• Continued UDAP/UDAAP Warnings
  • August 4, 2015 | Author: Craig N. Landrum
  • Law Firm: Jones Walker LLP - Jackson Office
  • Many banks provide identity theft and credit monitoring products as add-ons to other consumer financial products such as credit cards or deposit accounts. Recent consent orders between the Consumer Financial Protection Bureau ("CFPB") and financial institutions or their third party providers of these add-on services should serve as a warning to financial institutions providing these products to closely examine such products to ensure that the products and services offered, and for which the bank customer is billed, are in fact received. There have now been 10 actions where the CFPB alleged fees were charged for benefits or products that were not delivered as represented in connection with marketing, sales, enrollment, billing, and administration of such products, thus constituting an unfair and deceptive practice.

    In one of the cases, identity theft protection products offered or provided by a third party vendor to customers of partnering financial institutions included credit information services (credit reports and monitoring) and financial advisory services (credit information hotline service), some of which were offered as bundled products. Customers enrolling in these products were billed a monthly or annual fee for the cost of their membership until they called the third party vendor to cancel. The third party marketing materials claimed that its identity theft insurance benefit covered "any" or "all" expenses caused by identity theft, when in reality, the protection products had material coverage limitations and exclusions and did not cover "any" or "all" identity theft related expenses. Particularly, there were material coverage limitations and exclusions in connection with payment of legal fees, court costs, and lost wages. In addition, the credit information hotline service was represented to improve a consumer's credit score by directly removing inaccurate information from the consumer's credit reports. In reality, the third party vendor lacked the ability to directly remove inaccurate information from a consumer's credit report or to guarantee improvement of a credit score upon removal of inaccurate information.

    The third party also enrolled consumers in the products with benefits that purported to provide the consumers with credit monitoring, credit report retrieval or both, which required customer authorization for release of such information. However, in many cases, significant time elapsed before the third party vendor or the bank obtained the consumer's authorization to credit reporting agencies to release credit information to the third party vendor. During this interval, the third party vendor or the partnering banks billed for the products, despite not providing full credit monitoring or credit report retrieval services due to lack of customer authority.

    The CFPB determined these activities are unfair and deceptive practices. Among other penalties, the CFPB is requiring the third party vendor to set aside a fund of $6,756,025 for the purpose of providing restitution to affected consumers.

    One of the third party vendors subject to the consent orders partners with numerous community banks and it is expected that the prudential bank regulators will follow up to determine if a bank has such products in place with that vendor or other similar vendors and will examine the products for unfair and deceptive practices in connection with the representations made for such products or in pricing of the services. The prudential regulators and the CFPB have emphasized that banks can and will be held accountable for violations by third party vendors.