Supervisory Highlights, Issue 37 (Winter 2024), 607-613 [2024-31670]

Agencies

• CONSUMER FINANCIAL PROTECTION BUREAU

[Federal Register Volume 90, Number 3 (Monday, January 6, 2025)]
[Notices]
[Pages 607-613]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-31670]


=======================================================================
-----------------------------------------------------------------------

CONSUMER FINANCIAL PROTECTION BUREAU


Supervisory Highlights, Issue 37 (Winter 2024)

AGENCY: Consumer Financial Protection Bureau.

ACTION: Supervisory Highlights.

-----------------------------------------------------------------------

SUMMARY: The Consumer Financial Protection Bureau (CFPB) is issuing its 
thirty seventh edition of Supervisory Highlights.

DATES: This edition of Supervisory Highlights covers recent supervisory 
findings in the areas of deposits, furnishing, and short-term small 
dollar lending. The findings in this edition of Supervisory Highlights 
cover select examinations that were generally completed between January 
1, 2024, to October 1, 2024.

FOR FURTHER INFORMATION CONTACT: Jaclyn Sellers, Senior Counsel, at 
(202) 435-7449. If you require this document in an alternative 
electronic format, please contact [email protected].

SUPPLEMENTARY INFORMATION:

1. Introduction

    The Consumer Financial Protection Bureau's (CFPB) Supervision 
program assesses supervised institutions' compliance with Federal 
consumer financial law including unfair, deceptive, or abusive acts or 
practices (UDAAPs) prohibited by the Consumer Financial Protection Act 
of 2010 (the CFPA).\1\
---------------------------------------------------------------------------

    \1\ 12 U.S.C. 5531, 5536.
---------------------------------------------------------------------------

    This edition of Supervisory Highlights covers recent supervisory 
findings in the areas of deposits, furnishing, and short-term small 
dollar lending. In connection with deposits, Supervision continues to 
find that supervised institutions are charging consumers unfair 
overdraft and non-sufficient funds fees, and this edition provides an 
update on Supervision's work in this space. Aside from the refunds 
discussed in the context of deposits accounts below, mortgage 
originators and servicers have also recently reported issuing refunds 
related to unfair, deceptive, or otherwise unlawful fees and charges, 
which the CFPB anticipates reporting on in an upcoming edition of 
Supervisory Highlights. In short, mortgage servicers have reported 
issuing $4,251,815 in refunds for 91,931 affected loans. Mortgage 
originators reported issuing $115,605,024 in refunds for 134,912 
affected loans. In connection with furnishing, examiners continue to 
find violations of the Fair Credit Reporting Act (FCRA) \2\ and its 
implementing regulation, Regulation V.\3\ These violations include 
failing to maintain policies and procedures regarding identify theft 
and the accuracy and integrity of information. Additionally, examiners 
continue to find that furnishers are not investigating indirect 
disputes. This edition of Supervisory Highlights also includes, for the 
first time, supervisory findings in connection with Buy Now, Pay Later 
and paycheck advance products. More specifically examiners identified 
multiple violations of law including UDAAPs in connection with both Buy 
Now Pay Later and paycheck advance products. This edition also 
highlights how weak technology controls can cause or contribute to 
violations of Federal consumer financial law. For example, Supervision 
found that the way that core processors configured their platforms 
caused violations of Federal consumer financial law.

[[Page 608]]

Additionally, an institution violated the law by rolling out a 
dysfunctional online banking platform that made it difficult for credit 
union members to perform basic banking functions for weeks, with some 
features unavailable for more than six months. One area of particular 
concern associated with technology that the CFPB expects to highlight 
in future publications is the risk associated with ``Bring Your Own 
Device'' (BYOD) policies, which refers to being able to conduct 
business on a personally owned device, rather than a company issued 
device. BYOD policies may increase security risks including, for 
example, data breaches, malware, and unauthorized access to sensitive 
data. Institutions that permit BYOD should ensure that they take steps 
to mitigate the risks associated with these policies.
---------------------------------------------------------------------------

    \2\ 15 U.S.C. 1681 et seq.
    \3\ 12 CFR part 1022.
---------------------------------------------------------------------------

    The findings in this edition of Supervisory Highlights cover select 
examinations that were generally completed between January 1, 2024, to 
October 1, 2024. To maintain the anonymity of the supervised 
institutions discussed in Supervisory Highlights, references to 
institutions generally are in the plural and the related findings may 
pertain to one or more institutions.\4\ We invite readers with 
questions or comments about Supervisory Highlights to contact us at 
[email protected].
---------------------------------------------------------------------------

    \4\ If a supervisory matter is referred to the Office of 
Enforcement, Enforcement may cite additional violations based on 
these facts or uncover additional information that could impact the 
conclusion as to what violations may exist.
---------------------------------------------------------------------------

2. Supervisory Observations

2.1 Deposits

    Supervision examined the deposit operations of supervised 
institutions to assess whether they engaged in any UDAAPs prohibited by 
the CFPA.\5\ In these examinations, Supervision identified unfair 
overdraft and non-sufficient funds (NSF) fees as well as unfair acts or 
practices related to consumer requests to stop payment of preauthorized 
debit card transactions.
---------------------------------------------------------------------------

    \5\ 12 U.S.C. 5531, 5536.
---------------------------------------------------------------------------

2.1.1 Unanticipated Overdraft Fees and Re-Presentment NSF Fees
    In recent examinations of depository institutions and service 
providers, Supervision continued to cite unfair acts or practices at 
institutions that charged consumers for unfair unanticipated overdraft 
fees, such as Authorize-Positive Settle-Negative (APSN) overdraft fees, 
during this time period.\6\ Supervision also continued to cite 
institutions in connection with charging consumers NSF fees on the 
transaction that already incurred an NSF fee when it was previously 
declined.\7\
---------------------------------------------------------------------------

    \6\ APSN overdraft fees are overdraft fees that financial 
institutions assess for debit card or ATM transactions for which the 
consumer had a sufficient available balance at the time the consumer 
authorized the transaction, but which, given the delay between 
authorization and settlement, the consumer's account balance is 
insufficient to cover at the time of settlement. See Supervisory 
Highlights: Junk Fees Update Special Edition, Issue 31, 4-7 (March 
2023) https://www.consumerfinance.gov/data-research/research-reports/supervisory-highlights-junk-fees-update-special-edition-issue-31-fall-2023 ; Supervisory Highlights: Junk Fees Special 
Edition, Issue 29, 3-6 (March 2023), https://www.consumerfinance.gov/data-research/research-reports/supervisory-highlights-junk-fees-special-edition-issue-29-winter-2023/; Consumer 
Financial Protection Circular 2022-06, Unanticipated Overdraft Fee 
Assessment Practices, at 8-12 (Oct. 26, 2022), https://www.consumerfinance.gov/compliance/circulars/consumer-financial-protection-circular-2022-06-unanticipated-overdraft-fee-assessment-practices/.
    \7\ These transactions, called re-presentments, occur when, 
after declining a transaction because of insufficient funds and 
assessing an NSF fee for the transaction, the consumer's account-
holding institution returns the transaction to the merchant's 
depository institution, and the merchant presents the same 
transaction to the consumer's account-holding institution for 
payment again. In some instances, when the consumer's account 
remains insufficient to pay for the transaction upon re-presentment, 
the consumer's account-holding institution again returns the 
transaction to the merchant and assesses another NSF fee for the 
transaction, without providing consumers a reasonable opportunity to 
prevent another fee after the first failed presentment attempt. 
Absent restrictions on the assessment of NSF fees by the consumer's 
account-holding institution, this cycle can occur multiple times, 
and consumers may be charged multiple fees for a single transaction.
---------------------------------------------------------------------------

    Since the CFPB heightened its supervisory attention on overdraft 
and NSF fees in 2022, financial institutions have agreed to refund 
nearly $250 million to consumers--approximately $184 million in unfair 
unanticipated overdraft fees charged on transactions that were 
authorized when the consumer had sufficient funds, and approximately 
$66 million in unfair NSF fees charged on the same transaction that 
already incurred an NSF fee when it was previously declined. This $250 
million reflects $240 million that the CFPB previously announced in 
October 2023 and April 2024, and an additional $10 million that 
financial institutions have agreed to refund since the period covered 
by those announcements.
2.1.2 Core Processor Practices
    Supervision continued to examine core processors in their capacity 
as service providers to large depository institutions. Core processors 
provide critical deposit, payment, and data processing services to many 
supervised institutions, and the system functionality that these 
entities develop drives many fee practices, including overdraft and NSF 
fee practices.
    In examinations of core processors, examiners found that core 
processors had enhanced their core platforms during the review periods 
to enable client institutions to avoid assessing re-presentment NSF 
fees and APSN overdraft fees. However, examiners also found that the 
core processors configured their platforms so that the platforms would 
continue to assess the fees by default unless the client institutions 
took affirmative action to avoid assessing these fees. Examiners 
concluded that, in the offering and providing of core service 
platforms, core processors engaged in an unfair act or practice by 
assessing APSN overdraft fees and re-presentment NSF fees through their 
core platforms. An act or practice is unfair when: (1) it causes or is 
likely to cause substantial injury to consumers; (2) the injury is not 
reasonably avoidable by consumers; and (3) the injury is not outweighed 
by countervailing benefits to consumers or to competition.\8\
---------------------------------------------------------------------------

    \8\ 12 U.S.C. 5531 and 5536.
---------------------------------------------------------------------------

    The assessment of re-presentment NSF fees and APSN fees results in 
substantial injury to consumers. These fees also increased the risk of 
consumers incurring additional fees on subsequent transactions caused 
by the fees, which lowered consumers' account balances. The core 
processors caused these injuries because they were a predictable and 
foreseeable consequence of their core platforms' limitations and 
configuration. Where the platforms were configured to assess the fees 
by default, it was foreseeable to the core processors that their 
clients would fail to take affirmative action to cease charging these 
fees and thus continue to assess these fees. As with the fees 
themselves, the relevant system limitations and configurations were not 
reasonably avoidable by consumers and not outweighed by any 
countervailing benefits to consumers or competition.
    In response to these findings, the core processors enhanced their 
core platforms to not only enable their client institutions to prevent 
the assessment of these fees but also to ensure that clients would not 
assess these fees by default if the clients did not take action to 
prevent their assessment.
2.1.3 Improper Re-Presentment Processing Practices
    Supervision has reviewed depository institutions' practices in 
processing automated clearinghouse (ACH) transactions to ensure that 
they are taking adequate steps to prevent the

[[Page 609]]

origination of improper re-presentment transactions by their merchant 
and business clients. When a consumer pays for goods or services, the 
consumer may authorize the merchant to debit their bank account by 
submitting an ACH transaction to the consumer's bank. The merchant will 
originate the ACH transaction by passing an ACH debit entry along to 
its bank, referred to as an ``originating depository financial 
institution'' (ODFI), which will then send the entry to the consumer's 
bank, referred to as a ``receiving depository financial institution'' 
(RDFI). The RDFI then may either post the transaction and debit the 
consumer's bank account or return the transaction to the ODFI because 
of insufficient funds in the consumer's account. The network rules 
governing ACH transactions impose certain formatting and processing 
requirements to identify re-presentment transactions. As explained 
above, in response to supervisory findings, core processors have 
enhanced their platforms to enable institutions to avoid charging NSF 
fees on readily identifiable re-presentment transactions. Accordingly, 
when an ODFI does not ensure that its clients comply with these 
formatting and processing requirements or otherwise do not originate 
improper re-presentment transactions, ACH transactions may not be 
readily identifiable as re-presentments by the RDFI and, by extension, 
the RDFI's core platform may fail to prevent charging NSF fees on re-
presentment transactions.
    The ACH network rules also generally limit the number of 
permissible re-presentments for a single transaction by limiting an 
ODFI and its clients to a maximum of two re-presentment attempts after 
the initial presentment is returned for insufficient funds. However, as 
the CFPB has previously observed, an ODFI's clients may, in an attempt 
to obtain payment from consumers, seek to improperly re-present 
transactions to circumvent this limit on the number of permissible 
representments.\9\
---------------------------------------------------------------------------

    \9\ CFPB, Online Payday Loan Payments (2016), at 14 (explaining 
that, according to CFPB analysis of online ACH payments, 50 percent 
of failed payments are re-presented after three failed payment 
attempts), https://www.consumerfinance.gov/data-research/research-reports/online-payday-loan-payments/.
---------------------------------------------------------------------------

    Supervision found that depository institutions engaged in an unfair 
act or practice in their capacity as ODFIs by processing transactions 
for payment as initial presentments when the transactions were in fact 
re-presentments without taking steps to address indicia of inaccuracy. 
Examiners found that these institutions, in their capacity as ODFIs, 
did not monitor their originator clients' use of their ACH processing 
services to identify or prevent them from improperly re-presenting 
transactions. These depository institutions possessed information that 
strongly suggested that a percentage of ACH transactions that they 
processed as ODFIs were re-presented items that were improperly 
formatted and submitted by their originator clients as new 
transactions. These indicia included ACH entries reflecting 
transactions from the same payee, in the same amount, made close in 
time, which lacked indications that the transactions were recurring 
payments or otherwise reflected separate transactions.
    By failing to monitor originators to identify and prevent improper 
re-presentment practices, these depository institutions caused or were 
likely to cause substantial injury to consumers in the form of NSF fees 
that could otherwise have been avoided. These fees would not have been 
assessed had the transaction been properly re-presented because the 
transaction would then either be identifiable as a re-presentment and 
the NSF fee would have been waived by the bank's core platform or would 
have not been submitted at all to the extent that the business client 
had already submitted the maximum number of re-presentment attempts. 
Although the supervised depository institutions, as ODFIs, did not 
actually assess these NSF fees, examiners found they caused the injury 
because the assessment of these fees was a probable and foreseeable 
consequence of their processing transactions for payment as initial 
presentments when the transactions were in fact re-presentments.
    Even if a consumer's bank did not assess NSF fees, consumers still 
suffered injury in the form of improper debiting of funds. When an 
originator obtains payment for a previously returned transaction by 
submitting the transaction as initial presentment, rather than a re-
presentment, without the consumer's authorization, the consumer suffers 
monetary harm by their account being debited without their 
authorization. These injuries were not reasonably avoidable and were 
also not outweighed by countervailing benefits to consumers or 
competition. In response to these findings, depository institutions 
implemented processes to prevent the origination of improper re-
presentment transactions by their clients, including regularly 
monitoring and auditing ACH transactions to identify any re-presented 
items that are miscoded as initial presentments and any other indicia 
of inaccuracy.
2.1.4 Stop Payment Services of Debit Card Network Operators
    Consumers frequently complain that they face challenges in stopping 
payment of preauthorized debit card transactions, which they have a 
right to do under the Electronic Fund Transfer Act (EFTA) and its 
implementing Regulation E.\10\ Supervision has found in examinations 
that depository institutions likewise face difficulties in executing 
stop payment requests for recurring debit card transactions for various 
reasons.
---------------------------------------------------------------------------

    \10\ 15 U.S.C. 1693e(a); 12 CFR 1005.10(c).
---------------------------------------------------------------------------

    Unlike other types of recurring payment transactions, depository 
institutions' core platforms generally do not offer the capability to 
stop payment of preauthorized debit card transactions. Regulation E 
recognizes that, in the case of a preauthorized debit made through a 
debit card network, a depository institution may not have the 
capability to block a preauthorized debit from being posted to the 
consumer's account given the manner in which preauthorized debit card 
transactions are processed.\11\ Accordingly, it allows banks to comply 
with the stop-payment requirements by using a third party, such as a 
debit card network, to block the transfer, as long as the consumer's 
account is not debited for the payment.\12\ To that end, some debit 
card networks offer stop payment capabilities that network members may 
use to stop payment of recurring debit card transactions routed through 
the network. Supervision recently conducted examinations of debit card 
network operators in their capacity as service providers to large 
depository institutions. Examiners found that, in some debit card 
networks, these network operators did not offer a network-based stop 
payment service that their members may use to stop payment of a 
recurring debit card transaction. Examiners also found that, in other 
debit card networks, the network operators did offer such a service but 
very few of its members elected to use the service.
---------------------------------------------------------------------------

    \11\ See comment 1005.10(c)-3.
    \12\ See Id.
---------------------------------------------------------------------------

    Examiners concluded that these network operators engaged in an 
unfair act or practice by processing preauthorized debit card payments 
subject to consumer's valid stop payment requests due to the manner in 
which they operated their networks. By processing such transactions, 
the network operators caused substantial

[[Page 610]]

monetary injury to consumers who were charged for preauthorized debit 
card transactions that they requested to be and were entitled to have 
stopped. Even though the consumer's financial institution could likely 
recover the amount debited through standard dispute resolution and 
chargeback processes for debit card transactions, consumers would still 
be deprived of their funds while the dispute was processed. In any 
event, these processes are not an adequate substitute for a consumer's 
right to stop payment of preauthorized debit card transactions.
    Operators of networks that did not offer a stop payment service 
caused this injury because it was foreseeable to them that not offering 
such a capability in the network would result in network members 
lacking the capability to stop payment of the transactions and, by 
extension, consumers being charged for such transactions after they 
submit a valid stop payment order. Even where network operators offered 
a network-based stop payment capability, these operators still caused 
this injury to consumers, because, given that very few network members 
elected to use the capability, it was foreseeable to them that 
consumers would be charged for preauthorized debits that they are 
entitled to have stopped.
    The substantial injury identified in these exams was not reasonably 
avoidable by consumers. When entering a recurring transaction, 
consumers have little reason to anticipate potential injury, and if 
they did, few means to avoid it. Consumers have a reasonable 
expectation that their issuing bank will comply with the requirements 
of Regulation E and stop payment if a valid request is entered. 
Consumers also have little to no control over which debit card networks 
their transactions are routed through, and no control over whether the 
network offers a stop payment service or whether their bank has 
voluntarily enrolled in such a service. Lastly, in considering 
countervailing benefits to consumers and competition from processing 
preauthorized debit card transactions subject to a consumer's valid 
stop payment request, Supervision found this practice to be injurious 
in its net effects.
    In response to these findings, the network operators revised and 
implemented relevant network processes and capabilities to ensure that 
they cease to process preauthorized debit card payments routed through 
their networks that are subject to consumers' valid stop payment 
requests.

2.2 Furnishing

    Entities--such as banks, loan servicers, and others (to which we 
refer herein collectively as furnishers)--that furnish information to 
consumer reporting companies (CRCs) \13\ for inclusion in consumer 
reports play a vital role in availability of credit and have a 
significant role to play in the fair and accurate reporting of credit 
information. Furnishers are subject to several requirements under the 
FCRA \14\ and its implementing regulation, Regulation V,\15\ including 
obligations to reasonably investigate disputes and to furnish data 
subject to the relevant accuracy requirements. In recent reviews, 
examiners continued to find deficiencies in furnishers' compliance with 
FCRA and Regulation V requirements.
---------------------------------------------------------------------------

    \13\ The term ``consumer reporting company'' means the same as 
``consumer reporting agency,'' as defined in the Fair Credit 
Reporting Act, 15 U.S.C. 1681a(f), including nationwide consumer 
reporting agencies as defined in 15 U.S.C. 1681a(p) and nationwide 
specialty consumer reporting agencies as defined in 15 U.S.C. 
1681a(x).
    \14\ 15 U.S.C. 1681 et seq.
    \15\ 12 CFR part 1022.
---------------------------------------------------------------------------

2.2.1 Duty To Maintain Reasonable Procedures To Respond To Identify 
Theft Block Requests Notifications From CRCs
    The FCRA requires furnishers to have reasonable procedures in place 
to respond to certain notifications they receive from CRCs related to 
information resulting from identity theft (i.e., identity theft block 
request notifications) to prevent the refurnishing of such 
information.\16\
---------------------------------------------------------------------------

    \16\ 15 U.S.C. 1681s-2(a)(6)(A).
---------------------------------------------------------------------------

    Examiners found that furnishers did not have reasonable procedures 
in place to respond to identity theft block request notifications from 
CRCs. Specifically, in recent reviews of installment loan furnishers, 
examiners identified that the furnishers did not have any procedures in 
place to respond to identity theft block request notifications received 
from CRCs. Consequently, the furnishers did not process the requests 
and repeatedly refurnished information that consumers asserted had 
resulted from identity theft and, thus, that should have been blocked. 
In response to these findings, furnishers are establishing and 
implementing procedures to respond to identity theft block request 
notifications received from CRCs.
2.2.2 Duty To Conduct Reasonable Investigations of Indirect Disputes
    After receiving notice of a dispute of the completeness or accuracy 
of any information from a CRC, furnishers are required to conduct a 
reasonable investigation with respect to the disputed information.\17\ 
The furnisher must review all relevant information provided by the CRC 
and must complete the investigation and report the results to the CRC 
within a certain requisite timeframe (typically 30 days).\18\ 
Conducting a reasonable investigation that is responsive to the 
specific allegations in a dispute often requires furnishers to at least 
review information relevant to the dispute in its own possession and, 
in some cases, may necessarily entail accessing or requesting third-
party documents and other information relevant to the dispute to which 
the furnisher reasonably has access.
---------------------------------------------------------------------------

    \17\ 15 U.S.C. 1681s-2(b)(1)(A).
    \18\ 15 U.S.C. 1681s-2(b)(1)(B), (C).
---------------------------------------------------------------------------

    Examiners are continuing to find that furnishers are violating the 
FCRA duty to conduct reasonable investigations of indirect 
disputes.\19\ In recent reviews of debt collector furnishers, examiners 
found that the furnishers failed to conduct reasonable investigations 
of certain indirect disputes in circumstances in which the furnishers 
utilized automated dispute response systems that reviewed only their 
own systems of record to assess the accuracy of the disputed 
information. Examiners identified instances in which the furnishers, 
through their automated systems, responded to CRCs verifying the 
information subject to the dispute even though the furnishers' records 
were insufficient to confirm the information in a reliable manner. In 
each instance, the furnishers' automated systems did not consider any 
records of the furnishers' clients--i.e., the entities, such as 
creditors, on behalf of which the furnishers were collecting debts--
relevant to the dispute.
---------------------------------------------------------------------------

    \19\ See for example, Supervisory Highlights Consumer Reporting 
Special Edition, cfpb_supervisory-highlights_issue-20_122019.pdf.
---------------------------------------------------------------------------

    In addition, examiners found that debt collector furnishers failed 
to reasonably investigate certain indirect disputes in circumstances in 
which the furnishers' agents responded to CRCs regarding the dispute 
without investigating any relevant information on their clients' 
systems of record despite the agents having access to those systems of 
record. Rather than reviewing their clients' records to which they had 
access to assess the accuracy of the disputed information, the 
furnishers' agents forwarded the disputes to the clients for 
investigation and, when the clients failed to respond, instructed CRCs 
to delete the related

[[Page 611]]

consumer tradelines. Examiners found that the furnishers in these 
circumstances failed to conduct reasonable investigations of indirect 
disputes.
2.2.3 Duty To Establish and Implement Reasonable Policies and 
Procedures Concerning the Accuracy and Integrity of Furnished 
Information
    Examiners are continuing to find \20\ that furnishers are violating 
the Regulation V duty to establish and implement reasonable written 
policies and procedures regarding the accuracy and integrity of the 
information furnished to a CRC and to consider and incorporate, as 
appropriate, the guidelines of appendix E to Regulation V.\21\ Recent 
supervisory reviews identifying violations of this Regulation V 
requirement include:
---------------------------------------------------------------------------

    \20\ Id.
    \21\ 12 CFR 1022.42(a), (b).
---------------------------------------------------------------------------

    [ssquf] In reviews of student loan furnishers, examiners found that 
the furnishers relied solely on external procedures regarding the 
technical steps for creating and transmitting consumer reporting files, 
but maintained no internal policies or procedures with respect to 
complying with the applicable requirements of the FCRA and Regulation 
V. Examiners found that the furnishers' failure to establish and 
implement reasonable written policies and procedures regarding the 
accuracy and integrity of information furnished to CRCs contributed to 
multiple systemic accuracy issues identified at the furnishers, 
including, for example, continuing to report accounts that had been 
discharged in bankruptcy, reporting inaccurate term durations for 
certain loans, and reporting inaccurate special comment codes regarding 
the status of certain accounts.
     In reviews of installment loan furnishers, examiners found 
that furnishers lacked reasonable policies and procedures for 
identifying practices or activities that can compromise the accuracy or 
integrity of furnished information. Specifically, examiners found 
weaknesses in furnishers' policies and procedures with respect to 
considering feedback received from CRCs--resulting in the furnishers 
failing to identify that furnishing files were rejected by CRCs--and 
processing identity theft block requests received from CRCs. 
Deficiencies in the furnishers' internal controls regarding the 
accuracy and integrity of furnished information led to failures in 
identifying, and promptly remediating, accounts that were furnished 
inaccurately. Examiners also found that furnishers failed to design 
means of communication with CRCs to prevent erroneous association of 
information with the wrong consumers, which resulted in the furnishing 
of mismatched personal information for thousands of consumers.
    [ssquf] In reviews of credit card furnishers, examiners found that 
the furnishers failed to maintain and implement reasonable written 
furnishing policies and procedures, including by failing to adequately 
provide for, among other things: the identification and handling of 
frivolous or irrelevant disputes, the replacement of dispute codes 
following resolution of disputes, and quality assurance with respect to 
the accuracy and integrity of information furnished to CRCs. Examiners 
also identified deficiencies in furnishers' policies and procedures for 
correcting information after determining it to be inaccurate, finding 
that, for example, such deficiencies allowed inaccuracies to persist 
for over a year on average before being remediated.
    In response to these findings, furnishers are implementing and/or 
enhancing written policies and procedures to address the identified 
procedural deficiencies.

2.3 Short-Term Small Dollar Lending

    The short-term small dollar lending market continues to evolve, and 
as part of this market, the Buy Now, Pay Later market, where lenders 
advertise buying products over four payments, has expanded rapidly over 
the past few years. The paycheck advance market, where lenders tie 
funding amounts to accrued or estimated wages and those amounts are 
repayable on the next payday or withheld from the next paycheck, also 
has expanded rapidly in recent years. Firms sometimes market these 
products as ``earned wage'' products. Certain Buy Now, Pay Later firms 
and certain paycheck advance firms consented to CFPB's examination 
authority. Across these examinations, examiners identified a number of 
unfair, deceptive, or abusive acts or practices. In addition to the 
examinations giving rise to the findings discussed in this section, 
CFPB staff worked with certain State regulators on their examinations 
of Buy Now Pay Later firms.
2.3.1 Failing To Timely Resolve Consumer Disputes
    Consumers who used Buy Now, Pay Later loans to purchase products or 
services frequently alleged that the merchants did not provide the 
items or services as agreed or communicated other disputes to the 
lender. Lenders engaged in unfair acts or practices by failing to 
timely resolve consumer disputes in which consumers alleged they were 
owed refunds for various reasons, such as where the delay was contrary 
to the dispute policy on its website regarding dispute resolution 
timelines. These delays were long, with hundreds of consumers deprived 
of funds for months at a time. Consumers incurred substantial injury in 
the form of deprivation of funds that should have been refunded in a 
timely manner. Additionally, consumers whose claims were denied may 
have been required to make full payments at unpredictable times after 
delayed investigations during which they were not permitted to make 
payments. The injuries were not reasonably avoidable as consumers 
lacked control over the dispute resolution process. The substantial 
injuries to consumers were not outweighed by any countervailing 
benefits to consumers or competition. In response to these findings, 
the Buy Now, Pay Later lenders refunded the amounts at issue and 
implemented monitoring to eliminate delayed resolutions.
2.3.2 Misrepresenting Loan Costs or Terms
    Buy Now, Pay Later lenders worked with merchant partners to 
advertise their loans, and in certain instances, the merchant partner 
websites advertised incorrect loan costs or terms. The lenders 
exercised control and approval rights over these advertisements. Thus, 
the lenders engaged in a deceptive act or practice when its merchant 
partners ran advertisements on their behalf that included false 
representations. These advertisements misled or were likely to mislead 
reasonable consumers, and the deceptive representations were material 
because they related to the cost and terms of the loans as payment 
methods. In response to these findings, the lenders contacted the 
relevant merchants to ensure they updated their websites and refunded 
overcharges to customers. They also enhanced the marketing review 
process across merchant partners.
2.3.3 Denying Credit Based On Payment Processing Deficiencies on 
Earlier Loans
    Buy Now, Pay Later lenders' payment platforms prevented consumers 
with loan balances below $1 from making payments. Subsequently, the 
lenders denied those consumers' loan applications on the basis that 
consumers had not paid those balances. The lenders engaged in an unfair 
act or practice by preventing consumers with loan balances below $1 
from making

[[Page 612]]

payments, while denying those consumers' loan applications because of 
those same balances. This conduct caused or was likely to cause 
substantial injury, as it resulted in the lenders denying additional 
credit for consumers with outstanding balances of less than $1. In 
addition, consumers may have incurred costs attempting to secure 
alternative credit. Consumers also may have spent time contacting the 
lenders to resolve these outstanding balances. This practice was not 
reasonably avoidable, as the lenders did not allow consumers to make 
payments to cure an outstanding balance of less than $1. The 
substantial injury to consumers was not outweighed by any 
countervailing benefits to consumers or competition. In response to 
these findings, Supervision directed the lenders to enhance system 
capabilities to allow consumers to pay off or automatically remove loan 
balances of less than $1 and refrain from preventing consumers from 
obtaining additional loans if they have balances of less than $1.
2.3.4 Designing Consumer Interfaces To Include Misrepresentations About 
Uses and Benefits of Tips and Tipping
    Examiners found that lenders designed consumer interfaces for 
paycheck advance products--sometimes marketed as ``earned wage'' 
products--to include statements and illustrations representing that if 
consumers paid tips, the tips would help specific numbers of customers 
and were a way to help other borrowers. In fact, lenders added tips to 
general revenues.
    A representation, omission, act, or practice is deceptive when: (1) 
the representation, omission, act or practice misleads or is likely to 
mislead the consumer; (2) the consumer's interpretation of the 
representation, omission, act or practice is reasonable under the 
circumstances; and (3) the misleading representation, omission, act or 
practice is material.\22\ Examiners found lenders engaged in deceptive 
acts and practices when they misled or were likely to mislead 
reasonable consumers through written and graphic references that 
correlated amounts of tips provided to numbers of people helped. They 
also misled or were likely to mislead reasonable consumers into 
believing tips directly benefited other customers, although in reality 
they added tips to general revenue. These representations were material 
because they were likely to affect customers' choices regarding 
tipping, including whether to tip and how much.
---------------------------------------------------------------------------

    \22\ 12 U.S.C. 5531.
---------------------------------------------------------------------------

    An abusive act or practice: (1) materially interferes with the 
ability of a consumer to understand a term or condition of a consumer 
financial product or service; or (2) takes unreasonable advantage of: a 
lack of understanding on the part of the consumer of the material 
risks, costs or conditions of the product or service; the ability of 
the consumer to protect the interest of the consumer in selecting or 
using a financial product or service; or the reasonable reliance by the 
consumer on a covered person to act in the interest of the 
consumer.\23\ Examiners found that lenders engaged in abusive acts or 
practices when they took unreasonable advantage of consumers' inability 
to protect their interests in selecting or using consumer financial 
products or services. Lenders took unreasonable advantage of superior 
information in knowing that tips went to general revenue. Under the 
circumstances and given the misrepresentations, customers lacked the 
ability to make fully informed choices about whether and how much to 
tip, which affected the ability to protect their monetary interests. 
Lenders gained unreasonable advantages when they designed interfaces to 
take advantage of consumers' misimpressions, based on specific consumer 
research they conducted, and profited from tips that would not have 
been made or were higher than if customers had known tips went to 
general revenue.
---------------------------------------------------------------------------

    \23\ 12 U.S.C. 5535(a)(1)(B). See also CFPB, Policy on Abusive 
Acts or Practices, (Apr. 3, 2023), https://www.consumerfinance.gov/compliance/supervisory-guidance/policy-statement-on-abusiveness/#1.
---------------------------------------------------------------------------

2.3.5 Blocking Loan Account Closure and Continuing to Debit Deposit 
Accounts
    Examiners found that lenders engaged in deceptive acts and 
practices when they prevented paycheck advance product consumers from 
closing their loan accounts until they resolved pending debits, and 
continued debiting consumer deposit accounts, despite representations 
that accounts could be closed at any time and that lenders would not 
engage in collection activity. Lenders misled or were likely to mislead 
consumers through confusing and conflicting representations about how 
to close loan accounts and that consumers could cancel agreements and 
use of services at any time, the only consequences of nonpayment being 
placing loan accounts on hold. Consumers could reasonably interpret 
lenders' statements to mean that they could cancel agreements and 
services at any time, along with pending debits, and would not be 
blocked from closing their loan accounts until pending debits were 
processed. Lenders' representations were material because they were 
likely to affect consumer choice regarding whether to use the service 
in the first place and how they might employ funds differently if 
consumers understood debits continued after attempted account closure.
    Examiners also found that lenders engaged in abusive acts or 
practices when they took unreasonable advantage of consumers' inability 
to protect their interests when they blocked consumers from closing 
their loan accounts and continued to attempt to debit their deposit 
accounts, despite statements that consumers could close their accounts 
any time and that lenders would not engage in collection activity. 
Consumers could not protect their interests in selecting or using 
paycheck advance products because they were blocked from closing their 
loan accounts and were subject to repeated debits, despite 
representations that they could close their loan accounts at any time 
and lenders would not take repayment actions against them. At account 
opening, lenders led consumers to believe they could close their 
accounts anytime and avoid repeated debits. But after attempting 
account closure, consumers were subject to repeated debits and 
potentially to third-party fees. Lenders gained unreasonable advantage 
by inducing consumers to take out paycheck advance products under false 
premises, gaining more loan accounts than they otherwise would have.
2.3.6 Blocking Funds Transfers
    Examiners found that lenders engaged in unfair acts or practices 
when technology failures resulted in consumer having certain transfers 
blocked from linked deposit accounts to other personal accounts. 
Specifically, lenders offered a payment card linked to a particular 
deposit account in concert with the paycheck advance product, and 
during a specific time period, consumers who had not repaid the 
paycheck advances timely and had balances in these linked accounts were 
unable to access their funds in a timely manner. Lenders caused 
substantial injury because consumers were unable to access their funds 
in a timely manner and were denied access to funds. Other injury 
included time spent and trouble and aggravation caused when consumers 
tried to cure the problem. Consumers could not reasonably avoid or 
anticipate the injury because they were not warned of the error and 
could not resolve it themselves. The

[[Page 613]]

underlying technology failures and their consequences provided no 
discernible benefit to consumers or competition.

3. Supervisory Developments

    Set forth below are select supervision program developments 
including final rules and orders that have been issued since the last 
edition of Supervisory Highlights.
3.1.1 CFPB Issues Final Rule Governing Overdraft Lending at Very Large 
Financial Institutions
    On December 12, 2024, the CFPB issued a final rule related to 
overdraft lending.\24\ The final rule updates the Federal regulations 
governing overdraft fees for financial institutions with more than $10 
billion in assets. Extensions of overdraft credit provided by these 
institutions will now adhere to the consumer protections required of 
similarly situated products, unless the overdraft fee is $5 or less, or 
otherwise only recovers estimated costs and losses. The rule will allow 
consumers to better comparison shop across credit products and provides 
substantive protections that apply to other consumer credit.
---------------------------------------------------------------------------

    \24\ The final rule is available at: cfpb_overdraft-regulatory-
text-and-commentary_2024-12.pdf.
---------------------------------------------------------------------------

3.1.2 CFPB Orders Federal Supervision of Google Following Contested 
Designation
    On December 6, 2024, the CFPB published an order establishing 
supervisory authority over Google Payment Corp.\25\ This was the CFPB's 
second supervisory designation order in a contested matter. While 
Google Payment Corp. is already subject to CFPB's enforcement 
jurisdiction, the CFPB determined that Google Payment Corp. met the 
legal requirements for supervision.
---------------------------------------------------------------------------

    \25\ The Decision and Order is available at: cfpb_Publication-
Redacted-Decision-and-Order-Designating-Google-Payment-for-
Su_6EZQyMz.pdf.
---------------------------------------------------------------------------

3.1.3 CFPB Issues Final Rule Defining Larger Participants of a Market 
For General-Use Digital Consumer Payment Applications
    On November 21, 2024, the CFPB issued a final rule to establish 
authority over nonbank covered persons that are larger participants of 
a market for providing general-use digital consumer payment 
applications.\26\ The rule, which takes effect January 9, 2025, will 
allow the CFPB to supervise these firms, which provide widely-used 
payment wallet and funds transfer apps. Nonbank firms qualify as larger 
participants if their general-use digital consumer payment applications 
facilitate more than 50 million consumer payment transactions 
denominated in U.S. dollars per year and they are not small business 
concerns as defined by Small Business Administration regulations. The 
CFPB estimates that nonbank larger participants in this market 
collectively facilitated over 13 billion such consumer payment 
transactions annually. The rule will help the CFPB to ensure that these 
companies follow Federal consumer financial law just like large banks 
and credit unions already supervised by the CFPB. The rule also will 
help the CFPB to detect and assess risks to consumers and markets 
including emerging risks.
---------------------------------------------------------------------------

    \26\ The final rule, as published in the Federal Register, 89 FR 
99582 (Dec. 10, 2024).

Rohit Chopra,
Director, Consumer Financial Protection Bureau.
[FR Doc. 2024-31670 Filed 1-3-25; 8:45 am]
BILLING CODE 4810-AM-P