On July 18, 2012, the Consumer Financial Protection Bureau (“CFPB”) issued a compliance bulletin for credit card issuers on the marketing of add-on products (“Bulletin”). The Bulletin was issued in conjunction with announcements that the CFPB and Office of the Comptroller of the Currency (“OCC”) had entered into consent orders with Capital One Bank, (USA) N.A. (“Capital One”) regarding the marketing of payment protection and credit monitoring products to its customers. The consent order with Capital One marks the CFPB’s first major public enforcement action against a card issuer, while also providing related guidance for other market participants. While the title of the Bulletin relates solely to card products, its opening footnote directs all institutions to consider the guidance when offering similar products with other forms of credit and deposit services.

The Bulletin contains three parts: an introduction, an overview of applicable consumer protections and the CFPB’s expectations for card issuers and their service providers when offering add-on products. The Bulletin begins by reminding issuers and service providers that “[u]nder the Dodd-Frank Act, it is unlawful for any provider of consumer financial products or services or a service provider to engage in any deceptive act or practice” and that “[i]t is also unlawful for any person to knowingly or recklessly provide substantial assistance to a covered person or service provider” in violation of these prohibitions. The Bulletin also references other CFPB materials, including the CFPB’s October 2011 Supervision and Examination Manual and its guidance on bank supervision of service providers, issued April 13, 2012.  


The Bulletin’s discussion of deceptive practices provides insight into how the CFPB will evaluate the effectiveness of disclosures, including disclosures related to add-on products. Specifically, the CFPB indicates that it will consider:

  • Whether disclosure statements are prominent enough for a consumer to notice them;
  • Whether disclosure information is presented in an easy-to-understand format that does not contradict other information in the package and at a time when the consumer’s attention is not distracted elsewhere;
  • Whether the disclosure information is in a location where consumers can be expected to look; and
  • Whether the disclosure information is in close proximity to the claim it qualifies.  


Notably, the CFPB states that “[i]nstitutions supervised by the CFPB should take steps to ensure that they market and sell credit card add-on products in a manner that limits the potential for statutory or regulatory violations and related consumer harm.” Specifically, the CFPB recommends “steps” for card issuers including, but not limited to, ensuring that:

  • Marketing materials reflect the actual product terms and conditions and are not deceptive or misleading to consumers;
  • Employee compensation programs related to the sale of add-on products adhere to institution-specific program guidelines and do not create incentives for employees to provide inaccurate information about the products;
  • All scripts and manuals used by telemarketing and customer service centers:
    • Direct representatives to accurately state the product terms and conditions, including any material limitations on eligibility to obtain each of the product benefits;
    • Prohibit representatives from enrolling consumers in programs without their clear affirmative consent, and allow enrollment only after the consumer has been informed of the product’s terms and conditions; and
    • Where applicable, clarify that purchasing add-on products is not a pre-condition to obtaining credit.
  • To the “maximum extent practicable,” representatives do not deviate from approved scripts;
    • However, no additional guidance is offered on how card issuers should meet the CFPB’s “maximum extent practicable” standard.
  • ApplicAnts are not required on a prohibited basis to purchase add-on products as a condition of obtaining credit; and
  • Cancellation requests are handled in a manner that does not mislead consumers, and is consistent with the product’s terms and conditions.


The CFPB’s expectations section also outlines key compliance elements card issuers should consider, including:

  • Written policies and procedures to ensure the sale of add-on products complies with relevant federal and state consumer financial protection laws and regulations;
  • Periodic “Quality Assurance” reviews, including a review of training materials and scripts, and real-time monitoring and recording of telemarketing and customer service calls in their entirety;
    • However, the Bulletin provides no additional guidance on how often a card issuer would need to conduct reviews to meet the CFPB’s “periodic” expectation.
    • Also, while the term “Quality Assurance” is capitalized, it is not defined in either the Bulletin or the CFPB’s Supervision and Examination Manual.
  • Independent audits of credit card add-on programs, focused on whether the program meets CFPB guidance and whether the offering of such products presents elevated risk of harming consumers;
  • Oversight and monitoring of affiliates and third-party service providers that perform marketing or other functions related to credit card add-on products to ensure service providers are meeting the same standards as the card issuer;
  • Appropriate channels to receive, investigate and resolve consumer complaints; and
  • A comprehensive training program for employees involved in the marketing, sale and operation of add-on products.


In addition to the guidance provided in the Bulletin, the CFPB consent order with Capital One offers insight into the types of compliance mechanisms and practices the CFPB may expect of market participants. Notably, the consent order prohibits Capital One from marketing or soliciting add-on products during cardholder activation calls without first informing the cardholder (i) that activation of their account is complete, and (ii) that listening to the solicitation is optional. Additionally, in instances where a cardholder subsequently denies authorizing an add-on product, Capital One must either (i) immediately agree to cancel and refund all product fees and charges, or (ii) conduct a review as to whether a cardholder actually authorized the add-on product. Under the terms of the consent order, any such review must be completed by a Capital One employee, and cannot be conducted by an employee of a third-party service provider.


The Bulletin closes with a clear warning for other institutions, noting the CFPB “will continue to closely review the operations of the credit card issuers and service providers that it supervises with respect to add-on products, and to assess whether additional supervisory, enforcement, or other actions may be necessary to ensure that the market for add-on products functions in a fair, transparent, and competitive manner.” In this respect, the consent order with Capital One essentially continues where the Bulletin leaves off, providing an instructive look at the potential impact of future CFPB supervisory and enforcement actions.

Based on the consent order, institutions subject to CFPB examination and enforcement can expect intensive regulatory involvement in operational and governance activities, including:  

  • The CFPB’s “non-objection” to all provisions of a settlement or remediation plan;
    • With Capital One, the CFPB intends to review such detailed elements as the format and design of the envelope containing remediation materials to be sent to impacted consumers.
  • The CFPB’s “non-objection” to all compliance elements aimed at addressing violations;
    • The CFPB intends to review Capital One’s policies governing the marketing of add-on products and its contracts with add-on service providers, including mandating new information for call center scripts and contractual requirements for future agreements with add-on providers.
  • Specific reporting requirements for an institution’s Board of Directors and a review of the institution’s compliance efforts by independent auditors.