Two recent Consumer Financial Protection Bureau (CFPB or Bureau)
enforcement actions – CFPB v. Freedom Stores,
Inc., and In re DriveTime
– suggest that the CFPB is turning its attention to original
lender or "first-party" collection practices to collect
debt, including those used by retail merchants and other lenders.
Although first-party collections are largely exempt from the Fair
Debt Collections Practices Act (FDCPA), the CFPB challenged the
allegedly unlawful practices in the two actions using its general
unfair, deceptive, and abusive practices (UDAAP) authority under
the Dodd-Frank Wall Street Reform and Consumer Protection Act of
2010 (Dodd-Frank). We highlight below how the CFPB applied this
authority to lenders, and address how these two actions may signal
the CFPB's intentions with respect to first-party collections
in its pending debt collection rulemaking.
Freedom Stores and DriveTime – CFPB
Spotlight on First-Party Collections
In Freedom Stores, the CFPB and the attorneys general of
North Carolina and Virginia challenged the collection practices of
a Virginia-based retailer that operates near military bases
nationwide. The company provided credit to consumers who purchased
goods, and then subsequently transferred the credit contracts to an
affiliated company for servicing and collecting (when delinquent).
According to the CFPB, Freedom Stores and its affiliated companies
violated the Consumer Financial Protection Act (CFPA) (part of
Dodd-Frank), the Electronic Fund Transfer Act, the Truth in Lending
Act, and state laws by using illegal tactics to collect debts,
including filing illegal lawsuits in distant forums, debiting
consumers' accounts without authorization, and contacting
service members' commanding officers. The consent order
settling the complaint requires Freedom Stores to provide partial
refunds to affected consumers (in total, over $2.5 million); update
information previously reported to credit reporting agencies; and
implement compliance policies and procedures.
Similarly, in DriveTime, the CFPB brought an
administrative action against a "buy-here, pay-here"
dealer, e.g., a dealer that both sells cars and originates
loans for such sales. According to the CFPB, the company engaged in
the following unlawful collection practices:
- Placing harassing calls to borrowers at work or to borrowers' references;
- Making excessive, repeated calls to wrong numbers;
- Providing inaccurate repossession information to credit reporting agencies;
- Failing to properly handle credit information furnishing disputes; and
- Failing to implement reasonable procedures to ensure the accuracy of consumers' credit information.
To settle the matter, DriveTime agreed to pay an $8 million
civil money penalty, end its unfair collection tactics, fix its
credit reporting practices, and arrange for harmed consumers to
obtain free credit reports.
Does Enforcement Show the Path for
Regulation?
While the CFPB's enforcement branch has been busy targeting
first-party collection practices, the rulemaking division has been
considering regulations that would potentially cover first-party
collections. In November 2013, the CFPB issued an announced notice of proposed
rulemaking (ANPRM) that requested comment on all
manner of debt collection practices. Although the proposed rule
acknowledged that "first-party collections are largely exempt
from the FDCPA," the CFPB also cautioned that first-party
collections are "a significant concern in their own
right," and that the CFPB was therefore seeking comment on
whether to extend any of the proposed rules to cover
creditors.
The enforcement actions in Freedom Stores and
DriveTime suggest that the CFPB may address the collection
practices of first-party creditors in its pending rulemaking. These
rules could potentially cover initial collection communications;
telephone calls; requirements related to the substantiation of
debts; litigation requirements; and prohibitions on abusive and
harassing collection practices. Any attempt by the CFPB to impose
debt collection requirements on lenders, however, will likely
provoke a strong response from the banking and credit industries.
In response to the ANPRM, for example, several trade associations
submitted comments arguing against the expansion of FDCPA-like
restrictions and requirements to first-party collectors.
Compliance Tips in an Uncertain Regulatory
Environment
Regardless of where the CFPB ends up in its debt collection
rulemaking, the enforcement actions in Freedom Stores and
DriveTime demonstrate the need for first-party creditors
to confirm appropriate collection policies and procedures. To help
with this process, first-party creditors should start by reviewing
the guidance that the CFPB has issued on debt collection, including
a number of compliance bulletins, quarterly supervisory highlights,
and the CFPB's examination manual (which provides a good
overview of applicable law and areas of potential concern).
Next, according to the CFPB's examination manual, all
supervised entities must develop and maintain a compliance
management system (CMS) that is integrated into the entity's
framework for product design, delivery, and administration.
Starting from the top, the CFPB expects a company's board and
management to exercise oversight over the company's operations
and to ensure that sufficient financial and staff resources are
allocated to compliance efforts. Board members, management, and
staff should receive appropriate training on a regular basis,
covering compliance with federal financial and consumer protection
laws. In addition, the company should implement a process for
regular internal and external compliance audits to review
operations for compliance with applicable legal requirements.
To be effective, a CMS should address how a lender monitors for,
and responds to, consumer complaints and inquiries. The CFPB has
stated that consumer complaint information should be organized,
retained, and used as part of a company's operations. Further,
a creditor should investigate consumer complaints related to its
lending and collection practices and take prompt corrective action
to address such complaints or any other indications of systemic
weaknesses that pose a risk to consumers.
Finally, the CFPB has emphasized that regulated entities should
monitor their business relationships with service providers to
ensure compliance with federal financial and consumer protection
laws. Any first-party creditor that works with third-party
collectors should conduct appropriate due diligence on their
business partners and monitor them for compliance with applicable
consumer protection laws and regulations.
* * * * * * * * * *
The CFPB has covered a lot of ground in its first few years of operation, tackling issues related to credit card marketing practices, student lending, mortgages, and payday lending, among many other issues. The Freedom Stores and DriveTime actions, and even the CFPB's recent complaint against a large mobile carrier involving billing practices (cramming), suggest that the Bureau is focused on original lender collection and billing practices. These enforcement actions provide a blueprint for the Bureau's intentions in future rulemakings, including the pending rulemaking for debt collection. To prepare for these developments, any merchant or lender that provides credit to consumers should review its policies and procedures for compliance with applicable consumer financial laws and areas of potential unfair, deceptive, or abusive acts and practices.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.