Two Democratic Senators have sent a letter to CFPB Director Kraninger and Education Secretary DeVos asking the regulators to explain what roadblocks are preventing the CFPB and ED from entering into a new memorandum of understanding to replace the MOU between the agencies that the ED terminated in 2017.

In their letter, the Senators indicated that the agencies have disagreed about the reason for the MOU’s termination and have provided conflicting information to Congress regarding the CFPB’s efforts to reestablish the MOU.  With regard to why the MOU was terminated, the Senators referenced written responses submitted by an ED representative for the record of a Senate hearing.  In the responses, the ED indicated that the primary reason for the termination was that the CFPB stopped sending complaints about federal student loans to the ED.  The Senators cited statements from former Director Cordray and Director Kraninger that were inconsistent with the ED’s claim that the CFPB was not sending complaints to the ED.

With regard to the CFPB’s efforts to reestablish the MOU, the Senators referenced a letter sent by Director Kraninger to Senator Elizabeth Warren in April 2019 in which Director Kraninger noted that the Bureau is statutorily mandated to have an MOU with the ED and called it “a priority for us at the Bureau to make progress on a new MOU.”  They once again referenced the written responses submitted by an ED representative for the record of a Senate hearing to show conflicting information from the ED, specifically the ED’s statement that the CFPB had not formally attempted to reestablish an MOU.

The Senators asked the CFPB and ED to provide a written explanation of: the basis for the MOU’s termination; whether there has been an attempt to reestablish the MOU; what issues still need to be resolved to reestablish the MOU; and an expected timeline for reestablishing the MOU.  The Senators strongly encouraged the agencies “to reestablish the MOU immediately.”




The Social Security Administration (SSA) has announced the development of a portal that would allow financial institutions to join a planned real-time electronic system for verifying the identity of credit applicants.  The new Consent Based Social Security Number (SSN) Verification (eCBSV) service will be an important tool in the fight against identity theft and other financial crimes.

SSA has traditionally been resistant to the idea that SSNs should serve as the nation’s universal personal identifier.  However, the Economic Growth, Regulatory Relief and Consumer Protection Act, which was signed into law last year, directed the SSA to develop a database for accepting and comparing fraud data that is submitted electronically by financial institutions, or those financial institutions’ service providers, subsidiaries, affiliates, agents, subcontractors, or assignees.

Financial institutions must first obtain consumers’ signed consent to verify their identities, but under the eCBSV service, such signatures may be electronic, if compliant with ESIGN, rather than wet signatures.  This will be a major shift away from the SSA’s prior time-consuming approach that required handwritten consent from consumers for financial institutions to confirm the consumers’ identities using SSA records.

SSA has set a deadline of July 31st for financial institutions to apply to join the eCBSV service during the initial enrollment period of the program.  For the initial rollout, SSA will select a limited number of permitted entities, based upon the earliest date and time of the receipt by SSA of a fully completed application.  The service will be made available to the selected number of applicants in June 2020.  Thereafter, the number of users will be expanded within six months.

Any financial institution that submits a valid application prior to the close of the stated deadline, but is not selected for the initial rollout, will have an opportunity to re-submit a full application and user agreement for the later expanded rollout.  However, any financial institution that does not submit a valid application before the deadline, will not have the opportunity to apply for the expanded rollout in late 2020, and must wait until the next open enrollment period, which could be as long as a two-year wait.  Financial institutions unable to participate in the new program must continue to rely on the existing paper-based system, which can delay credit decisions.

Two bills relevant to consumer finance have been passed by the New York Assembly and Senate and are awaiting Governor Cuomo’s signature.

The first bill, S3704, would amend New York’s plain language requirement to extend its application to consumer contracts involving up to $250,000.  The requirement currently does not apply to consumer contracts involving more than $100,000.  The law covers residential leases, leases of personal property to be used primarily for personal, family or household purposes or agreements to which a consumer is a party and the money, property or service which is the subject of the transaction is primarily for personal, family or household purposes.  Agreements for covered transactions must be written in a clear and coherent manner using words with common and every day meanings and appropriately divided and captioned by its various sections.  Violations of the law can result in actual damages plus a $50 penalty, with the total class action penalty limited to $10,000.

The second bill, S2302, would prohibit consumer reporting agencies from using information about the members of a consumer’s social network to  or reporting creditworthiness information about their social network.  It would define the term “members of a consumer’s social network” as “a group of individuals authorized by a consumer to be part of his or her social media communications and network.”  It would provide that a consumer reporting agency cannot “collect, evaluate, report, or maintain [in a consumer’s file] the credit worthiness, credit standing or credit capacity of members of the consumer’s social network for purposes of determining the credit worthiness of the consumer; the average credit worthiness, credit standing or credit capacity of the consumer’s social network; or any group score that is not the consumer’s own credit worthiness, credit standing or credit capacity.”



The CFPB has issued a new report on tradelines reported by third-party debt collectors as reflected on credit reports compiled by nationwide consumer reporting agencies.  The third-party collector tradelines consist of those reported by debt buyers and those reported by non-buyers (i.e. where the debt is still owned by the original creditor).  A single debt collections firm may collect on both debts it owns and debts that others own. The report is based on information from the CFPB’s Consumer Credit Panel, which is described as “a longitudinal, nationally representative sample of approximately five million de-identified credit records” from one of the three national CRAs for the period Q2 2004 through Q2 2018.

Key findings based on the sample include the following:

  • As of Q2 2018, over one in four consumers had a third-party collections tradeline on their credit file.
  • While buyer tradelines never exceeded more than 25 percent of the total third-party collections tradelines, the number of buyer tradelines reported in Q2 2018 was 75 percent higher than the Q2 2004 level while the number of non-buyer tradelines reported in Q2 2018 was 11 percent higher than the Q2 2004 level.
  • The number of unique total third-party collections tradeline furnishers peaked at 2,298 in 2005 and then fell 61 percent to 898 in 2018.
  • There is a marked difference in the types of third-party collections tradelines reported by buyers as compared to non-buyers.  Buyer tradelines primarily reported banking, retail, and financial debt while about two-thirds of non-buyer tradelines reported medical debt in Q2 2018.
  • In Q2 2018, more than half of total third-party collections tradelines were for medical debt and 78 percent of total third-party collections tradelines were for either medical, telecommunications, or utilities debt.
  • While the number of buyer tradelines showed the instance of a consumer disagreement with a completed FCRA investigation was small in absolute terms, the incidence of such disagreements in Q2 2018 was triple the incidence of such disagreements submitted in Q2 2012, with most of the increase attributable to buyer tradelines with a disagreement.

Given the CFPB’s finding that as of Q2 2018 over one in four consumers in the sample had a third-party collections tradeline on their credit file, there is unlikely to be any substantial retreat by the CFPB from its proposed debt collection rules.  However, as we discussed in our recent podcast, the challenges collectors would face in complying with both the proposed FDCPA dispute rules (that are part of the CFPB’s proposed debt collection rules) and the current FCRA dispute process could cause collectors to reassess whether to continue furnishing information to CRAs.  The need for the CFPB to address these challenges is particularly important given that the CFPB’s report shows that there has already been a steep decline in the number of collectors furnishing third-party collections tradelines.

In addition, the CFPB data indicating that in Q2 2018 more than half of total third-party collections tradelines were for medical debt could serve as ammunition for efforts to amend the FCRA to impose restrictions on the reporting of information about medical debts as well as state efforts to further regulate the collection of medical debt such as the new requirements recently enacted in Washington.


The CFPB has issued an update to its 2016 advisory that contained recommendations for banks and credit unions on how to prevent, recognize, report, and respond to financial exploitation of older Americans.

The 2016 advisory’s recommendations addressed six categories, one of which was the reporting of suspected elder financial exploitation (EFE) to relevant federal, state, and local authorities.  This category is the focus of the update, which “reiterates key recommendations regarding reporting from the [2016 advisory] because many financial institutions remain unsure of whether to report suspected financial exploitation due to privacy concerns.”

Specifically, in the update, the CFPB “reiterates its 2016 recommendation that financial institutions report suspected EFE to all appropriate local, state, or federal responders, regardless of whether reporting is mandatory or voluntary under state or federal law.”  As did the 2016 advisory, the update references the guidance issued in 2013 by the CFPB and seven other financial regulators to clarify that financial institutions are generally able to report suspected EFE to the appropriate authorities without violating federal privacy laws.  In addition to reiterating key recommendations in the 2016 advisory, the update “provides new information on reporting based on federal and state legislative changes.”

The information in the update includes the following:

  • The CFPB notes that when its 2016 advisory was issued, about half of the states required financial institutions or a subset of financial professionals to report suspected EFE to adult protective services (APS), law enforcement or both. The update includes a chart identifying mandatory state EFE reporting requirements and notes that since the 2016 advisory was issued, Ohio adopted such a requirement.
  • The CFPB notes that several states include depository institutions among the institutions and qualified individuals that are allowed by state law to delay disbursement of funds when there is suspected EFE.  The update includes a chart identifying state statutes that authorize transaction holds related to EFE
  • The CFPB discusses the federal Senior Safe Act which became effective in June 2018 and provides that financial institutions are not liable for disclosing suspected EFE to covered agencies if the institution has trained its employees on identifying EFE.  It also discusses the CFPB’s 2019 analysis of Suspicious Activity Reports (SARs) and reiterates its 2016 recommendation that financial institutions file SARs when they suspect EFE.
  • In the 2016 advisory, the CFPB recommended that financial institutions expedite documentation requests and provide financial records at no charge to APS, law enforcement, or other investigatory agencies in EFE cases.  The update discusses state laws that require or permit financial institutions to produce records relevant to suspected EFE to APS, law enforcement, or investigatory agencies when requested and contains a chart identifying state statutes involving the disclosure of financial records related to EFE.

When the 2016 advisory was issued, the CFPB indicated its recommendations were not issued as “guidance” or otherwise framed as requirements but represented the CFPB’s expectations for “best practices.”  In the update, the CFPB continues to refer to the recommendations as “voluntary best practices to assist financial institutions” and states that they all “remain vital today.”

Elder financial abuse prevention can be viewed to fall within a financial institution’s general obligation to limit unauthorized use of customer accounts as well as its general privacy and data security responsibilities.  As a result, a financial institution that fails to implement a robust elder financial abuse prevention program risks becoming the target of a CFPB enforcement action for engaging in unfair, deceptive, or abusive acts or practices.  In addition, given that the CFPB’s new leadership has identified EFE as a priority area, it would not be surprising if CFPB examiners, when examining banks and credit unions subject to CFPB supervision, look at such institutions’ programs for preventing EFE and use the CFPB’s recommendations in evaluating the programs.


On July 15, the Democratic majority of the House Financial Services Committee introduced draft legislation, titled “Keep Big Tech Out Of Finance Act,” targeting Libra, Facebook’s contemplated new digital currency. As a follow up, during her July 17 opening statement before testimony from a Facebook executive, Chairwoman Maxine Waters expressed serious concerns about Libra and asked Facebook to put it on hold.

The draft bill would prohibit large technology companies that “predominately engage[] in the business of offering to the public an online marketplace, an exchange, or a platform for connecting third parties [defined as ‘large platform utilities’]” from “establish[ing], maintain[ing], or operat[ing] a digital asset that is intended to be widely used as medium of exchange, unit of account, store of value, or any other similar function . . . .” See Section 2(b)(1). It would also empower federal financial regulators to assess fines up to $1 million per day for violations of the statute.

The draft bill goes much further, however, than banning large tech companies from offering digital currencies. It also prohibits large platform utilities from being “affiliated” with financial institutions (see Section 2(a)), with “affiliate” having the meaning set forth in the Bank Holding Company Act:

[T]he term “affiliate” means any company that controls, is controlled by, or is under common control with another company.

12 U.S.C § 1841(k). Because large technology companies cannot be, or affiliated with, financial institutions, the draft bill would block them from acquiring banks, getting bank charters, taking deposits, operating exchanges, or acting as investment firms. The definition of “financial institutions” in the draft bill also includes state-licensed money services businesses. See Section 2(f)(8)(P). So the draft legislation appears to prohibit many existing digital wallets and payment products offered by large technology companies (subject to a one-year, wind-down grace period for existing offerings). The same penalties of $1 million per day would apply to prohibited affiliations.

Republicans are expected to oppose the draft bill, but there has been bi-partisan skepticism about and, at times, opposition to Libra and the concept of tech companies offering digital currencies, more generally. We believe the opposition foreshadows other efforts to regulate large technology companies and their offering of financial services.

As previously reported, the U.S. Department of Housing and Urban Development issued Mortgagee Letter 2019-06 in April of 2019 to impose new documentation requirements for down payment assistance provided by government entities to be used in connection with Federal Housing Administration (FHA) insured loans. CBC Mortgage Agency, which is an instrumentality of the Cedar Band of Paiutes Indian American tribe, operates the Chenoa Fund down payment assistance program. The Agency challenged HUD’s action in the U.S. District Court for Utah. According to reports, Judge David Neffer recently granted a preliminary injunction preventing HUD from implementing the requirements.

The requirements originally were scheduled to go into effect for case numbers assigned on or after April 18, 2019, and HUD later extended the effective date to July 23, 2019, as a result of the lawsuit. At the least, the preliminary injunction will further delay HUD’s attempt to implement the new requirements.

In this podcast, we discuss the CFPB’s proposed requirement for a collector to communicate with a debtor before furnishing information about the debt to a consumer reporting agency and proposed prohibition on selling or transferring a debt that is the subject of an identity theft report.  We also look at the challenges collectors would face in complying with both the proposed FDCPA dispute rules and the current FCRA dispute process and the proposal’s implications for the credit reporting system.

Click here to listen to the podcast.

Three more bills dealing with credit reporting were passed on Tuesday by the House Financial Services Committee.  Like the four bills passed by the Committee last week, none of the bills passed yesterday received any Republican votes.

The bills, which are listed below, would make various amendments to the FCRA, including those described below:

  • The “Student Borrower Credit Improvement Act.”  The bill would prohibit a consumer reporting agency (CRA) from providing a consumer report containing any adverse information relating to a delinquent or defaulted private student loan if the borrower has rehabilitated his or her credit by making 9 on-time monthly payments during a 10-month period after the date of the default or delinquency.  The bill includes circumstances, such as being entitled to hazardous or special military duty pay or residing in a declared major disaster area, that would allow a borrower to stop making consecutive monthly payments and be granted a grace period after which the 10-month period resumes, would prohibit the holder of a private student loan from bringing a civil action against a borrower with respect to a delinquent or defaulted loan during the rehabilitation period, and would deem a consumer report to be accurate and complete where the holder of a private student loan furnishes standardized reporting codes to the CRA in connection with loan rehabilitations (that the bill would direct CRAs to develop).
  • The “Clarity in Credit Score Formation Act of 2019.”  The bill would direct the CFPB to establish standards for validating the accuracy and predictive value of scoring models both before their release and at regular intervals thereafter and to conduct a review of credit scoring models at least every 2 years to determine if the use of any particular factors or how certain factors are weighed or considered is inappropriate.  The CFPB would also be directed to conduct a study and issue a report to Congress on the impact of using traditional modeling techniques or alternative modeling techniques to analyze non-traditional data from a consumer report and of including non-traditional data on consumer reports of certain consumers, such as those with no or minimal traditional credit history or who are in traditionally underserved communities or populations, or who are women or members of racial and ethnic minorities.
  • The “Accurate Access to Credit Information Act of 2019.”  The bill would require the nationwide CRAs to jointly develop an online consumer portal landing page that would give consumers unlimited free access to various items and functions such as consumer reports and credit scores, the ability to dispute the accuracy or completeness of consumer report information, and the ability to place and remove a security freeze.  It would also impose an accuracy standard requiring the matching of information in a consumer’s file by a CRA when preparing a consumer report, require CRAs that sell or share information other than through consumer reports to provide a method for a consumer to elect not to have his or her information sold or shared, require the CFPB to establish the position of “Credit Reporting Ombudsman” whose duties would include resolving persistent errors that are not resolved in a timely manner by a CRA and levying fines, impose new requirements on CRAs in connection with reinvestigations, require CRAs to make additional disclosures to consumers, and require the FTC to establish a publicly available registry of CRAs.

As readers of our blog know, our consumer financial services group has been at the forefront of legal developments involving new technologies.  To align with the work that we’ve been doing in the financial technology space and to even better serve our clients in meeting the legal challenges in this rapidly developing landscape, Ballard Spahr has created a cross-disciplinary Fintech team that brings together the firm’s consumer financial services attorneys with lawyers focused on privacy and data security, intellectual property, blockchain and cryptocurrencies, and emerging companies and their investors.  Our Banking and Financial Services and Retail industry groups add further depth and specialized knowledge.

Together, the team provides comprehensive counsel to the Fintech industry—helping clients of all sizes and sophistication with the development, commercialization, and maintenance of technology-driven financial products and services, including all types of lending programs, mobile applications, and payment products and systems.

Should a dispute arise, our litigators have a demonstrated record of success defending financial institutions and technology providers across the United States in class actions, government investigations and enforcement proceedings, arbitrations, and other complex litigation.  James Kim—co-leader of the team—was a senior enforcement attorney at the CFPB, where he worked closely with other regulators and oversaw the Bureau’s first enforcement actions involving mobile payment systems.

Click here for more information about the team and its experience in providing regulatory guidance, advice on product development and transactions, and handling litigation.