Like most industries today, Consumer Finance Services businesses are being significantly impacted by the novel coronavirus (COVID-19). Troutman Pepper has developed a dedicated COVID-19 Resource Center to guide clients through this unprecedented global health challenge. We regularly update this site with COVID-19 news and developments, recommendations from leading health organizations, and tools that businesses can use free of charge.
To help you keep abreast of relevant activities, below find a breakdown of some of the biggest COVID-19 driven events at the federal and state levels to impact the Consumer Finance Services industry this past week:
Privacy and Cybersecurity Activities
- On March 24, the Home Mortgage Disclosure Act (HMDA) Modified Loan Application Register (LAR) data for 2021 became available on the Federal Financial Institutions Examination Council’s HMDA platform for approximately 4,316 HMDA filers. The published data contains loan-level information filed by financial institutions. For more information, click here.
- On March 22, the Federal Reserve Board invited comment on an interagency proposal to update policies and procedures, governing administrative proceedings for supervised financial institutions. The proposed updates would modernize these rules, aligning them with current practices and facilitating the use of electronic communications and technology in administrative proceedings. The proposal was jointly developed with the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, and the National Credit Union Administration. For more information, click here.
- On March 22, the Consumer Financial Protection Bureau (CFPB) issued policy guidance on potentially illegal practices related to consumer reviews. The CFPB seeks to ensure that customers can write reviews, particularly ones posted online, about financial products and services that accurately reflect their opinions and experiences. The guidance also highlights that these practices, such as posting fake reviews or inserting clauses that forbid a customer from publishing an honest review, may violate the Consumer Financial Protection Act. For more information, click here.
- On March 22, Florida Governor Ron DeSantis said Florida is working to accept bitcoin for tax payments. For more information, click here.
- On March 18, the three nationwide consumer reporting agencies — Equifax, Experian, and TransUnion (NCRAs) — announced plans to change how medical debt will be reported on credit reports. The joint measures will result in the removal of nearly 70% of medical collection debt records from credit reports. For more information, click here.
- On March 18, the Internal Revenue Service (IRS) issued a press release, reminding U.S. taxpayers about how to properly report virtual currency-related transactions on their 2021 Form 1040s, including adding a virtual currency question at the top Form 1040 that must be answered “yes” or “no”: “At any time during 2021, did you receive, sell, exchange, or otherwise dispose of any financial interest in any virtual currency?” For more information, click here.
- On March 17, the Financial Industry Regulatory Authority (FINRA) issued a notice, clarifying when chief compliance officers (CCOs) will face liability as supervisors under FINRA Rule 3110. Under Rule 3110, member firms must designate individual supervisors and identify their responsibilities as a part of implementing an overall system to “achieve compliance with applicable securities laws and regulations, and with applicable FINRA rules.” Ultimate responsibility for supervisory obligations in Rule 3110 lies with a member firm’s president, CEO, or equivalent officer or individual. For more information, click here.
- On March 23, New York Attorney General Letitia James issued a reminder that crypto investors must pay taxes on virtual investments. According to the press release, “[d]eliberate or reckless failure to properly declare and pay taxes on cryptocurrency transactions may constitute civil or criminal violations of the tax law, as well as violations of tax provisions of the New York False Claims Act, which could result in steep financial liabilities.” Attorney General James stated, “Cryptocurrencies may be new, but the law is clear: Investors must accurately report and pay taxes on their virtual investments. My office is committed to holding cryptocurrency tax cheats accountable.” For more information, click here.
- On March 22, the Virginia legislature sent HB1027 (Act) to the governor. If signed by April 11, the Act will impose the nation’s first registration requirement on sales-based financing providers and brokers. The Act applies to contracts entered into on or after July 1, and it authorizes the commissioner of financial institutions to adopt appropriate regulations to implement the Act. For more information, click here.
- On March 22, California’s Fifth Appellate District Court of Appeals issued a decision on the availability of attorneys’ fees under the Federal Trade Commission’s (FTC) Holder Rule. This case follows recent FTC guidance and two decisions from California’s Second Appellate District Court of Appeals, holding that the Holder Rule does not bar recovery of attorneys’ fees in excess of the amount paid under the contract. The Fifth Appellate District’s decision, however, does not fall in lockstep with its sister courts’ decisions: Although it concludes attorneys’ fees are available to the plaintiffs, it does so with substantively different reasoning that may have a profound effect on how this issue plays out in other states. For more information, click here.
- On March 18, North Carolina Attorney General Josh Stein issued a statement in support of the federal DO NOT Call Act (R. 4919). “Robocallers are a scourge on people’s peace of mind and hard-earned money, and the scammers who make these calls need to be held responsible,” stated Attorney General Stein. The statement continued, “These criminals are harassing and harming North Carolinians and must be stopped. This legislation will serve as another tool in our fight to end robocalls and protect consumers.” For more information, click here.
Privacy and Cybersecurity Activities:
- On March 25, President Biden announced a new Trans-Atlantic Data Privacy Framework with the European Commission. This framework will foster trans-Atlantic data flows and address concerns raised by the Court of Justice of the European Union when it struck down EU-U.S. Privacy Shield Framework in 2020. The framework also will reestablish an important legal mechanism for transfers of EU personal data to the United States. For the more information, click here.
- On March 24, Utah Governor Spencer J. Cox signed the Utah Consumer Privacy Act (UCPA), making Utah the fourth state in the country to adopt a comprehensive privacy law. The law will go into effect on December 31, 2023. The provisions closely mirror the Virginia Consumer Data Protection Act (VCDPA). All enforcement will be carried out by the Utah attorney general. For more information, click here.
- On March 25, California Attorney General Rob Bonta issued an alert with tips to protect consumers from tax-related identity scams. He states that tax-scams are common around tax season, and consumers should be wary of scammers claiming to be from the IRS or California Franchise Tax Board (FTB). He provides several tips including: (1) filing early, (2) ignoring callers who seek payment over the phone or through a wire transfer, (3) using a strong password, and (4) using two-step authentication. For the full alert, click here.
- On March 23, the Oklahoma House advanced House Bill 2969, the Oklahoma Computer Data Privacy Act, out of chamber on a 74-15 vote. Notably, this bill would require consumers to provide opt-in consent for the collection and sale of personal information. The Oklahoma Senate must move HB 2969 through committee assignments by April 14 for it to get floor consideration before the April 28 final passage deadline. If passed, the bill would become effective on January 1, 2023. To read the bill, click here.