CFPB Targets Credit Card Add-on Products

CFPB investigations have resulted in entry of consent enforcement orders against credit card issuers Discover Bank and Capital One for deceptively marketing credit card add-on products to customers. The orders demonstrate how the CFPB is stepping up as the new sheriff in town, intensely scrutinizing the marketing of consumer financial products, and using enforcement authority granted under Dodd-Frank to punish practices it finds deceptive.

The Capital One Consent Order

On July 17th, the Bureau and the OCC jointly entered the first enforcement order against Capital One. This order was based on the findings by CFPB examiners that Capital One’s call center vendors misled consumers when offering them add-on payment protection products. Specifically, the CFPB determined that sales vendors engaged in high pressure sales tactics directed at consumers with poor credit, misled the consumer about the costs and benefits of the products, and sometimes enrolled the consumers without their consent. The Order required Capital One to refund $140 million to consumers who had enrolled in the products and to pay an additional $25 million penalty. The full text of the Capital One Order can be found on the Administrative Adjudication page of the CFPB’s website,

Since it opened for business last summer, the CFPB has been accepting consumer complaints on credit card and mortgage products. As previously reported, it created a web interface by which consumers can file such complaints in detail on line. After issuing the enforcement order in Capital One, the CFPB stated that the complaints it has received and its own supervisory experience indicated that other consumers have been misled by marketing and sales practices associated with credit card add-on products. Therefore, it issued a guidance bulletin on such products on July 18th. The full bulletin can be found on the Guidance Documents page of the CFPB’s website.

The Discover Bank Consent Order

Given the Capital One Order and comments made by the Bureau in July, the second consent enforcement order involving such products entered more recently should come as no surprise. This order was entered jointly by the CFPB and the FDIC based on their joint  investigation of Discover’s telemarketing of payment protection, credit monitoring, and identity theft products. The agencies found the telemarketing scripts used by Discover contained misleading language about the cost of the products and how and when the customers would be charged. The agencies also found that Discover representatives sometimes enrolled consumers without their consent. Discover was ordered to refund approximately $200 million to the consumers and pay a $14 million civil penalty. The full text of the consent decree can be found on the Administrative Adjudication page of the CFPB’s website.

CFPB Supervised Entities Responsible for Third Party Vendors

Capital One’s call center sales force was operated by a third-party vendor, not Capital One. However, the Bureau takes the position that it will hold supervised entities responsible for the actions of their outside vendors; in a CP FB bulletin issued in April, the Bureau set forth its expectation that supervised entities control their outside service providers to insure compliance with federal consumer financial laws. The Bulletin details activities it expects supervised entities to undertake to ensure their service providers understand and are capable of complying with the laws, including conducting due diligence reviews of each service provider’s compliance procedures and training manuals and requiring compliance with consumer laws in vendor contracts. The bulletin can be found on the Guidance Documents page of the CFPB’s website.