In its Fall 2016 Supervisory Highlights, which covers supervision work generally completed between May and August 2016, the CFPB highlights violations found by its examiners involving origination and servicing of auto financing, debt collection, mortgage origination and servicing, student loan servicing, and fair lending.

On December 2, 2016, from 12 p.m. to 1 p.m ET, Ballard Spahr attorneys will hold a webinar, “The CFPB’s Fall 2016 Supervisory Highlights: Looking Beyond the Headlines.”  A link to register is available here.

The report states that recent non-public supervisory actions have resulted in restitution of approximately $11.3 million to more than 225,000 consumers.  The report also indicates that the CFPB’s supervisory activities “have either led to or supported” two recent public enforcement action described in the report that resulted in over $28 million in consumer remediation and $8 million in civil money penalties.

The CFPB’s “supervisory observations” include the following:

  • Servicing of auto financing.  CFPB examiners concluded that it was an unfair practice to detain or refuse to return personal property found in a repossessed vehicle until the consumer paid a fee or where the consumer requested return of the property, regardless of what the consumer agreed to in the contract.  Even when the consumer agreements and state law provided support for lawfully charging the fee, examiners concluded there were no circumstances in which it was lawful to refuse to return property until after the fee was paid, instead of simply adding the fee to the borrower’s balance as companies do with other repossession fees.  Examiners also found that in some instances, one or more companies were engaging in the unfair practice of charging a borrower for storing personal property found in a repossessed vehicle when the consumer agreement disclosed that the property would be stored, but not that the borrower would need to pay for the storage.  The report indicates that in upcoming exams, CFPB examiners “will be looking closely at how companies engage in repossession activities, including whether property is being improperly withheld from consumers, what fees are charged, how they are charged, and the context of how consumers are being treated to determine whether the practices were lawful.”
  •  Debt collection.
    • Fees. CFPB examiners determined that a “convenience fee” charged by one or more debt collectors to process payments by phone and online violated the FDCPA where the consumer’s contract did not expressly permit convenience fees and applicable state law was silent on whether such fees are permissible.  CFPB examiners also found that debt collectors had made false representations in violation of the FDCPA by demanding unlawful fees, stated that the fees were “nonnegotiable,” or withholding  information from consumers about other methods to make payments that would not incur the fee after the consumer requested such information.  CFPB examiners also found that one or more debt collectors violated the FDCPA by charging collection fees in states where collection fees were prohibited or in states that capped collection fees at a threshold lower than the fees that were charged.  The report notes that examiners “also observed a [compliance management system (CMS)] weakness at one or more collectors that had not maintained any records showing the relationship between the amount of the collection fee and the cost of collection.”
    • Collection calls; third party communications. CFPB examiners determined that collection calls made by one or more debt collectors involved false representations or deception in violation of the FDCPA where collectors (1)  purported to assess consumers’ creditworthiness, credit scores, or credit reports when collectors could not assess overall borrower creditworthiness, represented that an immediate payment was necessary to prevent a negative impact on a consumer’s credit, (3) impersonated consumers while using a creditor’s consumer-facing automated telephone system to obtain information about a consumer’s debt, or (4) told consumers that the ability to settle an account was revoked or would expire.  At one or more debt collectors, examiners also identified several instances where collectors violated the FDCPA by disclosing the consumer’s debt to a third party (which the CFPB stated was often the result of inadequate identity verification during telephone calls) or by an employee’s disclosure of the debt collection company’s name to a third party without first being asked for that information by the third party.
    • FCRA. CFPB examiners determined that “one or more entities” failed to provide adequate guidance and training to staff regarding differentiating FCRA disputes from general customer inquiries, complaints, or FDCPA debt validation requests.  One or more of such entities were directed to develop and implement “reasonable policies and procedures to ensure that direct and indirect disputes are appropriately logged, categorized, and resolved” and/or “a training program appropriately tailored to employees responsible for logging, categorizing, and handling FCRA direct and indirect disputes.”  Examiners also determined that one or more debt collectors violated the FCRA by not investigating indirect disputes that lacked detail or not accompanied by attachments with relevant information from the consumer or, for disputes categorized as frivolous, sending notices that did not indicate what the consumer needed to provide in order for the collector to complete the investigation.
    • Regulation E. Examiners found that one or more debt collectors violated Regulation E by failing to provide consumers with a copy of the terms of an authorization for preauthorized electronic fund transfers.  Some of these debt collectors had instead sent consumers a payment confirmation notice before each electronic fund transfer.  The CFPB stated that such notices did not satisfy the Regulation E requirement to provide a copy of the terms of the authorization because the notices did not describe the recurring nature of the preauthorized transfers from the consumer’s account, such as by describing the timing and amount of the recurring transfers.
  • Mortgage origination. CFPB examiners found that one or more entities offering mortgage loan programs that accepted alternative income documentation for salaried consumers as part of their underwriting requirements had violated Regulation Z ability to repay (ATR) requirements. Such entities indicated that they relied primarily on the consumer’s assets when making an ATR determination, but also established a maximum monthly debt to income (DTI) ratio in their underwriting policies and procedures.  CFPB examiners “found that the income disclosed on the application to calculate the consumer’s monthly DTI ratio was not verified, but instead was tested for reasonableness using an internet-based tool that aggregates employer data and estimates income based upon each consumer’s residence zip code address, job title, and years in their current occupation.”  CFPB examiners also found that one or more federally-regulated depository institutions were using employees of a staffing agency to originate loans who were improperly registered in the National Multistate Licensing System and Registry as employees of the depository institutions.
  • Student loan servicing. In addition to finding that one or more servicers were engaging in an unfair practice in violation of the Dodd-Frank Act UDAAP prohibition by denying, or failing to approve, applications for income-driven repayment (IDR) plans that should have been approved on a regular basis, CFPB examiners cited servicers for the unfair practice of failing to provide an effective choice on how payments should be allocated among multiple loans.  Such servicers had failed to provide an effective choice through such practices as not giving borrowers the ability to allocate payments to individual loans in certain circumstances, not effectively disclosing that borrowers had the ability to provide payment instructions, or not effectively disclosing important information (like the allocation methodology used when instructions are not provided).  The CFPB also cited a student loan servicer for engaging in a deceptive practice in violation of the Dodd-Frank Act UDAAP prohibition in connection with loans considered to be “paid ahead.” CFPB examiners concluded that one or more servicers’ billing statements could have misled reasonable borrowers to believe additional payments during or after a paid-ahead period would be applied largely to principal. According to the CFPB, the statements, which noted that nothing was due in months that the borrower was paid ahead, misled consumers as to how much interest would accrue or had accrued, and how that would affect the application of consumers’ payments when the borrower began making payments.  The CFPB directed one or more servicers to hire independent consultants to conduct user testing of the servicer’s communications to improve how the communications describe the basic principles of the servicer’s payment allocation methodologies, the consumer’s ability to provide payment instructions, and the accrual of interest during a paid-ahead period.  The CFPB refers servicers to the policy direction on student loan servicing issued in July 2016 by the Department of Education for guidance on IDR application processing, billing statements, and  allocation methodologies.  (Issues related to IDR plan applications were highlighted in the midyear report of the CFPB’s Student Loan Ombudsman released in August 2016.)
  • Fair lending.
    • LEP consumers. CFPB examiners “observed situations” in which financial institutions’ treatment of limited English proficiency (LEP) and non-English-speaking consumers posed fair lending risk, such as marketing only some credit card products to Spanish-speaking consumers, while marketing additional credit card products to English-speaking consumers.  The CFPB noted that one or more such institutions lacked documentation describing how they decided to exclude those products from Spanish language marketing, thereby “raising questions about the adequacy of their compliance management systems related to fair lending.”  According to the CFPB, to mitigate any compliance risks related to these practices, one or more financial institutions revised their marketing materials to notify consumers in Spanish of the availability of other credit card products and included clear and timely disclosures to prospective consumers describing the extent and limits of any language services provided throughout the product lifecycle.  The CFPB observed that such institutions “were not required to provide Spanish language services to address this risk beyond the Spanish language services they were already providing.”  The report includes a list of “common features of a well-developed” CMS that considers treatment of LEP and non-English-speaking consumers.
    • Redlining. The report lists factors considered by the CFPB in assessing redlining risk in examinations and describes how the CFPB conducts its analysis of redlining risk, such as its use of HMDA and census data to assess an institution’s  lending patterns and its comparison of an institution to peer institutions.  The report indicates that in their initial analysis, CFPB examiners will compare an institution’s lending patterns to other lenders in the same MSA to determine whether the institution received significantly fewer applications from minority areas relative to other lenders in the MSA.  Examiners may also compare an institution to a more refined group of peers which can be defined in various ways, such as lenders that received a similar number of applications, originated a similar number of loans in the MSA, or offered a similar product mix.  Examiners have also considered an institution’s own identification of its peers in particular markets.
  • Examination procedures and guidance. The CFPB references recent updates to its reverse mortgage, student loan, and Military Loan Act examination procedures, as well as its recent amendment of its service provider bulletin.  According to the CFPB, some small service providers reported that entities have imposed the same due diligence requirements on them as for their largest service providers. The CFPB stated that this may have resulted from some entities having interpreted its 2012 bulletin to mean they had to use the same due diligence requirements for all service providers no matter the risk for consumer harm.  The amendment was intended to clarify that a risk management program can be tailored to the size, market, and level of risk for consumer harm presented by the service provider.