Alston & Bird Consumer Finance Blog

Unfair, Deceptive and Abusive Acts or Practices (UDAAP)

Federal and State Guidance Regarding the COVID-19 Pandemic

A&B Abstract:

The Alston & Bird Consumer Finance team recognizes that this is a period of great uncertainty both for the nation and our clients. We have received numerous questions and concerns regarding what federal and state regulators are doing in light of the COVID-19 pandemic and how their response may affect day-to-day business. We have been monitoring both the federal and state guidance that has been released in response to the COVID-19 pandemic and have provided a summary of what has been released thus far.  We are continuing to monitor for new developments and will update this blog post accordingly.

Federal Guidance

Federal Administrative Agencies:

  • HUD/FHA: On March 18, 2020, HUD released Mortgage Letter 2020-4, which placed a foreclosure and eviction moratorium on all FHA-insured Single Family mortgages for a period of 60 days. The moratorium applies both to the initiation of foreclosures and to the completion of foreclosures in process.  Similarly, evictions of persons from properties secured by FHA-insured single-family mortgages are suspended for 60 days.  Deadlines of the first legal action and reasonable diligence timelines for Home Equity Conversion Mortgages are extended by 60 days.  In light of the broad language of the Mortgagee Letter, it does not appear that HUD intended to carve out vacant and abandoned properties from the foreclosure moratorium.  HUD has informally confirmed this interpretation.
  • USDA: On March 19, 2020, the USDA issued SFH Guaranteed Servicing Notice (March 19, 2019) which, effective immediately, provides that borrowers with USDA guaranteed loans are subject to a moratorium on foreclosure for a period of 60 days. The moratorium applies to the initiation of foreclosures and to the completion of foreclosures in process.  In addition, deadlines of the first legal action and reasonable diligence timelines are extended by 60 days. Similarly, evictions of persons from properties secured by USDA guaranteed loans are also suspended for a period of 60 days.
  • VA: On March 18, 2020, the VA issued Circular 26-20-8, which strongly encourages loan holders to establish a sixty-day moratorium beginning March 18, 2020, on completing pending foreclosures or imitating new foreclosures on loans.  Additionally, due to the widespread impact of COVID-19, loan holders should consider the impact of completing an eviction action when choosing to retain the property instead of conveying to VA.  VA requests holders not to expose Veterans and their families to additional risk through an eviction, if at all feasible.  Previously, on March 16, 2020, the VA issued Circular 26-20-7, which provides, in relevant part, that (1) lenders should have continuity of operation plans in place to support its ongoing ability to conduct business operations in the event of an interruption to business operations and processes; (2) servicers may employ the following relief to veterans impacted by COVID-19: (a) forbearance, (b) late charge waivers on affected loans, and (c) suspension of credit bureau reporting on affected loans; and (3) appraisers should continue to conduct business as outlined in Chapter 10 of the M26-7, Lenders Handbook.

Federal Government-Sponsored Entities:

  • Fannie Mae: Fannie Mae released a Bulletin for borrowers detailing its response to the COVID-19. Fannie Mae has placed a moratorium on foreclosure sales and evictions for sixty (60) days. In conjunction with the Bulletin, Fannie Mae also issued Lender Letter LL-2020-02, which sets forth guidance for lenders in responding to COVID-19.  The letter provides guidance for lenders concerning topics such as (1) forbearance plan eligibility for borrowers, (2) evaluating borrowers for mortgage modifications, (3) credit bureau reporting, and (4) suspension of foreclosure sales.
  • Freddie Mac: Freddie Mac released a Bulletin for mortgage servicers detailing its response to the COVID-19 and new guidelines for Freddie Mac mortgage servicers during the COVID-19 pandemic. Similar to Fannie Mae, the Bulletin provides guidance for lenders concerning topics such as (1) forbearance plan eligibility for borrowers, (2) evaluating borrowers for mortgage modifications, (3) credit bureau reporting, and (4) suspension of foreclosure sales.

State Guidance

State Legislatures:

  • Enacted Legislation and Executive Orders
    • District of Columbia: On March 17, 2020 Mayor Bowser signed the COVID-19 Response Emergency Amendment Act of 2020, which expires on June 15, 2020. The act provides for, among other things, a prohibition on evictions for as long D.C. is under a public health emergency.
    • New Hampshire: On March 17, 2020, New Hampshire Governor Christopher Sununu issued Emergency Order #4 pursuant to Executive Order 2020-04, which (1) prohibits an owner of non-restricted property or restricted property, as those terms are defined in RSA 540:1-a, from initiating eviction proceedings under RSA 540, and (2) prohibits all judicial and non-judicial foreclosure actions under RSA 479 or any other applicable law, rule or regulation, during the State of Emergency declared in Executive Order 2020-04.
    • New Jersey: The New Jersey Legislature passed Assembly Bill 3859, which allows the New Jersey governor to issue an executive order during a Public Health Emergency, pursuant to the New Jersey Emergency Health Powers Act, prohibiting the removal of any lessee, tenant, or homeowner from a residential property as the result of an eviction or foreclosure action.  Governor Philip Murphy subsequently issued Executive Order No. 106, which prohibits any lessee, tenant, homeowner or any other person from being removed from a residential property as a result of an eviction or foreclosure proceeding.
    • Kansas: On March 17, 2020, Governor Laura Kelly issued Executive Order No. 20-06, which orders all financial institutions operating in Kansas to temporarily suspend the initiation of any mortgage foreclosure efforts or judicial proceedings and any commercial or residential eviction efforts or judicial proceedings until May 1, 2020.
  • Pending Legislation
    • Massachusetts: The Massachusetts Legislature is considering House Docket No. 4935, which, if enacted, would impose a moratorium on evictions and foreclosures during the COVID-19 emergency.
    • Virginia: Currently, Virginia House Bill 340 is on Governor Northam’s desk, and he has until April 11th to take action on the bill. If passed, the bill would provide foreclosure and eviction protections for federal workers upon the closure of the federal government.

State Regulators:

In addition to state legislation and executive order, state regulators across the country have released guidance to regulated entities concerning the COVD-19 pandemic and indicating what the state regulators are doing in response. The Nationwide Multistate Licensing System (“NMLS”) has compiled state regulator guidance issued in response to COVID-19. The NMLS has posted this document to their website, and it is updated regularly. Below, we have included a summary of the information released by state regulators as of (March 20, 2020):

  • Alaska Department of Commerce, Community & Economic Development (“Department”): The Department posted guidance on its website stating that licensed mortgage-broker lenders may require licensed mortgage loan originators to work and undertaken licensed activities from home. The Department stated that it would not take administrative or other punitive action against a licensed mortgage loan originator or the sponsoring licensed company if the mortgage loan originator conducts activities requiring licensure from home. This guidance does not have an expiration date but is subject to revision.
  • Alabama State Banking Department (“Department”): The Department released guidance for any entity licensed by the Department. The Department instructed that licensees need to comply with all applicable statutes, regulations, and data security regulations. The Department noted that not all licenses may be able to work from home if their home location does comply with the applicable statutes, regulations, and data security regulations. This guidance does not have an expiration date but is subject to revision.
  • Arkansas Securities Department (“Department”): The Department released guidance for licensed mortgage loan companies, mortgage loan officers, and branch managers. The Department stated that mortgage loan companies may have mortgage loan officers work from home at unlicensed locations as long as state and federal data security standards are upkept. This guidance is in effect until June 1, 2020 but is subject to revision.
  • Colorado Department of Real Estate (“Department”): The Department released guidance that since Colorado law is silent as to the location at which mortgage loan originators are required to work. Therefore, the Department instructed that licensed mortgage loan originators may work from home. This guidance does not have an expiration date but is subject to revision.
  • Connecticut Department of Banking (“Department”): The Department released guidance for all consumer credit licensees. The Department is allowing consumer credit licensees to work from home during the CORVID-19 pandemic as long as the licensee follows applicable law, notifies the Department in writing, and that no licensable activity can take place at home with a member of the public. This guidance is in effect until April 30, 2020.
  • Iowa Division of Banking (“Division”): The Division released guidance for all entities that it regulates. The Division stated that all licensees may work from home during the CORVID-19 pandemic even if their home is an unlicensed office as long as appropriate data security measures are put into place. This guidance does not have an expiration date but is subject to revision.
  • Idaho Department of Finance (“Department”): The Department released guidance for all entities that it regulates. The Department is allowing licensed and registered entities to allow their employees to work from home even if that location is not a licensed location. Licensed and registered entities must keep up data security, may not advertise the unlicensed location as a licensed location, and may not meet with consumers or have consumers come to an unlicensed location. This guidance is in effect until June 30, 2020 but is subject to revision.
  • Indiana Department of Financial Institutions (“DFI”): The DFI issued temporary guidance offering licensees the ability to take precautions deemed necessary to avoid the risk of exposure or to comply with requirements of voluntary or mandated quarantines and is effective through June 30, 2020, unless otherwise modified or withdrawn.
  • Kansas Office of the State Bank Commissioner (“Commissioner”): The Commissioner released guidance for all entities that it regulates. The Commissioner is allowing licensed and registered entities to allow employees to work from home even if that location is not a licensed location. Licensed and registered entities must keep up adequate data security protection and may not take physical records out of the licensed location if they have confidential information. This guidance does not have an expiration date but is subject to revision.
  • Kentucky Department of Financial Institutions (“DFI”): The DFI released guidance to Kentucky-chartered financial institutions recommending that such institutions take certain actions in response to the COVID-19 pandemic.  Such actions include, among others, (1) working with customers affected by the coronavirus to meet their financial needs, which may include waiving overdraft and/or minimum balance fees, restructuring existing loans, extending loan repayment terms, and easing terms for new loans, (2) managing COVID-19 related staffing issues, and (3) making sure business continuity plans include pandemic planning.
  • Louisiana Office of Financial Institutions Non-Depository Division (“Division”): The Division released guidance for all licensed mortgage lenders, brokers, and originators. The Division is allowing entities to close their licensed locations and work from home, but entities that do so much provide the Division with notice of the new location. This guidance is in effect until April 9, 2020, but is subject to revision.
  • Massachusetts Division of Banks (“Division”): The Division released guidance for all licensed entities. The Division is allowing licensed entities to work from home as long as the unlicensed location is not advertised to the public and licensed entities do not meet with consumers at unlicensed locations. This guidance does not have an expiration date but is subject to revision.
  • Maryland Commissioner of Financial Regulation (“Commissioner”): The Commissioner released guidance for all licensed mortgage brokers, lenders, and servicers. The Commissioner is allowing licensed mortgage brokers, lenders, and servicers to work from home provided that the work would not require the location to be licensed as a branch office under Maryland law. This guidance does not have an expiration date but is subject to revision.  In addition, the Commissioner issued an Industry Advisory on March 19, 2020, advising the industry of Maryland Court of Appeals Chief Judge Mary Ellen Barbera’s March 18, 2020 order, which immediately stays all residential foreclosure and eviction actions in Maryland.
  • Michigan Department of Insurance and Financial Services (“DIFS”): The DIFS is seeking information regarding responses to the COVID-19 pandemic from all Michigan consumer finance licensees and registrants.  Responses were due on Friday, March 20, 2020 by 5:00pm and were required to address  whether (1) the licensee/registrant had temporarily or permanently reduced any services provided in their office locations or by your business, (2) whether the licensee/registrant had implemented a program to allow staff to work remotely and, if so, certain additional information about such program, (3) whether and in what way the licensee/registrant had communicated with their customers to provide them with information regarding any changes the licensee/registrant had implemented in response to the pandemic and how those changes may affect them, and (4) whether the licensee/registrant had proactively reached out to their customers to provide them with information concerning what they should do if they are having trouble making their loan payment.
  • Minnesota Department of Commerce (“Department”): The Department has issued separate guidance to Minnesota Industrial Loan & Thrift Companies, Licensed Mortgage Originators and Servicers (companies and individuals), Licensed Non-Depository Financial Institutions, and Regulated Loan Companies.  The guidance is intend to address certain issues and questions related to changes in branch locations or employees working from home as a result of the COVID-19 pandemic.
  • Mississippi Department of Banking and Consumer Finance (“DBCF”): The DBCF released guidance for licensed mortgage loan originators. The DBCF is allowing licensed mortgage loan originators to work from home provided that data security measures are put in place and the licensed mortgage loan originator does not have consumers meet with the licensed mortgage loan originator at their home. This guidance does not have an expiration date but is subject to revision. The DBCF also issued separate guidance to Mississippi Mortgage Licensees and Consumer Finance Licensees regarding industry pandemic preparedness and outline flexibility in DBCF processes in response to the COVID-19 pandemic.
  • Montana Division of Banking and Financial Institutions (“DBFI”): On March 19, 2020, the DBFI issued a Supervisory Memorandum on Operations During Novel Coronavirus Situation, in which the DBFI provides the industry with answers to FAQs regarding preferred methods of communication as well as notification requirements for branch and loan production office closures and hours changes during the COVID-19 pandemic.
  • Nebraska Department of Baking and Finance (“DBF”): The DBF released guidance for licensed mortgage bankers and sponsored/licensed mortgage loan originators. The DBF is allowing mortgage bankers and mortgage loan originators to work from home provided that they notify the DBF and the DBF approves the new location. All physical documents must remain at a licensed location, but licensees may access information digitally. This guidance is in effect until December 31, 2020 but is subject to revision.
  • New Hampshire Banking Department (“Department”): The Department released guidance for licensed mortgage loan originators. The Department is allowing licensed mortgage loan originators to work from home even if that location further than 100 miles from their supervisory office as would otherwise be required under New Hampshire law. This guidance does not have an expiration date but is subject to revision.
  • New Mexico Financial Institutions Division (“Division”): The Division released guidance for all mortgage licensees. The Division is allowing all mortgage licensees to work from home provided that data security measures are put in place and no mortgage licensee advertise from or meet with consumers from their home if it is an unlicensed location. This guidance is in effect until May 31, 2020 but is subject to revision.
  • Nevada Division of Mortgage Lending (“Division”): The Division released guidance for all licensed mortgage companies and mortgage loan originators. The Division is allowing licensed mortgage companies and mortgage loan originators to work from home even if it would be considered an unlicensed location. This guidance is in effect until May 31, 2020 but is subject to revision.
  • New York Department of Financial Services (“NY DFS”): The NY DFS has asked licensees to submit plans to the NY DFS on how they plan to address the CORVID-19 pandemic. In addition, the NY DFS issued guidance to New York State regulated and exempt mortgage servicers regarding support for borrowers impacted by COVID-19.
  • Oklahoma Department of Consumer Credit (“Department”): The Department has released guidance for licensed mortgage loan originators and their employees. The Department has stated that licensed mortgage loan originators and their employees may work from home as long as they put in place appropriate data security measures. This guidance is in effect until April 30, 2020 but is subject to revision.
  • Oregon Division of Financial Regulation (“Division”): The Division has released guidance for all licensed entities. Licensed entities can work from home provided that the entity provides notice to the department, the entity has procedures in place for data security and more broadly for working from home, and no consumers at met with at unlicensed locations. Mortgage loan originators must keep all physical records at a licensed location. This guidance is in effect until April 30, 2020 but is subject to revision.
  • Pennsylvania Department of Banking and Securities (“Department”): The Department issued FAQs related to compliance with Governor Wolf’s Order that non-life-sustaining businesses shut down their physical operations.
  • Puerto Rico Office of the Commissioner of Financial Institutions (“OCFI”): The OCFI issued Circular Letter CIF Number CC-2020-002 to all financial institutions required to file reports with the OCFI, which extends the deadlines for filing such reports in light of the governmental closure ordered by Governor Garced, due to the State of Emergency declared in response to COVID-19.
  • Rhode Island Division of Banking (“Division”): The Division has released guidance for licensed mortgage loan originators, mortgage lenders, loan brokers, and exempt company registrants. The Division is allowing licensed mortgage loan originators to work from home if they and their sponsoring entities have adequate data security measure in place. Consumers are not allowed to visit any unlicensed location including the home of a mortgage loan originator if it is not a licensed location. This guidance is in effect until April 30, 2020 but is subject to revision.
  • South Carolina Consumer Finance Division of the Board of Financial Institutions (“Division”): The Division has released guidance for licensed mortgage origination and servicing companies. Licensed mortgage origination and servicing companies can work from home provided that they have a contingency plan in place, adequate data security measures, and do not remove any physical records from licensed offices. This guidance is in effect until April 30, 2020 but is subject to revision.
  • South Dakota Division of Banking (“Division”): The Division had released guidance for licensed mortgage loan originators and their sponsoring entities. Licensed mortgage loan originators can work from home provided that they have adequate data security measures in place and do not take any physical records out of licensed locations. This guidance is in effect until June 5, 2020 but is subject to revision.
  • Texas Office of Consumer Credit Commissioner (“Commissioner”): The Commissioner has released guidance for licensed regulated lenders. All licensed regulated lenders can work from home provided that they prepare a written plan describing the steps it is taking, have adequate data security measures, and ensure that all physical records remain in a licensed location. This guidance is in effect until May 31, 2020 but is subject to revision.
  • Texas Department of Savings and Mortgage Lending (“Department”): The Department has issued guidance temporarily suspending any requirement that a physical office be open to the public during posted normal business hours.  Additionally, licensed mortgage loan originators may work from home or another remote location, whether located in Texas or another state, even if the home or remote location is not a licensed branch.  The guidance provides certain requirements in the event that a licensed residential mortgage loan originator or mortgage loan staff work remotely.  These allowances do not amend Texas Financial Code, Chapter 156 and/or 157 and are being allowed strictly due to the COVID-19 pandemic.
  • Vermont Department of Financial Regulation (“Department”): The Department has released guidance for licensed mortgage loan originators and their sponsoring entities. All licensed mortgage loan originators may work from home provided that no licensable activity is taken place with a consumer at an unlicensed location, adequate data security measures are put into place, and a plan is contingency plan is put in place. This guidance does not have a current expiration date but is subject to revision.
  • Washington Department of Financial Institutions (“Department”): The Department released guidance for licensed mortgage loan originators and their sponsoring entities. All licensed mortgage loan originators may work from home provided that adequate data security measures are put in place. Consumers are not allowed to visit licensed mortgage loan originators at unlicensed locations. This guidance is effective until June 5, 2020 but is subject to change.  The DFI also issued guidance to Washington regulated and exempt residential mortgage loan servicers regarding support for borrowers impacted by COVID-19.  The guidance urges such institutions to take reasonable and prudent actions, subject to the requirements of any related guarantees or insurance policies, to support those adversely impacted by COVID-19.
  • Wisconsin Department of Financial Institutions (“Department”): The Department released guidance for licensed mortgage loan originators. All licensed mortgage loan originators may work from home provided that their sponsoring entity notify the Department, a list is kept of all mortgage loan originators who elect to work from home where the home is not a licensed branch, appropriate data security measures are taken, and no physical records are present at unlicensed locations. Consumers are not allowed to visit unlicensed locations. This guidance does not have a current expiration date but is subject to revision.
  • West Virginia Division of Financial Institutions (“DFI”): The DFI issued guidance to West Virginia Regulated Financial Institutions allowing employees of regulated entities to temporarily work from home or some other remote location approved by the financial institutions, whether located in West Virginia or another state. Regulated financial institutions may permit employees to work at home or from a designated remote location, to the extent that the position allows, as long as privacy and security issues may be adequately addressed.  The guidance is in effect from March 13, 2020 through May 1, 2020.

Takeaway

As the federal government and the states work feverishly to address the growing concerns surrounding the COVID-19 pandemic, members of the financial services industry must stay abreast of the rapid changes in the legal and regulatory landscape.  We will continue to monitor for new developments and will update this post to highlight additional federal or state guidance that is issued.

CFPB Issues Policy Statement on Dodd-Frank “Abusiveness” Standard, But Important Uncertainties Remain

A&B ABstract:

The Consumer Financial Protection Bureau (“CFPB” or the “Bureau”) issued a Policy Statement to provide a framework for how it intends to apply the Dodd-Frank Act’s “abusiveness” standard going forward in its supervision and enforcement activities. While this framework attempts to provide clarity where the Dodd-Frank Act left uncertain what acts and practices would be considered “abusive,” the Policy Statement fails to address several key issues. In particular, the Policy Statement does not identify specific conduct that would be considered abusive—leaving public statements on such issues to enforcement matters and litigation.

Background to the Policy Statement

The Dodd-Frank Act (“the Act”) added a prohibition on “abusive” acts and practices to the established prohibition on unfair or deceptive acts and practices. Over the years, the Federal Trade Commission’s policy statements, enforcement actions, and judicial precedents have defined the prohibitions on “unfair” and “deceptive.” The abusiveness standard is less developed. The Act grants the CFPB authority to declare an act or practice as “abusive” if the act or practice: (1) materially interferes with the ability of a consumer to understand a term or condition of a consumer financial product or service; or (2) takes unreasonable advantage of (A) a lack of understanding on the part of the consumer of the material risks, costs, or conditions of the product or service; (B) the inability of the consumer to protect the interests of the consumer in selecting or using a consumer financial product or service; or (C) the reasonable reliance by the consumer on a covered person to act in the interests of the consumer. This Policy Statement follows a symposium convened by the CFPB in 2019 where a panel of academics and regulatory and industry experts debated, among other issues, whether the CFPB should further define abusiveness.

Defining “Abusive” in Precedent

The CFPB and other agencies have seldomly alleged a standalone “abusive” claim; instead, such claims are generally paralleled by claims of “unfairness” and “deceptiveness.” When alleging abusive practices, the CFPB almost always alleged deceptive or unfair practices based on the same set of underlying facts. For example, in 2017 the CFPB alleged that a loan servicer routinely entered student loan borrowers into forbearance without adequately providing information to borrowers regarding possible income-based repayment plans. The CFPB argued that the servicer’s actions constituted both abusive practices and unfair practices under the Act, and the Court agreed.  While such decisions have provided some guidance on what constitutes an abusive practice under the Act, the courts, in reviewing such allegations, considered the statutory language but did not offer any guidance on what conduct might be construed as “abusive” but not construed as “unfair.”

The CFPB’s reticence to prosecute claims of abusive practices created a vacuum of interpretive guidance on how the abusiveness standard actually constrains businesses, beyond the black letter definition contained in the Act. For example, questions remained as to what act or practice would “materially interfere” with a consumer’s understanding of terms and conditions, or what exactly would constitute a financial service provider “taking unreasonable advantage” of a consumer seeking a product of service. These undefined terms left confusion and uncertainty for covered persons seeking to avoid violations. By contrast, the unfairness and deceptiveness standards (which were already in place before the Act’s introduction of an abusiveness standard) have been subject to decades of case law and agency interpretations, which have yielded clear guidance on what acts and practices are considered unfair or deceptive.

Content of the Policy Statement

The Policy Statement acknowledges that “[u]ncertainty remains as to the scope and meaning of abusiveness,” which “creates challenges for covered persons in complying with the law,” and it sets forth a framework regarding how the CFPB will enforce the abusiveness standard. It does not, however, describe or provide examples of precisely what conduct the CFPB would deem abusive.

The Policy Statement describes three categories of principles that the CFPB intends to apply to its supervision and enforcement actions.  The CFPB has stated that the principles reflect the standards it has applied in prior actions.

  1. Benefits vs. Harms: “The Bureau intends to focus on citing conduct as abusive in supervision and challenging conduct as abusive in enforcement if the Bureau concludes that the harms to consumers from the conduct outweigh its benefits to consumers (including its effects on access to credit).” The Policy Statement notes that incorporating this principle “not only ensures that the Bureau is committed to using its scarce resources to address conduct that harms consumers, but also ensures that the Bureau’s supervisory and enforcement decisions are consistent across matters.
  2. No Dual Pleadings: The Bureau intends to avoid “dual pleading” of abusiveness along with unfairness or deception violations which arise from all or nearly all the same facts, and alleging “stand alone” abusiveness violations that “demonstrate clearly the nexus between cited facts and the Bureau’s legal analysis.” The Bureau believes that this approach to pleading will “provide more certainty to covered persons as to the metes and bounds of conduct the Bureau determines is abusive” and “facilitate the development of a body of jurisprudence as to the conduct courts conclude is abusive.”
  3. Good Faith” Limits on Monetary Relief: “[T]he Bureau generally does not intend to seek certain monetary remedies for abusive acts or practices if the covered person made a good-faith effort to comply with the law based on a reasonable—albeit mistaken—interpretation of the abusiveness standard. However, if a covered person makes a good-faith but unsuccessful effort to comply with the abusiveness standard, the Bureau still intends to seek legal or equitable remedies, such as damages and restitution, to redress identifiable consumer injury.”

The Policy Statement in Context

The Policy Statement is not a CFPB rulemaking. Rather, the Policy Statement merely “constitutes a general statement of policy that is exempt from the notice and comment rulemaking requirements of the Administrative Procedure Act” and is only “intended to provide information regarding the Bureau’s general plans to exercise its discretion.” It “does not impose any legal requirements on external parties, nor does it create or confer any substantive rights on external parties that could be enforceable in any administrative or civil Proceeding.” As such, while the Policy Statement is intended as a helpful guide to the Bureau’s enforcement philosophy with regard to the abusiveness standard, it is not law, and is subject to revision in the event of any change in the CFPB’s leadership, policies, or priorities.

The Policy Statement is not expected to affect ongoing litigation.  In remarks to the United States House of Representative Financial Oversight Committee on February 6, 2020, CFPB Director Kathleen Kraninger stated that “At this point, we have not amended any filings in court and don’t intend to related to this specifically,” indicating that the CFPB doesn’t anticipate repleading any of its pending court enforcement actions in light of the Policy Statement.

Takeaways:

While the principles outlined in the Policy Statement provide an indication of how the CFPB will react to conduct it deems to be “abusive,” it falls short of providing clarity on it will deem abusive, thereby continuing the uncertainty regarding the abusive standard that has existed since its inception. Moreover, the principles set forth in the Policy Statement are themselves subject to uncertainty. For example, it is unclear what exactly constitutes consumer benefits or harms and how those factors are weighed to determine whether conduct is abusive; likewise, it is unclear what types of actions are sufficient to demonstrate a good-faith effort to comply with the law under a mistaken interpretation of the abusiveness standard.

Notably, however, the Policy Statement expressly left open “the possibility of engaging in a future rulemaking to further define the abusiveness standard,” which presumably may take the form of enforcement actions, CFPB advisories or other guidance, or updates to the CFPB examination manual.

FTC to Settle Charges of Deception with Marketer of Consumer Financial Products

A&B ABstract: The Federal Trade Commission (“FTC”) recently announced an administrative complaint and proposed settlement against a marketer of consumer financial products that highlights potential compliance issues with product and service reviews, particularly entities that provide “pay-to-play” rankings and ratings.

Discussion:

On February 3, 2020, the Federal Trade Commission (“FTC” or “Commission”) announced an administrative complaint and proposed settlement against Shop Tutors, Inc., doing business as LendEDU  (the “Company”), and three executives, including the Chief Executive Officer, the Chief Technology Officer, and the Vice President of Product (collectively the “Respondents”).  The complaint and proposed settlement relate to allegations of deceptive content on the Company’s comparison shopping website which markets student loans, personal loans, credit cards, and insurance products.  According to the FTC, the individual Respondents knew about or directly participated in the deceptive conduct alleged.

The FTC’s complaint contains three counts alleging violations of Section 5 of the FTC Act, which prohibits unfair and deceptive acts and practices.  To settle the case, the Respondents must pay $350,000, are prohibited from making deceptive claims about their products or services, and must affirmatively disclose certain material information, among other remedies.  The FTC voted 5-0 in favor of this proposed settlement, with Commissioner Rebecca Kelly Slaughter issuing a concurring statement.  As the FTC brought this case as an administrative complaint rather than through the federal courts, the proposed settlement will be subject to 30 days of public comment before the Commission determines whether to make the proposed order final.  Once entered, the final order will be in effect for 20 years.

The Complaint:

According to the FTC’s complaint, since 2014 lendedu.com has promised “honest” “accurate” and “unbiased” ratings of the companies offering financial products on its website, but instead promoted particular companies by boosting rankings and ratings in exchange for payment.  The FTC further alleges that: (a) positive reviews about lendedu.com and its customer service posted on its own and other third-party review platforms were written by employees of and others with a connection to the Company, and (b) the vast majority of “reviewers” don’t appear to have used lendedu.com.

 Allegations related to “pay to play”:

Lendedu.com’s web pages for financial and insurance products include rate tables, rankings, star ratings and reviews of what it claims were the “best” or “top” companies in the product category.  According to the FTC, the Respondents claimed that the “ratings are completely objective and not influenced by compensation in any way,” and that their “research, news, ratings, and assessments are scrutinized using strict editorial integrity.”  The FTC alleges that contrary to these claims, the Company provided financial service companies with higher numerical rankings or star ratings and higher positions on rate tables in exchange for compensation.

The FTC’s complaint cites to a range of evidence as support for this allegation.  For example:

  • An email from the CEO asked a student loan refinance company to pay $9.50 per click to retake the number one ranking in that product category after it had fallen to number three. The company agreed to pay $8.50 per click for the number one ranking and table placement (and was restored to the number one spot).  In a later email, the VP of Product asked the same company to increase its payment to $16.00 per click, stating “we want to keep your business positioned as the #1 lender on our site, but we need to justify the move from a business perspective.”  That company then agreed to pay $15 per click and kept its number one position.
  • The Respondents’ presentation material to a prospective bank customer included a slide that discussed “Partner Positioning & Ordering,” explaining that “compensation may influence the products we review and write about, the order in which partners appear in our articles, whether products appear on our site, and where they’re placed.”

Additionally, according to the FTC, the Company’s paid placement policies caused some previously highly ranked companies’ ratings to drop when they refused to pay to maintain those positions.  For example, the Respondents ranked one student loan refinance company number two in the rankings and listed it second in the rate table for several months.  When the company refused to pay more to be placed in the second spot, Respondents dropped its ranking to number five or lower.

Allegations related to inadequate disclosures:

The FTC alleges that the Respondents included virtually no information about their relationships with the companies that appear on the lendedu.com website, including that a company’s inclusion or ranking on the site may have been influenced by payment.  According to the complaint, in mid-2016, Respondents added a fine-print disclaimer that the “site may be compensated through third party advertisers,” in the website’s footer.  And in March 2019, after becoming aware of the FTC’s investigation, the Respondents included on a separate webpage a list of companies that “may provide compensation to LendEDU.”  The FTC found these disclosures to be inadequate as neither was clear and conspicuous.

Allegations related to fake reviews:  

The FTC also alleges that reviews and testimonials about LendEDU’s website and customer service that appear on its own site or and on third-party review platforms were written by employees of the Company or were completely made up.  According to the FTC, at the time the FTC announced its complaint, lendedu.com had 126 reviews on a third party review website; of those, 111 (or 90%), were written or made up by Company employees or their family, friends, or other associates. The FTC further alleges that the lendedu.com homepage included “testimonials” from consumers claiming they saved money using the Company’s services, but that the Respondents had fabricated these “testimonials.”

Takeaways  

The FTC continues its focus on deceptive endorsements, reviews and testimonials, regardless of the medium through which they are offered, be it third-party websites, social media, traditional media, such as broadcast or print, or “native” advertising.  Companies should ensure that any reviews of product or services they publicly post or publish reflect the actual experience of the endorser. Further, companies should clearly and conspicuously disclose if there is a “material connection” that is not obvious on its face, such as when the endorser receives payment or product in exchange for the endorsement, or where the endorser has an ownership interest in the product or service he is endorsing.

In addition, review sites and other businesses promoting the products and services of others must be transparent about any compensation or other consideration they receive in exchange for inclusion or placement. In her concurring statement, Commissioner Slaughter underscored this point warning that “companies that engage in pay-to-play rankings and ratings should take heed: this conduct robs consumers of vital information, pollutes our online marketplaces, and violates the law, which will result in serious consequences.”

NY DFS unveils Consumer Protection Task Force, adds Former CFPB Deputy Director

A&B ABstract:

Less than one month into the new year, New York’s Department of Financial Services (DFS) has taken strong measures to make good on its proclamation that  “2020 must be the year of the consumer” by: (1) unveiling a 12-member Consumer Protection Task Force to help implement an extensive consumer protection agenda; and (2) adding former CFPB Deputy Director Leandra English as a special policy advisor to the Superintendent.

The Consumer Protection Task Force

On January 9, Superintendent Lacewell announced the roll-out of a 12-member Consumer Protection Task Force to “further DFS’ mission to protect consumer as the federal government rolls back important consumer protections.”  In his annual State of the State, Governor Cuomo expressed his belief that with the current Administration’s “rolling back of consumer protections and regulations, Americans are more exposed to predatory and abusive practices than at any time since the 2008 financial crisis.”  The DFS press release noted that one of the task force’s immediate focuses will be to help bring to fruition “the extensive consumer protections proposals included in Governor Cuomo’s 2020 State of the State agenda” which includes such initiatives as: (1) licensing and regulating debt collection companies; (2) the codification of a Federal Trade Commission rule banning confessions of judgment; (3) strengthening the state’s consumer protection laws to protect against unfair, deceptive, and abusive practices; (4) cracking down on elder financial abuse; and (5) increasing access to affordable banking services.

According to the DFS, task force members will “provide formal input on the [DFS’] consumer engagement, policy development and research” in order to “ensure that consumer’s always come first as the [DFS] develops policies and regulates the financial services industry.”  The 12-member committee consists of: (1) Chuck Bell, Programs Director for the advocacy division of Consumer Reports; (2) Elisabeth Benjamin, Esq., Vice President of Health Initiatives at the Community Service Society; (3) Carolyn Coffee, Esq., Director of Litigation for Economic Justice at Mobilization for Justice; (4) Beth Finkel, State Director for the New York State Office of the AARP; (5) Jay Inwald, Esq., Director of Foreclosure Prevention at Legal Services NYC; (6) Paul Kantwill, Esq., Distinguished Professor in Residence and Executive Director, Rule of Law Program at Loyola University Chicago School of Law; (7) Neha Karambelkar, Esq., Staff Attorney at Western New York Law Center; (8) Kristen Keefe, Esq., Senior Staff Attorney with the Consumer Finance and Housing Unit at Empire Justice Center; (9) Peter Kochenburger, Esq., Executive Director of the Insurance LLM Program and Deputy Director of the Insurance Law Center at the University of Connecticut Law School; (10) Sarah Ludwig, Esq., Co-Director of New Economy Project; (11) Frankie Miranda, Executive Director at the Hispanic Federation; and (12) Cy Richardson, Senior Vice President at the National Urban League.

Superintendent Lacewell noted that, as the federal government, in her words, “dismantles consumer protections across the board, New York has intensified its commitment” to “further solidify New York’s reputation as the consumer protection capital of America.” Lacewell added that, “[w]ith the federal government stepping down and refusing to enforce critical consumer protection law, we must make 2020 the Year of the Consumer.”

NY DFS Adds Former CFPB Deputy Director Leandra English

On January 14, 2020 the DFS announced that former CFPB Deputy Director Leandra English would be joining the DFS as a special policy advisor reporting directly to Linda Lacewell.  According to the press release, Ms. English will “help develop policy initiatives and manage DFS’ consumer protection agenda” and her appointment “strengthens the mission of the [DFS] to protect and empower New York consumers as Washington continues to roll back on consumer protections.”  Ms. English is well known for leaving the CFPB after having been appointed acting director by departing director Richard Cordray only to see the President’s administration issue a dual appointment, naming Mick Mulvaney as acting director.  The ensuing legal dispute reached the U.S. Court of Appeals for the D.C. Circuit before Ms. English ultimately resigned.

Ms. English’s most recent work was as Director of Financial Services Advocacy for the Consumer Federation of America (CFA), a “national nonprofit organization dedicated to advancing the consumer interest through research, advocacy, and education.”  One of Ms. English’s initiatives in that role was to support the Forced Arbitration Injustice Repeal Act (H.R. 1423), known as the “FAIR” Act, which would eliminate compulsory arbitration in consumer contracts and was passed by the House of Representatives in the Fall by a 225-186 vote.  Upon the bills passage, Ms. English commented that, “Americans deserve their day in court, but when companies force consumers into signing away their rights, the chances of a fair outcome diminish drastically. We thank the House for taking this important step in eliminating these clauses from contracts for products consumers use every day including credit cards and checking accounts. We now need the Senate to act to protect consumers.”

Takeaway

As the DFS continues its push to strengthen protections for New York consumers in 2020, it will be interesting to watch how such initiatives impact the DFS’ investigative and enforcement priorities.  Moreover, as New York is a bellwether state, it will be interesting to see whether other states follow suit.

FTC Announces Settlement with Mortgage Broker for Publishing Personal Information about Consumers

A&B ABstract:

On January 7, 2020, the Federal Trade Commission (FTC) announced a complaint and settlement against California mortgage broker Mortgage Solutions FCS, doing business as Mount Diablo Lending, and its owner, Ramon Walker, (collectively, Mortgage Solutions).  The FTC’s complaint (Complaint) alleged that in response to negative Yelp reviews posted by applicants and customers, the company publicly posted sensitive personal information, including financial information, about those individuals gleamed that it gleaned from mortgage applications and credit report.  Specifically, according to the Complaint, that information included sources of income, payment and credit histories, taxes, family relationships and health. The FTC alleged that Mortgage Solutions’ actions violated the Fair Credit Reporting Act (FCRA), the Gramm Leach Bliley Act (GLBA) and Section 5 of the FTC Act. As part of the settlement, Mortgage Solutions will pay a $120,000 civil penalty for violating the FCRA.

Discussion

The Complaint, filed in the U.S. District Court for the Northern District of California by the U.S. Department of Justice on behalf of the FTC, alleges that between June 2015 and August 2016, defendant Walker published or caused to be published responses to negative consumer reviews about Mortgage Solutions’ services that appeared on the consumer review website, Yelp.com, that were publicly viewable on Yelp’s page for Mount Diablo Lending.  The Complaint also alleges that required privacy notices provided to customers were inadequate and were not followed, and that the company’s information security program was inadequate.   A summary of the FTC’s complaint counts follows:

Violations of the FCRA: 

The Complaint alleges that Mortgage Solutions impermissibly used consumer reports in violation of the FCRA.  According to the Complaint, some of the personal information that Mortgage Solutions publicly posted about consumers was information contained in consumer reports it obtained.  The FCRA allows use of consumer reports only for the permissible purposes identified in section 604(a) of the FCRA; however, public dissemination – such as Mortgage Solutions’ posting of consumers’ information on Yelp.com – is not a permissible purpose

Violation of the GLBA Privacy Rule (Regulation P): 

The Complaint alleges that Mortgage Solutions failed to provide a clear, conspicuous and accurate privacy notice and impermissibly disclosed non- public personal information about some of its customers in violation of the GLBA Privacy Rule.  The Privacy Rule requires, among other things, that a financial institution provide annually a clear and conspicuous notice to customers that accurately reflects the financial institution’s privacy policies and practices, including its security policies and practices.

According to the Complaint, from October 2012 until April 2018, Mortgage Solutions disseminated a privacy notice that omitted or misstated significant information. Among other things, the notice indicated that the only personal information collected by Mortgage Solutions is customers’ Social Security numbers and that Mortgage Solutions did not share this personal information with any third party for any reason. In fact, the company collected myriad types of sensitive personal information, including income information, credit histories, and dates of birth.  The Complaint further alleges that Mortgage Solutions’  posting of customer information on Yelp.com caused the privacy notice to be inaccurate, and additionally violated the Privacy Rule

Violation of the GLBA Safeguards Rule:

The Complaint alleges that  Mortgage Solutions failed for a period of time to develop and implement an information security program, and when it did implement a program, it fell short of regulatory standards.  The Safeguard’s Rule requires financial institutions to implement a comprehensive written “information security program” containing reasonable administrative, technical, and physical safeguards. It further requires that financial institutions regularly test or otherwise monitor the effectiveness of the safeguards’ key controls, systems, and procedures.

According to the Complaint, Mortgage Solutions did not have an information security program until September 2017 (in spite of being in business since at least 2012), and when it did finally implement a plan, the plan made no provision for regularly testing or assessing its own effectiveness.  Further, according to the complaint, Diablo failed to engage in such regular testing or assessment.

Violation of Section 5 of the FTC Act: 

The Complaint alleges that publicly posting consumers’ personal information was deceptive and unfair under Section 5 of the FTC Act.

Relief:

In addition to paying a $120,000 civil penalty, the terms of the settlement prohibit Mortgage Solutions from misrepresenting its privacy and data security practices; misusing credit reports; and improperly disclosing personal information to third parties. It also must implement a comprehensive data security program designed to protect the personal information it collects and obtain third-party assessments of its information security program every two years. Finally, the company must designate a senior corporate manager responsible for overseeing the information security program to certify compliance with the order every year.

Takeaways

The FTC is continuing to assert its authority against financial institutions within its jurisdiction, including its general authority to prevent unfair and deceptive acts or practice under the FTC Act, and its authority with respect to the FCRA and GLBA.

In addition, this case represents the FTC’s latest effort to crack down on companies who attempt to restrict or retaliate against consumers negative public reviews on social media and other public websites.  In 2019 the FTC announced five cases alleging violations of the Consumer Review Fairness Act, which bans form contract provisions that restrict a consumer’s ability to post reviews about a seller’s goods, services, or conduct. Those cases challenged illegal “confidentiality” or “non-disparagement” clauses that sometimes threatened consumers with financial penalties for posting reviews.