The New Era of Consumer Compliance
By Jeanine Catalano
This article appeared in the January/February 2011 ABA Bank Compliance Magazine
Introduction
We are entering a new era of consumer compliance, one that will require boards of directors to make
increasingly difficult decisions and compliance officers to expand how they define their role. To arrive at
a description of, and suggest ways to address, compliance in the future, this article will start with
highlights of the key evolutionary points in the history of consumer compliance noting its bold start in
the late 1960’s, followed by years of relentlessly expanded requirements and increasingly costly
enforcement actions. The purpose in highlighting these points will not be to educate the reader but
rather to demonstrate how the path of consumer compliance had brought us to the present and where
the path will take us going forward. The article will demonstrate the expansion of consumer protection
compliance, suggesting that the regulatory focus is growing from lending disclosures and
nondiscrimination in lending to “fair banking” and suggest that the pace of enforcement actions will
continue if not increase. Considering this trajectory, the article will then suggest how consumer
compliance will change going forward and how compliance officers can prepare for this new world.
Because transitioning to what will be a new world of compliance is not a job for compliance officers
alone, key messages for boards of directors are provided at the conclusion of the article.
Key Evolutionary Points
Decade 1 - 1968 through 1977
Before this decade began, consumers and consumer groups had been complaining about bank practices
and demanding legislation. Some of their wishes came true with the laws passed in 1968 and in
subsequent years. The Consumer Credit Protection Act (CCPA) of 1968 was the first significant
consumer protection legislation enacted, and it included what became a cornerstone of compliance, the
Truth in Lending Act (TILA). The CCPA expanded throughout the next ten years to include other titles,
including, for example, the Equal Credit Opportunity Act (ECOA) and the Fair Credit Reporting Act
(FCRA). The TILA, ECOA and FCRA sought to protect consumers by increasing transparency in consumer
credit. The TILA required that consumers be informed of the cost of credit and that all lenders use a
uniform method of calculating, and a common way of disclosing, the cost of credit. The TILA also gave
consumers certain rights regarding billing errors and the ability to rescind certain transactions. The
ECOA, among other things, prohibited discrimination in lending and gave applicants the right to know
why their credit application was denied.
In 1968 Congress also passed the Fair Housing Act and during subsequent years in this first decade of
compliance, Congress passed other laws such as the Home Mortgage Disclosure Act and the Real Estate
Settlement Procedures Act. These laws either prohibited discrimination, required data collection which
could be used to identify geographic areas in which lending was not occurring, or required disclosures
about a single transaction.
Congress capped off this decade by passing yet another significant law, the Community Reinvestment
Act (CRA). While often thought of as a consumer protection law, the CRA does not include
requirements that protect consumers. The CRA however, does seek to have an impact on geographic
areas by indirectly requiring that financial institutions extend credit to people and businesses within
institutions’ communities, investing in the communities and supporting community services.
Also in the first decade, the Federal Reserve Board published regulations to promulgate these laws (Reg.
B and Z) and the federal bank regulatory agencies developed and implemented procedures which
examiners used to determine whether or not banks complied with these laws.
Consumer voices were heard. Consumer protection compliance came rushing out of the gate with
emphases on cost-comparing disclosures and discrimination. It was a historically important decade
because it laid the foundation for more protections and subsequent enforcement actions in the decades
ahead.
Decade 2 - 1978 through 1987
Compared to the first decade, there was less legislative activity related to consumer credit protection in
the second decade. Three major acts were passed not only in this decade but in the first year, 1978, of
this decade.
Congress passed the Electronic Funds Transfer Act (EFTA), the Expedited Funds Availability Act (EFA), the
Right to Financial Privacy Act (RFPA), and the Fair Debt Collection Practices Act (FDCPA). The EFTA
required disclosures and certain practices with respect to electronic funds transfer transactions. The EFA
required depository institutions make funds deposited into transaction accounts available according to
specified time schedules and that they disclose their funds availability policies to their customers. The
regulation also establishes rules designed to speed the collection and return of unpaid checks. The RFPA
gave customers protection against government access to bank account information by establishing
specific procedures that federal government authorities must follow in order to obtain information from
a financial institution about a customer’s financial records. The Act imposes limitations and duties on
financial institutions prior to the release of information requested by federal authorities.
Of the laws passed during this decade, the FDCPA may be the most interesting when considering today’s
compliance environment in that the FDCPA was designed to eliminate abusive, deceptive and unfair
practices in the collection of debt. Some of the practices considered to be harassing or abusive and
therefore prohibited by the FDCPA included annoying or harassing people by calling repeatedly or
allowing the phone to ring continually, and using obscene, profane or other language which abuses the
reader or listener. It also prohibited debt collectors from communicating with a consumer at an
unusual time or at any place that is inconvenient to the consumer.
During this decade, the banking regulators continued to conduct examinations and began to develop
career paths for examiners focusing solely on compliance risk. It was in this decade that the agencies
created enforcement policies regarding violations of the TILA and the ECOA.
The new laws and regulations made clear that consumer protection was expanding, the expansion
included the start of a focus on fairness and abusiveness, and that the agencies intended to enforce
consumer protection compliance. Compliance was becoming an area of risk, on its way to becoming a
force with which to be reckoned.
Decade 3 – 1988 through 1997
The third decade of compliance was a period marked by a variety of different consumer protection
measures including deposit account related rules such as Truth in Savings (TIS) and the Telephone
Consumer Protection Act (TCPA). TIS was similar to TIA in that it sought to enable consumers to make
informed decisions when shopping for and using deposit accounts through the use of uniform
disclosures. The TCPA, which applies to telemarketing, had some similarities to the FDCPA is that it
limits calls to people during certain times and requires information be given to the person being called.
The TCPA also requires solicitors to maintain a “Do Not Call” list, honoring a person request that he/she
not be called.
There was significant focus by the Department of Justice (DOJ) on nondiscrimination in lending during
this period. The department had implemented a fair lending initiative and between 1992 and 1997, filed
11 fair lending suits. Some of the suits were based on referrals from bank regulators; others were the
result of DOJ investigations. The cases alleged marketing, underwriting and/or pricing discrimination.
The marketing discrimination cases involved Blackpipe State Bank, Chevy Chase Federal Savings Bank,
and Albank, FSB. In these three cases, DOJ noted the geographic limitations in each institution’s polices
or practices. In the underwriting discrimination cases, Decatur Federal Savings & Loan Association, The
Northern Trust Company, the First National Bank of Dona Ana County, and Shawmut Mortgage
Company, DOJ alleged that bank employees were providing assistance to white applicants that they
were not providing to African-American and/or Hispanic applicants. The assistance took the form of
help to explain negative information of their credit reports and documenting all of their income. With
respect to the pricing discrimination cases, Huntington Mortgage Company, Fleet Mortgage Corp., Long
Beach Mortgage Company, First National Bank of Vicksburg, Security State Bank of Pecos and First
National Bank of Gordon, in some of these cases, the practice of charging overages was the primary
concern; in other cases, higher interest rates were at issue.
It was also during this time period that the bank regulatory agencies, working together, issued revised
fair lending examination procedures. These procedures called out the three different types of lending
discrimination (disparate treatment, disparate impact and overt discrimination) and provided
instructions to examiners on how to detect the various types of discrimination. Also during this time
period, the regulators also issued a revised fair lending enforcement policy. In addition, what is simply
referred to as the Boston Fed Study, a working paper prepared by staff from the Federal Reserve Bank of
Boston, was published. This study, based on HMDA data, concluded that there was a small but real
disparity between the loan rejection rates for whites versus minorities.
In assessing this decade, although new consumer protection laws were passed, it is clear that
enforcement was primary activity and that the focus was on nondiscrimination in lending.
Decade 4 – 1998 through 2007
The most recent decade was very active, legislatively speaking. Congress passed the Homeowners
Equity Protection Act (HOEPA), Controlling the Assault of Non-solicited Pornography and Marketing Act
(CAN – SPAM), the Graham-Leach-Bliley Act (GLBA), and the Fair and Accurate Credit Transactions Act
(FACT Act). These laws offered more consumer protections. HOEPA required lenders to provide
additional disclosures for certain high-cost loans and CAN SPAM prohibited certain email practices. The
GLBA concerned maintaining the privacy of customer information. The GLBA prohibited financial
institutions from disclosing nonpublic personal information about a consumer and requires the
institution to provide notice of its privacy policies and practices to its customers. The FACT Act sought to
improve the accuracy of data in the consumer reporting by requiring many new consumer disclosures as
well as steps to address identity theft. Importantly, the FACT Act provided free annual consumer report
rights for consumers and improved access to consumer report information.
During this period, the banking agencies made numerous referrals (239) to DOJ. DOJ continued to file
lawsuits and issued consent orders alleging discrimination in lending. Several banks were accused of
redlining (First American Bank, Centier Bank and Old Kent Bank); one of discrimination in underwriting
(Deposit Guaranty National Bank and Associates National Bank) and another of discrimination in pricing
(Compass Bank). Several of these cases are particularly noteworthy. First, the redlining cases against
Old Kent and First American alleged discrimination in lending other than residential real estate in
addition to residential real estate lending (small business lending in the case of Old Kent; consumer and
small business lending in the case of First American). Second, the underwriting cases alleged
discrimination in home improvement and credit card lending, (Deposit Guaranty National Bank and
Associates National Bank, respectively). Third, the Compass Bank case involved auto lending and alleged
discrimination on the basis of marital status.
During this decade, the bank regulators issued a series of consent orders calling out practices that were
consider unfair or deceptive. The banks alleged of wrongdoing included Providian (2000), Direct
Merchants Bank and First National Bank of Marin (2001) and First National Bank of Brookings (2003).
Each of these cases involved aspects of credit card marketing or lending or both.
This fourth decade was filled with enforcement actions, notably those alleging discrimination and those
alleging unfair or deceptive practices. Also, the cases and orders in this decade reflect the government’s
concern about small business, auto and credit card lending, making it clear that ‘consumer’ protection
applied to all types of lending and the various lending functions.
The Current Decade
2008 through 2017
Although we are in the early part of the fifth compliance decade, it promises to be a significant decade.
Indeed, the laws passed in the first three years of this decade, Credit Card Accountability, Responsibility
and Disclosure Act (Credit CARD Act) and the Dodd Frank Wall Street Reform and Consumer Protection
Act (Reform Act), and the overdraft regulation issued by the Federal Reserve Board, signal a significant
change in the way we think about consumer compliance. The Credit CARD Act limited interest rate
increases, required additional disclosures, and prohibited a variety of billing and payment practices that
were commonplace in the industry. The Fed issued regulations regarding the payment of certain
overdrafts and the fees associated with overdrafts. The Credit CARD Act and the overdraft rules have
widespread impact in that they affect many consumers.
The September-October issue of this magazine included an excellent article about the Dodd Frank Wall
Street Reform and Consumer Protection Act (Reform Act), enacted on July 10, 2010. As the article
pointed out, the Reform Act is “broad, complex and represents sweeping change.” With respect to
consumer compliance, the Reform Act requires changes in the structure and approach to bank
supervision, increases bank supervision, heightens the focus on consumer protection and increases the
regulation of mortgage lending and servicing. The most visible section of the Reform Act and the
section that promises to be most impactful with respect to consumer compliance is Title X, which calls
for the creation of the Bureau of Consumer Financial Protection (“Bureau”). The Bureau’s goals include:
•
•
•
•
Timely and understandable information (disclosures)
Protecting consumers from unfair, deceptive or abusive acts or practices (Office of Fair Lending)
Ensuring transparent and efficient operations of markets for consumer financial products
Enforcing federal consumer financial laws, consistently , without regard to status of a depository
institution (size, regulator, business model)
Although the full impact of the Reform Act will take several years, it is clear that the Bureau was
intended to be, and will be, a major force in consumer compliance.
DOJ has been active so far in this decade with three suits and/or consent orders alleging discrimination
in lending. In two cases (Nara Bank and AIG Federal Savings Bank /Wilmington Finance, Inc.) pricing
discrimination was alleged, specifically noting the failure to supervise or monitor loan fees charged by
dealers and brokers. In another case (First Lowndes Bank), DOJ alleged that the bank’s pricing with
respect to manufactured housing loans was discriminatory.
The banking agencies issued five consent orders alleging unfair or deceptive acts or practices in the first
three years of this decade, exceeding the number issued during the entire last decade. They alleged
that Wachovia failed to protect consumers from fraud committed by telemarketers and that Advanta’s
cash-back rewards program on its credit card was not as advertised. Woodforest, FSB was accused of
not imposing a limit on overdraft charges or allowing customers the opportunity to cease the imposition
of additional daily fees for remaining overdrawn. In another order, CompuCredit, regulators alleged
that certain marketing and solicitation techniques with respect to credit cards were deceptive.
During the first two years, 2008 and 2009, the agencies made 59 referrals to DOJ. If this pace continues,
the number of referrals for this decade will exceed those made in the previous decade.
Judging from the first several years, the current decade of compliance will be marked by enforcement
actions alleging nondiscrimination and unfair or deceptive acts or practices.
Compliance – The Future
We see behind us, in four-plus decades of consumer compliance, a strong emphasis on
nondiscrimination in lending and a more recent but clear emphasis on fairness. These are evident in the
legislation enacted as well as the actions of DOJ and the agencies. In the future, because of the changes
dictated by the Reform Act and because of initiatives in place at DOJ, the focus will continue to be on
nondiscrimination and fairness but in a broader sense than in the past. Here is an educated guess of the
consumer compliance changes will see in the future:
1) A new, expanded definition of “fair” - Compliance officers often think of “fair” Lending as
“nondiscrimination.” In the future, “fair” will be more than nondiscrimination. “FaIr” will
approach, if not become, “responsible,” and will carry with it an expectation to act in the
consumer’s best interest.
2) “Fair Lending” will grow to “Fair Banking” – Products and services other than lending will be
under the microscope. Look for emphasis on overdrafts, money transferring, debit cards and
deposits, in addition to lending.
3) More emphasis on discrimination in small business lending – The Reform Act calls for collecting
data on small business loans. This data, like the early HMDA data, will be used to detect
possible discrimination in lending to small business.
4) Expansion of “consumer” compliance to “customer” compliance - With greater emphasis on
small business lending, “consumer” will not be limited to individuals or personal or household
related banking services.
5) Continued and increased emphasis on pricing in terms of both nondiscrimination and fairness The anger, hostility and complaining about banks, in particular rates and fees and practices that
increase fees, is not over and will take some time to diminish. If there is any uncertainty about
how strongly people feel about banks, go to some of the following websites:
http://www.zazzle.com/i_hate_my_bank_tshirt-235659778859754396;
http://www.complaintsboard.com; and http://www.my3cents.com.
6) Mandated studies signal areas of concern - Those areas include but are not limited to reverse
mortgages, escrow payments and credit scoring.
7) Complaints will inform rulemaking - The Bureau will have an Office of Complaints which will
likely inform the Bureau of emerging unfair, deceptive or abusive practices.
8) Nonbanks will be scrutinized - Specifically, mortgage lenders and servicers, payday lenders,
private education lenders, companies that are large participants in an industry, and companies
about which many customers complain.
9) Protection of the “economically vulnerable” - The Reform Act defines as “economically
vulnerable” people who are low-income, elderly, have language barriers, or minorities. While
not quite a protected class in a nondiscrimination sense, this ‘group’ may be thought of as a
protected class in an anti-predatory sense.
10) The pace of enforcement action will continue - The Reform Act allows state attorneys general to
enforce federal consumer laws transferred to the bureau as well as any rules issued by the
Bureau. This plus DOJ’s recent fair lending initiative could easily result in more enforcement
actions.
11) Change in the scope of Compliance - Faced with the focus on “fairness,” compliance
departments may expand their scopes to include ensuring compliance with core values
(especially if ‘fairness” or “integrity” is among those values). The focus on ‘fairness’ may also
push compliance departments to play a larger role in reputation risk.
Preparing for the Future
Given these changes, what should a Compliance Officer do? To start with, make sure that the risk
identification element of your compliance program is as strong as possible. This is a time when one
needs to be especially alert and observant. The Bureau will be issuing new rules and some old rules will
be discountinued. There may be changes in examination procedures and examination staff. The next
several years may be a time of rapid change, confusion and even contradictions. Exercise caution and
patience.
As proposed rules are published, be sure your bank has a process in place to consider the proposal, the
impact on the bank and its customers, and provide comments to the Bureau. As a compliance officer,
perform a mini risk assessment of the proposed rule or change as part of the process.
Meet early, often and regularly with the lines of business executives and staff to keep them abreast of
the changes, including the uncertainties, since they will have the responsibility of implementing the
changes in the regulations. Help them prepare for the future.
Carefully review customer complaints individually and in the aggregate. Consider complaints as an early
warning system. Listen to phone calls from customers; read email from customers, monitor the internet
and of course read written complaints. Look for trends and complaints about fees and practices. Meet
with those responsible for policies and practices which customer most often complain about. Work with
business partners to develop alternative policies and practices where feasible.
Think about what your bank can do to improve customer understanding of financial products and
services. Make a sincere and visible effort to educate and inform customers and potential customers.
Consider all possible avenues of outreach such as the bank’s website, partnering with schools, and
working with trade associations.
Study enforcement actions and pay particular attention to the corrective action specified. Although
enforcement actions are a lagging indicator, they do offer valuable information about what regulators
believe banks should be doing.
Conduct a study of the fees charged by the bank. Determine how they are established and how they are
charged. Determine if the fees are reasonable and document how you reached your conclusions. Be in
the loop when fee changes are being considered in the bank; be part of the decision process and voice
any concerns you may have.
Key Messages to Directors
Advise directors as they navigate the future. Here are some suggested points to communicate to them
about the future of compliance:
1. Compliance requirements and regulator expectations are changing and increasing. This means
that compliance risk is changing and increasing. Going forward, a major component of
compliance risk will be “fairness”. Because ‘fairness’ is not always simple to define, this is a
significant change.
2. Because of the future ‘fairness’ component of compliance risk, compliance and reputation risks
will be closely related, if not intertwined. Understanding this relationship is crucial because the
combination of compliance risk and reputation risk will be even more difficult to measure.
3. This is not the time to be penny-wise and pound-foolish; compliance risk mitigation can be
challenging to measure but the failure to adequately mitigate can be extremely costly.
4. Policies should be revisited to ensure they are consistent with the changing world of
compliance. This may mean developing and adopting a “responsible banking” policy. In
addition, if the board has adopted core values for the organization, they should incorporate the
concept of “responsible banking” and adherence to those values should be monitored.
5. Now more than ever, fees—including the amounts and practices—will be a hot button. Be
prepared for conflicts between earnings and compliance. If fees are an important driver of
earnings, take action to determine that fees are easily understood and clearly communicated.
Ms. Catalano is a Special Adviser at Promontory Financial Group, the premier global financial
services consulting firm. She is based in San Francisco and can be reached at
[email protected].