In a recent blog on the Bacchus-Capito letter to CFPB Director Richard Cordray, possible “legislative fixes” to the highly publicized privilege waiver issues involving the Bureau and possible amendments to 12 U.S.C. §§ 1821(t) and 1828(x) were discussed. The major shortcoming identified with regard to such amendments was the persistent problem of the Bureau’s sharing privileged information, whether obtained from a regulated entity or from another federal regulatory agency, with State Attorneys General or other law enforcement authorities.
Two bills have recently been introduced in Congress, H.R. 3871 and S. 2009. Each is a partial solution to the privilege waiver problem, but neither avoids that identified shortcoming. S. 2009 takes the direct approach of adding the Bureau to §§ 1821(t)(2) and 1828(x), which arguably maintains privilege with respect to material shared with State bank supervisors. I say “arguably” because § 1828(x) by its terms applies to privileged material provided directly by a bank to a regulator during the supervisory process. Only by inference could that provision be interpreted to extend to the situation where the information is provided to one regulator by another. Such an inference is arguably negated, however, by the separate existence of § 1821(t), and § 1821(t)(2), even if amended to include the Bureau, does not include State bank supervisors.
H.R. 3871 takes a different approach, amending § 1022(c)(6) of the Dodd-Frank legislation by adding the following language as a new subparagraph (B):
“The submission by any person of any information to the Bureau for any purpose in the course of any supervisory or regulatory process of the Bureau shall not be construed as waiving, destroying, or otherwise affecting any privilege such person may claim with respect to such information under Federal or State law as to any person or entity other than the Bureau.”
To recapitulate: both approaches seek (with varying degrees of success) to eliminate inadvertent or coerced waiver of the attorney-client privilege or the work product doctrine by (1) a regulated entity’s directly turning over privileged material to the Bureau, (2) sharing with the Bureau of privileged information by a bank regulatory agency, (3) the Bureau’s sharing such information with another federal agency (such as the FTC) or with a State or foreign bank supervisor. Neither approach, however, protects such material if the Bureau should share it with a state law enforcement authority other than a State bank supervisor.
One way to resolve this problem unambiguously would be to insert a new subparagraph (E) to Dodd-Frank § 1022(c)(6) along these lines:
“Notwithstanding subparagraphs (C) and (D) of this subsection, neither access by the Bureau to reports of other regulators nor access by any other Federal or State agency or regulatory or law enforcement authority to any reports or other information issued by the Bureau or in its possession shall result in the waiver of any statutory or common law privilege held by any covered person or service provider, unless the holder of such privilege has otherwise waived it.”