#CFPA

CFPB Proposes Nonbank Registry to Focus on Compliance “Recidivism”

January 11, 2023 By Nanci Weissgold, Anoush Garakani, Melissa Malpass

A&B ABstract:

On December 12, 2022, the Consumer Financial Protection Bureau (CFPB) announced a proposed rule to require certain non-banks to register with the agency when they become subject to a public written order or judgment imposing obligations based on violations of certain consumer protection laws. The CFPB also proposes to maintain a public online registry of those nonbanks subject to agency or court orders, to “limit the harms from repeat offenders.” We provide below a description of the CFPB’s proposed rule, along with the potential implications for the financial services industry.

Background on Proposed Rule

Earlier this year, CFPB Director Rohit Chopra presented remarks at the University of Pennsylvania, where he asserted that “[c]orporate recidivism has become normalized and calculated as the cost of doing business; the result is a rinse-repeat cycle that dilutes legal standards and undermines the promise of the financial sector and the entire market system.” To address this problem, Director Chopra suggested establishing “dedicated units in our supervision and enforcement divisions to enhance the detection of repeat offenses and corporate recidivists and to better hold them accountable.” With respect to accountability for “serial offenders of federal law,” Director Chopra warned that the CFPB would be focusing on “remedies that are more structural in nature,” including “limits on the activities or functions” of the entity.

Subsequently, in November 2022, and leading up to the proposed rule, the CFPB announced, as part of its Supervisory Highlights, that it would be establishing a Repeat Offender Unit as part of its supervision program. The Repeat Offender Unit would be focused on: reviewing and monitoring the activities of “repeat offenders;” identifying the root cause of recurring violations; pursuing and recommending solutions and remedies that hold entities accountable for failing to consistently comply with Federal consumer financial law; and designing a model for order review and monitoring that reduces the occurrences of repeat offenders. The Bureau asserts that its authority for these efforts, along with any proposed rulemaking, is derived from the Consumer Financial Protection Act’s mandate that the Bureau “monitor for risks to consumers in the offering or provision of consumer financial products or services” and “gather information from time to time regarding the organization, business conduct, markets, and activities of covered persons and service providers.” See 12 U.S.C. § 5512(c)(1), (4).

Proposed Requirements

The CFPB’s proposed rule would require certain nonbanks covered person entities (with exclusions for insured depository institutions, insured credit unions, related persons, States, certain other entities, and natural persons) to register with the Bureau upon becoming subject to a public written order or judgment imposing obligations based on violations of certain consumer protections laws. Such entities would be required to register in a system established by the Bureau, provide basic identifying information about the company and the order (including a copy of the order), and periodically update the registry for accuracy and completeness. For purposes of the proposed rule, “covered person” would have the same meaning as in 12 U.S.C. § 5481(6). Further, “service providers” would be deemed covered persons to the extent that they engage in the offering or provision of their own consumer financial product or services or where they act as service providers to covered person affiliates.

In addition, certain larger participant nonbanks subject to the Bureau’s supervisory authority would be required to designate a senior executive, who is responsible for and knowledgeable of the nonbank’s efforts to comply with the orders identified in the registry, to attest regarding compliance with covered orders and submit an annual written statement attesting to the steps taken to oversee the activities subject to the applicable order for the preceding calendar year, and whether the executive knows of any violations of, or other instances of noncompliance with, the covered order.

Further, the CFPB is considering whether to release, via its publicly available website, the above registry information for non-banks.

Implications for Non-Banks

While the CFPB’s proposed enforcement order registry would provide greater transparency about a lender’s regulatory track record to the various federal and state regulators and the general public, it remains to be seen how the information maintained in this registry might be used against lenders. At a minimum, however, the proposed rule raises the following significant implications for non-banks:

Supervision and examination considerations. The CFPB intends to use the information in the registry to coordinate its “risk-based supervisory prioritization,” for those non-bank markets covered by the Bureau’s supervision and examination authority under CFPA section 1024(a). Thus, entities with a local, state, or federal prior enforcement order may be subject to more targeted supervision.
Investigation and enforcement presumptions. The CFPB intends to use the information in the registry in connection with its investigation and potential enforcement activities, which presents various risks, including:
- Increased civil money penalties. Specifically, the CFPB believes that the information contained in the proposed registry can assist the agency in determining the civil penalties that may be assessed for a future violation of federal consumer financial law, given that federal law permits the CFPB to consider the entity’s “history of previous violations.” Indeed, it is possible that the CFPB may use evidence of prior enforcement against an entity, brought by itself or another agency, to establish that the entity acted knowingly or recklessly in violating federal consumer financial law, perhaps even where the prior enforcement order involved a different consumer-related issue.
- Presumption of consumer harm. Further, the CFPB believes there is a “heightened likelihood” that entities that are subject to public orders relating to consumer financial products and services may pose risks to consumers in the markets for those products and services, since entities that have previously been subject to enforcement actions “present an increased risk of committing violations of laws.” Thus, there may be a presumption of consumer harm against an entity where a prior enforcement order exists. Yet this approach by the CFPB likely will overstate the actual harm to consumers, as most consent orders do not contain an admission by the entity of any liability or wrongdoing.
Increased reputational risk. Given that the CFPB maintains Memoranda of Understanding with federal parties (such as the Federal Trade Commission and the U.S. Department of Justice), as well as with at least 20 state attorneys general offices, it appears that the information reported to the registry already would be available to such agencies. However, the registry will permit all agencies, as well as the general public, a readily accessible, one-stop shop to an entity’s entire enforcement track record, which may present significant reputational risk to that entity, as well as a potentially increased risk of class action lawsuits and other consumer claims.
Facilitating of private enforcement. The CFPB believes that the proposed registry may “facilitate private enforcement of the Federal consumer financial laws by consumers, to the extent those laws provide private rights of action, where consumers have been harmed by a registered nonbank.” In other words, the “information that would be published under the proposal might be useful in helping consumers understand the identity of a company that has offered or provided a particular consumer financial product or service, and in determining whether to file suit or otherwise make choices regarding how to assert their legal rights.”

Takeaway:

Given the significant implications raised by the CFPB’s proposed rule, non-bank financial institutions should consider submitting comments, which are due 60 days after publication in the Federal Register. In particular, the CFPB seeks comment on “its preliminary conclusion that collecting and registering public agency and court orders imposing obligations based upon violations of consumer law would assist with monitoring for risks to consumers in the offering or provision of consumer financial products and services.” The CFPB also seeks comment on “whether the types of orders described in the proposal, and the types of information that would be collected about those orders and covered nonbanks under the proposal, would provide useful information to the Bureau,” as well as “any other risks that might be identified through collecting the information described in the proposal.” Finally, the Bureau seeks comment on whether it should consider collecting any other information in order to identify risks to consumers associated with orders.

CFPB Sues MoneyLion over Membership Program, Uses Military Lending Act as Hook

October 5, 2022 By Sam Bragg, Kelley Barnaby

A&B Abstract:

On September 29, 2022, the Consumer Financial Protection Bureau (“CFPB”), sued MoneyLion Technologies Inc. and 37 of its subsidiaries (“MoneyLion”) in New York federal court for violations of the Military Lending Act (the “MLA”) and Consumer Financial Protection Act (“CFPA”).

The Allegations

The CFPB alleges that MoneyLion offered installment loans that consumers could not access unless they enrolled in a membership program with monthly membership fees. While MoneyLion represented to consumers that they “had the right to cancel their memberships for any reason,” it “maintained a policy prohibiting consumers with unpaid loan balances from canceling their memberships.”

According to the CFPB, MoneyLion’s membership model resulted in violations of the MLA’s 36% APR cap. Under the MLA’s implementing regulation, APR is calculated as including “fee[s] imposed for participation in [an] arrangement for consumer credit.” Based on this, the CFPB argues that the membership fees MoneyLion required servicemembers to pay to gain access to installment loans must be included in those loans’ APR. If correct, those loans’ APR would unlawfully exceed 36%.

The CFPB also alleges that the installment loans to servicemembers violated the MLA by containing unlawful arbitration clauses and failing to contain required disclosures.

Lastly, the CFPB alleges that MoneyLion’s membership model resulted in unfair, deceptive, and abusive acts or practices under the CFPA. Particularly, the CFPB alleges that MoneyLion misled and injured consumers by representing to consumers that they had the right to cancel their memberships when, in fact, they did not.

Takeaways

The MoneyLion suit serves as a good reminder that every lending program should: (i) account for the additional protections provided to uniquely situated borrowers, such as servicemembers under the MLA; (ii) scrutinize any fees paid by consumers that could be viewed as increasing a loan’s APR; and (iii) review representations they make to consumers to align with the commercial realities and the regulatory requirements of the products they offer.

Update Regarding the CFPB’s Buy Now, Pay Later Orders

January 7, 2022 By Consumer Finance Team

In a prior post, we reported that the language used in orders recently issued by the CFPB to leading Buy Now, Pay Later (“BNPL”) providers suggested that the CFPB intends to use the information it collects to build enforcement cases rather than monitor market developments. We also reported that if this is the case, it is a departure from historic precedent and can be considered an end-run around the procedural safeguards established by Congress in Section 1052 of the Dodd-Frank Act to ensure that due process is afforded to financial institutions that become the target of CFPB enforcement investigations.

The CFPB’s intentions were apparently confirmed in a January 5 article in Axios about the BNPL orders, which quotes the CFPB’s small dollar, marketplace and installment lending program manager as saying:

It is certainly possible that we could as a result of the data collection take enforcement action.

Assuming this quote is accurate, recipients of CFPB 1022(c)(4) market monitoring orders should be well aware that any information provided to the agency may be used for enforcement purposes.

The CFPB is Sending Mixed Messages on COVID-19 Flexibility

April 19, 2021 By Consumer Finance Team

A&B ABstract: The CFPB’s inconsistent statements about the need for flexibility to address the pandemic suggest a deeper game afoot.

CFPB warns that continued COVID flexibility for financial institutions is not prudent…

On March 31, 2021, the CFPB announced it would be rescinding seven policy statements issued last year that provided financial institutions with flexibilities regarding certain regulatory filings or compliance with consumer financial laws and regulations due to the COVID-19 pandemic. One of the rescinded statements, for example, encouraged financial institutions to “work constructively with borrowers and other customers affected by COVID-19 to meet their financial needs” and to that end, “when conducting examinations and other supervisory activities and in determining whether to take enforcement action, the Bureau will consider the circumstances that entities may face as a result of the COVID-19 pandemic and will be sensitive to good-faith efforts demonstrably designed to assist consumers.”

In explaining the rescissions, Acting CFPB Director Uejio reasoned: “Because many financial institutions have developed more robust remote capabilities and demonstrated improved operations, it is no longer prudent to maintain these flexibilities.” Accordingly, the CFPB provided notice that it “intends to exercise the full scope of the supervisory and enforcement authority provided under the Dodd-Frank Act.”

To further drive home its point, on April 1, 2021, the CFPB issued a press release and compliance bulletin warning mortgage servicers that “unprepared is unacceptable” with regard to the treatment of mortgage borrowers exiting extended forbearances this fall. The CFPB stated it is “committed to using its authorities, including its authority under Regulation X mortgage servicing requirements and under the Consumer Financial Protection Act (CFPA), to ensure that homeowners facing the ongoing economic impact of the Coronavirus Disease (COVID-19) national emergency receive the benefits of critical legal protections and that avoidable foreclosures are avoided.”

…Except when it is!

On March 2, 2021, the CFPB issued a notice of proposed rulemaking (NPRM) to delay the mandatory compliance date of the General Qualified Mortgage (QM) final rule from July 1, 2021 to October 1, 2022. The reason cited by the CFPB for the compliance delay is the “need to provide maximum flexibility [to financial institutions] to address the effects of the pandemic.” In particular, the CFPB’s proposal states:

“The Bureau is concerned that the potential impact of the COVID-19 pandemic on the mortgage market may continue for longer than anticipated at the time the Bureau issued the General QM Final Rule, and so could warrant additional flexibility in the QM market to ensure creditors are able to accommodate struggling consumers.”

Additionally, on April 7, 2021, the CFPB proposed to delay the effective date of two recent debt collection rules by sixty days, from November 30, 2021 until January 29, 2022. The reason cited by the CFPB for its proposed delay is “to give affected parties more time to comply due to the ongoing COVID-19 pandemic.” In particular, the CFPB’s proposal states:

“Since the Debt Collection Final Rules were published, the global COVID-19 pandemic has continued to cause widespread societal disruption, with effects extending into 2021. In light of that disruption, the Bureau believes that providing additional time for stakeholders to review and, if applicable, to implement the final rules may be warranted. The Bureau believes that extending the rules’ effective date by 60 days, to January 29, 2022, may provide stakeholders with sufficient time for review and implementation.”

What is really going on?

Both of the CFPB’s delay NPRMs are curious. With respect to the QM delay proposal, a broad coalition of both housing and mortgage industry and consumer and civil rights groups files a joint comment letter stating that the recent enhancements to the General QM definition will replace loans that were designated QM under the temporary GSE Patch, and as a result, the organizations do not believe that extending the July 1 mandatory compliance date is necessary. And as our colleague Stephen Ornstein explained, recent FHFA actions will effectively sunset the GSE Patch on July 1 with or without the CFPB taking action. Further, with respect to the debt collection delay proposal, it is unlikely that 60 extra days before the rules take effect will make any appreciable difference to most market participants, considering that they were already given a full year to implement the rules, and they still won’t take effect for seven months.

The CFPB clearly has a strong desire to revisit both the underlying QM and debt collection final rules issued last year. For instance, as early as February 4, 2021, Acting Director Uejio stated that the CFPB would “[e]xplore options for preserving the status quo with respect to QM and debt collection rules.” And Diane Thompson, the Biden Administration political appointee now overseeing CFPB rulemaking efforts, publicly declared her hatred for the CFPB’s new General QM rule. If the CFPB does revisit these rules, it makes sense to do so soon; completing new rulemakings before the old ones take effect or require compliance could provide the CFPB a significant advantage in framing its mandatory Section 1022 cost-benefit analysis, depending upon the economic baseline established for analyzing the effects of its proposals. However, delaying rules simply for the purpose of changing them in light of the policy preferences of an incoming administration can be viewed skeptically by reviewing courts, since such actions tend to undermine the purposes of the Administrative Procedure Act. Perhaps that is the reason why the CFPB is disclaiming its plans to revisit the underlying rules in its delay NPRMs and, contrary to its own recent policy pronouncements, is relying instead upon the need for institutional flexibility to deal with the pandemic in the limited context of these two rules alone. Given the time constraints involved, the CFPB can be expected to show its full hand and propose changes to the QM and debt collection rules soon after it finalizes its associated delay rules.

CFPB Brings Action Against Connecticut Mortgage Lender

January 25, 2021 By Kelley Barnaby

The number of enforcement actions by the Consumer Financial Protection Bureau (CFPB) more than doubled from 2019 to 2020. The CFPB made clear that cracking down on deceptive and unfair acts and practices under the Consumer Financial Protection Act of 2010 (CFPA) remains a core focus, with 11 of the 15 complaints it filed last year alleging such violations.

Earlier this month, the CFPB filed another lawsuit alleging unfair and deceptive acts or practices in violation of the CFPA. At the dawn of a new year and a new Administration, this litigation may be the proverbial canary in the coalmine for others in the financial services industry. As the case proceeds and briefing is filed, the tone and focus of the new Administration may be brought to light.

In a Client Advisory, our Financial Services Litigation Team examines the latest effort by the CFPB to crack down on deceptive and unfair acts and practices.