7 Key Fair Lending & UDAAP Reminders from the CFPB

The recent GE Capital Retail Bank enforcement action highlights both Fair Lending and UDAAP compliance issues, and provides key compliance reminders. Read more >>

In June, the Consumer Financial Protection Bureau announced a joint enforcement action with the Department of Justice against GE Capital Retail Bank, which changed its name to Synchrony Bank in June. In the CFPB’s press call announcing it, they said “deceptive credit card add-ons and discriminatory debt relief promotions” led to the enforcement action. This enforcement action is interesting in part because it addresses two hot regulatory issues: Fair Lending and UDAAP (Unfair, Deceptive, and Abusive Acts and Practices) compliance. First, we'll go over the details of the enforcement action, then we will share the 7 key reminders.

The Bank was ordered to pay $225 million in consumer relief; $169 million of that was paid to settle a lawsuit that accused the Bank of discriminating against Hispanic credit card customers. The remaining $56 million was paid in a settlement related to allegations of deceptive marketing. In addition, the Bank paid $3.5 million in civil money penalties to the CFPB's Civil Penalty Fund.

Regarding Fair Lending: It is sometimes assumed that Fair Lending compliance is limited to the act of underwriting and pricing. However, 1974’s Equal Credit Opportunity Act (ECOA) covers “any aspect of a credit transaction” from cradle to grave. That includes everything from the initial marketing and servicing through to the final payment. The ECOA’s primary purpose is to prevent discrimination in the granting of credit by requiring banks and other creditors to make extensions of credit equally available to all creditworthy applicants with fairness, impartiality and without discrimination on any prohibited basis. 

During the enforcement action press call, the CFPB said they found that the Bank was not making offers available equally. "Instead, for customers who had indicated that they preferred to communicate in Spanish and for those with mailing addresses in Puerto Rice, GE Capital did not extend any of these offers, in any language," they said.

In this case, the Bank states that they self-identified the matter through an internal audit. They apparently omitted certain delinquent cardholders with Puerto Rico addresses or Spanish-preferred indicators on their accounts from two collections offers (see the Bank’s press release below). According to the Bank’s press release, the “CFPB recognized the Bank’s response to this matter as ‘responsible business conduct,’ including the ‘self-identification of the matter through self-policing, prompt reporting, self-initiation of consumer remediation, and full and timely cooperation with the regulators.”

Regarding UDAAP: UDAAP, like Fair Lending, is a broad and expansive area for compliance institutions. Both Fair Lending and UDAAP are regulatory priorities.

The Bureau claims they found that the Bank's telemarketers misrepresented the credit card add-on products, which became a UDAAP issue. According to the CFPB, the telemarketers did not make the terms clear regarding payment or eligibility, nor did they make it clear that customers were purchasing the products. Additionally, the CFPB stated that the telemarketers misrepresented the availability of the offer, saying that it was available for a limited time, though the availability was not limited. The Bureau also found that the Bank's product offers and messaging were not consistent across representatives or channels. Collectively, these items led to confusion for the customers, and these practices were considered to be deceptive by the Bureau.

Key Fair Lending & UDAAP Reminders Provided by the Enforcement Action

The CFPB provides several perspectives via the enforcement action. Here are a few highlights:

Fair Lending Reminders

1. Beware of Exclusions: Be careful of exclusions of any aspect of credit offers. Marketing techniques that exclude any prohibited basis groups bring Fair Lending risk.
2. Collections: Collections procedures and loss mitigation offers are a part of the credit transaction and subject to the ECOA. Service, collections and loss mitigation policies, and procedures should be reviewed for Fair Lending compliance.
3. Training: The consent order points to the importance of company-wide employee training with role-specific training for certain team members. This theme is repeated in most settlements.
4. Regular Risk Assessments: It is very important to conduct regular ECOA and Regulation B assessments. In this case, “regular” is defined as “at least annually” by the consent order.

UDAAP Reminders

1. Consistency Between Channels:  The bank marketed and offered the add-on products through five channels: inbound calls – activation, inbound calls – service assistance, online, point of sale, and direct mail. The CFPB claims that the Bank did not require scripts for customer services conducting marketing, except for a scripted statement to be given at the end of the call. There must be consistent offers and approach, unless there are clear business reasons that justify the need for the different approach.
2. Transparency: The CFPB claims the Bank did not adequately inform the consumer they were purchasing the add-on products, or misrepresented to some cardholders the costs, terms, benefits of the product. There must be clear disclosure on options available, the costs of each option and the risks involved.
3. Compliance Monitoring: The CFPB claimed the Bank did provide effective oversight. There must be process and controls to ensure ongoing compliance, including that of third-party vendors.

It’s very important that lenders use risk assessments, audits, and other monitoring procedures to effectively mitigate and manage their risk. The knowledge gained will empower you and your institution to take a proactive approach to your compliance, and potentially avoid surprises from the regulators.

Perhaps most importantly, the consent order also reminds us of the important role that the Compliance Department must assume. According to the consent order, the Bank is required to have “written policies and procedures to ensure the risk management, internal audit, and corporate compliance programs have the requisite authority and status within the Bank so that appropriate reviews…..may occur and deficiencies are identified and properly remedied.”

The Bottom Line: Consent orders provide insight into the regulators' perspective. These UDAAP and Fair Lending reminders are important and can be used to steer your compliance program.

Related: How to Build a Strong Fair Lending & Redlining Compliance Management System