UDAAP

Subscribe to UDAAP

As we’ve discussed before, the CFPB sued Navient over its student loan servicing practices in the Middle District of Pennsylvania.  In doing so, the CFPB followed its strategy of announcing new legal standards by enforcement action and then applying them retroactively. The chief allegation in the complaint is that Navient wrongly “steered” consumers into using loan forbearance rather than income-based repayment plans to cure or avoid defaults on their student loans.

On March 24, 2017, Navient moved to dismiss the complaint on a number of grounds.  Although the district court, in a decision issued on August 4, declined to dismiss the case, the motion raised several arguments that a court of appeals should not be so quick to gloss over.  We focus here on two of them: fair notice and the constitutionality of the CFPB’s structure.

Fair Notice

Navient argued in its briefs that the CFPB was pursuing them for alleged conduct when Navient was not given fair notice that the conduct, if it occurred, violated the law.  The court used a technicality to decline to consider Navient’s fair notice argument at all.  The court stated that: “[Under the relevant authorities,] Navient’s fair notice argument fails if it was reasonably foreseeable to Navient that a court could construe their alleged conduct as unfair, deceptive, or abusive under the CFP Act.  Navient, however, has only advanced arguments as to why it did not have fair notice of the Bureau’s interpretation of the CFP Act (emphasis added).”  Thus, the court found that it need not consider the fair notice argument.

In doing so, the court ignored authorities Navient cited that held that, as Navient paraphrased, “[a]n agency cannot base an enforcement action on law created or changed after the conduct occurred.”  The court also ignored the obvious and clearly-implied corollary to Navient’s argument: the only way for Navient to be liable for the claims alleged in the complaint would be for a court, namely, the Middle District of Pennsylvania, to adopt the Bureau’s position.  Thus, with all due respect for the court, Navient’s fair notice argument was fairly before it and should not have been so lightly cast aside.

This is especially so given how well-founded the argument seems to have been.  How could Navient have known that the CFP Act required it to provide over-the-phone individualized financial counseling to borrowers as a result of a statement on its website indicating that “Our representatives can help you by identifying options and solutions, so you can make the right decision for your situation (emphasis added).”  The statement was both conditional, and placed the duty for making the right decision squarely on consumers. The court completely ignored the fact that the CFP Act’s prohibition on unfair, deceptive, or abusive conduct would not have alerted anyone that the CFPB or a court would make the inferential leap between that statement and the duty that the CFPB says Navient undertook by making it.

Constitutionality of CFPB Structure

The court also rejected the argument that the CFPB’s structure was unconstitutional.  We’ve discussed before why we believe that such a view is incorrect and even dangerous to our constitution.  But a few of those arguments bear repeating in light of the Navient court’s ruling.  The first problem with the Navient court’s holding is that it applies Humphrey’s Executor in a way that ignores the fundamental holding of the case.  In Humphrey’s Executor, the Supreme Court held that for-cause removal, staggered terms, and a combination of enforcement and law-making powers was acceptable in a multi-member commission.  Its rationale: because of the commission structure, the FTC would operate as a quasi-legislative and quasi-judicial body, not a quasi-executive one.  Not to state the obvious, but the CFPB is not a multi-member commission; its unitary director is like the President, a unitary executive.  Thus, the Supreme Court’s indulgence of these accountability-limiting features in Humphrey’s Executor does not apply to the CFPB.

Second, the retort to this argument, that the CFPB Director is somehow more accountable to the President, is a legal fiction at best. If the President has no power to remove the Director without cause, the Director is not accountable to him. Period. The President can approach the Director, ask him to implement a certain policy, and the Director can ignore the President with impunity. That is not accountability, however one may measure it. It is true that the five FTC Commissioners, the entire board of the Federal Reserve, or the SEC Commissioners could do the same. But, those interactions are more like the ones the President faces in dealing with Congress or the Judiciary, interactions that the Constitution contemplated and intended. With the CFPB Director, the President stands powerless before the unitary executive of a federal agency whose will can stand in direct contrast to his own. If that is not an affront to the Constitution’s notion of the President as a unitary executive, what is?

Third, the Supreme Court also indulged accountability-limiting features in Morrison v. Olsen, because, among other reasons, the inferior officer at issue in the case “lack[ed] policymaking or significant administrative authority.” Such is not the case with the CFPB Director.  The Director is not an inferior officer. More importantly, he has substantial policymaking authority.  The Director has the authority to approve and enforce regulations relating to any consumer financial product or service, companies and individuals involved in providing such services, and service-providers to those companies and individuals.  The CFPB has interpreted its authority to extend not just to banks, lenders, and debt collectors, but to mobile phone companies, homebuilders, payment processors, and law firms. The court in this case ignored these substantial differences between the CFPB Director and the inferior officer approved in Morrison v. Olsen.

Finally, the court ignored the implications of its ruling.  Before long, if the CFPB structure is replicated elsewhere in government, we’ll have a government where Congress, the President, and even the courts are relegated to the sidelines while powerful bureaucrats make law, interpret the law, and enforce it with virtually no political oversight.

* * *

As the case progresses, Navient will continue to defend itself. We will keep a close eye on the case and, as always, keep you posted.

The CFPB has issued a new compliance bulletin (2017-11) to provide guidance on pay-by-phone fees.  The guidance includes examples of conduct relating to pay-by-phone practices identified by the CFPB in its supervision and enforcement activities that may violate or risk violating the Dodd-Frank UDAAP prohibition or the FDCPA.

The enforcement actions cited in the guidance involving alleged UDAAP violations arising from pay-by-phone practices date from 2015 and, while recent CFPB supervisory highlights have discussed potential FDCPA violations arising from “convenience fees” charged by debt collectors to process payments by phone, recent supervisory highlights have not discussed potential UDAAP violations arising from pay-by-phone practices.  As a result, the CFPB’s issuance of the guidance suggests that it intends to give pay-by-by phone practices closer scrutiny in examinations and in enforcement actions.  We have been reviewing and suggesting revisions to many clients regarding their pay-by-phone practices since the CFPB began focusing on this area in examinations.  It is important for creditors and debt collectors to be mindful that such practices may also create a risk of state law violations.

Examples provided of conduct that may violate the UDAAP prohibition include:

  • Failing to disclose the prices of all available pay-by-phone services when different options carry materially different fees.  According to the CFPB, while many companies disclose in periodic billing statements or elsewhere that a transaction fee may apply to various payment methods, they do not disclose the fee amounts and instead depend on phone representatives to do so.  The CFPB observes that phone representatives risk engaging in an unfair practice by only revealing higher-cost options or failing to inform consumers of material price differences between available options.
  • Misrepresenting the available payment options or that a fee is required to pay by phone.  The CFPB observes that some companies charge a fee for expedited phone payments but also offer no-fee phone payment options that post a payment after a processing delay.  According to the CFPB, some of such companies offer their fee-based expedited payment option as their default pay-by-phone option, with the result that consumers could be misled to believe that a fee is always required to pay by phone and cause consumers to be charged for expedited payment even if such consumers did not need to post a payment on the same day.
  • Failing to disclose that a pay-by-phone fee would be added to a payment.  According to the CFPB, a company may risk engaging in a deceptive act or practice by failing to disclose that a pay-by-phone fee will be charged in addition to a consumer’s otherwise applicable payment amount and indicating that only the otherwise applicable payment amount will be charged.  In the CFPB’s view, such conduct may create the misimpression that no pay-by-phone fee is charged.
  • Failing to adequately monitor employees or oversee service providers. The CFPB observes that although a company may have policies and procedures requiring phone representatives to disclose all available pay-by-phone options and fees, deviations from call scripts may cause phone representatives to misrepresent available options and fees.  According to the CFPB, companies can reduce the risk of misrepresentations through adequate monitoring and references its November 2016 compliance bulletin (2016-03) on production incentives.  The CFPB suggests that companies should consider the impact of incentives for employees and service providers may have on compliance risks relating to potential UDAAP violations.

Examples of conduct that may violate the FDCPA:

  • The CFPB notes the FDCPA prohibition on the collection of any amount by a debt collector unless such amount is expressly authorized by the agreement creating the debt or permitted by law.  The CFPB states that its examiners found that one or more mortgage servicers meeting the FDCPA “debt collector” definition violated the FDCPA by charging fees for taking mortgage payments by phone to borrowers whose mortgage instruments did not expressly authorize such fees and who resided in states where applicable law did not expressly permit collection of such fees.

The guidance indicates that the CFPB expects companies to review their practices on charging pay-by-phone fees for potential risks of UDAAP or FDCPA violations and provides suggestions for companies to consider in assessing whether their practices present a risk of constituting a UDAAP or FDCPA violation.  It also advises companies to consider whether production incentive programs create incentives to steer consumers to certain payment options or avoid disclosures.  According to the CFPB, such incentives could enhance the potential risk of UDAAPs if they reward employees or service providers based on consumers using a higher-cost pay-by-phone option or based on the number of daily calls completed.

 

On June 5, 2017, the U.S. Supreme Court handed down a unanimous decision in Kokesh v. SEC. In Kokesh, the SEC took the position that disgorgement was not a penalty and therefore not subject to the statute of limitations in 28 U.S.C. § 2462. The Court held that disgorgement remedies are indeed “penalties” and therefore  subject to the five-year statute of limitations in § 2462. In its PHH briefing, the CFPB argued that “[its] administrative proceedings are subject only to the statute of limitations set forth in 28 U.S.C. § 2462.” Thus, the Supreme Court’s reasoning in Kokesh would also apply squarely to the disgorgement remedies available to the CFPB.

The opening paragraph of the Kokesh opinion says it all.

“A 5-year statute of limitations applies to any ‘action, suit or proceeding for the enforcement of any civil fine, penalty, or forfeiture, pecuniary or otherwise.’ 28 U.S.C. § 2462. This case presents the question of whether § 2462 applies to claims for disgorgement imposed as a sanction for violating a federal securities law. The Court holds that it does. Disgorgement in the securities-enforcement context is a ‘penalty’ within the meaning of § 2462, and so disgorgement actions must be commenced within the five years of the date the claim accrues.”

The Court rested its decision on the principle that “[s]uch limits are ‘vital to the welfare of society’ and rest on the principle that ‘even wrongdoers are entitled to assume that their sins may be forgotten.'” The CFPB has argued that, except for the statute of limitations in § 2462, no statute of limitations applies to claims it brings through administrative enforcement actions. This argument was brought to the fore by the PHH case, which we have blogged about extensively. The CFPB lost on that issue in the PHH case before a three-judge panel of the D.C. Circuit. The panel’s decision was vacated when the D.C. Circuit decided to re-hear the case en banc. We are still waiting to see what the en banc court will do.

In addition to its implications for CFPB rulemaking, the D.C. Circuit’s decision in PHH Corporation v. CFPB has significant implications for the CFPB’s authority to enforce federal consumer financial protection laws as well as the Consumer Financial Protection Act (CFPA) prohibition of unfair, deceptive, or abusive acts or practices (UDAAP).

In its decision, the D.C. Circuit ruled not only that the CFPB’s single-director-removable-only-for-cause structure is unconstitutional but also ruled that RESPA’s three-year statute of limitations (SOL) applies to CFPB administrative enforcement actions.  According to the court, when using it authority under Section 5563 of the CFPA to conduct hearings and adjudication proceedings to enforce a federal consumer financial protection law as to which it has enforcement authority, the CFPB is subject to any limits in such law, such as a SOL.  It stated that “[b]y its terms, then, Section 5563 ties the CFPB’s administrative adjudications to the statutes of limitations of the various federal consumer protection laws it is charged with enforcing.”

RESPA’s SOL provides that “actions brought by the Bureau, the Secretary [of HUD], the Attorney General of any State, or the insurance commissioner of any State may be brought within 3 years from the date of the occurrence of the violation.”  Not only did the court reject the CFPB’s argument that RESPA’s SOL did not apply to administrative enforcement actions, it also rejected the CFPB’s argument that by its terms, RESPA’s three-year SOL was limited to court actions.  The court concluded that the reference to “actions” in RESPA’s SOL includes both CFPB RESPA enforcement actions brought administratively and those brought  in court.

The court’s statement that Section 5563 “ties the CFPB’s administrative adjudications to the statutes of limitations of the various federal consumer protection laws it is charged with enforcing” has implications for attempts by the CFPB to avoid the SOLs of federal consumer financial protection laws other than RESPA.  Indeed, the court specifically noted that the CFPB’s argument that it was not bound by RESPA’s SOL “would extend to all 19 of the consumer protection laws that Congress empowered the CFPB to enforce” and cited to the CFPB’s administrative enforcement action against Integrity Advance, LLC in which the CFPB’s Administrative Law Judge (ALJ) found that the CFPB was not bound by the TILA or EFTA SOLs.  The respondents in that case filed a motion to stay their appeal of the ALJ’s decision and for their case to be remanded to the ALJ for reconsideration in light of the D.C. Circuit’s PHH decision.  The motion was denied by Director Cordray who, in an order issued on October 31, 2016, stated that he “was fully able to address [the respondents’] arguments about the appropriate statute of limitations in this appeal” and that he had “extended the briefing schedule sua sponte to ensure that the parties would have a full opportunity to present arguments on the impact (if any) of the D.C. Circuit’s decision in PHH v. CFPB.”

In addition to the ALJ’s finding in Integrity Advance that the CFPB was not bound by the TILA and EFTA SOLs, the ALJ found that the three-year SOL in Section 5564(g)(1) for actions to enforce the CFPA did not apply to the CFPB’s UDAAP claims. Section 5564(g)(1) provides that “[e]xcept as otherwise permitted by law or equity, no action may be brought under this title more than 3 years after the date of discovery of the violation to which an action relates.”  In rejecting the CFPB’s reading of “actions” in RESPA’s SOL, the D.C. Circuit observed that “[t]he Dodd-Frank Act repeatedly uses the term “action” to encompass court actions and administrative proceedings” and cited to various Dodd-Frank sections as examples.  Assuming the term “action” in Section 5564(g)(1) would similarly be read to encompass court actions and administrative proceedings, the CFPB would be bound by the provision’s three-year SOL, including its discovery rule, when bringing administrative actions to enforce its UDAAP authority.

The implications of the SOL issues for the CFPB’s exercise of its enforcement authority could include the fast-tracking of enforcement matters and greater use of its UDAAP authority for conduct that violates a federal consumer financial protection law with a SOL that is less than 3 years.  We will be watching to see how Director Cordray addresses the respondent’s TILA, EFTA and UDAAP SOL arguments when he rules on Integrity Advance’s appeal.

 

The CFPB announced that, jointly with the New York Attorney General, it has filed a lawsuit in a New York federal court against three companies that purchased consumer debts and two of the companies’ individual principals alleging that the defendants engaged in a “massive illegal debt-collection scheme.”

The complaint alleges that the defendants’ conduct violated the FDCPA, the UDAAP prohibition of the Consumer Financial Protection Act, and various New York laws, including New York’s debt collection and UDAP laws.  The FDCPA and NY state law claims are asserted by only, respectively, the CFPB and NY AG, while the UDAAP claims are asserted by both the CFPB and NY AG.  Under CFPA Section 1042, a state AG is authorized to bring a civil action for a violation of the CFPA UDAAP prohibition. While Section 1042 is not cited in the complaint, presumably the UDAAP claims rely on Section 1042 for the NY AG’s authority.  Although the NY Department of Financial Services has previously relied on Section 1042 to file a lawsuit alleging UDAAP violations, this is the first time we are aware of that the NY AG has relied on Section 1042 to assert UDAAP claims in court.  Several other state AGs have also used Section 1042 to assert UDAAP claims.

Each of the claims alleged in the complaint are asserted against one or more of the defendant companies and both individual principals.  The UDAAP claims allege that the individuals are liable for the companies’ UDAAP violations because they knew or should have known of the companies’ alleged illegal practices.  According to the complaint, the individuals directed the companies’ operations, were aware of a debt seller’s audit that identified illegal practices by the companies, and the companies had received numerous complaints and inquiries from consumers, government agencies and consumer organizations about their collection practices.  With regard to the FDCPA claims, the CFPB alleges that the individuals’ involvement in the companies’ debt collection activities, including their management of staff and approval of the companies’ collection policies and practices, made them “debt collectors” under the FDCPA.

The complaint alleges that the defendants engaged in unlawful conduct that included:

  • Adding $200 to each consumer debt account the companies acquired without regard to whether the addition of such amount was permitted by applicable state law or the underlying contract between the consumer and the original creditor
  • Falsely threatening consumers with legal action they had no intention of taking and impersonating law enforcement officials, government agencies, and court officers, including using call-spoofing technologies to make it appear that collectors were calling from government agencies.

 

On September 15th, the FTC will hold a workshop to examine the testing and evaluation of disclosures that companies make to consumers about advertising claims, privacy practices, and other information.  The FTC’s workshop will explore how to test the effectiveness of these disclosures to ensure consumers notice them, understand them, and can use them in their decision-making.  Companies should incorporate the principles articulated during the workshop by federal regulators such as the FTC and the CFPB into the development of their own consumer disclosures, especially relating to e-commerce and mobile initiatives.

The “Putting Disclosures to the Test” workshop will explore ways to improve the evaluation and testing of consumer disclosures by industry, academics, and the FTC related to:

  • Disclosures in advertising  designed to prevent ads from being deceptive;
  • Privacy-related disclosures, including privacy policies and other mechanisms to inform consumers that they are being tracked; and
  • Disclosures in specific industries designed to prevent deceptive claims.

Among the participants at the workshop will be Heidi Johnson, a research analyst from the CFPB Office of Research, who will present a case study entitled, “Disclosure Research in the Lab and Online.” The CFPB’s Decision Making and Behavioral Studies team is engaged in a strategic initiative to invest in research that explores the factors that influence a disclosure’s efficacy, how to use different methodologies to study disclosure, and the market effects of disclosure. Ms. Johnson’s work as a part of this team has included consumer research on overdraft and other financial products.

On May 11, 2016, the CFPB sued All American Check Cashing, Mid-State Finance and their President and owner Michael E. Gray. It alleged that the Defendants engaged in abusive, deceptive, and unfair conduct in making certain payday loans, failing to refund overpayments on those loans, and cashing consumers’ checks.

The CFPB’s claims are mundane. The most interesting thing about the Complaint is the claim that isn’t there. Defendants allegedly made two-week payday loans to consumers who were paid monthly. They also rolled-over the loans by allowing consumers to take out a new loan to pay off an old one. The Complaint discusses how this practice is prohibited under state law even though it is not germane to the CFPB’s claims (which we discuss below). In its war against tribal lenders, the CFPB has taken the position that certain violations of state law themselves constitute violations of Dodd-Frank’s UDAAP prohibition. Yet the CFPB did not raise a UDAAP claim here based on Defendants’ alleged violation of state law.

This is most likely because of a possible nuance to the CFPB’s position that has not been widely discussed until recently. Jeff Ehrlich, CFPB Deputy Enforcement Director recently discussed this nuance at the PLI Consumer Financial Services Institute in Chicago chaired by Alan Kaplinsky. There, he said that the CFPB only considers state-law violations that render the loans void to constitute violations of Dodd-Frank’s UDAAP prohibitions. The Complaint in the All American Check Cashing case is an example of the CFPB adhering to this policy. Given that the CFPB took a more expansive view of UDAAP in the Cash Call case, it has been unclear how far the CFPB would take its prosecution of state-law violations. This case is one example of the CFPB staying its own hand and adhering to the narrower enforcement of UDAAP that Mr. Ehrlich announced last week.

In the All American Complaint, the CFPB cites an email sent by one of Defendants’ managers. The email contained a cartoon depicting one man pointing a gun at another who was saying “I get paid once a month.” The man with the gun said, “Take the money or die.” This, the CFPB claims, shows how Defendants pressured consumers into taking payday loans they didn’t want. We don’t know whether the email was prepared by a rogue employee who was out of line with company policy. But it nevertheless highlights how important it is for every employee of every company in the CFPB’s jurisdiction to write emails as if CFPB enforcement staff were reading them.

The Complaint also shows how the CFPB uses the testimony of consumers and former employees in its investigations. Several times in the Complaint, the CFPB cites to statements made by consumers and former employees who highlighted alleged problems with Defendants’ business practices. We see this all the time in the many CFPB investigations we handle. That underscores why it is very important for companies within the CFPB’s jurisdiction to be mindful of how they treat consumers and employees. They may be the ones the CFPB relies on for evidence against the subjects of its investigations.

The claims are nothing special and unlikely to significantly impact the state of the law. Although we will keep an eye on how certain defenses that may be available to Defendants play out, as they may be of some interest:

  • The CFPB claims that Defendants abused consumers by actively working to prohibit them from learning how much its check cashing products cost. If that happened, it is certainly a problem. Although, the CFPB acknowledged that Defendants posted signs in its stores disclosing the fees. It will be interesting to see how this impacts the CFPB’s claims. It seems impossible to hide a fact that is posted in plain sight.
  • The CFPB also claims that Defendants deceived consumers, telling them that they could not take their checks elsewhere for cashing without difficulty after they started the process with Defendants. The CFPB claims this was deceptive while at the same time acknowledging that it was true in some cases.
  • Defendants also allegedly deceived consumers by telling them that Defendants’ payday and check cashing services were cheaper than competitors when this was not so according to the CFPB. Whether this is the CFPB making a mountain out of the mole hill of ordinary advertising puffery is yet to be seen.
  • The CFPB claims that Defendants engaged in unfair conduct when it kept consumers’ overpayments on their payday loans and even zeroed-out negative account balances so the overpayments were erased from the system. This last claim, if it is true, will be toughest for Defendants to defend.

Most companies settle claims like this with the CFPB, resulting in a CFPB-drafted consent order and a one-sided view of the facts.  Even though this case involves fairly routine claims, it may nevertheless give the world a rare glimpse into both sides of the issues.

On Thursday, May 11, 2016 in Chicago, I moderated the “CFPB Speaks” panel which was the lead-off panel at the sold-out Practicing Law Institute  21st Annual Consumer Financial Services Institute. The CFPB speakers were:  Jeff Ehrlich, Deputy Assistant Director, Office of Enforcement, Paul Mondor, Managing Counsel, Office of Regulations and Chris Young, Senior Counsel and Chief of Staff, Office of Supervision Policy. My partner, Chris Willis (who is the Practice Group Leader of our firm’s Consumer Financial Services Litigation Group and who has handled a huge volume of CFPB investigations) was one of two industry representatives on the panel.

Jeff Ehrlich attempted to clarify the confusion surrounding the CFPB’s position in the CashCall lawsuit in which the CFPB asserted that longer term installment loans with interest rates that exceed the rate allowed under the law of the state where the borrower resides are also UDAAP violations. Many in the industry read the CashCall complaint as evidence that the CFPB views state usury violations as per se UDAAP violations.

Jeff indicated that the CFPB’s position is that there is a UDAAP violation if a state usury law violation makes a loan void or if state law provides that loans made without a required license are void. If, for example, the state law penalty for violating the state usury law is less draconian (e.g., double the finance charge or overcharge), then the CFPB would not assert that there is also a UDAAP violation.

Jeff’s comments, however, are not fully consistent with the complaint filed by the CFPB against CashCall. Specifically, the complaint asserts that the loans alleged to be UDAAP violations were subject to state laws that “rendered void or limited the consumer’s obligation to repay.” The complaint includes Colorado as a subject state and acknowledges that loans that exceed the usury limit in Colorado and loans originated without a license in Colorado are not void.  Rather, it states that in Colorado, consumers are relieved of the obligation to pay any charge that exceeds the usury limit and are entitled to a refund from the lender or assignee for any excess amount that they paid. It also states that a lender’s or assignee’s failure to obtain a required license removes the consumer’s obligation to pay finance charges to the lender or assignee.

As a result of the inconsistency between Jeff’s statement that there exists a UDAAP violation for a state law violation only when a company seeks to collect a loan that is void under state law and the much broader theory of UDAAP liability in the CashCall complaint itself, confusion continues to exist as to the CFPB’s position on when a state law violation constitutes a UDAAP violation.

The Dodd-Frank Act gave the CFPB authority to regulate “unfair, deceptive, or abusive” acts or practices.  Republican Congressman Blaine Luetkemeyer has introduced the “Unfair or Deceptive Acts or Practices Uniformity Act,” (H.R. 5112), which would remove the CFPB’s authority to regulate abusive acts or practices.

The bill would also prohibit the CFPB from taking any enforcement action to prevent covered persons or service providers from engaging in an unfair or deceptive act or practice (UDAP) unless the CFPB “first consults the covered person or service provider’s primary financial regulatory agency, if any.”  In addition, the bill would require the CFPB, when engaging in UDAP rulemaking, to comply with FTC Act UDAP rulemaking requirements applicable to the FTC.  Those requirements include publishing two notices of proposed rulemaking, meeting a restrictive standard for justifying a new rule, and providing an opportunity for informal hearings.

In his prepared remarks to the Consumer Bankers Association yesterday, Director Cordray attempted to defend the CFPB’s “regulation by enforcement” approach that has been widely criticized by industry.

Director Cordray’s remarks included the surprising acknowledgment that despite indications by his colleagues to the contrary, the reach of CFPB consent orders is not limited to the parties involved.  Rather, Director Cordray indicated that consent orders are intended to have precedential effect for other industry members.  More specifically, he stated that consent orders are “intended as guides to all participants in the marketplace to avoid similar violations and make an immediate effort to correct any such improper practices.”  He called it “compliance malpractice” for companies “not to take careful bearings from the contents of these orders about how to comply with the law and treat consumers fairly.”

Director Cordray asserted that criticism of the CFPB’s approach as “regulation by enforcement” is “badly misplaced.”  He defended the CFPB’s approach as “a thoughtful strategy for how to deploy [the CFPB’s] limited resources most efficiently to protect the public.”  According to Director Cordray, the CFPB’s strategy is one of “working toward a pattern of actions that conveys an intelligible direction to the marketplace, so as to create deterrence that can be readily understood and implemented.”

He also rejected the “suggestion that law enforcement officials should think through and explicitly articulate rules for every eventuality before taking any enforcement actions at all,” stating that such an approach “would lead to paralysis because it simply sets the bar too high.”  According to Director Cordray, “the vast majority of our enforcement actions involve some sort of deception or fraud” and “courts have long noted that trying to craft specific rules to root out fraud or untruth is a hopeless endeavor.”  He observed that because of the impracticality of drafting specific rules, the CFPB strives in consent orders to “meticulously catalogue the facts we have found in our very thorough investigations and set out the legal conclusions that follow from those facts.”

Director Cordray’s comments ignore the reality that consent orders often result from CFPB pressure on targets to settle and, particularly for entities subject to CFPB supervision, a desire to avoid hostile litigation that might damage their ongoing relationship with the CFPB.  (Indeed, consent orders generally state that a company has consented to the order “without admitting or denying any findings of fact, violations of law or regulations” or “without admitting or denying any wrongdoing.”)  Thus, the legal conclusions set forth in a consent order only reflect the CFPB’s unilateral view of the law which a court might reject as incorrect.

Moreover, because they are tied to specific facts, consent orders rarely provide useful guidance for companies with different practices that are seeking to avoid violations.  For example, the CFPB’s enforcement actions against credit card issuers involving the marketing of add-on products (e.g., debt cancellation coverage, identity theft) created tremendous uncertainty among issuers as to the CFPB’s expectations.  This uncertainty caused most card issuers to stop offering these products altogether, a result that is not beneficial to the many consumers who found these products to be very valuable.

In addition, the fact that Dodd-Frank gives gave the CFPB UDAAP rule-writing authority indicates that Congress did not believe drafting rules to address deception or fraud was a “hopeless endeavor.”  Unlike the Administrative Procedure Act (APA) rulemaking process, the use of consent orders to impose industry-wide standards does not allow industry or other stakeholders to provide input nor does it require the CFPB to consider the impact of such standards on an entire industry.

We find it interesting that in defending the CFPB’s use of consent orders to set industry-wide standards, Director Cordray only notes the difficulty in establishing rules “to root out fraud or untruth.”  The CFPB has also entered into consent orders in cases where a company’s practices were alleged to be “unfair” or “abusive.”  For most companies seeking to comply with the CFPB’s expectations, the greatest cause of uncertainty and concern is the absence of clear CFPB guidance for determining whether any of their practices could be deemed “unfair” or “abusive” by the CFPB.

A notable example of the CFPB’s “regulation by enforcement” approach is the series of consent orders it has entered into with auto finance companies to resolve charges that the companies engaged in unlawful discrimination in violation of the ECOA through their auto dealer compensation practices giving dealers discretion to “mark up” interest rates on consumers’ retail installment sale contracts purchased by the companies.  The CFPB’s legal conclusion that such companies violated the ECOA rests on its view that disparate impact claims are cognizable under the ECOA.  Even if a court were to agree with the CFPB’s view, the methodology used by the CFPB to establish disparate impact has been challenged as seriously flawed.  The CFPB’s consent orders in these cases have required the auto finance companies to change their dealer compensation policies so that they conform to the options specified in the consent orders.  The establishment of “rules” for how the entire auto finance industry companies must compensate dealers without using the APA rulemaking process is clearly inappropriate.