Rhonda McGill of PerformLine: CFPB Director Rohit Chopra–A Year in Review

Rhonda McGill is Senior Director of Client Solutions with PerformLine, Morristown, N.J., respsonsible for providing regulatory and compliance solutions to clients. She has nearly 30 years of experience in the mortgage industry and with community housing organizations.

Rhonda McGill

It’s been a little over a year since the senate confirmed Rohit Chopra as the Director of the Consumer Financial Protection Bureau.

Previously serving as the Commissioner of the Federal Trade Commission, Chopra has a proven track record of being an aggressive enforcer of consumer protection. In that role, Chopra pushed for aggressive remedies against lawbreaking companies, especially repeat offenders, and worked to reverse the FTC’s reliance on no-money, no-fault settlements—and is continuing the same strategy at the CFPB as Director.

In his first year as Director of the CFPB, Chopra has taken an aggressive approach to consumer protection through market monitoring inquiries, interpretive rules, circulars, advisory notices, and enforcement actions.

Below is a recap of the Bureau’s most impactful advancements toward consumer protection under Chopra.

Launched a new way for consumers to petition for agency action

The CFPB under Chopra is taking a consumer-first approach to regulatory compliance oversight and has made it easier for consumers to engage with the Bureau and request regulatory changes. Consumers can now submit a petition for rulemaking via email or direct mail, which will then be posted on public dockets for review and comment.

The CFPB is “committed to transparency and listening to the concerns, suggestions, and ideas of the public it serves. The public’s petitions will help the CFPB identify consumer protection issues worthy of reform, rulemaking, or in need of further clarification.”

”Americans should be able to easily exercise their Constitutional rights without hiring a high-priced lawyer or lobbyist. Our new program will broaden access to the agency’s rulemaking process.”

Made fair lending a top priority

Chopra has made fair lending a top priority since being confirmed as CFPB Director through new guidelines, advisory opinions, and enforcement actions.

Outlined options to prevent algorithmic bias

In a circular published in May, the CFPB confirmed that federal anti-discrimination law requires companies to explain to applicants the specific reasons for denying an application for credit or taking other adverse actions, even if the creditor is relying on credit models using complex algorithms.

“Companies are not absolved of their legal responsibilities when they let a black-box model make lending decisions. The law gives every applicant the right to a specific explanation if their application for credit was denied, and that right is not diminished simply because a company uses a complex algorithm that it doesn’t understand.” — Chopra

The circular reminds organizations that those who use complex algorithms, including artificial intelligence or machine learning in any aspect of their credit decisions, must still provide a notice that discloses the specific principal reasons for taking adverse action.

Issued an advisory opinion on coverage of fair lending laws

Also in May 2022, the CFPB published an advisory opinion to affirm that the Equal Credit Opportunity Act (ECOA) bars lenders from discriminating against consumers after they received a loan, not just before.

The CFPB’s advisory opinion on ECOA confirms:

  • ECOA protects people from discrimination in all aspects of a credit arrangement
  • Continues to protect borrowers after they have applied for and received credit
  • Requires lenders to provide “adverse action notices” to borrowers with existing credit

Took two enforcement actions against lenders for deliberate discrimination

The first enforcement action, filed in October 2021 in joint with the DOJ and Office of the Comptroller of Currency, was taken against a mortgage company for redlining and deliberately not marketing, offering, or originating home loans to consumers in minority neighborhoods.

The company was ordered to pay a $5 million penalty and $3.85 million via a loan subsidiary program to increase credit access across neighborhoods impacted by redlining.

The second enforcement action, filed in July in joint with the DOJ, was against another mortgage company for the same things—redlining and deliberate discrimination against minority neighborhoods.

The company was ordered to pay more than $22 million towards civil penalties, into a loan subsidiary program, and to fund advertising in areas impacted by redlining.

Reminded mortgage servicers to protect military servicemembers

In joint with the Department of Justice, the CFPB reminded mortgage servicers that they must adhere to the CARES Act and additional legal requirements under the Servicemembers Civil Relief Act.

For the first time since 2016, consumer complaints submitted by military servicemembers increased in 2021—up 64% from 2021, according to our analysis in the Complaint Risk Signal Report.

The letter, sent in December 2021, came in response to this influx of consumer complaints submitted by military servicemembers, families, and veterans on a wide range of mortgage servicing violations, including inaccurate credit reporting, misleading communications to borrowers, and required lump sum payments for reinstating their mortgage loans.

“The illegal foreclosures of military families in the last crisis was one of the financial industry’s worst failures. The CFPB will be closely watching mortgage servicers and will hold them accountable for illegal tactics perpetrated against military families.” – Chopra

Expressed and exemplified intent to increase enforcement

Chopra has a reputation for being an aggressive enforcer of consumer protection laws when it comes to organizations that disobey them. Since being confirmed, Chopra has focused on repeat offenders, prioritized enforcement over consumer education, taken 20 enforcement actions against organizations, and bolstered enforcement by the states.

Reining in repeat offenders

In his testimonial to the Senate Banking Committee, Chopra spoke to his intent to increase enforcement and crack down on repeat offenders by saying:

I anticipate that the CFPB will sharpen its focus on repeat offenders, particularly those that violate agency or federal court orders. The agency has now entered into a substantial number of orders, largely by consent of the agency and the financial institution, and it will be critical that we closely monitor compliance with these orders. Repeat offenders that violate orders and cause ongoing harm to families and law-abiding businesses must be stopped.

Fast forward a few months, in a lecture given to students at the University of Pennsylvania Law School, Chopra outlined his plans to rein in repeat offenders—or “recidivists” as he describes them—by pivoting to remedies that are more “structural” in nature instead of relying on monetary fines.

Prioritizing enforcement over consumer education

In a session at the Federal Reserve Bank of Philadelphia’s Sixth Annual Fintech Conference, Chopra spoke about how he plans to take a more robust approach to enforcement:

In some cases, financial education literacy has made people worse off because they become overconfident…. Financial products are often very challenging to understand…Disclosures are not going to be what fixes it. What is often going to fix it is to eradicate unlawful actors who prey on people.

Increased enforcement actions

Since being sworn in last year, the CFPB under Chopra has already taken 20 enforcement actions—nine of which happened in just the past four months alone. Not only has the number of enforcement actions increased but the penalties have too, with some penalties upwards of nearly $200 million.

Bolstered enforcement by states

In May 2022, the CFPB issued an interpretive rule that describes States’ authority to pursue companies that violate provisions of federal consumer protection laws.

The CFPB’s interpretive rule on states’ authority to enforce consumer protection laws confirms that:

  • States can enforce the Consumer Financial Protection Act, including the provision making it unlawful for covered persons or service providers to violate any provision of federal consumer financial protection law
  • States can pursue claims and actions against a broad range of entities
  • CFPB enforcement actions do not put a halt to state actions, and sometimes states bring enforcement actions in coordination with the CFPB

Added discrimination under the “unfair” prong of UDAAP

In March, the CFPB updated its supervisory operations to include discriminatory practices as unfair under UDAAP in an attempt to further protect consumers from illegal discrimination in instances where existing fair lending laws may not apply.

According to the CFPB, “discrimination may meet the criteria for ‘unfairness’ by causing substantial harm to consumers that they cannot reasonably avoid, where that harm is not outweighed by countervailing benefits to consumers or competition.”

When a person is denied access to a bank account because of their religion or race, this is unambiguously unfair. We will be expanding our anti-discrimination efforts to combat discriminatory practices across the board in consumer finance.

Interpretive rule for digital marketers and consumer protection laws

Most recently, the CFPB issued an interpretive rule in August that lays out grounds for when digital marketing providers for financial firms must comply with consumer protection laws.

According to the press release, “digital marketers acting as service providers can be held liable by the CFPB or other law enforcers for committing unfair, deceptive, or abusive acts or practices as well as other consumer financial protection violations.” This includes any digital marketers who are involved in the identification and selection of prospective consumers or the selection or placement of content to affect a customer’s behavior.

“When Big Tech firms use sophisticated behavioral targeting techniques to market financial products, they must adhere to federal consumer financial protection laws. Federal and state law enforcers can and should hold these firms accountable if they break the law.” – Chopra

The CFPB’s interpretive rule for digital marketers explains that:

  • Digital marketers materially involved in the development of the content strategy can be held liable: Financial firms rely on the expertise and tools of digital marketing providers that offer sophisticated analytic techniques, aided by machine learning and advanced algorithms, to process large amounts of personal data and deliver highly targeted ads. Financial firms use behavioral analytics to connect with potential customers. Depending on how sophisticated analytic techniques are designed and implemented, behavioral marketing and advertising could subject firms to legal liability.
  • Digital marketers provide material services to financial firms: A material service is one that is significant or important. Digital marketing providers are typically materially involved in the development of content strategy when they identify or select prospective customers or select or place content in order to encourage consumer engagement with advertising. Digital marketers engaged in this type of ad targeting and delivery are not merely providing ad space and time, and they do not qualify under the “time or space” exception.
  • The CFPB, states, and other consumer protection enforcers can sue digital marketers to stop violations of consumer financial protection law: Service providers are liable for unfair, deceptive, or abusive acts or practices under the Consumer Financial Protection Act. When digital marketers act as service providers, they are liable for consumer protection law violations.

Focused on data privacy and protection

Data privacy and protection was a top concern for a lot of compliance teams in 2022—turns out, it was a top concern for Chopra and the CFPB, too.

In August of 2022, the CFPB published a circular that reminds financial institutions that failing to safeguard personal data may count as violating federal consumer financial protection laws. Specifically, financial companies are at risk of violating the Consumer Financial Protection Act if they fail to have adequate measures to protect against data security incidents, says the CFPB.

“Financial firms that cut corners on data security put their customers at risk of identity theft, fraud, and abuse. While many nonbank companies and financial technology providers have not been subject to careful oversight over their data security, they risk legal liability when they fail to take commonsense steps to protect personal financial data.” – Chopra

According to the CFPB’s circular, some examples of failing to provide sufficient data security measures include:

  • Not requiring multi-factor authentication or implementing a reasonably secure equivalent
  • Inadequate password management policies and practices
  • Failure to execute routine system, software, and/or code updates
  • Failure to update consumers when notified of a critical vulnerability

The circular explains that the above examples would result in a violation of the Consumer Financial Protection Act because they “are likely to cause substantial injury to consumers that is not reasonably avoidable by consumers, and financial institutions are unlikely to successfully justify weak data security practices based on countervailing benefits to consumers or competition. Inadequate data security can be an unfair practice in the absence of a breach or intrusion.”

Looking ahead: What’s next for the CFPB under Chopra?

More consumer complaints

Consumers are increasingly aware of their rights and complaints are at an all-time high—there are already over 570k complaints in the CFPB’s database from this year and we still have a few months left in 2022 (for reference, there were 496,019 complaints submitted in 2021).

According to the CFPB, complaint data and analyses are readily available to CFPB staff to support their supervisory, enforcement, and market monitoring activities. By paying close attention to what consumers are saying, you can best position your team to get out ahead and avoid unnecessary scrutiny from regulators at both the state and federal levels.

Increased enforcement actions

Director Chopra is not shy when it comes to using enforcement actions as a means to protect consumers. The Bureau has already taken several large actions this year, and we can likely expect this momentum to continue in 2023.

Continued regulatory scrutiny around mortgages

With interest rates on the rise, the mortgage industry has had a difficult year and has been working to “right fit” itself while staying relevant for the future. With market conditions in flux, it’s critical that mortgage companies tighten up their compliance programs as the potential risks are high and regulators are still paying attention.

The Bureau will likely continue to keep a close eye on mortgage companies to ensure that there are no claims of deception in advertisements, and that advertised rates are accurate, up-to-date, and have the proper disclosures.

As regulatory scrutiny continues to increase under Chopra, having a strong compliance program in place to protect consumer is critical.

With PerformLine’s omni-channel compliance platforms, organizations like yours can proactively monitor all of its marketing materials for regulatory compliance at scale, mitigate risk, and protect your brand. Learn how you can get out ahead of CFPB regulatory scrutiny and enforcement actions with PerformLine.

(Views expressed in this article do not necessarily reflect policy of the Mortgage Bankers Association, nor do they connote an MBA endorsement of a specific company, product or service. MBA NewsLink welcomes your submissions. Inquiries can be sent to Mike Sorohan, editor, at msorohan@mba.org; or Michael Tucker, editorial manager, at mtucker@mba.org.)