Alston & Bird Consumer Finance Blog

Consumer Loan

CFPB Issues Proposed Rule to Establish Public Registry of Supervised Nonbank Form Contract Provisions that Waive or Limit Consumers’ Legal Protections

A&B ABstract:

On January 11, 2023, the Consumer Financial Protection Bureau (the “CFPB” or “Bureau”) announced a proposed rule to establish a public registry and require  nonbanks supervised by the agency to register their use of certain terms and conditions contained in “take it or leave it” form contracts for consumer financial products or services that “attempt to waive consumers’ legal protections,” “limit how consumers enforce their rights,” or “restrict consumers’ ability to file complaints or post reviews” (the “Proposed Rule”).  The purpose of Proposed Rule’s registration system is to allow the CFPB to prioritize oversight of nonbanks that use the covered terms and conditions based on the agency’s perception these provisions pose risks for consumers.

The CFPB seeks public comment on the practical utility of collecting and publishing this information as well as ways to minimize the burden of the information collection on respondents. The comment period closes on April 3, 2023.

The Proposed Rule

The Proposed Rule would require annual registration by most nonbanks subject to the CFPB’s jurisdiction, with limited exceptions. “Specifically, a “supervised nonbank” would be defined to mean a nonbank covered person that is subject to supervision and examination by the Bureau, except to the extent that such person engages in conduct or functions that are excluded from the Bureau’s supervisory authority pursuant to 12 U.S.C. 5517 or 5519.  A “supervised nonbank” would include any nonbank covered person that (1) offers or provides a residential mortgage-related product or service, any private educational consumer loan, or any consumer payday loan, (2) is a larger participant engaged in consumer reporting, consumer debt collection, student loan servicing, international money transfers, and auto financing, or (3) is subject to a CFPB order issued pursuant to 12 U.S.C. 5514(a)(1)(C).

Those excluded from the scope of the Proposed Rule would include, among others, persons subject to CFPB supervision and examination solely in the capacity of a service provider; natural persons; persons with less than $1 million in annual receipts resulting from offering or providing all consumer financial products and services as relevant to the activities noted in (1) through (3) above.  Also exempt from the rule would be a person that has not, together with its affiliates, engaged in more than de minimis use of covered terms and conditions (i.e., fewer than 1,000 times in the previous calendar year) and a person that used covered terms or conditions in covered form contracts in the previous calendar year solely by entering into contracts for residential mortgages on a form made publicly available on the Internet required for insurance or guarantee by a Federal agency or purchase by Fannie Mae, Freddie Mac, or Ginnie Mae.

Under the Proposed Rule, a “covered term or condition” would be subject to the rule’s reporting requirements. A “covered term or condition” would be defined as “any clause, term, or condition that expressly purports to establish a covered limitation on consumer legal protections applicable to the offering or provision of any consumer financial product or service.” In turn, “covered limitation on consumer legal protections” would be defined to mean any covered term or condition in a covered form contract:

  • Precluding the consumer from bringing a legal action after a certain period of time;
  • Specifying a forum or venue where a consumer must bring a legal action in court;
  • Limiting the ability of the consumer to file a legal action seeking relief for other consumers or to seek to participate in a legal action filed by others;
  • Limiting liability to the consumer in a legal action including by capping the amount of recovery or type of remedy;
  • Waiving a cause of legal action by the consumer, including by stating a person is not responsible to the consumer for a harm or violation of law;
  • Limiting the ability of the consumer to make any written, oral, or pictorial review, assessment, complaint, or other similar analysis or statement concerning the offering or provision of consumer financial products or services by the supervised registrant;
  • Waiving, whether by extinguishing or causing the consumer to relinquish or agree not to assert, any other identified consumer legal protection, including any specified right, defense, or protection afforded to the consumer under Constitutional law, a statute or regulation, or common law; or
  • Requiring that a consumer bring any type of legal action in arbitration.

In the Proposed Rule, the CFPB acknowledges that there may be overlap in the types of covered terms and conditions, so some contract provisions may fall into more than one category.  The Proposed Rule currently proposes to limit the collection of terms and conditions that expressly attempt to establish the covered limitation.  Any contract containing a covered term would be considered a “form contract” provided it was (1) included in the original contract draft presented to the consumer, (2) was not negotiated between the parties, (3) is intended for repeated use in transactions between the company and consumers and contains a covered term or condition.

Supervised nonbanks covered by the Proposed Rule would be required to collect and submit this information through the CFPB’s registration system.  Under the Proposed Rule, the registry of terms and conditions would be publicly available, rather than limited to government regulators or CFPB staff.  The CFPB supports the public availably of this data on the grounds that it will lead to more informed consumers and provide other regulators the opportunity to identify covered terms and conditions that are explicitly prohibited by the laws they enforce or supervise.  The proposed format for the registry is similar to another recent CFPB proposed rule which proposes to establish a public registry of regulatory actions involving certain nonbanks subject to CFPB supervision. We previously discussed this proposed rule in another blog post.

CFPB’s Request for Comment on the Proposed Rule

The CFPB is seeking comment on a range of issues related to the Proposed Rule, including:

  • The prevalence of the covered terms and conditions;
  • Potential impacts of collecting and publishing this information;
  • Reasons why the information should not be publicly disclosed;
  • The burden of collecting and filing these provisions;
  • The use of form contracts purchased from third parties; and
  • Other entities that may be affected by the proposed rule.

The period for public comment ends on April 3, 2023.

Is the establishment of a Public Registry likely?

 The CFPB currently has thirty-seven (37) rules that have been proposed but not implemented, of which only five of were proposed since the start of the Biden Administration.  Most notably, neither the CFPB’s proposed rule for small business lending data collection from September 1, 2021 or its proposed rule for credit card late fees and late payments from June 22, 2022 have been finalized.  Since the substance of this rule is limited to the collection and publication of contract terms, rather than the prohibition of any behavior, enactment might be more likely.  The recent Fifth Circuit decision in Community Financial Services found the CFPB’s funding structure unconstitutional and vacated the agency’s Payday Lending Rule on those grounds.  Accordingly, any rule promulgated by the CFPB would likely be susceptible to legal challenges.

Takeaway

The Bureau’s focus on seeking public disclosure of covered terms and conditions reflects a continued focus on the content of form contracts used in connection with consumer finance products and services of nonbanks.  The public nature of the registry could lead to increased scrutiny of contract provisions from the Bureau, other regulators, and the public, increasing reputational risk to covered entities as well as the likelihood of heightened enforcement activity by Federal and State regulators. Accordingly, entities that would be subject to the Proposed Rule’s requirements should carefully review the Proposed Rule and consider commenting thereon.

CFPB Proposes Nonbank Registry to Focus on Compliance “Recidivism”

A&B ABstract:

On December 12, 2022, the Consumer Financial Protection Bureau (CFPB) announced a proposed rule to require certain non-banks to register with the agency when they become subject to a public written order or judgment imposing obligations based on violations of certain consumer protection laws. The CFPB also proposes to maintain a public online registry of those nonbanks subject to agency or court orders, to “limit the harms from repeat offenders.” We provide below a description of the CFPB’s proposed rule, along with the potential implications for the financial services industry.

Background on Proposed Rule

Earlier this year, CFPB Director Rohit Chopra presented remarks at the University of Pennsylvania, where he asserted that “[c]orporate recidivism has become normalized and calculated as the cost of doing business; the result is a rinse-repeat cycle that dilutes legal standards and undermines the promise of the financial sector and the entire market system.” To address this problem, Director Chopra suggested establishing “dedicated units in our supervision and enforcement divisions to enhance the detection of repeat offenses and corporate recidivists and to better hold them accountable.” With respect to accountability for “serial offenders of federal law,” Director Chopra warned that the CFPB would be focusing on “remedies that are more structural in nature,” including “limits on the activities or functions” of the entity.

Subsequently, in November 2022, and leading up to the proposed rule, the CFPB announced, as part of its Supervisory Highlights, that it would be establishing a Repeat Offender Unit as part of its supervision program. The Repeat Offender Unit would be focused on: reviewing and monitoring the activities of “repeat offenders;” identifying the root cause of recurring violations; pursuing and recommending solutions and remedies that hold entities accountable for failing to consistently comply with Federal consumer financial law; and designing a model for order review and monitoring that reduces the occurrences of repeat offenders. The Bureau asserts that its authority for these efforts, along with any proposed rulemaking, is derived from the Consumer Financial Protection Act’s mandate that the Bureau “monitor for risks to consumers in the offering or provision of consumer financial products or services” and “gather information from time to time regarding the organization, business conduct, markets, and activities of covered persons and service providers.” See 12 U.S.C. § 5512(c)(1), (4).

Proposed Requirements

The CFPB’s proposed rule would require certain nonbanks covered person entities (with exclusions for insured depository institutions, insured credit unions, related persons, States, certain other entities, and natural persons) to register with the Bureau upon becoming subject to a public written order or judgment imposing obligations based on violations of certain consumer protections laws. Such entities would be required to register in a system established by the Bureau, provide basic identifying information about the company and the order (including a copy of the order), and periodically update the registry for accuracy and completeness. For purposes of the proposed rule, “covered person” would have the same meaning as in 12 U.S.C. § 5481(6). Further, “service providers” would be deemed covered persons to the extent that they engage in the offering or provision of their own consumer financial product or services or where they act as service providers to covered person affiliates.

In addition, certain larger participant nonbanks subject to the Bureau’s supervisory authority would be required to designate a senior executive, who is responsible for and knowledgeable of the nonbank’s efforts to comply with the orders identified in the registry, to attest regarding compliance with covered orders and submit an annual written statement attesting to the steps taken to oversee the activities subject to the applicable order for the preceding calendar year, and whether the executive knows of any violations of, or other instances of noncompliance with, the covered order.

Further, the CFPB is considering whether to release, via its publicly available website, the above registry information for non-banks.

Implications for Non-Banks

While the CFPB’s proposed enforcement order registry would provide greater transparency about a lender’s regulatory track record to the various federal and state regulators and the general public, it remains to be seen how the information maintained in this registry might be used against lenders. At a minimum, however, the proposed rule raises the following significant implications for non-banks:

  • Supervision and examination considerations. The CFPB intends to use the information in the registry to coordinate its “risk-based supervisory prioritization,” for those non-bank markets covered by the Bureau’s supervision and examination authority under CFPA section 1024(a). Thus, entities with a local, state, or federal prior enforcement order may be subject to more targeted supervision.
  • Investigation and enforcement presumptions. The CFPB intends to use the information in the registry in connection with its investigation and potential enforcement activities, which presents various risks, including:
    • Increased civil money penalties. Specifically, the CFPB believes that the information contained in the proposed registry can assist the agency in determining the civil penalties that may be assessed for a future violation of federal consumer financial law, given that federal law permits the CFPB to consider the entity’s “history of previous violations.” Indeed, it is possible that the CFPB may use evidence of prior enforcement against an entity, brought by itself or another agency, to establish that the entity acted knowingly or recklessly in violating federal consumer financial law, perhaps even where the prior enforcement order involved a different consumer-related issue.
    • Presumption of consumer harm. Further, the CFPB believes there is a “heightened likelihood” that entities that are subject to public orders relating to consumer financial products and services may pose risks to consumers in the markets for those products and services, since entities that have previously been subject to enforcement actions “present an increased risk of committing violations of laws.” Thus, there may be a presumption of consumer harm against an entity where a prior enforcement order exists. Yet this approach by the CFPB likely will overstate the actual harm to consumers, as most consent orders do not contain an admission by the entity of any liability or wrongdoing.
  • Increased reputational risk. Given that the CFPB maintains Memoranda of Understanding with federal parties (such as the Federal Trade Commission and the U.S. Department of Justice), as well as with at least 20 state attorneys general offices, it appears that the information reported to the registry already would be available to such agencies. However, the registry will permit all agencies, as well as the general public, a readily accessible, one-stop shop to an entity’s entire enforcement track record, which may present significant reputational risk to that entity, as well as a potentially increased risk of class action lawsuits and other consumer claims.
  • Facilitating of private enforcement. The CFPB believes that the proposed registry may “facilitate private enforcement of the Federal consumer financial laws by consumers, to the extent those laws provide private rights of action, where consumers have been harmed by a registered nonbank.” In other words, the “information that would be published under the proposal might be useful in helping consumers understand the identity of a company that has offered or provided a particular consumer financial product or service, and in determining whether to file suit or otherwise make choices regarding how to assert their legal rights.”

Takeaway:

Given the significant implications raised by the CFPB’s proposed rule, non-bank financial institutions should consider submitting comments, which are due 60 days after publication in the Federal Register. In particular, the CFPB seeks comment on “its preliminary conclusion that collecting and registering public agency and court orders imposing obligations based upon violations of consumer law would assist with monitoring for risks to consumers in the offering or provision of consumer financial products and services.” The CFPB also seeks comment on “whether the types of orders described in the proposal, and the types of information that would be collected about those orders and covered nonbanks under the proposal, would provide useful information to the Bureau,” as well as “any other risks that might be identified through collecting the information described in the proposal.” Finally, the Bureau seeks comment on whether it should consider collecting any other information in order to identify risks to consumers associated with orders.

CFPB Sues MoneyLion over Membership Program, Uses Military Lending Act as Hook

A&B Abstract:

On September 29, 2022, the Consumer Financial Protection Bureau (“CFPB”), sued MoneyLion Technologies Inc. and 37 of its subsidiaries (“MoneyLion”) in New York federal court for violations of the Military Lending Act (the “MLA”) and Consumer Financial Protection Act (“CFPA”).

The Allegations

The CFPB alleges that MoneyLion offered installment loans that consumers could not access unless they enrolled in a membership program with monthly membership fees.  While MoneyLion represented to consumers that they “had the right to cancel their memberships for any reason,” it “maintained a policy prohibiting consumers with unpaid loan balances from canceling their memberships.”

According to the CFPB, MoneyLion’s membership model resulted in violations of the MLA’s 36% APR cap.  Under the MLA’s implementing regulation, APR is calculated as including “fee[s] imposed for participation in [an] arrangement for consumer credit.”  Based on this, the CFPB argues that the membership fees MoneyLion required servicemembers to pay to gain access to installment loans must be included in those loans’ APR.  If correct, those loans’ APR would unlawfully exceed 36%.

The CFPB also alleges that the installment loans to servicemembers violated the MLA by containing unlawful arbitration clauses and failing to contain required disclosures.

Lastly, the CFPB alleges that MoneyLion’s membership model resulted in unfair, deceptive, and abusive acts or practices under the CFPA. Particularly, the CFPB alleges that MoneyLion misled and injured consumers by representing to consumers that they had the right to cancel their memberships when, in fact, they did not.

Takeaways

The MoneyLion suit serves as a good reminder that every lending program should: (i) account for the additional protections provided to uniquely situated borrowers, such as servicemembers under the MLA; (ii) scrutinize any fees paid by consumers that could be viewed as increasing a loan’s APR; and (iii) review representations they make to consumers to align with the commercial realities and the regulatory requirements of the products they offer.

California Settlement Offers Reminder that Buy Now Pay Later Participants are Subject to California Financing Law

In August 2022, the California Department of Financial Protection and Innovation (“Department” or “DFPI”) entered into a consent order with a company offering point of sale financing products that the DFPI deemed to be buy now, pay later (“BNPL”) financing, for which a California Financing Law (“CFL”) license is required. The company is required to pay a penalty, refund previously collected fees from California residents, and obtain a CFL license.

The settlement follows an annual report released in October of 2021 in which the DFPI noted a sharp increase in BNPL “consumer loans.” In the accompanying press release to that report, the DFPI stated:

BNPL loans are an increasingly common type of short-term financing that allows consumers to make purchases and pay for them at a future date, often interest-free. Sometimes referred to as point-of-sale installment loans, BNPL products are becoming a popular payment option. The report shows a surge in BNPL unsecured consumer loans reported to the DFPI. This product has grown in recent years and has come under the DFPI regulatory umbrella.

The press release also noted that the Department had rendered prior legal opinions and entered into settlements with three separate BNPL / point-of-sale financers in 2019 and 2020 that were deemed to be structuring their BNPL products in a manner designed to evade regulation under the CFL. These companies had agreed to refund fees to consumers and obtain CFL licenses, and among other requirements, must: (i) consider consumers’ ability to repay loans, (ii) comply with rate and fee caps, and (iii) respond to consumer complaints

In one of those prior opinions, the DFPI (formerly, the Department of Business Oversight) asserted that the CFL applies to making consumer loans and noted that the CFL defines “consumer loan” as a loan “the proceeds of which are intended by the borrower for use primarily for personal, family, or household purposes.” (Note that loans in the principal amount of $5,000 or less for other than personal, family, or household purposes are also included in the definition, bringing certain commercial or business-purpose loans within the scope of the CFL). The Department further stated that the CFL incorporates certain aspects of the common law, including that merchants may sell goods in exchange for cash or in exchange for a consumer’s promise to pay later (a “credit sale”) and that a merchant may charge a premium for credit sales without the transaction being subject to the state’s loan laws and without the premium being subject to the state’s usury limit. The DFPI concluded, however, that “[e]xtensive third-party involvement may cause transactions to be deemed loans even if the underlying credit sale is bona fide.”

Taken together, the Department’s prior statements, opinions, and enforcement actions signal a broad interpretation of the CFL that could potentially apply to many lenders and third parties involved in point-of-sale financing, including the offering of buy now, pay later products. In the press release accompanying the most recent enforcement action, the DFPI concluded that it “continues investigating other companies offering Buy Now, Pay Later products.”

NMLS Seeks Comments on Proposed Revisions to Company and Individual Disclosure Questions

A&B Abstract:

The Nationwide Multistate Licensing System & Registry (NMLS) Policy Committee is inviting comments on the NMLS Disclosure Questions Proposal. The comment period is now open and runs until August 22. Among other revisions, the proposal details suggested revisions to the disclosure questions on the Company (MU1) and Individual (MU2) forms.

Proposed Revisions to NMLS Disclosure Questions

In key part, the proposed revisions include:

Company Disclosure Questions:

  • Adding a new question to incorporate a requirement of the Money Transmission Modernization Act, g., companies disclosing “material litigation” (which would be a newly defined term) in the past 10 years;
  • Expanding the civil judicial disclosures to include whether companies have been found in the past 10 years: (1) to have made a false statement or omission or been dishonest, unfair, or unethical, or (2) to have been a cause of another financial services business having its license or authorization denied, suspended, revoked, or restricted;
  • Amending the civil judicial disclosure question to include whether there are any pending financial services civil actions alleging that a company has made a false statement or omission, or had been dishonest, unfair, or unethical;
  • Requiring the criminal disclosure of any pending felony charges against companies, instead of any past felony charges;
  • Broadening the bankruptcy disclosure to include whether a company or control affiliate filed a bankruptcy petition in the past 10 years (in addition to being the subject of a bankruptcy petition) and clarifying that disclosure of either voluntary or involuntary petitions is required;
  • Adding a question whether companies have ever been denied issuance of a bond;
  • Introducing a new question asking whether a third-party service provider has notified a company of its intent to modify or cancel an arrangement that would materially alter the company’s ability to conduct business activities, and relatedly, defining “third-party service provider” to include lines of credit, whether warehouse or operation, technology solutions, etc.; and
  • Separating out into two sections under the existing regulatory action disclosures for: (1) companies that hold or have ever held an authorization to act as a contractor for a federal, state, or local government entity, (2) companies who have “key individuals” (which would be a newly defined term) or control individuals who are or have been licensed as attorneys or accountants or who hold or have been licensed as financial services professionals, and (3) added that dismissal of an action pursuant to a settlement agreement requires disclosure.
    • Regarding the last point in (3), this proposed revision is added in Question 14.e. which, according to the NMLS Policy Committee, is intended to broaden the question to account for how regulatory actions may be brought, including dismissal of an action pursuant to a settlement agreement. However, by including the term “settlement agreement”, which is not separately defined in the NMLS Policy Guidebook, Question 14.e. may potentially require the disclosure of nonpublic settlement agreements, which would be a significant change and perhaps an unintended result. The original questions are limited by the terms “found” (in Question 14.a-c.) and “order” (in Question 14.e.), both of which are defined terms indicating that only public settlement agreements and orders are required to be disclosed. Thus, we recommend that industry members consider whether to submit comments on this question to seek clarification.

Individual Disclosure Questions:

  • Making conforming proposed revisions relating to civil judicial and financial disclosures as described above in the Company Disclosure Questions;
  • Limiting the time period for the disclosure of misdemeanors to the past 10 years;
  • Making clarifications to require disclosure of judicial and non-judicial foreclosures on either commercial or residential property;
  • Adding new questions relating to pending regulatory actions against a holder of a financial services license or other professional license that could result in the restriction, revocation, debarment, or suspension of the license; and
  • Adding new questions regarding any pending financial services civil actions alleging a violation of a financial services statute or regulation for a company over which an individual exercised control, or a prior finding of the same.

Additional Proposed Revisions

In addition to proposed revisions to Company (MU1) and Individual (MU2) disclosure questions, the proposed revisions include amendments to the NMLS Policy Guidebook Glossary Terms.  Significantly, definitions for nine new terms are proposed: (1) Consumer Protection; (2) Court; (3) Efforts to Foreclose; (4) Governmental Entity; (5) Key Individual; (6) Lien; (7) Material Litigation; (8) Third Party Service Provider; and (9) Unsatisfied.  Amendments to existing terms include revising “financial services” to include consumer protection laws or regulations that pertain to enumerated financial services items, and clarifying the term “found” to cover agreements or settlements that are a matter of public record including those in which the findings are neither admitted or denied. The existing term “order” would be amended to add language to cover orders agreed to by the parties such as consent orders and stipulated orders, and to clarify that agreements relating to payments, limitations on activity, or other restrictions are excluded from the definition unless they are in a written directive that otherwise qualifies as an order.

Takeaway

We recommend that industry members, both licensees and applicants on NMLS, review the proposed revisions to the disclosure questions and consider whether to submit comments.  In particular, and as highlighted above, the proposed changes to Question 14.e. would appear to potentially require the disclosure of nonpublic settlement agreements, which would be a significant change from Question 14.e as currently worded.  If so, this may require companies to update their responses to the disclosure questions and submit additional information to NMLS regarding nonpublic settlement agreements.  Comments may be submitted via e-mail to comments@csbs.org by August 22.