Latest CFPB Bulletin Reiterates Service Provider Accountability
The Consumer Financial Protection Bureau recently released a bulletin clarifying that financial institutions under federal supervision may be held responsible for the actions of the companies with which they contract — including operators such as skip-tracers and repossession agencies.
The CFPB said it will take a close look at service providers’ interactions with consumers and will hold all appropriate companies accountable when legal violations occur.
Federal officials acknowledge banks and nonbanks contract with service providers for a number of reasons. CFPB noted banks may use service providers to develop and market additional products or services or to provide expertise, and they may also contract with outside vendors for services they may not have the resources to conduct independently, such as telemarketing or call center services.
Regulators emphasized that using outside vendors can pose additional risks. They think a service provider that is unfamiliar with consumer financial protection laws or has weak internal controls can harm consumers.
The CFPB insisted it wants to ensure that consumers are protected from irresponsible service providers and banks and nonbanks are contracting with “honest” third parties.
The bulletin states the bureau’s expectation that supervised financial institutions have an effective process for managing the risks of service provider relationships.
The CFPB recommended that supervised financial institutions take steps to ensure that business arrangements with service providers do not present unwarranted risks to consumers. These steps include:
—Conducting thorough due diligence to verify that the service provider understands and is capable of complying with the law.
—Requesting and reviewing the service provider’s policies, procedures, internal controls and training materials to ensure that the service provider conducts appropriate training and oversight of employees or agents that have consumer contact or compliance responsibilities.
—Including in the contract with the service provider clear expectations about compliance, as well as appropriate and enforceable consequences for violating any compliance-related responsibilities.
—Establishing internal controls and on-going monitoring to determine whether the service provider is complying with the law
—Taking prompt action to address fully any problems identified through the monitoring process.
“Consumers are at a real disadvantage because they do not get to choose the service providers they deal with — the financial institution does,” explained CFPB director Richard Cordray.
“Consumers must not be hurt by unfair, deceptive, or abusive practices of service providers. Banks and nonbanks must manage these relationships carefully and can be held accountable if they break the law,” Cordray stressed.
The bulletin is available here.