The Consumer Financial Protection Bureau (CFPB) has significantly changed the landscape of consumer protection in the financial services industry through a series of revisions to its review manual for Unfair, Deceptive and Abusive Acts and Practices (UDAAP) in under the Dodd-Frank Act (Dodd-Frank). With skillful drafting, the CFPB has expanded the scope of its enforcement and oversight authority by revising the definition of an “unfair” act or practice to include discrimination in any financial transaction involving products or services. of consumption. This expanded authority will allow the CFPB to reach out to discriminatory acts or practices far beyond the scope of traditional fair lending laws such as the Equal Credit Opportunity Act (ECOA), which is limited to the granting of credit. We summarize the new CFPB guidelines, describe the revised exam procedures, and offer suggestions for implementation.
Discrimination as injustice
The test for determining whether an act or practice is “unfair” according to Dodd-Frank is well established: (1) the act or practice causes or is likely to cause substantial harm to consumers; (2) consumers cannot reasonably avoid the harm; and (3) the harm is not outweighed by compensating benefits to consumers or competition. In its recently enacted revisions to the UDAAP exam manual, the CFPB has rather quietly incorporated discrimination as an “unfair” act or practice by clarifying the first two elements of the test. As noted in the manual, although significant harm is usually associated with pecuniary harm, required harm may involve “[f]loss of monetary benefits or denial of access to products or services,” or “injury to a dignitary,” resulting from discriminatory behavior or conduct. And while there may be instances where consumers have the means or mechanism to avoid injury, “[c]Consumers cannot reasonably avoid discrimination” or “harms of discrimination”. With these nuanced changes to the text of the UDAAP Examination Manual, the CFPB has opened up new and expanded horizons in its anti-discrimination efforts and authority.
The CFPB acknowledged its expanded authority in the area of prohibition of discrimination in the manual’s discussion of the relationship between the UDAAP and other consumer protection laws. “[A] a discriminatory act or practice that is unfair, deceptive or abusive may also violate other anti-discrimination laws, such as the ECOA. ” Conversely, “[a] a discriminatory act or practice is not immune to the possibility of being unfair, deceptive or abusive, even where fair lending laws do not apply to the conduct. The CFPB cited as an example of the latter case when an African American consumer is unable to open a deposit account. Again, without much fanfare, the CFPB made sweeping changes in the area of consumer protection for financial services institutions with relative ease.
The pre-existing review manual for the UDAAP directed reviewers to obtain and review an entity’s various documents, including written policies and procedures and various reports, and conduct transaction testing, if further investigation is warranted.
Now, in order to identify potential discriminatory acts or practices under the UDAAP’s expanded definition, the manual directs reviewers to obtain and review additional documents and information that entities can use, such as:
- Documentation regarding the use of models, algorithms and decision-making processes used in connection with consumer financial products and services.
- Information collected, maintained, or used regarding customer demographics, including customer demographics using various products or services, and breakdowns of consumer demographics for various product uses, fees, revenue streams and costs, or the impacts of various products and services on specific demographics.
- Any demographic research or analysis relating to the marketing or advertising of consumer financial products or services.
With this additional information collected, the manual asks examiners to determine whether the entity under investigation has a process in place to prevent discrimination with respect to any of its financial transactions involving products or consumer services, and whether it has an adequate compliance program. Accordingly, examiners are invited to assess whether the
- The entity has established policies and procedures to review, test, and monitor all decision-making processes it uses for potential UDAAP-related issues, including discrimination.
- The entity has established policies and procedures to mitigate potential UDAAP-related issues arising from the use of its decision-making processes, including discrimination.
- The entity’s policies, procedures and practices do not target or exclude consumers from products and services, or offer different terms and conditions in a discriminatory manner.
- The entity has appropriate training for customer service personnel to prevent discrimination.
Consistent with the additional objective of identifying discriminatory acts and practices, the updated handbook adds the following factors to consider when determining potential areas for transaction testing:
- The entity incorrectly gives inferior terms to one demographic group of customers compared to other demographic groups of customers.
- The entity inappropriately offers or provides more products or services to one customer demographic group than to other customer demographic groups.
- Customer service representatives treat customers of certain demographic groups inappropriately or provide additional support or exceptions to customers of certain demographic groups.
- The entity engages in targeted advertising or marketing in a discriminatory manner.
- The entity uses decision-making processes in its eligibility determinations, underwriting, pricing, services, or collections that result in discrimination.
- The entity does not assess and make the necessary adjustments and corrections to prevent discrimination.
When a reviewer decides to proceed with transaction testing, the updated manual provides additional review procedures to assess discriminatory acts or practices of an entity’s marketing and disclosures, advertising, credit availability , consumer interaction, and service and collection.
While these new guidelines will undoubtedly lead to significant changes in financial transactions related to consumer products and services, we anticipate that some aspects will be more influential than others. Notably absent from the new CFPB guidelines is a reference to protected classes or, alternatively, an authorized basis or safe harbor to differentiate consumers. Distinctions in treatment widely accepted among consumers may now not only invite scrutiny from the CFPB, but also result in supervisory or enforcement action. While the CFPB will likely apply ECOA precedent and related Fair Lending Guidelines when applying discrimination as an unfair practice, financial institutions will want to conduct risk assessments of any discrimination in products or services provided to consumers to ensure that they are based on clear criteria. and objective criteria, taking care to reduce or eliminate discretion wherever possible.
The new recognition by the CFPB of attacks on dignitaries is also likely to have a resounding impact on the industry. Organizations can consider partnering with experts in diversity, equity, inclusion and belonging or environment, social and governance (“ESG”) to better define the concept of outrages upon dignity in the context of their products and services. Given the challenges inherent in detecting and repairing this damage, preventive controls will likely be the key to effective risk mitigation.[View source.]