Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On November 30, the Bureau issued a no action letter (NAL) to a Fintech covering its automated underwriting and pricing model that facilitates the origination of unsecured, closed-end loans made by third party lenders. The NAL states that the Bureau will not bring supervisory or enforcement actions against the lender concerning alleged discrimination on a prohibited basis from its use of the automated model for unsecured, closed-end loans under (i) Section 701(a) of ECOA and Sections 1002.4(a) and (b) of Regulation B; or (ii) its authority to prevent unfair, deceptive, or abusive acts or practices. According to the lender’s application, after applicants meet initial eligibly requirements, the automated model, which uses artificial intelligence techniques and alternative data, is designed “to assess the individual risk profile of [eligible] applicants…and is responsible for assigning the maximum amount an applicant can borrow and the appropriate interest rate based on that risk assessment.” If the model’s assigned interest rate “falls within the parameters of a lending partner’s loan program,” the applicant will be approved. The NAL expires after 36 months.
On November 5, under the CFPB’s revised no-action letter (NAL) policy, the Bureau issued a NAL to a national bank regarding certain small-dollar credit products offered by the bank. As previously covered by InfoBytes, in May, the Bureau approved a template in response to a request by a nonpartisan public policy, research and advocacy group for banks that would assist depository institutions in offering a standardized, small-dollar credit product under $2,500 with a repayment term between 45 days and one year. The bank submitted its application using this template.
Among other things, the NAL notes that the bank’s application includes (i) each of the “13 Guardrail Certifications” described in the template; (ii) a copy of the small-dollar credit product’s terms and conditions the bank intends to provide to consumers; (iii) marketing materials intended to be used to market the product; and (iv) substantially similar consumer benefits and consumer risks as described in the advocacy groups’ template application. A copy of the bank’s application is available here.
Additionally, the Bureau released a Paperwork Reduction Act (PRA) notice, covering research efforts to “identify information that could be disclosed to consumers during the payday loan process to help them make better-informed decisions.”
On July 17, the CFPB announced a new Compliance Assistance Statement of Terms Template (CAST Template) under its Compliance Assistance Sandbox (CAS) Policy issued to a company’s program designed to help employees build emergency savings. Specifically, under the approved template, known as “Autosave,” interested employers could help employees build emergency savings by directing a portion of the employee’s pay to an employee-designated account at a financial institution; or if an employee does not designate an account, directing the funds to an “Autosave” account at an employer-designated institution. The Bureau notes that a CAST Template is necessary for this program due to the legal uncertainty around the application of the “compulsory use” prohibition in the Electronic Fund Transfer Act (EFTA), and Regulation E. However, the applicants assert the Autosave program embodies a “reasonable default enrollment method,” which, according to the Bureau, can be consistent with the consumer choice requirements of the EFTA and Regulation E.
On July 7, the CFPB released a blog post discussing the use of artificial intelligence (AI) and machine learning (ML), addressing the regulatory uncertainty that accompanies their use, and encouraging stakeholders to use the Bureau’s innovation programs to address these issues. The blog post notes that “AI has the potential to expand credit access by enabling lenders to evaluate the creditworthiness of some of the millions of consumers who are unscorable using traditional underwriting techniques,” but using AI may create or amplify risks, including unlawful discrimination, lack of transparency, privacy concerns, and inaccurate predictions.
The blog post discusses how using AI/ML models in credit underwriting may raise compliance concerns with ECOA and FCRA provisions that require creditors to issue adverse action notices detailing the main reasons for the denial, particularly because AI/ML decisions can be “based on complex interrelationships.” Recognizing this, the Bureau explains that there is flexibility in the current regulatory framework “that can be compatible with AI algorithms.” As an example, citing to the Official Interpretation to Regulation B, the blog post notes that “a creditor may disclose a reason for a denial even if the relationship of that disclosed factor to predicting creditworthiness may be unclear to the applicant,” which would allow for a creditor to use AI/ML models where the variables and key reasons are known, but the relationship between them is not intuitive. Additionally, neither ECOA nor Regulation B require the use of a specific list of reasons, allowing creditors flexibility when providing reasons that reflect alternative data sources.
In order to address the continued regulatory uncertainty, the blog post encourages stakeholders to use the Trial Disclosure, No-Action Letter, and Compliance Assistance Sandbox programs offered by the Bureau (covered by InfoBytes here) to take advantage of AI/ML’s potential benefits. The blog post mentions three specific areas in which the Bureau is particularly interested in exploring: (i) “the methodologies for determining the principal reasons for an adverse action”; (iii) “the accuracy of explainability methods, particularly as applied to deep learning and other complex ensemble models”; and (iii) the conveyance of principal reasons “in a manner that accurately reflects the factors used in the model and is understandable to consumers.”
On May 22, the CFPB announced it issued two no-action letter (NAL) templates. The two templates approved by the Bureau are intended to support financial institutions to better assist struggling consumers during the Covid-19 pandemic. Details of the two approved templates include:
- Mortgage servicing. The Bureau approved a template submitted by a mortgage software company that would enable mortgage servicers to use the company’s online platform—which is an online version of Fannie Mae Form 710—to implement loss mitigation practices for borrowers. A copy of the company’s application is available here.
- Small-dollar lending. The Bureau approved a template, in response to a request by a nonpartisan public policy, research and advocacy group for banks, that would assist depository institutions in offering a standardized, small-dollar credit product under $2,500 with a repayment term between 45 days and one year. The template covers, among other things, a product structured as either (i) a fixed-term, installment loan, which the customer would pay back in fixed minimum payment amounts over the term of the loan; or (ii) an open-end line of credit, linked to the consumer’s deposit account, where any amounts drawn would be repaid by consumers in fixed minimum amounts over a fixed repayment period. An institution would need to certify that their product offering meets the product features—labeled as “guardrails” in the template—but the Bureau notes that the inclusion of “any particular guardrail should not be interpreted as a statement by the Bureau that small-dollar credit products must contain such guardrails to avoid violating the law.” A copy of the group’s application is available here.
On January 10, the CFPB issued its second no-action letter (NAL) under the agency’s revised NAL Policy that was issued last September. The new NAL Policy’s goal is to streamline the review process to “focus[ ] on the consumer benefits and risks of the product or service in question.” As previously covered by InfoBytes, the Bureau issued its first NAL under the revised policy in response to a request by HUD on behalf of more than 1,600 housing counseling agencies (HCAs) that participate in HUD’s housing counseling program.
A national bank is the recipient of the most recent NAL regarding the bank’s funding arrangements with HCAs certified by HUD. The NAL states that the Bureau will not take supervisory or enforcement actions against the bank under RESPA or UDAAP for entering into certain arrangements with HCAs for pre-purchase housing counseling services conditioned on the consumer applying for a loan from the bank, even if that activity could be construed as a referral, as long as the level of payment for the services is no more than a level that is commensurate with the services provided and is reasonable and customary for the area. The Bureau noted that the bank submitted its application to facilitate funding arrangements with HCAs through the HUD NAL application, which was made public last year.
On September 10, the CFPB issued three final innovation policies, the No-Action Letter (NAL) Policy, Compliance Assistance Sandbox (CAS) Policy, and Trial Disclosure Program (TDP) Policy. Director Kraninger noted that the new policies will “improve how the Bureau exercises its authority to facilitate innovation and reduce regulatory uncertainty. . .contribut[ing] to an environment where innovation can flourish—giving consumers more options and better choices.” In September 2018, the Bureau published the proposed TDP policy (covered by InfoBytes here), and in December 2018, the Bureau published the proposed NAL and CAS policies (covered by InfoBytes here). Highlights of the final policies include:
- NAL. The NAL policy provides a NAL recipient reassurance that the Bureau will not bring a supervisory or enforcement action against the company for providing a product or service under the covered facts and circumstances. After an application is considered complete, the Bureau will grant or deny the request within 60 days. The Bureau intends to publish NALs on its website and, in some cases, a version or summary of the application. The Bureau may also publish denials and an explanation of why the application was denied. The policy notes that disclosure of information is governed by the Dodd-Frank Act, FOIA and the Bureau’s rule on Disclosure of Records and Information, which generally would prohibit the Bureau from disclosing confidential information.
- CAS. The CAS policy will evaluate a product or service for compliance with relevant laws and will offer approved applicants a “safe harbor” from liability for certain covered conduct during the testing period under TILA, ECOA, or the EFTA. The CAS was originally proposed as the “Proposed Sandbox Policy,” and included, in addition to the now listed carve-outs, exemptions by order from statutory provisions of ECOA, HOEPA, and the Federal Deposit Insurance Act (FDIA). The final CAS policy does not include the exemption program. The Bureau noted that, based on the comments received on the proposal, it will issue, at a later date, a new proposal to establish a program for exemptions by order through a separate notice-and comment rulemaking.
- TDP. The TDP policy creates the “CFPB Disclosure Sandbox,” which carries out the requirements of Section 1032(e) of the Dodd-Frank Act. The Bureau’s first TPD policy was finalized in 2013, allowing for approved company disclosures to be deemed in compliance with, or exempted from, applicable federal disclosure requirements during the testing period. Under the previous policy, the Bureau did not approve a single company program for participation. The updated TDP policy streamlines the application process, including providing formal determinations within 60 days of deeming an application complete. The policy provides procedures for requesting extensions of successful testing programs, as the Bureau expects most testing periods will start at two-years.
The Bureau also announced the first NAL issued under its new policy in response to a request by HUD on behalf of more than 1,600 housing counseling agencies (HCAs) that participate in HUD’s housing counseling program. The NAL states that the Bureau will not take supervisory or enforcement action under RESPA against HUD-certified HCAs that have entered into certain fee-for-service arrangements with lenders for pre-purchase housing counseling services. Specifically, the Bureau will not take such action against a HCA for including and adhering to a provision in such agreements conditioning the lender’s payment for the housing counseling services on the consumer making contact or closing a loan with the lender, even if that activity could be construed as a referral under RESPA, provided that the level of payment for the services is no more than a level that is commensurate with the services provided and is reasonable and customary for the area. The Bureau issued a template for lenders to seek a NAL for such arrangements, which includes certain anti-steering certifications that (i) the consumer will choose between comparable products from at least three different lenders; (ii) the funding is based on services rendered, not on the terms or conditions of any mortgage loan or related transaction; and (iii) no endorsement, sponsorship, or other preferential treatment will be conveyed to the lender for entering into the arrangement. According to the Bureau, the NAL, “is intended to facilitate HCAs entering into such agreements with lenders and will enhance the ability of housing counseling agencies to obtain funding from additional sources.” In addition to the template, the Bureau has made the HUD NAL application publicly available as well.
On August 6, the CFPB published a blog providing an update on credit access and the Bureau’s first-issued No-Action Letter (NAL), and reporting that use of alternative data in underwriting may expand access to credit. In 2017, the CFPB announced its first NAL to a company that uses alternative data and machine learning to make credit underwriting and pricing decisions. One condition for receiving the NAL required the company to agree to a model risk management and compliance plan, which analyzed and addressed risks to consumers and the real-world impact of its service. Through specific testing, the company worked to answer two key questions: (i) “whether the tested model’s use of alternative data and machine learning expands access to credit, including lower-priced credit, overall and for various applicant segments, compared to the traditional model”; and (ii) “whether the tested model’s underwriting or pricing outcomes result in greater disparities than the traditional model with respect to race, ethnicity, sex, or age, and if so, whether applicants in different protected class groups with similar model-predicted default risk actually default at the same rate.”
According to the Bureau, the company reported that in the access to credit comparisons, the alternative data model approved 27 percent more applicants as compared to a traditional underwriting model, and yielded 16 percent lower average APRs for approved loans, with the expansion in access to credit “occur[ing] across all tested race, ethnicity, and sex segments.” For the fair lending testing, the company reported that no disparities were found in the approval rate and APR analysis results provided for minority, female, and older applicants. Additionally, the company reported significant expansion of access to credit for certain consumer segments under the tested model, including that (i) “consumers with FICO scores from 620 to 660 are approved approximately twice as frequently”; (ii) “[a]pplicants under 25 years of age are 32 [percent] more likely to be approved”; and (iii) “[c]onsumers with incomes under $50,000 are 13 [percent] more likely to be approved.” The Bureau noted that the testing results were provided by the company, and the simulations and analyses were not separately replicated by the Bureau.
On April 3, the SEC issued a no-action letter to a Delaware-based airline chartering services company not recommending enforcement action for offering and selling “tokens” without registration under the SEC Act. According to the letter, the SEC relied upon the company’s counsel’s opinion, which assured that consumers are purchasing the tokens solely for prepaid “air charter services and not for investment purposes or with an expectation to earn a profit,” in determining that the “tokens” were not securities. Additionally, the SEC’s relief considered numerous other factors such as: (i) the platform for conducting the sale of the tokens will “be fully developed and operational” at the time any tokens are sold and funds derived from token sales will not be used to develop the platform; (ii) consumers will be able to immediately use the tokens for their intended functionality (i.e., to purchase air charter services) at the time of sale; (iii) the company will restrict the transfer of tokens to company wallets only and not to external wallets; (iv) the tokens will be sold for one dollar to be used solely on the platform to purchase air charter services, and will be treated as having a value of one dollar; (v) if the company offers to repurchase tokens, it will do so at a discount to the face value of the tokens that the holder seeks to resell to the company, unless a court orders the company to liquidate the tokens; and (vi) the tokens will not be marketed in such a way that there is a perceived potential for an increase in the token’s market value.
On December 10, the CFPB released a new proposed policy on No-Action Letters (NAL) and a new federal product sandbox. The new NAL proposal, which would replace the 2016 NAL policy, is “designed to increase the utilization of the Policy and bring certain elements more in line with similar no-action letter programs offered by other agencies.” The proposal consists of six sections. Highlights include:
- Description of No-Action Letters. The letter would indicate to the applicant, that subject to good faith, substantial compliance with the terms of the letter, the Bureau would not bring a supervisory or enforcement action against the recipient for offering or providing the described aspects of the product or service covered by the letter.
- Submitting Applications. The proposal includes a description of the items an application should contain and invites applications from trade associations on behalf of their members, and from service providers and other third parties on behalf of their existing or prospective clients.
- Assessment of Applications. The Bureau intends to grant or deny an application within 60 days of notifying the applicant that the application is deemed complete.
- Issuing No-Action Letters. NALs will be signed by the Assistant Director of the Office of Innovation or other members in the office, and will be duly authorized by the Bureau. The Bureau may revoke a NAL in whole or in part, but before the Bureau revokes a NAL, recipients will have an opportunity to cure a compliance failure within a reasonable period.
- Regulatory Coordination. In order to satisfy the coordination requirements under Dodd-Frank, the Bureau notes it is interested in partnering with state authorities that issue similar forms of no-action relief in order to provide state applicants an alternative means of also receiving a letter from the Bureau.
- Disclosure of Information. The Bureau intends to publish NALs on its website and in some cases, a version or summary of the application. The Bureau may also publish denials and an explanation of why the application was denied. The policy notes that disclosure of information is governed by the Dodd-Frank Act, FOIA and the Bureau’s rule on Disclosure of Records and Information, which generally would prohibit the Bureau from disclosing confidential information.
Notable changes from the 2016 NAL policy include, (i) NALs no longer have a temporal duration—under the new proposal, there is no temporal limitation except in instances of revocation; (ii) applicants are no longer are required to commit to sharing data about the product or service covered by the application; and (iii) the letters are no longer staff recommendations, but issued by authorized officials in the Bureau to provide recipients greater assurance of the relief.
The proposal also introduces the Bureau’s “Product Sandbox,” which offers substantially the same relief as the NAL proposal but also includes: (i) approvals under one or more of three statutory safe harbor provisions of TILA, ECOA, or the EFTA; and (ii) exemptions by order from statutory provisions of ECOA, HOEPA, and FDIA, or regulatory provisions that do not mirror statutory provisions under rulemaking authority. The proposal notes that two years is the expected duration for participation in the Sandbox, but similar to the no-action relief above, the no-action relief from the Sandbox program can be of unlimited duration—if approved under the sandbox program, “the recipient would be immune from enforcement actions by any Federal or State authorities, as well as from lawsuits brought by private parties.”
Comments on the proposals are due within 60 days of publication in the Federal Register.
- Hank Asbill to discuss "The federal fraud sentencing guidelines: It's time to stop the madness" at a New York Criminal Bar Association webinar
- Buckley Webcast: From there to here – Anticipating comparative redlining claims
- Daniel P Stipano to moderate "Digital identity: The next gen of CIP" at the American Bankers Association/American Bar Association Financial Crimes Enforcement Conference
- Buckley Webcast: New sheriff in town – AML and sanctions under the new administration
- Tim Lange to discuss "Impact of Covid-19 on your business" at the California Mortgage Bankers Association Legal Issues & Regulatory Compliance Conference