Compliance Blog

In a statement released on June 3, the CFPB provided guidance for credit card issuers regarding electronic disclosures. In light of the current pandemic, increased call volumes and possible staffing constraints, the CFPB granted relief from the E-SIGN Act’s consent requirements for certain credit card disclosures. Albeit narrow and a bit delayed, the relief can still be helpful for credit unions.

Both the E-SIGN Act and Regulation Z require credit unions to obtain a member’s consent before it may provide most credit card disclosures electronically. The E-SIGN Act requires a member to either consent electronically or confirm consent electronically so verbal consent is not sufficient to provide electronic disclosures. The CFPB acknowledged the challenges this may pose for members calling to open new cards or request different terms when credit unions are dealing with already high call volumes. If a member cannot access their computer or other electronic device during the call, helping the member with a request or transaction may require a second call along with a second wait in the call queue after the member has had the opportunity to provide proper consent to receive electronic disclosures.

To help mitigate this issue, the statement indicates the CFPB will take a “flexible supervisory and enforcement approach during this pandemic” for credit unions wishing to provide certain disclosures electronically. The covered disclosures are: account opening disclosures under section 1026.6, temporary APR or fee reductions on existing accounts under sections 1026.9(c)(2)(v)(B)(i) and 1026.55(b)(1) and those related to balance transfers. The applicability of the statement is limited specifically to these disclosures. Periodic statement disclosures are notably absent from this list, so the flexibility discussed below would not apply to credit card statements.

For these disclosures, the CFPB will not cite as an exam violation or initiate enforcement action if a credit union obtains verbal consent to provide them electronically during a call with the member. The statement explains credit unions are expected to obtain verbal consent and verbal affirmation that the member can access and review the documents electronically. The statement goes on to explain credit unions are also expected to verify electronic contact information:

“For example, if during a phone call a consumer provides an issuer with the consumer’s email address, the Bureau expects that the issuer will confirm the correctness of the consumer’s email address, such as by clearly and understandably reading the email address back to the consumer so that the consumer can verify its correctness. In other instances, an issuer may already have an email address for the consumer on file. In these instances, the Bureau expects that during the phone call the issuer would clearly and understandably state that on-file email address to the consumer so that the consumer can verify its accuracy.”

The statement also outlines the expectations for record retention should a credit union choose to take advantage of the relief offered. To retain “evidence of compliance” as required under section 1026.25, the statement suggests a recording of the call or notes in the member’s file may be sufficient. The recording or notes should evidence the member’s consent and affirmation of access to the electronic disclosures.

As the CFPB only has supervisory authority over credit unions with more than $10 billion in assets, it is unclear whether the NCUA will follow a similar approach for credit unions not subject to the CFPB’s supervisory authority. Other credit unions wishing to take advantage of the relief outlined in the statement may want to reach out to their NCUA region for more information.