QUESTION
My colleagues and
I love your weekly FAQs. Thank you for this obvious labor of love! You have
written many FAQs about UDAAP. As a compliance attorney, I realize that UDAAP violations
are broadly applied. What I would like to see is a general definition of UDAAP.
Also, what do you recommend for a policy statement affirming a company’s
commitment to UDAAP? What do you consider the high-risk areas of UDAAP?
Finally, can you let us know some Best Practices for UDAAP compliance?
ANSWER
Thank you for
your kind words. It is a labor of love – one that we embrace gladly! The weekly
FAQ is an extension of our commitment to provide an elevated level of compliance
services from a dedicated team!
We feel so strongly about the importance of monitoring UDAAPs that we provide the UDAAP Tune-up!™
We feel so strongly about the importance of monitoring UDAAPs that we provide the UDAAP Tune-up!™
Let’s lay out
some basic details. Section 5(a) of the Federal Trade Commission Act (“Act” or “FTCA”)
[15 USC 45(a)(1)] prohibits "unfair or deceptive acts or practices” (“UDAP”)
in or affecting commerce. The Act applies to all entities engaged in commerce,
including banks. Federal regulators are charged with taking appropriate action
when unfair or deceptive acts or practices are discovered. For instance, the
Federal Reserve Board’s (FRB) Regulation AA specifically proscribes unfair or
deceptive practices. The Consumer Financial Protection Bureau (CFPB) has set
forth rules about UDAAPs, and the Federal Trade Commission (FTC) helps enforce
them. Indeed, federal and state regulatory examiners are looking for UDAAP
violations as a part of their routine compliance examinations.
Put
more concretely, the Dodd-Frank Act made it unlawful to engage in any “unfair,
deceptive or abusive act or practice” – “UDAAP,” note the two As. [Dodd-Frank
Act, Title X, Subtitle C, Sec. 1036; PL 111-203 (July 21, 2010)] The
responsibility for enforcing the prohibition against "abusive" acts
or practices was given to the Consumer Financial Protection Bureau (CFPB) under
Dodd-Frank, but the prudential regulators still retain their authority to
enforce UDAP under Section 5 of the FTCA.
With regards to a
brief, general UDAAP definition, I will venture the following:
An act or practice that is unfair if it (1) causes or is likely to cause substantial injury to
consumers, (2) cannot be reasonably avoided by consumers, and (3) is not
outweighed by countervailing consumer benefits. An act or practice is deceptive
when a representation, omission, or practice misleads (or is likely to mislead)
consumers, and the misleading representation, omission, or practice is
material. An act or practice is abusive when (a) it materially
interferes with the ability of consumers to understand a term or condition of a
consumer financial product or service; (b) takes unreasonable advantage of consumers’
lack of understanding of the material risks, costs, or conditions of the
product or service; (c) disadvantages consumers in protecting their interests
in selecting or using a consumer financial product or service; and (d) exploits
the consumers’ reasonable reliance on an institution to act in the consumers’
interests.
Most
of our clients ask us to provide policies and procedures, either for new
versions or by reviewing existing versions. We encourage an affirmation
statement – which we sometimes call a “Preamble” – in the policy document. For
a UDAAP policy, the following is some helpful verbiage (though a company’s size,
complexity, and risk profile would affect the wording of the statement):
It is the policy of this financial institution to fully
comply with FRB Regulation AA and Section 5(a) of the Federal Trade Commission
Act (FTCA). Both Regulation AA and the FTCA prohibit unfair or deceptive acts
or practices. The Consumer Financial Protection Bureau (CFPB) makes rules about
UDAAPs, and the Federal Trade Commission (FTC) enforces them. This financial
institution fully recognizes that unfair or deceptive practices are prima
facie wrong, and it also recognizes that it must have compliance procedures
in place to prevent unintended violations of Regulation AA and the FTCA.
Therefore, the Board has directed that management develop a document containing
appropriate compliance procedures and train employees periodically regarding unfair,
deceptive, or abusive acts or practices.
There are numerous ways to trigger UDAAP
violations. Here are just a few.
Advertising Representations made in a financial institution’s
advertising must be accurate and clear. When preparing an advertisement,
omission of important information or failure to fairly disclose the terms and
conditions of a product or service would be a UDAAP violation and is therefore
against the institution’s policy.
Disclosures Representations made in disclosure documents must be
accurate, clear, and informative. When preparing a disclosure document, the omission
of important information or failure to fairly disclose the terms and conditions
of a product or service is a UDAAP violation and against an institution’s policy.
Contract Documents Loan documents are legal contracts
between a mortgage lender and the consumers. Representations made in these contracts
must be accurate and clear. When preparing a contract document, the omission of
important information or failure to fairly disclose the terms and conditions
contained in the contract is a UDAAP violation and against the institution’s
policy.
Higher-Risk Products By their nature, some loan products
have more potential for UDAAP violations than others. Among the higher-risk
products or services are credit cards, overdraft protection, rewards checking,
and products developed specifically for the elderly or the unsophisticated.
(The compliance officer must monitor these products regularly for potential
violations of UDAAP).
Third Parties Financial institutions from time to time contract with
third parties for marketing, credit/debit card support, credit/life insurance,
mortgage loan support, and bad debt collection support. Each poses significant
UDAAP risk. (The compliance officer must monitor these products regularly for
UDAAP violations.)
The institution
should ensure that all affected employees follow these practices:
- Review all promotional materials to make sure they contain no UDAAP violations. There must be no fine print provisions, inconspicuous negative disclosures, or misleading headlines. There must be a factual basis for all representations in promotional materials.
- During one-on-one discussions with consumers, bring to the consumers’ attention key terms, limitations, or other items of a negative nature. Consumers are entitled to make informed decisions.
- When a product contains favorable introductory terms, clearly disclose the expiration date of the introductory terms.
- Clearly and timely disclose to consumers information about fees, penalties, and other charges.
- Be extremely cautious about the use of the terms “pre-approved” or “guaranteed.” As a general rule, do not use these terms in promotional materials.
- Clearly inform consumers of any contract provisions that permit the institution to change the terms and conditions of consumers’ agreements.
- Clearly inform consumers when approving them for a product or service and the terms and conditions of approval are less favorable than those previously stated to consumers or in an advertisement.
- Tailor advertisements to meet the level of sophistication of intended recipients. Avoid advertising terms that are not available to most consumers who will be viewing the piece.
- Exercise sufficient controls over third parties to prevent them from committing UDAAP violations.
- Inform co-signers in writing of their responsibilities and potential liabilities before becoming obligated on a loan. Do this by providing the co-signer with a written notice.
Jonathan Foxx, PhD., MBA
Chairman & Managing Director
Lenders Compliance Group
