Is a Foreclosure Crisis Looming in Our Nation’s Capital?

Is a Foreclosure Crisis Looming in Our Nation’s Capital?The District of Columbia Court of Appeals recently sent a new set of shockwaves through the mortgage industry in the nation’s capital when it released its decision in Andrea Liu v. U.S. Bank National Association. Having held over three years ago that condominium associations have “super-priority” liens for unpaid assessments and can wipe out first mortgages by foreclosing on those liens, the Liu decision went an unexpected step farther: An association’s foreclosure would wipe out the first mortgage even if the association expressly stated that it intended for the foreclosure to be held subject to that mortgage. Secured lenders who thought they might have dodged the bullet now find themselves fighting for the validity of their security interests.

In 2014, the D.C. Court of Appeals issued its decision in Chase Plaza Condominium Ass’n v. JPMorgan Chase Bank, N.A., which addressed the effect of a condominium association’s foreclosure sale in the District of Columbia. The Chase Plaza court explained that D.C. Code § 42-1903.13 entitled a condominium association to foreclose and then apply the sale proceeds first to the six months of assessments considered a “super-priority” lien under D.C. law. Moreover, the court reasoned that because the super-priority lien had seniority over a lender’s first mortgage on the same property, the association’s foreclosure would wipe out that mortgage. If the sales proceeds were insufficient to pay the outstanding balance of the mortgage, then the secured lender would be left with a potentially hefty unsecured debt.

In light of the uncertainty regarding the interpretation of D.C. Code § 42-1903.13, condominium associations wishing to foreclose on a unit had developed a practice of expressly indicating that the property would be sold at a foreclosure sale subject to the lender’s mortgage. In Liu, for example, the advertisements of sale, the memorandum of sale to Ms. Liu, and the deed of trust all specified that the condominium association sale was made subject to the first deed of trust. Thus, the secured lender argued that it was “abundantly clear” that Ms. Liu purchased the property subject to its lien.

The Court of Appeals rejected that argument based on a somewhat surprising reading of D.C. Code § 42-1903.13. The court explained that D.C. Code § 42-1901.07 prevented parties from varying the terms of a condominium association super-priority lien sale by agreement. Based on that reasoning, the Liu court held that notwithstanding the repeated, express representations made by the association indicating that the first mortgage would survive the association’s foreclosure sale, Ms. Liu bought the property free and clear of the first mortgage (for a sales price representing a tiny fraction of the property’s market value).

The practical impact of the Liu court’s holding is that a condominium association’s sale, even if made explicitly subject to a first deed of trust, might not be actually subject to that deed of trust. Secured lenders who have reasonably relied on express representations made by an association that their lien interests would remain intact have suddenly learned that their reliance might have been misplaced.

The D.C. condominium association sale statute was amended in April 2017 to require parties to specify at the outset whether a sale would be a super-priority sale that extinguished all other liens, or a sale for more than the super-priority amount that would be subject to a first deed of trust. For sales prior to that date, however, the Liu decision adds a significant amount of uncertainty. It appears that pre-2017 condominium association sales might now be treated as extinguishing first deeds of trust, even if all parties thought otherwise.

The Liu decision creates an enormous amount of uncertainty as to the enforceability of pre-foreclosure mortgages and whether such mortgages survived condominium association foreclosure sales. It is certainly within the realm of possibility that condominium sale purchasers will now claim that they own their property outright, causing a new wave of litigation in the District of Columbia. Lenders with security interests on D.C. condominiums will be closely watching to see if the D.C. Court of Appeals accepts en banc review of the Liu decision, hopefully to prevent a new wave of uncertainty and litigation.

Federal Reserve Proposes Modifications to Its Supervisory Appeals Process and Ombudsman Policy

On Tuesday, February 27, 2018, the Federal Reserve proposed to modify its guidelines and processes that institutions may rely upon to appeal an adverse material supervisory determination. The proposal also seeks to modify the Federal Reserve’s policy for its Ombudsman. Comments regarding the proposals will be accepted through April 30, 2018.

Federal Reserve Proposes Modifications to Its Supervisory Appeals Process and Ombudsman PolicyAppeals Process

The Federal Reserve’s proposal is “designed to improve and expedite the appeals process.” Specifically, the proposal would remove one of the existing three levels of appeal. The proposed two-tiered framework would require that an initial review panel first consider an entity’s appeal request, and, if the entity continues to have concerns, a final review could be requested.

The initial review panel would be comprised of three Reserve Bank employees and an attorney that would advise the panel on its responsibilities. Those four individuals (1) must not have been substantively involved in any matter at issue in the appeal, (2) cannot report directly or indirectly to anyone who made the initial supervisory determination, (3) must not be employed by the Reserve Bank that made the initial supervisory determination, and (4) must have experience relevant to the issue at hand in the review. The initial review panel would be required to approach the review as if no determination had previously been made, and would be permitted to consider any relevant materials submitted by the institution and the Federal Reserve staff.

The final review panel would be comprised primarily of Federal Reserve Board staff. It would include at least two Federal Reserve Board employees, at least one of whom must be an associate director or hold a higher position. The Federal Reserve Board’s general counsel would also appoint an attorney to advise the panel on its responsibilities. The four individuals (1) must not be employed by the Reserve Bank that made the initial supervisory determination, (2) cannot report directly or indirectly to anyone who made the initial supervisory determination, (3) must not have been members of the initial review panel, and (4) must not have been personally consulted on the issue being appealed or provided guidance on how the issue should be resolved during a prior review. The final review panel would consider whether the initial review panel’s determination was “reasonable and supported by a preponderance of the evidence in the record,” and would not be permitted to review new information that was not in the record. The final review panel’s decision would be made public “[i]n order to maximize transparency.”

The Federal Reserve notes that it welcomes comments on all aspects of the proposal related to the appeals process, but specifically notes that it is seeking comments on:

  • The proposed standards of review for the initial and final review panels;
  • The nature and composition of the initial and final review panels;
  • The record that each of the review panels may consider during an appeal; and
  • The proposed appeal timelines.

Ombudsman Policy

The Federal Reserve’s release notes that the Ombudsman currently “is the initial recipient of all complaints pertaining to the supervisory process, which may include an appeal request.” The proposal would formalize that and would also allow the Ombudsman to attend an appeal hearing or deliberation if requested by the appealing institution or the Federal Reserve staff. The Ombudsman’s role at a hearing or deliberation would be as an observer.

The Federal Reserve is also proposing to make the Ombudsman the decision-maker with respect to claims of retaliation resulting from a supervisory appeal. Finally, the proposal would emphasize within the Ombudsman policy that the Ombudsman is available to facilitate the informal resolution of concerns related to supervisory determinations so as to avoid having to utilize the formal appeals process.

The Federal Reserve is seeking comment on all aspects of the proposed Ombudsman policy modifications.

Five Privacy Practices Every Company Should Address in the Wake of the FTC’s Enforcement Action against PayPal

Five Privacy Practices Every Company Should Address in the Wake of the FTC’s Enforcement Action against PayPalPrivacy is serious business. This was made clear in the Federal Trade Commission’s (FTC) recent announcement that it had settled its complaint against Venmo, PayPal’s peer-to-peer payment service, for misrepresentations to consumers regarding privacy and security settings. Although the terms of the settlement do not become final until approval by the FTC on or about March 29 (after the conclusion of a public comment period), there are at least five important lessons and practices that every company should take stock of now.

1. Review Your Security Safeguards

The FTC focused on representations made by Venmo that it utilized “bank grade security systems and data encryption” to protect transactions and safeguard against unauthorized access to financial information. To highlight how far Venmo’s security was from “bank grade,” the FTC singled out specific safeguards that Venmo did not undertake. For example, the FTC cited Venmo’s failure to provide consumers with security notifications regarding changes to account settings (i.e. changes to password or email address or addition of new device), Venmo’s failure to maintain adequate customer support capabilities, and Venmo’s lack of urgency in responding to reports of unauthorized transactions.

It is clear that the FTC considers notifications to consumers when there is a change to their account settings or potential unauthorized access a basic security measure. As a result, companies would be well suited to review their privacy practices to ensure that these notifications are included as part of their security program safeguards. Additionally, companies should consider reviewing their customer support capabilities and employee training to appropriately respond to consumer inquiries and timely escalate reports of unauthorized transactions or access to information.

2. Fully Compliant Privacy Notices Are Mandatory

The FTC also found that Venmo was in violation of the Gramm-Leach-Bliley Act (GLBA) by failing to implement safeguards to protect consumer data and failing to deliver adequate privacy notices. The FTC focused on Venmo’s failure to adequately disclose the steps required to make a transaction private (rather than publicly available on Venmo’s news feed), failure to notify users of security changes to customer accounts resulting in fraudulent activity being missed as explained above, a failure to have a written information security program prior to August 2014, and failure to implement safeguards to protect the security, confidentiality, and integrity of consumer data until March 2015. In settling with the FTC, PayPal has consented to incurring the cost of biennial third-party assessments of Venmo for the next 10 years to ensure that Venmo is no longer misrepresenting, and is, in fact, affirmatively disclosing its privacy and security settings to consumers.

The FTC expects companies to be privacy compliant and transparent with customers. Even where companies have basic GBLA notices, if the form of the notice is less than clear, the notice is inadequate. For example, the FTC cited Venmo for failing to have a “clear and conspicuous” initial privacy notice because Venmo used “grey text on a light grey background.” Likewise, the FTC alleged that Venmo failed to deliver the initial privacy notice because Venmo did not require customers to acknowledge receipt of an initial privacy notice as a necessary step to obtaining a particular financial product or service. These costly issues could be avoided by a privacy-focused “best practices” review.

3. Privacy and Security Practices Must Address Reasonably Foreseeable Risks

Another takeaway from the Venmo settlement is a recent list of consumer tips issued by the FTC that relates to the overlap between consumer expectation and regulator focus. Consumers expect transactions in the digital age to be both instant and private. As companies jockey to meet these expectations and beat their competitors out for business and market share, regulators are watching closely to make sure companies are not cutting corners. The rise of social network advertising and the development of new ways to provide services can be beneficial to profits and open the market up to new types of consumers and transactions. However, in the race to innovatively meet consumer service expectations, companies should not lose sight of how terms of use and privacy and security settings are portrayed. Consumers truly want it all, and omissions and misrepresentations by companies won’t be tolerated.

Not only did the FTC broadly condemn Venmo for failing to comply with GLBA, but it raised specific examples of non-compliance that make clear that the FTC expects companies to have a thoughtful and well-reasoned privacy notice. The FTC cited Venmo for failing to “assess reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of consumer information.” It is clear from the FTC’s complaint against, and settlement with, Venmo that companies must thoroughly assess their security practices, strategize reasonably foreseeable risks, implement appropriate security measures, and be transparent with consumers on security practices and processes. As a result, it is prudent that companies conduct an assessment of their privacy and security practices, identify gaps, and create corrective action plans to comply with regulatory obligations and expectations.

4. Privacy Settings and Opt-Out Options Must Be Clearly Disclosed to Consumers

In line with its focus on enforcing consumer expectations, the FTC further targeted Venmo over its confusing opt-out settings. In its complaint, the FTC alleges that Venmo required consumers change not one but two default settings under two different menus in order to keep information private. Even if the consumer set one setting to the highest level of privacy, failure to change both settings would ‘override’ the consumer’s clear request to keep information private, and the dual opt-out requirement was not made clear to consumers. The FTC took issue with Venmo’s failure to clearly inform consumers on the existence of these privacy settings, failure to provide clear instructions on how to use the settings, and Venmo’s policy relating to treatment of private information when the two settings had a discrepancy.

Given the FTC’s focus on clear disclosures and consumer education, companies should consider reviewing their practices to ensure that the least sophisticated consumer can (1) easily determine how to protect his personal information and (2) still meaningfully utilize the requisite technology to receive the desired product or service.

5. Technology Can Increase Privacy, but Its Use Comes with an Obligation to Inform the Consumer of the Benefits and Risks of the Technology Used

Increasing privacy protections by incorporating multi-factor authentication, fingerprint recognition, and the ability to opt-out of and modify data sharing is one step in the right direction of increasing privacy. Nonetheless, one of the easiest ways a company can run afoul of regulators is by failing to understand or acknowledge not only the benefits of innovative services and technology, but most importantly, the areas which are still developing. Only by informing themselves can companies adequately inform consumers.

The FTC clearly advises companies: “Customers appreciate choices, but they need to understand what they are choosing. If you provide privacy options, make it straightforward for consumers to select options that best match their privacy preferences—and then honor their choices.”

In seeking to avoid similar regulatory actions, and increasingly common data privacy litigation, companies should take a clear look at these five privacy areas and implement appropriate compliance measures.

Supreme Court Narrowly Interprets “Whistleblower” under Dodd-Frank, Foreclosing Protections for Those Who Fail to Report Issues to SEC

Supreme Court Narrowly Interprets “Whistleblower” under Dodd-Frank, Foreclosing Protections for Those Who Fail to Report Issues to SECThe Supreme Court has resolved a circuit split on whether Dodd-Frank’s whistleblower protections apply only to employees who report their concerns to the Securities and Exchange Commission (SEC). On Wednesday, in Digital Realty Trust, Inc. v. Somers, the Supreme Court ruled 9-0 in favor of limiting the Dodd-Frank Act’s definition of whistleblower to those who report their allegations to the SEC, thus excluding from whistleblower protection individuals who report their complaints internally. The issue before the Supreme Court was the language of Dodd-Frank, which defines “whistleblower” as “any individual who provides . . . information relating to a violation of the securities laws to the Commission, in a manner established . . . by the Commission” (15 U.S.C. § 78u-6(a)(6)).

The refrain of the opinion is that a would-be whistleblower must “tell the SEC” in order to benefit from Dodd-Frank’s anti-retaliation provision. It’s always notable when all nine justices agree, and here the Supreme Court relied on the unambiguous, clear, and conclusive language of the statute to hold that anti-retaliation protection does not apply unless and until the SEC is notified of alleged securities law violations. Despite urging from the Solicitor General to expand the whistleblower definition for anti-retaliation purposes, the Supreme Court held that anti-retaliation protection does not extend to an individual who has not reported a violation of securities law to the SEC. The decision reversed the Ninth Circuit and resolved a circuit split. The Fifth Circuit had previously held that employees are required to provide information to the SEC to take advantage of Dodd-Frank’s anti-retaliation safeguard, while the Second and Ninth Circuits extended Dodd-Frank remedies to employees who reported alleged wrongdoing only to their employers.

The Supreme Court emphasized that the holding is consistent with the purpose of Dodd-Frank, the “core objective” of which is to motivate people to tell the SEC about violations of securities laws. The Supreme Court acknowledged that giving the statute its plain-text reading “shields fewer individuals from retaliation than the alternative,” but again emphasized that Dodd-Frank’s main goal is to incentivize reporting alleged violations to the SEC.

Time will tell whether the Supreme Court’s ruling will affect the number of whistleblower actions. The decision is limited to the Dodd-Frank whistleblower statute involving securities laws and does not affect the numerous other whistleblower protection statutes. As an illustration, the Supreme Court distinguished actions under the Consumer Financial Protection Bureau’s (CFPB) jurisdiction and noted that the CFPB whistleblower-protection statute permits a covered employee to provide information to an employer, the CFPB, or a local, state, or federal government authority or law enforcement agency.  Accordingly, in the CFPB context, whistleblower protection still applies when a covered employee reports alleged misconduct solely to their employer.

Fourth Circuit Asked to Rule on Whether Mortgage Retroactively Incorporates Federal Servicing Requirements

Fourth Circuit Asked to Rule on Whether Mortgage Retroactively Incorporates Federal Servicing RequirementsA recent appeal to the Fourth Circuit may shed light on whether Virginia borrowers can assert federal mortgage servicing requirements as a defense to foreclosure when the mortgage instrument pre-dates the federal requirement. In Stansbury v. Federal National Mortgage Association, borrower Hollie Stansbury argues that a 2011 consent order between her mortgage servicer and the Office of the Comptroller of Currency was incorporated into the mortgage contract as a condition precedent to foreclosure. The lender has contested this claim in part by arguing that because the 2006 deed of trust predates the consent order, the parties to the mortgage could not have intended to incorporate the consent order’s requirements as a limitation to foreclosure. A decision on these competing arguments may bring clarity to the effect of a 2016 decision by the Virginia Supreme Court addressing the potential for incorporation arguments similar to Stansbury’s.

In Parrish v. Federal National Mortgage Association, the Virginia Supreme Court held that the trial court lacked jurisdiction to hear a post-foreclosure eviction action where the borrower raised a bona fide dispute as to the validity of the foreclosure. The borrowers in Parrish alleged that their deed of trust incorporated federal loss mitigation rules as a condition precedent to foreclosure and asserted that the loan servicer violated those regulations. Without addressing the merits of these allegations, the Supreme Court found that they were sufficient to raise a bona fide question as to the lender’s title to the foreclosed property.

After Parrish, some borrowers have argued that federal servicing standards are incorporated as a condition precedent to foreclosure through provisions in many deeds of trust stating that the parties’ rights are subject to federal law. In Stansbury, the U.S. District Court rejected the borrower’s claim that a 2011 consent order was so incorporated. In its August 31, 2017, ruling, the District Court held that the deed of trust’s governing law provision applied only to laws in existence at the time of the contract and did not incorporate a future consent order. The borrower has appealed the case to the Fourth Circuit.

The Stansbury appeal places the issue of retroactive incorporation before the Fourth Circuit. In her brief, Stansbury argues that the governing law provision must be applied to the law in existence at the time of foreclosure. In contrast, the lender’s brief argues that the provision applies only to the laws contemplated by the parties at the time they entered the mortgage contract. Because a substantial number of foreclosures involve deeds of trust executed prior to Dodd-Frank and other significant regulatory changes, lenders and servicers may be expected to keep a close watch on the outcome.

Two Opportunities for Student Loan Companies to Speak Up

Two Opportunities for Student Loan Companies to Speak UpTwo recent requests from lawmakers have provided student loan servicers and originators the opportunity to comment on hot-button issues for the industry:

  • The CFPB issued a Request for Information last week, seeking comments and information “to assist in assessing the overall efficiency and effectiveness of its supervision program and whether any changes to the program would be appropriate.” The comment period will open when the RFI is published in the Federal Register, expected February 20. In light of the supervision program’s past involvement with the industry, student loan servicers and industry groups should consider taking this opportunity to speak up.

    This RFI is the most recent in a series of RFIs from the Bureau, with more to come in the next couple of months. Stay tuned for RFIs related to complaint reporting, rulemaking processes, consumer inquiries, and more.

  • Also last week, Chairman Lamar Alexander and Ranking Member Patty Murray of the Senate Health, Education, Labor, and Pensions (HELP) Committee requested comments and suggestions on the Committee’s reauthorization of the Higher Education Act (HEA). While it is by no means certain that we will see an HEA reauthorization passed this year, HELP Committee leadership remains focused on the issue. Senator Alexander released a white paper on his vision for the HEA earlier this month, expressing concern about taxpayer exposure to defaults on federal student loans. The HEA reauthorization will have a potentially huge effect on the student loan industry. Comments to the Committee may be submitted to by Friday, February 23.

SEC Encourages Advisors to Self-Report Fiduciary Violations by June 12, 2018

SEC Encourages Advisors to Self-Report Fiduciary Violations by June 12, 2018The SEC announced a self-reporting initiative for investment advisors who admit violations of the federal securities laws relating to certain mutual fund share class election issues while promptly returning money to harmed investors. The initiative is entitled the “Share Class Selection Disclosure Initiative” and is focused on those advisors who have put clients into high-fee mutual fund classes when a less expensive share class for the same fund was available and appropriate. If the advisor self-reports and returns money to the harmed investor, the SEC’s enforcement division will not recommend civil penalties against the advisor.

The initiative highlights the SEC’s focus on the conflict of interest that is created when an advisor receives compensation for selecting a more expensive fund share class when a less expensive share class for the same fund is available. The SEC notes this conflict of interest must be disclosed to the investor. To be eligible for the self-reporting initiative, investment advisors must notify the division of enforcement of their intent to self-report no later than June 12, 2018.

Small Lenders May Get Relief from New Home Mortgage Disclosure Act Reporting Requirements

Small Lenders May Get Relief from New Home Mortgage Disclosure Act Reporting Requirements

On January 18, 2018, the House gave small lenders a late Christmas present when it passed H.R. 2954 known as the Home Mortgage Disclosure Adjustment Act. The act amends the existing Home Mortgage Disclosure Act (HMDA) by easing the regulatory burden on small lenders. By way of background, HMDA imposes additional reporting requirements on regulated entities that became effective this month. More specifically, HMDA requires banks and credit unions to collect 48 additional data fields on any mortgage loan they originate and to report that data to the CFPB. This additional regulatory burden will increase transaction costs and processing time for obtaining a home mortgage and impose unique burdens on small lenders that lack the existing infrastructure and processes to effectively capture and communicate the additional data sets.

The Home Mortgage Disclosure Adjustment Act attempts to ameliorate this disproportionate impact by exempting (a) small lenders, such as community banks and credit unions, which originate less than 500 closed-end mortgage loans in each of the two preceding calendar years, and (b) those that originate less than 500 open-end lines of credit in each of the two preceding calendar years. Bradley will continue to monitor the progress of the act as it moves through the Senate.

In Case You Missed It: Justice Department Banks on False Claims Act Enforcement Again in 2017

In Case You Missed It: Justice Department Banks on False Claims Act Enforcement Again in 2017The Justice Department and a veritable army of whistleblowers’ counsel continue to use the False Claims Act (FCA) to bring suits against banks and mortgage companies. In 2017 alone, the Department of Justice obtained $543 million in FCA settlements and judgments from the financial services industry.

To keep you informed on the status of the law, Bradley’s Government Enforcement and Investigations Practice Group is pleased to present the 2017 FCA Year in Review, our annual review of significant FCA cases, developments, and trends. Longtime readers of our Year in Review will notice that it has a new look and improved functionality, making it an easy-to-read, printable resource, as well as a convenient and searchable digital tool.

Five Years Later: Five Takeaways From the Bulletin That Rocked the Auto Finance Industry

Five Years Later: Five Takeaways From the Bulletin That Rocked the Auto Finance IndustryIn 2013, the Consumer Financial Protection Bureau (CFPB) issued a bulletin on indirect auto lending that took the industry by storm. As we approach the five-year anniversary of the memo’s issuance, it’s valuable to reflect on how the bulletin was received, how the auto finance industry has changed since the bulletin and subsequent CFPB actions, and how the industry and regulators can learn from the experience to improve their efforts to remove discrimination from the car buying experience.

CFPB Bulletin 2013-02, Indirect Auto Lending and Compliance With the Equal Credit Opportunity Act, was the CFPB’s first public foray into regulating the auto finance industry. In the bulletin, the CFPB articulated the agency’s concerns over dealer markup incentives that could result in auto finance companies participating in discriminatory lending practices that violated ECOA.

The bulletin included allegations of discriminatory practices at the lender and dealership level and suggested a number of potential compliance solutions that auto finance companies could implement to reduce the risk of violating ECOA. Since that time, the CFPB has added nonbank auto finance companies to its list of regulated larger market participants, auto finance companies have reached settlements with the CFPB related to fair lending practices, and the U.S. Government Accountability Office (GAO) has concluded that the bulletin was a rulemaking that should have been subject to the Congressional Review Act.

Below are five takeaways that have emerged since the bulletin was issued.

1. Reaction from the auto industry was swift – many participants were stunned and irate.

The industry felt blindsided when the CFPB issued the bulletin without much warning. Many nonbank auto finance companies had not historically had relationships with federal regulators and thought the auto industry was going to largely get a pass from the CFPB after auto dealers had specifically been exempted from the CFPB’s oversight in the Dodd-Frank Act. Worst of all, many industry participants interpreted the bulletin as the CFPB accusing them of either having race-based lending policies or associating with auto dealers who profit by exploiting borrowers’ race or ethnicity.

The bulletin speculated about perceived problems in the industry and, unlike the CFPB’s Supervisory Highlights, did not point to hard examples of fair lending abuses occurring at dealerships or auto finance companies. For this reason, many industry participants felt that the CFPB was denouncing an entire industry without an adequate evidentiary basis.

While the CFPB initially had the authority to investigate nonbank auto finance companies through enforcement, it lacked supervisory authority over nonbank larger market participants until 2015. Thus, the CFPB relied on anecdotes, enforcement investigations and market research as the basis for the bulletin.

The bulletin served as the opening salvo between the CFPB and the auto finance industry. Rather than begin with an olive branch, this bulletin served as a shot across the bow.

2. Incentives that do not align with a consumer’s interest have and will continue to carry a high degree of regulatory risk.

If there is one theme that unifies post-financial crisis regulation, it is that regulators will heavily scrutinize any arrangement that results in a provider’s incentives not being aligned with consumers’ interest. In regulating the markets for retirement account counseling, securities trading, mortgage origination, depository account management and auto finance, regulators have adhered to the principle that companies should not be making greater profits by offering less favorable terms and services to consumers.

While the auto finance bulletin did not ban dealer reserve outright, the bulletin caused auto finance companies to reconsider how they structured dealer compensation programs. Even if future CFPB administrations do not enforce the auto finance bulletin, aggrieved consumers and their attorneys now have a roadmap for identifying discriminatory lending practices and bringing lawsuits to challenge them. Auto finance companies are more cognizant today about how their dealer compensation programs are structured, and that is unlikely to change regardless of the CFPB’s future regulatory direction.

3. Vendor management became a staple of auto finance companies’ compliance management systems.

Prior to the CFPB’s entry into auto finance regulation, auto finance companies were surely careful to consider dealers with whom they partnered based on traditional business metrics like profit margin, sales volume, geographic location and reputation. In the aftermath of the CFPB bulletin, however, auto finance companies added new criteria to evaluate dealers that wanted to join their lending network.

Auto finance companies have more closely scrutinized dealers’ compliance with fair lending laws as well as those dealers’ culture and cohesion with the auto finance company’s own policies and procedures. As a result, auto financiers have cut ties with certain dealers and other dealers have changed their markup practices to fall in line with the heightened expectations of auto finance companies and the CFPB.

While the CFPB bulletin did not result in widespread adoption of a flat fee compensation model for auto dealers, the bulletin’s lasting legacy may be that auto finance companies developed more stringent policies that dealers must follow to receive financing for consumers.

4. Statistical modeling is an imperfect solution to eliminating discrimination in auto financing.

The CFPB’s reliance on statistical modeling to identify discriminatory practices was perhaps the most frequently criticized element of its approach to regulating the auto finance industry. Since auto dealers are prohibited from collecting race and ethnicity data from consumers, the CFPB had to rely on statistical models based largely on surnames to identify occasions where credit decisions appeared to have been made based on illegal race-based criteria.

To the industry statisticians who understood the statistical model’s underpinnings, the model appeared to be flawed. And the many other industry participants who did not understand the underlying algorithms felt it fundamentally unfair to implicate a company for discriminatory lending practices based on a statistical model that the company did not have access to and did not use in underwriting decisions.

As the CFPB reached large settlements with lenders, the industry took note and lenders began to adopt statistical models to identify fair lending risks within their own institutions. While the CFPB may have relied too heavily on a statistical modeling approach, industry participants walked away with a compliance tool that allows them to identify potential fair lending abuses during compliance audits and dealership due diligence reviews.

5. Fair lending is a cause best served by industry and regulators working together.

It was perhaps the CFPB’s delivery, rather than the content itself, that caused the industry to recoil so emphatically against the bulletin. The CFPB did not hold a public forum on auto finance until eight months after issuing the bulletin.

Given the industry’s reaction to the bulletin, the CFPB would likely have been better off reversing the order of those events and gathering feedback from industry participants prior to issuing industry-altering guidance. At the same time, in the aftermath of the bulletin, the industry was best served by those companies and industry advocates that reacted to the bulletin by respectfully articulating to the CFPB the nature of the industry and how the overwhelming number of participants in the industry shared the CFPB’s goal of consumer protection and disdain for discriminatory practices.

The Next Five Years

Moving forward, auto finance companies that are directly or indirectly regulated by the CFPB will have the opportunity to engage with the Bureau to explain their business models and how compliance and fair lending are essential parts of their companies’ culture. The CFPB recently announced it will be issuing requests for information regarding numerous aspects of the agency’s approach to regulation. In light of this announcement, the time is right for the auto finance industry to collect its thoughts on the CFPB’s past five years of regulation and on how the industry wants this relationship to evolve.

The fate of the bulletin itself is not clear in the aftermath of the GAO’s conclusion that the bulletin constituted a rulemaking subject to the CRA. Whether the new CFPB administration or Congress will take action to amend or rescind the bulletin remains to be seen.

What is clear is that there is still a concern that fair lending abuses remain in the auto industry. A consumer advocacy group recently released a study that highlighted incidents of discrimination at the dealership level.

Whether the CFPB, emerging state-level actors or private practitioners are holding the handle, there will continue to be a magnifying glass on fair lending practices in the auto industry. Industry participants should continue to develop strong policies and procedures related to fair lending compliance, dealer incentives and service provider oversight to avoid becoming the subject of an enforcement action or consumer litigation and to ensure that all consumers are treated fairly when attempting to finance automobile purchases.