Alston & Bird Consumer Finance Blog

Consumer Financial Protection Bureau (CFPB)

Will the CFPB find its Voice on “Abusiveness”?

By

On June 25, the Consumer Financial Protection Bureau (“CFPB” or the “Bureau”) kicked off its symposia series with a panel discussion of whether the Bureau should use its rulemaking authority to further define “abusive acts or practices.”  The Dodd-Frank Act added a prohibition on abusive acts and practices to the established prohibition on unfair acts and practices, changing the acronym UDAP to UDAAP.  Over the years Federal Trade Commission (“FTC”) policy statements, enforcement actions, and judicial precedents have defined the prohibitions on “unfair” and “deceptive” conduct.  The abusiveness standard is less developed.

What is “abusive”?

The Dodd-Frank Act makes it unlawful for any covered person or service provider to engage in an “abusive act or practice,” which is one that:

  • materially interferes with the ability of a consumer to understand a term or condition of a consumer financial product or service; or
  • takes unreasonable advantage of -(A) a lack of understanding on the part of the consumer of the material risks, costs, or conditions of the product or service;(B) the inability of the consumer to protect the interests of the consumer in selecting or using a consumer financial product or service; or(C) the reasonable reliance by the consumer on a covered person to act in the interests of the consumer.

Symposium discussion

 The Bureau convened a panel of academics and regulatory and industry experts who debated:

Should the CFPB define abusiveness?

Only one panelist argued that the Bureau doesn’t have rulemaking authority, despite the express authority granted by the Dodd-Frank Act.  Most agreed that further guidance would be helpful.

Is now the time to further define abusiveness?

While most agreed that further guidance would be helpful, there was much disagreement on whether the CFPB should be the one to issue such guidance. Some participants argued that because the Bureau cannot anticipate the types of problems to address, it should follow the FTC’s example and develop the definition over time through the common law process.  To that end, one panelist cautioned that the Bureau should be careful to not tie its hands too prematurely. By contrast, others argued strongly for the need for guidance that provides boundaries and limiting principles. Legal and compliance professionals require such guidance to facilitate compliance and to provide direction to their companies.  One panelist argued that the Bureau’s current “know it when you see it approach” would be better served with concrete examples.

What form should guidance take? 

Recognizing that promulgating a rule would be a long process, some argued an industry specific no-action letter, or even a discussion in the Bureau’s supervisory highlights, would be appropriate.  Other panelists want more permanence and advocated for a policy statement as a measured next step.

What does abusiveness mean? 

Here, there was a healthy debate.  The panelists considered questions including:

  • Does the abusiveness standard preclude a cost benefit analysis?
  • Should abusiveness be tied to suitability of product rather than reasonableness of the consumer?  Should the definition be tied to specific industries?
  • Is it an individualized inquiry focusing on “a consumer”?
  • Should we look for guidance at the SEC 10(b)(5) rule, or to the laws of other countries (such as Australia), or strictly follow the statutory language?
  • What does behavioral economics tell us?
  • Should abusiveness be defined by example?
  • Is abusive completely separate from unfair or deceptive or is there overlap?

To the last point, the CFPB exam manual provides that “[a]lthough abusive acts also may be unfair or deceptive, examiners should be aware that the legal standards for abusive, unfair and deceptive are each separate.”

What comes next?

What the Bureau will do with the information gathered during the symposium is not clear.    We do know that the CFPB is planning on holding more symposia.  Specifically, the Bureau has announced that future topics will include small business loan data collection, disparate impact and ECOA, cost benefit analysis, and consumer authority for financial data sharing.

New York DFS Unveils Two New Divisions Focused on Consumer Protection, Financial Enforcement and Cybersecurity

By

New York State’s Department of Financial Services (DFS) recently unveiled two new divisions with broad enforcement authority focused on consumer protection, financial enforcement, and cybersecurity.  Financial service providers should take note as New York and other states continue to shore up their enforcement capabilities.

Consumer Protection & Financial Enforcement

DFS’ highly touted Consumer Protection and Financial Enforcement (“CPFE”) division was launched on April 29, 2019.  The CPFE’s debut marks the latest DFS action to solidify the Department’s position as “a leader in financial services regulation.”

Heralded by acting Superintendent Linda Lacewell as a “powerhouse”, the CPFE is tasked with broad responsibility, specifically: (1) protecting and educating consumers; (2) combating consumer fraud; (3) ensuring that DFS-regulated entities serve the public in compliance with state and federal law; (4) developing investigative leads and intelligence in the banking, insurance, and financial services arenas, with a particular focus on cybersecurity events; and (5) developing and directing supervisory, regulatory and enforcement policy regarding financial crimes.

The Department created its new mega group by merging its enforcement operation with the division which conducts DFS’ civil and criminal investigations (formerly known as the Financial Frauds and Consumer Protection or “FFCP”).  The CPFE’s creation follows DFS’ pronouncement last year that it was prepared to step in to “fill voids” in areas where consumer and market protections are rolled back on the federal level.  The announcement also follows the news that the Consumer Finance Protection Bureau (“CFPB”) will adjust its focus from enforcement to “preventing harm”.  The Bureau’s shift in approach was announced by Kathleen L. Kraninger during her first policy address as the CFPB’s new Director on April 17, 2019.  Director Kraninger expressed the “hope that our emphasis on prevention will mean that we need our enforcement tool less often.”

The CPFE division will be headed by Katherine A. Lemire, who is expected to draw upon her decade of prosecutorial experience at the federal (Assistant United States Attorney in the Southern District of New York) and state (Assistant District Attorney in the New York County District Attorney’s Office) levels.  During her time in the Manhattan U.S. Attorney’s office, Ms. Lemire’s work included the prosecution of disgraced political donor Norman Hsu – sentenced to over 24 years in prison – and the corruption conviction of City Council Member Miguel Martinez.  Referred to by the NY Daily News as a “legal Howitzer,” Ms. Lemire also served as special counsel to then-NYPD Commissioner Raymond Kelly.

Upon entering the private sector, Ms. Lemire founded an international compliance and investigative services firm.  As part of a 2017 roundtable discussion on “How to Conduct Internal Investigations Efficiently and Effectively,” the new CPFE head shared the following insights on effectively working with government investigators to “narrow the scope” of subpoena requests in order to minimize client costs and business disruption:

Remember that prosecutors are people too … they can be reasonable. If confronted with a very broad subpoena seeking, for example, a large swath of documents over the course of years, it may make sense to call the prosecutor and find out whether you may narrow the scope of responsive documents. Often, prosecutors will provide specifics regarding the target of the investigation, and work with you to produce documents in a time-efficient manner. Prosecutors typically have investigative priorities, and if you can provide a proposed schedule for document/materials production, they will often work with you so that they can get what they need the most in a rapid fashion. Relatedly, you may be able to spare yourself producing materials that are not within the actual scope of materials needed. While they are the “expert” in the investigation, you are the “expert” in your business — prosecutors may be asking for materials they do not actually need, and with some education from you, you may be able to narrow the scope of the investigation.

The unveiling of its new “mini CFPB” marks yet another recent DFS milestone, highlights of which include over three billion dollars in fines imposed as a result of investigations into foreign exchange trade rigging, and the issuance of “whistleblower” guidance to all DFS-regulated entities.  The whistleblower guidance is especially significant in light of the Department’s position that “a robust whistleblowing program is an essential element of a comprehensive compliance program for regulated financial service companies”.  And, while not intended to provide a “one size fits all” model, the guidance sets forth ten “important principles and practices” of an “effective whistleblowing program”:

  • Whistleblower reporting channels are independent, well-publicized, easy to access, and consistent;
  • Strong protections to guard whistleblower anonymity;
  • Procedures to identify and manage potential conflicts of interest;
  • Adequate staff training on how to receive and act upon whistleblower complaints, as well as manage investigations, referrals and escalations;
  • Procedures to investigate allegations of wrongdoing;
  • Procedures to ensure valid complaints are followed-up appropriately;
  • Protections against whistleblower retaliation;
  • Confidential process;
  • Appropriate internal and external oversight of the whistleblowing function; and
  • Culture of top-down support for the whistleblowing function.

Cybersecurity

On May 22, 2019 the Department launched a new Cybersecurity division, advertised as the “first of its kind at a banking or insurance regulator” which will focus on “protecting consumers and industries from cyber threats.”  The emergence of DFS’ new Cybersecurity division follows the Department’s signature enactment, its 2018 cybersecurity law (23 NYCRR 500) upon which the FTC has “primarily based” its latest proposed information security program requirements.  The new division’s emergence “builds upon DFS’ nation-leading efforts to protect consumers and financial markers from cyberattacks” and also follows the March 1, 2019 deadline by which all DFS-regulated institutions were required to submit comprehensive risk-based cybersecurity programs for protecting consumer’s private data.

Justin Herring will head the new Cybersecurity division, joining DFS from the New Jersey U.S. Attorney’s Office where he served as Chief of the Cyber Crimes Unit and also worked as a member of the U.S. Attorney’s Economic Crimes Unit.  The DFS signaled its intention to continue its efforts to combat cybercrime by “hiring additional experts as necessary,” in addition to utilizing and developing its personnel’s existing subject-matter expertise.

According to the DFS’ announcement, the role of the new Cybersecurity division will be to “enforce the Department’s cybersecurity regulations, advise on cybersecurity examinations, issue guidance on DFS’ cybersecurity regulations, and conduct cyber-related investigations in coordination with the Consumer Protection and Enforcement Division.”

Ninth Circuit Finds CFPB’s Structure Constitutional

By

The Ninth Circuit last week affirmed a district court’s ruling upholding the constitutionality of the structure of the Consumer Financial Protection Bureau (“CFPB”). The case stems from a CFPB investigation into whether Seila Law LLC, a firm that provides debt-relief and other services, violated the Telemarketing Sales Rule. Seila Law had refused to comply with a CID it received from the CFPB. The district court granted the CFPB’s petition for enforcement, and the Ninth Circuit rejected both of Seila Law’s challenges to the district court order.

First, the Ninth Circuit followed in the footsteps of PHH Corp. v. CFPB, 881 F.3d 75 (D.C. Cir. 2018) in holding that the CFPB’s structure is constitutional. Seila Law had argued that the structure violates the separation of powers because the director of the CFPB has executive power but can only be removed by the president for cause. The Ninth Circuit acknowledged that the CFPB director does have “substantial executive power,” but it concluded that the structure is constitutional, based on Supreme Court precedent in Humphrey’s Executor v. United States, 295 U.S. 602 (1935), and Morrison v. Olson, 487 U.S. 654 (1988).

Humphrey’s Executor involved a separation of powers challenge to the Federal Trade Commission (“FTC”), which has commissioners who can only be removed for cause. The Supreme Court rejected the challenge to the agency’s structure because the agency exercises not just executive powers, but also quasi-judicial and quasi-legislative powers. The Supreme Court reasoned Congress was allowed to decide “’in creating quasi-legislative or quasi-judicial agencies, to require them to act in discharge of their duties independently of executive control.’” CFPB v. Seila Law LLC, No. 17-56324, 2019 U.S. App. LEXIS 13460, at *6 (9th Cir. May 6, 2019) (quoting Humphrey’s Executor, 295 U.S. at 629). Likewise, the Ninth Circuit noted that the CFPB exercises quasi-judicial and quasi-legislative functions, and it acts as a financial regulator. The Ninth Circuit found applicable Humphrey’s Executor holding that the for-cause removal clause “was a permissible means of ensuring that the FTC’s Commissioners would ‘maintain an attitude of independence’ from the President’s control.” Id. (quoting Humphrey’s Executor, 295 U.S. at 629).

The Ninth Circuit recognized that the CFPB has more executive power than the FTC did at the time of the Humphrey’s Executor decision, and it relied on Morrison to support its view that the current state of the FTC, which now has more expansive executive powers, “has not undermined the constitutionality of the FTC.” Seila Law, 2019 U.S. App. LEXIS 13460, at *7. The Court also reasoned that the fact the CFPB has one director and the FTC has five commissioners does not change its analysis because, “[a]s the PHH Corp. majority noted, if an agency’s leadership is protected by a for-cause removal restriction, the President can arguably exert more effective control over the agency if it is headed by a single individual rather than a multi-member body.” Id. at *9.

The Court concluded that Humphrey’s Executor and Morrison “indicate that the for-cause removal restriction protecting the CFPB’s Director does not ‘impede the President’s ability to perform his constitutional duty’ to ensure that the laws are faithfully executed.” Id. (citing Morrison, 487 U.S. at 691).

Separately, the Court rejected Seila Law’s argument that the CFPB did not have the statutory authority to issue the CID.

This ruling avoids a circuit split with the D.C. Circuit on the issue of the CFPB’s constitutionality. The same issue is on appeal before Second and Fifth Circuits.

Alston & Bird Publishes Article in “Mortgage Compliance Magazine” Addressing Key Debt Collection Challenges Raised Under the Fair Debt Collection Practices Act as a Major Focus for Industry in 2019

By

In February 2019, Alston & Bird Partner Nanci Weissgold and Senior Associate Anoush Garakani, wrote an article published in “Mortgage Compliance Magazine,” in anticipation of the Consumer Financial Protection Bureau’s (“CFPB”) recent Proposed Rule implementing the FDCPA.  The article brings to the attention of the mortgage servicing industry the complex issues faced when applying the Fair Debt Collection Practices Act (“FDCPA”) to modern debt collection practices and the labyrinth of additional requirements created by state collection agency laws.

The article explores updates on recent court cases addressing the scope of the federal FDCPA as well as a refresher on state collection agency laws.  The article highlights the inconsistent state collection agency laws across the country and discusses several important questions that mortgage servicers should consider in applying these laws to their mortgage servicing activities.

The article can be found here on our website.

Alston & Bird Issues Client Advisory on First-Known Decision Rendered by U.S. District Court, S. D. of Ohio (Eastern Division) Challenging CFPB’s ATR/QM Standards Favors Mortgage Industry

By

Alston & Bird Issues Client Advisory on First-Known Decision Rendered by U.S. District Court, S. D. of Ohio (Eastern Division) Challenging CFPB’s ATR/QM Standards Favors Mortgage Industry

On April 24, 2019, Alston & Bird Partner Stephen Ornstein issued a Client Advisory to inform clients of an apparent case of first impression decided by the U.S. District Court for the Southern District of Ohio (the “Court”), which rejected a consumer’s ability-to-repay defense that was raised in an attempt to prevent foreclosure of the consumer’s home.

The Client Advisory summarizes the Court’s decision in G. Ralph Elliott v. First Federal Community Bank: Bank of Bucyrus (Case No. 2:17-CV-42), decided on March 26, 2019, and notes that this case is instructive because, up to this point, there had been no defining judicial precedent interpreting the ability-to-repay/qualified mortgage (“ATR/QM”) regulations promulgated by the CFPB and effective as of January 10, 2014.  In Elliott, the Court upheld the Defendant Bank’s determination made using the ATR/QM standards.  The Plaintiff alleged that the Defendant Bank violated the Truth in Lending Act by failing to make “a reasonable and good faith determination based on verified and documented information” that the Plaintiff had a “reasonable ability to repay the loan.”  The Court ultimately granted the Defendant Bank’s motion for summary judgment because it found that “there can be no genuine dispute of material fact that the Bank acted in compliance with their statutory obligations” as required by 15 U.S.C. § 1639c(a)(1).

The Client Advisory highlights that the essence of the court’s ruling was that, before making the loan, the Defendant Bank possessed ample evidence to document both that the loan met the CFPB’s qualified mortgage criteria and that the plaintiff had the ability to make the monthly mortgage payments. The CFPB regulations require that lenders make these ATR/QM determinations before or at loan consummation.  Therefore, lenders are not required to anticipate—or be held responsible for—unforeseen events occurring after consummation that adversely impact their initial underwriting determination, such as divorce, serious illness, or loss of employment. Toward that end, the Elliot is a victory for the mortgage industry that is consistent with the purpose and intent of CFPB regulations.

The Client Advisory can be found here on our website.