According to its newly-released Consumer Sentinel Network Data Book, the FTC received complaints from 2.68 million consumers in 2017, a decrease from 2016 when 2.98 million consumers submitted complaints.  The annual report, which does not include do-not-call complaints, provides national and state-by-state data on consumer complaints received by the FTC.  While the number of complaints declined, consumers reported losing a total of $905 million to fraud in 2017, which was $63 million more than in 2016.

Despite the use of the term “complaints” in the FTC’s press release and numerous references to “complaints” in the new annual report, the new report states that it refers to “consumer reports” rather than “complaints” because “[o]ften, people make these reports after they have experienced something problematic in the marketplace, avoided a loss, and decided to alert others.”

Debt collection was the most-reported category in 2017.  Identity theft was the second-most reported category in 2017, with credit card fraud the most common type of identity theft reported and tax fraud the second most common type.  Imposter scam reports, which the FTC describes as reports about someone pretending to be a trusted person to get consumers to send money or give personal information, was the third-most reported category in 2017.

The other two “top-five” report categories in 2017 were telephone and mobile services (fourth) and banks and lenders (fifth).  For military consumers, identity theft was the top report category in 2017.

The Consumer Sentinel Network is an online database of consumer complaints maintained by the FTC.  Other federal and state law enforcement agencies contribute to the database, including the CFPB and the offices of 20 state attorneys general (who are listed on page 86 of the report).  Private-sector organizations contributing data include the Council of Better Business Bureaus, which consists of all North American Better Business Bureaus.

Any federal, state, or local law enforcement agency can obtain access to the database by entering into a confidentiality and data security agreement with the FTC. Certain international law enforcement authorities are also allowed access.

While the data only reflect ”unverified reports filed by consumers,” regardless of merit, the report nevertheless could significantly affect the industries targeted by the complaints. The FTC and state attorneys general have long used consumer complaints to identify victims and potential targets for investigations, and Mick Mulvaney, President Trump’s appointee as CFPB Acting Director has indicated that the CFPB will continue to use complaints in setting its priorities.

Because industries receiving a large number of complaints are more likely to draw a regulator’s attention, minimizing the number of consumers who complain to the FTC, CFPB, or other consumer watchdogs is an essential first step to reducing potential exposure.  To accomplish this, it is important for companies to establish their own systems to track and resolve complaints. CFPB examination procedures specifically instruct examiners to assess the quality of a company’s complaints system.

The CFPB announced on March 14 that it has begun sharing consumer complaints with the FTC’s Consumer Sentinel database. In addition to the FTC, the database can be accessed by other federal agencies and hundreds of state and local agencies. Last August, the CFPB announced that it had entered into an agreement with the FTC that gave the CFPB access to complaints submitted by others to the database and in which the CFPB agreed to share the consumer complaints it received.

As we reported, Director Cordray has stated that the CFPB will be entering into a Memorandum of Understanding with state attorneys general to share information on consumer financial protection issues. According to news reports, Roy Cooper, North Carolina’s AG, has stated that the FTC’s database will be a central component of that sharing process.

The Dodd-Frank Act, by codifying the U.S. Supreme Court’s 2009 decision in Cuomo v. Clearing House Association, LLC, authorized state AGS to bring civil actions against national banks and federal savings associations to enforce non-preempted state laws. We will be watching to see whether complaints shared by the CFPB alleging conduct by national banks or federal savings associations that violates state law become the trigger for enforcement actions by state AGs that test the scope of post-Dodd-Frank federal preemption.

According to an announcement on its website, the CFPB has signed an agreement with the FTC that not only allows the CFPB to access complaints on the FTC’s Consumer Sentinel database but under which the CFPB will also share with the database complaints it receives from consumers. In addition to the FTC, the database can be accessed online by more than 50 other federal agencies and offices as well as approximately 120 state agencies, 330 local agencies and 19 foreign agencies. (The “law enforcement” agencies who are database members, including several hundred more without online access, are listed on the database website.)

In an earlier blog posting, my colleague Chris Willis discussed the CFPB’s interim final rule that contains its policies and procedures for the disclosure of confidential information, including consumer complaint information. As Chris warned, the rule contemplates that the CFPB will share confidential information with other governmental agencies.  Such sharing includes the disclosure of consumer complaint information to “a federal or state agency” to facilitate the CFPB’s preparation of reports to Congress or its supervision, enforcement and monitoring activites.  However, we are hard-pressed to see where the CFPB’s plan to share consumer complaints with the FTC database otherwise fits in that rule. It doesn’t seem to fit in the provision that allows the CFPB to disclose confidential information to “governmental agencies” upon receipt of a specific written request or on a “standing basis” under terms negotiated with “federal or state agencies.” It also doesn’t seem to fit in the provision that allows the CFPB to disclose consumer complaints “as it deems necessary to investigate, resolve or otherwise respond” to those complaints.

Could it be that in sharing complaints with the FTC database, the CFPB is relying on its catchall authority to disclose confidential information “as authorized by the Director in writing”? (If it is, then presumably the agreement with the FTC was signed by Treasury Secretary Geithner.) And if it is relying on its catchall authority, one might wonder why the CFPB has bothered to go through the exercise of labeling consumer complaint information as “confidential” and providing in its rule for the disclosure of that information only under specified circumstances.