Last week, the FDIC published its Consumer Compliance Supervisory Highlights that provides observations about its consumer compliance supervision activities in 2018. Importantly, the highlights include anonymized 2018 exam findings regarding violations of consumer protection laws and other information to help financial institutions stay abreast of issues and trends identified during exams and assist them in mitigating potential risks.
The FDIC’s findings should be carefully reviewed not only by banks subject to FDIC supervision but also by banks and other businesses supervised by other regulators who might raise similar issues.
The FDIC’s anonymized exam findings include:
Overdraft Programs. FDIC examiners observed potential UDAPs when institutions using an available balance method assessed more overdraft fees than were appropriate based on the consumer’s actual spending or when institutions did not adequately describe how the available balance method works in connection with overdrafts.
The CFPB identified a similar overdraft issue within its Winter 2015 Supervisory Highlights, describing “deceptive practices relating to the disclosure of overdraft processing logic” where institutions had charged overdraft fees on electronic transactions “in a manner inconsistent with the overall net impression created by the disclosures.”
Risk Mitigant: The FDIC recommends that financial institutions (1) should provide clear and conspicuous disclosures about potential overdraft fees in connection with use of the available balance method so that consumers can understand when overdraft fees will be assessed and make informed decisions to avoid the assessment of such fees; and (2) when using the available balance method, ensure that any transaction authorized against a positive available balance does not incur an overdraft fee, even if the transaction later settles against a negative available balance.
Real Estate Settlement Procedures Act (“RESPA”) Section 8 Violations. The FDIC identified RESPA violations involving alleged payments of illegal kickbacks, disguised as above-market payments for lead generation, marketing services, and office space or desk rentals. The FDIC found that certain arrangements, structured as marketing and advertising agreements, were actually disguised payments for referrals of mortgage business where the amounts paid greatly exceeded the applicable fair market value.
The CFPB has similarly articulated concerns with such arrangements, including in its Bulletin 2015-05.
Risk Mitigant: The FDIC recommends a variety of ways to mitigate risk, including:
Providing training to executives, senior management, as well as staff responsible for and involved in mortgage lending operations;
Performing due diligence when considering new third-party relationships or hiring any individuals employed at or under contract to the bank that generate leads or identify prospective mortgage borrowers; and
Reviewing applicable law, guidance, and statements from regulatory agencies and authorities on RESPA Section 8.
Regulation E – Mistakes Made in the Consumer Liability/Error Resolution Process. The FDIC described several Regulation E violations, including: (1) misapplying the timing requirements to determine a consumer’s liability regarding unauthorized transactions not involving an access device, such as electronic debits through the ACH system (banks were misinterpreting the 60-day time frame from the transmission of the periodic statement during which the consumer is not responsible for the authorized debits); (2) failing to promptly start investigations when notified of a potential error (banks had failed to investigate consumer error claims promptly upon receipt of oral notification, erroneously delaying investigation until receipt of a written confirmation of an alleged error); (3) discouraging the filing of error resolution requests (banks had implemented onerous requirements, such as requiring consumers to visit a branch or file a police report to submit the error resolution request, which had a “chilling effect” and may have unfairly discouraged consumers from asserting their rights under Regulation E; and (4) not providing notice upon completion of an investigation (banks had either not provided the written notice pursuant to the regulation or had not included all of the required information). (The CFPB has frequently noted similar findings of Regulation E violations.)
Risk Mitigant: The FDIC recommends that financial institutions should maintain tracking logs covering the various timing requirements to ensure compliance with Regulation E’s requirements from the time an error is alleged to the time an investigation is completed, and train new staff and conduct periodic refresher training for existing staff to ensure that personnel understand Regulation E requirements.
Skip-A-Payment Loan Programs. Skip-A-Payment, or deferment, programs provide consumers with the ability to skip a loan payment. While the FDIC’s statement that such programs “may provide temporary financial relief to consumers” suggests it generally views such programs favorably, the FDIC nevertheless found instances where institutions (1) failed to adequately disclose that enrollment in a Skip-A-Payment program would lead to paying additional interest over the life of the loan and a larger final payment; (2) failed to disclose that the Skip-A-Payment offer did not affect real estate borrowers’ escrow payment obligations, resulting in some consumers incurring escrow shortages or deficiencies; and (3) assessed late fees for the month in which the payment was skipped.
Risk Mitigant: The FDIC recommends that financial institutions offering such programs should (1) provide consumers with clear and adequate disclosures that explain how the program works and the program’s potential impact on a consumer’s loan; (2) clearly define customer eligibility criteria; (3) provide training to staff in advance of launching the program; and (4) set monitoring protocols to ensure compliance with bank policies.
Lines of Credit – Finance Charge Calculation and Disclosure. The FDIC identified instances in which institutions did not accurately calculate or properly disclose finance charges or APRs on periodic statements, resulting in understated finance charges and APRs for loans that exceeded the permitted tolerances under Regulation Z.
Risk Mitigant: Though the FDIC does not include specific recommendations, we recommend that companies include testing of finance charges and APRs on periodic statements and agreements within regular compliance and audit processes to ensure the accuracy of relevant calculations and that disclosures are properly provided to consumers and to detect any ongoing systemic programming changes that may result in calculation or disclosure errors.