Wednesday, November 30, 2016

CFPB Issues Compliance Bulletin as to Incentives in Wake of Wells Fargo Consent Order

In the wake of the Wells Fargo debacle, the CFPB has issued a Compliance Bulletin which addresses employee incentives and the consumer risks associated with them.  CFPB Compliance Bulletins are non-binding general statements of CFPB policy.  The Bulletin notes that while businesses and consumers alike may benefit from the use of incentives when properly implemented and monitored, incentives may also lead to significant consumer harm when effective controls for risk are not in place. 

Key to the Bulletin is the CFPB’s articulation of its vision for an effective compliance management system addressing employee incentives.  While effective compliance management systems are not contemplated to be a one size fits all proposition, they should take into account the risk, nature and significance of the incentive program.  The Bulletin describes an effective compliance management system as generally addressing the following:

  • Board of Directors and Management Oversight.  An effective compliance management system will foster strong customer service and should take into account the following components:
    • Board members and senior management should take into account not only the outcomes their incentive programs seek to achieve but also how they may incentivize outcomes that are harmful to consumers;
    • Board members and senior management should authorize compliance personnel to design and implement compliance management elements which anticipate both intended and unintended outcomes and provide compliance personnel with sufficient resources to do so; and
    • Board members and senior management should foster an environment that empowers employees to report suspected improper behavior.
  • Policies and Procedures. The CFPB notes that policies and procedures regarding incentives should provide:
    • Sales/collection quotas tied to employee incentives should be reasonably attainable and transparent;
    • Clear controls managing the risk inherent in each cycle of a product’s life including marketing, opening of the account, servicing the account and collection of the account;
    • Mechanisms to identify conflicts of interest presented by supervisory employees who are covered by incentives but tasked with monitoring the quality of consumer treatment and satisfaction; and
    • Fair and independent processes for investigating issues of suspected improper behavior.
  • Training.  Training should be implemented and should:
    • Address the institution’s expectations for incentives;
    • Address the institution’s expectations and standards of ethical behavior;
    • Identify and address common risky behaviors;
    • Foster a greater awareness of areas for risk;
    • Educate employees and service providers as to the terms and conditions of the institution’s products and services;
    • Address regulatory and business requirements, including requirements for documenting consent (a point of emphasis in the wake of the Wells Fargo enforcement action)
  • Monitoring.  Overall monitoring systems should track key metrics and outliers that may be indicative of abuse.  Examples provided by the CFPB include:
    • Employee turnover;
    • Employee complaint rates;
    • Analysis of termination statistics for trends and root causes;
    • Spikes or trends in sales associated with an individual, group or product;
    • Financial incentive payouts;
    • Account opening/enrollment statistics by group and individual; and
    • Account closures/product cancellation by group and individual.
  • Corrective Action.  The Compliance Management Systems should provide for the prompt identification and implementation of corrective actions addressing any areas of weakness.  The CFPB expects corrective actions to include:
    • Termination of bad actor employees (including managers) and service providers;
    • Changes in the structures of incentive programs and training of affected employees;
    • Remediation in the form of refunds to affected consumers;
    • Identification, analysis and resolution of root causes of deficiencies; and
    • Escalation to the Board and Senior Management, particularly where there is risk of significant harm to consumers.
  • Consumer Complaint Management Program.  As was noted in the Wells Fargo Order and confirmed by the Bulletin, the CFPB expects institutions to collect and analyze consumer complaints for indicators that incentives are leading to consumer harm or violations of law in order to identify and resolve the root causes of any such issues.
  • Independent Compliance Audit.  The CFPB expects Compliance Management Systems to provide for periodic independent compliance audits.  Institutions’ Compliance Management Systems should therefore:
    • Provide for and schedule audits for all products subject to incentives.  Audits should address incentives and potential consumer risks;
    • Insure audits are conducted independently of both the compliance program and business functions; and
    • Insure all necessary corrective actions are promptly implemented.

Financial institutions who use incentive programs should take some comfort in the fact that the CFPB acknowledges that incentive programs, when properly implemented, may be beneficial to the marketplace.  At the same, time, financial institutions should be aware that incentive programs are being carefully scrutinized.  It is therefore incumbent on financial institutions to carefully review their compliance management programs as to incentive programs.  The level of specificity provided by the CFPB Bulletin suggests that this will likely be the measuring stick used in current and upcoming examinations and that incentive programs will be a point of emphasis by regulators in general.

Monday, November 28, 2016

District Court Opinion Upholds Reasonable Investigation of Credit Dispute

A recent decision out of the Northern District of Georgia serves as a reminder to both consumers and furnishers of information as to the furnisher’s obligation to reasonably investigate a dispute under the federal Fair Credit Reporting Act.  In Taylor v. Georgia Power Company, the consumer disputed the power company’s reporting of her account as delinquent with the consumer reporting agencies (“CRA”).  The consumer submitted a dispute to the CRA disputing that she owed anything to the power company.  The CRA, in turn, passed on the dispute to the power company. 

Under section 1681s-2(b) of the FCRA, upon receipt of the dispute from the CRA, the power company was required to conduct a reasonable investigation of the identified dispute and report the results of its investigation to the CRA.  The power company investigated the dispute based upon the information it had been provided by the consumer and the information it had in its file.  Based upon its investigation, the power company verified the information being reported was accurate.  The consumer filed suit alleging the power company failed to conduct a reasonable investigation. 

The district court granted summary judgment in favor of the power company.  In doing so, the court held that the issue of whether an investigation is reasonable turns on whether the furnisher acquired sufficient evidence to support the conclusion that the information was true.  “A furnisher ‘need not do more than verify that the reported information is consistent with the information in its records’ for an investigation to be reasonable.  Moreover, “the scope of the furnisher’s investigation may be narrow if the plaintiff provides only ‘scant information’ regarding the nature of the dispute.”  Because the consumer failed to provide any information beyond stating that she told an employee of the power company that she did not owe on the account, the power company’s investigation was reasonable when it reviewed all the information in its possession and verified the consumer’s name, birthdate, social security number and the amount owed on the account.

Consumers should take note that the burden to effectively dispute a credit reporting lies with the consumer.   A reasonable investigation can only be based upon information in the possession of the credit furnisher at the time of the dispute.    

Wednesday, November 23, 2016

In the Eyes of the FCC Not All Mortgage Servicers are Created Equal

The FCC recently denied a petition by the Mortgage Bankers Association which requested a limited exemption from the prior express consent provision of the TCPA for mortgage servicing calls.  In doing so, the FCC shown a bright spotlight on the difficulties faced by the financial service industry in complying with a series of consumer protection statutes which are either outdated or present a natural  conflict with each other.  Moreover, the FCC reiterated a message it sent out earlier this year:  not all financial service providers are created equal. 

The Petition

In its petition, the Mortgage Bankers Association (“MBA”) requested a limited exemption from the “prior express consumer” requirements of the TCPA for certain non-telemarketing residential mortgage servicing calls to cellular telephone numbers.  In support of its petition, the MBA noted that creating the exemption would insure that the TCPA does not restrict telephone communications requested by other federal and state laws and regulations.  The MBA also aptly noted that the a statutory exemption from the consent requirements for calls made to cellular numbers has been made for those collecting debts owed or guaranteed by the United States – an exemption which would include the many residential mortgages owed or guaranteed by the United States.  In support of its petition, the MBA highlighted the early intervention contacts required by the Mortgage Servicing Rules, as well as other federal and state entities. The MBA requested that a limited exemption be provided for free-to-the-end-user mortgage servicing calls which include “all communications, related to the receipt and application of payments pursuant to the terms of any loan or security agreement, execution of other rights and obligations owed under the loan or security agreement, the modification of any terms of the loan or security agreement, and any other loss mitigation options.”  The MBA further suggested a number of required guidelines for such calls including that they be limited in duration and not including any telemarketing, cross-marketing or solicitation.

The FCC Order Denying the Petition

The FCC denied the petition outright, finding that the MBA has not shown the exempted calls would be free of charge to called parties and that the “public interest in, and the need for the timely delivery of, the calls described by MBA do not justify setting aside the privacy interests of called parties.”  The FCC distinguished the MBA’s requested exemption from those previously provided to certain healthcare and financial calls because the MBA has not established a need for immediate communication. The FCC also found that mortgage servicers have other means to contact customers other than “robocalls.”

Wednesday, November 16, 2016

District Court Refuses to Punish Debt Collector for Accurately Disclosing FDCPA Rights to a Consumer

A New York district court recently dismissed an FDCPA putative class action attempting to penalize a collection agency for disclosing the FDCPA’s cease and desist requirements to a consumer.  Illobre v. Fin. Recovery Servs., 2016 U.S. Dist. LEXIS 153525, 16 CV 452 (S.D.N.Y. Nov. 3, 2016).  The demand letter in question accurately provided the consumer with its Validation Notice under 15 U.S.C. §1692g(a) on the front of the letter.  The back of the letter additionally contained a paragraph under a “NOTICE TO ALL CONSUMERS” which provided as follows:

“You can stop us from contacting you by writing a letter to us that tells us to stop contact or that you refuse to pay the debt.  Sending such a letter does not make the letter go away if you owe it.  Once we receive your letter, we may not contact you again, except to let you know that there won’t be any more contact or that we intend to take a specific action.”

Illobre at *3-4. 

The consumer filed suit contending that the inclusion of the additional language as to cease and desist rights with the validation notice violated both sections 1692e and 1692g because it was confusing to the consumer and overshadowed and contradicted the validation notice.  Section 1692c(c) provides:

If a consumer notifies a debt collector in writing that the consumer refuses to pay a debt or that the consumer wishes the debt collector to cease further communication with the consumer, the debt collector shall not communicate further with the consumer with respect to such debt, except—

(1)  to advise the consumer that the debt collector’s further efforts are being terminated;

(2)  to notify the consumer that the debt collector or creditor may invoke specified remedies which are ordinarily invoked by such debt collector or creditor; or

(3) where applicable, to notify the consumer that the debt collector or creditor intends to invoke a specified remedy.

If such notice from the consumer is made by mail, notification shall be complete upon receipt.

15 U.S.C. §1692c(c).

In granting the collection agency’s motion to dismiss, the court made short order of the consumer’s position noting that the FDCPA “does not aid plaintiffs whose claims are based on bizarre or idiosyncratic interpretations of collection notices.”  Illobre at *7.  The court’s review of the collection letter noted that the validation notice fully recited the requirements of 1692g(a) and accurately summarized the consumer’s rights as 1692c(c).  The court concluded that a reasonable unsophisticated consumer would understand that the notices were distinct disclosures explaining separate and distinct rights.   

The court was also dismissive of the consumer’s nonsensical argument that the debt collector somehow violated the FDCPA by advising the consumer of its rights under the FDCPA.  The consumer contended that the FDCPA does not require the debt collector to disclose to the consumer the communication rights found in Section 1692c(c) and Congress did not intend for this information to be disclosed to a consumer.  The consumer therefore argued that by making the disclosures, the debt collector violated the FDCPA.  As aptly pointed out by the collection agency, however, “[i]t is difficult to imagine Congress enacting a statute for the purpose of providing rights to protect consumers, but not intending that those right be disclosed to the individuals the statute was enacted to protect.” Illobre v. Financial Recovery Services, Inc., 16 CV 452 {S.D.N.Y. Nov. 3, 2016) at Dkt No. 13, p. 10.  The court “decline[d] to construe the FDCPA, a consumer protection statute, in such a way that prohibits or discourages debt collectors from sensible and accurately informing consumers of their rights.”  Illobre at *12.

Monday, November 14, 2016

CFPB Supervisory Highlights: A Mixed Bag for Debt Collectors

The CFPB’s Fall Supervisory Highlights contains a mixed bag for debt collectors.  As you may recall, the Report highlights examinations that were conducted between May and August 2016 and provides a high level summary of the key findings made by the CFPB and the current emphasis of examiners.  Debt collection appears to be back as a point of emphasis for examiners.  The Report makes the following observations which should be heeded by debt collectors:

  • CONVENIENCE FEES. Convenience fees continue to be a theme carried over from the Summer Supervisory Highlights.  The CFPB again noted in one or more examinations, the CFPB observed one or more debt collectors charging unauthorized convenience fees to process payments by phone or online.
  • INADEQUATE CALL PROCEDURES.  The Report notes that weak Compliance Management Systems attributed to a number of concerns with communications both between the debt collector and the consumer and the debt collector and a third party. While noting these deficiencies, the Report also offered praise for those debt collectors who had “well-established, formal compliance program[s] that met CFPB’s supervisory expectations”, particularly those who used scripts to improve adherence to compliance policies and regularly monitored script adherence. The following deficiencies are highlighted:
    • In one or more examinations, examiners identified collection calls in which the debt collector made false representations regarding the impact that the debt or payment of the debt may have on a consumer’s creditworthiness;
    • The CFPB noted deficiencies with the practices of one or more examined entities concerning third party communications.  Specifically, the Report notes that in one or more examinations, collectors disclosed the debt to third parties, disclosed their employer to third parties without first being asked.

  • COMPLIANCE WITH THE FCRA. The Report also noted issues with compliance with Regulation V and the FCRA, continuing a theme raised in the Summer Supervisory Highlights. 
    • Specifically, the Report notes that entities are still struggling with differentiating FCRA disputes from general consumer inquiries, complaints and debt validation requests.  To that end, Supervision directed one or more entities to develop and implement reasonable policies and procedures and establish training to ensure FCRA disputes are appropriately logged, categorized and resolved. 
    • Along similar lines, the Report noted inadequate dispute resolution policies and procedures at one or more examined entities. The Report noted that one or more debt collectors never investigated indirect disputes that either lacked detail or were not accompanied by documentation with relevant information. 
    • The Report also notes concerns with direct disputes.  Regulation V requires that furnishers provide consumers with a notice of determination if a dispute is determined to be frivolous.  In one or more examinations, the examiners noted that the notices failed to advise the consumers of what additional information was needed for the collector to complete its investigation.
  • REGULATION E.  The examiners also noted deficiencies with one or more entities compliance with Regulation E.  Specifically,
    • Examiners found that one or more debt collectors failed to provide consumers with the requisite copies of the terms of the authorization, either electronically or in paper form; and
    • Examiners also found that one or more debt collectors who did provide notice, sent deficient notices that failed to describe the recurring nature of the preauthorized transfers from the consumer’s account.

The Report reflects that examiners are now focusing on issues aside from compliance with the FDCPA.  Compliance officers need to take a comprehensive look at their policies and procedures and insure their compliance management systems are reflective of compliance with all applicable consumer financial laws which impact their operations.


Saturday, November 12, 2016

CFPB Supervisory Highlights: Auto Loan Servicers Should Re-Examine their Repossession Fee Policies

Auto loan servicers need to pay careful attention to their repossession practices and particularly, their policies concerning repossession fees. The clear message from the CFPB’s Supervisory Highlights is that examiners are focused on repossession activities, “including whether property is being improperly withheld from consumers, what fees are charged, how they are charged, and the context of how consumers are being treated to determine whether the practices are lawful.” Supervisory Highlights, p. 6 (Issue 13, Fall 2016).

The Report makes clear that the CFPB’s position is that it is an unfair practice to detain or refuse to return personal property found in a repossessed vehicle where the consumer requests return of the property.  Similarly, it is an unfair practice to detain or refuse to return personal property until the consumer pays a fee. According to the CFPB, even when the consumer agreements and state law may support the imposition of a fee, there are no circumstances in which it is “lawful to refuse to return the property until after the fee…[is] paid, instead of simply adding the fee to the borrower’s balance as companies do with other repossession fees.” Id.    The Report also noted that in one or more examination, companies engaged in an unfair practice by charging a borrower for a storage fee for personal property found in the repossessed vehicle when the consumer agreement disclosed that the property would be stored, but not that a fee would be imposes for doing so.

Auto loan servicers need to examine their policies and procedures regarding their repossession practices to insure they are in line with the CFPB expectations.  Additionally, auto loan servicers should monitor their third party vendors’ practices for compliance with the CFPB examinations and make any adjustments necessary as to repossession fees.

Friday, November 11, 2016

CFPB Supervisory Highlights: It’s all about the Compliance Management System

The CFPB published its Fall Supervisory Highlights last week, highlighting its examination observations across various financial products for examinations conducted between May and August 2016.  The Report highlights key findings made by the CFPB and provides insight into the current focus of the examiners.  The current edition of Highlights reveals a heavy focus on compliance management systems across product types. Because of the volume of information in the Report, we will break down the Report over several blog posts in the coming week. 

There’s a country song that says “it’s all about that bass”.  In the case of regulatory compliance, it’s all about that compliance management system.   Nowhere is that more evident than in this issue of the CFPB’s Supervisory Highlights.  Throughout the report, the CFPB highlights and defines what constitutes a strong compliance management system (“CMS”) and what does not.  It is clear that the CFPB is honing in on a theme which has become prevalent throughout many of its enforcement actions: “beneficial practices centered on good compliance management systems” go a long way.

To that end, the Report provides insight into what constitutes a strong CMS. Particularly, the Reports singles out the qualities of strong compliance management systems in automobile finance, debt collection, mortgage and fair lending.  Generally, what constitutes a compliance management system is dependent upon the size of the business, its risk profile and its operational complexity.   The Report noted, however, that that a strong compliance management system generally reflects:

  • Strong and active boards and management oversight.  The Report set forth the expectation that boards and management:
    • Demonstrate clear expectations about compliance;
    • Have an adequate compliance audit program;
    • Adopt clear policy statements regarding consumer compliance; and
    • Ensure that compliance-related issues are raised to the board of directors or management.
  • Policies and procedures to address compliance with all applicable consumer financial laws relating to the product;
  • Current and complete compliance training designed to reinforce policies and procedures that is tailored to job functions and updated as needed;
  • Adaptive internal controls and monitoring processes which provide for timely corrective actions where appropriate;
  • Policies and procedures setting forth clear expectations for timely handling and resolution of complaints;
  • Processes for appropriately escalating and resolving consumer complaints including analysis for root causes, patterns or trends;
  • Processes for escalating identified violation trends to management for proposed changes to policies and procedures;
  • Comprehensive audit programs that are independent of the compliance program and business functions; and
  • Strong oversight of service providers commensurate with the risk and complexity of the processes or services provided.

Institutions need to view their compliance management system as part of an eco-system that is always changing.  Compliance management systems should be reviewed on an ongoing basis and remain adaptive.  While a strong compliance management system may not prevent violations and regulatory irregularities, it certainly can mitigate the damage and the most recent Supervisory Highlights makes clear that the CFPB continues to make them a point of emphasis.

Wednesday, November 2, 2016

CFPB Amends its Vendor Management Guidance

The CFPB has amended its guidance on vendor management. According to the CFPB, the amendment was necessary to “clarify that the depth and formality of the risk management program for service vendors may vary depending upon the service being performed – its size, scope, complexity, importance and potential for consumer harm.”  CFPB Bulletin 2016-02.  The Bulletin, like its 2012 predecessor, makes clear that the supervised entities are responsible with their service providers for their service providers’ compliance with federal consumer financial laws. “While due diligence does not provide a shield against liability for actions by the service provider, it could help reduce the risk that the service provider will commit violations for which the supervised bank or nonbank may be liable...”  


The Bulletin set forth a number of nonexclusive steps it expects covered institutions to take in managing their service providers:


  • Doing due diligence to insure their service providers understand and are capable of complying with applicable consumer financial laws;
  • Requesting and reviewing their service providers’ policies, procedures, internal controls, and training materials to insure their service providers are providing adequate training and oversight to insure compliance with applicable consumer financial laws;
  • Providing contractual provisions in their vendor agreements that provide clear expectations of compliance, as well as appropriate and enforceable consequences for any failure to comply;
  • Insuring that service providers are prohibited from unfair, deceptive or abusive acts or practices, as well as violations of specific federal consumer financial laws;
  • Establishing internal controls and on-going audits and examinations of service providers to insure their continued compliance; and
  • Taking prompt action to address problems identified through the monitoring process, including termination of relationships, if appropriate.


Moreover, the Bulletin makes clear that the CFPB takes the position that it has supervisory and enforcement authority over bank and nonbank supervised service providers and “will exercise the full extent of its supervisory authority over supervised service providers, including its authority to examine for compliance with Title X’s prohibition on unfair, deceptive, or abusive acts or practices.”  Service providers and supervised entities alike can expect the CFPB to expand its enforcement net to include entities which are not otherwise covered by the CFPB. 


Supervised entities should review their vendor management policies and shore up any weaknesses in their compliance management systems with respect to their vendor management relationships.  Service providers, meanwhile, should be reviewing their own policies and procedures to insure compliance with all applicable consumer financial laws.  Both supervised entities and service providers should review the CFPB’s Supervision and Examination Manual: Compliance Management Review andUnfair, Deceptive and Abusive Acts or Practices.