Alston & Bird Consumer Finance Blog

Consumer Financial Protection Bureau (CFPB)

QM Patch Update: CFPB Proposes to Let Patch Expire

A&B Abstract

The CFPB has issued an Advance Notice of Proposed Rulemaking regarding the fate of the “QM Patch,” indicating that it will not extend the “QM Patch” permanently.

Advanced Notice of Proposed Rulemaking

In a surprise development, on July 25, 2019, the Consumer Financial Protection Bureau (“CFPB”) issued an advance notice of proposed rulemaking (“ANPR”) seeking public comment regarding the fate of the “QM Patch,” which is scheduled to expire no later than January 10, 2021.   The comment period is short, reflecting the urgency of promulgating a final rulemaking before the impeding “QM Patch” termination.  Comments must be received by the CFPB within 45 days after publication of the ANPR in the Federal Register.

Background

The CFPB created the “QM Patch” as a temporary provision of the qualified mortgage (“QM”)/ability-to-repay (“ATR”) regulations adopted pursuant to the Dodd-Frank Act.  It exempts lenders from having to underwrite loans with debt-to-income (“DTI”) ratios not exceeding 43% in accordance with the exacting standards of Appendix Q to Regulation Z if the loans otherwise meet the definition of a QM and are eligible for purchase by, among others, Fannie Mae and Freddie Mac.

The CFPB’s Proposal

In seeking public comment in the ANPR, however, the CFPB announced that it does not intend to extend the “QM Patch” permanently.  This shocking pronouncement has potentially profound ramifications for the residential mortgage lending markets.  A substantial proportion of the markets have relied extensively on the “QM Patch” in underwriting qualified mortgages, not to mention significantly reducing the role of the GSEs in these markets.  For years, GSE critics have complained about Fannie Mae’s and Freddie Mac’s dominance of the residential lending markets.  Yet the January 2021 “QM Patch” expiration would raise critical questions:  Will the private markets be able to absorb the GSE’s large share of qualified mortgage lending?  If not, what are the possible detrimental impacts on consumers, especially those in distressed communities?

Other QM Changes?

In the ANPR, the CFPB indicates that it may make other significant changes to the qualified mortgage regulations, based in part on the public comments it receives.  For example, the CFPB is considering whether the general QM definition should retain a direct measure of a consumer’s personal finances, such as DTI or residual income and how that measure should be structured. The CFPB is also seeking comment on whether the definition should: (1) include an alternative method for assessing financial capacity, or (2) be limited to the express statutory criteria.  Under one approach that seems to be attracting the CFPB’s interest, bright-line pricing delineation would replace the DTI criteria altogether.   Under such an approach, loans with APRs exceeding the average prime offer rate by certain thresholds would be deemed rebuttable presumption QM loans or non-QM loans, as the case may be.  Loans not exceeding certain thresholds would receive safe harbor QM status.   Under such a bright line pricing delineation method, the loans would have to comply with other statutory criteria in order to retain QM status.

Takeaway

The 45-day deadline for comments seems rushed, especially considering the dramatic effect that changes to the qualified mortgage rules could have on the residential mortgage finance and housing markets.  Further, in an ideal world, the CFPB should be considering amendments of the qualified mortgage/ability-to-repay rules in tandem with the federal high cost mortgage, the residential mortgage risk retention, and the loan originator compensation rules as a holistic approach rather than in isolation.

A Closer Look at the CFPB’s Proposed Debt Collection Rules – Part One

A&B Abstract:

On May 7, 2019, the Consumer Financial Protection Bureau (the “CFPB” or “Bureau”) issued a proposed rule that would significantly amend Regulation F (the “Proposed Rule”), which implements the Fair Debt Collection Practices Act (“FDCPA”), to prescribe rules governing the activities of debt collectors that are subject to the FDCPA.  The Bureau recently extended the comment period from August 19, 2019 to September 18, 2019.

Overview of Blog Series

This blog post is part one of a five-part series that will take a deeper dive into the topics covered by the Proposed Rule as well as those issues the Bureau has chosen not to address.  This five-part series will cover the following topics:

  • Part one will provide a brief history of the FDCPA and the Proposed Rule and provide a high-level overview of the Proposed Rule’s coverage and scope of applicability and a summary of the Proposed Rule’s most impactful provisions.
  • Part two will discuss the Proposed Rule’s communication requirements, including (i) time and place restrictions, (ii) restrictions on telephone call volume, (iii) text and email communications, and (iv) resolution of the “voicemail paradox” through the use of limited-content messages.  In addition, this part will focus on the operational challenges created by the Proposed Rule and what debt collectors should be thinking about when considering whether to submit comments to the Bureau.
  • Part three will address the Proposed Rule’s disclosure requirements, including (i) expanded requirements for Validation of Debt notices, (ii) a safe harbor for use of the Bureau’s new proposed model Validation of Debt form, and (iii) requirements for the provision of electronic disclosures.
  • Part four will discuss the Proposed Rule’s conduct provisions, including provisions addressing (i) decedent debt, (ii) time-barred debt, (iii) credit reporting restrictions, and (iv) transfers of debt.
  • Finally, part five will discuss several issues that are not addressed by the Proposed Rule, whether the provisions of the Proposed Rule could be applied to first-party collection activities based on UDAAP principles, and the potential interplay between the Proposed Rule and state debt collection laws.

History of the FDCPA and the Proposed Rule

For decades the FDCPA was enforced by the Federal Trade Commission (“FTC”).  However, prior to the Dodd-Frank Act, no federal regulator had rulemaking authority under the FDCPA.  As a result, the FDCPA was the subject of countless, and often times inconsistent, interpretations fashioned by the courts and federal regulators.

When the Dodd-Frank Act transferred the FDCPA from the FTC to the CFPB, it also empowered the Bureau with rulemaking authority to prescribe regulations with respect to the collection of debts by debt collectors, as defined by the FDCPA.  The Bureau began this process in 2013 by issuing an Advanced Notice of Proposed Rulemaking (“ANPR”).  Following the ANPR, the Bureau, in conjunction with the Office of Management and Budget and the Small Business Administration’s Chief Counsel for Advocacy, convened a Small Business Regulatory Enforcement Fairness Act panel in 2016 to consult with representatives of small businesses that might be affected by the rulemaking.

With its issuance of the Proposed Rule, the Bureau has taken the first step in providing industry with clearer rules of the road in applying the provisions of the FDCPA to modern debt collection practices.

Below we provide a high-level overview of the Propose Rule’s most significant provisions.

Overview of Proposed Rule

The provisions of the Proposed Rule can be broken into the following categories:

  • Coverage and Scope of Applicability
    • Proposed Covered Persons
      • Who is a “Debt Collector”?  The Proposed Rule’s proposed definition of “debt collector” generally restates the FDCPA’s definition of “debt collector,” including the exceptions, with only minor wording and organizational changes for clarity.
      • Who is a “Consumer”?  Similarly, the Proposed Rule would largely restate the FDCPA’s definition of “consumer.”  However, the Bureau proposes to interpret the term to include a deceased natural person who is obligated or allegedly obligated to pay a debt.  Similarly, for purposes of certain communications provisions, the Proposed Rule interprets the term “consumer” to include a confirmed successor-in-interest and the personal representative of a deceased consumer’s estate.
    • Proposed Covered Products
      • Consumer Financial Product or Service Debt:  While the Proposed Rule generally restates the FDCPA’s definition of “debt,” with only minor wording and organizational changes, certain parts of the Proposed Rule would only apply when a debt collector covered by the FDCPA is collecting debt related to a “consumer financial product or service” as defined in the Dodd-Frank Act.
  • Conduct and Communication Provisions:  The Proposed Rule would:
    • Electronic Communications Generally: Identify safe harbor procedures for debt collectors who unintentionally communicate with an unauthorized third party about a consumer’s debt when trying to communicate with the consumer by email or text message.
    • Option to Opt-Out: Require a debt collector to include, in emails, text messages, and other electronic communications, an option for the consumer to opt-out from such future communications.
    • Communication Media Restrictions: Prohibit a debt collector from communicating or attempting to communicate with a consumer through a medium of communication that the consumer has requested the debt collector not use, such as a specific telephone number or email address.
    • Time and Place Restrictions for Electronic Communications: Clarify that calls to mobile telephones and electronic communications, such as texts and emails, are subject to the FDCPA’s prohibition on communicating at unusual and inconvenient times and places.
    • Use of Workplace Email Addresses: Unless an exception applies, prohibit a debt collector from contacting a consumer using an email address that the debt collector knows or should know is provided by the consumer’s employer.
    • Social Media Platforms: Prohibit debt collectors from contacting consumers through social media platforms, unless such contact is made through the platform’s private messaging function.
    • Limited-Content Message: Define, and provide example language for, a “Limited-Content Message” that a debt collector could send by, for example, voicemail or text. The content of a Limited-Content Message would not be considered a “communication.” Thus, if a Limited-Content Message is heard or observed by a third party, it would not constitute a prohibited third-party disclosure.
    • Telephone Call Frequency Limits: Prohibit a debt collector from calling a consumer about a particular debt more than seven times within a seven-day period, subject to certain limited exceptions. The proposal would also prohibit a debt collector from engaging in more than one telephone conversation with a consumer about a particular debt within a seven-day period. As a result, a debt collector who stays within the proposed limits would not be found to have engaged in repeated or continuous telephone calls or conversations with the intent to harass, as prohibited by the FDCPA.
    • Decedent Debt:  Clarify how and with whom a debt collector can communicate about a deceased consumer’s debt, as well as how the requirements regarding validation notices and disputes apply after a consumer passes away.
    • Time-Barred Debt: Prohibit a debt collector from suing or threatening to sue on time-barred debt if the debt collector knows or should know that the applicable statute of limitations has expired.
    • Communicating Before Credit Reporting: Prohibit a debt collector from reporting collection items to consumer reporting agencies unless the debt collector has already communicated with the consumer.
    • Transfers of Debt: Unless an exception applies, prohibit a debt collector from transferring a debt to another debt collector if the debt collector knows or should know that the debt has been paid or settled, the debt has been discharged in bankruptcy, or an identity theft report has been filed with respect to the debt.
  • Disclosure Requirements:  The Proposed Rule would:
    • Provision of Electronic Disclosures: Generally, require a debt collector to provide required disclosures in a manner that is reasonably expected to provide actual notice, and in a form that the consumer may keep and access later. Debt collectors who provide the required disclosures electronically would need to either comply with the E-SIGN Act or a set of alternative procedures. The Proposed Rule would also impose certain requirements related to the delivery and format of required electronic disclosures.
    • Validation Notice: Require a debt collector to include in the validation of debt notice certain information about the debt, including (i) the account number and an itemization of the debt, (ii) certain information about consumer protections, such as information about the right to dispute a debt, and (iii) a consumer response form that consumers could use to take certain actions, such as submitting a dispute or requesting the original creditor’s information.  In addition, the Proposed Rule would permit a debt collector to (i) include statements in the validation of debt notice informing consumers how they may request the notice in Spanish, if the collector chooses to provide a Spanish-language translation, and (ii) provide a validation notice translated into any language, if the debt collector also sends an English-language validation notice in the same communication or if the debt collector previously sent an English-language validation notice.
    • Model Validation Notice: Permit a debt collector to comply with FDCPA’s validation of debt provisions and the Proposed Rule’s disclosure requirements by using proposed Model Form B-3.

Takeaway

The issuance of the Proposed Rule clearly reflects the investment of significant time and consideration by the Bureau. As the Proposed Rule is significant in scope, we expect the Bureau will engage in a similar undertaking as it considers comments submitted by debt collectors and other industry stakeholders.

The Fate of the QM Patch

A&B Abstract:

With the January 2021 expiration of the so-called “QM Patch” looming, what courses of action are available to the CFPB?

Background

One of the most vexing issues currently facing the Consumer Financial Protection Bureau (“CFPB”) is the fate of the so-called “QM Patch”.  The CFPB’s ability-to-repay/qualified mortgage regulations promulgated pursuant to the Dodd-Frank Act require creditors to make a reasonable, good-faith determination at or before consummation that a consumer will have a reasonable ability to repay the loan according to its terms.  (The obligation applies to a consumer credit transaction secured by a dwelling.)

The regulations provide:

  • a “safe harbor” for compliance with the ability-to-repay rules to creditors or assignees of loans that satisfy the definition of a qualified mortgage and are not higher-priced mortgage loans; and
  • a “rebuttable presumption” of compliance with the ability-to-repay rules to creditors or assignees for higher-priced mortgage loans.

A “higher-priced mortgage loan” has an APR exceeding the average prime offer rate by 1.5 or more percentage points for first-lien loans, or by 3.5 or more percentage points for subordinate-lien loans.

What is the QM Patch?

In many instances, in order for a loan to achieve QM status, it must be underwritten in accordance with exacting standards of Appendix Q.  However, the CFPB regulations eliminate this particular requirement if the loan is eligible for purchase by, among others, Fannie Mae and Freddie Mac.  Consequently, a loan satisfies the QM Patch if it can be sold to one of the GSEs, and meets certain other QM criteria.  (Such criteria include that the points do not exceed the three percent threshold, and the loan is fully amortizing and doesn’t have a term exceeding 30 years.)

The QM Patch has significantly enhanced the presence of the GSEs in the QM market, as the GSEs are in effect backstopping the underwriting of these loans.   The regulations scheduled this exemption to expire upon the earlier of the termination of the conservatorship of the particular GSEs or January 10, 2021.  What the rule did not anticipate is that the conservatorship of the GSEs would continue years after the effective date of the CFPB regulations.  With no conservatorship termination in sight, the January 2021 QM Patch expiration looms large.  Indeed, the CFPB must act soon to enable the market to adjust to any significant departures from the current arrangement.

How Might the CFPB Address the QM Patch’s Pending Expiration?

The CFPB has a number of options at its disposal.  First, it could opt to extend the current QM Patch.  Logistically, this may be the path of least resistance.  However, to GSE critics who want to shrink the government mortgage footprint, this option is unpalatable. These critics believe that the QM Patch impact is too substantial and that the GSE backstop crowds out the private sector.  The open question is whether the private sector could realistically absorb the market share currently held by the GSEs through the current QM Patch.

Second, the CFPB could eliminate both the QM Patch and Appendix Q and create a level playing field for the QM market.  This approach would retain most of the ATR/QM product eligibility features and a bright line delineation between Safe Harbor and Rebuttable Presumption QM loans based upon the APR.  This option would eliminate the current debt-to-income ratio requirements, but ensure that only the most low risk loans be accorded the Safe Harbor QM designation.

Third, the CFPB could eliminate the QM Patch and Appendix Q and permit lenders to underwrite loans to an established underwriting guide such as the FHA.  The challenge for this approach is identifying a benchmark that is acceptable to a wide range of the market.

Other options at the CFPB’s disposal include: (1) allowing the lender to underwrite using its own approved and validated underwriting model (while retaining the other components of the ATR/QM criteria, including the Safe Harbor/Rebuttable Presumption bright line tests; and (2)  appointing industry stakeholders to create a de novo AUS that everyone would ultimately use.

Takeaway

With the January 2021 deadline looming, the CFPB needs to act soon to enable markets to adjust to the QM Patch replacement.

Will the CFPB find its Voice on “Abusiveness”?

On June 25, the Consumer Financial Protection Bureau (“CFPB” or the “Bureau”) kicked off its symposia series with a panel discussion of whether the Bureau should use its rulemaking authority to further define “abusive acts or practices.”  The Dodd-Frank Act added a prohibition on abusive acts and practices to the established prohibition on unfair acts and practices, changing the acronym UDAP to UDAAP.  Over the years Federal Trade Commission (“FTC”) policy statements, enforcement actions, and judicial precedents have defined the prohibitions on “unfair” and “deceptive” conduct.  The abusiveness standard is less developed.

What is “abusive”?

The Dodd-Frank Act makes it unlawful for any covered person or service provider to engage in an “abusive act or practice,” which is one that:

  • materially interferes with the ability of a consumer to understand a term or condition of a consumer financial product or service; or
  • takes unreasonable advantage of -(A) a lack of understanding on the part of the consumer of the material risks, costs, or conditions of the product or service;(B) the inability of the consumer to protect the interests of the consumer in selecting or using a consumer financial product or service; or(C) the reasonable reliance by the consumer on a covered person to act in the interests of the consumer.

Symposium discussion

 The Bureau convened a panel of academics and regulatory and industry experts who debated:

Should the CFPB define abusiveness?

Only one panelist argued that the Bureau doesn’t have rulemaking authority, despite the express authority granted by the Dodd-Frank Act.  Most agreed that further guidance would be helpful.

Is now the time to further define abusiveness?

While most agreed that further guidance would be helpful, there was much disagreement on whether the CFPB should be the one to issue such guidance. Some participants argued that because the Bureau cannot anticipate the types of problems to address, it should follow the FTC’s example and develop the definition over time through the common law process.  To that end, one panelist cautioned that the Bureau should be careful to not tie its hands too prematurely. By contrast, others argued strongly for the need for guidance that provides boundaries and limiting principles. Legal and compliance professionals require such guidance to facilitate compliance and to provide direction to their companies.  One panelist argued that the Bureau’s current “know it when you see it approach” would be better served with concrete examples.

What form should guidance take? 

Recognizing that promulgating a rule would be a long process, some argued an industry specific no-action letter, or even a discussion in the Bureau’s supervisory highlights, would be appropriate.  Other panelists want more permanence and advocated for a policy statement as a measured next step.

What does abusiveness mean? 

Here, there was a healthy debate.  The panelists considered questions including:

  • Does the abusiveness standard preclude a cost benefit analysis?
  • Should abusiveness be tied to suitability of product rather than reasonableness of the consumer?  Should the definition be tied to specific industries?
  • Is it an individualized inquiry focusing on “a consumer”?
  • Should we look for guidance at the SEC 10(b)(5) rule, or to the laws of other countries (such as Australia), or strictly follow the statutory language?
  • What does behavioral economics tell us?
  • Should abusiveness be defined by example?
  • Is abusive completely separate from unfair or deceptive or is there overlap?

To the last point, the CFPB exam manual provides that “[a]lthough abusive acts also may be unfair or deceptive, examiners should be aware that the legal standards for abusive, unfair and deceptive are each separate.”

What comes next?

What the Bureau will do with the information gathered during the symposium is not clear.    We do know that the CFPB is planning on holding more symposia.  Specifically, the Bureau has announced that future topics will include small business loan data collection, disparate impact and ECOA, cost benefit analysis, and consumer authority for financial data sharing.

New York DFS Unveils Two New Divisions Focused on Consumer Protection, Financial Enforcement and Cybersecurity

New York State’s Department of Financial Services (DFS) recently unveiled two new divisions with broad enforcement authority focused on consumer protection, financial enforcement, and cybersecurity.  Financial service providers should take note as New York and other states continue to shore up their enforcement capabilities.

Consumer Protection & Financial Enforcement

DFS’ highly touted Consumer Protection and Financial Enforcement (“CPFE”) division was launched on April 29, 2019.  The CPFE’s debut marks the latest DFS action to solidify the Department’s position as “a leader in financial services regulation.”

Heralded by acting Superintendent Linda Lacewell as a “powerhouse”, the CPFE is tasked with broad responsibility, specifically: (1) protecting and educating consumers; (2) combating consumer fraud; (3) ensuring that DFS-regulated entities serve the public in compliance with state and federal law; (4) developing investigative leads and intelligence in the banking, insurance, and financial services arenas, with a particular focus on cybersecurity events; and (5) developing and directing supervisory, regulatory and enforcement policy regarding financial crimes.

The Department created its new mega group by merging its enforcement operation with the division which conducts DFS’ civil and criminal investigations (formerly known as the Financial Frauds and Consumer Protection or “FFCP”).  The CPFE’s creation follows DFS’ pronouncement last year that it was prepared to step in to “fill voids” in areas where consumer and market protections are rolled back on the federal level.  The announcement also follows the news that the Consumer Finance Protection Bureau (“CFPB”) will adjust its focus from enforcement to “preventing harm”.  The Bureau’s shift in approach was announced by Kathleen L. Kraninger during her first policy address as the CFPB’s new Director on April 17, 2019.  Director Kraninger expressed the “hope that our emphasis on prevention will mean that we need our enforcement tool less often.”

The CPFE division will be headed by Katherine A. Lemire, who is expected to draw upon her decade of prosecutorial experience at the federal (Assistant United States Attorney in the Southern District of New York) and state (Assistant District Attorney in the New York County District Attorney’s Office) levels.  During her time in the Manhattan U.S. Attorney’s office, Ms. Lemire’s work included the prosecution of disgraced political donor Norman Hsu – sentenced to over 24 years in prison – and the corruption conviction of City Council Member Miguel Martinez.  Referred to by the NY Daily News as a “legal Howitzer,” Ms. Lemire also served as special counsel to then-NYPD Commissioner Raymond Kelly.

Upon entering the private sector, Ms. Lemire founded an international compliance and investigative services firm.  As part of a 2017 roundtable discussion on “How to Conduct Internal Investigations Efficiently and Effectively,” the new CPFE head shared the following insights on effectively working with government investigators to “narrow the scope” of subpoena requests in order to minimize client costs and business disruption:

Remember that prosecutors are people too … they can be reasonable. If confronted with a very broad subpoena seeking, for example, a large swath of documents over the course of years, it may make sense to call the prosecutor and find out whether you may narrow the scope of responsive documents. Often, prosecutors will provide specifics regarding the target of the investigation, and work with you to produce documents in a time-efficient manner. Prosecutors typically have investigative priorities, and if you can provide a proposed schedule for document/materials production, they will often work with you so that they can get what they need the most in a rapid fashion. Relatedly, you may be able to spare yourself producing materials that are not within the actual scope of materials needed. While they are the “expert” in the investigation, you are the “expert” in your business — prosecutors may be asking for materials they do not actually need, and with some education from you, you may be able to narrow the scope of the investigation.

The unveiling of its new “mini CFPB” marks yet another recent DFS milestone, highlights of which include over three billion dollars in fines imposed as a result of investigations into foreign exchange trade rigging, and the issuance of “whistleblower” guidance to all DFS-regulated entities.  The whistleblower guidance is especially significant in light of the Department’s position that “a robust whistleblowing program is an essential element of a comprehensive compliance program for regulated financial service companies”.  And, while not intended to provide a “one size fits all” model, the guidance sets forth ten “important principles and practices” of an “effective whistleblowing program”:

  • Whistleblower reporting channels are independent, well-publicized, easy to access, and consistent;
  • Strong protections to guard whistleblower anonymity;
  • Procedures to identify and manage potential conflicts of interest;
  • Adequate staff training on how to receive and act upon whistleblower complaints, as well as manage investigations, referrals and escalations;
  • Procedures to investigate allegations of wrongdoing;
  • Procedures to ensure valid complaints are followed-up appropriately;
  • Protections against whistleblower retaliation;
  • Confidential process;
  • Appropriate internal and external oversight of the whistleblowing function; and
  • Culture of top-down support for the whistleblowing function.

Cybersecurity

On May 22, 2019 the Department launched a new Cybersecurity division, advertised as the “first of its kind at a banking or insurance regulator” which will focus on “protecting consumers and industries from cyber threats.”  The emergence of DFS’ new Cybersecurity division follows the Department’s signature enactment, its 2018 cybersecurity law (23 NYCRR 500) upon which the FTC has “primarily based” its latest proposed information security program requirements.  The new division’s emergence “builds upon DFS’ nation-leading efforts to protect consumers and financial markers from cyberattacks” and also follows the March 1, 2019 deadline by which all DFS-regulated institutions were required to submit comprehensive risk-based cybersecurity programs for protecting consumer’s private data.

Justin Herring will head the new Cybersecurity division, joining DFS from the New Jersey U.S. Attorney’s Office where he served as Chief of the Cyber Crimes Unit and also worked as a member of the U.S. Attorney’s Economic Crimes Unit.  The DFS signaled its intention to continue its efforts to combat cybercrime by “hiring additional experts as necessary,” in addition to utilizing and developing its personnel’s existing subject-matter expertise.

According to the DFS’ announcement, the role of the new Cybersecurity division will be to “enforce the Department’s cybersecurity regulations, advise on cybersecurity examinations, issue guidance on DFS’ cybersecurity regulations, and conduct cyber-related investigations in coordination with the Consumer Protection and Enforcement Division.”