The CFPB has issued an update to its 2016 advisory that contained recommendations for banks and credit unions on how to prevent, recognize, report, and respond to financial exploitation of older Americans.

The 2016 advisory’s recommendations addressed six categories, one of which was the reporting of suspected elder financial exploitation (EFE) to relevant federal, state, and local authorities.  This category is the focus of the update, which “reiterates key recommendations regarding reporting from the [2016 advisory] because many financial institutions remain unsure of whether to report suspected financial exploitation due to privacy concerns.”

Specifically, in the update, the CFPB “reiterates its 2016 recommendation that financial institutions report suspected EFE to all appropriate local, state, or federal responders, regardless of whether reporting is mandatory or voluntary under state or federal law.”  As did the 2016 advisory, the update references the guidance issued in 2013 by the CFPB and seven other financial regulators to clarify that financial institutions are generally able to report suspected EFE to the appropriate authorities without violating federal privacy laws.  In addition to reiterating key recommendations in the 2016 advisory, the update “provides new information on reporting based on federal and state legislative changes.”

The information in the update includes the following:

  • The CFPB notes that when its 2016 advisory was issued, about half of the states required financial institutions or a subset of financial professionals to report suspected EFE to adult protective services (APS), law enforcement or both. The update includes a chart identifying mandatory state EFE reporting requirements and notes that since the 2016 advisory was issued, Ohio adopted such a requirement.
  • The CFPB notes that several states include depository institutions among the institutions and qualified individuals that are allowed by state law to delay disbursement of funds when there is suspected EFE.  The update includes a chart identifying state statutes that authorize transaction holds related to EFE
  • The CFPB discusses the federal Senior Safe Act which became effective in June 2018 and provides that financial institutions are not liable for disclosing suspected EFE to covered agencies if the institution has trained its employees on identifying EFE.  It also discusses the CFPB’s 2019 analysis of Suspicious Activity Reports (SARs) and reiterates its 2016 recommendation that financial institutions file SARs when they suspect EFE.
  • In the 2016 advisory, the CFPB recommended that financial institutions expedite documentation requests and provide financial records at no charge to APS, law enforcement, or other investigatory agencies in EFE cases.  The update discusses state laws that require or permit financial institutions to produce records relevant to suspected EFE to APS, law enforcement, or investigatory agencies when requested and contains a chart identifying state statutes involving the disclosure of financial records related to EFE.

When the 2016 advisory was issued, the CFPB indicated its recommendations were not issued as “guidance” or otherwise framed as requirements but represented the CFPB’s expectations for “best practices.”  In the update, the CFPB continues to refer to the recommendations as “voluntary best practices to assist financial institutions” and states that they all “remain vital today.”

Elder financial abuse prevention can be viewed to fall within a financial institution’s general obligation to limit unauthorized use of customer accounts as well as its general privacy and data security responsibilities.  As a result, a financial institution that fails to implement a robust elder financial abuse prevention program risks becoming the target of a CFPB enforcement action for engaging in unfair, deceptive, or abusive acts or practices.  In addition, given that the CFPB’s new leadership has identified EFE as a priority area, it would not be surprising if CFPB examiners, when examining banks and credit unions subject to CFPB supervision, look at such institutions’ programs for preventing EFE and use the CFPB’s recommendations in evaluating the programs.


On July 15, the Democratic majority of the House Financial Services Committee introduced draft legislation, titled “Keep Big Tech Out Of Finance Act,” targeting Libra, Facebook’s contemplated new digital currency. As a follow up, during her July 17 opening statement before testimony from a Facebook executive, Chairwoman Maxine Waters expressed serious concerns about Libra and asked Facebook to put it on hold.

The draft bill would prohibit large technology companies that “predominately engage[] in the business of offering to the public an online marketplace, an exchange, or a platform for connecting third parties [defined as ‘large platform utilities’]” from “establish[ing], maintain[ing], or operat[ing] a digital asset that is intended to be widely used as medium of exchange, unit of account, store of value, or any other similar function . . . .” See Section 2(b)(1). It would also empower federal financial regulators to assess fines up to $1 million per day for violations of the statute.

The draft bill goes much further, however, than banning large tech companies from offering digital currencies. It also prohibits large platform utilities from being “affiliated” with financial institutions (see Section 2(a)), with “affiliate” having the meaning set forth in the Bank Holding Company Act:

[T]he term “affiliate” means any company that controls, is controlled by, or is under common control with another company.

12 U.S.C § 1841(k). Because large technology companies cannot be, or affiliated with, financial institutions, the draft bill would block them from acquiring banks, getting bank charters, taking deposits, operating exchanges, or acting as investment firms. The definition of “financial institutions” in the draft bill also includes state-licensed money services businesses. See Section 2(f)(8)(P). So the draft legislation appears to prohibit many existing digital wallets and payment products offered by large technology companies (subject to a one-year, wind-down grace period for existing offerings). The same penalties of $1 million per day would apply to prohibited affiliations.

Republicans are expected to oppose the draft bill, but there has been bi-partisan skepticism about and, at times, opposition to Libra and the concept of tech companies offering digital currencies, more generally. We believe the opposition foreshadows other efforts to regulate large technology companies and their offering of financial services.

As previously reported, the U.S. Department of Housing and Urban Development issued Mortgagee Letter 2019-06 in April of 2019 to impose new documentation requirements for down payment assistance provided by government entities to be used in connection with Federal Housing Administration (FHA) insured loans. CBC Mortgage Agency, which is an instrumentality of the Cedar Band of Paiutes Indian American tribe, operates the Chenoa Fund down payment assistance program. The Agency challenged HUD’s action in the U.S. District Court for Utah. According to reports, Judge David Neffer recently granted a preliminary injunction preventing HUD from implementing the requirements.

The requirements originally were scheduled to go into effect for case numbers assigned on or after April 18, 2019, and HUD later extended the effective date to July 23, 2019, as a result of the lawsuit. At the least, the preliminary injunction will further delay HUD’s attempt to implement the new requirements.

In this podcast, we discuss the CFPB’s proposed requirement for a collector to communicate with a debtor before furnishing information about the debt to a consumer reporting agency and proposed prohibition on selling or transferring a debt that is the subject of an identity theft report.  We also look at the challenges collectors would face in complying with both the proposed FDCPA dispute rules and the current FCRA dispute process and the proposal’s implications for the credit reporting system.

Click here to listen to the podcast.

Three more bills dealing with credit reporting were passed on Tuesday by the House Financial Services Committee.  Like the four bills passed by the Committee last week, none of the bills passed yesterday received any Republican votes.

The bills, which are listed below, would make various amendments to the FCRA, including those described below:

  • The “Student Borrower Credit Improvement Act.”  The bill would prohibit a consumer reporting agency (CRA) from providing a consumer report containing any adverse information relating to a delinquent or defaulted private student loan if the borrower has rehabilitated his or her credit by making 9 on-time monthly payments during a 10-month period after the date of the default or delinquency.  The bill includes circumstances, such as being entitled to hazardous or special military duty pay or residing in a declared major disaster area, that would allow a borrower to stop making consecutive monthly payments and be granted a grace period after which the 10-month period resumes, would prohibit the holder of a private student loan from bringing a civil action against a borrower with respect to a delinquent or defaulted loan during the rehabilitation period, and would deem a consumer report to be accurate and complete where the holder of a private student loan furnishes standardized reporting codes to the CRA in connection with loan rehabilitations (that the bill would direct CRAs to develop).
  • The “Clarity in Credit Score Formation Act of 2019.”  The bill would direct the CFPB to establish standards for validating the accuracy and predictive value of scoring models both before their release and at regular intervals thereafter and to conduct a review of credit scoring models at least every 2 years to determine if the use of any particular factors or how certain factors are weighed or considered is inappropriate.  The CFPB would also be directed to conduct a study and issue a report to Congress on the impact of using traditional modeling techniques or alternative modeling techniques to analyze non-traditional data from a consumer report and of including non-traditional data on consumer reports of certain consumers, such as those with no or minimal traditional credit history or who are in traditionally underserved communities or populations, or who are women or members of racial and ethnic minorities.
  • The “Accurate Access to Credit Information Act of 2019.”  The bill would require the nationwide CRAs to jointly develop an online consumer portal landing page that would give consumers unlimited free access to various items and functions such as consumer reports and credit scores, the ability to dispute the accuracy or completeness of consumer report information, and the ability to place and remove a security freeze.  It would also impose an accuracy standard requiring the matching of information in a consumer’s file by a CRA when preparing a consumer report, require CRAs that sell or share information other than through consumer reports to provide a method for a consumer to elect not to have his or her information sold or shared, require the CFPB to establish the position of “Credit Reporting Ombudsman” whose duties would include resolving persistent errors that are not resolved in a timely manner by a CRA and levying fines, impose new requirements on CRAs in connection with reinvestigations, require CRAs to make additional disclosures to consumers, and require the FTC to establish a publicly available registry of CRAs.

As readers of our blog know, our consumer financial services group has been at the forefront of legal developments involving new technologies.  To align with the work that we’ve been doing in the financial technology space and to even better serve our clients in meeting the legal challenges in this rapidly developing landscape, Ballard Spahr has created a cross-disciplinary Fintech team that brings together the firm’s consumer financial services attorneys with lawyers focused on privacy and data security, intellectual property, blockchain and cryptocurrencies, and emerging companies and their investors.  Our Banking and Financial Services and Retail industry groups add further depth and specialized knowledge.

Together, the team provides comprehensive counsel to the Fintech industry—helping clients of all sizes and sophistication with the development, commercialization, and maintenance of technology-driven financial products and services, including all types of lending programs, mobile applications, and payment products and systems.

Should a dispute arise, our litigators have a demonstrated record of success defending financial institutions and technology providers across the United States in class actions, government investigations and enforcement proceedings, arbitrations, and other complex litigation.  James Kim—co-leader of the team—was a senior enforcement attorney at the CFPB, where he worked closely with other regulators and oversaw the Bureau’s first enforcement actions involving mobile payment systems.

Click here for more information about the team and its experience in providing regulatory guidance, advice on product development and transactions, and handling litigation.



Four bills dealing with credit reporting were passed last Thursday by the House Financial Services Committee.  While there has been bipartisan support for credit reporting reform, none of the bills received any Republican votes.

The bills, which are listed below, would make various amendments to the FCRA, including those described below:

  • The “Improving Credit Reporting for All Consumers Act” would impose new requirements for conducting reinvestigations of consumer disputes and related standards, require consumer reporting agencies to create a webpage providing information about consumer dispute rights, require furnishers to retain records necessary to substantiate the accuracy and completeness of furnished information, create a right for consumers to appeal the results of a reinvestigation, prohibit automatic renewals of consumer reporting and credit scoring products and services, and require a credit scoring model to treat multiple inquiries for a credit report or credit score made in connection with certain consumer credit products within a 120-period as a single inquiry.
  • The “Restoring Unfairly Impaired Credit and Protecting Consumers Act” would shorten the time period during which adverse information can stay on a consumer report, require the expedited removal of fully paid or settled debts from consumer reports, impose restrictions on the reporting of information about medical debts, require a consumer reporting agency to remove adverse information relating to a private student loan where the CFPB has certified that the borrower has a valid “defraudment claim” with respect to the educational institution or career education program, allow victims of financial abuse to obtain a court order requiring the removal of adverse information, and prohibit a credit scoring model from taking into account in an adverse manner the consumer’s participation in certain credit restoration or rehabilitation programs or the absence of payment history for an existing account resulting from such participation.
  • The “Free Credit Scores for Consumers Act of 2019” would expand the information that must be given to consumers about credit scores, require nationwide consumer reporting agencies to provide a free credit score when providing a free annual consumer report requested by the consumer, and require free consumer reports and credit scores to be provided under certain circumstances.
  • The “Restricting Use of Credit Checks for Employment Decisions Act” would prohibit the use of consumer reports for most employment decisions other than where the person using the report is required by federal, state, or local law to obtain the report or the report is used in connection with a national security investigation.

The House Financial Services Committee is scheduled to mark up more bills dealing with credit reporting today.


There was movement last week on two California bills that we have been tracking closely and which could substantially alter the lending and brokering landscape under the California Financing Law (“CFL”).

On July 9th, AB-539, which proposes to cap interest rates at 36% plus the federal funds rate on CFL loans of $2,500 to $10,000, passed the Senate Committee on Judiciary and was sent to the Appropriations Committee where we believe the bill will be heard around the end of August. If the bill passes the Appropriations Committee, it will move to the Senate Floor.

On July 10th, AB-642 failed to pass the in the Senate Banking and Finance Committee. Minor amendments were made to the bill on July 11th and the bill was re-referred to the Banking and Finance Committee, which is on recess until August 12th. September 13th is the last day for a bill to be passed during in the 2019 year. No date has been set for the rehearing and we are under the impression that the bill is unlikely to advance this year.

AB-642 is described by its drafter as an attempt to modernize the CFL to add a regulatory framework designed to protect persons who use lead generators to obtain installment loans. It would expand the scope of activities that constitute “brokering” under the CFL which would then trigger licensing, disclosure and other substantive requirements. The bill would prohibit the payment of certain referral fees, require brokers to affirmatively obtain express consent from a prospective borrower to act as such person’s broker, and would make entities falling under the newly expanded definition of broker subject to supervision by the California Department of Business Oversight.

The Office of Inspector General for the CFPB (and the Fed) recently issued a report on its evaluation of the Office of Consumer Response’s sharing of complaint data within the CFPB.

As background, the report describes the tools available to Bureau users of complaint data (complaint-sharing tools) to search such data, identify issues, and summarize data, and also describes Consumer Response’s process for approving access to these tools.

Based on its analysis of 2017 data, the OIG found that Supervision, Enforcement, and Fair Lending (SEFL) accounted for the largest portion of complaint-sharing tool users and tool activity, consisting of searches and requests for internal complaint reports.  Based on interviews of 17 SEFL users, the OIG learned that 94 percent of them relied on internal complaint data for their work, with 82 percent reporting use of complaint data for supervisory activities, 59 percent for research, 12 percent to support legal actions, and 6 percent to support preparation of products such as internal memoranda and public reports.

Other OIG findings and related recommendations included the following:

  • While Consumer Response provided robust and effective training on the use of complaint-sharing tools to SEFL users, it provided fewer training opportunities to users in other Divisions, such as those in Research, Markets and Regulations. The OIG recommended that Consumer Response increase its outreach to other Divisions to identify their need for complaint data and develop targeted training.  Consumer Response indicated that such efforts were underway.
  • The OIG found that Consumer Response’s practices for approving access to the complaint-sharing tools, some of which allow access to consumers’ personally identifiable information or other sensitive information, were not aligned with its documented procedures or otherwise raised concerns that access was not being properly restricted. The CFPB’s Information Security Program Policy provides that users of complaint-sharing tools are to be granted only the access privileges needed to perform their job functions and that access privileges should be reviewed at least annually and adjusted as appropriate to prevent unauthorized or unintentional disclosure. The OIG also found that Consumer Response was not regularly assessing whether users needed continued access to complaint-sharing tools.  It recommended that all users of tools that allow access to PII have supervisory approval, other steps be taken by Consumer Response to limit users’ access to data they need to perform their job functions, and documented processes and procedures be established for evaluating whether continued access is needed.  Consumer Response indicated that it had begun taking actions responsive to these recommendations.

Effective July 28, debt collectors licensed in Washington will be subject to new requirements when collecting medical debt.

Substitute House Bill 1531, signed into law by Washington Governor Jay Inslee on April 30, amended the state’s debt collection law that requires debt collectors to be licensed by adding certain substantive requirements along with a definition of “medical debt.”  The amendments define “medical debt” as “any obligation for the payment of money arising out of any agreement or contract, express or implied, for the provision of health care services as defined in RCW 48.44.010.”  Pursuant to RCW 48.44.010(10), “health care services means and includes medical, surgical, dental, chiropractic, hospital, optometric, podiatric, pharmaceutical, ambulance, custodial, mental health, and other therapeutic services.”

When collecting medical debt, licensed collectors will be required to do the following:

  • In the initial written notice to the debtor, include a statement informing the debtor of his or her right to request the original or redacted account number assigned to the debt, the date of the last payment, and an itemization containing specified information, including the name and address of the medical creditor, the date, dates, or date range of service, and the health care services provided as indicated by the provider in a statement provided to the licensee.  All collection efforts must cease until the itemization is provided.
  • Wait at least 180 days after receiving the original obligation for collection or by assignment before reporting adverse information to consumer reporting agencies
  • If the medical debt involves hospital debt, include a statement regarding the debtor’s possible eligibility for charity care from the hospital and hospital contact information and refrain from attempting to collect the debt during the pendency of an application for charity care or an appeal from a final determination of charity care status.

The amendments also limit the annual rate of prejudgment interest that can be charged on medical debt to nine percent and further provide that for any medical debt “for which prejudgment interest has  accrued or may be accruing as of [July 28], no prejudgment interest in excess of nine percent shall accrue thereafter.”