Thursday, October 27, 2016

Social Media – Posting News Articles

I'd like to get some clarity on the requirements for posting news articles to different social media channels. We create several articles per month and would like to publish those articles on LinkedIn, Facebook, Instagram, Twitter, and anywhere else we deem appropriate. Are there specific issues with each of the respective channels that we need to be aware of? Any clarity you can offer on this would be greatly appreciated. 

There are a myriad of compliance issues associated with use of social media, but there are no easy or quick answers to your question. While the type of social media selected can impact compliance, the issues with which you should be most concerned are less the result of the channel you are using than the content of what you put there. Because of the rapidly evolving technology associated with social media, the regulators are struggling to identify exactly where consumer protection problems may exist and to formulate regulations that effectively address those problems.

With that in mind, in 2013, the Federal Financial Institutions Examination Council (FFIEC) promulgated “Consumer Compliance Risk Management Guidance” pertaining to the use of Social Media by regulated institutions. Basically, anything a mortgage lender – or even an individual loan officer – puts on social media (including the articles/newsletter referenced in your email, the substantive content thereof, and the identifying information surrounding that content that might lead a prospective borrower to use your services) is subject to regulatory scrutiny with respect to its compliance with a wide range of laws and regulations.

These are listed in the Guidance and include:
  1. the Fair Lending laws, Equal Credit Opportunity Act (Regulation B), and the Fair Housing Act;
  2. the Truth in Lending Act (Regulation Z);
  3. the Real Estate Settlement Procedures Act (RESPA) (Regulation X);
  4. the Fair Debt Collection Practices Act (FDCPA);
  5. Section 5 of the Federal Trade Commission Act and Sections 1031 and 1036 of the Dodd-Frank Act provisions prohibiting “unfair,” “deceptive,” or “abusive” acts or practices (UDAAP);
  6. rules governing payment systems, including the Electronic Funds Transfer Act; 
  7. the Bank Secrecy Act and Anti-Money Laundering laws;
  8. The Community Reinvestment Act;
  9. various laws pertaining to consumer privacy, including the Gramm-Leach-Bliley Act privacy rules and data security guidelines;
  10. the CAN-SPAM Act and Telephone Consumer Protection Act;
  11. the Fair Credit Reporting Act; and 
  12. various state and federal laws relating to fraud, false advertising, and brand identity. 

In addition, lenders need to be very concerned about what is commonly known as “reputation risk” and a whole range of “vendor management” issues with respect to third party service providers. 

These are discussed in more detail in two excellent articles by LCG’s Managing Director, Jonathan Foxx, entitled “Social Media and Networking Compliance” and “Advertising Compliance:Getting Ready for the Banking Examination,” both of which are available on LCG’s website, as separate White Papers or combined in an eBook. These articles provide a basic outline of the applicable legal and compliance issues involved in what you are hoping to do and at least some of the clarification you are looking for.

However, as already indicated, this is a highly complex and developing area of law and regulation and the further you delve into it, the more questions you may have. In that regard, do not be concerned by the fact that many of your competitors may not seem to be worried by any of this – that is because most MLOs and mortgage companies remain relatively uninformed about the significant legal and regulatory risks involved in the use of social media and because the regulatory enforcement mechanisms have not yet caught up to them.

Bottom line: anything you put on social media needs to be screened through the company’s compliance management systems and those systems need to be compliant in every way with the FFIEC Guidance.

Michael Pfeifer
Director/Legal & Regulatory Compliance
Lenders Compliance Group

Thursday, October 20, 2016

Spanish Language Websites and Flyers

In thinking about Spanish marketing materials, is there a problem with having a Spanish website or flyers in Spanish?

Yes, there can be specific liabilities involved here. The risks have to do with the language barriers that exist, which can, unfortunately, lead to Regulation B violations, UDAAP violations, or EFTA violations. This is because the borrowers may understand the materials that are presented in Spanish, such as the website, but they may not understand the other materials that are not in their language, such as the disclosures. The problems arise when lenders are not executing correctly.

While it is fine to have a website in Spanish, the language must continue throughout the entire process, which would include Spanish disclosures, as well. If a lender is going to advertise in a language other than English, they will be required to provide all documents and services in Spanish for those borrowers. This pertains to the entire process, such as disclosures and interpreter services.

Institutions still have the same responsibility under these Regulations and Acts to ensure that all documentation is clear and easily understood by their clients, and ensure that there is nothing which would appear to be “Unfair” or “Deceptive”, under the UDAAP law. This would begin with advertisement, and continue on through originations, disclosures, with interpreter services and possibly through to loan servicing, if applicable, in order to assist the borrowers in their language.

There has been an increase of regulatory scrutiny for the past year on this subject. We have included some commentary to assist in the understanding of what the requirements are.

In anticipation of a CFPB examination, here is a list of some actions that should be implemented in order to enforce and promote the protection of individuals that speak languages other than English in the consumer financial marketplace, entities offering consumer financial products and services should be proactive about monitoring their operations for potential ECOA, EFTA, and UDAAP violations, as well as issues involving other potential areas of vulnerability.
  • Maintain a strong compliance management and review system that includes a focus on or sensitivity to potential language discrimination issues;
  • Review current communication and transaction processes to ensure that non-English speaking individuals are given equal access to all consumer financial programs and services;
  • Self-identify potential ECOA and EFTA violations and remediate those practices as quickly as possible;
  • Implement a process to review marketing, offering, and transactional documents and materials, as well as other consumer-facing processes such as loan origination and consumer complaint systems, to screen for potential weaknesses and vulnerabilities related to language-based discrimination;
  • Limit areas where consumer-facing employees are free to exercise “subjective and unguided discretion” when interacting with non-English speaking consumers to minimize the risk of practices with unlawful discriminatory effects;
  • Conduct training programs for consumer-facing employees to increase awareness of and the appropriate handling of issues involving language-based discrimination, including educating employees on the potential for fair lending issues that could arise from the failure to appropriately handle potential language barriers;
  • Clearly disclose the terms of any consumer financial product or service in English and, where applicable, the consumer’s primary foreign language, and obtain translation services, as appropriate, to avoid potential issues;
  • Review customer complaints for signs of systemic ECOA, EFTA, or UDAAP issues arising from language-based discrimination complaints;
  • Affirmatively cooperate with federal and state regulatory authorities to address issues of concern involving potential language discrimination issues, and seek out clarity in areas in which there may be some uncertainty; and
  • Ensure accountability to monitor activities, maintain compliance programs, and address potential language-based discrimination issues throughout the organization, including at the level of senior management and Board of Directors. 

Director/Regulatory Audits and Controls
Lenders Compliance Group 
Executive Director/Servicers Compliance Group

Thursday, October 13, 2016

Force-Placed Flood Insurance

We are a lender that must occasionally force-place flood insurance. Could you please let us know what the timeline is for notification to the borrower? Also, how do we charge for retroactivity? And what is the required information on the insurance declarations page to show coverage?

If a lender or a servicer acting on behalf of the lender determines at any time during the term of a designated loan, that a building or a mobile home and any personal property securing the designated loan is not covered by flood insurance or is covered by flood insurance in an amount less than the amount required, then the lender or servicer acting on its behalf, must notify the borrower that the borrower should obtain flood insurance, at the borrower’s expense, in an amount at least equal to the amount required, for the remaining term of the loan.

With respect to notification, if the borrower fails to obtain flood insurance within 45 days after notification, then the lender or its servicer must purchase insurance on the borrower’s behalf. The lender or its servicer may charge the borrower for the cost of premiums and fees incurred in purchasing the insurance, including premiums or fees incurred for coverage beginning on the date on which flood insurance coverage lapsed or did not provide a sufficient coverage amount.

Under Regulation X, the implementing regulation of the Real Estate Settlement Procedures Act, the Consumer Financial Protection Bureau requires a servicer to send two written notices before a servicer can assess a force placement charge on a borrower: (1) a notice at least 45 days before assessment of a charge, and (2) a notice at least 30 days after the initial notice and at least 15 days before assessment of a force placement charge. [12 CFR 1024.37(c)-(d)] However, the lender or its servicer still would be required to send the mandated 45-day notice following the lapse of the borrower’s policy.

Regarding retroactivity, the plain language of the applicable statute provides that the lender or servicer may charge for premiums and fees incurred for coverage beginning on the date on which flood insurance coverage lapsed or did not provide a sufficient coverage amount. Further, when the lender determines there is a coverage lapse or insufficient coverage, the Flood Disaster Protection Act (FDPA) requires the institution to send a notice to the borrower.

A lender or its servicer can force-place flood insurance beginning on the day the borrower’s policy lapsed or did not provide sufficient coverage, and also, as of that day, the institution can charge the borrower for the force-placed insurance. [12 CFR 1024.37(c)-(d)]

If a lender, despite its monitoring efforts, discovers a policy with insufficient coverage, the lender may charge back to the date of insufficient coverage provided it has purchased a policy that covers the property for flood loss and that policy was effective as of the date of insufficient coverage. However, if purchasing a new policy is necessary to force-place insurance upon discovery of insufficient coverage, a lender may not charge back to the date of lapse or insufficient coverage because the policy did not provide coverage for the borrower prior to purchase.

Under the FDPA, as amended by the Biggert-Waters Act, a lender or its servicer must accept from the borrower an insurance policy declarations page that includes the existing flood insurance policy number and the identity of, and contact information for, the insurance company or its agent. This is known as “sufficient demonstration,” meaning that the foregoing information and documentation are all that is required under Biggert-Waters for an insurance policy declarations page to be considered sufficient evidence of a borrower’s flood insurance coverage.

This minimum sufficient demonstration can cause concern at times, since the required information does not have to include the policy term effective dates, the current flood coverage amount, limitations and exclusions, the mortgagee’s identity, and, if the coverage is provided by a private flood policy, some documentation that the policy satisfies either the Biggert-Waters definition of private flood insurance or the mandatory purchase requirement.

Indeed, with respect to private flood insurance, the requirement to accept the declarations page as sufficient demonstration may cause lenders to accept a private flood insurance policy based on the declarations page, only to later determine that the policy is unacceptable.

Nevertheless, a lender is responsible for making all necessary inquiries into the adequacy of the borrower’s insurance policy to ensure that the policy complies with the mandatory purchase requirement. If the lender determines the coverage amount or any terms and conditions fail to meet applicable requirements, the lender should notify the borrower and request that the borrower obtain an adequate flood insurance policy.

Jonathan Foxx
Managing Director 
Lenders Compliance Group

Thursday, October 6, 2016

Eligibility Information in Affiliate Marketing

We are a bank that was recently cited for violations of affiliate marketing procedures. We did not have a pre-existing business relationship, but it seems that our violation also was caused by our use of “eligibility information.” What is “eligibility information?” Also, how is it a factor in affiliate marketing?

A consumer has the right to restrict affiliate marketing from a financial institution, where the former does not have a pre-existing business relationship with the latter. The restriction applies to using certain information obtained from an affiliate to make solicitations to that consumer. This provision is distinct from giving a consumer the right to restrict the sharing of certain consumer information among affiliates. [Section 603(d)(2)(A)(iii)]

A financial institution may not use information received from an affiliate to market its products or services to a consumer, unless the consumer is given notice and a reasonable opportunity and a reasonable and simple method to opt out of the making of such solicitations. The affiliate marketing opt-out applies to both “transaction” or “experience” and “other” information, such as information from credit reports and credit applications.

To be clear, exceptions to the notice and opt out requirements apply when an entity uses “eligibility information” in certain ways. Eligibility information includes not only transaction and experience information, but also the type of information found in consumer reports, such as information from third party sources and credit scores. Eligibility information does not include aggregate or blind data that does not contain personal identifiers such as account numbers, names, or addresses. [12 CFR 571.20(b)(3)]

Specifically, “eligibility information” is defined in the affiliate marketing regulation as any information the communication of which would be a consumer report if the exclusions from the definition of “consumer report” in Section 603(d)(2)(A) of the Fair Credit Reporting Act do not apply.

With respect to the pre-existing business relationship, a financial institution establishes this relationship based on:
  • A financial contract between the person and the consumer which is in force on the date on which the consumer is sent a solicitation covered by the affiliate marketing regulation;
  • The purchase, rental, or lease by the consumer of the person’s goods or services, or a financial transaction (including holding an active account or a policy in force, or having another continuing relationship) between the consumer and the person, during the 18- month period immediately preceding the date on which the consumer is sent a solicitation covered by the affiliate marketing regulation; or
  • An inquiry or application by the consumer regarding a product or service offered by that person during the three-month period immediately preceding the date on which the consumer is sent a solicitation covered by the affiliate marketing regulation. 

One of the regulatory triggers for affiliate marketing violations is in the area of solicitations, which is the marketing of a product or service initiated by a person, such as a financial institution, to a particular consumer that is:
  • Based on eligibility information communicated to that person by its affiliate; and
  • Intended to encourage the consumer to purchase or obtain such product or service. [12 CFR 571.20(b)(5)]

Examples of a solicitation include a telemarketing call, direct mail, e-mail, or other form of marketing communication directed to a particular consumer that is based on eligibility information received from an affiliate. A solicitation does not include marketing communications that are directed at the general public (i.e., television, general circulation magazine, and billboard advertisements).

Jonathan Foxx
Managing Director
Lenders Compliance Group