responses asserting that doing so would require the firm's principal to violate professional responsibility rules in the states of New York and New Jersey. Withheld information, the Bureau claims, includes telephone calls and written correspondence with indebted consumers, disputes with consumers over the firm's credit reporting activities to third party agencies, and service contracts with creditors on whose behalf the firm collects debt. The Bureau argued that the court should direct the law firm to comply with the CID because, aside from following all applicable procedural requirements for the issuance of a CID contained within the CFPA, it “has shown that the investigation is being conducted for a legitimate purpose, that the inquiries may be relevant to that purpose, that the information sought is not already within the Bureau's possession, and that the administrative steps required by the [CFPA] and its implementing regulations have been followed. . . .” The Bureau further requested an order that the firm show cause and explain why it should not be compelled to comply with the CID.
On September 6, the U.S. Court of Appeals for the 5th Circuit declined to enforce a Civil Investigative Demand (CID) issued by the CFPB against a Texas public records company, after holding the Bureau did not comply with Dodd-Frank when it issued the CID. After initially receiving the CID, the Texas company objected to its Notification of Purpose as inadequate, as it read, “whether consumer reporting agencies, persons using consumer reports, or other persons have engaged or are engaging in unlawful acts and practices in connection with the provision or use of public records information in violation of the Fair Credit Reporting Act . . . or any other federal consumer law.” In response, the Bureau filed a petition in federal court seeking to enforce the CID and the lower court granted the petition, holding that the Notification of Purpose provided fair notice of the violations under investigation as required by the Dodd-Frank Act. The 5th Circuit disagreed, however, finding that the CID did not identify an alleged violation. The court noted that the CID only made references to the FCRA, a “broad provision of law that the CFPB has authority to enforce,” and “any other federal consumer financial law,” which subsequently “defeats any specificity provided by the reference to the FCRA.” The court emphasized that it could not review the CID under the “reasonable relevance” standard, because the CID failed to identify the conduct under investigation and concluded that the Bureau does not have “unfettered authority to cast about for potential wrongdoing.”
On August 13, in a divided opinion that is not precedential, the U.S. Court of Appeals for the 3rd Circuit affirmed a lower court’s decision to grant a petition filed by the CFPB to enforce a civil investigative demand (CID) issued to a student loan servicer, rejecting arguments that the scope of the Bureau’s investigation was too broadly defined. The Notification of Purpose in the CID at issue named the entirety of the servicer’s business operations, without identifying any specific conduct, when the CFPB sought records to determine whether the servicer’s practices violated federal consumer financial laws. The servicer objected to the Notification of Purpose and petitioned the Bureau to set aside or modify the CID because it did not adequately “state the nature of the conduct constituting the alleged violation which is under investigation and the provision of law applicable to such violation.” The appellate court held that the servicer’s “contention rests on the flawed assumption that the CFPB could not investigate all of [the servicer’s] conduct,” and that, moreover, “[n]othing prohibits the CFPB from investigating the totality of [the servicer’s] business activities, and courts have previously enforced administrative subpoenas regarding conduct that is coextensive with the recipient’s business activity.”
On July 23, the CFPB denied a petition by a debt collector to modify or set aside a civil investigative demand (CID) issued by the Bureau in September 2017. The CID requested information from the debt collector “to determine whether debt collectors, depository institutions, or other persons have engaged or are engaging in unlawful acts and practices in connection with the collection of debt. . . .” The debt collector petitioned the Bureau to set aside or modify the CID, which requests were denied. The Bureau rejected the company’s argument that the CID should be set aside because the purported violations of the Fair Debt Collection Practices Act are not actionable under the “bona fide error rule.” The order emphasizes that the Bureau is not required to establish there was a violation of law in order to issue a CID, and the debt collector’s arguments “prematurely assert substantive defenses to claims the Bureau has not yet asserted.” The order also rejects the company’s argument that the CID be modified because certain requests are “disproportionate” and would impose an undue burden on the company, requiring the manual review of numerous audio files, which the Bureau denies because “[c]onclusory allegations of burdensomeness are insufficient.” The Bureau did allow for some of the information in the petition to be redacted because it could constitute confidential supervisory information but denied the request for confidential treatment of the rest of the materials.
On April 25, a coalition of 16 state Attorneys General issued a comment letter responding to the CFPB’s Request for Information (RFI) on Civil Investigative Demands (CIDs). (See previous InfoBytes coverage on the RFI here and here.) According to the letter, the coalition opposes “any effort to curtail the Bureau’s civil investigative demand authority,” noting, among other things, that (i) the CFPB’s implementation of its final rule relating to investigations was “non-controversial” and based on established FTC enforcement practices; (ii) federal agencies are allowed to fulfill their mandates through the legislative grant of civil investigative demand authority; (iii) judicial supervision over CIDs protects recipients’ rights; and (iv) the CFPB “has used its investigative authority responsibly and effectively.”
On April 17, the U.S. District Court for the Western District of Pennsylvania ordered a student loan servicer to comply with a CFPB Civil investigative Demand (CID), while the servicer awaits appeal. As previously covered by InfoBytes, in February the court enforced a CFPB CID issued against the student loan servicer in June 2017. In granting the Bureau’s petition to enforce the CID, the court found that the CID’s Notification of Purpose met the statutory notice requirements because nothing in the law bars the CFPB “from investigating the totality of a company’s business operations.” The court also found that the investigation was for a “legitimate purpose,” the information requested is relevant and not already known by the Bureau, and the request is not unreasonably broad or burdensome. On March 26, the servicer filed a motion to stay the court’s order pending appeal to the U.S. Court of Appeals for the 3rd Circuit. In denying the servicer’s motion, the court held that the servicer would not be irreparably harmed if it responded to the CID should the 3rd Circuit reverse the court’s decision as the Appeals Court could order all documents to be returned and prevent the CFPB from acting upon information learned through the CID. Additionally, the servicer argued that the CFPB would not be injured if the court granted the stay because the agency has not yet brought an enforcement action. The court disagreed with this argument, holding that the CFPB cannot bring an enforcement action without reviewing the relevant documents and granting the stay would only “further stall the CFPB’s efforts to obtain documents and information that it requested nine months ago.”
- Amanda R. Lawrence to discuss "Navigating the challenges of the latest data protection regulations and proven protocols for breach prevention and response" at the ACI National Forum on Consumer Finance Class Actions and Government Enforcement
- Tim Lange to discuss "Ease your pain at the state level: Recommendations for navigating the licensing issues in the states" at the Online Lenders Alliance Compliance University
- Amanda R. Lawrence, Aaron C. Mahler, and Jonice Gray Tucker to discuss "Expanded role for the FTC ahead: Implications for bank and nonbank financial institutions" at an American Bar Association Banking Law Committee Webinar
- Buckley Webcast: Flirting with alternatives — Opportunities and challenges created by alternative data, modeling, and technology
- Daniel P. Stipano to discuss "Reporting requirements for credit unions: CTRs and SARs" at the National Association of Federally-Insured Credit Unions BSA Seminar
- Daniel P. Stipano and Moorari K. Shah to discuss "Vendor management: What is the NCUA looking for?" at the National Association of Federally-Insured Credit Unions BSA Seminar
- Sasha Leonhardt and John B. Williams to discuss "Privacy" at the National Association of Federally-Insured Credit Unions Summer Regulatory Compliance School
- Warren W. Traiger to discuss "CRA modernization" at the National Association of Industrial Bankers and the Utah Association of Financial Services Annual Convention
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program
- Hank Asbill to discuss "Ethical guidance in conducting internal investigations – The intersection of Yates and Upjohn" at the American Bar Association Southeastern White Collar Crime Institute
- Brandy A. Hood to discuss "RESPA Section 8/referrals: How do you stay compliant?" at the New England Mortgage Bankers Conference
- Daniel P. Stipano to discuss "Risk management in enforcement actions: Managing risk or micromanaging it" at the American Bar Association Business Law Section Annual Meeting
- Daniel P. Stipano to discuss "Navigating the conflicting federal and state laws for doing business with cannabis companies" at the American Bar Association Business Law Section Annual Meeting
- Tim Lange to discuss "Services and value" at the North American Collection Agency Regulatory Association Annual Conference
- Amanda R. Lawrence to discuss "Data privacy litigation" at the Mortgage Bankers Association Regulatory Compliance Conference
- Brandy A. Hood to discuss "How to ace your TRID exam" at the Mortgage Bankers Association Regulatory Compliance Conference
- Jonice Gray Tucker to discuss "HMDA data is out, now what?" at the Mortgage Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Melissa Klimkiewicz to discuss "Navigating FHA rules and regs" at the Mortgage Bankers Association Regulatory Compliance Conference
- Kathryn L. Ryan to discuss "The state’s role in fintech: Providing an industry framework for innovation" at Lend360
- Amanda R. Lawrence to discuss "How to balance a successful (and stressful) career with greater personal well-being" at the American Bar Association Women in Litigation Joint CLE Conference