Compliance Blog

Last week, the Consumer Financial Protection Bureau (CFPB) announced the filing of a proposed judgment in its ongoing dispute with FCO Holding, Inc., its subsidiaries, and its owner, Michael Sobota (FCO). In 2019, the CFPB filed a complaint against FCO in the U.S. District Court for the District of Maryland for violations of the Fair Credit Reporting Act (FRCA), Regulation V, the Consumer Financial Protection Act, and the Fair Debt Collections Practice Act (FDCPA). According to the complaint, FCO operates “the largest debt-collection company in the multiunit-housing industry, and they collect debt on behalf of large apartment complexes, including student and military housing, and assisted-living facilities.”

Alleged Conduct

In its complaint, the CFPB alleges the following conduct:

·       Failing to maintain reasonable policies and procedures regarding the accuracy and integrity of furnished information to consumer-reporting agencies;

·       Failing to properly handle consumer disputes;

·       Failing to properly investigate consumer disputes alleging identity theft and continuing to report information before a determination was made as to the accuracy of the consumer’s dispute; and

·       Collecting debts without a reasonable basis to assert the consumer owed the debt.

Credit unions can find more information regarding requirements for these issues in the FCRA and Regulation V (accuracy and integrity, consumer disputes, and identity theft). For information regarding reasonable basis to assert a debt, credit unions may want to review the FDCPA.

Proposed Judgment

If entered, the proposed judgment would require FCO to take the following actions:

·       Modify, update, or establish written policies and procedures to improve accuracy of information furnished and, at a minimum, FCO must:

1.       Create detailed instructions for investigating consumer disputes, including “Direct and Indirect Disputes, and disputes that include Identity Theft Reports”;

2.       Require investigators to document and describe the steps taken to investigate each consumer dispute; and

3.       Require retention of supporting documentation for each dispute;

·       Modify, update, or establish written policies and procedures to improve or establish internal controls that, at a minimum, would require FCO to:

1.       Assess the accuracy and integrity of furnished information;

2.       Assess whether a response to a dispute complies with the FCRA and the Furnisher Rule;

3.       Assess whether FCO’s furnishing of information complies with the FCRA, Furnisher Rule, and FCO’s written policies and procedures;

4.       Promptly correct any failure to comply with the FCRA, Furnisher Rule, or FCO’s written policies and procedures; and

5.       Update its policies and procedures, or the implementation thereof, if any compliance failures are identified through FCO’s internal controls;

·       Establish an identity theft review program for previously received consumer identity theft reports and, if necessary, conduct an investigation into the report and update or correct any furnished information;

·       Modify, update, or establish written policies and procedures to evaluate “the quality, completeness, accuracy, and Integrity of account information provided by a client before commencing collections on an account;”

·       Retain an independent consultant to review FCO’s policies and procedures; and

·       Pay a civil penalty of $850,000 to the CFPB.

As Covid-19 programs and local collection moratoriums come to an end, credit unions may find more and more accounts being sent to their collections department and third-party debt collectors. Credit unions may want to take this enforcement action as a warning and may want to ensure that their policies and procedures and third-party collectors are compliant with federal and state law and ensure that the credit union provides all information necessary for its collectors to evaluate the credit union’s claim.

For more information regarding vendor management, NAFCU members can review this Compliance Monitor article regarding constructing a safe and sound vendor management program.