FinTech and marketplace lenders are fast realizing that the Consumer Financial Protection Bureau (CFPB), Federal Trade Commission (FTC), and even state regulators are focused on their activities. Recent announcements that the CFPB is taking consumer complaints on marketplace lenders and has established an office of small business lending means that lenders and service providers should prepare for the possibility of investigations and examinations in the not too distant future. At the same time, the FTC has announced a "Financial Technology Forum on Marketplace Lending" series, starting on June 9, 2016, to explore the growing world of marketplace lending and its implications for consumers. And, at the state level, the California Department of Business Oversight recently released a survey on marketplace lending in California finding that consumer and small business lending increased by 936% from 2010-2014, to $2.3 billion.
All of these developments point to the potential for increased federal and state regulatory scrutiny of marketplace lending and their service providers. Below are five tips for managing enforcement and compliance risk, along with several hyperlinks to relevant articles and presentations.
- Increased Scrutiny Means Investigations and Possibly Enforcement Actions: The CFPB has investigations under way that span the full breadth of the Bureau's enforcement authority over providers of financial products and services and their vendors. The process of responding to a civil investigative demand (CID) from the CFPB (or even the FTC) is challenging and resource intensive, but critical. Your company will have to issue a record retention notice, negotiate the scope of the CID, collect responsive information and materials, respond to the CID, and then wait for the CFPB to make a decision on whether it will bring an enforcement action or close the investigation. All of this can be challenging, but we've got you covered with a primer on negotiating the scope of the CID and navigating examinations. We also reveal the CFPB's enforcement settlement principles to illustrate exactly how the CFPB implements its regulation by enforcement agenda.
- Advertising, Marketing, and Lead Generation Are Being Scrutinized: Online lead generation continues to face increased scrutiny and regulation on multiple fronts, including from consumer groups, state regulators, the FTC, and the CFPB. This squeeze is being felt by all participants—publishers, aggregators, and buyers—and, notably, the lines of legal responsibility and accountability continue to blur. Because of this pressure, the viability of some forms of online lead generation is in jeopardy. Our primer, Government Puts Squeeze on Lead Generation Marketing, focuses on the three areas we believe regulators will continue to most actively pursue: (1) use of deceptive advertisements to generate leads; (2) how sensitive consumer data is stored and whom it is shared with; and (3) whether, and the extent to which, publishers and lead aggregators are liable for the end users' legal compliance.
- Service Provider Liability Can Be Minimized by Strong Vendor Due Diligence and Monitoring Compliance Programs: Federal and state regulators expect lenders to manage their service providers for compliance with applicable laws and regulations. One of the first things the CFPB or a state regulator will ask for during an investigation or examination is a list of the regulated entity's service providers. Failing to conduct vendor due diligence and monitor service providers is a surefire way to put your company at risk. On the flip side, the CFPB has been targeting service providers using its "substantial assistance" authority, which allows the CFPB to bring an action against any person it believes knowingly or recklessly provided substantial assistance to actors that fall under the CFPB's jurisdiction. The result is an environment in which covered entities and their service providers are expected to police each other's regulatory compliance.
- Collecting Accounts Receivable: The CFPB (teaming with the FTC) has taken aim at first-party and third-party debt collection activities, including enforcement settlements with lenders and collectors. In November, federal, state, and local regulators and enforcement agencies announced Operation Collection Protection, a national initiative that targets debt collectors. This program complements recent CFPBenforcement, supervisory, and rulemaking efforts focused on the debt collection industry, including first-party creditors and billing services, and on the intersection of data furnishing and debt collection. In addition, the CFPB continues to work on developing proposed rules for debt collection following publication of its advanced notice of proposed rulemaking in November 2013.
- Furnishing Data to the Consumer Reporting Agencies: Recent CFPB and FTC activity reflects increased scrutiny of companies that supply or "furnish" information to consumer reporting agencies (CRAs) as required by the Fair Credit Reporting Act (FCRA). Data furnishers, including merchants, debt collectors, and lenders, can reduce supervision and enforcement risk by avoiding the common mistakes the FTC and CFPB have identified in their recent enforcement announcements. In November, Venable attorneys conducted a webinar, "Minimizing Legal and Compliance Risk for Credit Furnishers," that focused on compliance tips and best practices.