CFPB Report - December 11, 2015

CFPB Brings Enforcement Action against Debt Collector
On Monday, December 7, 2015, the CFPB filed a civil complaint in federal court against EOS CCA, a Massachusetts-based debt buying and collection firm. The Bureau alleges EOS violated the Fair Debt Collection Practices Act and Dodd-Frank's ban on unfair, deceptive or abusive acts and practices when it collected on cellphone debt purchased from AT&T, even when it knew the portfolio contained significant problems, such as fraudulent debt, paid or settled debt, or out-of-statute debt. The company is also alleged to have collected on disputed debt without verifying whether the debt was still outstanding. The Bureau also claimed EOS inaccurately reported information to credit bureaus in violation of Fair Credit Reporting Act.
 
In a stipulated consent order filed the same day as the complaint, EOS agrees to refund at least $743,000 to consumers who made payments on disputed debt and pay a civil money penalty of $1.85 million. The company will stop collecting and reporting on disputed AT&T debt, collecting unverified debt and reselling debt for five years. EOS also will provide accurate information to credit bureaus.

House Financial Services Committee Holds FSOC Hearing
On Tuesday, December 8, 2015, the House Financial Services Committee held a hearing entitled: "Oversight of the Financial Stability Oversight Council," which included testimony from Securities and Exchange Commission (SEC) Chair Mary Jo White; Commodity Futures Trading Commission (CFTC) Chair Timothy Massad; the Honorable Roy Woodall, Independent Financial Stability Oversight Council (FSOC) Member with Insurance Expertise; National Credit Union Administration (NCUA) Chair Debbie Matz; Federal Housing Finance Agency (FHFA) Director Mel Watt, FDIC Chair Martin Gruenberg; CFPB Director Richard Cordray; and Comptroller of the Currency of the OCC Tom Curry.
 
The hearing identified the factors FSOC uses to designate a systemically important financial institution (SIFI), specifically non-bank SIFIs such as MetLife, Prudential, AIG, and GE. Committee Chairman Jeb Hensarling (R-TX) stated, "Of all of the Council's activities, none generates more controversy than its designation of non-bank financial institutions as 'systemically important financial institutions,' or SIFIs. Designation anoints institutions as Too Big to Fail, meaning today's SIFI designations are tomorrow's taxpayer-funded bailouts. Designation also ominously grants the Federal Reserve near de facto management authority over such institutions, thus allowing huge swaths of the economy to potentially be controlled by the federal government."
 
Ranking Member Maxine Waters (D-CA) stated, "FSOC has contributed to [economic] growth and stability by convening the 10 component regulatory agencies for periodic information-sharing about emerging risks, and reporting on those risks to the public. Further, the Council has now designated four institutions for enhanced supervision by the Federal Reserve. This designation will ensure that companies like AIG never again are able to engage in risky, unregulated activity that could threaten the entire global economy."
 
Roy Woodall, FSOC's lone voting member with insurance expertise, and a dissenting opinion on systemically important insurance company designations, received many questions and was singled out by the majority as an expert on designating non-bank SIFIs due to his background. In response to questioning, he indicated designating additional SIFIs could lead to greater costs to consumers.

House Committee Passes Bipartisan Data Security Act
On Wednesday, December 9, 2015, the House Financial Services Committee approved H.R. 2205, the Data Security Act of 2015, by a vote of 46-9. The bill, introduced by Reps. Randy Neugebauer (R-TX) and John Carney (D-DE) in May of 2015, would establish a national data security and breach notification standard with strong Federal enforcement overseen by the Federal Trade Commission (FTC) and state Attorneys General for non-financial entities. It would also preempt the current patchwork of state and federal regulations for data breaches.
 
In response, CBA President and CEO Richard Hunt praised the collaborative effort of payment systems to protect sensitive information and encouraged the full House to follow the example set by the Committee.
 
CBA actively supported this legislation and engaged the Hill in coordination with its fellow Financial Services Data Security Coalition members. In advance of the hearing, the coalition conducted dozens of meetings with staff and sent a letter of support to Committee leadership. Additionally, CBA wrote an op-ed featured on December 7, 2015, in The Hill's Congress Blog.
 
The retail trades opposed passage of H.R. 2205, stating in a letter to The Hill, "While our groups take the issue of data security very seriously and are committed to working with Congress to develop a strong federal bill, H.R. 2205 regulates every entity under the FTC jurisdiction by applying the Gramm-Leach-Bliley Safeguards Rule to non-banking industries. It makes no sense to take one industry's regulations and apply it to a huge segment of the economy without consideration for how retail, grocery, convenience store, restaurant or small businesses operate."
 
The bill has nearly 30 bipartisan cosponsors and is expected to be combined, per the request of House leadership, the Data Security and Breach Notification Act (H.R. 1770), which previously passed the House Energy and Commerce Committee.  As it currently stands, H.R. 1770 includes a significantly lower data security standard than H.R. 2205.