Legal Alert

Mortgage Banking Update - April 13, 2023

April 13, 2023
In This Issue:

CFPB Final Section 1071 Rule on Small Business Data Collection Includes Important Changes From Proposal; Ballard Spahr to Hold Webinar on April 17

As previously reported, the Consumer Financial Protection Bureau issued its final rule to implement Section 1071 of the Dodd-Frank Act. Section 1071 amended the Equal Credit Opportunity Act to require financial institutions to collect and report certain data in connection with credit applications made by small businesses, including women- or minority-owned small businesses. The final rule was accompanied by a “Grace Period Policy Statement” and a “Statement on Enforcement and Supervisory Practices Relating to Small Business Lending Rule under the Equal Credit Opportunity Act and Regulation B.” Below we discuss key provisions of the final rule, including noteworthy changes from the CFPB’s proposal, and the CFPB’s accompanying Statements.

On April 17, 2023, from 1:00 p.m. to 2:30 p.m. ET, Ballard Spahr’s Consumer Financial Services Group will hold a webinar, “The CFPB’s Final Section 1071 Rule on Small Business Data Collection: What You Need to Know.” To register, click here.

Key provisions of the final rule include the following:

“Covered Financial Institution” Definition. As defined in Section 1002.105(a), a “financial institution” is any entity that engages in financial activity and includes both depository institutions and non-depository institutions such as online lenders, platform lenders, lenders involved in equipment and vehicle financing (captive financing companies and independent financing companies), and commercial finance companies. Motor vehicle dealers are excluded. A “covered financial institution” is defined in Section 1002.105(b) as a financial institution that originated at least 100 covered credit transactions for small businesses in each of the two preceding calendar years.

“Small Business” Definition. Section 1002.106(b) defines a “small business” as having the same meaning as a “small business concern” in the Small Business Act and that had gross annual revenue in the prior year of $5 million or less. The gross revenues threshold is to be adjusted for inflation every five years.

“Covered Application” Definition. Section 1002.103(a) defines a “covered application” as “an oral or written request for a covered credit transaction that is made in accordance with procedures used by a financial institution for the type of credit requested.” A request from a small business for a refinancing, unless otherwise excluded by the final rule, is a “covered application” even if no additional credit is requested. Excluded from that definition pursuant to Section 1002.103(b) are (1) reevaluation, extension, or renewal requests on an existing business account, unless the request seeks additional credit, and (2) inquiries and prequalification requests. (However, even if a reevaluation, extension or renewal request on an existing business account includes a request for additional credit, the transaction is not counted for purposes of determining if the financial institution is a covered financial institution.)

“Covered Credit Transaction” Definition. Section 1002.104 defines a “covered credit transaction” as an extension of credit primarily for business or commercial (including agricultural) purposes, but excluding (1) trade credit, (2) transactions reportable under the Home Mortgage Disclosure Act (HMDA), (3) insurance premium financing, (4) public utilities credit, (5) securities credit, and (6) incidental credit. The exclusions for HMDA-reportable transactions and insurance premium financing were not included in the CFPB’s proposal. In addition to loans, lines of credit, and credit cards, “covered credit transactions” include merchant cash advances and other sales-based financing. Consistent with the CFPB’s proposal, “covered credit transactions” also do not include (1) factoring, (2) leases, (3) consumer-designated credit that is used for business or agricultural purposes, or (4) the purchase of an originated credit transaction, an interest in a pool of credit transactions, or a partial interest in a credit transaction such as through a loan participation agreement.

Data Points. The final rule, in Sections 1002.107 and 1002.108, requires a covered financial institution to collect and annually report to the CFPB data on covered applications from small businesses. The data that must be reported and collected consists of:

  • Unique identifier, application date, application method, application recipient
  • Credit product, guarantees, loan term, credit purpose, amount applied for, amount approved or originated
  • Action taken, action taken date, denial reasons
  • Pricing information (interest rate, total origination charges, broker fees, initial annual charges, additional cost for merchant cash advances or other sales-based financing, prepayment penalties
  • Census tract, National American Industry Classification Code, number of workers, time in business
  • Number of principal owners
  • Minority-owned, women-owned and LGBTQI-owned business statuses
  • Ethnicity, race, and sex of principal owners

With respect to the demographic information described in the last two bullet points, a financial institution cannot require an applicant to provide such information. If the applicant fails or declines to provide the information necessary to report a data point, the financial institution must report the failure or refusal to provide the information. However, financial institutions are not required or permitted to report these data points based on visual observation, surname, or any other basis, which differs from the approach under the Home Mortgage Disclosure Act (HMDA). Under the Bureau’s proposal, if an applicant did not provide ethnicity or race information for at least one principal owner, the financial institution would have been required to collect at least one principal owner’s ethnicity and race based on visual observation and/or surname.

In addition to adopting the proposal’s requirement for covered financial institutions to maintain procedures to collect applicant-provided data at a time and in a manner reasonably designed to obtain a response, the final rule, in Section 1002.107(c), expressly prohibits a financial institution from discouraging an applicant from responding to requests for applicant-provided data. Like the proposal, the final rule requires covered financial institutions to maintain procedures to identity and respond to indicia of potential discouragement and provides that a low response rate for applicant-provided data may indicate discouragement or other failure by a financial institution to maintain procedures to collect applicant-provided data that are reasonably designed to obtain a response. 

Compliance Dates; Special Transitional Rules. The final rule will be effective 90 days after it is published in the Federal Register. However, compliance with the rule will not be required as of that date. Pursuant to the final rule, a financial institution is a covered financial institution subject to the rule’s data collection and reporting requirements if it originated 100 or more covered transactions in each of the prior two calendar years. However, in Section 1002.114(b), the final rule contains staggered compliance dates that differ depending on the number of covered originations a covered financial institution originated in 2022 and 2023. These dates are as follows:

  • A financial institution must begin collecting data and otherwise complying with the final rule on October 1, 2024 if it originated at least 2,500 covered originations in both 2022 and 2023.
  • A financial institution must begin collecting data and otherwise complying with the final rule on April 1, 2025, if it:
    • Originated at least 500 covered originations in both 2022 and 2023;
    • Did not originate 2,500 or more covered originations in both 2022 and 2023; and
    • Originated at least 100 covered originations in 2024.
  • A financial institution must begin collecting data and otherwise complying with the final rule on January 1, 2026, if it originated at least 100 covered originations in both 2024 and 2025.

The staggered compliance dates based on origination volume represents a change from the CFPB’s proposal which would have required compliance no later than 18 months after the final rule’s effective date regardless of origination volume.

The final rule, in Section 1002.114(c), also contains special transitional rules that a financial institution can use to determine the number of covered originations it originated in 2022 and/or 2023 if it did not collect sufficient information to determine if some or all borrowers were small businesses pursuant to the final rule or if such information is not readily accessible. In addition to other methods, the final rule permits a financial institution to assume that every covered credit transaction it originates for business customers in 2022 and 2023 is to a small business.

Grace Period Policy Statement; Statement on Enforcement and Supervisory Practices. In response to comments on the proposal, the CFPB issued a “Grace Period Policy Statement” with the final rule that sets forth how it intends to exercise its supervisory and enforcement discretion following a covered financial institution’s initial compliance date. The Statement provides a grace period covering a financial institution’s first 12 months of data submission if the financial institution has had made good faith efforts to comply with the final rule. To explain its decision not to provide a longer grace period as requested by some commenters, the CFPB noted that it believes a 12-month grace period “is sufficient, especially given the other accommodations the Bureau is making to ensure that financial institutions are not unduly penalized for good faith errors, such as the bona fide error provision and the various safe harbors the Bureau has finalized in this rule….”

The final rule was also accompanied by a “Statement on Enforcement and Supervisory Practices Relating to Small Business Lending Rule under the Equal Credit Opportunity Act and Regulation B.” In the Statement, the CFPB indicates that it intends to use its enforcement and supervisory authorities to focus on compliance by covered financial institutions with the final rule’s prohibition against discouraging applicants from submitting responsive information. Specifically, the CFPB intends to look at institutions’ response rates for data requested from applicants and, as appropriate, “consider how a lender’s response rates compare to financial institutions of a similar size, type, geographic reach, or other relevant factors….” The CFPB also intends to look at irregularities in a particular response (such as high rates relative to similar institutions of a response indicating the applicant does not wish to provide the requested information) “because that could indicate steering, improper interference, or other potential discouragement or obstruction of applicants’ preferred responses.” The Statement also describes the CFPB’s expectations for what institutions should be doing to identify and respond to potential indicia of discouragement. The CFPB expects covered financial institutions to assess response rates not only on an institution level, but also on other levels, such as by division, location and loan officer. 

HMDA Comparison. While the CFPB looked to HMDA data collection and reporting requirements in developing the final rule, the final rule in some cases follows, or closely follows, the approach under HMDA, and in other cases differs from the approach under HMDA. Institutions subject to the requirements of both HMDA and the final rule will need to closely focus on the similarities and differences to avoid compliance errors.   

The CFPB also issued the following materials concurrently with the final rule: 

Richard J. Andreano, Jr.John L. Culhane, Jr. & Michael Gordon

Back to Top

CFPB Files Appeal From District Court Ruling in Townstone Mortgage That ECOA Only Applies to Applicants

The CFPB has filed a Notice of Appeal with the U.S. Court of Appeals for the Seventh Circuit from the district court’s decision in the CFPB’s enforcement action against Townstone Mortgage (Townstone). In the case, the district court ruled that a redlining claim may not be brought under the Equal Credit Opportunity Act (ECOA) because the statute only applies to applicants.

The CFPB’s lawsuit against Townstone represented the Bureau’s first-ever redlining complaint against a nonbank mortgage company. In its complaint, the CFPB alleged violations of the ECOA and Consumer Financial Protection Act. The U.S. District Court for the Northern District of Illinois granted Townstone’s motion to dismiss the CFPB’s complaint on the grounds that the ECOA applies to applicants and not to prospective applicants. The district court based its decision on the ECOA’s plain text which, in the court’s view, “clearly and unambiguously prohibits discrimination against applicants, which the ECOA clearly and unambiguously defines as a person who applies to a creditor for credit.”

In appealing the decision, the CFPB appears to be taking a significant risk. The Seventh Circuit could agree with the district court based on the plain text of the ECOA, and the very different language that Congress used in the Fair Housing Act to address redlining. If the Seventh Circuit rules in favor of the CFPB, Townstone could seek review by the Supreme Court where, if the Court agreed to hear the case, the CFPB would likely face an uphill battle given the Court’s conservative majority.

Richard J. Andreano, Jr.

Back to Top

Will the Second Circuit’s Ruling That the CFPB’s Funding is Constitutional Change the Outcome in CFSA v. CFPB? Some Thoughts on the Question

Many people have asked me if the Second Circuit’s opinion in CFPB v. Law Offices of Crystal Moroney, which held that the CFPB’s funding does not violate the Appropriations Clause, changes my mind about how the Supreme Court will rule in CFSA v. CFPB. It is noteworthy that two of the three judges on the Second Circuit panel were appointed by Republican Presidents, including one appointed by President Trump. Also, while the D.C. Circuit had previously concluded that the CFPB’s funding does not violate the Appropriations Clause, the acceptance of the CFPB’s argument by another circuit court in an opinion with a much fuller analysis adds weight to the CFPB’s argument.

Nevertheless, my view is that the Second Circuit’s opinion will not, in itself, materially impact the ultimate outcome in the Supreme Court. Given that the Appropriations Clause issue is one of first impression, there is room for the Supreme Court to create new law in ruling in either side’s favor. It is likely that a majority of the Court (either 5 or 6 of the Republican, conservative Justices) will be strongly inclined to rule in favor of CFSA because of their inherent antipathy towards the “Administrative State” (an agency usurping the power of Congress) and the perception of many that the CFPB is the poster child of the Administrative State (one director with breathtaking power). Also, the Supreme Court, in Seila Law, has already shown antipathy towards the CFPB in particular.

However, a majority of the Court may not be persuaded by the reasoning used by the Fifth Circuit to reach its conclusion in CFSA v. CFPB that the CFPB’s funding is unconstitutional (i.e. the argument that the CFPB is “doubly insulated” from the annual appropriations process because the CFPB receives its funding from the Federal Reserve Board which, in turn, receives its funding from the Federal Reserve Banks and not Congress). As a result, a majority may need to accept a different rationale for concluding that the CFPB’s funding is unconstitutional and will have to deal with the difficult issue of how to distinguish, for purposes of its constitutionality, the CFPB’s funding from the funding of the Federal Reserve Board, the Comptroller of the Currency, the FDIC, as well as other federal agencies funded outside of the annual appropriations process.

In addition, to affirm the Fifth Circuit’s decision that the CFPB’s funding is unconstitutional, a majority of the Court would also have to address whether the remedy invoked by the Fifth Circuit—vacating the CFPB’s payday lending rule—was the proper remedy for an Appropriations Clause violation. As we and others have observed, the question of what is an appropriate remedy in the case has enormous potential implications for all other CFPB rules and as well as the other actions taken by the CFPB over the nearly 12 years since it opened its doors for business.

Despite these issues, I continue to believe that a majority of the Court will conclude that the CFPB’s funding is unconstitutional. I also believe that the Supreme Court will stay its mandate to give Congress an opportunity to rectify the constitutional infirmity, and to deal with the decision’s other ramifications, including its impact on other regulations promulgated and actions taken by the CFPB during its existence. At the end of the day, I expect the CFPB to remain as an agency, but with much less power, and the CFPB regulations on which the industry has relied not to be disturbed. Beyond that, I will not speculate as to what will happen to other actions taken by the CFPB or whether the agency will still be governed by one individual or become a commission composed of three or five individuals. These are all political questions that will need to be resolved by a bipartisan Congress during a presidential election year. 

Alan S. Kaplinsky

Back to Top

This Week’s Podcast Episode: How a Former FDIC Chairman is Reacting to the Silicon Bank Valley Failure, a Discussion With Special Guest Bill Isaac, Chairman, Secura/Isaac Group, and FDIC Chairman From 1981-1985

In light of ongoing events concerning the recent bank failures and the response of regulators, we are releasing this week’s podcast episode earlier than our regular Thursday release date. 

After reviewing the circumstances leading to the failure of SVB and historic parallels, we discuss the merits of the regulators’ decision to invoke the Systemic Risk Exception and protect all SVB deposit accounts, notwithstanding the $250,000 FDIC insurance limitation, alternate approaches that regulators might have considered for protecting uninsured funds, and the Fed’s creation of the Bank Term Funding Program to make available additional funding to eligible depository institutions. We also discuss the impact of the mark-to-market accounting standard on bank liquidity and the role of the Fed’s monetary and regulatory policies in SVB’s failure. Finally, we discuss how the regulators could stop further runs on banks by temporarily covering all deposits, regardless of amount, or guaranteeing the full amount of demand noninterest-bearing transaction deposits and certain other accounts as the FDIC did during the recession of 2008-09.

Alan Kaplinsky, Senior Counsel in Ballard Spahr’s Consumer Financial Services Group, leads the discussion, joined by Scott Coleman, a partner in the firm and member of the firm’s Banking and Financial Services team and the Distressed Financial Institutions and Counterparties component of the firm’s Distressed Assets and Opportunities Initiative.

To listen to the episode, click here

Alan S. Kaplinsky and Scott Coleman

Back to Top

CFPB Releases Policy Statement Defining Abusive Acts or Practices

In the CFPB’s second attempt to define “abusive” acts or practices, the first being guidance rescinded a year after it was given in 2020, the CFPB has issued a new policy statement in which it turns to statutory analysis and past enforcement actions to provide a framework for determining what constitutes abusive conduct. While the policy statement appears to be immediately effective, the CFPB indicated in its press release that the policy statement will be published in the Federal Register and comments can be submitted until July 3, 2023.

The Consumer Financial Protection Act (CFPA) defines “abusive” acts or practices as conduct that: “(1) materially interferes with the ability of a consumer to understand a term or condition of a consumer financial product or service; or (2) takes unreasonable advantage of (A) a lack of understanding on the part of the consumer of the material risks, costs, or conditions of the product or service; (B) the inability of the consumer to protect the interests of the consumer in selecting or using a consumer financial product or service; or (C) the reasonable reliance by the consumer on a covered person to act in the interests of the consumer.” 12 U.S.C. § 5531(d).

The CFPB states there are two categories of conduct it finds generally abusive: (1) actions that obscure important features of a product or service, and (2) actions taking unreasonable advantage of consumers in certain circumstances. The circumstances in which an entity takes unreasonable advantage of a consumer generally include a consumer’s gaps in understanding the product or service’s terms, unequal bargaining power, or a consumer’s reliance on the company to act in their best interest.  

The first category of conduct the CFPB finds abusive arises in situations where an entity “materially interferes with the ability of a consumer to understand a term or condition of a consumer financial product or service.” Id. Practically speaking, such interference would include buried disclosures, physical or digital interference, or overshadowing. Examples of buried disclosures include, but are not limited to, using fine print, complex language, or jargon, or providing disclosures after the consumer has made a decision. With respect to physical and digital interference, such conduct includes hiding or withholding notices, creating digital interfaces using pop-up or drop-down boxes, including multiple click-throughs, or using dark patterns. Overshadowing includes placing content prominently in a way that interferes with the comprehension of other content. It is important to note the materiality of this interference would be presumed if the information relates to pricing or costs, limits the consumer’s ability to use or benefit from the product, or relates to the contractually specified consequences of default.

The next category of conduct involves three potential circumstances in which an entity takes unreasonable advantage of the consumer, even if the circumstances were not created by the entity. The first is when a consumer simply does not understand the risks, cost, or conditions associated with the product or service. The next involves unequal bargaining power such that a consumer, for example, lacks the practical ability to switch providers to seek more favorable terms. The final situation involves scenarios in which a consumer relies on an entity to make a decision for them or advises them on how to make a decision. For all three of these categories, the CFPB provides details about the potential scenarios in which an entity could take unreasonable advantage of a consumer.

The CFPB’s analysis of the CFPA’s definition of abusive conduct, summary of past precedent, and background on the underlying policies, provide some additional clues regarding future CFPB enforcement actions as well as a framework of sorts for analyzing whether particular practices could be categorized as abusive. The policy statement does not, however, provide clear guidance regarding all the contours of “abusiveness” and is thus of limited utility to entities in developing compliance programs. Although the statement provides some examples of conduct that might be considered “abusive,” the CFPB is careful not to limit its discretion to find other conduct actionable as well. As such, the scope of what can constitute “abusive” conduct remains extraordinarily broad.

Moreover, the CFPB’s approach to certain terms embedded in the statutory definition of “abusive” allows it to maintain broad interpretive leeway. By way of example, the statement notes that taking “unreasonable advantage” of consumers is determined by the specific facts and circumstances. The CFPB adds that “even a relatively small advantage may be abusive if it is unreasonable” and points out it is not necessary for the agency to find any consumer harm or analyze the relevant costs or benefits to consumers. The end result is continued uncertainty regarding when the CFPB will find that a provider has taken “unreasonable advantage.” Finally, it is worth noting that state enforcement agencies, specifically state attorney generals, may apply this guidance under the CFPA even if their own state laws do not define or prohibit “abusive” conduct.

- Chad JimenezJohn L. Culhane, Jr., Michael Gordon & Alan S. Kaplinsky

Back to Top

CBA Releases Survey Results on Consumer Satisfaction With Mobile and Online Banking Innovation and Scam Prevention

The Consumer Bankers Association has released the results of a national survey that looked at how consumers value banking services and innovation. The survey was conducted in February 2023 and included 1,197 adults across the U.S., representative by geography, age, gender, education level, and race.

Key survey results included the following:

  • 83% of respondents believe banks are doing a good job helping them avoid scams.
  • Nearly three quarters of respondents (71%) indicated banks’ scam prevention and security tools are “extremely” or “very” important, including warning notifications before completing a transaction or email alerts about potential fraud.
  • The vast majority (80%) of respondents indicated that “mobile banking for convenient transfer of money between accounts, depositing checks and paying bills online or with your smartphone” was extremely important (55%) or very important (25%).
  • The most frequent-or-occasionally used tools include a mix of both convenience-related tools and innovation and security tools and features as follows:
    • 80% (58% frequently): Mobile banking for convenient transfer of money between accounts, depositing checks and paying bills online or with your phone
    • 67% (39% frequently): Enhanced account security like 2-factor authentication
    • 58% (31% frequently): Enhanced account activity alerts and monitoring such as texts to confirm and approve purchases
    • 56% (25% frequently): Scam prevention including warning notifications before completing a transaction or email alerts about potential fraud
    • 49% (29% frequently): Text or email notifications about your account balance if it runs too low
    • 39% (16% frequently): Online tools such a spending analyzers to track how you spend money each month, and financial planning and budgeting tools

The survey results show that consumers do not place responsibility on banks for fraud and instead view banks as proactive in combatting fraud. Given consumers’ actual experiences with their banks, any regulatory actions to expand bank liability for fraudulent transactions would be unwarranted and unfair. 

Alan S. Kaplinsky

Back to Top

CFPB Determines Truth in Lending Act Does Not Preempt New York, California, Utah, and Virginia Commercial Financing Disclosure Laws

The CFPB has issued a determination that the Truth in Lending Act (TILA) does not preempt the commercial financing laws of New YorkCaliforniaUtah, and Virginia. The determination will be effective on the date it is published in the Federal Register.

TILA authorizes the CFPB to determine whether a state law disclosure requirement is preempted upon the CFPB’s own motion or upon the request of a creditor or other interested party. In response to a request for a preemption determination from a business trade association, the CFPB issued a preliminary determination that New York’s law was not preempted. On the CFPB’s own motion, it also provided notice that it was considering making determinations whether TILA preempts the California, Utah, and Virginia laws and indicated that it had preliminarily concluded that those laws were not preempted by TILA.

TILA provides that it does not preempt state laws “relating to the disclosure of information in connection with credit transactions” except to the extent such laws are “inconsistent with the provisions of [TILA], and then only to the extent of the inconsistency.” Having indicated in its notice of preliminary determination that it was considering whether to clarify the Federal Reserve Board’s formulation of the applicable preemption standard, the CFPB addresses the standard before discussing its determination that the laws of the four states are not preempted. The CFPB indicates that TILA’s inconsistency standard aligns with conflict preemption. In conflict preemption, a conflict exists when it is impossible to comply with both state and federal law, or when the state regulation “stands as an obstacle to the accomplishment and execution of the full purposes of the federal law” (the “obstacle prong”). The CFPB notes that because state laws rarely or never make delivery of TILA disclosures impossible, impossibility does not figure prominently in the Fed’s precedents and, instead, the Fed’s consideration of preemption typically focuses on the obstacle prong. According to the CFPB, for a state law to be preempted under the obstacle prong, it must “frustrate the meaningful disclosure of credit terms to consumers that TILA and Regulation Z provide.”

The CFPB begins its discussion of California and New York law by observing that both laws require providers to issue disclosures before consummation of certain commercial-purpose transactions. The CFPB contrasts this with TILA’s application to consumer-purpose credit. The CFPB also observes that although California and New York disclosures include a finance charge and APR disclosure, the CFPB does not need to resolve the question of “whether California’s and New York’s respective specifications result in different finance charges and APRs than would be generated under Regulation Z if it were hypothetically applicable, or whether they should instead be viewed as tailoring the finance charge and APR to the structures of certain types of commercial financing arrangements that are not shared by consumer credit transactions.”

With no commenter having suggested that compliance with California and New York laws as well as TILA and Regulation Z is impossible, the CFPB only applied the obstacle prong in its preemption analysis and concluded that the states’ laws do not stand as an obstacle to the accomplishment of TILA’s purposes. According to the CFPB, for purposes of a preemption analysis, the relevant TILA purpose is meaningful disclosure of credit terms so that a consumer can compare available credit terms and avoid the uninformed use of credit. The CFPB observes that TILA achieves this purpose by requiring disclosures for consumer credit and that consumers applying for credit that is primarily for personal, family, or household purposes (i.e. consumer-purpose credit) will continue to receive only TILA disclosures. It states that commenters advocating preemption had not shown “that consumers when shopping for consumer-purpose credit would somehow be prevented from understanding the terms of credit available to them for those purposes by State disclosures provided in different (business-purpose) transactions.” The CFPB also observes that where a potential borrower is shopping for consumer-purpose credit, the borrower would receive TILA disclosures and not the California or New York disclosures. 

The CFPB’s discussion includes a footnote responding to commenters who asserted that consumers with small businesses and who receive California or New York disclosures when applying for commercial credit “will, in their personal lives, distrust the TILA finance charge and APR” because they do not have consistent meanings under state and federal law. The CFPB states that these commenters had not offered any evidence or other support for the assumption that consumers would react with distrust under such circumstances “rather than an understanding that different calculations may be appropriate in the context of different types of transactions.” It also comments that “even assuming this scenario were to occur, the CFPB would not consider the issue to be so significant as to interfere with TILA’s purpose of enabling consumers to compare consumer credit products.”

While acknowledging that a borrower might use proceeds from a primarily business purpose transaction for consumer purposes, the CFPB states that because Congress did not require TILA disclosures “whenever any minor portion of primarily-business credit might be used for a personal purpose…such transactions should not drive an assessment of whether State disclosure regimes interfere with Congress’s purposes.” Also, responding to comments that advertisements for commercial financing that include APRs calculated using California’s or New York’s formulas could cause confusion, the CFPB stated that California and New York do not require commercial lenders to include an APR in advertisements and to the extent they might choose to include an APR, “that is not a requirement of those laws and not a basis to declare those laws’ disclosure requirement to be inconsistent with TILA.”

With regard to Utah law, the CFPB observes that because the transactions for which disclosures are required do not include consumer-purpose transactions, the Utah law is not preempted for the same reasons as the California and New York laws. As an additional reason, the CFPB notes that “because [the Utah law] does not require disclosure of a finance charge, APR, or other TILA-related disclosure, there would be no occasion for it to be preempted even if applicable to consumer credit transactions.”

With regard to Virginia law, the CFPB observes that because the law requires disclosures only in connection with “sales-based financing” as defined by the law, it would not apply to a consumer credit transaction as defined in TILA and Regulation Z. The CFPB further observes that there would be no basis to find an inconsistency with TILA even if the law did apply to consumer credit transactions because the only TILA-related disclosure term used in the law is the finance charge which, as defined in Virginia’s implementing regulation, has the same definition as in Regulation Z. 

John L. Culhane, Jr.Michael R. Guerrero & John Sadler

Back to Top

CFPB Cracks Down On Portfolio Recovery Associates With $24-Million Judgment

On March 23, 2023, the CFPB filed a complaint and proposed judgment against Portfolio Recovery Associates, LLC (PRA), one of the largest debt collectors in the United States. If entered by the court, the proposed judgment would require PRA to pay $12.18 million to allegedly harmed consumers and $12 million to the CFPB as a civil penalty.

The current action follows 2015 charges against PRA that resulted in a consent order (the 2015 Order) in which the CFPB found that PRA violated the Consumer Financial Protection Act (CFPA) and the Fair Debt Collection Practices Act (FDCPA). The 2015 Order precluded PRA from engaging in certain activities, including:

  • Collecting debts without a reasonable basis,
  • Selling debt,
  • Threatening or filing collection lawsuits without an intent to prove the debt,
  • Filing false or misleading affidavits in debt-collection actions,
  • Making false or misleading representations, and
  • Collecting or suing on debt that was outside the statute of limitations.

In the CFPB’s new complaint, it alleges that PRA violated the 2015 Order, the CFPA, FDCPA, and the Fair Credit Reporting Act (FCRA) and its implementing Regulation V. Specifically, the Bureau alleges that PRA violated the CFPA and, in some instances, the FDCPA, when it violated multiple conduct provisions from the 2015 Order, including prohibitions on:

  • Representing the amount or validity of unsubstantiated debt,
  • Collecting on debt without offering to provide necessary documentation to consumers,
  • Misrepresenting that it would provide the offered documents within 30 days,
  • Collecting on time-barred debt without making required disclosures,
  • Initiating debt collection lawsuits without possessing required documentation, and
  • Suing to collect time-barred debt.

In addition to the over $24 million that the CFPB is seeking from PRA, it is also seeking to impose broad injunctive relief, which could lay the foundation for future actions against PRA. While it is possible that the CFPB’s action against PRA could have a ripple effect for other debt collectors, that does not seem likely at this time. The CFPB claims that PRA violated the CFPA, FDCPA, and FCRA; however, the gravamen of the new complaint against PRA is that it violated the 2015 Order. Therefore, actions against other debt collectors without this context appear less likely. However, the CFPB’s lawsuit does demonstrate that the CFPB takes very seriously violations of prior consent orders entered into with the CFPB.

Elliot Johnson & Abigail S. Pressler

Back to Top

FTC Proposes “Click to Cancel” Provision in Proposed Amendments to Negative Option Rule

On March 23, 2023, the Federal Trade Commission (FTC or Commission) issued a Notice of Proposed Rule Making (NPRMF) seeking comment on proposed amendments to the Commission’s Negative Option Rule. The proposed amendments, which would expand the scope of the rule’s coverage to all forms of negative option marketing and consolidate various requirements dispersed across various statutes and regulations, include a “click to cancel” provision which would require a simple cancellation mechanism for consumers to easily cancel subscriptions by using the same method they used to initially enroll.

The FTC uses the phrase “negative option marketing” to broadly refer to a category of commercial transactions in which an underlying condition or term will continue unless the consumer takes an affirmative action to either cancel the agreement or reject the good or service. Negative option plans can take the form of agreements or subscriptions that automatically renew, continuity plans (where a consumer agrees in advance to receive goods or services periodically), or free trial marketing (where a consumer receives goods or services for free or for a nominal price for a limited time period). 

The FTC’s Negative Option Rule (16 C.F.R. Part 425), which was first promulgated by the FTC in 1973 pursuant to the FTC Act as a rule to address an unfair or deceptive act or practice under Section 5, applies to prenotification plans for the sale of goods. Under a prenotification plan, sellers generally send periodic notices offering goods to participating consumers (subscribers) and then send (and charge for) those goods if the subscriber fails to affirmatively decline the offer. Under the current rule, prenotification plan sellers must disclose the material terms of their plan – including how to cancel – clearly and conspicuously before subscribers sign up. The proposed amendments would expand the coverage of the rule beyond prenotification plans to all other forms of negative option marketing.

Notwithstanding the limited scope of the current rule, and as we noted when the FTC issued guidance on negative option programs in October 2021, several other statutes and regulations also address contracts that automatically renew in addition to the Negative Option Rule. These include Section 5 of the FTC Act, 15 U.S.C. § 45(a) (which prohibits unfair or deceptive acts and practices), the Restore Online Shoppers’ Confidence Act (ROSCA), 15 U.S.C. §§ 8401-8405, the Telemarketing Sales Rule (TSR), 16 C.F.R. Part 310 (which applies to negative options offers made over the telephone and requires disclosure that charges will be made to a consumer’s account unless they take specific steps to avoid them), the Postal Reorganization Act (also known as the “Unordered Merchandise Statute”), 39 U.S.C. § 3009 (which designates mailing or billing for unordered merchandise as an unfair practice), and the Electronic Fund Transfer Act (EFTA), 15 U.S.C. §§ 1693-1693r (which prohibits sellers from imposing recurring charges on a consumer’s debit cards or bank accounts without written authorization). ROSCA, which was enacted in 2010 and is primarily aimed at negative options, including from third-party sellers during or immediately following a transaction, prohibits the use of negative options in internet sales unless there is clear and conspicuous disclosure, express informed consent, and a simple mechanism to stop recurring charges and opt-out.

The FTC’s rationale in amending the Negative Option Rule is that “[t]he existing patchwork of laws and regulations does not provide industry and consumers with a consistent legal framework across media and offers.” Examples of this lack of consistency, according to the FTC, include that the current Negative Option Rule does not cover common practices such as continuity plans, automatic renewals, and trial conversions, and that ROSCA and the TSR do not address negative option plans in all media, just (respectively) online and telephonic. The FTC also believes the current framework lacks clear guidance and specificity in its disclosure requirements, citing as an example ROSCA’s requirement of “simple mechanisms” for cancellation, without more guidance as to what that may be. The “click to cancel” provision clarifies that a simple mechanism is the same method used to sign-up (e.g. through a website, app, or telephone call).

The proposed amendments make several specific changes:

  • Simple Cancellation Mechanism: The proposed rule would require businesses to make it at least as easy to cancel a subscription as it was to start it. For example, if a consumer can sign up online, they must be able to cancel on the same website, in the same number of steps.
  • Consent to Hear Additional Offers: The proposed rule would allow sellers to pitch additional offers or modifications when a subscriber tries to cancel their enrollment, but would first require sellers to ask whether they want to hear them. Sellers would be required to immediately implement the enrollment cancellation if a subscriber declined to hear additional offers.
  • Reminders and Confirmations: The proposed rule would require sellers to provide an annual reminder to subscribers enrolled in negative option programs involving anything other than physical goods, before they are automatically renewed.

The FTC approved the NPRM by a 3-1 vote, with Commissioner Christine Wilson voting no. In a statement issued by FTC Chair Lina Khan, joined by Commissioners Rebecca Kelly Slaughter and Alvaro Bodoya, the majority approving the NPRM stated “[t]he proposed rule would … provide clarity across industries about sellers’ obligations when engaging in negative option marketing. The click-to-cancel section of the proposed rule would give companies clear and specific instructions around making it at least as easy to cancel their products and services as it is to register for them.” In her dissenting statement, Commissioner Wilson stated that while the amendments may achieve the goal of synthesizing the various negative option requirements into one rule, the NPRM goes far beyond the unfair and deceptive practices that it was meant to address and would capture misrepresentations regarding the underlying product or service wholly unrelated to the negative option feature. According to Commissioner Wilson, “the [NPRM] explains that ‘the proposed Rule prohibits any person from misrepresenting, expressly or by implication, any material fact regarding the entire agreement – not just facts related to a negative option feature.’ It further explains that ‘[s]uch deceptive practices may involve misrepresentations related to costs, product efficacy, free trial claims, processing or shipping fees, billing information use, deadlines, consumer authorization, refunds, cancellation, or any other material representation.’”

The proposed rule is the latest action demonstrating regulatory scrutiny of negative options. In addition to the October 2021 guidance mentioned above, the FTC in 2022 announced consent orders with a phone service provider (Vonage) and payment processor providing services to small businesses (American Payment Systems LP) where the Commission alleged that difficulties encountered by subscribers in the service cancellation process violated Section 5 of the FTC Act and ROSCA. More recently, the Consumer Financial Protection Bureau issued a circular in January 2023 addressing circumstances in which negative option marketing can be unfair, deceptive, or abusive acts or practices under the Consumer Financial Protection Act. In addition to federal regulatory requirements, several states have enacted requirements for negative option marketing, including, without limitation, new auto-renewal laws in California, Colorado, Delaware, and Illinois.

Public comments to the NPRM may be submitted electronically at once the notice has been published in the Federal Register, and must be submitted within 60 days after publication.

- John C. Grugan & Brian Turetsky

Back to Top

SCOTUS Agrees to Hear ADA Case on Standing of Website Tester

Earlier this week, the U.S. Supreme Court agreed to hear a case in which the question presented is whether an Americans with Disabilities Act (ADA) “tester” has Article III standing to challenge a place of public accommodation’s failure to provide disability accessibility information on its website, even if she lacked any intention of visiting that place of public accommodation. In the case, Laufer v. Acheson Hotels, LLC, the First Circuit, reversing the district court, ruled that a disabled Florida resident had standing to sue a Maine hotel under the ADA even though the plaintiff lacked any intention of staying at the hotel. There is currently a circuit split on this issue.

Financial institutions have been and continue to remain targets of ADA “testers.” Thousands of lawsuits are filed each year asserting that websites are not accessible to disabled individuals. Although Acheson Hotels involves hotel and similar accommodations, the U.S. Chamber of Commerce, joined by other trade groups, filed an amicus brief in which it observed that the case “presents a question of Article III standing that extends far beyond the specific circumstances of this case, the resolution of which is important to the Nation’s entire business community.” In its brief, the Chamber urged the Supreme Court to use the case as an opportunity to provide clarity on the requirements for tester plaintiffs to have Article III standing. Not only could the Supreme Court’s decision have implications for the standing of testers to bring ADA claims outside of the hotel context, it could also have implications for the standing of testers to bring other types of claims such as Equal Credit Opportunity Act and Fair Housing Act claims.

Attorneys in Ballard Spahr’s Accessibility Group regularly advise clients on digital accessibility matters in the quickly changing legal environment. In addition to representing clients in connection with litigation relating to digital accessibility, Group members draft and review digital accessibility policies and procedures, providing clients with advice to avoid litigation.

Michelle M. McGeogh

Back to Top

Banking Industry Reacts to White House Endorsement of New Regulations for Banks

On March 30, 2023, the White House endorsed several proposals to strengthen regulatory requirements for the banking industry in the wake of the Silicon Valley Bank and Signature Bank failures. This comes on the heels of President Biden’s March 13, 2023, remarks where he noted his intention to ask Congress and the banking regulators to “strengthen the rules for banks” to decrease the likelihood of similar failures in the future. Among the proposed changes being endorsed are reinstating rules for banks with assets between $100 billion and $250 billion, which the White House noted were rolled back during the previous administration, such as liquidity requirements, enhanced stress testing, and “living wills” detailing how banks of this size can be wound down. The Biden Administration further called on regulators to require some of the proposed reforms be imposed on mid-sized banks, such as annual stress testing and living wills, and to ensure that the costs of replenishing the Deposit Insurance Fund not be borne by community banks.

While it is clear the regulators have the backing of the White House to move forward with enhanced regulations, the banking industry’s reactions to the White House’s endorsements and the proposed reforms have been mixed. Greg Baer, president and chief executive of The Bank Policy Institute, a trade group for the largest banks, urged caution on adopting new regulations, noting that the proposals feel like a “ready, fire, aim” approach given the Federal Reserve has “barely begun its promised review” and the proposed additional regulations could “impose meaningful costs on the U.S. economy going forward.” On March 30, 2023, the Consumer Bankers Association (CBA) president and CEO, Lindsey Johnson, released a statement that echoed similar sentiments, noting now was not the time for “knee-jerk political reactions” and underscoring the strength and resilience of America’s banks, which were some of the most well-regulated in the world. Rob Nichols, president and CEO of the American Bankers Association, agreed with the Biden Administration and Congress on the need to understand why the recent bank failures occurred; however, he noted the call for rule changes was “premature” given the ongoing reviews by the Federal Reserve, FDIC, and GAO.

Better Markets, however, applauded the White House’s call for bank reforms and regulators’ actions. The nonpartisan organization, which was founded during the 2008 financial crises, noted that while “bankers, their lobbyists, and allies are going to scream and make all sorts of baseless claims . . . if they are properly regulated,” Dennis M. Kelleher, the organization’s co-founder, president, and CEO, underscored the “important words and directives from the White House” and looked forward to “prompt action.” Finally, in response to the White House’s directive calling on the FDIC to ensure community banks do not bear the costs of replenishing the Deposit Insurance Fund, Independent Community Bankers of America president and CEO, Rebeca Romero Rainey, issued a statement in support of the White House’s announcement.

With the support of the White House behind the federal banking agencies’ regulatory reforms, enhanced banking regulation appears imminent. What is less clear is whether the banking industry will also back the reforms, with some groups urging caution and others welcoming prompt action. What has been suggested, however, is that according to Federal Reserve data, less than two dozen firms out of approximately 4,000 FDIC-insured U.S. banks would likely be affected by partially reinstating the rules that were rolled back under the previous administration.

Scott A. Coleman & Sarah B. Dannecker

Back to Top

A Primer on “Dark Patterns,” With Special Guest Andrew Nigrinis, PhD, Managing Principal, Edgeworth Economics, and Former Consumer Financial Protection Bureau Enforcement Economist

The CFPB and FTC have targeted the use of “dark patterns” on websites to influence consumer behavior. We first discuss what regulators consider to be dark patterns and why they are a focus of regulatory concern and look at examples. We then discuss the empirical issues and behavioral theories a company should expect regulators to raise if it is the target of a dark patterns investigation or enforcement action, what proactive steps a company can take to reduce the risk of a dark patterns challenge and the role of A/B testing, the practices most likely to be the focus of future dark pattern challenges by regulators, and principles to consider when designing online interactions with consumers so as to avoid potential dark patterns.

Alan Kaplinsky, Senior Counsel in Ballard Spahr’s Consumer Financial Services Group, leads the conversation.

To listen to the podcast, click here.

Alan S. Kaplinsky

Back to Top

FinCEN Analyzes BEC Trends in the Real Estate Sector

On March 30, 3023, the Financial Crimes Enforcement Network (FinCEN) issued a Financial Trend Analysis focusing on business email compromise (BEC) trends and patterns in the real estate sector (referred to as “RE BEC”). The report is required under Section 6206 of the Anti-Money Laundering Act of 2020 (AMLA). This section of AMLA requires FinCEN to periodically publish threat patterns and trend information derived from BSA filings. To date, FinCEN has published four other reports. BEC attacks and scams continue to rise and FinCEN has issued several pieces of guidance in recent years, including an updated advisory and a fact sheet regarding the Rapid Response Program (RRP), which assists victims of BEC attacks.

The real estate sector is not immune from BEC attacks and is particularly vulnerable given the high-dollar value of transactions and numerous entities involved. This vulnerability was likely exacerbated given the average price of homes increased significantly during the review period. FinCEN previously reported in 2019 that the real estate sector was the third most targeted sector for BEC attacks. BEC attackers target businesses and organizations that conduct wire transfers and rely on email communications regarding the transfers, typically compromising a key email account to fraudulently direct funds to the attacker.

The analysis provides data filed with FinCEN between January 2020 and December 2021. During the reporting period, there were a total of 2,260 filings reporting $893 million in RE BEC incidents.

Key highlights of the analysis include:

  • Four money laundering typologies were identified: money mules used to obfuscate ties to attackers, money mules recruited through romance scams, ties to other fraud types, and the use of alternative payment systems to convert illicit proceeds (such as convertible virtual currency).
  • The average value of RE BEC incidents increased in 2021 with an average monthly value of $116,233.
  • Nearly 88% of incidents involved initial domestic transfers of funds to accounts at U.S. depository institutions. The top three international destinations of transfers included Hong Kong, China, and Mexico.
  • The report could not fully analyze fund recovery success rates, as some filings did not include this information or recovery efforts were initiated but not yet determined. Of the filings that did include this information, roughly 22.21% of depository institutions recovered the full amount of the funds and 20.37% indicted no funds could be recovered.
  • As reflected by the following chart, title companies and closing entities were the most frequently impersonated party, followed by investors and realtors as the most frequent impersonations.

The report also highlighted the importance of detecting and mitigating RE BEC attacks through system assessments of vulnerability and taking action to increase resiliency against attacks. In addition, FinCEN encourages the adoption of a multi-faceted transaction verification process and training and awareness to identify and evade phishing attempts.

In the press release accompanying the analysis, FinCEN noted that “[t]oday’s report emphasizes the critical role of timely reporting of cyber-enabled crime to enable FinCEN and law enforcement to interdict, freeze, and recover stolen funds through cyber-enabled fraud, such as BEC, through FinCEN’s Rapid Response Program (RRP).” As indicated in the report, the success rates of recovering funds are mixed but FinCEN has had greater success rates in identifying and freezing funds when victims or financial institutions report unauthorized and fraudulent BEC wire transfers to law enforcement within 72 hours of the transaction. The report also promoted the use of information sharing under a Section 314(b) program, and the continued reporting of RE BEC attacks through SAR filings.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. Please click here to find out about Ballard Spahr’s Anti-Money Laundering Team.

Kaley Schafer

Back to Top

On March 24, 2023, the Financial Crimes Enforcement Network (FinCEN) issued a press release and published initial guidance to assist the public in understanding the beneficial ownership information (BOI) reporting requirements under the Corporate Transparency Act (CTA). The guidance comprised Answers to Frequently Asked Questions (FAQs), a one-pager informative graphic explaining the applicable reporting filing dates, and a one-pager Answers to Key Questions on beneficial owner reporting. Additionally, FinCEN published a one-minute Introductory Video and a more detailed four-and-a-half minute Information Video about the BOI reporting requirement.

In the press release, FinCEN Acting Director Himamauli Das stated that the agency was committed to ensuring the implementation of the CTA’s BOI reporting obligations was “as simple as possible, particularly for small businesses who may have never heard of or interacted with FinCEN before.”

We have blogged extensively on the CTA and FinCEN’s final and proposed regulations (hereherehere, and here), and will not repeat our analysis of these regulations – other than to note that the stated primary goal of the CTA was to enable law enforcement and regulators to obtain information on the “real” beneficial owners of so-called “shell companies,” including foreign entities registered in the United States, in order to “crack down” on the misuse of such companies for potential money laundering, tax evasion and other offenses.

As we will discuss, these publications from FinCEN appear to be designed to assist the general public in understanding the basic rules regarding the CTA and its implementing regulations. To that extent, they succeed on their own terms. But, they do not address more difficult or more nuanced issues presented by the statute and the regulations. Meanwhile, and as we will discuss, FinCEN has been subject to pressure and criticism from both the U.S. Senate and industry groups regarding many of these same difficult and nuanced issues, including (i) whether FinCEN will or can verify the BOI information reported to it under the CTA, and (ii) revising the CTA reporting form currently proposed by FinCEN, which, as we have blogged, invites bad actors to not answer key questions.

1. The FAQs

FinCEN explains that it prepared the 16 FAQs to answer inquiries received related to the BOI reporting rule published on September 30, 2022. Further, the agency took the position that the Answers to the FAQs “are explanatory only and do not supplement or modify any obligations imposed by statute or regulation.” The FAQs addressed are:

  1. What is beneficial ownership information?
  2. Why do companies have to report beneficial ownership information to the U.S Department of the Treasury
  3. Should my company report beneficial ownership information now?
  4. When do I need to report my company’s beneficial ownership information to FinCEN?
  5. When will FinCEN accept beneficial ownership information reports?
  6. Will there be a fee for submitting a beneficial ownership information report to FinCEN?
  7. What companies will be required to report beneficial ownership information to FinCEN?
  8. Are there exemptions from the reporting requirement?
  9. Who is a beneficial owner of a reporting company?
  10. Will a reporting company need to report any other information in addition to information about its beneficial owners?
  11. Who is a company applicant of a reporting company?
  12. What information will a reporting company have to report about itself?
  13. What will a reporting company have to report about its beneficial owners and company applicants?
  14. How will I report my company’s beneficial ownership information?
  15. Who will be able to access reported beneficial ownership information and for what purposes?
  16. How will FinCEN protect beneficial ownership information reported to it?

Some Answers provide only background information or reiterate a rule without a helpful “plain English” explanation. (See FAQs 1, 2, 4, 7, 8, 12, 13, 15 and 16.)

Some Answers to FAQs suggest that there has been some confusion amongst the public as to basic components of the CTA and the implementing regulations. For example, FinCEN felt the need to provide Answers to the following questions: (1) there is no need currently to report BOI to FinCEN because the agency does not even accept any BOI reports at this time, see FAQ # 3 and 5, (2) there is no fee to submit the BOI report when the reporting date becomes effective, see FAQ #6, and (3) the BOI report will be submitted electronically, see FAQ # 14.

Small business and their advisers likely will be most interested in reading the Answers to FAQs #9 and #11. FAQ #9 summarizes the “substantial control” and “ownership” prongs for beneficial owners in “plain English” – which can be helpful to many small businesses trying to gain an initial understating of the CTA’s requirements. The Answer to FAQ #9 included three examples of fairly straight forward facts. Importantly, in all three examples the individuals outright owned stock ownership in the reporting company. Thus, FinCEN completely failed to address the potential complexity that can arise from indirect ownership and ownership interests that are not typical stock holdings, partnership interests, etc.

Relevant to professionals, including incorporation service companies and attorneys or paralegals whose information may have to be reported as “company applicants,” FAQ #11 explains that “[t]here can be up to two individuals who qualify as company applicants” and explicitly provides that “[n]o reporting company will have more than two company applicants.” FinCEN included two examples to illustrate how to identify the “company applicant” in what the agency deemed “common company creation or registration scenarios.” The first example is straight forward and involves only one person who directed and filed the relevant documents. The second example involves two individuals – Individual A who prepared the documents and directed Individual B to file the documents. FinCEN noted that Individual B could be Individual A’s “spouse, business partner, attorney, or accountant.” Under these circumstances, FinCEN explains that “in all cases” Individuals A and B are both company applicants whose information must be reported.

2. The One-Pagers

FinCEN prepared a one pager tiled “Beneficial Ownership Information Report Filing Dates” giving an overview of the most important dates. We have extracted it below.

Additionally, FinCEN prepared another one pager titled “Beneficial Ownership Reporting – Key Questions” to answer six questions about the general BOI reporting process. While the information is, for all essentially purposes, the same as found in the Answers to the FAQ, the one-pager might be helpful to small businesses trying to understand – at one glace – when the BOI reporting rules become effective and who needs to report what and how.

3. Recent Criticism of Proposed CTA Access Regulations and Reporting Form

FinCEN issued these publications and videos shorting after receiving significant written criticisms from both the U.S. Senate and industry groups. It is likely that FinCEN was not reacting to these particular criticisms, but rather already had planned on issuing these publications and videos – which do not address the thornier issues which we now discuss.

First, two Democratic and two Republican Senators (Whitehouse, Wyden, Grassley and Rubio) sent a letter dated March 15, 2023, to FinCEN (the Letter), expressing concern that the proposed regulation regarding access to the BOI database “strays from congressional intent and erects unnecessary and costly barriers to accessing” BOI. The Letter states that FinCEN’s proposed regulation has created an excessive barrier to State, local, and Tribal law enforcement accessing the BOI database by requiring a court order from a judge for such access, rather than, more generally, authorization from a court officer including a judge, magistrate or Clerk of Court. The Letter also states that the regulation should ensure the ability to use BOI in court cases after any related investigation is concluded. Turning to financial institutions (FIs), the Letter expresses concern about FIs’ ability to timely and effectively access the BOI database for over 30 million reporting companies. The Letter therefore asks FinCEN to (i) “establish an automated process (ideally one that integrates with existing compliance systems at [FIs]) for fielding and responding to” FIs’ requests; (ii) “clarify in the final rule that [FIs] are not expected to affirmatively obtain new consent from an existing reporting company customer” for every BOI database query; and (iii) ensure that FIs can access and use BOI in order to comply with most of their BSA, anti-fraud and sanctions requirements compliance, rather than merely their compliance with the CDD Rule. Further, the Letter asks FinCEN to explicitly provide access to the BOI database to the Department of the Treasury’s Office of Inspector General and the Comptroller General of the United States. Finally, and addressing a particularly thorny issue, the Letter urges FinCEN to issue a final rule which addresses how reported BOI can be verified. “[I]t is critical that this verification process be automated and built into the BOI reporting process.” Manual verification by FinCEN would risk overwhelming the agency’s capabilities.

Second, numerous industry and watchdog groups submitted comments criticizing FinCEN’s January 17, 2023, notice and request for comment regarding the currently proposed form to collect and report to FinCEN the BOI for entities covered by the CTA.  For example, and consistent with our own observations regarding the proposed form, the Bank Policy Institute (BPI) commented that it was concerned “that the usefulness of the information reported to FinCEN by reporting companies will be greatly limited if the final version of the reporting form to collect [BOI] includes the proposed ‘unknown’ and ‘unable to identify’ response options without necessary clarifications of the extremely limited circumstances where the required information may reasonably be unknowable.” This is because the frequent availability on the proposed form of “unknown” and “unable to identify” boxes for a filer to check “could discourage reporting companies from undertaking a ‘diligent inquiry’ to secure the requisite information and, further, from ‘tak[ing] care to verify the information’ before reporting it to FinCEN.” The BPI therefore recommends that FinCEN revise the proposed form so that it requires a reporting company to explain why it was unable, and the efforts that it took, to obtain the required information each time it checks a box stating either that the required information is unknown or that all applicants or beneficial owners could not be identified. Likewise, the BPI requests FinCEN to do the following in the instructions for the form and in related guidance:

  • clearly explain, including through the use of examples, the extremely limited situations in which an “unknown” or “unable to identify” box may be checked and what constitutes “diligent inquiry” and “care to verify”;
  • reiterate that, if the reporting company checks one or more of these boxes, it is obligated to subsequently update the reported information as needed and correct any incorrectly reported information, within specific timeframes; and
  • confirm that the reporting company may be subject to civil or criminal penalties if it checks “unknown” or “unable to identify” without undertaking diligent inquiry or care to verify, or subsequently updating or correcting the information as required.

The backlash against the proposed form has been sufficiently swift and strong so as to motivate FinCEN to issue a statement, as has been reported recently in the Wall Street Journal, that it is revising the proposed reporting form to address these concerns.

4. Conclusion

Although the Answers to the FAQs and one-pagers are helpful, general summaries of the CTA reporting framework will – in reality – provide limited insight for small business to determine who is and who is not a beneficial owner. Presumably, FinCEN will issue more detailed and nuanced FAQs after the CTA regulations become effective on January 1, 2024. The more interesting questions are how will FinCEN address the issue of BOI verification and improving the reporting form, all in time for the CTA BOI database to become functional by the effective date.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. Please click here to find out about Ballard Spahr’s Anti-Money Laundering Team.

Siana Danch & Peter D. Hardy

Back to Top 

A federal district court in Texas has invalidated and enjoined actions by federal agencies on and after March 23, 2010—when the Affordable Care Act (ACA) was enacted—to implement the ACA requirement that health plans and insurance policies cover the full cost of in-network preventive care that carries an A or B rating by the USPSTF. The court’s ruling broadly applies its earlier decision finding the ACA’s delegation of authority to the USPSTF violated the Appointments Clause of the U.S. Constitution. To learn more, please read our Alert here.  

D. Finn Pressly & Edward I. Leeds

Back to Top 

Did You Know?

On March 31, 2023, the New Jersey Department of Banking and Insurance issued a Bulletin adjusting the definition of “high cost home loans” under the New Jersey Home Ownership Security Act of 2002 to those mortgage loans of $556,429.97 or more. The adjustment is effective retroactively to January 1, 2023. The Department of Banking and Insurance has previously published a FAQ which covers the prohibitions placed upon high cost home loans.

- John Georgievski

Back to Top

Subscribe to Ballard Spahr Mailing Lists

Get the latest significant legal alerts, news, webinars, and insights that affect your industry. 

Copyright © 2024 by Ballard Spahr LLP.
(No claim to original U.S. government material.)

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, including electronic, mechanical, photocopying, recording, or otherwise, without prior written permission of the author and publisher.

This alert is a periodic publication of Ballard Spahr LLP and is intended to notify recipients of new developments in the law. It should not be construed as legal advice or legal opinion on any specific facts or circumstances. The contents are intended for general informational purposes only, and you are urged to consult your own attorney concerning your situation and specific legal questions you have.