On July 17, 2012, the Consumer Financial Protection Bureau ("CFPB") reached a groundbreaking $165 million settlement with Capital One Bank (USA), N.A. ("Capital One") in its first enforcement action, ordering Capital One, a credit card issuer, to refund $140 million to two million customers who purchased its credit card "add-on" products and to pay a $25 million fine into the CFPB's Civil Penalty Fund.¹ In a related settlement reached with the Office of the Comptroller of the Currency (the "OCC"), Capital One agreed to pay a $35 million penalty and an additional $10 million in reimbursement payments, resulting in a total of $210 million in fines and reimbursements.² As is typical in the resolution of enforcement actions, Capital One stipulated to the Consent Orders without admitting or denying the allegations brought by the CFPB and the OCC.³

For a monthly fee, Capital One's "add-on" products included "payment protection," which allows debt cancellation if program members encounter certain "life events" such as unemployment, disability and death, and "credit monitoring," which includes identity-theft protection services. According to the CFPB, from August 2010 to January 2012, Capital One violated the consumer financial protection laws through deceptive marketing and sales practices engaged in by its callcenter vendors relating to the add-on products.⁴ The CFPB alleged that Capital One's call-center representatives misled customers into the purchase of add-on products through false statements that the products were free and sold the payment protection products to customers that were ineligible for the program due to unemployment and existing disabilities (later allegedly denying the program's benefits to such customers).⁵

In the CFPB settlement, Capital One agreed to pay a total of $165 million in restitution and penalties and consented to extensive oversight and remedial measures. After a quiet first year, the CFPB now has aggressively asserted its vast enforcement powers and levied significant financial penalties in its regulation of the marketing and sale of consumer financial products.

The Consumer Financial Protection Bureau⁶

The CFPB was created by the Dodd-Frank Wall Street Reform and Consumer Protection Act ("Dodd-Frank")⁷ to implement and enforce federal consumer financial laws and to promote fair, transparent and competitive and accessible markets for consumer financial services and products.⁸ The CFPB consolidates the consumer financial protection responsibilities, including with respect to rulemaking, supervision and enforcement, that previously had been the province of seven federal agencies.⁹ In exercising its enforcement powers, the CFPB has the discretion to create any appropriate legal or equitable remedy to address violations of the consumer financial protection laws, including temporary and permanent cease-and-desist orders, rescission, reformation of contracts, refunds, disgorgements, damages and civil money penalties.¹⁰ In addition, the CFPB has wide and exclusive authority - except where it shares rulemaking power with the FTC - to promulgate rules "as may be necessary or appropriate to enable the Bureau to administer . . . enforce and otherwise implement the provisions of Federal consumer financial law."¹¹

The CFPB has extensive enforcement powers and operates with unique and controversial independence from Congressional or Executive oversight. Its budget is statutorily tied as a fixed ratio to the Federal Reserve's operating expenses. CFPB final rules can be overturned only by a determination by two-thirds of the members of the Financial Stability Oversight Council (the "FSOC") that the rule threatens the "safety and soundness of the United States banking system or the stability of the financial system."¹² Courts must defer to the CFPB's determinations regarding the meaning or interpretation of federal consumer financial law.¹³ While a cease-and-desist order issued by the CFPB may be appealed within 30 days of service to the D.C. circuit or to the federal circuit court in which the principal office of the defendant resides, such appeal does not operate as a stay of the CFPB's order.¹⁴ Finally, the CFPB is headed by a single Director, appointed by the President with the consent of the Senate to a five-year term and is removable only for cause by the President for "inefficiency, neglect of duty or malfeasance of office."¹⁵

The result is a powerful regulatory agency that has sweeping oversight authority, including exclusive jurisdiction to oversee compliance with consumer protection laws for banks with assets exceeding $10 billion, limited powers to monitor smaller banks and depository institutions, as well as supervisory authority over credit unions, residential mortgage companies (including originators, brokers and servicers, and providers of loan modification or foreclosure relief services), payday lenders and private education lenders.¹⁶ The CFPB also has the authority to supervise nonbank "larger participants," including credit reporting companies and certain other consumer reporting companies.

In connection with its enforcement responsibilities, the CFPB launched its Large Bank Supervision Program on July 21, 2011, which covered the 111 depository institutions with total assets over $10 billion, including Capital One.¹⁷

The CFPB Settlement's Findings of Fact Against Capital One

Through the supervision process, the CFPB alleged that Capital One's call-center vendors were violating the consumer financial protection laws by misleading customers into "products that they didn't understand, didn't want, or in some cases, couldn't even use."¹⁸ In addition, the CFPB claimed that Capital One's allegedly ineffective oversight failed to prevent, identify or correct the improper sales practices.¹⁹ Between August 1, 2010 and January 9, 2012, Capital One allegedly required the majority of its card-members to activate newly issued cards by telephone through third-party call-centers.²⁰ According to the CFPB, card-members with high credit scores allegedly were directed to a streamlined activation process, lasting two minutes or less, that did not involve solicitation of the add-on products.²¹ However, card-members with low credit scores, or with an initial credit line of $5,000 or less, allegedly were routed to a different activation process that averaged between seven and eight minutes while call-center vendors marketed the add-on products.²² On these calls, the CFPB claimed that call-center representatives often deviated from a script provided by Capital One and engaged in allegedly improper sales practices, including making deceptive statements to customers regarding the cost, coverage terms, benefits and other features of the products.²³ The call-center vendors allegedly made similarly false or misleading statements in order to "rebut" attempts by customers to cancel the add-on products.²⁴

Specifically, the CFPB found that the call-center representatives enrolled and retained two million Card-members through the following allegedly deceptive practices:

• Misrepresented the cost of the products. At various times, call-center representatives allegedly misled customers through false statements that the add-on products were "free," that the products were non-optional benefits associated with their credit cards, and/or that the customers would not be billed for the add-on products as long as they maintained a good payment history.²⁵
• Marketed and sold to ineligible customers. Capital One's call-center vendors allegedly solicited and sold "payment protection" products to ineligible customers, i.e., those who already were unemployed and/or disabled and thus not eligible to seek benefits for "life event" payments.²⁶ Additionally, the CFPB found that the call-center representatives allegedly falsely implied to customers that there were no eligibility requirements for the "payment protection" products.²⁷ Capital One subsequently allegedly denied benefits associated with add-on products misleadingly sold to the unemployed and/or disabled.²⁸
• Automatic enrollment. Call-center representatives allegedly enrolled certain customers into the add-on products without their affirmative consent.²⁹
• False statements regarding the benefits of the products. Call-center vendors allegedly led cardmembers to believe incorrectly that the add-on products improved credit scores and increased credit limits on their Capital One credit cards.³⁰

The Capital One Settlement

In the Consent Order, the CFPB found that Capital One violated Sections 1031 and 1036 of the Consumer Financial Protection Act (the "CFPA") in connection with its practices relating to the marketing, sales and operation of its payment protection and credit monitoring products.³¹ Sections 1031 and 1036 of the CFPA prohibit the use of "unfair, deceptive, or abusive" practices in connection with the sale or marketing of consumer financial products or services.³² As part of the Consent Order, Capital One agreed to make enrolled customers whole, pay a $25 million penalty, and reform its marketing and solicitation practices subject to the CFPB's supervision. Among other things, the settlement provides that Capital One must:

• Complete a compliance plan and submit to extensive oversight. Capital One agreed to extensive review and approval of marketing materials before it may resume marketing the add-on products. In addition, the company must demonstrate that it will lawfully market and solicit the add-on products going forward through submission to the CFPB of a compliance plan and scripts used by its call-center vendors, including intricate details such as the "volume, cadence and syntax" used by representatives when describing products to customers.³³
• Pay $140 million in restitution. Capital One will repay $140 million in product fees, over-the-limit fees, finance charges, and interest to two million eligible customers. Capital One also will pay claims that it denied to unemployed and disabled customers based on ineligibility as of enrollment.³⁴
• Pay $25 million to the CFPB Civil Penalty Fund. Capital One will pay a $25 million penalty to the Civil Penalty Fund, and will not seek or accept indemnification for such payment from any third party.³⁵ The Consent Order made clear that the severity of Capital One's penalty was influenced by several factors, including: "the gravity of the conduct by the Bank, the severity of the risks to and losses of consumers, the history of previous conduct by the Bank, and . . . the cooperation of the Bank during the CFPB's investigation and the substantial redress provided to Cardmembers."³⁶
• Engage an independent auditor. Capital One will retain an independent certified public accounting firm, subject to CFPB approval and at its own expense, to monitor and report on Capital One's compliance with the terms of the Consent Order.³⁷ Capital One also agreed to grant the CFPB access to the auditor's staff and to the work-papers and materials prepared during the course of the audit.³⁸

Also in connection with its add-on product marketing, sales and billing practices, Capital One entered into separate Consent Orders with the OCC, agreeing to pay a $35 million penalty and provide $150 million in reimbursement to 2.5 million customers for, among other things, violations of Section 5 of the Federal Trade Commission Act, which prohibits deceptive and unfair trade practices.³⁹ The OCC's civil penalty is in addition to the $25 million fine levied by the CFPB and is payable to the U.S. Treasury.⁴⁰

Conclusion

The CFPB's first enforcement settlement is a loud rattling of the saber toward financial services firms. The terms of the settlement provide notice to banks and non-banks - including, in particular, credit card issuers - that running afoul of their newest federal regulator carries significant risk, both with respect to operational independence and in terms of a financial penalty. CFPB Director Cordray warned that the CFPB's enforcement action against Capital One is a sign of things to come for the credit card industry: "We know these deceptive marketing tactics for credit card add-on products are not unique to a single institution . . . We expect announcements about other institutions as our ongoing work continues to unfold."⁴¹ Cordray's ominous remarks are corroborated by recent regulatory filings of credit card issuers disclosing the existence of ongoing investigations by the CFPB into their marketing practices, or that of subsidiaries, for add-on products.

This enforcement action marks the beginning of a new age of merit-based enforcement actions against the financial services industry. Financial services companies subject to the CFPB's regulation should evaluate carefully their marketing and sales practices for consumer financial products in light of this settlement, as well as recent guidance provided by the CFPB regarding the marketing of credit card add-on products and similar products,⁴² to determine whether any of their practices could be considered deceptive under the CFPB's broad enforcement. Such a review (which should be done by outside counsel to provide work-product protection) may entail a careful examination of the scripts used during marketing and sales calls, the marketing materials mailed to customers, and the handling of customer service calls and complaints.

Critically, companies should consider retaining outside legal counsel to review their marketing practices for compliance with consumer financial protection laws and CFPB expectations,⁴³ including ensuring that:

• Marketing materials accurately reflect the terms and conditions of offered consumer financial products;
• Scripts used by call-center vendors do not mislead customers and accurately state the terms and conditions of offered consumer financial products, including clearly identifying limitations on eligibility for benefits;
• Manuals and handbooks used by call-center vendors instruct representatives to accurately state the terms and conditions of offered consumer financial products, require clear affirmative consent before enrolling customers in consumer financial products, and provide that cancellation requests are handled in a lawful manner that does not mislead customers;
• Effective oversight and quality assurance reviews of call-center vendors hold representatives to the same standards applied to the company and prevent material deviation from approved scripts;
• A comprehensive training program educates employees in lawful marketing and sales practices regarding consumer financial products; and
• Employee compensation programs relating to the sale and marketing of consumer financial products do not incentivize employees to mislead customers.

Diligent and ongoing review of marketing and sales practices is crucial to ensuring compliance under this new regulatory regime.

Footnotes

1 Press Release, Consumer Financial Protection Bureau, CFPB probe into Capital One credit card marketing results in $140 million consumer refund (July 18, 2012), available at http://www.consumerfinance.gov/pressreleases/cfpb-capital-oneprobe/.

2 Press Release, Office of the Comptroller of the Currency, OCC Assesses Civil Money Penalty Against Capital One, Orders Restitution to 2.5 Million Customers (July 18, 2012), available at http://www.occ.gov/news-issuances/newsreleases/ 2012/nr-occ-2012-110.html.

3 In re Capital One Bank, (USA) N.A., Admin. Proc. No. 2012-CFPB-0001, Stipulation and Consent Order (July 17, 2012) ("CFPB Consent Order"), available at http://files.consumerfinance.gov/f/201207_cfpb_consent_order_0001.pdf ; In re Capital One Bank (USA), N.A., Glen Allen, Va., AA-EC-2012-62 (July 17, 2012) ("OCC Consent Order"), available at http://www.occ.gov/news-issuances/news-releases/2012/2012-110a.pdf ; In re Capital One Bank (USA), N.A., Glen Allen, Va., AA-EC-2012-63 (July 17, 2012) ("OCC Civil Money Penalty Consent Order"), available at http://www.occ.gov/newsissuances/news-releases/2012/2012-110b.pdf .

4 CFPB Consent Order at 1-2, 7-8.

5 Id. at 3-6.

6 For a detailed discussion of the CFPB and its enforcement powers, please see Bradley J. Bondi, Steven Lofchie & Scott Cammarn, Clients & Friends Memo, The Consumer Financial Protection Bureau: The New, Powerful Regulator of Financial Products and Services (Mar. 6, 2012), available at http://www.cadwalader.com/assets/client_friend/030612ConsumerFinancialProtectionBureau.pdf.

7 Pub. L. No. 111-203 (2010).

8 Dodd-Frank § 1021.

9 The seven agencies are the Board of Governors of the Federal Reserve, Department of Housing and Urban Development ("HUD"), Federal Deposit Insurance Corporation ("FDIC"), Federal Trade Commission ("FTC"), National Credit Union Administration, Office of the Comptroller of the Currency, and Office of Thrift Supervision. Dodd-Frank § 1061(b)(1)-(7).

10 Dodd-Frank § 1055(a)(2). Until the timely filing of an appeal, the CFPB may, at any time, modify, terminate, or set aside any order that it has issued.

11 Dodd-Frank §§ 1022(a)-(b), 1061(b)(5)(B).

12 Dodd-Frank § 1023. Notably, by statute, the CFPB Director is one of the twelve members of the FSOC. Id. § 111(b)(1)(D).

13 Dodd-Frank § 1022(b)(4)(A)-(B).

14 Dodd-Frank § 1053(b)(4).

15 Dodd-Frank § 1011(c)(3). The combination of the CFPB's broad powers and unique lack of accountability to other branches of government has raised constitutional concerns. See, e.g., Bondi, Lofchie & Cammarn, Clients & Friends Memo, supra n.6.

16 Dodd-Frank § 1025.

17 Department of the Treasury, Consumer Financial Protection Bureau Outlines Bank Supervision Approach (July 12, 2011), available at http://www.treasury.gov/press-center/press-releases/Pages/tg1236.aspx . Following the recess appointment of Director Richard Cordray on January 4, 2012, the CFPB started its Nonbank Supervision Program. Press Release, Consumer Financial Protection Bureau, Consumer Financial Protection Bureau launches nonbank supervision program (Jan. 5, 2012), available at http://www.consumerfinance.gov/pressreleases/consumer-financial-protection-bureau-launchesnonbank- supervision-program/ .

18 Press Release, CFPB, supra n.1.

19 CFPB Consent Order at 4.

20 Id. at 3.

21 Id. at 4.

22 Id.

23 Id. at 4-6.

24 Id. at 6.

25 Id. at 5.

26 Id. at 5-6.

27 Id. at 5.

28 Id. at 6.

29 Id.

30 Id. at 4.

31 Id. at 1, 8.

32 Dodd-Frank § 1031(a). The CFPB's Supervision and Examination Manual provides that a representation, omission, act or practice is deceptive when: (1) The representation, omission, act, or practice misleads or is likely to mislead the consumer, (2) The consumer's interpretation of the representation, omission, act, or practice is reasonable under the circumstances, and (3) The misleading representation, omission, act, or practice is material. CFPB Supervision and Examination Manual (Oct. 2011), available at http://www.consumerfinance.gov/guidance/supervision/manual/udaap-narrative/ . The CFPB is informed by the FTC's standard for deception, which similarly provides that an act or practice is deceptive if there is a "misrepresentation, omission or other practice, that misleads the consumer acting reasonably, in the circumstances, to the consumer's detriment." FTC Policy Statement on Deception (Oct. 14, 1983), available at http://www.ftc.gov/bcp/policystmt/ad-decept.htm .

33 CFPB Consent Order at 8-13.

34 Id. at 6, 14-17.

35 Id. at 20-21.

36 Id. at 20.

37 Id. at 19-20.

38 Id. at 20.

39 OCC Consent Order at 1, 16; OCC Civil Money Penalty Consent Order at 1, 6-7. 40 Press Release, OCC, supra n.2. Capital One's payment of restitution under the CFPB Consent Order will satisfy $140 million of the reimbursements required by the OCC Consent Order. Id.

41 Prepared remarks by Richard Cordray on CFPB enforcement action (July 18, 2012), available at http://www.consumerfinance.gov/speeches/prepared-remarks-by-richard-cordray-on-cfpb-enforcement-action/.

42 CFPB Bulletin 2012-06, Marketing of Credit Card Add-on Products (July 18, 2012), available at http://files.consumerfinance.gov/f/201207_cfpb_marketing_of_credit_card_addon_products.pdf.

43 Id. at 4-5.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.