An Assistant Illinois Attorney General, in a letter sent to Experian’s CEO on behalf of the Illinois AG and the AGs of 35 other states and the District of Columbia, has asked Experian not to charge any credit freeze-related fees.

In the letter, which references the recent Equifax data breach, the Assistant Illinois AG notes that seven states currently prohibit consumer reporting agencies from charging fees to place a credit freeze and at least two others have introduced legislation that would require CRAs to offer free credit freezes.

In addition to Illinois, the other states joining the letter were: Arkansas, Colorado, Delaware, Florida, Hawaii, Idaho, Iowa, Kansas, Kentucky, Maine, Massachusetts, Michigan, Minnesota, Mississippi, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Utah, Vermont, Virginia, Washington, Wisconsin, and Wyoming.

 

The cities of Chicago and San Francisco and the Massachusetts Attorney General have filed the first enforcement actions against Equifax following the announcement of a data breach affecting an estimated 143 million consumers.  Equifax announced the data breach on September 7, 2017, after hackers allegedly exploited a vulnerability in open-source software used by Equifax to create its online consumer dispute portal.

The first suits were filed on September 26th by the Massachusetts Attorney General and San Francisco.  Massachusetts’s complaint was filed in Superior Court in Suffolk County and alleges that Equifax knew or should have known about the vulnerability and that hackers were attempting to exploit it, but that Equifax failed to take known and available measures to prevent the breach.  Massachusetts asserts claims for violations of the Massachusetts data privacy statute and the Massachusetts Consumer Protection Act prohibiting unfair and deceptive practices based on Equifax’s alleged failure to give timely notice of the breach, failure to safeguard personal information, and failure to take other actions that Equifax was uniquely positioned to provide that would have mitigated damages to Massachusetts consumers.  The Massachusetts Attorney General is seeking unspecified civil penalties, disgorgement of profits, restitution, costs and attorney’s fees.

San Francisco’s complaint, filed in the Superior Court of San Francisco, asserts claims under the California Business and Professions Code for unlawful, unfair or fraudulent business practices, alleging that Equifax failed to maintain reasonable security practices and procedures, failed to provide timely notice of the security breach, and failed to provide complete, plain and clear information when notice was provided.  The lawsuit seeks restitution for all California consumers, civil penalties up to $2,500 per violation of law, restitution, costs, and a court order requiring Equifax to implement and maintain appropriate security procedures in the future.

Finally, the City of Chicago filed suit on September 28th in Cook County Circuit Court and asserts claims arising under both state law and city ordinance.  Specifically, Chicago alleges Equifax violated a local ordinance prohibiting fraudulent, unfair, and deceptive business practices, as well as the Illinois Consumer Fraud and Deceptive Business Practices Act.  Chicago’s claims are based on allegations that Equifax failed to give prompt notice of the breach, failed to safeguard personal information, and deceived consumers by requiring them to waive their legal rights in exchange for credit monitoring services and by misrepresenting that the offered credit monitoring was free.  Chicago seeks civil monetary penalties in the amount of $10,000 for each day a violation has existed that involves a Chicago resident, restitution, and injunctive relief requiring Equifax to maintain adequate security measures to prevent data breaches.

These are likely just the first of many lawsuits to be filed against Equifax by state and local officials.  Further action at both the federal and state level seems all but certain.  For example, the Federal Trade Commission and Department of Justice have confirmed they are investigating the breach, and the New York Department of Financial Services confirmed that it recently issued a subpoena to Equifax for more information about the breach.  This vigorous and immediate government enforcement effort further supports our position that private class action lawsuits are an unnecessary and inappropriate tool for vindicating any harm caused by the data breach.  We will continue to follow these significant cases and update you as events unfold.

 

Last week, New York Governor Andrew Cuomo issued a press release directing the New York Department of Financial Services (“NYDFS”) to impose new rules on consumer reporting agencies (“CRAs”).  The proposed regulation would subject CRAs that issue consumer reports (as defined in a manner similar to the federal Fair Credit Reporting Act) about consumers located in New York to new requirements, including:

  • Annual registration with NYDFS – such registration must identify officers and/or directors that are responsible for the CRAs’ compliance with the new regulation;
  • Annual, and in some cases quarterly, information reporting requirements to NYDFS;
  • NYDFS examinations to be conducted as often as NYDFS considers “necessary”;
  • Prohibitions against various activities, such as including inaccurate information in a consumer report or engaging in any unfair, deceptive, abusive, and/or predatory acts or practices;
  • Communicating with consumers’ authorized representatives; and
  • Compliance with the newly issued NYDFS cybersecurity regulation (see Ballard alert).

Except for requiring CRAs to comply with the NYDFS cybersecurity regulation, it is unclear how the other requirements would address the risks posed by the recent Equifax breach, which was the purported reason for Governor Cuomo’s announcement.

Importantly, by requiring CRAs to register on an annual basis, the proposed regulation would empower NYDFS to suspend or revoke such registration based not only on the bad acts of a CRA itself, but also based on the bad acts of individual members, principals, officers, directors, or controlling persons at the CRA.  Without a valid registration, a CRA would be prohibited from providing any consumer reports about consumers located in New York, any companies licensed by NYDFS would be prohibiting from purchasing consumer reports from the CRA, and any companies licensed by NYDFS would be prohibited from furnishing information about consumers located in New York to the CRA.

Although a version of the proposed regulation was released with Governor Cuomo’s announcement, NYDFS is expected to release an official version for public comment in the coming weeks.  CRAs and companies that rely on CRAs to provide information about consumers located in New York should strongly consider participating in this rulemaking process.

An informative new American Banker podcast discusses recent and possible future changes to traditional credit scores, what they mean for industry, and possible industry responses.

The podcast begins with a discussion of changes that will take effect on July 1, 2017 to the public record data standards used by the “Big 3” consumer reporting agencies (CRAs) for the collection and updating of civil judgments and tax liens.  The new standards, which will apply to new and existing public record data on the CRAs’ credit reporting databases, create new verification requirements for data about civil judgments and tax liens, such as certain minimum consumer personal identifying information and a minimum frequency of courthouse visits to obtain new and updated data of at least every 90 days.

The experts participating in the podcast suggested that under current credit score models, the change could result in small credit score increases for impacted consumers averaging about 10 to 11 points.  However, they indicated that credit scores generated by newer credit score models under development that consider other data are unlikely to be impacted.

Among the topics discussed was the potential benefits and challenges in using alternative data in credit score models.  This past February, the CFPB issued a request for information seeking information about the use of alternative data and modeling techniques in the credit process.

 

 

 

The CFPB has issued a new report, “Data Point: Becoming Credit Visible,” that discusses how consumers transitioned out of “credit invisibility” and how such transitions differed across consumers of different ages and across neighborhood income levels.  For purposes of the report, the CFPB uses a definition of “credit invisibility” that includes only consumers without a credit record at one of the nationwide credit reporting companies.

The CFPB used a similar definition in its May 2015 report, “Data Point: Credit Invisibles,” in which the CFPB documented the results of its research into the demographic characteristics of consumers without traditional credit reports or credit scores.  That report concluded that the current credit reporting system is precluding certain populations from accessing credit and taking advantage of other economic opportunities.  While it did not use the term “disparate impact,” the report had fair lending implications for both providers and users of credit reports and credit scores.

The 2015 report was followed by a blog post in December 2016 in which the CFPB announced that it had released a brief, “Who are the credit invisibles?,” that described the 2015 report’s most significant findings and contained a checklist of action items for consumers who were new to credit or seeking to rebuild their credit history.  Among the 2015 report’s findings highlighted in the brief were that consumers in low-income neighborhoods are more likely to have no credit history with one of the nationwide consumer reporting agencies or an unscorable credit file and that Black and Hispanic consumers are more likely to have no credit history with one of the nationwide consumer reporting agencies and have unscored credit records than White or Asian consumers.

The CFPB’s key findings in the new report based on the sample data used by the CFPB include:

  • Almost 80 percent of consumers who transitioned out of credit invisibility did so before age 25, with consumers in low- and moderate-income neighborhoods who made this transition doing so at older ages than consumers in middle- or upper-income neighborhoods.
  • Across all age groups and income levels, credit cards triggered the creation of consumer credit records more frequently than any other product with student loans the next most frequent trigger.
  • Consumers in lower-income neighborhoods were more likely than consumers in higher-income neighborhoods to acquire a credit record from non-loan items, such as third-party collection accounts or public records, with almost 90 percent of these non-loan items conveying negative information about the consumer’s creditworthiness.
  • About 15 percent of consumers opened their earliest reported credit account with a co-borrower and the credit records of an additional 9.6 percent of consumers were created when the consumer became an authorized user on someone else’s credit account, thus implying that about 1-in-4 consumers first acquire their credit history from an account for which others were also responsible. The use of co-borrowers and authorized user account status was notably less common in lower-income neighborhoods.
  • The frequency with which credit cards trigger the creation of a credit record has been growing rapidly in recent years, except among consumers younger than 25 as to whom the share of credit records created as the result of a credit card has been declining.  This decline cannot be fully explained by the growth in student loans or the restrictions in the Credit Card Accountability Responsibility and Disclosure Act on issuing credit cards to consumers under the age of 21 and marketing credit cards to college students.

In February 2017, the CFPB issued a request for information (RFI) seeking information about the use of alternative data and modeling techniques in the credit process.  The CFPB indicated that the RFI stemmed from its desire “to encourage responsible innovations that could be implemented in a consumer-friendly way to help serve populations currently underserved by the mainstream credit system.”  In the new report, the CFPB suggests that “the differences in the incidences of credit invisibility between higher- and lower-income neighborhoods may reflect the greater tendency of consumers in the latter to be unbanked” and “would imply that the problems posed by credit invisibility might be mitigated by promoting access to banking services in lower-income communities.”

The CFPB also indicated that the issues it hopes to examine in future research include the challenges facing consumers with unscored credit records and the characteristics of credit records (negative versus positive information) that result in transitioning out of credit invisibility.

The CFPB has issued its February 2017 complaint report that highlights credit reporting complaints.  The report also highlights complaints from consumers in Louisiana and the New Orleans metro areas.

General findings include the following:

  • As of February 1, 2017, the CFPB handled approximately 1,110,100 complaints nationally, including approximately 29,700 complaints in January 2017.
  • Debt collection continued to be the most-complained-about financial product or service in December 2016, representing about 26 percent of complaints submitted.
  • For the first time, student loans replaced mortgages in the “top three” complaint categories with debt collection complaints, together with complaints about credit reporting and student loans, collectively representing about 60 percent of the complaints submitted in January 2017.  This likely reflects the increase in the number of student loan complaints received in January 2017 as compared with December 2016. Complaints about student loans showed the greatest month-over-month increase, increasing 537 percent from December 2016.  Student loans also had the greatest percentage increase based on a three-month average, increasing about 388 percent from the same time last year (November 2015 to January 2016 compared with November 2016 to January 2017).  In February 2016, the CFPB began accepting complaints about federal student loans.  Previously, such complaints were directed to the Department of Education.  As we have noted in blog posts about prior CFPB monthly complaint reports issued beginning in April 2016, rather than reflecting an increase in the number of borrowers making student loan complaints, the increasing percentages represented by student loan complaints received by the CFPB most likely reflects the change in where such complaints are sent.
  • Payday loans showed the greatest percentage decrease based on a three-month average, decreasing about 26 percent from the same time last year (November 2015 to January 2016 compared with November 2016 to January 2017).  Complaints during those periods decreased from 408 complaints in 2015/2016 to 302 complaints in 2016/2017.
  • Georgia, South Dakota, and Mississippi experienced the greatest complaint volume increases from the same time last year  (November 2015 to January 2016 compared with November 2016 to January 2017) with increases of, respectively, 59, 43, and 34 percent.
  • Delaware, New Hampshire, and Hawaii experienced the greatest complaint volume decreases from the same time last year (November 2015 to January 2016 compared with November 2016 to January 2017) with decreases of, respectively, 8, 8, and 4 percent.

Findings regarding credit reporting complaints include the following:

  • The CFPB has handled approximately 185,700 credit reporting complaints.
  • The most common issues identified in complaints involved problems with incorrect information on credit reports and investigations by credit reporting companies.  Consumers complained about the process for disputing information on credit reports, such as difficulties in submitting disputes through phone and mail channels, authentication questions or other barriers to submitting disputes, and problems receiving results of investigations.
  • Consumers complained about the process for blocking and removing information resulting from identity theft and credit inquiries claimed not to have been initiated by the consumer.
  • Many consumer complaints about credit scoring reflect confusion over the variety of scores, scoring factors that  accompany credit score information, and receipt of varying scores from different reporting agencies.

Findings regarding complaints from Louisiana consumers include the following:

  • As of February 1, 2017, approximately 12,400 complaints were submitted by Louisiana consumers of which approximately 4,500 were from New Orleans consumers.
  • Debt collection was the most-complained-about product, representing 34 percent of all complaints submitted by Louisiana consumers, which was higher than the national average rate of 27 percent of all complaints submitted by consumers.
  • Average monthly complaints received from Louisiana consumers increased 31 percent from the same time last year (November 2015 to January 2016 compared with November 2016 to January 2017), higher than the increase of 21 percent nationally.

 

The CFPB has issued a request for information (RFI) that seeks information about the use of alternative data and modeling techniques in the credit process.  On March 21, 2017 from 12:00 to 1:00 p.m. ET, Ballard Spahr attorneys will hold a webinar: The New Frontier of Alternative Credit Models: Opportunities, Risks and the CFPB’s Request for Information.  A link to register is available here.

According to the CFPB, the RFI stems from the Bureau’s desire “to encourage responsible innovations that could be implemented in a consumer-friendly way to help serve populations currently underserved by the mainstream credit system.”  The CFPB had signaled the likelihood of future action relating to alternative credit data in a May 2015 report, “Data Point: Credit Invisibles,” that reported the results of a research project undertaken by the CFPB to better understand the demographic characteristics of consumers without traditional credit reports or credit scores.  The report, which the RFI cites, concluded that the current credit reporting system is precluding certain populations from accessing credit and taking advantage of other economic opportunities.

In conjunction with the RFI’s issuance, the CFPB held a field hearing on alternative credit data in Charleston, West Virginia at which Director Cordray gave remarks.  (In a break from its prior practice, the CFPB did not publish advance notice of the field hearing on its website.)

In the RFI’s Supplementary Information, the CFPB states that it not only seeks information relating to consumer credit but, “because some of the Bureau’s authorities relate to small business lending,” it “welcomes information about alternative data and modeling techniques in business lending markets as well.”  To that end, for many of the specific questions asked in the RFI on which the CFPB seeks comments, the CFPB asks commenters to describe “any differences in your answers as they pertain to lending to businesses (especially small businesses) rather than consumers.”  (The CFPB notes the ECOA’s coverage of consumer and business credit and that it has begun the process of writing regulations to implement Dodd-Frank Section 1071, which requires data collection and reporting for lending to women-owned, minority-owned, and small businesses.)  Comments on the RFI must be received on or before May 19, 2017.

The Supplementary Information includes a discussion of alternative data and modeling techniques in which the CFPB provides examples of the types of data and modeling techniques that have been labeled “alternative.”  It also discusses prior research by other federal regulators, such as the FTC’s report on big data.  (The CFPB notes that the non-traditional data that might be used to assess borrower creditworthiness could include “big data.”  To address the growing interest in the use of “big data” and “machine learning” by a wide range of businesses, we recently held a webinar, “Big Data and Computer Learning – Lots of Opportunity and Lots of Legal Risk.”)

In the Supplementary Information, the CFPB lists potential consumer benefits and risks it has identified and states that it intends to use the information gleaned from the RFI’s questions “to help maximize the benefits and minimize the risks” from the use of alternative data and modeling techniques.  The RFI contains 20 specific questions (most of which have numerous subsidiary questions) that are divided into four sections: alternative data, alternative modeling techniques, potential benefits and risks to consumers and market participants, and specific statutes and regulations as they pertain to alternative data and modeling techniques.  The CFPB notes that although each question speaks generally about all decisions in the credit process, “answers can differentiate, as appropriate, between uses in marketing, fraud detection and prevention, underwriting, setting or changes in terms (including pricing), servicing, collections, or other relevant aspects of the credit process.”

The CFPB states in the RFI that it not only seeks to understand the benefits and risks stemming from the use of alternative data and modeling techniques, but “also to begin to consider future activity to encourage their responsible use and lower unnecessary barriers, including any unnecessary regulatory burden or uncertainty that impedes such use.”  We hope the CFPB’s issuance of the RFI reflects its recognition of the complexity of the issues involved in the use of alternative data and modeling techniques and the need for it to carefully consider the interests of all stakeholders.

In May 2015, the CFPB issued a report, “Data Point: Credit Invisibles,” that documented the results of a research project undertaken by the CFPB to better understand the demographic characteristics of consumers without traditional credit reports or credit scores.  The report concluded that the current credit reporting system is precluding certain populations from accessing credit and taking advantage of other economic opportunities.  Although the CFPB did not use the term “disparate impact,” the report had fair lending implications for both providers and users of credit reports and credit scores.

Earlier this week, the CFPB published a blog post, to announce that it has released a brief, “Who are the credit invisibles?,” that describes the May 2015 report’s “most significant findings” and a checklist of action items for consumers “who are new to credit or looking to rebuild.”  Among the report’s findings highlighted in the new brief are that consumers in low-income neighborhoods are more likely to have no credit history with one of the nationwide consumer reporting agencies or an unscorable credit file and that Black and Hispanic consumers are more likely to have no credit history with one of the nationwide consumer reporting agencies and have unscored credit records than White or Asian consumers.  The brief also includes a section describing actions consumers can take to build a credit history.

The brief could portend action by the CFPB regarding the use of alternative credit reports and credit scores.  However, as we commented when the May 2015 report was issued, the CFPB should be cautious about taking any regulatory actions that undermine existing industry efforts to serve populations not currently being served by traditional credit reports or credit scores.  In addition, if the CFPB is suggesting a need for additional sources of alternative credit reports and credit scores, these new products and services would have to be developed carefully to ensure their reliability for use in making credit or other decisions; otherwise, the potential harm could be felt across all relevant stakeholders, from businesses that make decisions with inaccurate information and consumers that are impacted by those decisions.

In its Fall 2016 Supervisory Highlights, which covers supervision work generally completed between May and August 2016, the CFPB highlights violations found by its examiners involving origination and servicing of auto financing, debt collection, mortgage origination and servicing, student loan servicing, and fair lending.

On December 2, 2016, from 12 p.m. to 1 p.m ET, Ballard Spahr attorneys will hold a webinar, “The CFPB’s Fall 2016 Supervisory Highlights: Looking Beyond the Headlines.”  A link to register is available here.

The report states that recent non-public supervisory actions have resulted in restitution of approximately $11.3 million to more than 225,000 consumers.  The report also indicates that the CFPB’s supervisory activities “have either led to or supported” two recent public enforcement action described in the report that resulted in over $28 million in consumer remediation and $8 million in civil money penalties.

The CFPB’s “supervisory observations” include the following:

  • Servicing of auto financing.  CFPB examiners concluded that it was an unfair practice to detain or refuse to return personal property found in a repossessed vehicle until the consumer paid a fee or where the consumer requested return of the property, regardless of what the consumer agreed to in the contract.  Even when the consumer agreements and state law provided support for lawfully charging the fee, examiners concluded there were no circumstances in which it was lawful to refuse to return property until after the fee was paid, instead of simply adding the fee to the borrower’s balance as companies do with other repossession fees.  Examiners also found that in some instances, one or more companies were engaging in the unfair practice of charging a borrower for storing personal property found in a repossessed vehicle when the consumer agreement disclosed that the property would be stored, but not that the borrower would need to pay for the storage.  The report indicates that in upcoming exams, CFPB examiners “will be looking closely at how companies engage in repossession activities, including whether property is being improperly withheld from consumers, what fees are charged, how they are charged, and the context of how consumers are being treated to determine whether the practices were lawful.”
  •  Debt collection.
    • Fees. CFPB examiners determined that a “convenience fee” charged by one or more debt collectors to process payments by phone and online violated the FDCPA where the consumer’s contract did not expressly permit convenience fees and applicable state law was silent on whether such fees are permissible.  CFPB examiners also found that debt collectors had made false representations in violation of the FDCPA by demanding unlawful fees, stated that the fees were “nonnegotiable,” or withholding  information from consumers about other methods to make payments that would not incur the fee after the consumer requested such information.  CFPB examiners also found that one or more debt collectors violated the FDCPA by charging collection fees in states where collection fees were prohibited or in states that capped collection fees at a threshold lower than the fees that were charged.  The report notes that examiners “also observed a [compliance management system (CMS)] weakness at one or more collectors that had not maintained any records showing the relationship between the amount of the collection fee and the cost of collection.”
    • Collection calls; third party communications. CFPB examiners determined that collection calls made by one or more debt collectors involved false representations or deception in violation of the FDCPA where collectors (1)  purported to assess consumers’ creditworthiness, credit scores, or credit reports when collectors could not assess overall borrower creditworthiness, represented that an immediate payment was necessary to prevent a negative impact on a consumer’s credit, (3) impersonated consumers while using a creditor’s consumer-facing automated telephone system to obtain information about a consumer’s debt, or (4) told consumers that the ability to settle an account was revoked or would expire.  At one or more debt collectors, examiners also identified several instances where collectors violated the FDCPA by disclosing the consumer’s debt to a third party (which the CFPB stated was often the result of inadequate identity verification during telephone calls) or by an employee’s disclosure of the debt collection company’s name to a third party without first being asked for that information by the third party.
    • FCRA. CFPB examiners determined that “one or more entities” failed to provide adequate guidance and training to staff regarding differentiating FCRA disputes from general customer inquiries, complaints, or FDCPA debt validation requests.  One or more of such entities were directed to develop and implement “reasonable policies and procedures to ensure that direct and indirect disputes are appropriately logged, categorized, and resolved” and/or “a training program appropriately tailored to employees responsible for logging, categorizing, and handling FCRA direct and indirect disputes.”  Examiners also determined that one or more debt collectors violated the FCRA by not investigating indirect disputes that lacked detail or not accompanied by attachments with relevant information from the consumer or, for disputes categorized as frivolous, sending notices that did not indicate what the consumer needed to provide in order for the collector to complete the investigation.
    • Regulation E. Examiners found that one or more debt collectors violated Regulation E by failing to provide consumers with a copy of the terms of an authorization for preauthorized electronic fund transfers.  Some of these debt collectors had instead sent consumers a payment confirmation notice before each electronic fund transfer.  The CFPB stated that such notices did not satisfy the Regulation E requirement to provide a copy of the terms of the authorization because the notices did not describe the recurring nature of the preauthorized transfers from the consumer’s account, such as by describing the timing and amount of the recurring transfers.
  • Mortgage origination. CFPB examiners found that one or more entities offering mortgage loan programs that accepted alternative income documentation for salaried consumers as part of their underwriting requirements had violated Regulation Z ability to repay (ATR) requirements. Such entities indicated that they relied primarily on the consumer’s assets when making an ATR determination, but also established a maximum monthly debt to income (DTI) ratio in their underwriting policies and procedures.  CFPB examiners “found that the income disclosed on the application to calculate the consumer’s monthly DTI ratio was not verified, but instead was tested for reasonableness using an internet-based tool that aggregates employer data and estimates income based upon each consumer’s residence zip code address, job title, and years in their current occupation.”  CFPB examiners also found that one or more federally-regulated depository institutions were using employees of a staffing agency to originate loans who were improperly registered in the National Multistate Licensing System and Registry as employees of the depository institutions.
  • Student loan servicing. In addition to finding that one or more servicers were engaging in an unfair practice in violation of the Dodd-Frank Act UDAAP prohibition by denying, or failing to approve, applications for income-driven repayment (IDR) plans that should have been approved on a regular basis, CFPB examiners cited servicers for the unfair practice of failing to provide an effective choice on how payments should be allocated among multiple loans.  Such servicers had failed to provide an effective choice through such practices as not giving borrowers the ability to allocate payments to individual loans in certain circumstances, not effectively disclosing that borrowers had the ability to provide payment instructions, or not effectively disclosing important information (like the allocation methodology used when instructions are not provided).  The CFPB also cited a student loan servicer for engaging in a deceptive practice in violation of the Dodd-Frank Act UDAAP prohibition in connection with loans considered to be “paid ahead.” CFPB examiners concluded that one or more servicers’ billing statements could have misled reasonable borrowers to believe additional payments during or after a paid-ahead period would be applied largely to principal. According to the CFPB, the statements, which noted that nothing was due in months that the borrower was paid ahead, misled consumers as to how much interest would accrue or had accrued, and how that would affect the application of consumers’ payments when the borrower began making payments.  The CFPB directed one or more servicers to hire independent consultants to conduct user testing of the servicer’s communications to improve how the communications describe the basic principles of the servicer’s payment allocation methodologies, the consumer’s ability to provide payment instructions, and the accrual of interest during a paid-ahead period.  The CFPB refers servicers to the policy direction on student loan servicing issued in July 2016 by the Department of Education for guidance on IDR application processing, billing statements, and  allocation methodologies.  (Issues related to IDR plan applications were highlighted in the midyear report of the CFPB’s Student Loan Ombudsman released in August 2016.)
  • Fair lending.
    • LEP consumers. CFPB examiners “observed situations” in which financial institutions’ treatment of limited English proficiency (LEP) and non-English-speaking consumers posed fair lending risk, such as marketing only some credit card products to Spanish-speaking consumers, while marketing additional credit card products to English-speaking consumers.  The CFPB noted that one or more such institutions lacked documentation describing how they decided to exclude those products from Spanish language marketing, thereby “raising questions about the adequacy of their compliance management systems related to fair lending.”  According to the CFPB, to mitigate any compliance risks related to these practices, one or more financial institutions revised their marketing materials to notify consumers in Spanish of the availability of other credit card products and included clear and timely disclosures to prospective consumers describing the extent and limits of any language services provided throughout the product lifecycle.  The CFPB observed that such institutions “were not required to provide Spanish language services to address this risk beyond the Spanish language services they were already providing.”  The report includes a list of “common features of a well-developed” CMS that considers treatment of LEP and non-English-speaking consumers.
    • Redlining. The report lists factors considered by the CFPB in assessing redlining risk in examinations and describes how the CFPB conducts its analysis of redlining risk, such as its use of HMDA and census data to assess an institution’s  lending patterns and its comparison of an institution to peer institutions.  The report indicates that in their initial analysis, CFPB examiners will compare an institution’s lending patterns to other lenders in the same MSA to determine whether the institution received significantly fewer applications from minority areas relative to other lenders in the MSA.  Examiners may also compare an institution to a more refined group of peers which can be defined in various ways, such as lenders that received a similar number of applications, originated a similar number of loans in the MSA, or offered a similar product mix.  Examiners have also considered an institution’s own identification of its peers in particular markets.
  • Examination procedures and guidance. The CFPB references recent updates to its reverse mortgage, student loan, and Military Loan Act examination procedures, as well as its recent amendment of its service provider bulletin.  According to the CFPB, some small service providers reported that entities have imposed the same due diligence requirements on them as for their largest service providers. The CFPB stated that this may have resulted from some entities having interpreted its 2012 bulletin to mean they had to use the same due diligence requirements for all service providers no matter the risk for consumer harm.  The amendment was intended to clarify that a risk management program can be tailored to the size, market, and level of risk for consumer harm presented by the service provider.

 

 

 

On October 5th, the CFPB published a notice announcing the CFPB Office of Financial Education’s intent to compile a list of companies offering existing customers free access to their credit score.  The CFPB’s stated intent in compiling this list is to educate consumers and help them make better informed financial decisions.  Comments must be submitted to the CFPB by November 4, 2016.

The initial list will cover only credit card issuers.  However, the CFPB may consider expanding the list or creating a separate future list to include non-credit card issuers in other markets.  To be included in this list, these companies must meet certain specified criteria, including offering existing customers (at least some, but not necessarily all) the ability to obtain a free credit score that the company or other lenders use for account origination, portfolio management, or for other business purposes.  The free credit score must be offered to existing customers on a continuous basis, as opposed to a time-limited or promotional basis.  The free credit score made available to existing customers must also periodically be updated.

Financial institutions should carefully assess whether they wish to voluntarily seek inclusion on this list.  The CFPB clearly states that inclusion on the list is not an endorsement, but the CFPB has noted in the past that making free credit scores available to customers is a best practice.  Companies must consider the potential impact of being excluded from the list and what that choice may communicate to the CFPB and customers.  On the other hand, the CFPB suggests that it “could” leverage this list to bring consumer attention to the topic of credit scores, and follow up with content to educate, inform, and empower consumers on the availability of credit scores and credit reports and how consumers can use this information.  However, nothing in the notice limits the ability of the CFPB to use the information submitted by companies seeking inclusion on the list for other purposes.  For example, the CFPB states that inclusion on this list will have no impact on the CFPB’s supervisory activity, but the CFPB reserves the right to conduct due diligence on a company’s assertions about free credit scores.