The Consumer Financial Protection Bureau (CFPB) was created in July 2011 to protect consumers in the financial marketplace. As part of its responsibilities, the agency examines credit card issuers to ensure “that consumers are protected from deceptive sales and marketing practices, including those resulting from failures to adequately disclose important terms and conditions or other violations of Federal consumer financial law.” The CFPB is particularly concerned about the means through which credit card issuers and services solicit add-on products.
According to the CFPB, there are three situations where deceptive behavior often occurs with regard to credit cards: employing deceptive promotional practices when marketing products (e.g., failing to adequately disclose important product terms and conditions); enrolling consumers in programs without their consent, without their realizing that they were enrolled or without the consumer understanding that they had to pay for the programs; or billing for services that were not performed or activated.
By enforcing certain statutes that govern these behaviors, including the Consumer Financial Protection Act, the Truth in Lending Act, the Equal Credit Opportunity Act and Section 5 of the Federal Trade Commission Act, the CFPB can take action against companies that it determines are misleading consumers. Already in the past year, the CFPB has brought significant actions against three credit card issuers—Discover, American Express and Capital One—that have led to more than $425 million in restitution payments to nearly six million customers and almost $60 million in civil penalties.
In each of these matters, the CFPB alleged that the company operated with 1) an inadequate compliance management system; 2) inappropriate supervision by the board of directors and senior management; and 3) without sufficient internal audit systems and internal controls.
The resulting consent orders required all three companies to implement onerous compliance programs that included correcting the violative behavior, implementing compliance management and internal control systems, and instituting board supervision of the compliance efforts.
These actions demonstrate that the CFPB is not only willing to prosecute credit card issuers and scrutinize services that fail to comport with financial protection regulations, but has the ability to obtain significant monetary penalties from alleged violators. And in the words of the CFPB: “We continue to expect that more such actions will follow.”
So with this new level of scrutiny in mind, credit card issuers need to be aware of what constitutes improper practices under the law and ensure that such practices are not employed. Putting aside the financial penalties and costs of restitution, complying with CFPB regulations can be a burdensome, costly and disruptive process for credit card companies requiring implementation of compliance, audit and supervisory programs.
There are certain practical measures, however, that could help reduce the risk of CFPB action. First, it is important to properly train those responsible for developing credit card marketing products on the various requirements of the financial protection laws. Legal counsel or compliance team members also need to review and approve telemarketer scripts to ensure compliance with the Consumer Financial Protection and Truth In Lending Acts and that proper disclosures are made. The telemarketers themselves must also be trained on proper sales practices and their calls should be audited to ensure regulatory compliance. Finally, the board of directors and senior management need to be provided with periodic reports regarding the results of audits and the robustness of compliance training.
If any of the above steps reveal a compliance issue, the company should immediately determine the pervasiveness of the problem, assess the risk and consult counsel so it can develop a plan to correct the action and consider how to work with the CFPB to resolve it going forward.
This article was written by Timothy Cornell.