Monday, December 28, 2020

Holidays, a Time for Reflection

This year I feel a heavy heart on the holidays. My greatest heartache comes from the sadness of losing so many of our fellow Americans to the lethal COVID virus. 

And the next few months will show an increase in deaths due to COVID, possibly as much as nearly a half-million by the spring. None of us has ever experienced anything like this loss. It is so huge that my mind has a hard time contemplating its immensity. Each person who has died – some of whom I have known and loved – deserved to be with their family on these holidays. Now it cannot be.

I wrote the Business Continuity Plan Checklist & Workbook, includes COVID-19 Pandemic Response to contribute in my way to helping people to be careful, plan, accept science, set aside hubris, and protect themselves, their families, other employees, and their fellow Americans. I did not charge a fee. A publisher asked if I would sell it. How can one charge for such information that is needed in the middle of a pandemic? 

The document is now on its eighth update, last published on November 5th, consisting of 211 pages. The ninth update will follow soon, since the federal relief plan has only just now been signed into law. The downloads have exceeded well over a thousand. Yet, I wonder if my effort was effective. I hope so. If it changed a few organizations to act responsibly, even just a few, it was well worth the effort.

We just passed Hanukkah, the Festival of Lights, a time to realize that a little hope goes a long way, like the consecrated lamp oil that was found for use to last a single day in the ancient temple, which had been destroyed; yet the oil burned for eight nights. Perhaps you can see that, against all odds, we should have faith in new beginnings. 

We just passed Christmas, on December 25th, the date fixed in the fourth century to coincide with the winter solstice; the Eastern church celebrates it on January 7th. It has been referred to as the Feast of the Nativity. What does Jesus symbolize if not the chance to have faith in new beginnings?

We just passed the beginning of Kwanzaa, on December 26th, the annual celebration of African-American culture dedicated to a striving for the seven principals of unity, self-determination, collective work and responsibility, cooperative economics, purpose, creativity, and faith. It celebrates the festival of "first fruits," a dedication to family, community, and culture - a time to have faith in new beginnings.

And the New Year approaches, inevitably, as a reminder that our time is finite, so we should look within to have faith in new beginnings.

These holidays are joyous but also bittersweet. Joyous because they remind us to have faith in new beginnings; bittersweet because each of them comes with a sense of having lost hope at times, ruminations about challenges that seemed too great to bear – and we reflect on what was lost along the way. 

We put down our path as we walk it. Our path is uniquely ours. Friends and family are part of our joy. We are together, but, ultimately, we are alone to face the consequences of our actions. Psalm 30:5 says, weeping may tarry in the night, but joy cometh in the morning. Let us have hope.

Many people I have spoken to seem to grasp at life continually, but I think living well is learning to let go. It seems natural to grasp, but I think letting go is the way to move from strength to strength. We don’t have to be afraid of letting go because we grow when we let go, we heal when we slough off the coils of the past.

So, for me, the holidays this year are a somber time. I will reflect. I will hug my loved ones with all my might. I will make sure I am in contact with them, too, by remote viewing.

And I will find it within myself to have faith in new beginnings.

Dear friends, clients, colleagues, and subscribers, may this holiday season fill you with faith in new beginnings. Keep open the door to your heart in memory of those who have lost so much this year due to the pandemic. 

Take good care of yourselves and loved ones, so that you stay safe and healthy. We will get beyond these challenges and find new insights to strengthen our souls. Courage.

May you all have a safe, healthy, and joyous New Year!

Best wishes,

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

Thursday, December 17, 2020

Violating TILA's High-Cost Provisions

We received a letter from the banking department that accuses us of violating high-cost mortgage provisions. This came from a review of 75 loan files, which they conducted remotely earlier this year. 

This is pretty scary for us. We are a small lender, licensed in only one state, and this kind of action has never happened. 

The violation specifically mentions the added provisions to the high-cost mortgage rule. We want to know more about these added provisions. 

Can you provide some information about the added provisions to the high-cost mortgage rule?

I understand that you are a bit upset about this situation. In my experience, banking departments do not go out of their way to “accuse” their licensees of violations. Generally, their orientation is geared toward consumer advocacy, and ensuring that supervision and enforcement are maintained across the range of companies in their purview. 

So, trust me, it’s very unlikely that you were singled out. This is just a banking department doing its job. Regulators want their licensees to operate within applicable federal and state guidelines.

Prior to the enactment of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (“Dodd-Frank Act”), Regulation Z contained a set of restrictive provisions affecting high-fee, high-rate mortgage loans, which generally were referred to as HOEPA (Home Ownership and Equity Protection Act) or Section 32 mortgage loans (because the main provisions were found in Regulation Z § 1026.32).

The Dodd-Frank Act amended the Truth in Lending Act (TILA) to change the name to “high-cost mortgages” or HCMs, expand the scope of coverage, alter the coverage thresholds, and enhance the restrictions and prohibitions, but not until the CFPB amended Regulation Z (TILA’s implementing regulation), thereby promulgating the changes.

On January 13, 2013, the CFPB did just that, adopting its HCM Rule, also known as the January 2013 HOEPA Rule, with implementation delayed until January 10, 2014. Regulation Z requires special disclosures for HCMs and prohibits them from including certain provisions. In addition, consumers have enhanced remedies for violations, including rescission, higher damages, and higher potential liability for purchasers and assignees.

The HCM Rule added the following restrictions:

(1) a general ban of prepayment penalties and balloon payments, with limited exceptions including one for certain balloon loans made by creditors serving rural or underserved areas;

(2) a prohibition of fees for modifying HCMs;

(3) a cap on late fees of 4% of the past due payment;

(4) a prohibition of closing costs rolled into the loan amount;

(5) a restriction on the charging of payoff statement fees;

(6) a ban of certain other practices, such as encouraging a consumer to default on an existing loan to be refinanced by an HCM; and,

(7) a requirement of homeownership counseling before taking out an HCM; and (8) an enhanced requirement that creditors assess repayment ability.

Let me broaden this out a bit by discussing a recent decision in a federal district court in California, where TILA’s HCM provisions were applied. The case is Sundby v. Marquee Funding Group, Inc. [Sundby v. Marquee Funding Group, Inc., 2020 U.S. Dist. (S.D. Cal. Sept. 15, 2020)]

In 2016 and 2017, Sundby and his spouse obtained a loan and then refinanced it, obtaining both loans in the name of Sundby Trust, their family trust, and securing both with their home.

Sundby sued the two lenders for the same three alleged violations of TILA: (1) the inclusion of a prepayment penalty, (2) the inclusion of a balloon payment, and (3) a failure to abide by the ability-to-repay provisions.

After denying the lenders’ motions for summary judgment, the court granted summary judgment for Sundby.

The loans were HCMs because they required prepayment penalties exceeding 2 percent. TILA includes other ways of falling into the HCM category, but one automatic determinant is having a prepayment penalty exceeding 2 percent. The net result, then, is that the HCM violates TILA because it has a prepayment penalty.

The first loan contained a clause requiring the payment of a prepayment penalty equal to at least “90 days of interest from the day of this loan funding,” or $64,109.59, which amounted to more than 2 percent of the loan amount ($2,600,000) or $238,333.37. 

The second loan also carried a prepayment penalty of more than 2% because it required the payment of a prepayment penalty equal to “the difference between Six (6) month(s) of interest” and the interest due as of the “date of the prepayment” if “this loan [for $3,160,000] is paid off or refinanced during the first Six (6) month(s) of the term.” Given that the prepayment penalty could be as high as $150,100.02, it would exceed 2 percent of the loan amount.

This fact – having a prepayment penalty exceeding 2 percent – pushed the loans into the HCM category. It also meant that each loan violated TILA’s HCM prohibition of prepayment penalties.

The loans violated the HCM balloon payment prohibition because each loan required its entire principal and remaining interest due on a single day at the end of the loan and referred to that payment as a “balloon balance.”

The lenders also violated TILA by failing to adequately assess Sundby’s ability to repay. The applications for the loans did not include income or assets other than the subject property and listed only $7,200 monthly income, $5,840 expenses, $15,000 in non-property assets, and $40,000 in non-mortgage liabilities to service a $3,160,000 loan with $833.89 daily interest.

The parties included no additional evidence substantiating the lenders’ efforts to test or analyze Sundby’s ability to pay the loan. Given the lack of information available to the lenders, the lack of other evidence to indicate their due diligence, and the lenders’ failure to contest the ability to pay violation, the court granted summary judgment for Sundby as to the ability to repay.

So, what does this decision tell us? 

The case involved the restrictions and prohibitions that were added by the HCM Rule. 

Regulation Z already included, and still includes, other prohibitions, including prohibitions of negative amortization, advance payments, default interest rates, and non-actuarial rebates.

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

Friday, December 11, 2020

Criminal Liability in TILA

I am the General Counsel of a small bank in the Midwest. 

Bank lawyers typically focus on the civil liability provisions of TILA. However, I think we have a blind spot when it comes to criminal liability. 

I am catching up on criminal liability with respect to TILA violations. I hope you can start me off in the right direction. 

How can criminal liability arise in violations of TILA?

It may be worthwhile to consider criminal liability in viewing violations of the Truth in Lending Act (TILA).

TILA § 112 specifies:

“Whoever willfully and knowingly (1) gives false or inaccurate information or fails to provide information which he is required to disclose under the provisions of [TILA] or any regulation issued thereunder, (2) uses any chart or table authorized by the Consumer Financial Protection Bureau (CFPB) under section 1606 of this title in such a manner as to consistently understate the annual percentage rate determined under section 1606(a)(1)(A) of [TILA], or (3) otherwise fails to comply with any requirement imposed [by TILA], shall be fined not more than $5,000 or imprisoned not more than one year, or both.” (My emphasis.)

It is worth noting that this TILA provision rarely sees the light of day, but it is available. A case comes to mind where the U.S. Court of Appeals for the 2nd Circuit affirmed its use against a payday lender. The case is United States v. Moseley. Let’s use this case as a learning tool toward understanding the application of criminal liability to a TILA violation. [United States v. Moseley, 2020 U.S. App. (2nd Cir. Nov. 3, 2020)]

For about ten years, Moseley ran a payday loan business, using several domestic and foreign loan entities, including entities in Nevada, the Federation of St. Kitts and Nevis (“Nevis”), and New Zealand, where no usury statutes existed. Moseley and his employees administered the enterprise solely from offices located in Kansas City, Missouri.

In 2014, the CFPB shut the business down on the basis of the illegalities that became the subject of Moseley’s prosecution.

Moseley’s business had offered small-dollar, short-term, unsecured loans in amounts up to $500. The business charged “fees” that functioned as interest payments. Using the Internet, Moseley’s business directly credited the borrower’s bank account with the loan principal by using the borrower’s private banking information. 

For each “loan period,” Moseley charged a $30 fee for each $100 of the borrower’s total loan amount. The business automatically deducted these fees from the borrower’s bank account and credited them to Moseley’s entity at the end of the first loan period.

Unlike the debited fees, repayment would not automatically occur. Unless the borrower affirmatively acted to pay off the principal by the end of the 2-week loan term, the loan would be “refinanced,” (sic) and the term automatically extended

For each extension, an additional equal fee would be debited against the borrower’s account and credited to Moseley’s business. Consequently, absent an affirmative act by the borrower to pay off the principal, Moseley would continue debiting the account each 2-week period, and the result could, and on occasion did lead to total finance charges of $780 on the original $100 loan, in effect an approximate yearly interest rate of 780%, none of which would be credited toward repayment of principal.

As if that wasn’t bad enough, Moseley took his scheme further by actually implementing a separate scheme that almost certainly reduced his chances for acquittal. A potential borrower searching for short-term cash would enter personal information online in a “lead generator” website maintained by a third party hired by Moseley’s business. The “lead generator” website was one in which a potential customer could express an interest in a loan but was not provided loan terms and was not actually agreeing to receive a loan. Upon receiving an expression of interest, the lead generator would forward the prospective borrower’s information to Moseley’s business.

I think you can guess where this scheme was going!

Moseley would then have his employees attempt to contact the potential borrower by phone and try to obtain borrower approval for making a loan. If phone contact was made, the employee would explain the loan’s terms to the borrower, who could then accept or decline a loan offer. If the potential borrower did not answer the phone, the employee would leave a voicemail message about the offer, and the loan would be approved and made anyway, even absent the borrower’s consent.

How was that possible?

It was possible because individuals provided banking information at the get-go, in their inquiry to the lead generator, without having established a business relationship or entered into an agreement. Moseley’s business would then deposit the loan principal into the borrower’s account and begin deducting fees as described above.

In testimony at trial, one of Moseley’s employees estimated that the business never made direct contract with about 70 percent of eventual borrowers. Although all borrowers eventually received loan documents by email, the e-signatures on those documents were falsified. 

Also at trial, Moseley tried to show that borrowers “e-signed” the agreements when they inquired about loans. The government introduced substantial evidence to the contrary, from which, according to the court, the jury could have concluded that those borrowers whom Moseley’s staff did not contact by phone had no notice of loan terms and had no opportunity to accept or reject those terms before the related credits and debits began.

In an attempt to avoid state criminal usury caps, Moseley incorporated entities offshore and edited the online loan agreements to include a “choice of law” provision specifying that the law of one of the three jurisdictions (Nevada, Nevis, or New Zealand) governed the transaction. A "choice of law" or "governing law" provision in a contract allows the parties to agree that a particular state's laws will be used to interpret the agreement, even if they live in (or the agreement is signed in) a different state.

The disclosures in Moseley’s loan documentation included a box labeled “Total of Payments,” described as the “amount you will have paid after you have made the scheduled payment.” The figure displayed in this box was the sum of the loan principal and a single “fee.” The Total of Payments disclosure did not indicate that no repayment of the principal was actually “scheduled” to occur, nor did it indicate that indefinitely recurring finance charges were “scheduled” to occur. Rather, text in fine print below the disclosure box advised that the single payment of loan principal and a single finance charge whose sum it displayed would become “scheduled” only if the borrower signed a specified separate form and “fax[ed] it back to our office at least three business days before your loan is due.” As a result, the Total of Payments disclosure was inaccurate for any borrower who did not affirmatively and timely act by sending a facsimile to pay off the loan principal.

Here's where we enter the realm of criminal liability. A jury convicted Moseley of violating the Racketeer Influenced and Corrupt Organizations Act (RICO) and TILA § 112. The district court sentenced Moseley primarily to 120 months in prison and ordered him to forfeit $49 million.

The 2nd Circuit affirmed. After affirming the RICO conviction, the 2nd Circuit agreed that the jury also had sufficient basis to find that Moseley “willfully and knowingly…[gave] false or inaccurate information or fail[ed] to provide information which he [was] required to disclose [by TILA].”

The Total of Payments disclosure included just one finance charge in addition to the loan principal amount, notwithstanding Moseley’s knowledge and intention that, unless the borrower acted, the total he or she would pay would amount to much more than a single finance charge, and that the Total of Payments had no upper limit at all (except that Moseley’s business generally and arbitrarily viewed a loan as repaid after 40 or 45 charges).

TILA-compliant disclosures must reveal the total of payments under the payment schedule set at the time of loan disbursement, not under an illusory payment schedule achievable only after the borrower undertakes steps described in the fine print.

I would also suggest that the jury rationally could have found that it was inaccurate and misleading for Moseley’s Total of Payments to show disclosure of just the loan principal plus one finance charge, especially in view of the fact that no such payment was actually scheduled. The court noted that the fact that the total of payments amount could be difficult to predict, and would vary from borrower to borrower, did not exempt Moseley from the obligation to disclose the potentially limitless “scheduled” amount.

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

Friday, December 4, 2020

Guidance versus Regulations

We appreciate your weekly FAQs. It is printed and handed out to staff in our Monday compliance meetings. Thank you for your dedication to our compliance needs.

In one of our meetings recently, there was quite a bit of discussion about the difference between regulations and guidance. The consensus was that regulations must be followed, but guidance is not required to be followed.

The thinking was that regulatory guidance would become regulations, so we should just follow them anyway.

Our question is, what’s the difference between regulations and guidance?

First and foremost, thank you for reading our FAQs. We have provided this labor of love for many years because of our philosophy to serve our clients and the mortgage community more broadly. In fact, our very motto – Creating a Culture of Compliance® – is reflective of our commitment and vision.

Your question is a good one. Regulations and guidance are not synonyms, but they are closely aligned. I will offer some insight into the difference by considering a current regulatory proposal. 

The Federal Reserve, Consumer Financial Protection Bureau, Federal Deposit Insurance Corporation, National Credit Union Administration, and Office of the Comptroller of the Currency are asking for comment on a proposal that outlines and confirms the agencies' use of supervisory guidance for regulated institutions.

The proposal would codify the 2018 Interagency Statement Clarifying the Role of Supervisory Guidance (“2018 Statement”) that clarified the differences between regulations and guidance. The 2018 Statement reiterated well-established law by stating that, unlike a law or regulation, supervisory guidance does not have the force and effect of law. 

The agencies do not take enforcement actions or issue supervisory criticisms based on noncompliance with supervisory guidance. Instead, supervisory guidance outlines supervisory expectations and priorities or articulates views regarding appropriate practices for a given subject area.

Thus, in contrast to supervisory guidance, regulations do have the force and effect of law, and enforcement actions can be taken if regulated institutions violate the regulations. Regulations are also generally required to go through a notice and comment process.

To amplify this outline further, the agencies had issued the 2018 Statement on September 11, 2018, to explain the role of supervisory guidance and describe the agencies’ approach to supervisory guidance. An interesting feature of the 2018 Statement was its view that agencies issue various supervisory guidance types to their respective supervised institutions, including, but not limited to, interagency statements, advisories, bulletins, and policy statements, questions and answers, and frequently asked questions.

To be clear, supervisory guidance outlines the agencies’ supervisory expectations or priorities and articulates the agencies’ general views regarding appropriate practices for a given subject area. Supervisory guidance often provides examples of practices that mitigate risks or that the agencies generally consider to be consistent with safety and soundness standards or other applicable laws and regulations, including those designed to protect consumers.

It is also worth noting that the agencies stated in the 2018 Statement that supervised institutions sometimes request supervisory guidance. That guidance is essential to providing clarity to these institutions in a transparent way that ensures consistency in the supervisory approach.

Here’s the important takeaway: the 2018 Statement restates existing law and reaffirms the agencies’ understanding that supervisory guidance does not create binding, enforceable legal obligations. Furthermore, it reaffirms that the agencies do not issue supervisory criticisms for violations of supervisory guidance, and the appropriate use of supervisory guidance by the agencies.

Specifically, in this particular interagency statement, the agencies also expressed their intention to (1) limit the use of numerical thresholds in guidance; (2) reduce the issuance of multiple supervisory guidance on the same topic; (3) continue efforts to make the role of supervisory guidance clear in communications to examiners and supervised institutions; and (4) encourage supervised institutions to discuss their concerns about supervisory guidance with their appropriate agency contact.

Financial institutions must use regulatory guidance constructively to be prepared for regulatory scrutiny. Implementing guidance provides certainty and transparency to financial institutions. 

In effect, by following regulatory guidance, a financial institution anticipates the agencies’ supervisory criticisms relating to identifying the practices, operations, financial conditions, or other matters that could have a negative effect on the safety and soundness of the financial institution; could cause harm to consumers; or could cause violations of laws, regulations, final agency orders, or other legally enforceable conditions.

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

Friday, November 27, 2020

Who owns the loan?

We came under an audit by our regulator a few months ago. Today we received their report.

The report shows a few issues that we’ll need to resolve. One of them involves the Notice of Loan Ownership. We were cited for failing to disclose the Transfer of Loan Ownership. 

Since we are now redrafting our policies and procedures, we want to know about the responsibility to issue this disclosure. 

Who is responsible for this disclosure, the company transferring the loan or the company receiving the loan?


Sometimes an action that seems intuitively correct is wrong as it relates to the law, Best Practices, and regulatory requirements. If I were to put your question to a large group of people, many of them would say that the transferring company is responsible, and many will say that the receiving company is responsible.

Section 131(g) of the Helping Families Save Their Homes Act, which was enacted in 2009, amended the Truth-in-Lending Act (TILA) to require a “creditor” who acquires a mortgage loan to disclose that fact to the borrower not more than 30 days after the date on which the loan is sold or otherwise transferred or assigned to a third party. In my view, the statute abuses the term “creditor” because TILA ascribes a specific meaning to that word. TILA defines “creditor” to mean a person who regularly extends consumer credit that is subject to a finance charge or is payable by a written agreement in more than four installments (not including a down payment) and to whom the obligation is initially payable, either on the face of the note or contract or by agreement if there is no note or contract.

The situation contemplated by § 131(g), to wit, the acquisition of a mortgage loan, attempts to impose a disclosure obligation on someone to whom the obligation is not initially payable, that is, on someone who subsequently acquires an already originated loan and does not meet TILA’s definition of creditor.

Regulation Z, implementing § 131(g), does not make the same mistake. It specifically provides, in Comment 39(a)(1)-1, that “the fact that a person purchases or acquires mortgage loans and provides the disclosures under this section does not by itself make that person a ‘creditor’ as defined in the regulation.” Indeed, the Federal Reserve Board (FRB), and later, the CFPB, concluded that Congress did not intend the word “creditor” to have the same meaning as “creditor” under TILA and Regulation Z. I know; a bit confusing!

To give effect to the legislative purpose, the agencies construed it to refer to the owner of the debt following the sale, transfer, or assignment, without regard to whether that party would be a “creditor” for other purposes under TILA or Regulation Z; hence, the regulation uses the term “covered person” instead of “creditor” in its provision implementing TILA § 131(g).

Although § 131(g) became effective immediately upon enactment, the FRB chose to adopt interim regulations to implement the section, so parties subject to the TILA disclosure requirement would have prompt guidance on how to interpret and comply with the statutory requirements already in effect. To allow time for operational changes, the FRB made compliance with the Regulation Z change optional until January 19, 2010. That did not mean noncompliance with the statutory requirement would necessarily go unpunished until January 19, 2010, although perhaps one could argue that the FRB’s delayed compliance date was an exercise of its authority under TILA to provide for adjustments to the statutory requirements.

In any event, the delayed compliance date meant that noncompliance with any requirement in the regulation that extended beyond the minimum required by the statute could not be punished unless it occurred on or after January 19, 2010.

This requirement must not be confused with the requirements of the Real Estate Settlement Procedures Act (RESPA) regarding mortgage servicing transfers. Under Regulation X, the implementing regulation of RESPA, consumers must be notified when their mortgage loan servicer has changed. In contrast, § 131(g) was intended to provide consumers with information about the identities of the owners of their mortgage loans, partly so they know whom they may contact if they want to exercise a right to rescind the loan. The provision was not intended to require a notice when a transaction does not involve a change in the ownership of the physical note, such as when the note holder issues mortgage-backed securities but does not transfer legal title to the loan.

In reviewing recent court decisions as they relate to the scope of TILA § 131(g) and its implementing provisions in Regulation Z § 1026.39, certain observations can be construed. One case provides insight into the treatment of TILA § 131(g).

The illustrative case is Kornea v. Fannie Mae,[i] in which a federal district court in Pennsylvania considered a consumer’s complaint that Fannie Mae had failed to disclose information about the ownership of his mortgage loan, in violation of § 131(g).

Kornea alleged that in June 2012 he received a letter from Chase, his loan servicer, explaining that his loan had been “sold into a public security managed by Fannie Mae” and that Chase was “authorized by the security to handle any related concerns” on its behalf. The letter provided the investor’s address, but not its name.

About seven years later, in May 2019, Kornea called Fannie Mae, seeking the loan holder’s identity. He was told the information could not be given to him over the phone. He then sent a registered letter to Fannie Mae requesting the owner’s name, address, and phone number. Fannie Mae did not respond. He sent a second letter, and again Fannie Mae did not answer. He sent a letter to Chase asking for the same information, to which Chase responded that Kornea’s loan could “be transferred between investors over its life, but its current investor [wa]s Fannie Mae.”

In October 2019, Kornea sued Fannie Mae under § 131(g)[ii]; however, the state court dismissed the claim as time-barred, though it allowed Kornea to file an amended complaint, in which he added Chase as a defendant. Chase removed the case to federal court.

The federal district court also dismissed the claim against Fannie Mae as time-barred, holding that claims under § 131(g) are subject to a 1-year limitation on actions. Because Kornea learned about the sale of his loan into a Fannie Mae security on June 19, 2012, his claim against Fannie Mae expired a year later, in 2013.

The court then turned to another TILA subsection, § 131(f)(2), because Kornea’s complaint included a claim against Chase under that subsection. That section requires a servicer, upon written request by a consumer obligor, to provide the obligor with the name, address, and telephone number of the owner of the obligation or the master servicer of the obligation.

TILA has a civil liability section[iii] that addresses a consumer’s right to sue for TILA violations. The section specifies that “any creditor who fails to comply with any requirement imposed under this part, including any requirement under § 125, subsection (f) or (g) of § 131, or part D or E of this subchapter” is liable. Accordingly, the creditor, not the servicer – unless, of course, the servicer also is the creditor or an assignee of the creditor – might be liable for violations of this requirement.

Kornea alleged only that Chase was the servicer of his loan, not that Chase was a “servicer-assignee.” As a result, according to the court, Kornea had not alleged “enough facts to show that Chase had any obligation to provide the information Section [131(f)(2)] requires.” The court continued, “And even if he had, Chase met TILA’s obligations in its June 3, 2019 letter responding to Kornea’s request for information by providing ‘the name, address, and telephone number of the owner of the obligation or the master servicer of the obligation.’”

From the foregoing matter, we can derive helpful guidance. Section 131(f)(2) seems quite clear that the servicer of a mortgage loan, whether a “servicer-assignee” or not, has an obligation to comply with its disclosure requirement. That subsection expressly refers to RESPA for the definition of a “servicer” as “the person responsible for servicing of a loan (including the person who makes or holds a loan if such person also services the loan).”

This definition does not incorporate the additional requirement that the servicer be an assignee, a fact various courts have overlooked.[iv] Chase appears to meet that definition. However, the court is right that Chase apparently satisfied its disclosure obligation and that TILA imposes liability for failure to meet that disclosure obligation only on the “creditor” of the loan, not the servicer (unless the servicer also meets the definition of creditor).

Thus, it may seem appropriate that if only servicers can violate TILA § 131(f)(2), Congress must have intended to create a cause of action for failing to comply with that section, whether it be against the servicer or the creditor with liability for the servicer’s failure.

To avoid rendering the subsection meaningless, some judges have applied agency principles to make the loan owner liable for violations by its servicer.[v]

And other courts have assumed liability without devoting attention to the distinction between a disclosure obligation under § 131(f)(2) and liability under § 130(a).[vi] 

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

[i] Kornea v. Fannie Mae, 2020 U.S. Dist. (E.D. Pa. Oct. 6, 2020)
[ii] 15 U.S.C. § 1641(g)
[iii] TILA § 130(a)
[iv] Including the U.S. Court of Appeals for the 9th Circuit in Gale v. First Franklin Loan Services, 701 F.3d 1240 (9th Cir. 2012).
[v] See, for instance, Montano v. Wells Fargo Bank, 2012 U.S. Dist. (S.D. Fla. Oct. 23, 2012); Galeano v. Fed. Home Loan Mortg. Corp., 2012 U.S. Dist. (S.D. Fla. Aug. 21, 2012); Kissinger v. Wells Fargo Bank, 888 F. Supp. 2d 1309 (S.D. Fla. 2012).
[vi] See Sam v. American Home Mortgage Servicing, 2010 U.S. Dist. (E.D. Cal. Mar. 3, 2010); Stephenson v. Chase Home Finance LLC, 2011 U.S. Dist. (S.D. Cal. May 23, 2011); and Erickson v. PNC Mortgage, 2011 U.S. Dist. (D. Nev. May 6, 2011).

Thursday, November 19, 2020

Housing Counseling Agency: RESPA Section 8

We ran into a problem with our banking department. They claimed that we violated RESPA when we paid a fee, equal to the borrower’s fee, to a Housing Counseling Agency. The HCA refers borrowers to us. We are being cited for a violation of RESPA Section 8. This seems unfair to the borrower, since the money is being paid to the agency on behalf of the borrower.

Is it permissible to pay a Housing Counseling Agency a fee that is commensurate with the HCA fee it charges the borrower?

There are myriad convoluted ways that Section 8 of RESPA may get triggered. Referrals are one of the booby traps of relationships between the parties to a loan transaction.

I suppose there is a workaround for your scenario, such as directly reimbursing the borrower (rather than the Housing Counseling Agency, or “HCA”) for payments the borrower makes to the HCA. But I would venture that you have already thought of that possibility. However, my hunch is that you want to continue the current relationship with the HCA, which is probably why you’re asking the question in the first place.

Section 8(a) of the Real Estate Settlement Procedures Act (RESPA) prohibits the transfer of a thing of value pursuant to an understanding that business will be referred to any person:

“No person shall give and no person shall accept any fee, kickback, or thing of value pursuant to any agreement or understanding, oral or otherwise, that business incident to or a part of a real estate settlement service involving a federally related mortgage loan shall be referred to any person.”

Thus, as a general proposition, no participant in a loan transaction covered by RESPA may pay anyone else for referring business to them. That said, the CFPB has provided some guidance that could – emphasis on the word “could” – possibly support a way to tiptoe past the booby trap, based on a similar scenario on which it opined recently. 

Keep in mind, however, that a “similarity” does not mean the “same” – it just means that there are overt facts that show similarity, though each scenario has to be understood not only within its context but also, on its own, to ensure it is entirely in compliance with RESPA.

On September 10, 2019, the CFPB issued a No-Action Letter Template in response to HUD’s request for a No-Action Letter regarding lender participation in its Housing Counseling Program.[i] The CFPB stated that it intended to grant applications from mortgage lenders for No-Action Letters based on its No-Action Letter Template, which specified the certifications applications should contain.

Then, on January 10, 2020, the CFPB issued a No-Action Letter (“Letter”) in response to an application filed by Bank of America using the No-Action Letter Template.[ii] The bank's request stated that it operated a “Connect to Own” program in which it entered into arrangements with HCAs that participated in HUD’s Housing Counseling Program for funding housing counseling services to consumers subject to specified conditions.

The request confirmed that the terms of the bank’s existing Housing Counseling Funding Agreements were formalized in memoranda of understanding (“MOUs”) between the bank and the participating counseling agencies, that (a) these MOUs and the bank’s related practices were compliant with applicable HUD requirements, and (b) any future housing counseling funding agreements would be formalized in MOUs between the bank and the participating housing counseling agencies, and (c) that those MOUs and the bank’s related practices would comply with the applicable HUD requirements.

The CFPB’s Letter to the Bank of America approved the bank’s request. The Letter stated that, unless or until terminated by the CFPB, the CFPB would not make supervisory findings, or bring a supervisory action against the bank under RESPA § 8 or Regulation X § 1024.14, or its authority to prevent unfair, deceptive, or abusive acts or practices, for including and adhering to a provision in the MOUs for conditioning the bank’s payment for the housing counseling services on the consumer applying for a loan with the bank – and here’s the “tiptoe past the booby trap!” – with respect to which the bank received proof of completion of housing counseling services from the participating counseling agency, even if that provision or the parties’ adherence to it could be construed as a referral under RESPA. Importantly (and dispositively), the Letter provided that the housing counseling services' payment level must not exceed a level commensurate with the services provided, and was reasonable and customary for the area.

My recommendation is to have the subject scenario further evaluated for compliance by a competent compliance professional. You can send them my answer. The specific facts and circumstances in this scenario must be scrutinized for compliance with applicable law. Several procedural, policy, and disclosure requirements need to be reviewed to avoid an allegation of violating RESPA Section 8. 

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

[i] No-Action Letter to HUD, CFPB (Sept. 10, 2019),
[ii] No-Action Letter to Bank of America, CFPB (Jan. 10, 2020),

Friday, November 13, 2020

Living Trusts: Rescission

We have several loans involving living trusts. One of them came to our attention because the borrower wants to rescind the loan we made to a living trust that he set up for his nephew's benefit. We made this loan just two days ago for improvements of a large patio and other structures.

But this was a loan to our borrower, not the nephew.

So, may we refuse to rescind by claiming the loan was to a trust and, therefore, not a consumer loan?


This question's resolution may be found in Regulation Z, Comment 3(a)-10, which provides that credit extended for consumer purposes to certain trusts is considered to be credit extended to a natural person rather than credit extended to an organization.

Expressly noted in the section for Trusts for Tax or Estate Planning Purposes:

In some instances, a creditor may extend credit for consumer purposes to a trust that a consumer has created for tax or estate planning purposes (or both). Consumers sometimes place their assets in trust, with themselves or themselves and their families or other prospective heirs as beneficiaries, to obtain certain tax benefits and to facilitate the future administration of their estates.

During their lifetimes, however, such consumers may continue to use the assets and/or income of such trusts as their property. A creditor extending credit to finance the acquisition of, for example, a consumer’s dwelling that is held in such a trust, or to refinance existing debt secured by such a dwelling, may prepare the note, security instrument, and similar loan documents for execution by a trustee, rather than the beneficiaries of the trust.

Regardless of the capacity or capacities in which the loan documents are executed, assuming the transaction is primarily for personal, family, or household purposes, the transaction is subject to the regulation because in substance (if not form) consumer credit is being extended.

We don’t know categorically about a living trust, but it sounds as though it’s the sort of trust contemplated in Regulation Z, Comment 3(a)-10. I say this because the U.S. Court of Appeals for the 9th Circuit recently considered a similar situation.[i]

Here’s what happened.

As trustee of the Lou Ross Easter trust, Gilliam obtained a loan from Levine to finance repairs to a residential property that was the main asset of the trust. The property was the security for the loan. The borrower’s sister, Lou, had created the trust for the benefit of Lou’s daughter. After Lou died, Gilliam became the trustee. Gilliam obtained the loan to make repairs to the property, so her niece, as the sole beneficiary of the trust, could continue to reside there.

But Gilliam sued Levine for rescission and damages, alleging that Levine had violated TILA by failing to disclose the payment schedule accurately. Levine argued that the loan was not a consumer credit transaction because the trust property securing the loan was not the borrower’s primary residence, even though it was her niece's residence.

And here’s the decision, in brief: The district court dismissed the complaint, finding that the loan was not a consumer credit transaction. The district court mentioned the Regulation Z Commentary as the source for determining whether a transaction is for business purposes under RESPA, but did not mention Comment 3(a)-10.

Levine appealed, and, on appeal, Levine asserted that, as a general rule, a trust does not qualify as a natural person under TILA and cannot be a party to a consumer credit transaction, subject only to a limited exception when the loan is to finance the residence of the trustee.

Then, the 9th Circuit reversed. It held that Gilliam sufficiently alleged that the loan was obtained for a consumer purpose. It decided that Comment 3(a)-10 provides that a loan for “personal, family, or household purposes” of the beneficiary of this type of trust is a consumer credit transaction. The Comment explains that “[r]egardless of the capacity…in which the loan documents are executed,” trusts should be considered natural persons under TILA, so long as the transaction was obtained for a consumer purpose because “in substance (if not form) consumer credit is being extended.”

Thus, the lender’s argument attempted to draw an artificial distinction between a loan obtained for the benefit of the trustee alone and a loan obtained to benefit trust beneficiaries.

According to the 9th Circuit, the issue was one “of first impression under federal and state regulation of consumer credit transactions.” 

Worth mentioning is that, in addition to TILA, Gilliam included claims under California’s Rosenthal Act and RESPA. Finding the definitions of consumer credit transaction identical under TILA and the Rosenthal Act, and that RESPA’s definition required only that the transaction be for a consumer purpose, the 9th Circuit concluded that transactions such as this one should be regarded as consumer credit transactions under all three statutes. 

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

[i] References: Gilliam v. Levine, 955 F.3d 1117 (9th Cir. Apr. 14, 2020)

Thursday, November 5, 2020

Climate Change: Business Continuity Challenges

We have been using your Disaster Recovery and Business Continuity Plan. It covers everything we need. Recently, our meetings have been focused on climate change and its effects on our company. Being in California, most of us in our company have come to realize that climate change is causing business interruptions for us.

I head up our compliance team, and we use your Business Continuity Checklist in connection with the Disaster Recovery and Business Continuity Plan in developing our infrastructure strategies. This is definitely the best checklist we have found to work with.

Although the Plan covers the various ways to protect our company in the case of a disaster or business disruption, we were wondering, would you provide a new section in the Checklist that is devoted to climate change?

What a great question! The Business Continuity Plan Checklist & Workbook (Includes COVID-19 Pandemic Response) was first published on March 16, 2020, and Update # 7 was published on May 26, 2020, consisting of 208 pages. The Checklist is complimentary, principally because I felt that it is obscene to charge people for it in the middle of a pandemic. Our company does not put profit over people. 

It is a good idea to combine the use of the Checklist with our Disaster Recovery and Business Continuity Plan, Includes Pandemic Response. By doing so, you are strengthening your due diligence review, ensuring that the Plan reflects your business model and compliance needs, and establishing an internal self-assessment process. All good!

Since May, we have been waiting for a stimulus bill to pass, and that is why the Checklist has not been updated. There have been developments other than the stimulus bill, of course, but that bill is important to keeping employees financially able to survive and companies economically capable of survival. Unfortunately, the House sent the bill to the Senate where it found a reluctant response and tedious negotiations. Indeed, even in the midst of a pandemic and extreme hardships, the Senate put off working on the bill.

Given your request, we are publishing today Update # 8 of the Checklist, providing a new section on climate change. In the future, I may update it again for other developments since May as well as any dispositive results regarding the stimulus bill. So, I suggest you download now the free Update # 8 version of the Checklist, which contains the new climate change section. 

To get the free Checklist, click here.

To order the Plan, click here.

Banking departments have taken it upon themselves to consider the risks of climate change with respect to events that could cause severe interruption of financial activities. I have no doubt that these actions will eventually be extrapolated into examination and enforcement.

A very good model has recently been provided by the NYS Department of Financial Services. On October 29, the NYSDFS issued a letter to state-regulated financial institutions, which provides background information for, and outlines the NYSDFS’s expectations, regarding climate change risk.[i] The department outlines the various physical and transition risks that are brought about by climate change. According to the letter, the types of assets that can be at risk due to weather events are mortgage loans, commercial real estate loans, agricultural loans, and derivatives portfolios.

In addition, the letter highlights that climate change could “negatively impact the balance sheets of regulated non-depositories through adverse impact on the businesses of their customers, including their loss of income, as well as any devalued investments due to physical or transition risks.”

It is important to note that the letter outlines the NYSDFS’s “expectation(s)” with respect to regulated organizations and regulated non-depositories, including incorporating financial risk from climate change into governance frameworks and risk management processes, and suggests that non-depositories develop strategic plans for the effects of climate change.

In banking department parlance, the word “expectation” does not mean assumes, forecasts, intends, predicts, promises, views, supposes, or hopes – it means one thing and one thing only: obligation

Do not wait for an examination to punch holes in your risk prevention efforts with respect to climate change!

So, let me set forth the essential features of the NYSDFS’s guidelines. If you are one of the 1,500 banking and financial institutions regulated by the NYSDFS, take heed. And if you are not regulated by the NYSDFS, also take heed, because it is very likely your state’s banking department will follow a similar course.

The department includes the expectations for all regulated organizations as well as the expectations for regulated non-depositories.

Expectations: All Regulated Organizations

1. Integrate the financial risks from climate change into the governance frameworks, risk management processes, and business strategies.

a. For example, regulated organizations should designate a board member, a committee of the board (or an equivalent function), as well as a senior management function, as accountable for the organization’s assessment and management of the financial risks from climate change.

b. This should include an enterprise-wide risk assessment to evaluate climate change and its impacts on risk factors, such as credit risk, market risk, liquidity risk, operational risk, reputational risk, and strategy risk; and

2. Develop the approach to climate-related financial risk disclosure and consider engaging with the Task Force for Climate-related Financial Disclosures[ii] framework and other established initiatives when doing so.

If you are not familiar with the Task Force, referred to by its acronym TCFD, it is an important initiative of the Financial Stability Board. The TCFD has developed a framework to help public companies and other organizations more effectively disclose climate-related risks and opportunities through their existing reporting processes. To do so, it provides guidance with respect to governance, strategy, risk management, and metrics and targets.

Expectations: All Regulated Non-Depositories

Conduct a risk assessment of the physical and transition risks of climate change, whether directly impacting them, or indirectly due to the disruptive consequences of climate change in the communities they serve and on their customers, such as business disruptions, out-migrations, loss of income, and higher default rates, supply chain disruptions, and changes in investor and consumer sentiments, and start developing strategic plans, including an outline of such risks, the impact on their balance sheets, and steps to be taken to mitigate such risks.

The NYSDFS letter ends with these words from Linda Lacewell, Superintendent:

"The challenge ahead is great, but we know from experience that together we can meet it. Mitigating the financial risks from climate change is a critical component of creating a stronger industry and a healthier and safer world for ourselves, our families, and future generations. There is no more time to wait. Let’s get to work."

I wholeheartedly agree! Let’s get started. 

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

[i] Climate Change and Financial Risks, Letter, New York State Department of Financial Services, 10.29.20
[ii] Task Force for Climate-related Financial Disclosures

Thursday, October 29, 2020

Disaster Recovery and Business Continuity

We are a mortgage lender in the northwest. Our largest investor asked us for a Disaster Recovery Plan and a Business Continuity Plan.

We sent them the former because we consider it the same as the latter. While the investor accepted that we have a Disaster Recovery Plan, it rejected it as being also a Business Continuity Plan. We always thought these plans were basically the same thing.

Now we are scrambling to get them a Business Continuity Plan.

So, what is the difference between a Disaster Recovery Plan and a Business Continuity Plan?

It may seem like a Disaster Recovery Plan is just another way of saying Business Continuity Plan. But they are fundamentally different, and each serves different purposes. Both plans should interface with each other in complementary ways.

You cannot expect a Disaster Recovery Plan to act as a proxy for a Business Continuity Plan. Nor can you use a Business Continuity Plan to act as a proxy for a Disaster Recovery Plan. If you try that tactic with regulators, they will cite you with adverse findings. If you are state licensed, banking departments may share those findings with other states where you’re licensed. Federal prudential regulators will also likely issue adverse results.

And what are we describing here?

We are describing how to ensure the company remains viable when faced with significant threats to its existence. So, I will give you some pointers that will help you to know the difference between these two essential documents. But be advised: just as a bird does not fly on one wing, a company cannot depend on only one of these plans. It must have both!

Our firm has identified six factors to disaster recovery and business continuity. 

These are:

1. Disaster Planning

2. Business Impact Analysis

3. Business Continuity management

4. Business Continuity Plan

5. Recovery Time Objectives

6. Deployment

Without getting too detailed about each of these factors, I am going to focus on your specific question, which is: what is the difference between a Disaster Recovery Plan and a Business Continuity Plan?

Let’s begin with this concept: every Business Continuity Plan (BCP) contains a Disaster Recovery Plan (DRP). This is because the DRP is focused on data recovery and integrity, whereas the BCP is focused not only on data recovery and integrity but also on the many elements involved in the continuation of a business enterprise. Think of it this way: the BCP is business-centric, whereas the DRP is data-centric.

The BCP resolves certain tactical questions involving business operations confronted with the disruption of the business entity, such as:

- Does the company have a business continuity plan in place for continuation?

- Who are the management and staff personnel in charge of business operations?

- How does the company respond to vendors and third-party relationships?

- What challenges are anticipated and readied to fulfill obligations?

- How does the company maintain customer loyalty and public confidence?

- What aspects of the company need to be first recovered to stay in business?

- How prepared is the company to operate remotely?

- What are the financial costs of downtime to the company?

Some of the foregoing depend on the ability of the company to recover its data quickly, effectively, and broadly. If the DRP is flawed, all of that is imperiled; to wit, loss of reliability, diminished scope, inability to scale up, and persistence of downtime after the disruption has passed. Typical disasters and disruptions are wars, terrorist attacks, storms, hurricanes, tornados, pandemics, epidemics, fires, earthquakes, electric outages, and floods.

From the point of the various risks – for instance, risks to reputation, legal, regulatory, operational, financial, compliance, security, fraud, and competition – failure to implement the requirements of a DRP and BCP could mean the company will not survive the disaster.

The DRP resolves specific tactical questions involving data recovery and data integrity if there is a disruption of the business entity, such as:

- Does the company have a disaster recovery solution in place for its data?

- Can the company rely on and trust the data that is recovered?

- How long will it take to recover the data from backup solutions?

- What is the projected downtime caused by the impedance to data?

- Is there an offsite copy or data center for managing data?

- What are the recovery goals and staged recovery plans?

- Are applicable network resources available to users?

- Are critical systems identified and prioritized?

It doesn’t matter if the DRP and the BCP are in separate documents or situated as sections in a single document. Many companies choose to combine them for ease of use and training of employees. Lenders Compliance Group has three primary elements in a single document: disaster recovery; business continuity; and pandemic response. More information HERE.

Whatever the case, it is essential to keep these plans updated, as multifarious new requirements and challenges present themselves in an ongoing, dynamic business environment.

Ideally, a BCP due diligence should begin with a Business Impact Analysis (BIA). Although it has a kind of ominous title, this process is no more than a set of procedures that identify how a disaster could impact a company. If that is not known, how can the company develop strategies to survive a disruptive event?

Then, it is important to use the BIA to design survival strategies. This is done by filling the gaps in the existing capabilities by mitigating them through using the BIA recommendations. Next, develop a plan, which reduces to writing the ways and means to ensure business continuity. That plan should be made available to all affected employees. Finally, the company should test the plan periodically, simulate a disruption, and learn from each test how to improve.

Ideally, a DRP review undertakes an evaluation of a company’s ability to tolerate minor to major data failures. It considers such adverse events as hacking, malware, data corruption, data breaches, and many potential IT infrastructure failures. As a subset of the BCP, the DRP is meant to keep the business running, reducing the effects of the disruption, and allowing the company to gradually emerge from a disaster intact and capable of continuation.

Whereas the BCP aims at an overall approach to surviving a disaster, the DRP must proceed along certain steps to effectuating its design. The process begins with outlining needs and objectives; that is, the DRP must reflect the company’s business model, meet risk analysis guidelines, determine the files and infrastructure features to maintain, and set forth some of the threats it seeks to mitigate. Without that information, it is not really possible to restore information adequately or regain productivity.

Then, the DRP needs to take stock of its components, such as hardware; software; and data. Finally, the plan should be developed with specificity, clarity, practicality, and ease of use. Affected employees should be trained appropriately, and, importantly, ongoing monitoring and testing must be implemented.

There is a natural ebb and flow to updating the DRP and BCP. Keep them updated as changes occur in the business model, regulatory and legal environment, and technology. Management should be focused like a laser beam on Disaster Recovery and Business Continuity.

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

Friday, October 23, 2020

COVID-19 Online Resources

We purchased your Business Continuity Plan recently. Over the last few weeks, we have been using it as a guide. We like the idea that one of the Directors spends time with us at the outset to make sure we understand the plan’s requirements. 

Now, we are building an online website for our employees to handle disaster recovery, business continuity, and pandemic issues. We want a website page with resources for all these areas, and especially we need resources for the COVID-19 challenges. 

Your Business Continuity Plan Checklist provides a huge number of resources and informative links. 

Do you have any suggested COVID-19 links that we can put on our new website?

Thank you for this question, as it gives me a chance to provide some additional feedback. I think you should be using - 

(A) our complimentary Checklist – Business Continuity Plan Checklist (Includes COVID-19 Pandemic Response) – along with -

Taken together, they provide a considerable amount of information that will strengthen your business continuity as well as your pandemic response.

The Checklist is now 208 pages and is on Update # 7. Update # 8 will be published as soon as the next stimulus is signed into law. The Plan is available, of course, and one of our Directors does a “walkthrough” with you to answer questions and show you how to use it.

I do have some suggested resource links that, in my view, should be placed on your new website. It is a good idea to notify your visitors that a new link has been added. Keep your visitors current all the time, because the pandemic is dynamic, meaning it spreads and mutates in complex ecosystems. Today’s medical and statistical information may differ from yesterday’s analyses.

Following basic hygienic guidelines will not change: wear protective masks (viz., protect yourself and others), maintain social distancing, wash hands, avoid meetings where people are arranged closely together, stay clear of settings where aerosol transmission easily happens. 

Be alert to changes in federal and state responses to the coronavirus, as politics has unfortunately been contaminating scientifically derived guidance. That places an extra burden on your website because visitors are going there for facts, not politics; and they want reliable scientific and medically reliable resources, not controversy and opinions.

Providing online resources is a great idea. Don’t be concerned if some visitors dispute the reliability of some links. People tend toward confirmation bias, so they screen out what they don’t want to believe. Don’t be surprised if some visitors say they do not believe in science. Science is not a belief; it is not subject to faith; it does not accept unfalsifiable theories. To date, the scientific method is the best means known to humankind to validate and verify physically identifiable aspects of life. Give visitors a chance to use the links, and most of them will be grateful that your organization takes everyone’s health and welfare seriously.

The following are some online links that I suggest you consider for the COVID-19 pandemic. They run the range from statistical information to preparation and also to progress regarding treatments and vaccines. – Tracking COVID-19  

Coronavirus Dashboard 

Coronavirus Tracker  

COVID-19 Tracking Project

COVID World Map, The Guardian – Coronavirus 

Johns Hopkins – DOVID-19 Dashboard 

Rt (Effective Reproduction Number) 

Worldometer – Coronavirus (Countries) 

Worldometer – Coronavirus (USA) 

Worldometer – Coronavirus (World) 

A word about the Rt (Effective Reproduction Number) listed above. 

The statistic, Rt, measures how fast the virus is growing. It is the average number of people who become infected by an infectious person. If Rt is above 1.0, the virus will spread quickly. If Rt is below 1.0, the virus spread slows down and eventually stops. The idea is that it is not possible to capture the exact moment when somebody becomes infected. Instead, scientists do a sort of reverse engineering. Thus, data such as derived from testing, hospital admissions, and deaths, are used to estimate the velocity of propagation of the virus.

Mathematically, if the Rt (effective reproduction number) is greater than one (viz., >1.0), the rate of spread increases exponentially; that is, the rate of change accelerates rapidly, and the virus propagates quicker and quicker. 

Medically, this means that there are more and more infections and many more deaths involving the coronavirus and deaths related to comorbidities - the coexistence of two or more disease processes (such as heart disease, diabetes, asthma, cancer) - affected by the coronavirus infection.

Economically and logistically, any population growing exponentially must, sooner or later, encounter shortages of various resources, such as beds in ICU, availability of medications, medical staff, medical supplies, and gradual financial incapacitation. 

It is only by bringing the effective reproduction rate down that we can return to some semblance of normality. Monitor the Rt for your state, and proceed with appropriate caution and care.

Finally, I recommend that you hold periodic calls to discuss the new website, particularly emphasizing your company’s safe hygiene plans. Encourage questions and suggestions. Act as a team, as a corporate family, and you will get through the pandemic knowing that you have done all you could to ensure a safe and healthy world for you, your colleagues, and your families.

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

Thursday, October 15, 2020


We are involved in doing an annual update of the policy for the Fair Credit Reporting Act. During this review, we realized that we did not have a section for the CARES Act. Our compliance department provided guidance all along in implementing the requirements, but nobody had yet updated the policy itself.

We are writing to you to get some guidance on the important areas to cover in our FCRA policy with regard to the CARES Act. I realize you can’t discuss every possibility, but some general guidance would really be appreciated.

What are some important FCRA compliance areas that must be implemented in regard to the CARES Act?

In my view, policy documents should be reviewed annually and updated periodically as changes occur in applicable laws, rules, best practices, regulations, and implications of case law – federal and state. It seems you’re on the right track, inasmuch as you are doing an annual update, which, in this instance, helps to show the need for an additional section.

Congress enacted the Coronavirus Aid, Relief, and Economic Security Act (“CARES Act”).[i] It was a $2.2 trillion economic stimulus bill passed by the 116th U.S. Congress. It was signed into law by the President on March 27, 2020, in response to the economic challenges caused by the COVID-19 pandemic in the United States. We have outlined it at length in our complimentary Business Continuity Plan with Pandemic Response.

Thus, Congress passed the CARES Act to minimize the impact of the COVID-19 pandemic. The CARES Act places essential requirements on companies that furnish information to consumer reporting agencies about consumers affected by the COVID-19 pandemic.[ii]

Briefly described, the CARES Act initially included spending of $300 billion in one-time cash payments to individual Americans (with most single adults receiving $1,200 and families with children receiving more), $260 billion in increased unemployment benefits, the creation of the Paycheck Protection Program that provides forgivable loans to small businesses with an initial $350 billion in funding (later increased to $669 billion by subsequent legislation), $500 billion in aid for large corporations, and $339.8 billion to state and local governments. Lawmakers refer to it as Phase 3 of Congress's coronavirus response.[iii]

On April 1, 2020, the CFPB issued a document with a title worthy of a gargantuan Elizabethan treatise: 

Statement on Supervisory and Enforcement Priorities 
Regarding the Fair Credit Reporting Act
and Regulation V
in Light of the CARES Act.[iv] 

In this issuance, the CFPB sought to inform furnishers of their responsibilities under the CARES Act amendments to the Fair Credit Reporting Act (FCRA), stating that the “Bureau expects furnishers to comply with the CARES Act.” Under the CARES Act’s amendments to the FCRA, a consumer whose account was not previously delinquent is current on their loan if they have received an “accommodation” and make any payments the accommodation requires. 

Therefore, the CFPB has issued substantive guidance on consumer reporting during the COVID-19 pandemic. It issued its own FAQs to address the responsibilities companies have under the CARES Act and the Fair Credit Reporting Act (FCRA) when they furnish information to consumer reporting agencies about consumers impacted by the crisis.[v] The FAQ was meant to be a “Compliance Aid” – which is CFPB Newspeak for Consult a Compliance Professional.

Here are a few important provisions to put into the new FCRA section relating to the CARES Act. I provide some citations for you to reference in your research and policy development.

Furnishers must report as current certain accounts for consumers affected by the pandemic. The CFPB expects furnishers to comply with the CARES Act, and it is enforcing the FCRA, as amended by the CARES Act, and its implementing regulation, Regulation V.

Violations of the FCRA
The FCRA requires furnishers and consumer reporting agencies to conduct investigations of disputes within specified timeframes. Furnishers and consumer reporting agencies remain responsible for conducting reasonable investigations of consumer disputes in a timely fashion. CFPB expects furnishers and consumer reporting agencies to make good faith efforts to investigate disputes as quickly as possible when they are impacted by COVID-19.

The CARES Act addresses accommodations to consumers impacted by COVID-19. An accommodation includes any payment assistance or relief granted to a consumer who is affected by the COVID-19 pandemic during the period from January 31, 2020, until 120 days after the termination of the COVID-19 national emergency declared by the president on March 13, 2020 under the National Emergencies Act.[vi] Such an accommodation includes, for instance, agreements to defer one or more payments, make a partial payment, forbear any delinquent amounts, or modify a loan or contract.[vii]

Pandemic Accommodations
Under the CARES Act, there is a requirement that furnishers provide accommodations to consumers impacted by the pandemic. The CARES Act requires accommodations for two specific types of loans: (1) consumers with a federally backed mortgage loan (as that term is defined in the CARES Act) may obtain a forbearance from their mortgage servicer upon request, and the borrower’s attestation of a financial hardship due to the COVID-19 emergency;[viii] and (2) the CARES Act provides automatic suspension of principal and interest payments on federally held student loans through September 30, 2020.[ix]

Reporting Obligations
If the credit obligation or account was current before the accommodation, during the accommodation the furnisher must continue to report the credit obligation or account as current. If the credit obligation or account was delinquent before the accommodation, during the accommodation the furnisher cannot advance the delinquent status.

Reporting Considerations
If furnishers are reporting information about a credit obligation or account that is current, they should consider all of the trade line information they furnish that reflects a consumer’s status as current or delinquent. For instance, information that a furnisher provides about an account’s payment status, scheduled monthly payment, and the amount past due may all need to be updated to accurately reflect that a consumer’s account is current consistent with the CARES Act.[x]

Special Comment Codes
Reporting of accommodations simply by using a special comment code to report a natural or declared disaster or forbearance is not permitted. Furnishing a special comment code indicating that a consumer with an account is impacted by a disaster or that the consumer’s account is in forbearance does not provide consumer reporting agencies with the information required by the CARES Act and, therefore, furnishing such a comment code is not a substitute for complying with the requirements.

Product Line Reporting
A furnisher may want to report all of their consumers’ accounts or all of their consumers’ accounts in a particular product line as in forbearance. However, the CFPB cautions against this approach, as it may increase the risk of inaccurate reporting and customer confusion.[xi]

Reporting Delinquencies and Terminations 
The consumer reporting protections of the CARES Act continue to apply to the time period that was covered by the accommodation after the accommodation ends. Assuming payments were not required or the consumer met any payment requirements of the accommodation, a furnisher cannot report a consumer that was reported as current pursuant to the CARES Act as delinquent based on the time period covered by the accommodation after the accommodation ends. A furnisher also cannot advance the delinquency of a consumer that was maintained pursuant to the CARES Act based on the time period covered by the accommodation after the accommodation ends.

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

[i] Pub. L. 116-136
[ii] The CFPB previously issued a statement informing lenders that they must comply with the credit reporting requirements of the CARES Act. The CFPB released FAQs on June 16, 2020, to “ensure that consumers receive the credit reporting protections required by the CARES Act.”
[iii] Phase 1 was an $8.3 billion bill spurring coronavirus vaccine research and development (the Coronavirus Preparedness and Response Supplemental Appropriations Act, 2020), which was enacted on March 6, 2020. Phase 2 was an approximately $104 billion package largely focused on paid sick leave and unemployment benefits for workers and families" (the Families First Coronavirus Response Act), which was enacted on March 18, 2020.
[v] The FAQs can be accessed at
[vi] CARES Act, Pub. L. 116-136, section 4021, codified at FCRA section 623(a)(1)(F)(i)(I), 15 U.S.C. 1681s-2(a)(1)(F)(i)(I)
[vii] Idem
[viii] See Joint Statement on Supervisory and Enforcement Practices Regarding the Mortgage Servicing Rules in Response to the COVID-19 Emergency and the CARES Act, April 3, 2020, CFPB, FRB, FDIC, NCUA, OCC, CSBS See also The Bureau’s Mortgage Servicing Rules FAQS related to the COVID-19 Emergency, CPFB, April 3, 2020
[ix] For more information on the CARES Act requirement to suspend payments for Federally held student loans, see CARES Act, Pub. L. 116-136, section 3513.
[x] See FCRA section 623, 15 U.S.C. 1681s-2; 12 CFR part 1022, subpart E
[xi] Idem

Thursday, October 8, 2020

Marketing Services Agreements: RESPA Section 8 Pitfalls

We are a large mortgage lender that uses a Marketing Service Agreement (“MSA”) in many relationships. I am the company’s General Counsel. We have a Compliance Manager. 

Recently, the Consumer Financial Protection Bureau (CFPB) cited us for violations of RESPA Section 8 with respect to defective MSAs. I realize that this is a highly litigious area. We have retained outside counsel for these agreements, yet we still seem to be locking horns with the CFPB.

My staff and the compliance people are avid readers of your Mortgage FAQs. We believe that you can shed additional light on how to go about training our management on the risks of MSAs.

We are drafting a PowerPoint for our Executive Management on the risks associated with MSAs. In preparing it, we would like to get your view of the following four areas in particular.

(1) What are Marketing Services Agreements?

(2) What distinction may be made between referrals and marketing services?

(3) What criteria may be applied to determine if an MSA is unlawful?

(4) Are there some examples of MSAs that are prohibited?

Thank you for your question. The risks relating to MSAs are enormous not only in incurring potential litigation but also in operational, strategic, financial, and regulatory risks. Enter these waters very cautiously and guardedly. If you are not thoroughly versed in MSAs, bring in legal counsel or highly competent compliance professionals to guide you. As General Counsel, you must understand that MSAs have far-reaching implications beyond contract law.

I will answer each of your questions with the proviso that you understand I cannot here provide legal advice and my remarks are not to be construed as such. Each MSA must be separately evaluated, and the entire corporate and legal structure on which each and every MSA sits must be taken into consideration.

(1) What are Marketing Services Agreements?

First, let us define a Marketing Services Agreement (“MSA”). It is an agreement that commonly involves an arrangement where a person or entity agrees to market or promote the services of another and receives compensation in return.

MSAs may involve only settlement service providers or may also involve third parties that are not settlement service providers. For instance, an MSA exists when a mortgage loan originator agrees to market or promote the services of a real estate agent in return for compensation.

Now, what is a lawful MSA? A lawful MSA is an agreement for the performance of marketing services where the payments under the MSA are reasonably related to the value of services actually performed.[i] To be clear, this is distinguished from an MSA that – whether oral, written, or indicated by a course of conduct, and looking to both how the MSA is structured and how it is implemented – involves an agreement for referrals. But, unlike referrals, marketing services are compensable services under RESPA.[ii]

Moreover, when a person performing settlement services receives payment for performing marketing services as part of a real estate transaction, the marketing services must be actual, necessary, and distinct from the primary services performed by the person. These marketing services cannot be nominal, and the payments cannot be for a duplicative charge or referrals.[iii]

(2) What distinction may be made between referrals and marketing services?

This is a fact-specific question as to whether a particular activity is a referral or a marketing service for purposes of the analysis under RESPA Section 8(a).

In RESPA Section 8(a), referrals include any oral or written action directed to a person where the action has the effect of affirmatively influencing the selection of a particular provider of settlement services or business incident thereto by a person paying a charge attributable to the service or business.[iv] For instance, referrals include a settlement service provider directly handing clients the contact information of another settlement service provider that happens to result in the client using that other settlement service provider.

However, a marketing service is not directed to a person; rather, it is generally targeted at a wide audience. Thus, placing advertisements for a settlement service provider in widely circulated media (i.e., a newspaper, a trade publication, or a website) is a marketing service.

MSAs that involve payments for referrals are prohibited under RESPA Section 8(a), whereas MSAs that involve payments for marketing services may be permitted under RESPA Section 8(c)(2), based on the facts and circumstances of the structure and implementation. In furtherance of explicating this question about referrals and marketing services, please read my answers to questions (3) and (4).

(3) What criteria may be applied to determine if an MSA is unlawful?

MSAs are not referenced in RESPA or Regulation X. Although entering into, performing services under, and making payments under MSAs are not, by themselves, prohibited acts under RESPA or Regulation X, the determination of whether an MSA itself or the payments or conduct under an MSA is lawful depends on whether it violates the prohibitions under RESPA Section 8(a) or RESPA Section 8(b), or is permitted under RESPA Section 8(c). And that analysis under RESPA Section 8 depends on the facts and circumstances, including the details of the MSA and how it is both structured and implemented.

The following describes how specific provisions of RESPA may be used to frame that analysis.

Under RESPA Section 8(a), if an MSA involves an agreement or understanding to refer business incident to or part of a settlement service in exchange for a fee, kickback, or thing of value, then the MSA or conduct under the MSA is prohibited. Therefore, this includes, but is not limited to, agreements structured or implemented to provide payments based on the number of referrals received.

Under RESPA Section 8(b), if the MSA serves as a method of splitting charges made or received for real estate settlement services in connection with a federally related mortgage loan, other than for services actually performed, the MSA or the conduct under the MSA is prohibited. MSAs would violate RESPA Section 8(b) if they disguise kickbacks by purporting to provide payment for services, but a split charge is paid even though the person receiving the split charge does not actually perform services. Or, a violation of RESPA Section 8(b) occurs if the services are performed, but the amount of the split charge exceeds the value of the services performed by the person receiving the split.

Under RESPA Section 8(c)(2), however, if the MSA or conduct under the MSA reflects an agreement for the payment for bona fide salary or compensation or other payment for goods or facilities actually furnished or for services actually performed, the MSA or the conduct is not prohibited.[v]

RESPA Section 8(c)(2) does not apply to MSAs that involve payments for referrals because they are not agreements for marketing services actually performed. RESPA Section 8 does not prohibit payments under MSAs if the marketing services are actually provided, and if the payments are reasonably related to the market value of the provided services only.

Note: Under Regulation X, the value of the referral (i.e., any additional business that might be provided by the referral) cannot be taken into consideration when determining whether the payment has a reasonable relationship to the value of the services provided.[vi]

(4) Are there some examples of MSAs that are prohibited?

Obviously, there are a plethora of scenarios where MSAs are prohibited.

Let’s reiterate that an MSA can be lawful under RESPA if it is structured and implemented consistently as an agreement for the performance of actual marketing services and where the payments under the MSA are reasonably related to the value of the services performed.[vii]

However, MSAs can be unlawful when entered into based on their structure or can become unlawful based on how they are implemented. The CFPB has enforced violations of RESPA Section 8 in investigations that involved the use of oral or written MSAs. An MSA is or can become unlawful if the facts and circumstances show that the MSA as structured, or the parties’ implementation of the MSA – in form or substance, and including as a matter of course of conduct – involves the following features:

  • An agreement to pay for referrals.
  • An agreement to pay for marketing services, but the payment is in excess of the reasonable market value for the services performed.
  • An agreement to pay for marketing services, but either as structured or when implemented, the services are not actually performed, the services are nominal, or the payments are duplicative.
  • An agreement designed or implemented in a way to disguise the payment for kickbacks or split charges.
Consider this scenario: a lender enters into an MSA with a real estate agent that also makes referrals to the lender. The MSA requires the real estate agent to perform marketing services, including deciding on and coordinating direct mail campaigns and media advertising for the lender. But, the real estate agent either does not actually perform the MSA’s identified marketing services or the real estate agent is paid compensation that is in excess of the reasonable market value of those marketing services.

In this scenario, the lender and real estate agent would not meet the standard in RESPA Section 8(c)(2), because the marketing services are not actually provided or the payments are not reasonably related to the value of the marketing services provided.[viii] Furthermore, in this scenario if the MSA was structured or implemented as a way for the lender to compensate the real estate agent for client referrals to the lender, the MSA would violate RESPA Section 8(a).

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group
[i] 12 USC § 2607(c)(2); 12 CFR § 1024.14(g)(1)(iv)
[ii] 12 CFR § 1024.14(b) and (g)(2)
[iii] 12 CFR § 1024.14(b), (c), and (g)(3)
[iv] 12 CFR § 1024.14(f)(1)
[v] 12 USC § 2607(c)(2); 12 CFR § 1024.14(g)(1)(iv)
[vi] 12 CFR § 1024.14(g)(2). See also 12 CFR § 1024.14(b)
[vii] 12 USC § 2607(c)(2); 12 CFR § 1024.14(g)(1)(iv) and (g)(2)
[viii] 12 CFR § 1024.14(g)(1)(iv)