Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On July 7, the Colorado governor signed SB 21-190 to create the Colorado Privacy Act (CPA) and establish a framework for personal data privacy rights. Colorado now joins Virginia and California as the third state in the nation to enact comprehensive consumer privacy laws. In 2018, California became the first state to put in place significant consumer data privacy measures under the California Consumer Privacy Act (covered by a Buckley Special Alert), and earlier this year in March, Virginia enacted the Consumer Data Protection Act (covered by InfoBytes here).
Highlights of the CPA include:
Special Alert: CFPB specifies pandemic foreclosure protections and signals tight supervision and enforcement around servicer efforts
The Consumer Financial Protection Bureau’s Covid-relief mortgage servicing rule issued yesterday steered away from a nationwide foreclosure freeze as initially proposed, instead creating heightened protections for those borrowers who became seriously delinquent during the pandemic. The distinction may not prove to be a game-changer for servicers, however, which will be obligated to carefully document outreach efforts and decisions to advance borrowers into foreclosure — with little margin for error.
The bureau’s final rule, which takes effect Aug. 31, obligates a servicer to continue specifying, with substantial detail, any loss mitigation options that may help the borrower resolve their delinquency. It also largely preserves the proposed streamline modification option on the basis of an incomplete loss mitigation application, although most servicers already have been offering many of these modifications since the early days of the pandemic.
Special Alert: CFPB proposes to halt foreclosure starts from August 31 until 2022 and create new loss mitigation requirements for servicers
The Consumer Financial Protection Bureau on Monday issued a proposal that would broadly halt foreclosure initiations on principal residences from August 31, 2021 until 2022, and change servicing rules to promote consumer awareness and processing of Covid-relief loss mitigation options. Although the proposal would give servicers some flexibility in streamlining the modification process, most already have been offering many of these types of modifications since the early days of the pandemic. The proposal also would create new and detailed obligations for communicating with borrowers to ensure they are aware of their loss mitigation options for pandemic-related hardships.
The CFPB indicated that a final rule implementing the proposal will take effect Aug. 31 — a tight timeline to address public comments, which are due May 10. The proposal comes as the housing market is strengthening, loans in Covid-related forbearance are dropping, the unemployment rate is ticking down, and the nation’s vaccination program is gathering momentum.
Restrictions on foreclosure initiation through Dec. 31 for principal residences
The CFPB proposes prohibiting servicers from making the first notice or filing for foreclosure from the effective date on Aug. 31, 2021 until after Dec. 31, 2021, on all principal residences, regardless of whether the loan default was related in any way to the Covid-19 pandemic. Regulation X currently requires a servicer to generally refrain from making the first notice or filing to initiate foreclosure until the borrower reaches the 120th day of delinquency. Although the CFPB has previously taken the position that a borrower generally is not obligated to make a lump sum payment upon expiration of the forbearance period (See for example: Slides - Housing Counseling Webinar Forbearance Options and Resources - March 22, 2021 (hudexchange.info)), the proposal acknowledges that borrowers who enter forbearance programs and do not make payments during the forbearance period become increasingly delinquent on their mortgage obligation. As a result, without additional action, servicers likely would have a right under Regulation X to initiate foreclosure in the event a borrower comes off of a forbearance plan and does not cure the delinquency through reinstatement, deferral, or some other loss mitigation alternative to foreclosure. The proposal said a temporary foreclosure prohibition would address this concern.
The CFPB indicated it is considering creating exemptions from this restriction that would allow for the commencement of foreclosure proceedings if the borrower is not eligible for any nonforeclosure loss mitigation options or has failed to respond to servicer outreach.
It is possible that loan investors who had expected to instruct servicers to foreclose on defaulted loans will raise a legal challenge to the broad proposed foreclosure restriction, which appears to be principally based upon the CFPB’s authority to issue regulations creating mortgage servicer obligations as “appropriate to carry out [the Real Estate Settlement Procedures Act’s] consumer protection purposes.” It is an open question whether a blanket prohibition on foreclosures — including those unrelated to the pandemic — and applicable to all mortgage servicers is within the CFPB’s statutory authority under RESPA or the Dodd-Frank Act
Modifications based on evaluation of an incomplete loss mitigation application
The proposal also would allow servicers to offer borrowers with a Covid-19 related hardship a loan modification based on an incomplete application, as long as the modification met the following criteria:
- Term and payment limitations: The modification may not cause the borrower’s principal and interest payment to increase and may not extend the term of the loan by more than 480 months from the date of the modification.
- Non-interest-bearing deferred amounts: Any amounts that the borrower may delay paying until the loan is refinanced, the property is sold, or the loan modification matures, must not accrue interest.
- Fee restrictions: No fees may be charged for the loan modification and all existing late charges, penalties, stop-payment fees, and similar charges must be waived upon acceptance (the CFPB said it was aware that certain agencies, including the Federal Housing Administration, only require waiver of fees incurred after the beginning of the pandemic, and that such modifications would not fall within this safe harbor).
- Covid-related hardship: The loan modification is made available to borrowers experiencing a Covid-19-related hardship, which is very broadly defined in the regulation as “a financial hardship due, directly or indirectly, to the Covid-19 emergency.”
- Delinquency cure: The modification must be designed to end any preexisting delinquency.
Interestingly, investors and agencies have largely eliminated documentation requirements in response to the pandemic, and servicers have been successfully offering streamlined loan modifications under Regulation X’s current requirements. The lack of documentation requirements has seemingly blurred the lines of what constitutes a complete loss mitigation application.
Additional borrower outreach required
The proposed rule would require servicers, for one year after the effective date, to give borrowers Covid-forbearance-related information regarding the current Regulation X early intervention requirements, as follows:
- For borrowers not currently in forbearance, when live contact is made with the borrower, and the investor makes available to that borrower a Covid--related forbearance program, the servicer must inquire whether the borrower has a Covid-related hardship, then list and briefly describe available programs and actions the borrower must take to be evaluated for them. The CFPB noted that this could include listing federal, state, and/or investor-specific options.
- If the borrower is on forbearance, during the last live contact made pursuant to the early intervention rules prior to the program’s expiration, the servicer must inform the borrower of the date on which the current forbearance period ends and each type of post-forbearance option that is available to the borrower to resolve the post-forbearance delinquency, along with the actions that must be taken to be evaluated for such options. Importantly, this list would include all available loss mitigation options—not simply Covid-specific options.
The proposed rule would also require a servicer to contact the borrower no later than 30 days before the end of the forbearance period to determine if the borrower wishes to complete the loss mitigation application and proceed with a full loss mitigation evaluation. If the borrower requests further assistance, the servicer must exercise reasonable diligence to complete the application before the end of the forbearance program period.
The compliance requirements the proposal contemplates seems likely to present additional complexity and liability for mortgage servicers as they gear up to address the upcoming wave of delinquent borrowers who will be coming out of Covid-related forbearances.
If you have any questions regarding the CFPB’s proposal, please visit our Mortgages practice page or our Covid-19 Legal Resources & Capabilities page or contact a Buckley attorney with whom you have worked in the past.
On April 1, the United States Supreme Court issued its long-awaited opinion in Facebook Inc. v. Duguid. The 9-0 decision narrows the definition of what type of equipment qualifies as an autodialer under the Telephone Consumer Protection Act (TCPA), a federal statute that generally prohibits calls or texts placed by autodialers without the prior express consent of the called party.
The TCPA defines an autodialer as equipment with the capacity both “to store or produce telephone numbers to be called, using a random or sequential number generator,” and to dial those numbers. The question before the Supreme Court in Facebook was whether that definition encompasses equipment that can “store” and dial telephone numbers, even if the device does not use “a random or sequential number generator.” The Court held it does not. Rather, to qualify as an “automatic telephone dialing system,” the Court held that a device must have the capacity either to store or produce a telephone number using a random or sequential generator. In other words, the modifier “using a random or sequential number generator” applied to both terms “store” and “produce.”
In 2014, Noah Duguid received text messages from Facebook alerting him that someone attempted to access his Facebook account. However, Duguid alleged that he never provided Facebook his phone number and did not have a Facebook account.
Duguid was unable to stop the notifications and eventually brought a putative class action against Facebook, alleging that Facebook violated the TCPA by maintaining technology that stored phone numbers, and sent automated texts to those numbers each time the associated account was accessed by an unrecognized device or web browser.
The U.S. District Court for the Northern District of California dismissed Duguid’s amended complaint with prejudice, but the Ninth Circuit reversed, finding Duguid stated a claim under the TCPA by alleging Facebook’s notification system automatically dialed stored numbers. The Ninth Circuit held that an autodialer as defined under the TCPA, need not have the capacity to use a random or sequential number generator, but that it need only have the capacity to store number to be called and to dial those numbers automatically.
The Supreme Court reversed the Ninth Circuit, holding that to “qualify as an ‘automatic telephone dialing system,’ a device must have the capacity either to store a telephone number using a random or sequential generator or to produce a telephone number using a random or sequential number generator.”
In reaching this decision, the Court explained that “expanding the definition of an autodialer to encompass any equipment that merely stores and dials telephone numbers would take a chainsaw” to the nuanced problems Congress sought to address with the TCPA. It further explained that Duguid’s interpretation of an autodialer—the one adopted by the Ninth Circuit—“would capture virtually all modern cell phones, which have the capacity to store telephone numbers to be called” and “dial such numbers.” “TCPA’s liability provisions, then, could affect ordinary cell phone owners in the course of commonplace usage, such as speed dialing or sending automated text message responses.”
And while the Court acknowledged that interpreting the statute in the manner it did may limit its application, the Court reasoned that it “cannot rewrite the TCPA to update it for modern technology,” and that its holding reflected the best reading of the statute.
If you have any questions regarding the Supreme Court’s decision regarding the TCPA, please visit our Class Actions practice page, or contact a Buckley attorney with whom you have worked in the past.
The Consumer Financial Protection Bureau last week released two final rules further defining what types of loans can be a “qualified mortgage loan” for purposes of the bureau’s Ability-to-Repay/Qualified Mortgage Rule (ATR/QM Rule). The General QM Final Rule substantially revamps the general rules defining what constitutes a General QM and removes the existing debt-to-income threshold over which a loan cannot be considered a General QM. The Seasoned QM Final Rule creates a new class of QM that allows certain rebuttable presumption QMs and non-QMs to achieve “safe harbor” QM status three years after origination provided the consumer has strong repayment history.
Importantly, the “GSE Patch,” which provides QM status to loans qualifying for sale to Fannie Mae or Freddie Mac, expires for applications submitted before July 1, 2021, at which point the General QM Rule will take effect (although compliance with both rules is permitted 60 days after publication in the Federal Register).
Special Alert: Federal and state authorities take significant actions to address mortgage servicing concerns
On December 7, the Consumer Financial Protection Bureau, Multi-State Mortgage Committee of state mortgage banking regulators, and every state attorney general took actions against a large nonbank mortgage company for alleged violations pertaining to both mortgage origination and servicing practices that took place largely between January 2012 and December 31, 2015. The Special Inspector General for the Troubled Asset Relief Program also provided assistance as part of the government’s efforts. The settlement will result in approximately $85 million in remediation to consumers, the majority of which has been paid, and $6 million in fees and penalties. The Department of Justice, through its U.S. Trustee Program, also reached settlements with this mortgage company, as well as two national banks, pertaining to alleged violations of the bankruptcy code. Those three bankruptcy settlements will result in approximately $117 million of refunds and credits to impacted borrowers.
On September 14, the Financial Crimes Enforcement Network (FinCEN) issued a final rule to align Bank Secrecy Act (BSA) requirements applicable to most banks with the requirements applicable to banks lacking a “federal functional regulator.” In particular, the final rule will require all non-federally regulated banks — including private banks, non-federally insured credit unions, and certain trust companies — to establish and implement anti-money-laundering (AML) programs and customer identification programs (CIP).
The Department of Housing and Urban Development earlier this month issued a final disparate impact regulation under the Fair Housing Act (Final Rule). HUD’s new Final Rule is intended to align its disparate impact regulation, adopted in 2013 (2013 Rule), with the Supreme Court’s 2015 ruling in Texas Department of Housing and Community Affairs v. Inclusive Communities Project, Inc. (Inclusive Communities). While the new Final Rule is a notable development, the relatively recent Supreme Court decision makes it unclear to what extent courts and federal agencies will look to the rule for guidance.
Special Alert: California’s new consumer financial protection law expands UDAAP and enforcement authority
On Monday, August 31, the California Legislature passed Assembly Bill 1864, which enacts the California Consumer Financial Protection Law (CCFPL) and changes the name of the Department of Business Oversight (DBO) to the Department of Financial Protection and Innovation (DFPI).
- Establishes UDAAP authority for the new DFPI, adding “abusive” to “unfair or deceptive” acts or practices prohibited by California law, and authorizing remedies similar to those provided in the Dodd-Frank Act. The DFPI also has authority to define UDAAPs in connection with the offering or provision of commercial financing (e.g., merchant cash advance, lease financing, factoring) and other financial products or services to small business recipients, nonprofits, and family farms.
On August 18, the Financial Crimes Enforcement Network, which has overall responsibility for administering the Bank Secrecy Act, issued a short statement that, for the first time, publicly outlined its approach to BSA enforcement. Of note, FinCEN indicated that it will not base enforcement actions on an institution’s failure to comply with standards announced solely in a guidance document. Additionally, for the first time, FinCEN listed a nonexhaustive set of factors it will use to determine what enforcement steps should be taken. The statement leaves FinCEN with considerable flexibility in enforcing the BSA, and raises a number of questions for legal and compliance professionals.
The statement will be of most interest to “financial institutions,” which under the BSA include a wide swath of financial services companies, that are not subject to supervision by a federal prudential regulator authorized to enforce compliance with the BSA; most prudential regulators have their own enforcement guidelines, and the federal banking agencies recently issued a joint statement on BSA enforcement. Companies subject to FinCEN’s BSA enforcement authority, particularly those such as money services businesses without federal prudential regulators, may wish to familiarize themselves with FinCEN’s enforcement factors and tailor their compliance efforts accordingly. The statement also provides implicit guidance on what actions institutions should take upon identification of a potential violation.
- Jeffrey P. Naimon to provide “Fair lending update” at the Colorado Mortgage Lenders Association Operational and Compliance Forum
- Jonice Gray Tucker to discuss “Justice for all: Achieving racial equity through fair lending” at CBA Live
- Warren W. Traiger to discuss “On the horizon for CRA modernization” at CBA Live
- Jonice Gray Tucker to discuss "Fair lending" at the Mortgage Bankers Association Regulatory Compliance Conference
- Michelle L. Rogers to discuss “State law regulatory and enforcement trends” at the Mortgage Bankers Association Regulatory Compliance Conference
- Jonice Gray Tucker to discuss “Government investigations, and compliance 2021 trends” at the Corporate Counsel Women of Color Career Strategies Conference
- Max Bonici to discuss “BSA/AML trends: What to expect with the implementation of the AML Act of 2020” at the American Bar Association Banking Law Fall Meeting
- H Joshua Kotin to discuss “Modifications and exiting forbearance” at the National Association of Federal Credit Unions Regulatory Compliance Seminar
- Jonice Gray Tucker to discuss “Fintech trends” at the BIHC Network Elevating Black Excellence Regional Summit
- Jonice Gray Tucker to discuss "Consumer financial services" at the Practising Law Institute Banking Law Institute