Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
D.C. Federal Court Holds FCRA Credit Report Notice Requirements Apply to Auto Dealers Engaging in Third Party Financing Transactions
On May 22, the U.S. District Court for the District of Columbia rejected the National Automobile Dealer's Association's (NADA) challenge to an FTC determination that an automobile dealer that executes a credit contract based on a third party financing source "uses a consumer report" under FCRA, and, thus, must provide prospective buyers with a risk-based pricing notice. National Automobile Dealers Assoc. v. Federal Trade Commission, No. 11-cv-01711, 2012 WL 1854088 (D.D.C. May 22, 2012). A risk-based pricing notice must be provided to buyers who, based upon information contained in their consumer reports, are offered credit at terms materially less favorable than the most favorable terms available to a substantial proportion of consumers. The notice is intended to alert buyers to the existence of negative information in their credit reports to enable them to correct any inaccuracies. The FTC's 2011 amendments to the Fair Credit Risk-Based Pricing Regulations clarified that even in the context of a third-party transactionwhere the auto dealer is not the ultimate source of financing and does not physically obtain a consumer's credit reportthe auto dealer must provide a risk-based pricing notification. According to NADA, the FTCs interpretation placed an unreasonable burden on auto dealers who outsource financing to banks or other entities. NADA also argued that the interpretation was arbitrary and capricious and that it was not entitled to Chevron deference. In its ruling, the court rejected these challenges, stating, among other things, that the FTC's determination was "eminently reasonable" and consistent with the overall regulatory scheme of FCRA because auto dealers are able to obtain credit report information and are best suited to convey that information to consumers. NADA intends to appeal the decision.
On May 8, the FTC announced that it had joined the CFPB and the DOJ to file a brief supporting the constitutionality of the Fair Credit Reporting Act (FCRA). The brief was filed in a lawsuit in the U.S. District Court for the Eastern District of Pennsylvania in which a consumer alleged that a consumer reporting agency (CRA) violated FCRA by reporting on arrest records that were more than seven years’ old. Responding to these allegations, the CRA argued that the Supreme Court’s decision in Sorell v. IMS Health, Inc., 131 S. Ct. 2653 (2011), rendered FCRA’s seven-year limitation unconstitutional under the First Amendment. The federal entities’ brief counters that Sorell does not alter the test for commercial speech restrictions established in Central Hudson Gas and Electric Corp. v. Public Service Commission of New York, 447 U.S. 557 (1980). It goes on to argue that, under this test, the government has a substantial interest in protecting individuals’ privacy and that FCRA protects this interest while accommodating businesses’ competing interest in obtaining complete information about potential borrowers.
On May 7, the U.S. Court of Appeals for the Tenth Circuit published an opinion that a trade group has standing to sue the Attorney General of New Mexico over that state’s credit reporting and identify theft requirements. Consumer Data Industry Assoc. v. King, No. 11-2085, 2012 WL 1573563 (10th Cir. May 7, 2012). In 2010, New Mexico enacted the Fair Credit Reporting and Identity Security Act, which, among other things, requires consumer reporting agencies (CRAs) to oblige a consumer’s request to remove credit report information resulting from identify theft until told otherwise by a court or the requesting consumer. The Consumer Data Industry Association challenged the law on behalf of its members, arguing that the state law is preempted by the federal Fair Credit Reporting Act (FCRA). Under FCRA, a CRA can deny a consumer request to remove information based on identify theft if the CRA reasonably determines that the request is fraudulent or erroneous. The district court held that the CDIA failed to prove redressability and therefore lacked constitutional standing to sue. The Tenth Circuit vacated the district court holding and ordered further proceedings. It found that federal courts consistently have found a case or controversy in suits between private parties subject to enforcement and the state entity responsible for enforcement and that if a plaintiff faces a credible threat of enforcement, redressability is established. Here, the court held, the threat of enforcement faced by the CDIA members is sufficient to provide standing to sue for both injunctive and declaratory relief.
Recently, the U.S. Court of Appeals for the District of Columbia Circuit held that the FTCs interpretation of a Fair Credit Reporting Act (FCRA) provision is not subject to direct review by the federal appeals court. Natl Auto. Dealers Assoc. v. FTC, 670 F.3d 268 (D.C. Cir. 2012). In July 2011, the FTC promulgated a rule to implement changes made by the Dodd-Frank Act to FCRAs risk-based pricing protections. Those protections entitle consumers to a notice when they are offered credit at materially less favorable terms based on information contained in their credit reports. As part of the July 2011 rule, the FTC provided supplementary information that included an interpretation of the scope and applicability of the rule, stating that automobile dealers are subject to the rule, even when dealers rely on third-party financing sources and not directly on credit reports obtained from a consumer reporting agency. The National Association of Automobile Dealers (NADA) filed a petition asking the appeals court to review the FTCs interpretation. NADA concurrently filed a complaint in district court seeking a review of the rule under the Administrative Procedures Act. The appeals court held that direct appellate review of an agency action is only permissible when a statute unambiguously grants such a review. In this case, the direct review provision of the FTC Act is not ambiguous and clearly does not apply to the FCRA interpretation at issue. Under the FTC Act, direct review is only available for challenges to trade regulation rules and substantive amendments thereto. NADA is not challenging a substantive amendment, but rather an interpretation, and in any case the FCRA interpretive statement is not related to a trade regulation rule. Therefore, the appeals court dismissed the petition without prejudice to the parallel district court action.
On February 28, the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC, together with the SEC, the Commissions) jointly issued proposed rules that would require entities subject to the Commissions’ jurisdiction to address identity theft in two ways: (i) financial institutions and creditors would be required to develop and implement a written identity theft prevention program designed to detect, prevent, and mitigate identify theft with either certain existing accounts or opening new accounts, and (ii) credit and debit card issuers subject to the Commissions’ jurisdiction would be required to assess the validity of change-of-address notifications under certain circumstances. Section 1088 of the Dodd-Frank Act transferred authority over certain parts of the Fair Credit Reporting Act from the Federal Trade Commission to the Commissions for entities they regulate. The Commissions’ proposed rules are substantially similar to rules adopted in 2007 by the FTC and other federal financial regulatory agencies that previously were required to adopt such rules. The proposed rules set out the four elements that regulated entities would be required to include in their identify theft prevention programs: (i) identify relevant red flags, (ii) detect the occurrence of red flags, (iii) respond appropriately to the detected red flags, and (iv) periodically update the program to reflect changes in risks to customers or to the safety and soundness of the financial institution or creditor from identity theft. The Commissions issued jointly proposed guidelines in an appendix to the proposed rules to assist regulated entities in formulating and maintaining a Program that would satisfy the proposed rule requirements. The Commissions are accepting comments on the proposal through May 7, 2012.
On February 7, the FTC announced that it had warned three mobile application marketers that their mobile background screening applications may be violating the Fair Credit Reporting Act (FCRA). The FTC described some of the six applications at issue as including criminal record histories, which are a type of information typically used in employment and tenant screening. While the FTC has not made a determination as to whether these firms are violating FCRA, it reminded the companies that if they have reason to believe the mobile applications include information about individuals’ character, reputation, or personal characteristics that is used or expected to be used for purposes such as employment, housing or credit, the marketers and their customers must comply with FCRA. Under FCRA, firms that assemble or evaluate such information to provide to third parties qualify as consumer reporting agencies and are required to (i) take reasonable steps to ensure the user of each report has a “permissible purpose” to use the report, (ii) take reasonable steps to ensure the maximum possible accuracy of the information conveyed in its reports, and (iii) provide users of its reports with information about their obligations under the FCRA.
On February 6, nineteen state attorneys general announced a multi-state settlement with NCO Financial Systems, a debt collection company, to resolve allegations of misleading and deceptive debt collection practices. Under the agreement, the company must set aside $950,000 ($50,000 for each state) for consumer restitution, and will pay $575,000 for state consumer protection enforcement efforts. Restitution will go to consumers who paid the company for debts the consumers did not owe, who overpaid interest, or who overpaid a debt beyond what the company had agreed to settle an account. The company also agreed to (i) comply with the Fair Debt Collection Practices Act, the federal Fair Credit Reporting Act, and all applicable state laws, (ii) notify credit reporting agencies within 30 days of consumer disputes and results of investigations into disputes, (iii) provide notice to consumers about their debt collection rights under federal and state law, and (iv) monitor compliance, create written policies and procedures for handling consumer complaints, and submit periodic compliance reports.
On January 30, the FTC and the DOJ announced that a Michigan-based debt buyer had agreed to pay a $2.5 million civil penalty to settle allegations of misconduct in connection with the company's debt collection activities. The FTC alleged that the debt buyer violated the FTC Act, the Fair Debt Collection Practices Act, and the Fair Credit Reporting Act by, among other things, (i) misrepresenting without substantiation that consumers owed a debt, (ii) failing to disclose that certain time-barred debt did not have to be repaid, (iii) knowingly providing false information to credit reporting agencies, and (iv) failing to investigate disputes raised by credit reporting agencies. In addition to paying the civil penalty, the company must address the failures and misconduct alleged by the FTC. For example, it must inform consumers when a debt is too old to be legally enforceable. Further, the company is prohibited from engaging in certain conduct, such as placing debt on consumer credit reports without notifying the consumer. Concurrent with the announcement, the FTC released a publication to help consumers understand their rights with regard to time-barred debt.
On January 6, the U.S. District Court for the Western District of Oklahoma dismissed the majority of claims brought by two borrowers seeking to represent a class of borrowers against Bank of America Corporation, Bank of America N.A., and BAC Home Loans Servicing, LP (collectively BAC) for alleged wrongful foreclosure practices. Risener v. Bank of Am. Corp., No. 10-1110 (W.D. Okla. Jan 6, 2012). In this case, the borrowers claim that after their original servicer ceased operations, their loan servicing was assigned to BAC and their loan was inaccurately recorded as being in default. According to the borrowers, multiple attempts to prove that the borrowers were not in default were ignored by the defendants. Further, according to the borrowers, BAC Home Loans Servicing, LP, continued to send default notices and threatened to foreclose, refused to verify the borrowers’ default status, and reported false information about borrowers to credit reporting agencies.
As such, the borrowers allege that defendants (i) violated the Fair Debt Collections Practices Act (FDCPA) by using false, deceptive, or misleading representations in the collection of debts and by failing to provide certain required notices; and (ii) violated the Fair Credit Reporting Act (FCRA) by providing false information to credit reporting agencies and by failing to investigate the disputed default loan status. Agreeing with a recent Georgia decision involving a similar fact pattern, the court held that because the borrowers allege their loan was not in default, BAC could not have been “debt collectors” subject to the FDCPA, because the FDCPA requires a loan to be “in default”, not “allegedly in default.” Further, the borrowers do not allege that Bank of America Corporation or Bank of America, N.A. ever attempted to collect a debt and, therefore, regardless of their status as a debt collector, cannot be found in violation of the FDCPA. With regard to the borrowers’ FCRA claims, the court held that the FCRA does not include a cause of action for the act of providing false information but that borrowers’ claims that BAC Home Loans Servicing failed to investigate were sufficiently supported by the allegations in the complaint and therefore could proceed.
- Daniel R. Alonso to moderate an interactive roundtable at the Latin Lawyer and GIR Connect: Anti-Corruption & Investigations Conference
- APPROVED Checkpoint Webcast: You have license renewal questions, we have answers
- Jonice Gray Tucker to discuss “Fintech trends” at the BIHC Network Elevating Black Excellence Regional Summit
- Jeffrey P. Naimon to discuss "Truth in lending” at the American Bar Association National Institute on Consumer Financial Services Basics
- Daniel R. Alonso to discuss anti-money-laundering at FELABAN Spanish-language webinar “Perspective for banks: LAFT, FINCEN, OFAC, Cryptocurrency”
- Daniel R. Alonso to discuss "What’s new in BSA/AML compliance?" at the Institute of International Bankers Regulatory Compliance Seminar
- Marshall T. Bell and John R. Coleman to speak at 2021 AFSA Annual Meeting
- Jon David D. Langlois to discuss "Regulatory update: What you need to know under the new boss; It won’t be the same as the old boss" at the IMN Residential Mortgage Service Rights Forum (East)
- Daniel R. Alonso to discuss internal investigations at the Institute of Internal Auditors of Argentina Spanish-language webinar
- Benjamin B. Klubes to discuss “Creating a Fantastic Workplace Culture”
- John R. Coleman and Amanda R. Lawrence to discuss “Consumer financial services government enforcement actions – The CFPB and beyond” at the Government Investigations & Civil Litigation Institute Annual Meeting
- Jonice Gray Tucker to discuss "Consumer financial services" at the Practising Law Institute Banking Law Institute
- Jonice Gray Tucker to discuss “Regulators always ring twice: Responding to a government request” at ALM Legalweek