InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Tenant screening company subject to FHA
On July 26, a federal judge in the U.S. District Court for the District of Massachusetts ruled that a tenant screening algorithm is subject to the Fair Housing Act, including the FHA's ban on racial discrimination in housing. The court held that even though the company is not itself is not a landlord, as property owners allegedly relied solely on the company's decisions to deny prospective renters' applications, the company was effectively granting it authority to make housing decisions.
Plaintiffs alleged in an amended complaint that a tenant-screening service operated by the defendants violated the Fair Housing Act, 42 U.S.C. § 3604 and Massachusetts anti-discrimination and consumer protection laws. The Plaintiffs claimed that the services discriminate against holders of rental vouchers and applicants of certain races and income classes, in violation of the FHA, resulting in less housing availability, less favorable terms and conditions in rental agreements, and discriminatory provision of services in connection with housing, in each case based on race and national origin.
Defendants, in their respective motions to dismiss, argued that the FHA does not apply to a tenant-screening service, such as the defendant, because the service does not “make housing decisions.” In denying the motion to dismiss on this count, the court reasoned that the FHA provisions do not limit liability to people or entities that “make housing decisions” but rather “focuses on prohibited acts,” and reiterated that the Supreme Court has already held that “language of the Act is broad and inclusive.” The court observed that while housing providers are the typical target of FHA claims, other entities are often held liable under the Act. The court reasoned that the application of the FHA “beyond direct housing providers” is a “logical extension[] which effectuate[s] the purpose of the FHA,” as “a housing provider could simply use an intermediary to take discriminatory and prohibited actions on its behalf and defeat the purpose of the FHA.”
Massachusetts antidiscrimination laws, among other things, make it unlawful to discriminate in the “terms, conditions, or privileges” of the sale or rental of housing or provision of such services “to aid, abet, incite, compel or coerce the doing of any of the acts forbidden under this chapter,” which includes Sections 4(6) and 4(10). Plaintiffs allege that the discriminatory rental application process was facilitated by the tenant score produced by the defendants. The court held that the chapter is construed broadly and reiterated the Massachusetts Supreme Court finding that defendants who play a role in the tenant selection process may be held liable under certain sections even if they only “aid[ed] or abet[ted]” a violation of Section 4(10). As such, the court held that the plaintiff’s claims for disparate impact discrimination for race or source of income under both FHA and Massachusetts antidiscrimination laws were sufficient to survive the motion to dismiss.
Agencies update guidance on liquidity risks and contingency planning
On July 28, the OCC, FDIC, NCUA and Fed issued an addendum to the Interagency Policy Statement on Funding and Liquidity Risk Management, issued in 2010. The update on liquidity risks and contingency planning emphasizes that depository institutions should regularly evaluate and update their contingency funding plans, referencing the unprecedented deposit outflows resulting from the early 2023 bank failures. According to the addendum, depository institutions should assess the stability of their funding, keep a range of funding sources, and regularly test any contingency borrowing lines in order to prepare staff in the case of adverse circumstances. Additionally, the addendum states that if contingency funding arrangements include discount windows, the depository institutions should ensure they can borrow from the discount window by (i) establishing borrowing arrangements; (ii) confirming that collateral is available to borrow in an appropriate amount; (iii) conduct small value transactions regularly to create familiarity with discount window operations; (iv) establish familiarity with the pledging process for collateral types; and (v) be aware that pre-pledging collateral can be useful in case liquidity needs arise quickly. The agencies also state that federal and state-chartered credit unions can access the Central Liquidity Facility, which provides a contingent federally sourced backup liquidity where a credit union’s liquidity and market funding sources prove inadequate.
Biden Administration to improve small business loan program
On August 1, the SBA announced implementation of additional policies aimed at expanding small business’ access to capital by modernizing SBA’s signature 7(a) and 504 Loan Programs. The new simplified guidelines for lenders include updated origination policies and procedures, lender participation requirements, and 7(a) loan servicing and liquidation requirements. SBA has also clarified affiliation standards to effectively communicate who qualifies for SBA loans, will use technology updates to bring eligibility determinations in-house, and will also use advanced data analytics and third-party data checks for fraud review on all loan programs before approval.
The following three SBA SOPs took effect on August 1, bringing many of the new policies into practice:
- SOP 50 10 7: Lender and Development Company Loan Programs: Contains SBA’s policies and procedures governing the 7(a) and 504 loan programs.
- SOP 50 56: Lender participation requirements: Contains the criteria for becoming an SBA Lender.
- SOP 50 57: 7(a) Loan Servicing and Liquidation: Contains the policies and procedures for 7(a) loan servicing and liquidation.
Finally, the SBA will begin accepting the Universal Purchase Package, a new feature that is expected to streamline the process for lenders to request SBA honor its loan guaranty. SBA will also introduce new features in E-TRAN, SBA’s online platform used by lenders to upload loan applications.
Biden Administration, agencies take action to protect renters
On July 27, the Biden administration released a fact sheet detailing new actions to develop the Blueprint for a Renters Bill of Rights, which was rolled out early this year (covered by InfoBytes here). The three new actions aim to support renters by (i) “ensuring all renters have an opportunity to address incorrect tenant screening reports”; (ii) “providing new funding to support tenant organizing efforts”; and (iii) “ensuring that renters are given fair notice in advance of eviction.” Additionally, the CFPB, USDA, FHFA, and HUD concurrently released statements aimed at landlords, reminding them of “best practices” and their obligation to inform tenants of their rights.
FHFA published Director Sandra L. Thompson’s statement on “best practices” for the delivery of adverse action notices to renters by GSE-backed multifamily housing borrowers. Referencing research showing that tenant screening reports often contain imprecise or inaccurate information, Director Thompson “strongly encouraged” borrowers who deny a rental application to provide written adverse action notices to the applicants and a copy of any consumer screening report that was relied upon. FHFA’s guidance is based on the FCRA’s requirement that landlords and property managers inform rental applicants of negative information from a consumer screening report that resulted in their rental application being rejected or another unfavorable outcome.
The CFPB posted a blog entry that emphasized landlords’ obligation under the FCRA adverse action notice requirement, which mandates that landlords who take any action against a current or prospective tenant based on a consumer report notify the tenant of the decision and how they can contact the company that created the report. The Bureau advised that renters have the right to review their rental background check report and to dispute information they believe to be inaccurate and encouraged tenants to obtain a free copy of the report from the company that compiled it and dispute any errors (covered by InfoBytes here).
In conjunction with the White House press release, HUD announced it is taking multiple actions to improve rental screening transparency and support renters. It is sending reminders to public housing agencies and property owners about their obligation to inform rejected applicants about reasons for their denial, which provides renters with the opportunity to correct any errors. Additionally, HUD is providing $10 million for tenant education and outreach in Section 8 program properties to assist tenants with “capacity building efforts” for engagement with property management. Furthermore, HUD will issue a proposed rule requiring a 30-day written notification for evictions due to nonpayment of rent in certain subsidized housing.
Also mentioned was the recent White House announcement of actions it is taking to combat “unfair and hidden fees” concerning rental housing (covered by InfoBytes here).
FCC fines companies $20M for insufficient consumer data security measures
On July 28, the FCC announced a proposed fine of $20 million for two affiliated mobile carrier companies over alleged violations of FCC rules. The Commission alleged that the companies failed to protect the privacy and security of subscribers’ personal data by violating three provisions of section 64.2010 of FCC rules, which requires carriers to authenticate customers’ identity before providing online access to their network information. The alleged violations included relying on readily available information to control access to the network information, failing to establish “reasonable” data security standards. FCC Chairwoman Jessica Rosenworcel cited such failures to protect consumers’ privacy to underpin the importance of the FCC’s newly established Privacy and Data Protection Task Force (covered by InfoBytes here). The proposed sanctions are not final, and the companies will have an opportunity to respond.
SEC proposes rules for addressing conflicts of interest raised by predictive data analytics
On July 26, the SEC issued proposed rules under the Securities Exchange Act of 1924 and the Investment Advisors Act of 1940 to address certain conflicts of interest associated with the use of predictive data analytics, including artificial intelligence (AI) and similar technologies, “that optimize for, predict, guide, forecast, or direct investment-related behaviors or outcomes.” The SEC explained that broker-dealers and investment advisors (collectively, “firms”) are increasingly using AI to improve efficiency and returns but cautioned that, due to the scalability of these technologies and the potential for firms to quickly reach a large audience, any resulting conflicts of interest could result in harm to investors that is more pronounced and on a broader scale than previously possible.
Based on existing legal standards, the proposed rules generally would require a firm to identify and eliminate, or neutralize, the effects of conflicts of interest that result in the firm’s (or associated persons) interests being placed ahead of investors’ interests. Firms, however, would be permitted to employ tools that they believe would address such risks and that are specific to the particular technology being used. Firms that use covered technology for investor interactions would also be required to have written policies and procedures in place to ensure compliance with the proposed rules, the SEC said. These policies and procedures must include a process for evaluating the use of covered technology in investor interactions and addressing any conflicts of interest that may arise. Firms must also maintain books and records related to these requirements. Comments on the proposed rules are due 60 days after publication in the Federal Register.
SEC adopts breach-reporting rules, establishes requirements for cybersecurity risk management
On July 26, a divided SEC adopted a final rule outlining disclosure requirements for publicly traded companies in the event of a material cybersecurity incident. The final rule (proposed last year and covered by InfoBytes here) also requires companies to periodically disclose their cybersecurity risk management processes and establishes requirements for how cybersecurity disclosures must be presented. The final rule requires that material cybersecurity incidents be disclosed within four days from the time a company determines the incident was material (a disclosure may be delayed should the U.S. attorney general notify the SEC in writing that immediate disclosure poses a substantial risk to national security or public safety). Companies must also identify material aspects of the incident’s nature, scope, and timing, as well as its impact or reasonably likely impact on the company, and are required to describe their board’s and management’s oversight of risks from cybersecurity threats and previous cybersecurity incidents. These disclosures will be required in a company’s annual report. The final rule will also mandate foreign private issuers to provide comparable disclosures on forms related to material cybersecurity incidents and risk management, strategy, and governance.
The final rule is effective 30 days following publication of the adopting release in the Federal Register. The SEC noted that incident-specific disclosures will be required in Forms 8-K and 6-K beginning either 90 days after the final rule’s publication in the Federal Register or on December 18, whichever is later, though smaller reporting companies are provided an extra 180 days before they must begin providing such disclosures. Annual disclosures on cyber risk management, strategy, and governance will be required in Form 10-K and Form 20-F reports starting with annual reports for fiscal years ending on or after December 15. In terms of structured data requirements, all companies must tag disclosures in the required format beginning one year after initial compliance with the related disclosure requirement.
SEC Chair Gary Gensler commented that, in response to public comments received on the proposed rule, the final rule “streamlines required disclosures for both periodic and incident reporting” and requires companies “to disclose only an incident’s material impacts, nature, scope, and timing, whereas the proposal would have required additional details, not explicitly limited by materiality.”
In voting against the final rule, Commissioner Hester M. Pierce raised concerns that the final rule’s compliance timelines are overly aggressive even for large companies and that the short incident disclosure period could potentially mislead otherwise uninformed investors and “lead to disclosures that are ‘tentative and unclear, resulting in false positives and mispricing in the market.’” The final rule allows a company to update its incident disclosure with new information in subsequent reports that was unavailable at first and could impact investors who may suffer a loss due to the mispricing of the company’s securities following the initial reporting, Pierce said. She also criticized the risk to national security or public safety exemption as being overly narrow. Commissioner Mark Uyeda also opposed the adoption, writing that “[n]o other Form 8-K event requires such broad forward-looking disclosure that needs to be constantly assessed for a potential amendment.” Uyeda also questioned whether “[p]remature public disclosure of a cybersecurity incident at one company could result in uncertainty of vulnerabilities at other companies, especially if it involves a commonly used technology provider, [thus] resulting in widespread panic in the market and financial contagion.”
CFPB examines relationship between cashflow and serious delinquency
On July 26, the CFPB posted a blog entry explaining that cashflow data could be more telling in determining a person’s ability to repay their loans than credit reports, which are typically calculated through a variety of credit products such as mortgages, credit cards, auto loans, and student loans. The Bureau referenced its July 2020 Making Ends Meet Survey (covered by InfoBytes here), which was sampled off the Consumer Credit Panel, in order to “show that three self-reported proxies for cashflow appear predictive of serious delinquency, even when analyzing people with similar traditional credit scores.” The proxies include high accumulated savings, regularly saving and no overdrafts, and paying bills on time. While accounting for deficiencies such as sample size, the Bureau’s analysis showed that individuals with self-reported positive cash flow perform notably better than those with less positive cash flow, even with similar credit scores. Other findings include that individuals with higher credit scores are more likely to report (i) relatively high accumulated savings, which the Bureau defined as at least $3,000 across their checking and savings accounts; (ii) positive savings and no overdrafts; and (iii) no issues paying rent, mortgage, utilities, and regular household expenses. All three findings are also indicative of a reduced likelihood of serious delinquency, the Bureau found. According to the blog entry, the analysis “suggests that cashflow data may help lenders better identify borrowers with low likelihood of serious delinquency, even if these borrowers’ credit scores may have otherwise prevented them from receiving credit.”
CFPB issues Summer ’23 supervisory highlights
On July 26, the CFPB released its Summer 2023 issue of Supervisory Highlights, which covers enforcement actions in areas such as auto origination, auto servicing, consumer reporting, debt collection, deposits, fair lending, information technology, mortgage origination, mortgage servicing, payday lending and remittances from June 2022 through March 2023. The Bureau noted significant findings regarding unfair, deceptive, and abusive acts or practices and findings across many consumer financial products, as well as new examinations on nonbanks.
- Auto Origination: The CFPB examined auto finance origination practices of several institutions and found deceptive marketing of auto loans. For example, loan advertisements showcased cars larger and newer than the products for which actual loan offers were available, which misled consumers.
- Auto Servicing: The Bureau’s examiners identified unfair and abusive practices at auto servicers related to charging interest on inflated loan balances resulting from fraudulent inclusion of non-existent options. It also found that servicers collected interest on the artificially inflated amounts without refunding consumers for the excess interest paid. Examiners further reported that auto servicers engaged in unfair and abusive practices by canceling automatic payments without sufficient notice, leading to missed payments and late fee assessments. Additionally, some servicers allegedly engaged in cross-collateralization, requiring consumers to pay other unrelated debts to redeem their repossessed vehicles.
- Consumer Reporting: The Bureau’s examiners found that consumer reporting companies failed to maintain proper procedures to limit furnishing reports to individuals with permissible purposes. They also found that furnishers violated regulations by not reviewing and updating policies, neglecting reasonable investigations of direct disputes, and failing to notify consumers of frivolous disputes or provide accurate address disclosures for consumer notices.
- Debt Collection: The CFPB's examinations of debt collectors (large depository institutions, nonbanks that are larger participants in the consumer debt collection market, and nonbanks that are service providers to certain covered persons) uncovered violations of the FDCPA and CFPA, such as unlawful attempts to collect medical debt and deceptive representations about interest payments.
- Deposits: The CFPB's examinations of financial institutions revealed unfair acts or practices related to the assessment of both nonsufficient funds and line of credit transfer fees on the same transaction. The Bureau reported that this practice resulted in double fees being charged for denied transactions.
- Fair Lending: Recent examinations through the CFPB's fair lending supervision program found violations of ECOA and Regulation B, including pricing discrimination in granting pricing exceptions based on competitive offers and discriminatory lending restrictions related to criminal history and public assistance income.
- Information Technology: Bureau examiners found that certain institutions engaged in unfair acts by lacking adequate information technology security controls, leading to cyberattacks and fraudulent withdrawals from thousands of consumer accounts, causing substantial harm to consumers.
- Mortgage Origination: Examiners found that certain institutions violated Regulation Z by differentiating loan originator compensation based on product types and failing to accurately reflect the terms of the legal obligation on loan disclosures.
- Mortgage Servicing: Examiners identified UDAAP and regulatory violations at mortgage servicers, including violations related to loss mitigation timing, misrepresenting loss mitigation application response times, continuity of contact procedures, Spanish-language acknowledgment notices, and failure to provide critical loss mitigation information. Additionally, some servicers reportedly failed to credit payments sent to prior servicers after a transfer and did not maintain policies to identify missing information after a transfer.
- Payday Lending: The CFPB identified unfair, deceptive, and abusive acts or practices, including unreasonable limitations on collection communications, false collection threats, unauthorized wage deductions, misrepresentations regarding debt payment impact, and failure to comply with the Military Lending Act. The report also highlighted that lenders reportedly failed to retain evidence of compliance with disclosure requirements under Regulation Z. In response, the Bureau directed lenders to cease deceptive practices, revise contract language, and update compliance procedures to ensure regulatory compliance.
- Remittances: The CFPB evaluated both depository and non-depository institutions for compliance with the EFTA and its Regulation E, including the Remittance Rule. Examiners found that some institutions failed to develop written policies and procedures to ensure compliance with the Remittance Rule's error resolution requirements, using inadequate substitutes or policies without proper implementation.
CFPB, FTC to conduct inquiry into high housing costs for renters
On July 25, CFPB Director Rohit Chopra shared prepared remarks for the Community Table on a White House Blueprint for a Renters Bill of Rights to address high housing costs for renters. Chopra raised concerns about corporate investors imposing high rents and charging renters with what the director described as “junk fees and other aggressive tactics.” He mentioned that corporate investor owners, including private equity firms, are more likely to evict tenants, even when controlling for other factors, and that corporate investor ownership of rental units has risen to over 45 percent. Chopra also emphasized the growing use of artificial intelligence and social scoring in the rental process, stating that such changes can lead to rent hikes and denials of housing due to an algorithm's definition of "high-quality tenants." The remarks suggested that tenants are not being given appropriate opportunity to correct inaccurate information in their background checks, despite the legal requirement for companies to inform consumers when using such information for adverse rental decisions. The speech also stressed the CFPB's commitment to identifying inaccurate AI and illegal practices that lead to misleading data and clarified that name-only matching, a common but illegal practice in screening, can result in inaccurate information, disproportionately affecting individuals with common last names. To address these issues, Chopra announced a joint inquiry with the FTC, to collect feedback from the public about their experiences with tenant screening.