Posts filed under ‘Dodd-Frank Act’

CFPB Too Powerful: Federal Court Finds the Agency’s Structure is Unconstitutional

Written by: Lindsay Harden

Ever since the establishment of the Consumer Financial Protection Bureau (CFPB) in 2011, it has become what some argue is the most powerful federal agency in history. The Dodd-Frank Act not only established the CFPB, but transferred to it rulemaking authority previously held by seven different federal agencies, resulting in a significant concentration of power and giving the agency authority over nearly every type of financial product and service in the financial marketplace. Yesterday, that power was curtailed – to some extent – by the federal Court of Appeals for the D.C. Circuit.

In its opinion, the Court of Appeals noted that the Director of the CFPB, Richard Cordray, possesses more unilateral authority than any single commissioner or board member in any other independent agency in the U.S. government. The director alone decides what rules to issue, how to enforce those rules, when to enforce, against whom to enforce, and what sanctions and penalties to impose. Additionally, Dodd-Frank provided that the director can be removed only “for cause.” As a result, the director has an enormous amount of influence over American business, American consumers, and the overall U.S. economy, yet is accountable to no one – neither Congress nor the president.

The challenge the court considered was brought by PHH Corporation, a mortgage lender that argued the single-director model was unconstitutional and sought a shut-down of the entire agency. The court opted, however, for a more narrow approach, striking the phrase “for cause” from the Dodd-Frank provision concerning the grounds for removal of the agency’s director. Thus, the director can now be removed by the president at will; a solution, the court reasoned, that will provide the critical check on the agency which was previously lacking.

The court also made another important finding in its decision, related to whether CFPB administrative actions are limited by statutes of limitations. The agency has repeatedly argued in the past that its administrative enforcement actions are not subject to statutes of limitations, meaning that it could theoretically bring an administrative action based on conduct occurring at any time in the past. However, the court rejected this argument and held that CFPB enforcement actions, whether brought as administrative actions or in court, are subject to the applicable statutes of limitations found within the underlying consumer protection laws the agency enforces.

It is unclear whether this decision will prompt other, more material changes in the agency’s structural organization and regulatory approach. Although the director may now be removed at will, he still holds all the same rulemaking and enforcement power as before. For example, the CFPB administrative appeals process is still heavily weighted in the agency’s favor, as each action brought by the director initially must then be appealed to him before becoming eligible for judicial review.

Though the agency will not be going away in the near future, this change does provide some ability to manage the director’s extraordinary power, at least in the short term. An appeal to either the full D.C. Court of Appeals or to the U.S. Supreme Court is expected, which could (if the case is reversed) return the CFPB back to its status quo, with virtually unlimited power and influence.

For additional information on this case, please see our blog post.

November 4, 2016 at 8:00 am

CFPB Reissues Guidance on Supervised Bank and Non-Bank Relationship with Third-Party Service Providers

Written by:  George Sand

On October 31, 2016, the Bureau of Consumer Financial Protection (“CFPB”) reissued Bulletin 2012-03 (Service Providers) to clarify certain aspects of the risk management program for service providers. The intention behind the release is to clarify that appropriate risk management can be accomplished through giving flexibility to supervised entities.

The CFPB expects supervised banks and non-banks to properly provide oversight to their respective service providers to ensure compliance with Federal consumer financial law and to prevent consumer harm. Section 1002(26) of the Dodd-Frank Act (12 U.S.C. 5481(14)) defines a service provider as “any person that provides a material service to a covered person in connection with the offering or provision by such covered person of a consumer financial product or service.” The fact that a supervised bank or non-bank enters into a relationship with a service provider does not mean such bank or non-bank is absolved from liability for the service provider’s product. The supervised bank or non-bank may be liable for its service provider’s unfair, deceptive, or abusive acts or practices towards consumers. Circumstances triggering supervised bank or non-bank liability include a service provider’s unfamiliarity with legal requirements applicable to the product provided, inadequate efforts to implement such requirements carefully and effectively, and insufficient internal controls, among others. Title X authorizes CFPB to exercise enforcement authority over supervised service providers, which includes the ability of CFPB to examine supervised service provider operations on site.

Under the reissued bulletin, the CFPB clarifies that a supervised bank or non-bank risk management program may vary depending on the service being performed. Factors taken into consideration include the service’s size, scope, complexity, importance and potential for customer harm. The CFPB provides that supervised banks and non-banks should take the following steps with service providers:

  • Conduct a thorough due diligence to ensure service provider has the requisite knowledge and capacity to comply with Federal consumer financial law;
  • Review the service provider’s policies, procedures, internal controls, and training materials to ensure they provide for appropriate operations and oversight;
  • Draft contractual provisions with the service provider that provide “clear expectations about compliance, as well as appropriate and enforceable consequences for violating any compliance-related responsibilities, including engaging in unfair, deceptive, or abusive acts or practices”;
  • Establish internal controls and monitoring procedures for surveillance of the service provider to ensure service provider is abiding by Federal consumer financial law; and
  • “Promptly” react to identified problems, including terminating the relationship when necessary.

November 3, 2016 at 8:00 am

Does the Consumer Financial Protection Bureau Have Authority Over Your Business? Follow Along

The Consumer Financial Protection Bureau (CFPB) was created to enforce various consumer finance laws like the Equal Credit Opportunity Act, Fair Credit Reporting Act, Fair Debt Collection Practices Act, Home Mortgage Disclosure Act of 1975, and Truth in Lending Act. The CFPB has broad authority and it is getting broader. The bureau says it can regulate any “covered person” that offers or provides a consumer financial product or service. The CFPB Authority Flow Chart, created by Zane Gilmer, will help you determine whether you or your business is a “covered person” and can be regulated by the CFPB, and what the CFPB statutes actually have govern.

September 23, 2015 at 10:18 am

Are Some Banks Too Small to Comply?

The Commissioner of Florida’s Office of Financial Regulation thinks Dodd Frank’s one-size-fits-all approach to regulation is hurting banks and consumers.  Check out Commissioner Breakspear’s recent article on that very topic at the American Banker’s website by clicking here.



August 13, 2015 at 1:24 pm Leave a comment

Waiver of Privilege by Sharing Documents with the CFPB

On January 4, 2012, the Consumer Financial Protection Bureau (“CFPB”) issued a Bulletin declaring that, upon request, CFPB supervised institutions must disclose privileged materials to it, but those institutions need not fear waiver of privilege.  Despite the CFPB’s self-serving assurance that a waiver of privilege will not occur, it is important that officers and directors of CFPB supervised institutions have some understanding of the risk associated with producing privileged information to the CFPB.

Background Information

Financial institutions and their counsel have sought protection from disclosure by asserting one or more of the following privileges: (i) attorney-client privilege, (ii) work-product privilege, (iii) self-assessment privilege and (iv) accountant-client privilege.  When a privilege attaches, the materials and communications are generally immune from discovery unless the privilege has been waived.  A privilege may be waived in a number of ways, but it occurs most commonly when a client voluntarily discloses the privileged information to a third-party.  For financial institutions required to disclose materials to their regulators, the possibility that a court could waive the aforementioned privileges because of previous disclosures to their regulators caused concern among supervised institutions and their counsel. 

Federal Statute Enacted to Protect Privilege

To alleviate this concern, Congress enacted a Federal statute in 2006 that allows supervised institutions to submit privileged materials to their regulators without waiving privilege.  Specifically, 12 U.S.C. § 1828(x) states that:

[t]he submission of information to any Federal banking agency, State banking supervisor, or foreign banking authority for any purpose in the course of any supervisory or regulatory process of such agency, supervisor, or authority shall not be construed as waiving, destroying, or otherwise affecting any privilege such person may claim with respect to such information under Federal or State law as to any person or entity other than such agency, supervisor, or authority.

The term “Federal banking agency” is currently defined as “the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, or the Federal Deposit Insurance Corporation.”  12 U.S.C. § 1813(z).  Thus, as long as a disclosure is made to the OCC, Federal Reserve, or FDIC “for any purpose in the course of any supervisory or regulatory process,” the supervised institution will not waive any privilege attached to the disclosed materials.

The Dodd-Frank Act Creates Uncertainty

When Congress enacted the Wall Street Reform and Consumer Protection Act (“Dodd-Frank Act”), it did not amend the definition of “Federal banking agency” to include the CFPB. Without this statutory protection, depository institutions and their affiliates subject to examination by the CFPB are faced with a difficult decision when asked by the CFPB to produce privilege materials or communications: (i) produce the requested material and risk that a court in a future proceeding will hold that the disclosure waived the privilege and, as a result, compel the institutions to produce the privileged material in those proceedings, or (ii) refuse to produce the privileged material and face an enforcement action by the CFPB.   

The CFPB Bulletin

The Bulletin issued by the CFPB assures institutions that disclosure of privileged materials will not result in a waiver of privilege for two reasons: (i) the disclosure of privileged material would not be voluntary and, thus, could not waive privilege, and (ii) “Congress intended the [CFPB’s] examination authority to be equivalent to that of the prudential regulators” and, as such, the CFPB is authorized to receive information without effecting privilege to the same extent as the OCC, Federal Reserve and FDIC.  For these reasons, the CFPB declared that it will pursue all available remedies under 12 U.S.C. § 5565 if a CFPB supervised institution refuses to provide privileged information responsive to a CFPB supervisory request.

The Bulletin also explains that the CFPB recognizes the importance of this issue and “is prepared to take all reasonable and appropriate steps to assist supervised institutions in rebutting any claim that they have waived privileges by providing information to the [CFPB].”  Ultimately, while the Bulletin issued by the CFPB is helpful to CFPB supervised institutions and may reduce the risk of waiving privilege, the Bulletin is not a legal regulation, court decision or a substitute for an amendment to the Federal Deposit Insurance Act (“FDIA”) to expressly include the CFPB as a “Federal banking agency,” which would conclusively resolve the uncertainty.  

Courts may disagree with the CFPB’s analysis and conclusion

While courts have not directly addressed whether a disclosure of privileged material to the CFPB waives the privilege as to the same information in a subsequent civil case, the case law in similar contexts illustrates that a court could easily disagree with the CFPB’s Bulletin.  To predict how a court may rule, we look to the how courts have addressed this issue in the context of other federal agencies that, like the CFPB, do not have a statute explicitly protecting disclosure of privileged material.  A review of these decisions provides little comfort to CFPB supervised institutions as courts have reached inconsistent, even contradicting, results in their analysis of whether disclosure of privileged material to a federal agency waives privilege.  In fact, the majority rule articulated in Westinghouse Elec. Corp. v. Republic of the Philippines, 951 F.2d 1414 (3d Cir. 1991), holds that privilege is waived following disclosure of privileged data to federal agencies.

Going Forward

Officer and directors of CFPB supervised institutions need to understand that producing privileged documents to the CFPB could waive the institutions right to later assert privilege as to those documents.  Until the FDIA is amended to include the CFPB as a “Federal banking agency,” entities supervised by the CFPB must take proactive measures to protect the privilege in order to limit the possibility that a future court will deem the disclosure to the CFPB a waiver of privilege.  To respond to a request by the CFPB for materials, we recommend, at a minimum, the following:

  1. Immediately consult with your counsel to determine what response, if any, is appropriate in the circumstance;
  2. Request a written demand from the CFPB that (i) clearly identifies the privileged material, (ii) clarifies that the institution’s disclosure of the material is not voluntary, and (iii) clarifies that the disclosure is made in the course of the CFPB’s supervisory and examination powers; and

Require the CFPB to certify that it will treat the information confidentially and not disclose the privileged information to third parties without the consent of the supervised institution or a court order compelling the CFPB to produce the material.

March 12, 2012 at 10:36 pm Leave a comment

Older Posts

Enter your email address to follow this blog and receive notifications of new posts by email.

Produced & Maintained By

Stinson Leonard Street Logo


A legal resource for Banking & Financial Services


%d bloggers like this: