presented by matthew clark, esq., legal and compliance director agency compliance “update 2015”
TRANSCRIPT
Presented by Matthew Clark, Esq., Legal and Compliance Director
Agency Compliance
“Update 2015”
2
Creditors, Collection Agencies, Debt Buyers CFPB Compliance Management System Areas of Risk TCPA - cell phone calling violations FCRA – inaccurate credit bureau reporting
violations FDCPA – 3rd party disclosure and other violations Bankruptcy Stay Violations Identity Theft Adding Unauthorized Collection Fees New Technology: email, texting, social media Compliance Summary
Table of Contents
3
Regulated By Many Agencies
Industry Specific Public Utility Commission – PUC U.S. Department of Education, Higher Education Opportunity Act Health Insurance Portability and Accountability Act - HIPAA
State Fair Unfair Trade Practice Laws State Debt Collection Laws Local Attorneys
Federal Federal Trade Commission - FTC Fair Credit Reporting Act - FCRA Fair Debt Collection Practices Act - FDCPA Consumer Financial Protection Bureau – CFPB*
Creditors, Collection Agencies and Debt Buyers
AT&T Mobility to pay $45 million to settle
violation of the Telephone Consumer Protection Act (TCPA).
TeleCheck to Pay $3.5 Million for Fair Credit Reporting Act Violations
World's Largest Debt Collection Operation Settles FTC Charges, Will Pay $3.2 Million
Penalty
CFPB Orders Chase and JPMorgan Chase to Pay $309 Million Refund
CFPB Orders American Express to Pay $85 Million Refund to Consumers Harmed
CFPB Fines Sprint $105 Million
Capital One to pay $210 million in fines for misleading consumers
4
New Sheriff in Town A Force to Be Reckoned With!CFPB
5
Created in response to the financial meltdown of 2008 Prevent future financial crises Created a new federal agency - CFPB
Consumer Financial Protection Bureau (CFPB)
- Tasked with monitoring and responding to consumer complaints
- Has enforcement authority over creditors, debt collectors and rule-making authority under the FDCPA
- Office of Enforcement to provide periodic bulletins re: policies and priorities
6
CFPB expectations for compliance: Top down compliance – a meaningful commitment
from top level executives Clear policy statements regarding consumer
compliance Governed by agency-wide standards, policies and
procedures Compliance oversight should be independent from
business line; have sufficient resources and clear authority to identify and resolve compliance issues.
Consumer Financial Protection Bureau (CFPB)
7
Board of Directors oversight – one consistent voice from the top Ensuring compliance with consumer financial laws and regulations
and addressing and prevent associated risks of harm to consumers Sets policies, procedures, and standards to prevent violations and to
detect and prevent associated risks of harm to consumers Ensures that responsibilities for meeting legal requirements and
internal policies are incorporated into business processes Reviews processes for the identification of new regulatory
requirements, changes in requirements, and planning for implementation
Communicate compliance responsibilities to all employees Formal complaint process to assist consumers; provide timely and
appropriate response to consumer complaints Take corrective action; update tools, systems, and materials as
necessary
CFPB Compliance Management System
Create a Culture of Compliance
On Going Compliance initiative
One consistent message from the top
Promote a culture of compliance within the organization
Clear policy statements regarding consumer compliance
Governed by agency-wide standards, policies and procedures
8
CFPB Compliance Management System
9
Create Four Interdependent Control Components:1. BOD/Management Oversight2. Compliance Program
Policies and Procedures Training Monitoring Timely and appropriate corrective action
3. Response to consumer complaints4. Compliance Audit – Independent from
Operations
CFPB Compliance Management System
Role of ALL employees:
Act in compliance with all applicable laws and regulations
Follow all policies and procedures
Focus on excellent customer service
Generate fewer complaints and lawsuits
Generate a more positive image for other employees
Generate a more positive image for all clients
10
CFPB Compliance InitiativeA Culture of Compliance
TCPA prohibits using autodialer or prerecorded message to call a consumer‘s wireless phone without obtaining the prior express consent of consumer.
Okay to use autodialer if given prior consent of the cell phone subscriber to call the number (express consent)
Okay to use autodialer if the consumer knowingly released the number to the client and the client provided that number to agency (FCC/ implied consent)
Okay to manually dial cell phone number (collector can get express consent at inception of call)
Manual calls made without the use of an autodialer will not violate the TCPA.
11
TCPA (Telephone Consumer Protection Act)
Policies and Procedures should be in place to comply with the TCPA
Phone numbers provided by client upon placement are acknowledged in an identified field (implied express consent)
Phone numbers located through skip-tracing efforts are placed in a separate field (no prior express consent)
Utilize available technology (cell phone scrub) for unidentified skip-traced phone numbers
Manually dial cell numbers and request express permission at beginning of call
12
TCPA Policies & Procedures
Any business entity reporting consumer information to a credit reporting agency (CRA) is a data furnisher for purposes of FCRA.
A data furnisher must report accurate information and has a duty to
update or correct information previously reported. Data furnishers must establish and implement reasonable written
policies and procedures regarding the accuracy and integrity of consumer information provided to a CRA.
Consumers have a right to directly dispute inaccurate information in their consumer report with the furnisher of information.
13
FCRA (Fair Credit Reporting Act)
Agency is data furnisher under FCRA
Agency makes a good faith effort to determine the accuracy of all account information reported to the credit bureaus
- Agency policy-do not report if an account does not have a social security # in order to ensure proper reporting
- Agency policy-do not report skip traced data to the credit bureaus – this eliminates errors
Contacts the original creditor or other reliable source to verify accuracy and integrity of disputed information
Agency should have reasonable written policies and procedure to prevent such errors
14
FCRA Written Polices & Procedures
Purpose: to eliminate abusive debt collection practicesGoverns all communications regarding collection of consumer debtCommunications: the conveying of information regarding a debt directly or indirectly to any person through any mediumBroad definition is intended to encompass every possible means of communication regarding a debt
Conflicting Provisions of FDCPAVoicemails are first step in a process designed to communicate with debtor about a debt.
Applies to information conveyed directly or indirectly.
A voice message is a communication under the FDCPA
Agency must provide meaningful disclosure (identify agency and provide mini-Miranda
Agency must not disclose information regarding a debt to third parties (third party disclosure)
Leaving meaningful disclosure may cause a third party disclosure violation if someone other than consumer listens to the message.
15
FDCPA (Fair Debt Collections Practices Act)
Vendors must provide meaningful disclosure (identify agency and provide mini-Miranda)
Vendors must not disclose information regarding a debt to third parties (third party disclosure)
Vendors must remove phone number from system once consumer notifies we have reached the wrong party (wrong number contacts)
Falsely representing the character, amount or legal status of a debt (collecting debt included in automatic BK stay or discharged by an order of the BK court)
16
FDCPA
“This message is for [debtor name]. If we have reached the wrong number for this person, please call us at [phone #1] to remove your phone number. If you are not [debtor name], please hang up. If you are [debtor name], please continue to listen to this message. (pause for 3 seconds)
“[Debtor name], you should not listen to this message so that other people can hear it as it contains personal and private information. (Pause)
This is [collector name] from [ABC]Collection Agency. This is an attempt to collect a debt by a debt collector. Any information obtained will be used for that purpose. Please contact me about an important business matter at [phone #2]”.
17
ACA International Recommends Foti Compliant Message
18
1. Automatic stay prohibits almost all collection activity, including legal action, garnishment, and contact by phone or mail in an attempt to collect a debt.
2. Automatic stay is very broad and applies to nearly every attempt to collect on a pre-bankruptcy debt, there are a few exceptions where the automatic stay does not apply: some child support actions, some state and federal tax debts, debts incurred after the bankruptcy case was filed. It is important to know whether the automatic stay applies to the collection action.
3. If a collections attempts continue to collect violates the automatic stay, it may also violate other state or federal laws including:
State unfair trade practice laws Federal Fair Debt Collection Practices Act State fair debt collection practices laws, or Fair Credit Reporting Act.
Bankruptcy Stay Violation
Caveat: No fail safe course of action
Establish a bona fide error defense
- Violation must not be intentional
- Maintain procedures reasonably adapted to avoid such errors
Use ACA International’s recommended Foti-compliant message
Agency should have written policies and procedures prohibiting collectors from disclosing debts to third parties
19
FDCPA Agency Compliance
Industry leaders believe that the overall most important issue to be dealt with is privacy and security of data.
Identity theft means fraud committed or attempted using the personally identifiable information of another person without
authority.
Consumer‘s Identifiable Information: First, middle, or last name Date of Birth Address Telephone or wireless number Social Security Number Government issued identification number Maiden name Account number
20
Identity Theft
Agency should have reasonable written policies and procedures in place to detect, prevent and mitigate the risk of identity theft
Agency may adopted the ACA International Model Identity Theft Prevention Program
Training and employee awareness decrease internally caused breaches.
21
Identity Theft Written Policies & Procedures
22
The question: Can collection costs legally be added to a debt?
FDCPA, Section 808(1) forbids “the collection of any amount (including any interest, fee, charge or expense incidental to the principal obligation) unless such amount is expressly authorized by the agreement creating the debt or permitted by law.” This includes collection costs.
The answer: It is forbidden under FDCPA regulations unless…..
Such amount is expressly authorized by the agreement creating the debt or,
It is permitted by law
Laws evolve as court rulings, regulations and opinions are decided •
FDCPA Adding Unauthorized Collection Costs
23
The Federal Trade Commission (FTC) Official Staff Commentary says,
“A debt collector may attempt to collect a fee or charge in addition to the debt if either (a) the charge is expressly provided for in the contract creating the debt and the charge is not prohibited by state law, or (b) the contract is silent but the charge is otherwise expressly permitted by state law.”
“Conversely, a debt collector may not collect an additional amount if either (a) state law expressly prohibits collection of the amount or (b) the contract does not provide for collection of the amount and state law is silent.”
Can collection costs legally be added?
Benefits Money saved on letter printing costs & postage Speed of electronic communication Trend toward primary source of communication
Risks No current law on point Not secure Consent issues Disclosure requirements Risk of 3rd party disclosure
Compliance Communication – FDCPA applies Can’t misrepresent or communicate in a false or deceptive way Must obtain prior express consent Must provide required disclosures Risk of 3rd party disclosure
24
New Technology email, text, social media
Agency should have policies and procedures in place to address new technology and comply with current law
Trains and monitors collections staff for compliance
Keeps abreast of trends and latest developments in the law
25
New Technology
Agency Compliance
26
Steps to Ensure Compliance
Compliance Initiative/Customer Service Focus
On Going
Nation-wide call recording and speech analytics
National standardized training and auditing
Policies and Procedures implemented to prevent and/or mitigate risk
Bankruptcy (automated/manual)
Credit bureaus reporting (automated/manual)
Cell phone calling (automated/manual)
Adding authorized fees and costs (automated/client contract)
3rd party disclosure (automated/manual)
Wrong party contacts (automated/manual)
Client contracts – risk reduction plan
Thank You!Matthew Clark, Esq., Legal and Compliance [email protected]