Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On November 12, the CFPB announced a settlement with an Illinois-based non-bank debt collector, resolving allegations that the company violated the Fair Credit Reporting Act (FCRA), Regulation V, and the Consumer Financial Protection Act when providing information to consumer reporting agencies (CRAs). According to the Bureau, the company allegedly (i) “furnished information to CRAs that it knew or had reasonable cause to believe was inaccurate and failed to report to CRAs an appropriate first date of delinquency on certain accounts”; (ii) failed to conduct reasonable investigations into disputes reported to the company and to the CRAs; (iii) failed to send required notices about the results of investigations; and (iv) “failed to establish, implement, and update its policies and procedures regarding its furnishing of consumer information to CRAs.” According to the consent order, the company, among other things, allegedly furnished actual payment amounts as $0.00 on roughly 165,000 accounts even though consumers had made payments. For about 72,000 accounts, the company allegedly furnished current balances and amounts past due in amounts other than $0.00 even though the accounts were settled in full.
The consent order requires the company to pay a $500,000 civil money penalty and to (i) regularly review samples of furnished account information for accuracy and integrity; (ii) review samples of consumer disputes to ensure they are handled in compliance with the FCRA; (iii) update its policies and procedures to ensure compliance and continued effectiveness; and (iv) secure at least one independent consultant who specializes in FCRA and Regulation V compliance to conduct a review of the company’s activities, policies, and procedures related to furnishing and credit reporting.
States ask Treasury to exempt stimulus payments from garnishment and urge CFPB to “vigorously enforce” FCRA
On April 13, a coalition of state attorneys general and the Hawaii Office of Consumer Protection (states) sent a letter to Treasury Secretary Steven T. Mnuchin, calling for immediate action to ensure that stimulus checks issued under the CARES Act to consumers affected by the Covid-19 pandemic are not subject to garnishment by creditors and debt collectors. While the CARES Act does not “explicitly designate these emergency stimulus payments as exempt from garnishment,” the states claim that a “built-in mechanism” contained within a provision of the CARES Act can rectify the legislative oversight. Specifically, the states point to Section 2201(h), which “authoriz[es] Treasury to issue ‘regulations or other guidance as may be necessary to carry out the purposes of this section,’” and ask Treasury to immediately designate the stimulus checks as “‘benefit payments’ exempt from garnishment.”
The same day, another coalition of state attorneys general sent a letter to CFPB Director Kathy Kraninger urging the Bureau to rescind an April 1 policy statement directed at consumer reporting agencies (CRAs) and furnishers (covered by InfoBytes here) that stated the Bureau will take a “flexible supervisory and enforcement approach during this pandemic regarding compliance with the Fair Credit Reporting Act [(FCRA)] and Regulation V.” According to the states, the policy statement suggests that the Bureau does not plan on enforcing the CARES Act amendment to the FCRA, which requires lenders to report as current any loans subject to Covid-19 forbearance or other accommodation. The Bureau’s decision, the states contend, may discourage consumers from taking advantage of offered forbearances and other accommodations. The states also argue that allowing CRAs to take longer than the FCRA-prescribed 30 days to investigate consumer disputes puts consumers at risk. The states stress that the recent increase in Covid-19 scams has heightened the need for the Bureau to vigorously enforce the FCRA, and that, moreover, the thousands of complaints received by the states, FBI, FTC, and DOJ concerning phishing and other scams designed to gather consumers’ financial information have highlighted identity theft risks. The states emphasize “that even if the CFPB refuses to act. . .we will not hesitate to enforce the FCRA’s deadlines against companies that fail to comply with the law.”
On December 9, the CFPB released a special edition of its fall 2019 Supervisory Highlights, focusing on recent supervisory findings in the areas of consumer reporting and information furnishing to consumer reporting companies (CRCs). This is the second special edition to focus on consumer reporting issues, and follows a report that the Bureau released in March 2017 covered by InfoBytes here. According to the Bureau, recent supervisory reviews of FCRA and Regulation V compliance have identified new violations as well as compliance management system (CMS) weaknesses at CFPB-supervised institutions. However, the Bureau noted that examiners have also observed significant improvements, such as continued investment in FCRA-related CMS.
Highlights of the supervisory findings include:
- Recent examples of CMS weaknesses and FCRA/Regulation V violations (where corrective action has either been taken or is currently being taken) in which one or more (i) mortgage loan furnishers did not maintain policies and procedures “appropriate to the nature, size, complexity, and scope of the furnisher’s activities”; (ii) auto loan furnishers’ policies and procedures failed to provide sufficient guidance for investigating indirect disputes containing allegations of identity theft; (iii) debt collection furnishers’ policies and procedures failed to differentiate between FCRA disputes, FDCPA disputes, or validation requests, leading to a lack of consideration for applicable regulatory requirements when handling these matters; and (iv) deposit account furnishers lacked written policies and procedures for furnishing or validating the information provided to specialty CRCs.
- Examiners found that one or more furnishers provided information they knew, or had reasonable cause to believe, was inaccurate. Examples include inaccurate derogatory status codes due to coding errors and unclear addresses for consumers to submit disputes.
- Examiners discovered several instances where furnishers failed to send prompt notifications to CRCs after determining that information previously furnished was inaccurate, including situations where furnishers failed to promptly update or correct information after consumers paid charged-off balances in full or discharged them in bankruptcy.
- Examiners found that some furnishers reported the incorrect date of the first delinquency in connection with their responsibility to provide notice of delinquent accounts to CRCs.
- Examiners found several instances where furnishers failed to investigate disputes, complete investigations in a timely manner, or notify consumers of certain determinations related to “frivolous or irrelevant” disputes.
The Bureau also discussed supervisory observations concerning CRC compliance with FCRA provisions, and commented that CRCs continue to (i) improve procedures concerning the accuracy of information contained in consumer reports; (ii) implement improvements to prevent consumer reports from being furnished to users who lack a permissible purpose; (iii) strengthen procedures to “block information that a consumer has identified as resulting from an alleged identity theft”; and (iv) investigate and respond to consumer disputes.
On August 2, the CFPB ordered a national bank to pay $4.6 million for allegedly failing to establish adequate policies and procedures for providing consumer deposit account information to nationwide specialty consumer reporting agencies (NSCRAs). The consent order alleges that the bank violated the Fair Credit Reporting Act and Regulation V by failing to provide consumers the results of investigations into their disputes and by withholding the contact information for the consumer reporting company supplying the information used to deny a checking account application. Pursuant to the consent order, in addition to the civil money penalty, the bank must (i) implement policies and procedures to ensure NSCRAs receive accurate consumer deposit account information; (ii) provide consumers with the results of its dispute investigations concerning information furnished to NSCRAs; and (ii) give consumers NSCRA contact information in situations of adverse action.
- Hank Asbill to discuss "The federal fraud sentencing guidelines: It's time to stop the madness" at a New York Criminal Bar Association webinar
- Buckley Webcast: From there to here – Anticipating comparative redlining claims
- Daniel P Stipano to moderate "Digital identity: The next gen of CIP" at the American Bankers Association/American Bar Association Financial Crimes Enforcement Conference
- Buckley Webcast: New sheriff in town – AML and sanctions under the new administration
- Tim Lange to discuss "Impact of Covid-19 on your business" at the California Mortgage Bankers Association Legal Issues & Regulatory Compliance Conference