TREVOSE, Pa. — NCB Management Services, Inc., recently announced the addition of Bruce Marrow to the NCB Senior Leadership Team as the Senior Project Manager.

NCB is proud to announce the hiring of Bruce Marrow as their Senior Project Manager. Bruce comes to NCB with over 15 years of project management experience as well as decades of collection operations experience in virtually all verticals. Bruce is returning to NCB in the senior role after being away the last 10 years performing project and program management with ACI Worldwide in the electronic bill payment and presentment space, and most recently Accenture, where he led a Compliance Remediation Program for a top National Internet service provider.

 [article_ad]

During his career, Bruce also held a number of project and operations management positions with several other industry organizations.

“I am excited to welcome Bruce back to NCB. In an environment that demands continual development of organization-wide strategic planning, it is essential that we continue to grow our senior leadership team. I am confident that Bruce will bring years of experience to this project manager role and play an integral part in our overall success”, stated Ralph Liberio, President & CEO.

Commenting on his appointment, Bruce said, “I feel very excited to be back with Ralph and the NCB team. I know that this next chapter for both NCB and myself will challenge us to become our best. I look forward to being part of the refined NCB mission – Helping consumers achieve financial freedom and enabling our partners to focus on their core business.”

About NCB Management Services

NCB Management Services, Inc. was established in 1994 and is headquartered in Trevose, PA with satellite offices in Jacksonville, FL, Sioux Falls, SD, and Lincoln, NE. NCB is a well- respected Debt Buyer of Unsecured Consumer Credit Products and an admired, well- recognized Accounts Receivable Management (ARM) industry leader. NCB is a customer- centric, regulatory compliant organization with a robust infrastructure, who has blended many years of ARM experience with the latest in new information systems and communication technology.

NCB has developed a reputation as consistently being a valued business partner and performer in a wide variety of applications. Providing superior customer interaction and achieving maximum results, while protecting our clients valued reputation, are among our highest priorities.

On July 27, 2022, the Consumer Financial Protection Bureau (CFPB) provided additional Reg F guidance as a series of Frequently Asked Questions (FAQs) sorted by topic. The FAQs cover the following subjects:

• Limited-Content Messages
• Telephone Call Frequency
• Telephone Call Frequency: Presumptions
• Telephone Call Frequency: Excluded Calls
• Telephone Call Frequency: Rebutting the Presumptions
• Validation Information
• Validation Information: Residential Mortgage Debt
• Prohibitions on Third-Party Communications
• Electronic Communication
• Electronic Communication: Opt-out Notice
• Unusual or Inconvenient Times or Places

There are 51 total FAQs; however, here are some of the highlights:

Limited Content Messages

• Including information that is required by state law but not included in the content that the CFPB listed as required or optional in Regulation F will cause the message to lose its status as a limited content message.  (Limited Content Message FAQ #3).

• A partial message left for someone is not a limited content message, even if the partial message was caused by a dropped call (Limited Content Message FAQ #4).

• Limited content messages may be prerecorded, though the Telephone Consumer Practices Act (TCPA) still applies. (Limited Content Message FAQ #5).

• Zortman messages are not limited content messages, and there is nothing in Reg F that addresses using these messages.  See Zortman v. J.C. Christensen & Assocs., Inc., 870 F. Supp. 2d 694 (D. Minn. 2012). (Limited Content Message FAQs #6-7).

Telephone Call Frequency

• Reg F does not have a specific limit or cap on the frequency of telephone calls. Instead, Reg F establishes presumptions based on call and conversation frequency. (Telephone call Frequency FAQ #1). Details regarding these presumptions are listed under Telephone Call Frequency: Presumptions FAQ #1.

• Incoming telephone calls from a consumer do not count toward the call frequency presumption (7 calls in 7 days), but they do count toward the conversation frequency presumption (no calls within 7 days of a conversation without consent). (Telephone call Frequency: Presumptions FAQ #2). 

• A return call to the consumer in response to a debt settlement inquiry counts toward the call frequency presumption unless the consumer provided direct consent for the return call. (Telephone call Frequency FAQ: Excluded calls FAQ #5).

• Neither payment reminder calls nor calls returned in response to a consumer’s inquiry are exempt from the call frequency presumption or the conversation frequency presumption. (Telephone call Frequency FAQ: Rebutting the Presumptions FAQ #3- 4)

Electronic Communication

• Reasonable and simple methods for opt-outs include hyperlinks and allowing a consumer to respond with the word, stop. If opt-out instructions are readily noticeable and legible to consumers, the instructions constitute a clear and conspicuous statement. (Electronic Communication: Opt-out Notice FAQ #3).

• A debt collector must honor a consumer’s request to opt out even if the consumer does not comply with the debt collector’s opt-out instructions. (Electronic Communication: Opt-out Notice FAQ #4).

• An autogenerated electronic communication that is sent at an unusual or inconvenient time violates the prohibition on communicating at inconvenient times unless it is in response to a consumer’s action. (Unusual or Inconvenient Times or Places FAQ # 4; FAQ #6).

The complete set of FAQs can be found here. 

insideARM Perspective

The CFPB did not provide any new information in these FAQs. Though the information may be more organized and perhaps more palatable than it appeared in Reg F and its comments, all of this information is in there in one form or another. That said, these FAQs serve as a good checkpoint for ARM entities to take stock of their risk tolerance thresholds and audit their Reg F policies and procedures. 

[article_ad]

The CFPB dodged a number of questions in the FAQs responding with either “not addressed” or “it depends.” These non-committal responses leave a gray area where ARM entities are left guessing what is actually permitted. Sometimes it makes sense to operate in the gray area, where actions may be considered “defensible,” rather than “safe”.  It’s not wrong for ARM entities to create policies and procedures that are defensible, but any entity doing so should be simultaneously preparing their planned defense, and recognize that “defensible” literally means mounting a legal defense (i.e. this will cost you money).

As for the auditing of policies and procedures, these FAQs cover a number of areas and the language is less verbose than that included in Reg F. It never hurts to compare additional info from the CFPB to existing policies and procedures to make sure everything is covered.  

On July 26, 2022, the CFPB issued a record penalty of more than $19 million against a creditor/furnisher of consumer information to the credit bureaus, alleging that the creditor failed to remedy harmful inaccuracy issues that persisted for several years[1]. The CFPB had previously issued a penalty of nearly $2 million against a debt collector that also allegedly failed to report accurate consumer information to the credit reporting agencies[2]. These two actions by the CFPB that resulted in millions of dollars in penalties provide specific guidance on steps that every company reporting consumer information to the credit reporting agencies must take to avoid violations of the law.

1. Examine Individual Consumer Disputes for Evidence of Systemic Issues

In one of the recent cases where the CFPB issued a fine in excess of $1 million for FCRA violations, the furnisher/creditor was aware of the credit reporting issues due to individual consumer disputes, but the creditor failed to assess the system-wide scope of the issues. Often consumer disputes are the first warning sign of a systemic issue and thus furnishers should audit individual consumer disputes and take systemic corrective action. In this CFPB recent action, the Consent Order provides the following:  

“For certain consumer disputes, where the consumer had identified the credit report inaccuracy and disputed it with Respondent, Respondent’s credit reporting disputes team initially made a manual tradeline correction, but then Respondent’s deficient systems overrode those corrections and reinserted the error. As a result, Respondent again furnished the same inaccurate consumer information to CRAs, leaving affected consumers no choice but to start the dispute process all over again.”

A periodic furnisher’s review of individual consumer FCRA disputes will
examine the instances of same or similar disputes, the resolution of those
disputes and whether there were any other issues on the account after
resolution to identify systemic credit reporting issues.  

2. Conduct Periodic Audits of the Accuracy of the Credit Reporting Process

Regulation V requires furnishers to implement reasonable written policies and procedures regarding the accuracy and integrity of the consumer information furnished to credit reporting agencies. The policies and procedures must be appropriate to the nature, size, complexity, and scope of the furnisher’s activities. Further, the Rule requires that the furnisher must periodically review and update the policies and procedures to ensure their continued effectiveness.  The recent CFPB consent order provides as follows:

“Respondent identified a number of the systemic issues causing the inaccuracies in a March 2013 audit, which found that the “[r]equired [Metro 2] fields are not always fully complete, accurate, or consistently reported,” and that the company lacked subject matter experts or a “process to ensure accuracy and integrity of data reported.” The audit also identified issues relating to the “[p]rocessing, monitoring, and tracking” of direct disputes between processing units, and that Respondent’s furnishing policies and procedures did not accurately reflect its practices.”

As set forth above, identifying issues that cause credit reporting inaccuracies through a periodic audit is only the first step to complying with the law.  A company must further retain “subject matter experts” to ensure the accuracy and integrity of the consumer data that it is furnishing to the credit reporting agencies.  

3. Invest Adequate Resources to Ensure Consumer Data is Accurate

In the recent CFPB consent order, the creditor did attempt to remedy the issues causing the reporting of inaccurate information, but the results of those attempts were insufficient:

“Respondent failed to appropriately assign ownership of furnishing-related processes within the company and to prioritize identified consumer reporting-related risks. 

It also underinvested in technology and monitoring, leading to the use of ineffective manual processes and systems with previously identified logic errors to furnish consumer information to CRAs for years.

Compounding the problem, Respondent delayed fixes for errors affecting Respondent’s DOFD reporting for nearly a year due to prioritization of allotted resources for the new credit furnishing system planned for release over the then-existing systems that were being replaced.

For example, many of Respondent’s procedures required manual inputs, such as manually calculating a consumer’s amount past due, late fees, and charge-off amounts, despite the size and complexity of the company’s furnishing activities reflected in part by the fact that Respondent furnished information across more than 2 million accounts per month across various lease and retail installment accounts.”

These sections of the CFPB consent order cited above provide specific guidance for how companies can avoid similar FCRA issues with the following steps:

1. Assign ownership of the credit reporting process to one person or team.
2. Prioritize credit reporting related risks.
3. Invest adequately in technology and upgrades for your credit reporting systems.
4. Do not rely on manual processes when servicing a large volume of consumer credit reporting accounts.
5. Immediately prioritize any issues involving the accuracy or integrity of consumer data and do not delay.  

——————————————–

[1] CFPB
Orders Hyundai to Pay $19 Million for Widespread Credit Reporting Failures |
Consumer Financial Protection Bureau (consumerfinance.gov)

[2] CFPB Takes Action Against Debt Collector for Pursuing Disputed and Unverified Cellphone Debts | Consumer Financial Protection Bureau (consumerfinance.gov)

This article is provided only as a general discussion of legal principles and ideas. Every situation is unique and must be reviewed by a licensed attorney to determine the appropriate application of the law to any particular fact scenario.  If you have a legal question, consult with an attorney. The reader of this publication will not rely upon anything herein as legal advice and will not substitute anything contained herein for obtaining legal advice from an attorney.  No attorney-client relationship is formed by the publication or reading of this document. Moss & Barnett assumes no liability for typographical or other errors contained herein or for changes in the law affecting anything discussed herein. 

DULUTH, GA – Crown Asset Management, LLC, a receivables management and purchasing firm near Atlanta, took some time out this summer for a company picnic and service awards ceremony to celebrate the talent and tenure of numerous dedicated employees. The team continues to show up and step up every day to help grow the business and enhance the culture with professionalism and can-do attitudes. 

Renewed Perspective 

Like so many teams, the Crown team gathered with a renewed appreciation for camaraderie with colleagues and a strong sense of commitment to enhancing the company that has continued to thrive and support stable careers despite the challenges impacting the industry. It was a privilege to enjoy a “CAM Family aka CAMily” Picnic together in person and recognize one another with service awards. 

Service awards were presented for 5, 10, and 15 years of service at the picnic and awards ceremony. Many employees were also recognized for additional CAM anniversaries aka “CAMiversaries.” Please join in recognizing the following employees for their hard work and dedication: 

15+ Year Awards                                                                                                                     

• 16 Years – Brad Dameron, VP of Information Technology
• 5 Years – Rochelle Kline, Controller

10+ Year Awards                                                                                                                     

• 11 Years – Linda Dameron, Director of Consumer Accounting                                                              
• 10 Years – Jessica Kagansky, SVP of Operations

5+ Year Awards                                                                                                                     

• 8 Years – Glen Grillo, VP of Operations
• 7 Years – Deb Tucker, VP of Audit & Compliance
• 6 Years – Lisa Waldrop, VP of Legal Services
• 6 Years – Scott Arnold, CFO
• 6 Years – Lana Taylor, Relationship Manager
• 6 Years – Carol Shaw, Senior Accountant
• 6 Years – Uvonda Brooks, Operations Support Specialist
• 5 Years – Sarah Pittman, Legal Services Manager
• 5 Years – Leah Ri, Manager of Financial Planning & Analysis
• 5 Years – Bekah Luebcke, VP of Operations
• 5 Years – Lisa Rozzelle, Relationship Manager

“We wouldnot be who we are, or where we are, without our determined and dedicated team. Working with such a talented group causes me to constantly remind myself how fortunate I am to have such an experienced and talented team here at CAM. I sincerely appreciate all they do to make CAM great.” said Brian Williams, CEO of Crown Asset Management. 

[article_ad]

To see photos of the event, view CAM’s post on LinkedIn here.

About Crown Asset Management, LLC

Founded in 2004, Crown Asset Management, LLC, is a professional receivables management firm that outsources purchased accounts to a nationwide, proprietary network of collection agencies and law firms. Utilizing a cutting-edge predictive analytical model during pre-purchase portfolio due diligence, their team focuses on achieving appropriate financial returns while ensuring the best possible experience for consumers. They are an RMAI Certified Receivables Business headquartered in Duluth, GA.

Please join Consumer Financial Services Partner Chris Willis and his guests and colleagues, Stefanie Jackman and Sarah Reise, as they discuss the intersection of fair lending with collections. They cover which types of processes relevant to third party debt collection could be subject to a fair lending review, the difference between disparate treatment and disparate impact, how the CFPB may review collection-related decisions, what a basic fair lending analysis may look like for collectors, the processes that are likely to be targeted for a fair lending review, and what collectors can do now to update their compliance management system and assess their operations to try and identify and mitigate potential fair lending issues.

Consumer Financial Services Partner Stefanie Jackman focuses a significant portion of her practice on providing compliance-related advice to her clients. She regularly counsels clients on conducting compliance assessments relating to their debt collection, credit reporting and dispute resolution processes, fair lending and underwriting, and vendor oversight, as well as the functionality of their overall compliance management system.

Sarah is counsel in the firm’s Consumer Financial Services Practice Group, where she represents clients in financial services and mortgage banking in cases involving all aspects of consumer financial services and products, including claims arising under state and federal lending statutes and consumer protection laws, such as the Fair Credit Reporting Act (FCRA), the Fair Debt Collections Practices Act (FDCPA), the Real Estate Settlement Procedures Act (RESPA), and the Truth in Lending Act (TILA).

In case you missed it, in a June 28, 2022, press release, the  Consumer Financial Protection Bureau (CFPB) announced it issued an interpretive rule (Rule) clarifying that states can police credit reporting markets. Within the Rule, the CFPB specifically encouraged states to target medical debt and tenant screenings. 

[article_ad]

In the CFPB’s view, the Fair Credit Reporting Act (FCRA) only preempts narrow categories of state law and does not preempt state laws that forbid certain information or other content from appearing in credit reports. The Rule included the following non-exhaustive list as examples of restrictions states may impose without conflicting with the FCRA: 

• Forbidding consumer reporting agencies or furnishes from including medical debt in a consumer report for a certain period after the debt was incurred.

• Prohibiting consumer reporting agencies from including information about a consumer’s eviction, retail arrears, or arrests on a consumer report. 

The CFPB noted that it clarified this topic in response to recent legal challenges claiming the FCRA preempts state consumer protection laws. Since the CFPB published this clarification as an interpretative rule, it was not required to provide a notice-and-comment period for interested parties to provide feedback. 

The Rule can be found in its entirety here. 

insideARM Perspective:

It is clear that the CFPB does not think the FCRA sufficiently protects consumers. However, rather than using any of its own authority to protect consumers, the CFPB has simply advised states that it won’t get in the way of state legislation. This stance is likely to result in a patchwork of various state laws which will be difficult if not impossible to meet simultaneously. Ultimately, giving states the green light to enact 50 different versions of credit reporting laws is going to create confusion and harm consumers.  

There are three takeaways that stick out after reading this Rule: 

1.  ARM entities that report medical debt to the credit bureaus may want to re-evaluate that strategy. The CFPB isn’t mincing its words: it does not think medical debt belongs on credit reports. 

2. Compliance departments should be fully staffed. Complying with state and federal laws simultaneously is getting more, not less, complex. Those that are understaffed will pay a price down the line. 

3.  Keep an eye on your state legislatures. If you see something brewing that the industry would want to know about, send it around (including to us at editor@insidearm.com!). 

Dispute volumes continue to exhaust dispute processing operations. Even highly proficient teams can be more efficient with a Disputes Case Management System (DCMS). Read on for the top four advantages of migrating to a DCMS.

Picture this…the next five disputes in queue are a mix of indirect and direct, which means two different applications. The disputes are for five different products, which means five different systems of record. Summary notes are captured in a different application, and customer correspondence sent from yet another application.

Confused yet?

[article_ad]

Welcome to the daily routine of a typical dispute specialist.

Because of the rinse and repeat nature of many disputes, your specialists may be highly proficient in navigating the tangled web of their day-to-day duties. But are they truly efficient?

Disputes Case Management Systems Smooth the Process and Build Efficiency

A robust disputes case management system helps untangle the growing web of inefficiency navigated daily by dispute specialists.

Let’s face it, dispute volumes are through the roof. Large furnishers are handling volumes in the tens of thousands every month (many of which are duplicates). Volumes for smaller furnishers are relatively significant as well.

Because of high dispute volumes and multiple disparate systems to navigate, your typical dispute specialist is a highly proficient worker who skillfully navigates green-screens and web-based applications alike.

Some refer to this constant multi-system navigation as the “swivel-chair effect.” Imagine if you could perform all the following dispute-related activities in one central location:

• Organize disputes into manageable queues
• Review direct and indirect disputes
• Consolidate duplicates
• View and analyze all relevant information from multiple systems of record
• Retain evidence of completing your “reasonable investigation”
• Summarize all activities taken
• Send correspondence to the customer
• Submit an AUD or ACDV

This all sounds appealing, but the real question is: how much more efficient could your specialists be with such a tool? It is impossible to definitively quantify but combining your specialist’s proficiency with DCMS efficiency is likely a tailor-made formula for success.

A DCMS Simplifies, Prioritizes, Eliminates Errors…and is Regulator Ready

Now for some of the specifics related to key pain points that a disputes case management system can eliminate.

Duplicates – Triplicates – Quadruplicates…

Ever get frustrated that your specialists must reply to the same verbatim dispute from the same customer multiple times in a month? Ideally, you would consolidate these disputes so that two, three or four responses turn into one. Consolidation significantly cuts down redundant, excess and unnecessary work. A DCMS can do just that.

Disputes are generally not responded to immediately upon receipt. So, a DCMS uses the time when disputes are waiting in queue to detect similar or duplicate disputes. Then, the DCMS consolidates them all into one case. When your dispute specialist works that case, they issue one response and close all related dispute cases at once.

Evidence – A Regulator’s Best Friend

If you have ever participated in a regulatory exam, you know how critical it is to be able to provide tangible evidence to the regulatory body. From a disputes perspective, you must provide copies of received disputes and system notes; and you need to show what the system of record looked like when the dispute was received. This applies to disputes where furnishing was accurate and inaccurate.

Generally, when regulators arrive to perform a historical lookback, they are looking for tangible evidence. The evidence validates what data was in a system at the time of a dispute compared against what was changed (if anything). A DCMS captures and retains this information, thereby making a regulatory data request a significantly simplified exercise to fulfill.

Queue Management – Prioritizing the Workday

While all disputes have the same response SLA, all disputes are certainly not created equal. Some disputes have higher sensitivity (e.g., ID theft). Some may take a bit longer to investigate (e.g., Mortgage COVID forbearances or purged accounts). And some may be “light touch” requiring a simple investigation (e.g., goodwill requests).

The ability to strategically prioritize and assign disputes, using many different attributes, will allow for efficiency gains. A DCMS can ingest all available data and dissect it based on your criteria (e.g., dispute code, product, system of record, dispute type). Logic rules can then be applied to create prioritized dispute queues so critical cases and those known to take longer are fast-tracked to specifically trained specialists.

Eliminate “Fat Finger” Errors

The speed at which dispute specialists constantly copy information from one place to another ultimately results in data entry errors. Many times, because they are working so quickly, mistakes go unnoticed, which ultimately results in updating a tradeline with more inaccurate information.

Imagine if all required information was populated with the click of a button and simply required a review for accuracy. This ability not only reduces time to complete a dispute but eliminates unnecessary data entry errors. A DCMS can load, copy, or transfer relevant data with the click of a button, eliminating the need for monotonous manual keying of data.

As you can see, a DCMS solves many of the challenges that disputes organizations encounter daily; but you must be willing to make the investment and configure the DCMS to work for your organization.

A DCMS will only be as effective as you are willing to make it. Remember that an under used or poorly configured DCMS can still drive inefficiencies in a dispute organization. Capitalize on your specialist’s proficiency today and deploy a DCMS into your organization, and truly become a model of efficiency in credit bureau dispute processing.

In a new advisory opinion, the CFPB addresses the Fair Credit Reporting Act’s permissible purpose requirement as it applies to both consumer reporting agencies and users of consumer reports.

Consumer reporting agencies. 

FCRA Section 604(a) enumerates the circumstances under which a consumer reporting agency (CRA) may provide a consumer report to a user.  These circumstances, set forth in Section 604(a)(3), include where the CRA has “reason to believe” that the user intends to use the report for one of the listed “permissible purposes.”  Such purposes include where the user “intends to use the information in connection with a credit transaction involving the consumer on whom the information is to be furnished and involving an extension of credit to, or review or collection of an account of, the consumer.”  Another permissible purpose is where the user “has a legitimate business need for the information…in connection with a business transaction that is initiated by the consumer or to review an account to determine whether the consumer continues to meet the terms of the account.”

The CFPB states that it interprets the permissible purposes identified in Section 604(a)(3) to be “consumer specific,” meaning that “they apply only with respect to the consumer who is the subject of the user’s request—and a consumer reporting company may not provide a consumer report to a user under FCRA section 604(a)(3) unless it has reason to believe that all of the consumer report information it includes pertains to the consumer who is the subject of the user’s request.”   In addition, a CRA may not provide a consumer report under Section 604(a)(3) “unless it has reason to believe that the user has a permissible purpose with respect to the consumer about whom the report is requested.”  This also means, according to the CFPB, that a CRA may not provide a consumer report under Section 604(a)(3) “unless it has reason to believe that all of the consumers report information it includes pertains to the consumer who is the subject of the user’s request.”

In November 2021, the CFPB issued an advisory opinion that affirmed that the use of “name-only matching” by consumer reporting agencies, including tenant and employment screening companies, did not satisfy the FCRA requirement for a CRA ”to follow reasonable procedures to assure maximum possible accuracy of the information concerning the individual about whom the [consumer] report relates.”  “Name-only matching” means the matching of information by a CRA to a particular consumer who is the subject of a consumer report based solely on whether the consumer’s first and last names are identical or similar to the first and last names associated with the information, without verifying the match using additional identifying information for the consumer.

In the new advisory opinion, the CFPB goes a step further and states that “the use of poor matching procedures, such as name-only matching, can lead to violations of the FCRA’s permissible purpose provisions.”  This is because a CRA using poor matching procedures “cannot rely on these procedures to form a reason to believe that all of the information it includes in a consumer report pertains to the consumer who is the subject of the user’s request.”  As an example, the CFPB describes a scenario in which a CRA that conducts a public records search using name-only matching identifies one or more individuals with the same name as the consumer who is the subject of the user’s request and, instead of taking additional steps to match the information to the specific consumer who is the subject of the request, provides the user with a report containing a possible match or list of possible matches.  According to the CFPB, in this scenario, the CRA has not formed a reason to believe that all of the information it includes in a consumer report pertains to the consumer who is the subject of the user’s request.  By including information that identifies (even if not by name) consumers who are possible matches and consumer report information about those consumers (such as information bearing on creditworthiness), the CRA has provided consumer reports about those consumers to a user that does not have a permissible purpose to obtain them.

The CFPB also addresses the use of disclaimers by CRAs using matching procedures to warn users that the information on a consumer report may not belong to the consumer who was the subject of the user’s request.  The CFPB states that a disclaimer “will not cure a failure to have a reason to believe that a user has a permissible purpose for a consumer report” and “will not change the fact that the consumer reporting company has failed to satisfy the requirements of 604(a)(3) and has provided a consumer report about a person lacking a permissible purpose with respect to that person.”

Users of consumer reports. 

Section 604(f) prohibits a person from using or obtaining a consumer report “unless…the consumer report is obtained for which the consumer report is authorized to be furnished under [FCRA Section 604]” and the purpose is certified in accordance with FCRA Section 607.   The CFPB states that it interprets Section 604(f) “to provide that consumer report users are strictly prohibited from using or obtaining consumer reports without a permissible purpose.”  The CFPB rejects the court decisions that have applied a “reason to believe” standard, stating that the plain language of Section 604(f) “clearly imposes a strict prohibition on using or obtaining a consumer report without a permissible purpose.”  The CFPB’s interpretation appears to raise the potential for users to be held liable for FCRA permissible purpose violations resulting from a CRA’s matching procedures or mistakes.  As a result, users will need to consider the impact of such potential liability on their selection and contractual relationships with CRAs.  Notably, users have routinely relied upon the “reason to believe” standard – which the CFPB rejected – to defend against claims by consumers that it was an identity thief that applied for credit and triggered the user to make the credit inquiry. 

Criminal penalties. 

In its background discussion, the CFPB highlights the potential for criminal liability arising from violations of the FCRA’s permissible purpose requirement.  FCRA Section 619 imposes criminal liability on “any person who knowingly and willfully obtains information on a consumer from a consumer reporting agency under false pretenses.”  Section 620 imposes criminal liability on “any officer or employee of a consumer reporting agency who knowingly and willfully provides information concerning an individual from the agency’s files to a person not authorized to receive that information.”  (Except for one criminal matter mentioned on the Department of Justice’s website, we are not aware of any FCRA criminal prosecutions.  The DOJ states that in 1998, it obtained the conviction of an individual in Colorado who had fraudulently obtained a credit report to use in a political campaign.)

On July 15, the California Department of Financial Protection and Innovation (DFPI) issued an invitation for comments on proposed additions to regulations implementing the Debt Collection Licensing Act (DCLA). According to the invitation, the new provisions pertain “to the scope, annual report, and document retention requirements of the DCLA.” For example, the proposed regulations define “original creditors” and propose to generally exclude them from licensure unless one or more of the following benchmarks applies:

The proposed regulations also exclude from licensure “person[s] solely servicing debts not in default on behalf of an original creditor[.]”

Additionally, the proposed regulations would:

• Add some definitional provisions, including one which defines what it means to “[e]ngage in the business of debt collection”;

• Exclude parent entities, subsidiaries, and affiliates from the statutory licensing exemption;

• Exclude various government bodies, health care-related entities, public utilities, and some entities operating under the Student Loan Servicing Act from licensure under the DCLA;

• Exclude from the definition of “consumer credit transactions” certain debts related to resident rent, HOAs, and health care;

• Require a signed attestation from a principal officer or sole proprietor of a licensee to the accuracy and completeness of the annual report;

• Clarify what information an annual report must contain regarding certain debtor accounts;

• Require, with some exclusions, records pertaining to contact or attempted contact with anyone associated with a debtor account, along with records pertaining to: (a) Employees; (b) Records required by other laws; (c) Accrued fees, interest, and charges; (d) Termination of collection efforts on an account; and (e) Complaints, responses, and supporting compliance documentation; and

• Require the above records be kept for seven years and outline how to calculate the retention period.

To review the full text of the proposed regulation, click here.

Comments, which may be submitted either by email or mail, must be submitted by Monday, August 29. For information regarding how and where to submit comments, review the DFPI’s invitation to comment by clicking here.