InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB lowers most credit card late fees to $8, amending Regulation Z
On March 5, the CFPB announced a final rule that will amend TILA Regulation Z and lower the typical credit card late fees from $30 to $8. According to the final rule, the CFPB determined that the Regulation Z §1026.52(b) $30 discretionary safe harbor for fees (for card issuers that together with their affiliates have at least one million open credit card accounts, i.e., “larger card issuers”) is too high, and therefore “are not consistent with TILA’s statutory requirement that such fees be reasonable [for a] violation.”
For larger card issuers, the final rule will repeal the current safe harbor threshold amount and adopt a late fee safe harbor dollar amount of $8. It also will eliminate late fees for a higher safe harbor dollar amount for repeat violations that occur during the same billing cycle or in one of the next six billing cycles. Larger card issuers will still be able to charge fees above the safe harbor threshold for late fees if they can prove the higher fee is necessary to cover their actual collection costs.
With respect to late fees imposed by larger card issuers, the provision on annual adjustments for the safe harbor dollar amounts (to reflect changes in the consumer price index) will not apply to the $8 safe harbor amount for those late fees. For card issuers that together with their affiliates have fewer than one million open credit card accounts for the entire preceding calendar year (“smaller card issuers”), the safe harbors revised pursuant to the annual adjustments will continue to apply to the late fees imposed by them. The final rule also amended comments and sample forms in Appendix G to revise current examples of late fee amounts to be consistent with the $8 safe harbor amount. Card issuers that meet or exceed the one million open credit card account thresholds, transforming them into larger card issuers, will have 60 days to comply with the requirements of the rule.
Regarding annual adjustments for safe harbor threshold amounts, the rule will adjust safe harbor threshold amounts in §§1026.52(b)(1)(ii)(A) and (B) to $32, and $43 for repeat violations that will occur during the same billing cycle or in one of the next six billing cycles. These two revised threshold amounts will apply to penalty fees other than late fees for all card issuers, as well as late fees imposed by smaller card issuers. The CFPB’s final rule will go into effect 60 days after publication in the Federal Register.
The final rule was highlighted in the White House’s Fact Sheet entitled, “President Biden Announces New Actions to Lower Costs for Americans by Fighting Corporate Rip-Offs,” which announced a new “Strike Force on Unfair and Illegal Pricing” co-chaired by the DOJ and the FTC to strengthen interagency efforts to combat high prices through anti-competitive, unfair, deceptive, or fraudulent business practices.
SBA unveils enhanced Lender Match tool to connect small businesses with lenders
On March 4, the SBA announced the launch of an online tool for small businesses to connect to capital through the SBA’s network of nearly 1,000 approved banks and private lenders. This Lender Match tool was designed to provide users with a more effective and user-friendly interface, including a mobile-friendly interface that allows small business entrepreneurs and enterprises seeking to grow businesses to more easily identify and compare potential lenders. The tool also included fraud-screening measures to ensure a smoother process for both parties. Small businesses that are unable to find a match through the tool will be directed to the SBA’s local advisors for additional support in becoming “capital-ready.” The SBA hopes to facilitate more connections for entrepreneurs looking for various financing options through the enhanced Lender Match platform including microloans and growth capital with competitive terms.
NIST releases cybersecurity framework 2.0 with tailored guidance
On February 26, the National Institute of Standards and Technology (NIST) finalized its Cybersecurity Framework (CSF), a document on guidance for reducing cybersecurity risk. After releasing the draft proposal last August for Cybersecurity Framework Version 2.0 which was updated to help organizations understand and reduce cybersecurity risks (covered by InfoBytes here), and considering public comments, NIST “expanded the CSF’s core guidance and developed related resources to provide different audiences with tailored pathways into the CSF and make the framework easier to put into action.”
According to NIST’s press release, the revised framework acknowledges that organizations will approach the CSF with different requirements and levels of proficiency in cybersecurity tool implementation. Novice users would benefit from the experiences of others and choose relevant implementation examples and quick-start guides tailored for specific user categories, including small businesses, enterprise risk managers, and organizations focused on securing supply chains. “NIST plans to continue enhancing its resources and making the CSF an even more helpful resource to a broader set of users… and feedback from the community will be crucial.”
FHLBanks’ net income skyrockets in 2023 due to high volume of advances
Recently, the FHFA released its annual combined operating highlights for 2023 which were prepared from the unaudited financial statements of the Federal Home Loan Bank system (FHLBank). Administered by the FHFA, the FHLBank system was created to provide lending institutions with liquidity. In 2023, FHLBanks' annual net income grew from $3.16 billion to $6.69 billion—a 111 percent increase—while advances increased from $13.2 billion to $48.5 billion, representing a 266 percent increase. This change in pace was due in part to the stresses placed on banking and financial markets in March 2023. The operating highlights follow FHFA’s comprehensive report on the FHLBank system published in late 2023, previously covered by InfoBytes here. More information on the FHFA’s operating statements can be found in its 8-K filing with the SEC.
FHFA announces updates for implementation of GSE credit score requirements
On February 29, FHFA announced updates related to the implementation of new credit score requirements for single-family loans acquired by Freddie Mac and Fannie Mae (GSEs). As previously covered by InfoBytes, FHFA released a two-phase plan for soliciting stakeholder input on the agency’s proposed process for updating credit score requirements. The new process, called the FICO 10T model, will, among other things, require two credit reports (a “bi-merge” credit report) from the national consumer reporting agencies, rather than the traditional three (covered by InfoBytes here). After considering stakeholder input, FHFA expects to transition from the Classic FICO credit score model to the bi-merge credit reporting requirement in Q1 2025. The GSEs will also move up the publication of VantageScore 4.0 historical data to Q3 2024 “to better support market participants” and provide pertinent historical data before the transition. FHFA will provide more details on the timing for FICO 10T implementation once this initial process is complete.
CFPB warns lead generators, digital comparison-shopping tool operators of potential CFPA violations
On February 29, the CFPB issued a circular to law enforcement agencies and regulators explaining how operators of digital comparison-shopping tools or lead generators can potentially violate the CFPA’s prohibition on abusive acts or practices by steering consumers towards options that best serve the operator or the lead generator. The circular further discussed “how law enforcement agencies and regulators can evaluate operators of comparison-shopping tools… to manipulate results” to appease consumer preferences.
The Bureau explained that while consumers often use these tools to research, compare, and select financial products, some intermediaries also functioned as lead generators that sold consumer information to lenders. These intermediaries may have received compensation, the CFPB said, often termed as “bounties,” from financial providers for preferential treatment or lead generation. The circular recognized that operators of these tools may have engaged in commercial arrangements with financial providers and may have received compensation based on user actions or bids.
The CFPB stated that both digital comparison-shopping tool operators and lead generators can qualify as “covered persons” under CFPA section 1031(d)(2)(C) which prohibits them from engaging in unfair, deceptive, or abusive acts or practices, particularly those that “take unreasonable advantage” of consumers so they may act in the “covered person’s” best interests. The circular outlined elements of CFPA Section 1031(d)(2)(C) and applied the elements including reasonable reliance by consumers on covered entities to act in their interests, to an evaluation of the operator or lead generator activities. Notably, the circular warned that reasonable consumer reliance could be created based on the representations of the tool operator or lead generator, as well as implicit or explicit communications. Further, the Bureau added that steering consumers towards certain products or providers for the financial benefit of the operator or lead generator, rather than consumer interest, constituted unreasonable advantage-taking.
Finally, the circular included a non-exhaustive list of examples of preferencing or steering arrangements and advised law enforcement agencies and regulators to scrutinize bounty or bidding schemes and decision-making processes to identify abusive conduct.
White House orders DOJ and CFPB to better protect citizens’ sensitive personal data
On March 1, the White House released Executive Order 14117 (E.O.) titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern” to issue safeguards against Americans’ private information. The E.O. was preceded by the White House’s Fact Sheet which included provisions to protect Americans’ data on their genomic and biometric information, personal health, geolocation, finances, among others. The E.O. shared how this data can be used by nefarious actors such as foreign intelligence services or companies and could enable privacy violations. Under the E.O., President Biden ordered several agencies to act but primarily called on the DOJ. The president directed the DOJ to issue regulations on protecting Americans’ data from being exploited by certain countries. The White House also directed the DOJ to issue regulations to protect government-related data, specifically citing protections for geolocation information and information about military members. Lastly, the DOJ was directed to work with DHS to prevent certain countries’ access to citizens’ data through commercial means and the CFPB was encouraged to “[take] steps, consistent with CFPB’s existing legal authorities, to protect Americans from data brokers that are illegally assembling and selling extremely sensitive data, including that of U.S. military personnel.”
A few days before, the DOJ released its fact sheet detailing its proposals to implement the White House’s E.O., focusing on national security risks and data security. The fact sheet highlighted that our current laws leave open lawful access to vast amounts of Americans’ sensitive personal data that may be purchased and accessed through commercial relationships. In response to the E.O., the DOJ plans to release future regulations “addressing transactions that involve [Americans’] bulk sensitive data” that pose a risk of access by countries of concern. The countries of concern include China (including Hong Kong and Macau), Russia, Iran, North Korea, Cuba, and Venezuela. The DOJ will also release its Advance Notice of Proposed Rulemaking (ANPRM) to provide details of the proposal(s) and to solicit comments.
Fed’s Bowman speaks on current trends in banking regulation
On February 27, Michelle Bowman, a member of the Federal Reserve Board of Governors, gave a speech reflecting on the state of the broader U.S. economy and banking regulation in Tampa, Florida. Bowman highlighted the need for the Fed to focus on “efficiency in how we deliver on our safety and soundness goals.” On capital reform, Bowman noted that since the closure of the comment period for the Basel III “Endgame” reforms, the federal banking agencies have been reviewing the feedback and identifying areas of concern: she hopes that the agencies will take this opportunity to revise the proposal in a way that addresses the concerns raised by the public. After voicing her non-support for the recently adopted Community Reinvestment Act (CRA) final rule, Bowman shared that while the new rule provided some positive changes, the changes are still “unnecessarily complex, overly prescriptive,” and have greater costs than benefits. Bowman highlighted that the final rule treats a wide range of community banks with more than $2 billion in assets as “large banks, and would have resulted in a “nearly tenfold increase in banks with a ‘Need to Improve’ CRA rating” if applied to the period from 2018 to 2020. On Regulation II and debit card interchange fees, Bowman noted that the comment period has been extended until May 12, adding that the proposed permanent decrease in debit card interchange fees will have “consequences for banks of all sizes.” Bowman ended with discussion on bank mergers, climate change, and liquidity.
VA issues circular to address loan holder fees on assuming a VA-guaranteed loan
On February 26, the Department of Veterans Affairs published a circular to address assumption fees, specifically permitting a loan holder to charge an additional assumption-related fee based on the location of the relevant property when the assumption of a VA-guaranteed loan closes. This additional fee is in addition to the previously permitted assumption fees which must be less than $300 for loan holders with maximum authority or $250 for loan holders without automatic authority. The VA set the amount of the additional assumption fee allowed in Exhibit A to the circular, which can be found here.
FTC takes action against tax prep company for alleged unfair and deceptive practices
On February 23, the FTC announced an action against a tax preparation company for alleged unfair and deceptive acts and practices related to the sale of tax preparation products and services. The FTC alleged in its redacted administrative complaint that the defendant unfairly pushed consumers into paying for more expensive tax preparation products. The FTC further alleged the company made it unnecessarily difficult to downgrade the consumer’s tax preparation plan, both by requiring the consumer to first speak with a representative and by requiring the consumer to re-input the data if the consumer chooses to downgrade to the lower-priced product. The FTC also stated that the company’s upgrade policy, in contrast, is notably simple compared to its downgrade policy, and consumers’ “data seamlessly moves to the more expensive product instantly.” The FTC also claimed that the company’s “file for free” advertisements are deceptive because not all consumers’ tax situations are eligible for the free service.
This action follows the FTC’s action against another tax preparation software provider last month (covered by InfoBytes here).