The Consumer Financial Protection Bureau (CFPB) was established by Title X of the Dodd-Frank Wall Street Reform and Consumer Protection Act (H.R. 4173), which was passed on July 21, 2010. The CFPB was created by the Dodd-Frank Act as part of a larger effort to supervise financial markets and to enforce federal consumer financial law.1 The CFPB has the dual mandate to help consumers understand their financial options by increasing the transparency of financial markets and to regulate the providers of consumer financial products and services.
Section 1021 of the Dodd-Frank Act assigns six main functions to the CFPB. The first three functions relate to consumer financial education and advocacy. The remaining three functions relate to financial market supervision, rulemaking, and enforcement. To fulfill its mandate to help consumers navigate financial markets, the Dodd-Frank Act requires the CFPB to provide clarification and financial education programs to inform consumers of the benefits and risks of various financial options. One such preliminary program by the CFPB is the “Know Before You Owe” campaign, which aims to help customers compare different mortgage and student loans. The CFPB must also collect, investigate, and respond to consumer complaints. To this end, the CFPB created a national consumer response center to take in consumer financial complaints and provide answers on common financial questions. In addition to addressing existing consumer complaints, the CFPB must also identify financial products and services that pose risks to consumers and prevent transparent market transactions.
To carry out its second mandate as regulator of consumer financial markets, the CFPB is required by the Dodd-Frank Act to act as the primary supervisor, rule maker, and enforcer of consumer protection laws governing depository and nondepository institutions with more than $10 billion in assets. Banks and nonbanks with less than $10 billion in assets must also comply with CFPB regulations, but their consumer financial products and services are supervised by prudential regulators, such as the Federal Reserve, the Federal Deposit Insurance Corporation (FDIC), or the National Credit Union Administration, rather than the CFPB directly.
The CFPB is funded by but is independent of the Federal Reserve. The director of the CFPB is appointed by the President and confirmed by the Senate and can hold office for five-year terms.2 The CFPB is split into six divisions: Consumer Education and Engagement; Supervision, Enforcement, Fair Lending, and Equal Opportunity; Research, Markets, and Regulations; General Counsel; External Affairs; and Chief Operating Officer. As the primary regulator of financial products and services, the CFPB has been transferred all the consumer protection powers of the seven federal agencies: the FDIC; the Federal Reserve; the Federal Trade Commission; HUD; the Office of the Comptroller of the Currency; the Office of Thrift Supervision; and the National Credit Union Administration.
The CFPB has broad rulemaking and enforcement authority over consumer financial products and services provided by certain bank and nonbank entities. Financial products and services that fall under the jurisdiction of the CFPB include, but are not limited to, the following credit, savings, and payment activities: extending credit and loans, such as student loans, credit card loans, payday loans, auto loans, and mortgages; brokering leases; real estate settlements; deposit-taking; issuing financial and payment instruments; checking transactions; financial data processing and tailored advisory services; debt collection; and foreclosures.
Although the CFPB has wide-ranging authority, it is constrained by existing state and federal regulators. While the CFPB is the primary regulator of these financial products and services, it must work with state and other federal prudential regulators to obtain examination reports whenever possible. The CFPB is required to coordinate information and enforcement activities with the Federal Trade Commission (FTC) by Section 1024 of the Dodd-Frank Act. The CFPB and the FTC released a joint memorandum of understanding on January 23, 2012, which explains that they will coordinate their actions and consult with each other by holding regular meetings regarding consumer complaints, rulemaking, investigations, and law enforcement activities. The CFPB and the FTC will also hold joint training sessions when possible and share computer databases to avoid duplicating each other’s actions.
Section 1027 of the Dodd-Frank Act details the limitations of the CFPB. The CFPB does not have authority over entities that are already regulated by the Securities and Exchange Commission (SEC), the Commodity Futures Trading Commission, the Farm Credit Administration, a state securities commission, or a state insurance regulator. In addition, the Financial Stability Council can overturn CFPB rules if it believes them to be detrimental to the financial system. The CFPB also does not have authority over attorneys and insurance companies and cannot set usury limits.
On October 13, 2011, the CFPB released its “Supervision and Examination Manual,” which details how it will examine bank and nonbank institutions to detect risks to consumers and assess adherence to federal consumer financial laws. The CFPB will examine a combination of quantitative and qualitative data, including, but not limited to, the amount of a company’s assets, the company’s risk profile, the volume of consumer financial transactions, customer complaints, and the extent of oversight by other state and federal regulators. The examination process can be split into the three phases outlined below:
Possible penalties that the CFPB may enforce include, but are not limited to, rescinding contracts, restitution, return of property, public notification of the violation, and monetary penalties. In regard to monetary penalties, the CFPB can impose penalties up to $1 million per day for purposely violating consumer financial law. Furthermore, depending on the nature of the violation, the CFPB may also pass the findings on to the appropriate regulatory agencies (e.g., the Internal Revenue Service) or the courts (e.g., the Department of Justice).
The CFPB amendment to Regulation E of the Electronic Fund Transfer Act (77; Federal Register; pp. 6194-6200) became effective February 7, 2012. The amendment protects consumers when sending funds — such as remittance transfers — abroad by requiring the transferring agency to fully disclose the cost of the transfer, the amount delivered to the recipient, and the date it is available. Consumers will also have 30 minutes after payment to cancel a transfer.
On February 15, 2012, the CFPB finalized the amendment to Regulation C of the Home Mortgage Disclosure Act (HMDA) (77; Federal Register; pp. 8721-22). Prior to the change, HMDA regulations required mortgage lenders with over $40 million in assets to provide regulators and the public with annual reports on their mortgage activities. The CFPB has increased the exception threshold to $41 million in order to reflect the increase in the consumer price index.
In addition to already enacted regulation, the CFPB has proposed numerous other regulatory efforts. On February 16, 2012, the CFPB published a proposal on how to define large nonbank financial participants (77, Federal Register pp. 9592-9608). The CFPB proposed this rule because of its regulatory duty under the Dodd-Frank Act to regulate “larger participants” in the nonbank financial market.4 The proposal focuses specifically on defining larger participants in the consumer debt collection and credit reporting markets. The proposal states that a consumer debt collection agency will be considered a large participant if it has annual receipts of more than $10 million and a consumer reporting agency if it has annual receipts of more than $7 million. Within nonbank financial markets, the Dodd-Frank Act authorizes the CFPB to regulate nonbanks of all sizes in the mortgage, payday lending, and private student loan markets. However, the CFPB’s authority is restricted to “larger participants” in other consumer financial markets. The CFPB will release the initial rule no later than July 21, 2012.
On April 10, 2012, the CFPB released mortgage lending rules that it is considering for proposal. The rules aim to improve mortgage providers’ transparency and accountability. To facilitate transparency, the proposal would require mortgage companies to provide consumers with clear monthly statements that show the account balance; allocation of payments to principal, interest, and escrow; the due date and amount of the next payment; recent transactions; and late fee warnings. Mortgage providers are also required to notify borrowers before changing the interest rate, imposing additional fees, or enrolling the borrower in expensive “force-placed” property insurance. The providers must explain how the changes affect the borrower’s account and provide a list of alternatives if the borrower is unable to afford the new monthly payments. The provider is also required to communicate with delinquent borrowers and inform them about their options for avoiding foreclosure. To increase mortgage providers’ accountability, the proposal requires providers to immediately credit the consumer account on the day the payment is made, keep records current and accessible to the borrower, address consumer concerns about errors within five days, conclude investigations into errors within 30 days, and provide access to foreclosure prevention help. The CFPB expects to release the notice of proposed rulemaking this summer and finalize it by January 2013.
On January 17, 2012, the FDIC adopted a final rule that requires insured depository institutions with $50 billion or more in total assets to submit an annual resolution plan to the FDIC. In the event of the institution’s failure, the resolution plan will act as a living will and help the FDIC to ensure that depositors receive access to their deposits within one business day of the institution’s failure, maximize the value of the sale or disposition of the institution’s assets, and minimize the amount of loss to the institution’s creditors.
The rule became effective April 1, 2012, and applies to both U.S. banks and non-U.S. banks in the U.S. with over $50 billion in assets. The largest institutions, defined as those with more than $250 billion in assets, must submit plans by July 1, 2012. Institutions with $100 billion or more in assets must submit plans by July 1, 2013. The remaining institutions must develop plans by the end of 2013.
On February 28, 2012, the SEC and the Commodities Futures Trading Commission (CFTC) jointly proposed new policies and procedures to help protect investors from identity theft. Under the proposal, SEC- and CFTC-regulated entities must adopt a written program to identify, detect, and respond appropriately to red flags associated with identity theft.