September 28, 2020

Volume X, Number 272

September 25, 2020

Subscribe to Latest Legal News and Analysis

CFPB Issues Compliance Bulletin On Confidentiality of Supervisory Information

On January 27, 2015, the Consumer Financial Protection Bureau (“CFPB”) issued a compliance bulletin reminding supervised financial institutions (including large depository institutions, credit unions and their affiliates, certain nonbanks, and service providers) of existing regulatory requirements regarding confidential supervisory information.  In this article we (i) explain the definition of confidential supervisory information; (ii) discuss exceptions to the non-disclosure rule; and (iii) offer tips for ensuring compliance.

Under the CFPB’s regulations, “confidential supervisory information” is broadly defined to include the following non-public documents: (i) reports of examination and inspections of a financial institution; (ii) documents prepared by, or on behalf of, or for the use of the CFPB or any other Federal, State, or foreign government agency in the exercise of supervisory authority over a financial institution; (iii) communications between the CFPB and a supervised financial institution or a Federal, State, or foreign government agency related to the CFPB’s supervision of the institution; and/or (iv) information provided to the CFPB by a financial institution to enable the CFPB to monitor potential risks to consumers in the offering or provision of consumer financial products or services, or to assess whether an institution should be considered a covered person.  For example, any workpapers or other documentation prepared during a CFPB examination, any request for information by the CFPB and a supervised financial institution’s responses thereto, and supervisory action by the CFPB and any related submissions and correspondence would all be considered confidential supervisory information.

Confidential supervisory information may only be shared with: (i) a supervised financial institution’s affiliates; (ii) the officers, directors, and employees of a supervised financial institution (and/or its affiliates) if that information is relevant to those individual’s duties; and (iii) a supervised financial institution’s accountant, legal counsel, consultant, or service provider.  In all other instances, a supervised financial institution may only disclose confidential supervisory information to a third party upon the prior written approval of the Associate Director for Supervision, Enforcement and Fair Lending.

The bulletin clarifies that a non-disclosure agreement (“NDA”) with a third party does not alter the legal restrictions on the disclosure of confidential supervisory information.  Nor does an NDA impact the CFPB’s authority to obtain information from covered persons and service providers in the exercise of the CFPB’s supervisory authority.

To facilitate compliance with the confidentiality restrictions applicable to confidential supervisory information, a supervised financial institution should consider developing clear policies and procedures which: (i) ensure that all confidential supervisory information is appropriately labelled and segregated from regular business documents and records; (ii) establish safeguards to guarantee that only those with a legitimate need to review confidential supervisory information are given access to those materials; and (iii) develop a training regimen for employees on the categories of documents that qualify as confidential supervisory information, including instruction that the disclosure of confidential supervisory information to third parties is generally prohibited by the CFPB.

Copyright © 2020, Sheppard Mullin Richter & Hampton LLP.National Law Review, Volume V, Number 82


About this Author

Alejandro Moreno, Attorney, Sheppard Mullin,  Business Trial Practice

Mr. Moreno is an associate in the Business Trial Practice Group in the firm's San Diego office.

Areas of Practice

Mr. Moreno practices general business and commercial litigation in both state and federal courts. He has experience handling matters in a diverse array of industries, including the banking and finance, mortgage, hospitality, technology and telecommunications, energy and extraction, and pharmaceutical industries. He is also experienced in the law of receivership and has actively managed the legal affairs of businesses placed into receivership. He...

Brian Farrell, business trial attorney, Sheppard Mullin, law firm

Mr. Farrell is an associate in the Business Trial Practice Group in the Firm's Orange County office.

Areas of Practice

  • Business Litigation: breach of contract; unfair business practices; business torts; trade secrets; shareholder disputes.

  • Lender Liability: borrower-initiated class action claims; mortgage litigation; contested foreclosures; Truth-In-Lending Act; Real Estate Settlement Procedures Act; CFPB Servicing Regulations; California Homeowners' Bill of Rights.

  • Creditors' Rights: commercial foreclosures; enforcement of guarantees; adversarial actions arising out of bankruptcy claims.

  • Labor and Employment: wage and hour class action claims; wrongful termination.

  • Healthcare: challenging implementation and enforcement of HHS regulatory scheme.

  • Appellate: prosecuted appeals in the California Courts of Appeal and in the Fifth, Ninth, Tenth, and D.C. Circuit Courts of Appeals. Filed petition for writ of certiorari in United States Supreme Court.