Posts filed under ‘Compliance’
Yesterday over 20 state regulators and the CFPB took action against Mega-Servicer Ocwen for its continuing inability to address sloppy servicing practices.
Ocwen fueled its amazing growth (as of December it serviced approximately 1,393,766 loans with an aggregate unpaid principal balance of approximately $209 billion) by specializing in sub-prime loans.
Since the vast majority of credit unions are out to help their members, as opposed to squeezing every last penny out of them, there is a natural tendency to view news reports such as this one as simply one more example of “Lenders Gone Wild”.
That being said, Ocwen’s legal troubles hold lessons that all lenders would be wise to pay attention to. Most importantly, your compliance regime is only as good as your IT department. Let me explain.
Front and center in the CFPB’s complaint is the servicer’s alleged inability to properly use its major platform, REALServicing and its sub-systems, to manage its servicing responsibilities. The CFPB contends that Ocwen’s employees failed to put accurate borrower information into the system, but “Even when the information in REALServicing has been accurate, REALServicing has generated inaccurate information about borrowers’ loans due to system deficiencies. Because of these system deficiencies, Ocwen has had to rely upon manual processes and workarounds that have themselves resulted in errors in borrowers’ loan information. “
Ocwen’s problems are not new, it entered into a consent decree in 2013 including one with the DFS. A particular concern has been Ocwan’s inability to properly reconcile escrow accounts. In fact, according to a Cease and Desist order filed by North Carolina, the company informed regulators in January that it would cost $ 1.5 billion dollars to make borrows whole. Not surprisingly, the CFPB contends that Ocwen is wrongly relying on a “deficient servicing platform” that has exacerbated its use of inaccurate loan information.
Here are some questions for you to ponder this weekend. Does your credit union have the ability to spot mistakes in your core operating systems? Does your compliance team have enough coordination with your IT people to ensure that new regulations are being properly translated into computer code? Do you exercise adequate oversight over your third party vendors? For instance, how quickly can you get out of contracts? Is there someone in your credit union charged with auditing your key vendor contracts and software providers on an ongoing basis? As a a new colleague of mine likes to say “garbage in … garbage out.”
Expect “debt collectors” to have more interest in buying your delinquent loans as opposed to simply contracting for a percentage of collection recoveries if, as expected, the Supreme Court rules in favor of Santander Consumer USA, Inc.
Oral arguments were heard on the case yesterday, in an important collections case, and we can expect a ruling sometime in June. You can also expect states like New York to take a renewed interest in strengthening state level restriction on debt collection practices.
The FDCPA was passed by congress to deter abusive debt collection practices. It was intended to crack down on third-party collectors which is why it does not apply to banks and credit unions which are collecting on their own loans. The question is who exactly is a debt collector under 15 U.S.C.A. § 1692a (West). Under the statute, a debt collector is any person….”who regularly collects or attempts to collect, directly or indirectly debts owed or due or asserted to be owed or due another.” Santander purchased billions in car loans and set about collecting on those that were delinquent. Borrowers alleged that their aggressive collection practices violated the FDCPA, but when they tried to sue Santander for violations it successfully argued before the Court Of Appeals for the Fourth Circuit. Their argument was that since it was collecting on debt it owned, the statute didn’t apply to its activities.
According to press reports, justices weren’t buying the argument of the borrowers yesterday, who argued that Santander was taking advantage of a loop hole that is inconsistent with congress’s intent when it passed the FDCPA.
No matter how the Federal Law is interpreted, New York is one of several states that has a state level DCPA modeled after the federal law. In a brief submitted to the Supreme Court, New York joined several such states in arguing that existing state level prohibitions aren’t adequate. The brief noted for example, that New York’s debt collection statute (NY General Business Law § 600 et. seq.) has traditionally been interpreted in reference to the federal law and that it does not permit consumers to bring a lawsuit.
Stay tuned – this provides another classic example of how a change in direction in the federal level is often met with push back on the state level.
I just went through my email folder containing ideas for future blog content and there are two things I would like to share with you before heading off to God’s country (i.e., Long Island to visit my family).
First, I have been remiss in failing to inform my faithful readers that the New York State Department of Financial Services recently approved a Wild Card application that will allow state chartered credit unions to limit the oath taking requirements to board members. Let me explain.
Section 468 of the New York State Banking Law requires each “director, officer and member of a committee” to own a credit union share and to take an oath of office when appointed. In recent years this requirement has become increasingly burdensome to state chartered credit unions; it has been interpreted as applying not only to board directors but also to individuals such as lending officers.
The approval of the Wild Card power, under which state chartered credit unions have no greater oath obligations than their federal counterparts, is important not only because it helps state charters operationally, but because it is another example of how Superintendent Vullo is backing up her public commitment to helping makes the state charter option as attractive as possible. Remember, all credit unions in New York State, irrespective of their charter type, have an interest in a strong dual-chartering system.
The second thing I would like you to know was that NCUA recently released a supervisory letter to examiners updating the risk factors that should be considered when evaluating credit union compliance programs. The update reinforces a guidance issued by NCUA 15 years ago when it began to implement a risk focus examination process designed to eliminate the need for annual examinations of well performing credit unions. With the NCUA once again expanding its examination timeline it makes sense to revisit the criteria once again.
On that note, I will be back on Tuesday – enjoy the weekend
As it stands right now, reports of the demise of the CFPB have been greatly exaggerated. It is still diligently going about its business of protecting consumers from themselves even as it continues to insist that its primary goal is to simply insure that consumers are receiving adequate financial information about the products they are purchasing.
Take for instance the CFPB‘s final rule extending Regulation E protections to those prepaid reloadable cards that are becoming an increasingly common way for individuals to transact basic banking services without going thru the hassle or expense of opening an account. The basic idea of the Regulation is that consumers who registered their accounts with the institution that issued the pre-paid cards would receive Regulation E style protections in return for financial institutions being able to perform customer identification checks on these new members. The final rule was to kick in on October 1st.
One area of particular concern has to do with extent to which Regulation E’s liability protection framework should be extended to the holders of pre-paid account cards. Under existing law a consumer who provides notice of an unauthorized use of a debit card within two business days of learning of the theft, or loss of the card can only be held liable of the lesser of $50.00 or the amount of the unauthorized transfer. If notice is received after two business days, the consumer’s liability is capped at no greater than $500.
In the final rule the CFPB decided to extend its one sided liability protections even to consumers who have not yet registered their accounts or for whom CIP protocols have not yet been completed. This approach has not sat well with critics of the CFPB. For example, an article in this morning’s American Banker noted concerns that the new rule has “opened the door to potential fraud by unregistered pre-paid card users” it quotes Ben Jackson, the director of prepaid advisory services at Mercator Advisory Group. Jackson suggests, “The problem only exists once the rule to provide this protection goes into effect, and suddenly unregistered cards might become hugely popular as fraudsters start buying them.” The scenario envisioned by the rule’s critics involves fraudsters buying big ticketed items with unregistered pre-paid cards and then claiming that they were unauthorized. Remember the burden is on the financial institution not the consumer to prove the purchase wasn’t authorized.
The CFPB addressed these concerns by stipulating that consumers don’t have to be provisionally credited for unauthorized payment until a CIP review is completed , but given how difficult it is to prove that a transaction was authorized this a little comfort to pre-paid card issuers.
Given the expended use of reloadable pre-paid cards and electronic devices there is a good chance that this regulation will impact your operations. Even if you don’t issue prepaid card accounts now , you will sometime in the near future . For instance, the definition finalized by the CFPB includes accounts that are issued on a pre-paid basis or capable of being reloaded with funds whose primary function is to conduct transactions with multiple unaffiliated merchants for goods or services, or at ATM’s, including person to person transfers.
Although efforts to repeal and replace the Affordable Care Act are getting all the attention, as New York employers, credit unions have much more immediate concerns. The State is now accepting comments on proposed regulations implementing paid family leave.
Beginning January 1, 2018 the state will start phasing in the new mandate under which employees will be eligible to receive some pay during the time they are away from their job in order to bond with a child, care for a close relative who has a serious health condition, or help care for family of someone who is called to active duty. For example, starting in 2018, an eligible employee would receive 50% of their salary for a maximum of 8 weeks during a 52 week period. When it is fully phased in by 2021, employees could receive up to 12 weeks of paid family leave in an amount equal to 67% of their salary. However, the payment benefits are capped to a percentage of the State’s average weekly wage. To be eligible, an employee must have been with a covered employer full time for 26 weeks or part time for 175 days. Covered employers are those covered by the Workers Compensation Law.
If all goes according to plan, employees will pay for the expanded benefit through payroll deductions analogous to contributions that support the Workers Compensation Fund. I have my doubts, but the time for questioning the wisdom of the proposal is over and the time for getting your HR person focused on compliance has begun.
As with all complicated regulations, the devil is always in the details, particularly when we are dealing with an area of law that interacts with existing federal mandates. Please feel free to reach out to the Association if you spot something that needs clarification. By the way, my kids just got their second consecutive snow day. I understand completely why states like North Carolina and Georgia get crippled by snow storms but something is wrong when upstate New York can’t handle a two-footer. Are we becoming a state of wimps?
The long reach of the Telephone Consumer Protection Act of 1991 was highlighted last week by two Congressional hearings and a joint letter issued by our trade Associations and the bankers strongly opposing a petition to make this onerous law even more difficult to comply with. Believe it or not, this may be the single biggest compliance issue your credit union should be monitoring. If you don’t think your credit union is impacted by the TCPA, you’re likely wrong.
The TCPA and its regulations prohibit any call to a land line or cell phone that uses an automatic dialing system, artificial or pre-recorded voice that is made without the prior express consent of the called party. According to the FCC, which administers the law, this prohibition now applies to texts. The key to understanding the TCPA’s reach is to understand that it applies to calls made by your employees with equipment with the capacity “to store or produce telephone numbers to be called using a random sequential number generator” and the ability to dial such numbers. Arguably, the only phone that doesn’t meet this definition is that roto dialer wasting away in the back of your garage. The fact that you don’t autodial your members or bombard them with prerecorded messages is irrelevant.
Traditionally, businesses such as banks and creditors could demonstrate that a member implied consent to receive calls by, for example, including their phone number on a credit application. (See In the Matter of Rules & Regulations Implementing the Tel. Consumer Prot. Act of 1991, 23 F.C.C. Rcd. 559, 559 (2008)). Remember that the implied consent standard does not apply to advertisements or telemarketing.
Why has this statute become such a big issue? Combine this level of nuanced compliance requirements with restrictions on text messages sent to an ever growing number of smart phones and you have a classic legal speed trap. There were a mere 14 TCPA lawsuits in 2008. This increased to more than 1,900 in 2014 followed by a 32% increase of such lawsuits to a total of 4,860, including 30 with settlements of over a million dollars. No wonder then, as pointed out in the joint letter, the expansive definition of auto dialer has even led credit unions and other financial institutions to stop texting messages to members who previously received them.
While some of this may ultimately be an overreaction, the issue gets even more complicated now that a petition has been filed with the FCC, which would have the effect of making it more difficult to prove that a member has consented to receive TCPA communications. Specifically, petitioners are requesting that the FCC issue a rule requiring that all calls subject to the TCPA only be authorized with express consent from the receiving party. The fact that a member has previously put his number on that credit application would no longer constitute consent.
This proposal would be great for trial lawyers, but lousy for consumers for whom the cell phone has become an electronic appendage, and financial institutions which, as pointed out in the joint comment letter, often have to make live contact with members to comply with federal law. By the way, the implied consent standards just apply to informational, as opposed to marketing, phone calls.
The good news is that the FCC is poised to take a decisive shift away from many of its more onerous interpretations, now that the Trump Administration can appoint the head of the commission. Still, this is yet another example of how regulations have over taken the statutes that they are intended to implement. It is time for Congress to revisit the TCPA. The problem is that a statute was written when there was an estimated 8 million Americans using cell phones. Today the number of cell phones exceeds the US population, with many adults having more than one cell phone.
Is it a violation of federal law to deny someone a student loan based on their status as a Dreamer? That is the central question posed by a class action lawsuit brought byCalifornia college students who claim that Wells Fargo denied them student loans in violation of both, Federal and California Law. The lawsuit has the potential of putting financial institutions front- and- center in the debate over the protections the country affords to immigrants.
In June 2012, President Obama’s Department of Homeland Security announced that it would no longer deport young immigrants who had lived in this country for most of their lives, but whose parents were here illegally, and who themselves had never obtained legal status. Under the Deferred Action for Childhood Arrivals (DACA), eligible individuals receive a renewable two year authorization granted by the federal government to stay in the country. Eligible individuals receive a work permit and obtain employment authorization documentation, which entitles them to legally look for work.
The lawsuit was brought by Mitzie Perez, she claims that in August of 2016 she applied for a student loan online. While completing the application she indicated that she was neither a US citizen or a permanent resident. She was immediately denied the loan. Curious as to why she was denied, when she completed the same application a second time, she indicated she was a permanent resident, she was told that “based on the citizenship status you provided, a US Citizen Co-signer will be required for this application”. Should would be able to obtain a co-signer.
She claims the bank violated 42USCA Section 1981. This law provides that “All persons within the jurisdiction of the United States shall have the same right in every State and Territory to make and enforce contracts, to sue, be parties, give evidence, and to the full and equal benefit of all laws and proceedings for the security of persons and property as is enjoyed by white citizens…” She also argues that because of the documentation she is able to provide the bank under DACA, Wells Fargo can provide her a loan without violating the Customer Identification Procedure requirements of the Bank Secrecy Act.
Leaving aside the emotional pull of the argument, the responsibility of financial institutions towards persons who are not permanent legal aliens is ambiguous. Regulation B, which implements the Equal Credit Opportunity Act, makes it illegal to discriminate against an applicant on a prohibited bases, including the applicants’ national origin. Here is where it gets tricky; the commentary accompanying this prohibition explains that while “A creditor may not refuse to grant credit because an applicant comes from a particular country.” A financial institution “may take the applicant’s immigration status into account. A creditor may also take into account any applicable law, regulation, or executive order restricting dealings with citizens (or the government) of a particular country or imposing limitations regarding credit extended for their use.” (12 C.F.R. § Pt. 1002, Supp. I).
Wells Fargo is in a tough spot. On the one hand, I agree with those who argue that there is something distinctly un-American about throwing DACA individuals out of the country. Many of them have spent almost their entire lives growing up as Americans. That being said, the law is the law and just as President Obama extended legal protections with an Executive order in 2012, President Trump could eliminate their legal status with the stroke of a pen. Financial institutions not only have the right but the legal obligation to consider this possibility when deciding whether or not to extend loans to students like Ms. Perez. What decisions they should make based on this information is a much tougher call. This case underscores why congress needs to craft common sense immigration reform.