Business & Litigation Insights

Financial Institutions & Consumer Protection Laws: How to Hit a Moving Target

Posted On Oct 08, 2014

Since the federal Consumer Financial Protection Bureau opened its doors in 2011, banks, credit card companies, mortgage companies and other financial institutions realize that every business decision may be scrutinized. The slightest deviation from the norm could subject them to the heavy hand of federal and state enforcers. The biggest trick is that “the norm” is a moving target – a moving target heading in the direction of more regulation and more government oversight.

How can financial institutions stay on top of legal developments and out of the crosshairs of enforcement agencies? With a host of state and federal laws and regulations impacting their business, compliance can be challenging. Below are a few tips to help financial institutions spot the latest legal vulnerabilities:

Make sure you have adequate disclosures.

Transparency is the name of the game. The more information you can disclose to consumers about your financial products – packaged in a way that is easily digestible to the average Joe – the better.  The CFPB notes that its vision is to achieve a marketplace where “customers can see prices and risks up front and where they can easily make product comparisons.” Financial institutions can use tools (and regularly seek legal advice) to ensure they are compliant with the disclosure requirements (including the federal Truth in Lending Act, the Dodd–Frank Wall Street Reform Act and the South Carolina Consumer Protection Code). But it is important, and would serve institutions well, to incorporate this part of the CFPB’s vision into their own business model. Banks will invariably get there, by individual choice or by regulatory fiat. They might as well adopt a policy of transparency to make it a competitive tool and legal shield.

Ensure the protection of consumer data.

A hot button item for state and federal agencies is the protection of consumer data. The Gramm-Leach-Bliley Act requires financial institutions to ensure the security and confidentiality of consumer information, including income data, credit history and Social Security numbers.  The Federal Trade Commission has instituted a Safeguards Rule, which requires financial institutions to have measures in place to keep consumer data secure. South Carolina’s Financial Identity Fraud and Identity Theft Protection Act also places requirements on business on how they collect, maintain and dispose of consumer data.  Financial institutions need to invest in robust systems to protect consumer data. They also need to institute policies to enforce data security internally and to be able to respond to security breaches. If data is compromised and an institution’s response is subpar, it can expect federal and state actions…not to mention likely consumer class actions.

Track the news

With the moving target of consumer protection laws, it is important for financial institutions to stay on top of the latest developments. They should consult periodically major enforcement agency websites, including the CFPB, the FTC and the South Carolina Department of Consumer Affairs. These agencies regularly post information on enforcement actions, settlements and compliance tips. Reviewing these sites can shed light on their areas of interest and what they consider responsible business conduct. With the moving target of consumer protection laws, it is paramount to keep informed.

In order to reduce the risk of potential run-ins with federal or state agencies, these financial institutions must make compliance a priority. The vulnerabilities identified here should be addressed; tomorrow’s vulnerabilities remain to be seen. But keeping on top of developments at the agency level can help institutions adopt successful proactive business strategies.