Consumer Finance Regulatory News and Trends

This regular publication by DLA Piper lawyers focuses on helping clients navigate the ever-changing consumer finance regulatory landscape.

Regulatory developments

Federal

• CFPB finalizes rule exempting certain financial institutions from higher-priced mortgage loan escrow account requirement.  The CFPB has issued a final rule that will exempt certain financial institutions from the requirement under Section 108 of the Economic Growth, Regulatory Relief and Consumer Protection Act (EGRRCPA) of establishing an escrow account in some higher-priced mortgage loan transactions (HPMLs).  The rule will exempt insured depository institutions or credit unions if the HPML is secured by a first lien on the principal dwelling of a consumer and (1) the institution has assets of $10 billion or less, (2) the institution and its affiliates originated 1,000 or fewer loans secured by a first lien on a principal dwelling during the preceding calendar year and (3) certain of the existing HPML escrow exemption criteria are met. 
• CFPB finalizes rule on supervisory guidance.  The CFPB has issued a final rule clarifying the difference between regulations and supervisory guidance.  This rule codifies an earlier interagency statement of the CFPB and other federal agencies from September 2018.  The rule states that supervisory guidance is not given the same weight as rules and regulations and does not have the force and effect of law.  Furthermore, the rule provides that violations of supervisory guidance will not garner enforcement actions or issuance of supervisory criticisms.
• CFPB signs memorandum of understanding with National Credit Union Administration on consumer protection.  The CFPB and National Credit Union Administration (NCUA) have announced a memorandum of understanding (MOU) on supervision of credit unions with over $10 billion in assets.  Under the MOU, the CFPB and NCUA will collaborate by sharing supervisory information, coordinating supervisory examinations and engaging in semi-annual strategy planning sessions.
• Federal and state financial regulatory agencies issue interagency guidance regarding Texas winter storms. On February 22, 2021, the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration and the Conference of State Bank Supervisors (Agencies) published a press release that encouraged institutions operating in the affected areas to meet the financial services needs of their communities. Specifically, the Agencies encourage financial institutions to work constructively with borrowers in communities affected by the Texas storms. Additionally, the Agencies advise institutions affected by storms that expect to encounter difficulty meeting the Agencies' reporting requirements to contact their primary federal and/or state regulator to discuss their situation.

State

• New York Department of Financial Services announces two new laws aimed at protecting consumers.  The New York Department of Financial Services issued an alert to consumers regarding the existence of two new consumer protection laws that recently went into effect.  The first – the “Automatic Renewal” or “Free Trial” law – prohibits businesses who charge for recurring services, including financial services, from charging a consumer’s credit or debit card for a service after the consumer has attempted to cancel the service.  The law requires such companies to provide an easy-to-use cancellation mechanism before the consumer pays for the service, such as providing a toll-free number, an email address or some other simple and cost-effective method for the consumer to cancel the service without being charged.  The law also requires that companies (i) clearly state the cancellation terms to consumers before entering into an agreement, (ii) provide for an online cancellation method if the consumer purchases the service online and (iii) must allow consumers to keep free gifts that were given as an incentive to enter into a contract, even if the consumer cancels the service afterwards.  The full text of the law is available here.
• The second law prohibits any New York State regulated financial institution from charging “inactivity fees” to a consumer’s account without first giving 30 days’ notice.  Such notice may be given electronically.  The full text of the law is available here.
• California Department of Financial Protection and Innovation signs memorandum of understanding with earned wage access companies.  The California Department of Financial Protection and Innovation (DFPI) has announced that it has signed MOUs with five earned-wage access (EWA) companies.  Under the MOUs, the companies will provide the DFPI with quarterly reports and metrics on information relating to consumer contracts, fees, complaints, payment metrics and other data.  The companies have also agreed to follow industry best practices and protect consumer data in accordance with privacy laws.

Enforcement actions

Federal

• CFPB files complaint against lending company for unlawful mortgage lending practices.  The CFPB filed a complaint in the United States District Court for the District of Connecticut against a Connecticut-based company and its managing officers, alleging violations of the Truth in Lending Act, Fair Credit Reporting Act, Equal Credit Opportunity Act, Mortgage Acts and Practices Advertising Rule, and UDAP in originating mortgage loans.  The CFPB alleged that the company used unlicensed and unqualified employees to sell mortgages to consumers; made misleading representations or omissions to consumers, including statements regarding loan information, financing terms and its employees’ credentials; required consumers to verify information relating to the loan application before providing consumer a Loan Estimate; and denied credit to consumers without sending adverse action notices.
• CFPB and three state attorney generals file suit against immigrant lending company for deceptive and abusive consumer lending practices.  The CFPB and attorney generals of Massachusetts, New York and Virginia filed a complaint in the United States District Court for the Western District of Virginia against a Virginia-based company, alleging UDAAP violations in connection with a consumer lender who primarily targeted Hispanic immigrants being held in federal detention centers.  The complaint alleged that the defendant was utilizing false and misleading statements about its relationship with immigration authorities to coerce non-English speaking immigrants into signing abusive, English-only contracts to fund immigration-related bail bonds.  The complaint also alleged that the defendant incentivized its employees to deceive and threaten immigrants and, when a default occurred, the defendant would falsely threaten the victims and/or their families, including by threats of imprisonment or deportation.
• FTC files suit against two Nevada companies for deceptive and unfair consumer financial advisory services scheme.  The FTC filed a complaint against two Nevada companies over alleged UDAP, Telemarketing Sales Rule, Credit Repair Organizations Act and Consumer Review Fairness Act violations in connection with a program offered “consulting services” to consumers who wanted to start a business or become a real estate investor.  The FTC alleged that the defendants engaged in unlawful practices by (i) misrepresenting the nature of the services to be provided, which included obtaining credit cards for the consumer using inflated income figures; (ii) misrepresenting the impact that the scheme would have on the consumer’s credit score; (iii) misrepresenting results in advertising materials; (iv) charging consumers with illegal upfront fees using telemarketing campaigns; and (v) utilizing form contracts that contained unlawful non-disparagement clauses and prohibitions against posting public complaints and reviews, such as submissions to the Better Business Bureau.
• FTC announces $114.3 million settlement with payday lenders for unlawful tribal lending scheme.  The FTC announced a consent order with a group of Nevada- and California-based companies and their principals over alleged violations of UDAP, the Telemarketing Sales Rule, the Truth in Lending Act and the Electronic Funds Transfer Act.  The FTC alleged that the defendants engaged in unlawful practices by (i) utilizing a deceptive loan application process that mislead consumers about the terms and total cost of loans, (ii) making electronic fund transfers from consumers’ bank accounts without obtaining appropriate authorization, (iii) making it difficult for consumers to contact defendants to obtain loan terms or pay off loans and (iv) using remotely created checks to process loan payments offered through telemarketing.  The consent order also permanently bans the defendants from participating in the lending industry and provides that nearly all outstanding debt held by the defendants will be deemed as paid in full.

State

• California DFPI launches investigations into student loan debt relief companies.  The DFPI has announced that it has launched an investigation student loan debt relief companies relating to UDAP violations and other unlawful debt collection practices.  In connection with the investigations, the DFPI has served four subpoenas to loan debt relief companies and issued a formal action against one other student loan debt relief company for engaging in unlicensed debt relief services and offering fraudulent guarantees to consumers that it could “wipe away” student loans in exchange for fees.  Notably, in addition to asserting violations under California’s Student Loan Servicing Act and the California Consumer Financial Protection Law, the DFPI also asserted violations of the federal Telemarketing Sales Rule.
• New York Department of Financial Services announces $1.5 million settlement with mortgage company for data breach.  The New York DFS announced a settlement with a New York-licensed mortgage banking company over a 2019 data breach that exposed personal data belonging to the company’s mortgage loan applications.  DFS alleged that the defendant had violated the DFS Cybersecurity Regulation, including by not timely reporting the data breach and failing to have a comprehensive Cybersecurity Risk Assessment policy in place.  In addition to the $1.5 million fine, the defendant was required to revise and improve their current cybersecurity program and internal controls to be fully complaint with the Cybersecurity Regulation.