August 19, 2022
CFPB Bites of the Month - August Top 10
In this month's Top 10 article, we share some of our top "bites" for the prior month covered during the August 17, 2022 webinar.
So, what happened last month?
Bite #10 - Extra Bite: Global payments company plans to appeal deception ruling
In a decision on August 9th, the Federal District Court for the Northern District of Georgia granted the FTC's motion for a summary judgment in a case involving a multinational payments company and its CEO. According to the FTC, the payments company claimed that its business customers would save on costs, but have not saved as promised by using the company's cards. The company has stated that it strongly disagrees with the ruling as to liability and plans to appeal the judgment. The court denied the FTC's claim for monetary relief.
Bite #9: CFPB analyzed the impact of credit reporting changes for medical debt
On July 27th, the Consumer Financial Protection Bureau (CFPB) published an analysis addressing changes made by the nationwide consumer reporting agencies that will affect people with unpaid medical debt. Specifically, starting in 2023, medical collection trade lines in amounts less than $500 will no longer be reported on consumer credit reports. However, according to the CFPB, almost half of all consumers with medical collections on their credit report will continue to see them after changes fully go into effect next year. The CFPB also indicated that consumers living in northern and eastern states are more likely to benefit from the changes.
Bite #8: The CFPB issued a report on innovations in payments, including BNPL
On August 4th, the CFPB issued a report addressing emerging payment systems and their capacity to harvest user data. The report addressed the growing presence of Buy Now, Pay Later (BNPL) offerings, embedded commerce, and integrated "super apps." According to the CFPB, these technologies have "the potential to streamline payments, facilitate commerce, and improve the user experience." But, the CFPB cautioned that they can "create more opportunities for companies to aggregate and monetize consumer financial data, and for large players to dominate consumers' financial and commercial lives." The CFPB also warned that "while a range of payment capabilities create more options for consumers, varying regulatory requirements may risk regulatory arbitrage." The CFPB concluded the report by noting that it will be proposing rules on "financial data rights," assessing BNPL to decide whether regulatory interventions are appropriate, and evaluating ways to protect consumers in real-time payments.
Bite #7: CFPB and DOJ issued a caution about servicemember protections
On July 29th, the Department of Justice (DOJ) and the CFPB issued a joint letter reminding auto finance companies about legal protections for military families under the Servicemembers Civil Relief Act. The letter addressed wrongful repossessions, penalties for termination, and interest rate benefits. The letter reminded auto companies that they have the burden to identify whether borrowers are protected from repossession, and included links to the Department of Defense website to verify a borrower's military status, along with information about the DOJ's Servicemembers and Veterans Initiative, and the CFPB's Office of Servicemember Affairs.
Bite #6: CFPB issued a circular about data security practices
On August 11th, the CFPB issued a circular reminding regulators that financial companies violate federal law when they fail to safeguard consumer data. The circular provides guidance to other regulators, describing examples of circumstances in which organizations can be held liable for data security protocols. According to the circular, liability can arise for failing to implement multi-factor authentication, inadequate password management, and failing to update software in a timely manner.
Bite #5: Behavioral targeting of individual consumers can create liability
On August 10th, the CFPB issued an interpretive rule and Director Rohit Chopra gave a related speech to the National Association of Attorney General. The interpretive rule and speech addressed digital marketing by big tech firms. According to the CFPB, digital marketers are not exempt from the Consumer Financial Protection Act and can be liable for "unfair, deceptive, or abusive acts." According to the interpretive rule, digital marketers provide material services to financial firms and are subject to consumer protection enforcement. As service providers, they are liable for violations of consumer protection laws.
Bite #4: CFPB required a savings app to pay $2.7 Million
On August 10th, the CFPB issued a consent order against a financial technology company that the CFPB alleges used a faulty algorithm resulting in overdrafts and overdraft penalties for consumers. The company offered an application that was promoted as a way to save people money. But, according to the CFPB, the company falsely guaranteed no overdraft charges, broke its promises to correct its mistakes, and pocketed a portion of the interest that should have gone to consumers. The order requires the company to pay redress to consumers and pay a civil money penalty of $2.7 million to the CFPB.
Bite #3: Consent order requires an auto company to pay $19.2 Million
On July 26th, the CFPB issued a consent order and fined an automotive company's financing arm $19.2 million to resolve the CFPB's claims that the company submitted inaccurate credit information about consumers. The CFPB claims that the company provided credit bureaus with "inaccurate account information" about consumer payment history. The consent order requires the auto company to take steps to prevent future violations, pay $13,200,000 in redress to consumers, and a $6,000,000 civil money penalty. The auto company consented to the settlement without admitting to the substantive findings of fact or conclusions of law.
Bite #2: Mortgage company to pay more than $22 Million
On July 27th, the CFPB and DOJ filed a complaint and proposed settlement order to resolve allegations against a mortgage originator. The CFPB and DOJ allege that the company engaged in unlawful discrimination on the basis of race, color, or national origin against applicants and prospective applicants, including by (i) redlining majority-minority neighborhoods in the Philadelphia Metropolitan Statistical Area and (ii) discouraging prospective applicants from applying for credit in violation of the Equal Credit Opportunity Act, Regulation B, and the Consumer Financial Protection Act. The DOJ also alleges that the mortgage company violated the Fair Housing Act.
According to the CFPB's complaint, the company's loan officers sent and received emails containing racial slurs and racist content. The company also allegedly avoided sending loan officers to market in majority-minority neighborhoods, and developed marketing that discouraged and ignored minority mortgage loan applicants.
If a court approves the proposed consent order, then the company will be required to invest $18.4 million in a loan subsidy program under which the mortgage company will contract with a lender to increase the credit extended in majority-minority neighborhoods in the Philadelphia MSA and make loans under the loan subsidy fund. That lender must also maintain at least four licensed branch locations in majority-minority neighborhoods in the Philadelphia MSA. The company would also be required to fund targeted advertising to generate applications for credit from qualified consumers in majority-minority neighborhoods in the Philadelphia MSA and take other remedial steps to serve the credit needs of majority-minority neighborhoods in the Philadelphia MSA. The company would also be required to pay a civil money penalty of $4 million.
Bite #1: CFPB fined a national bank $37.5 million for alleged sham accounts
On July 28th, the CFPB issued a consent order against a large national bank for allegedly accessing credit reports and opening various accounts without permission in violation of the Fair Credit Reporting Act, Truth in Lending Act, and the Truth in Savings Act. The CFPB claims that the bank incentivized its employees to meet sales goals, thereby pressuring them to misuse customer information. As a result, the bank will be required to forfeit and return related fees and costs to customers, plus pay a $37.5 million penalty to the CFPB.