The U.S. Senate has passed H.R. 4014, a House bill that adds the Consumer Financial Protection Bureau (“CFPB” or “Bureau”) to the list of federal banking agencies with whom supervised entities may share information without effecting a waiver of the attorney-client privilege as to third-parties. President Obama is expected to sign the bill into law.

The bill, sponsored by Rep. Bill Huizenga of Michigan (R), is intended to address a perceived shortcoming in the original Dodd-Frank Act, which created the Bureau. Under Dodd-Frank, the new Bureau was given broad supervisory and enforcement powers over large swaths of the financial and credit services industries. The Act, however, did not provide – as is the case with other Prudential Regulators, including the Federal Reserve, the FDIC, and the Office of the Comptroller of the Currency (see 12 U.S.C. 1828(x)) – that the attorney-client privilege would not be waived when otherwise privileged information is shared by a supervised entity with the Bureau except with respect to its dealings with the Bureau.

The bill fixes this omission and adds the Bureau to the list of Prudential Regulators for whom the privilege is not waived as to material submitted in the course of any supervisory or regulatory process. Moreover, the Bureau can share the supervised entity’s privileged information with other Prudential Regulators without triggering a waiver of the supervised entity’s privilege except with respect to that Prudential Regulator. The law thus closes what many commentators and members of Congress felt was a loophole that would impede cooperation among supervised entities and the Bureau.

The Bureau had tried to address the omission through a bulletin it issued on January 4, 2012 (CFPB Bulletin 12-01) in which it stated that because its supervisory powers were equivalent to those of the Prudential Regulators, it had the power “to receive privileged information from supervised entities without effecting a waiver of privilege.” Due to the omission in the Act that created the Bureau, most commentators feared that the Bureau’s unilateral decree was insufficient to protect the privilege. Similarly, Congress expressed a preference for a statutory scheme to address inter-agency sharing of privileged material over any agency pronouncement or rule-making. See Congressional questioning of Raj Date, Deputy Director of the CFPB, on 7/19/12 before House Committee on Financial Services, Subcommittee on Financial Institutions and Consumer Credit.

In addition to adding the Bureau to the list of Prudential Regulators for the purpose of maintaining attorney-client privilege, the bill also adds the Bureau to a different statutory list (12 U.S.C. 1821(t)(2)(A)) of credit agencies among whom sharing of privileged information will not result in a waiver as to third-parties including the Farm Credit Administration, the Farm Credit System Insurance Corporation, the National Credit Union Administration, and the Federal Housing Finance Agency.

Though H.R. 4014 does close the gap as to sharing of information obtained through supervisory examinations and among government regulators, the law does not address a major concern of supervised entities – that material obtained through the course of an examination will be shared with the Bureau’s enforcement division and form the basis of an action. According to the Congressional summary of the bill, the provision prohibiting information gathered by the CFPB in its supervisory or regulatory capacity will not be construed as a waiver of privilege as to “any person or entity other than the CFPB…” (emphasis added). The concern as to the Bureau itself, and its two divisions, remains.