Debt Collection Acts and Regulations

QUESTION

I am an associate in the compliance department of a mortgage lender. We are a nonbank lender licensed in 40 states. Our company is involved in originating and servicing loans. 

I have been updating our debt collection policy. Reading through it, I found several gaps in areas covered by federal law. But I am not sure I’ve got them all! 

I need help getting a list of the laws involved in debt collection. I hope you can assist. 

What are the federal laws relating to debt collection? 

ANSWER

Many financial institutions and other entities engage in debt collection, including originating creditors, third-party collectors, debt buyers, and collection attorneys. 

Here is a non-comprehensive bullet list of the variety of such businesses: 

·       Originating creditors that attempt to obtain payment from the consumer, typically by sending letters and making telephone calls to convince the consumer to pay; 

·       Originating creditors that outsource the collection of debt to third-party collection agencies or attorneys or sell the debt to debt buyers after an account has been delinquent for a period of time; 

·       Third-party collection agencies that collect debt on behalf of originating creditors or other debt owners, often on a contingency fee basis; 

·       Debt buyers that purchase debt, either from the originating creditor or from another debt buyer, usually for a fraction of the balance owed; 

·       Debt buyers that sometimes use third-party collection agencies or collection attorneys to collect their debt but may also undertake their own collection efforts; 

·       Debt buyers that decide to sell purchased debt to another debt buyer. 

The Dodd-Frank Act (Act) gave the Consumer Financial Protection Bureau (CFPB) supervisory authority over various types of institutions that may engage in debt collection, including certain depository institutions and their affiliates, and nonbank entities in the residential mortgage, payday lending, and private education lending markets, as well as their service providers. The Act also gave the CFPB supervisory authority over “larger participants” of markets for consumer debt collection, as the CFPB defines by rule, and their service providers.[i] 

The CFPB issued a larger participant regulation in the consumer debt collection market.[ii] The consumer debt collection larger participant rule[iii] provides that a nonbank covered person is a larger participant in the consumer debt collection market if the person’s annual receipts from consumer debt collection – as defined in the rule – are more than $10 million. 

The entities that the CFPB supervises must comply with several primary laws to the extent applicable. I will provide a brief description of each. 

Fair Debt Collection Practices Act (FDCPA) 

The FDCPA governs collection activities and prohibits deceptive, unfair, and abusive collection practices. The FDCPA applies to entities that constitute “debt collectors,” which generally include: 

·       Third parties such as collection agencies and collection attorneys collecting on behalf of lenders; 

·       Lenders collecting their own debts using an assumed name; and 

·       Collection agencies that acquire debt at a time when it is already in default. 

The FDCPA applies to debts incurred or allegedly incurred primarily for the consumer’s personal, family, or household purposes. 

Fair Credit Reporting Act (FCRA) 

The FCRA and its implementing regulation, Regulation V, require that furnishers of information to consumer reporting agencies follow reasonable policies and procedures regarding the accuracy and integrity of data they place in the consumer reporting system. The FCRA and Regulation V require furnishers and consumer reporting agencies to handle disputes and impose other obligations on furnishers, consumer reporting agencies, and users of consumer reports. 

Gramm-Leach-Bliley Act (GLBA) 

The GLBA and its implementing regulation, Regulation P, impose limitations on when financial institutions can share nonpublic personal information with third parties. Also required under certain circumstances, financial institutions must disclose their privacy policies and permit customers to opt out of certain sharing practices with unaffiliated entities. 

Electronic Fund Transfer Act (EFTA) 

The EFTA and its implementing regulation, Regulation E, impose requirements if an institution obtains electronic payments from a consumer within the statute’s scope of coverage. 

The Equal Credit Opportunity Act (ECOA) 

The ECOA and its implementing regulation, Regulation B, apply to all creditors and prohibit discrimination in any aspect of a credit transaction based on race, color, religion, national origin, sex, marital status, age,[iv] receipt of public assistance income, or exercise in good faith of any right under the Consumer Credit Protection Act.[v] Credit transactions encompass “every aspect of an applicant’s dealings with a creditor regarding an application for credit or an existing extension of credit,” and include “revocation, alteration, or termination of credit” and “collection procedures.”[vi] 

A word about Unfair, Deceptive, or Abusive Acts or Practices (UDAAP). There are risks to consumers that may include potentially unfair, deceptive, or abusive acts or practices. In your debt collection policy, I suggest you have risk assessment procedures regarding UDAAP and include CFPB information about the legal standards and its approach to examining for UDAAP. The particular facts and circumstances in a case are crucial to determining UDAAP. Institutions should determine whether the applicable legal standards have been met before a UDAAP violation is cited.

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director 

Lenders Compliance Group

---

[i] 12 USC 5514(a)(1)(B)

[ii] On October 24, 2012

[iii] 12 CFR Part 1090, effective January 2, 2013

[iv] Provided the applicant has the capacity to contract.

[v] 12 CFR 1002.2(z), 1002.4(a)

[vi] 12 CFR 1002.2(m)

Debt Collection Laws

QUESTION

I see that the CFPB has been busy with debt collection issues. We are a lender that also does some servicing. We have a few questions. First, who is considered a debt collector? Second, how does the CFPB get involved in handling debt collection problems? And, three, what are the laws that apply to debt collection?

ANSWER

Debt collection compliance should be fully understood and implemented by a variety of entities, including originating creditors, third-party collectors, debt buyers, and collection attorneys, engage in debt collection.

Here are the salient entities:

• Originating creditors attempting to obtain payment from the consumer, typically by sending letters and making telephone calls to convince the consumer to pay.
• Originating creditors that outsource the collection of debt to third-party collection agencies or attorneys or sell the debt to debt buyers after an account has been delinquent for a period of time.
• Third-party collection agencies collecting debt on behalf of originating creditors or other debt owners, often on a contingency fee basis.
• Debt buyers purchasing debt, either from the originating creditor or from another debt buyer, usually for a fraction of the balance owed.
• Debt buyers using third-party collection agencies or collection attorneys to collect their debt, or undertaking their own collection efforts.
• Debt buyers selling purchased debt to another debt buyer.

The CFPB is directly involved in the examination and enforcement of debt collection compliance. The Dodd-Frank Act (DFA) gave the CFPB supervisory authority over many types of institutions that may engage in debt collection, including certain depository institutions and their affiliates; nonbank entities in the residential mortgage, payday lending, and private education lending markets; and, of course, their service providers. The DFA also gave the CFPB supervisory authority over “larger participants” of markets for consumer debt collection, as the CFPB defines by rule, and their service providers. [12 U.S.C. 5514(a)(1)(B)]

On October 24, 2012, the CFPB issued a larger participant regulation in the market of consumer debt collection. The consumer debt collection larger participant rule, as appearing 12 CFR Part 1090, was effective January 2, 2013. It provides that a nonbank covered person is a larger participant of the consumer debt collection market if the person’s annual receipts resulting from consumer debt collection – as defined in the rule – are more than $10 million.

Concerning the laws related to debt collection, when supervised entities seek to collect debt from consumers, those entities must comply with various laws to the extent applicable, including: 

• The Fair Debt Collection Practices Act (FDCPA). The FDCPA governs collection activities and prohibits deceptive, unfair, and abusive collection practices. The FDCPA applies to entities that constitute “debt collectors” under the Act, which generally includes:

-Third parties such as collection agencies and collection attorneys collecting on behalf of lenders;

-Lenders collecting their own debts using an assumed name; and

-Collection agencies that acquire debt at a time when it is already in default.

Please note, the FDCPA applies to debts incurred or allegedly incurred primarily for the consumer’s personal, family or household purposes.

• The Fair Credit Reporting Act (FCRA). The FCRA and its implementing regulation, Regulation V, require that furnishers of information to consumer reporting agencies follow reasonable policies and procedures regarding the accuracy and integrity of data they place in the consumer reporting system. The FCRA and Regulation V require furnishers and consumer reporting agencies to handle disputes and impose other obligations on furnishers, consumer reporting agencies, and users of consumer reports. 
• The Gramm-Leach-Bliley Act (GLBA). The GLBA and its implementing regulation, Regulation P, impose limitations on when financial institutions can share nonpublic personal information with third parties. They also require under certain circumstances that financial institutions disclose their privacy policies and permit customers to opt out of certain sharing practices with unaffiliated entities. 

ACH Transactions: Disclosure Requirements

QUESTION

In revising our EFT policy, we want to be sure we have sections for all the areas involving ACH transactions. Also, we want to begin the policy with the types of information that must be disclosed to a consumer or financial institution. What are the areas involving ACH transactions? Also, what types of information must be disclosed?

ANSWER

The Electronic Fund Transfer Act (EFTA) establishes the rights, liabilities, and responsibilities of consumers and financial institutions as they relate to electronic fund transfers. Its implementing regulation is Regulation E, which is updated and enforced by the Consumer Financial Protection Bureau (CFPB). An automated clearing house or ACH transaction takes place in an electronic network for financial transactions, such as credit transfers and direct debits.

Certain ACH transactions fall under Regulation E’s definition of “electronic fund transfers.”

The ACH transactions that are subject to Regulation E are:

• Prearranged payments and deposits (PPD);
• Point-of-purchase entries (POP);
• Accounts receivable entries (ARC);
• Internet-initiated/mobile entries (WEB);
• Telephone transfer entries (TEL);
• Machine transfer entries (MTE);
• Point-of-sale (POS);
• Shared network transaction (SHR); and,
• Consumer-to-consumer or consumer-to-business international ACH transactions (IAT).

It should be noted, though, that Regulation E covers many types of electronic fund transfers, not just ACH transactions. Other types of electronic fund transfers addressed in Regulation E include telephone transfers (non-ACH), transfers made at point-of-sale terminals (non-ACH), automated teller machine (ATM) transfers, and debit card transfers. This section focuses on Regulation E as it applies to ACH transactions.

Generally, the rule or regulation that provides the greatest protection to the consumer is the one that takes precedent. In cases where there is an overlap between Regulation E and the ACH Rules, a comparison is usually made to provide clarification as to how each one applies and to indicate which one takes precedence.

With respect to the types of information that mandate disclosure, certain information must be disclosed to consumers by their financial institutions prior to the first ACH debit or credit transaction that ever posts to the consumers’ accounts. The information may be provided in a document along with other disclosure information that must be supplied to the consumer, or it may be provided as a separate document. I’ve seen both methods in active use.

The receiving depository financial institution, or RDFI, is the financial institution qualified to receive ACH entries. These institutions are required to abide by the NACHA Rules, the rules of the National Automated Clearing House Association. The RDFI interlinks the receiver's account with the card association network.

The RDFI has no way of knowing when an ACH debit or credit might be received, so our clients' ACH policies usually state that it is best to give consumers this information at the time they open an account.

At a minimum, the RDFI must provide the following information:

• A summary of the consumer’s liability when unauthorized ACH transactions are posted to his or her account;
• A contact phone number and/or address for reporting unauthorized transactions that appear on the account;
• A definition of “business days” for the financial institution;
• What types of transfers are allowed and whether there are limitations on either the dollar amount of the transfers or the number of transfers;
• Fees that may be charged for ACH transactions;
• Summary of the consumer’s right to receive receipts and periodic statements;
• Summary of the consumer’s right to place a stop payment on an ACH transaction and the procedure the consumer must follow to place the stop payment;
• The financial institution’s liability if it fails to stop payment or fails to make a certain transfer; and,
• The error resolution process the financial institution will follow when an unauthorized ACH transaction is reported. Note: The error resolution process needs to be provided not only initially, but also annually unless it is printed on every periodic statement.

Consider reviewing the appendices to Regulation E for the model forms and disclosures that financial institutions may use to assist them with compliance.

Jonathan Foxx, PhD, MBA

Managing Director

Lenders Compliance Group

Spanish Language Websites and Flyers

QUESTION

In thinking about Spanish marketing materials, is there a problem with having a Spanish website or flyers in Spanish?

ANSWER

Yes, there can be specific liabilities involved here. The risks have to do with the language barriers that exist, which can, unfortunately, lead to Regulation B violations, UDAAP violations, or EFTA violations. This is because the borrowers may understand the materials that are presented in Spanish, such as the website, but they may not understand the other materials that are not in their language, such as the disclosures. The problems arise when lenders are not executing correctly.

While it is fine to have a website in Spanish, the language must continue throughout the entire process, which would include Spanish disclosures, as well. If a lender is going to advertise in a language other than English, they will be required to provide all documents and services in Spanish for those borrowers. This pertains to the entire process, such as disclosures and interpreter services.

Institutions still have the same responsibility under these Regulations and Acts to ensure that all documentation is clear and easily understood by their clients, and ensure that there is nothing which would appear to be “Unfair” or “Deceptive”, under the UDAAP law. This would begin with advertisement, and continue on through originations, disclosures, with interpreter services and possibly through to loan servicing, if applicable, in order to assist the borrowers in their language.

There has been an increase of regulatory scrutiny for the past year on this subject. We have included some commentary to assist in the understanding of what the requirements are.

In anticipation of a CFPB examination, here is a list of some actions that should be implemented in order to enforce and promote the protection of individuals that speak languages other than English in the consumer financial marketplace, entities offering consumer financial products and services should be proactive about monitoring their operations for potential ECOA, EFTA, and UDAAP violations, as well as issues involving other potential areas of vulnerability.

• Maintain a strong compliance management and review system that includes a focus on or sensitivity to potential language discrimination issues;
• Review current communication and transaction processes to ensure that non-English speaking individuals are given equal access to all consumer financial programs and services;
• Self-identify potential ECOA and EFTA violations and remediate those practices as quickly as possible;
• Implement a process to review marketing, offering, and transactional documents and materials, as well as other consumer-facing processes such as loan origination and consumer complaint systems, to screen for potential weaknesses and vulnerabilities related to language-based discrimination;
• Limit areas where consumer-facing employees are free to exercise “subjective and unguided discretion” when interacting with non-English speaking consumers to minimize the risk of practices with unlawful discriminatory effects;
• Conduct training programs for consumer-facing employees to increase awareness of and the appropriate handling of issues involving language-based discrimination, including educating employees on the potential for fair lending issues that could arise from the failure to appropriately handle potential language barriers;
• Clearly disclose the terms of any consumer financial product or service in English and, where applicable, the consumer’s primary foreign language, and obtain translation services, as appropriate, to avoid potential issues;
• Review customer complaints for signs of systemic ECOA, EFTA, or UDAAP issues arising from language-based discrimination complaints;
• Affirmatively cooperate with federal and state regulatory authorities to address issues of concern involving potential language discrimination issues, and seek out clarity in areas in which there may be some uncertainty; and
• Ensure accountability to monitor activities, maintain compliance programs, and address potential language-based discrimination issues throughout the organization, including at the level of senior management and Board of Directors. 

Michelle Leigh

Director/Regulatory Audits and Controls

Lenders Compliance Group 

Executive Director/Servicers Compliance Group