The Obama administration released on June 30, 2009 draft legislation that would establish a new Consumer Financial Protection Agency ("CFPA"). The concepts embodied in this draft legislation ("CFPA Act") have been widely discussed for some time, and such concepts formed a major portion of the administration's overall proposals for financial regulatory reform that were formally published on June 17, 2009.
In particular, insurance and securities firms have been uncertain about the extent to which they would be subject to any new consumer agency's jurisdiction. The CFPA Act would clarify this uncertainty to some extent. A Treasury Department official commenting on the Act recently made a general statement that products overseen by the SEC and most of the insurance industry would not be subject to the CFPA. Nevertheless, as always, the devil is in the details, and the CFPA Act is far from clear or complete on the subject of how these jurisdictional lines will be drawn. Different persons may reach different interpretations, and the relevant terms of any legislation may differ substantially from those in the current draft of the CFPA Act.
Should the CFPA actually come into existence, it may well have the resources to expand its activities by aggressively interpreting its jurisdiction in the broadest possible manner. Notably, the CFPA Act would appropriate such funds to the CFPA as are necessary to carry out its functions and would direct and empower the CFPA to require the persons that it regulates to pay fees that cover all of the CFPA's expenditures (which fees would be deposited in the federal treasury).
I. Basic Overview of the CFPA Act
To assess the CFPA Act's potential impact on the insurance and securities industries, it is helpful to have a general understanding of the basic provisions in the Act that define the products, services and persons that would be subject to the Act, as well the general nature of the regulatory scheme that would apply to them.
A. Products, Services, and Persons Subject to the Act
The CFPA Act would give the CFPA wide discretion to regulate any "Consumer Financial Product or Service" and any persons who provide such products and services (which the Act refers to as "Covered Persons"). It is clear that CFPA Act is primarily concerned with consumer activities such as the following:
- taking deposits by banks, savings and loans, credit unions, and the like;
- providing money transfer, check guarantee, and bill payment services;
- issuing and servicing mortgages and consumer loans;
- issuing and servicing credit cards and debit cards;
- providing real estate settlement services;
- tax planning and tax preparation;
- providing leasing services for personal or real property;
- credit reporting;
- debt collection and negotiation and mortgage modification; and
- debt counseling and credit repair.
Most of the types of services with which the CFPA Act seems primarily concerned do not directly involve insurance (except for credit insurance, mortgage insurance, and title insurance). Nor do most of these services generally involve securities. Further, as discussed in greater detail in part II. below, the CFPA Act contains certain specific exclusions for the business of insurance, as well as for persons who are registered with the SEC or CFTC and who are acting in their registered capacities.
Nevertheless, the CFPA Act clearly would regulate certain types of consumer insurance (such as credit, mortgage, and title insurance) as Consumer Financial Products or Services. The Act likewise clearly would include within its coverage investment and financial advisory services performed for consumers by any person that is not subject to registration with the SEC or CFTC or that, even if registered, is not acting in such registered capacity when providing those services.
Also, the terms of the CFPA Act are potentially broad enough to cover various other products and services that may be offered by insurance and securities firms. Moreover, the Act contains a "catch-all" provision that would give the CFPA considerable discretion (subject to the exclusions discussed in part II. below) to adopt a rule defining additional activities as "financial activities" that would be regulated as Consumer Financial Products or Services under the Act.
The definition of a "Covered Person" in the Act is also quite broad. It includes, for example, not only a person who provides a Consumer Financial Product or Service, but also any person who provides material services to such a provider.
B. Summary of Regulatory Scheme
For those products, services, and persons that would be subject to the CFPA Act, the following highlights provide at least a glimpse of how thoroughgoing the regulatory regime under the Act could be:
- The CFPA would have general authority to adopt rules to ensure that, with respect to Consumer Financial Products or Services:
1. consumers have, understand, and can use the information they need to make responsible decisions;
2. consumers are protected from abuse, unfairness, deception, and discrimination; and
3. markets for these products and services operate fairly and efficiently, with ample room for sustainable growth and innovation.
- In seeking to fulfill these objectives, the CFPA could enact a wide array of requirements for Consumer Financial Products or Services, such as:
1. substantive requirements regulating the terms of products and services that are offered;
2. disclosure to consumers of the costs, benefits and risks associated with products and services, including requirements that such disclosure be brief, simple, clear, and transparent. In order to ensure that such information is fully and adequately represented to consumers (both initially and over the term of the products or services), the CFPA also could prescribe the "manner, settings, and circumstances" under which products and services are provided;
3. requirements that Covered Persons make periodic reports to, be subject to periodic examinations by, or otherwise provide information to the CFPA;
4. prohibitions against Covered Persons' entering into certain mandatory arbitration agreements with their customers; and
5. requirements that Covered Persons refrain from charging fees to consumers that the CFPA finds to be unfair or abusive.
- The CFPA also could prescribe minimum standards for certain Covered Persons with respect to such matters as:
1. background checks for principals, officers, directors or key personnel;
2. bonding or other financial requirements;
3. registration, licensing, or certification;
4. standards for creating and maintaining records of transactions or accounts; and
5. other standards for the procedures and operations of the Covered Person relating to the provision of financial products and services.
- The CFPA Act would also authorize the CFPA to prescribe a "standard" version of a Consumer Financial Product or Service. The CFPA would define the terms and features of the standard version, so as to be transparent, relatively low risk, and readily comparable with alternative similar products or services in terms of benefits and costs. The CFPA could require that, at or before the time a Covered Person offers a Consumer Financial Product or Service to a consumer, the Covered Person also must offer to that consumer any "standard" version of that product or service that the CFPA has prescribed, together with a warning to the consumer about the heightened risks of the non-standard product.
- To ensure fair dealing with consumers of Financial Products and Services, the CFPA would be required to prescribe the duties owed to such consumers by Covered Persons who deal directly with them.
- The CFPA Act would specifically empower the CFPA to prescribe duties regarding compensation practices applicable to Covered Persons (and their employees, agents and independent contractors) who deal directly with consumers. The Act provides that the purpose of such duties would be to promote fair dealing with consumers of Consumer Financial Products and Services, but that the CFPA would not be authorized to prescribe a limit on the total compensation paid to any person. The CFPA Act would give consumers considerable rights to obtain information from a Covered Person concerning its Consumer Financial Products or Services, including "costs, charges and usage data."
C. Enforcement and Remediation
The CFPA Act would give the CFPA extensive enforcement and investigative powers with respect to violations of the Act and rules thereunder. Violators could be subject to such remedies as:
- cease and desist orders;
- rescission or reformation of contracts;
- restitution or refund of moneys or return of real property;
- monetary damages;
- injunctive remedies;
- civil penalties, up to prescribed maximums; and
- criminal prosecution.
The Act would also provide strong "whistle blower" protections for persons who report or take other action upon violations.
II. Certain Exclusions Relevant to the Insurance and Securities Industries
A. Exclusion for the Business of Insurance
As noted in part I.A. above, the CFPA Act would grant the CFPA broad authority to issue definitional rules that bring within the purview of the Act even financial activities that are not mentioned in the Act. The Act, however, provides that the CFPA could not exercise this authority to define "engaging in the business of insurance" as such a financial activity, other than with respect to credit, mortgage, or title insurance.
While this exclusion seems to evidence a clear intent that the CFPA not have any jurisdiction over the business of insurance (except for the special types of insurance mentioned), the CFPA could conceivably seek to assert such jurisdiction. Among other things, the exclusion, read literally, is merely a restriction on the CFPA's exercise of its broad authority to adopt definitional rules, and the CFPA could seek to interpret some other provisions in the CFPA Act as being broad enough to cover some aspects of the business of insurance without need to exercise this rule-making authority. Moreover, differences of opinion may arise as to what constitutes "engaging in the business of insurance" for this purpose, and the CFPA could seek to interpret that concept considerably more narrowly than some in the insurance industry might be inclined to do.
Accordingly, if the CFPA Act is enacted in its current form, insurers and firms engaged in marketing insurance products and services will at least need to thoroughly review all of the activities that they conduct. Credit, mortgage, and title insurance would be subject to the Act. Any other Consumer Financial Product or Service within the meaning of the Act also would fall under the CFPA's jurisdiction, except to the extent it can be argued that the product or service is excluded from the Act because it constitutes engaging in the business of insurance.
B. Exclusion for Persons Regulated by the SEC or CFTC
The CFPA Act specifically preserves the SEC's sole jurisdiction over any "person regulated by" the SEC and states that the CFPA shall have no authority to exercise any power under the Act or to enforce the Act with respect to such a person. (The Act contains parallel provisions pertaining any "person regulated by" the CFTC.) The Act defines a "person regulated by" the SEC to mean a person that is "required to be registered" under the Securities Exchange Act of 1934, the Investment Advisers Act of 1940 or the Investment Company Act of 1940, "but only to the extent that the person acts in a registered capacity." (Again the Act contains a parallel definition of a person regulated by the CFTC.)
It is unclear exactly what this language means. It could mean, for example, that the only activities that would be covered by the exclusion are those activities that cannot be conducted without SEC registration (or CFTC registration, as the case may be). Or it could mean that the exclusion may be sufficiently established if the activity in question is subject to SEC/CFTC requirements (or perhaps FINRA requirements) because it is being conducted by an SEC/CFTC-regulated entity, even if that activity would not by itself require SEC/CFTC registration. Or some other standard may apply.
Whatever the standard, it would seem that SEC/CFTC-regulated entities that rely on this exclusion would need to thoroughly review their operations to identify any activities that might be subject to CFPA regulation. Such entities would need to make a determination whether each such activity is performed in the entity's capacity as an SEC/CFTC-regulated person.
C. Investment and Financial Advisory Activities
The CFPA Act would specifically include certain investment and financial advisory activities as Consumer Financial Products and Services. These activities would include:
- acting as investment adviser to any consumer (if not subject to regulation
- by or registration with the SEC or CFTC) and acting as financial adviser to any consumer, including the provision of (i) financial and other related advisory services, (ii) educational courses and instructional materials on individual financial management matters, or (iii) credit counseling, tax-planning, or tax preparation services.
A very large number of persons and companies perform consumer investment advisory services without SEC regulation, in view of either the small amount of assets they have under management or the small number of their advisory clients. Under the CFPA Act, such advisers would be subject to regulation by the CFPA.
In addition, as discussed in part II.B. above, even if an adviser is registered with the SEC or CFTC, some of its activities may be subject to CFPA jurisdiction to the extent the adviser does not conduct those activities "in its registered capacity." It very well could be, therefore, that, even if the CFPA Act would not apply to an SEC/CFTC-registered adviser's advice with respect to securities (or commodities, in the case of a CFTC-registered entity), the Act would apply to other consumer financial advisory services (e.g., tax planning) provided by the same SEC-regulated firm.
D. Coordination Among Federal Agencies
Even if, as discussed above, a given product or service is excluded from the CFPA's jurisdiction because it is being provided by a person that is regulated by the SEC or CFTC, it cannot be assumed that the CFPA would have no influence on the SEC/CFTC regulation of that product.
The CFPA Act contains various provisions that would direct the CFPA, the SEC, and the CFTC to consult, communicate and cooperate to achieve uniform regulation of similar or competing financial products and services. Therefore, regulatory concepts embraced in the CFPA Act, and in the CFPA's implementation of that Act, may also tend to be adopted by the SEC and CFTC in their regulation of consumer products.
E. Providing Certain Types of Support Services
As previously discussed, it would be necessary for insurance and securities firms to evaluate all of their activities to determine whether any of those activities would be subject to the CFPA Act. Particular care would be necessary in that regard, because the definition of Covered Person includes not only persons who provide a Consumer Financial Product or Service, but also any person who provides material services to such a provider. The Act makes clear that such material services could include, but would not be limited to, processing transactions on behalf of any Covered Person.
Otherwise, the CFPA Act leaves almost entirely open the question of what types of support services to a Covered Person might make the provider of those support services a Covered Person. This will make it much more difficult for many companies (including many insurance and securities firms) to evaluate the CFPA Act's applicability, if it is enacted in its current form.