MortgageRegulatory

The CFPB needs a regulator of its own

Why is it OK for the bureau to violate the standards it imposes on others?

Compliance is hard work. Just ask the mortgage lenders and servicers in the U.S. housing market, who have spent countless hours and dollars since 2010 automating whole systems, reworking processes and educating employees to comply with the Dodd-Frank Act.

But don’t ask the Consumer Financial Protection Bureau, the regulator of those lenders and servicers, because it seems to have a compliance problem. Nothing reeks of hypocrisy more than the regulator ignoring regulations, but the CFPB has racked up plenty of violations in the last year. And we’re not talking about small, nitpicky examples, but instances that have real-life consequences. If a lender or servicer were to violate any of these standards, they could expect swift and harsh punishment from the CFPB.

Here are just five examples:

1. The CFPB failed to follow its own internal processes.

In deciding to renovate its leased office building, the CFPB has seen costs skyrocket.

The bureau is in the middle of renovating its headquarters in Washington, D.C., and has seen the costs rise from its initial estimate of $95 million to the current estimate of $145.1 million. (This does not take into account the costs of moving to and leasing a temporary headquarters, which would bring the total to an estimated $216 million, depending on how long they are in the temporary quarters.)

From the LA Times, July 2, 2014:

The inspector general’s report, released Wednesday, said bureau officials have been “unable to locate any documentation of the decision to fully renovate the building.”

The bureau also failed to follow its own guidelines for approval by an internal investment review board because a required analysis of alternatives to the renovation was not completed, the report said.

“We cannot conclude whether a complete analysis would have altered the decision to approve funding for the renovation,” said the report by the Federal Reserve’s inspector general, which is the official watchdog for the bureau.

“However, without this analysis, the value of the IRB process as a funding control is diminished and a sound business case is not available to support the funding of the renovation,” the report said.

Let’s see, that’s missing documentation and a failure to comply with its own policies and procedures — two things that would earn mortgage lenders a serious penalty in a CFPB audit.

2. The CFPB is collecting consumer data.

This is happening without proper security measures in place and without the approval of the Office of Management and Budget.

According to the Government Accountability Office study from September 2014, the CFPB has access to account-level credit card data on between 546  million and 596 million consumer accounts on a monthly basis, and conducts large scale collection of this data, including data with personal identifiers.

From HousingWire.com’s reporting on Sept. 22, 2014:

The GAO noted that the CFPB “. . . has not developed standard policies and written procedures to document the practices it uses for anonymizing data, including clarifying how data sensitivity will be assessed. . .”

The GAO found weaknesses in the bureau’s ability to assess risks and vulnerabilities associated with data security and protection of consumer financial information.

The GAO noted that the CFPB and OCC should submit its credit card data collection plan for consultation and approval by the Office of Management and Budget, as required by law. Without such review, CFPB and OCC lack reasonable assurance that these collections are in compliance with the law.

So the CFPB didn’t go through the proper channels to develop the plan and didn’t develop policies and procedures to protect consumer’s data. Beyond that, many are asking how gathering and keeping millions of data points on consumers fits in with the bureau’s mission of protecting consumers?

Especially when that data includes personal identifiers and drills down to where they live, what political affiliations they have and what religion they profess. Assuming that the bureau has benign intentions in gathering the data in the first place (and not everyone is convinced of that), how can they justify the risk to consumers amid a credible threat of data breaches?

3. The CFPB thinks it is above the law.

In November 2014, a federal judge rejected a motion by the CFPB that sought to shield it from deposition in a lawsuit it had filed against Morgan Drexen Inc., a firm that provides storage for bankruptcy lawyers. From the Washington Times, Nov. 14, 2014:

But CFPB balked, telling the court that the bureau has an inherent right to “nondisclosure” and that “even the disclosure of purely factual material may be protected by deliberative process privilege.” The CFPB added that “requiring the bureau to designate any individual to appear at deposition would only serve to annoy, oppress, and cause undue burden on the bureau.”

I can only imagine the incredulity of lenders and servicers at the thought of “causing undue burden.” The cost and hazard of originating and servicing mortgages under Dodd-Frank has driven many firms right out of the mortgage business. Meanwhile, their regulator doesn’t want to be “annoyed” by obeying the law.

The article goes on to note that the bureau won settlements from at least 47 companies who paid more than $2 billion since the agency opened its doors in July 2011.

A careful reading of the documents, however, suggests that CFPB appears to win most of its cases administratively and few companies decide to challenge the bureau in court.

As Randy Miller, a Venable LLP attorney representing Morgan Drexen in the case noted, “There’s a lot of incentives to immediately settle when your regulator brings an enforcement action against you.”

4. The CFPB has published a Mortgage Rate tool that is inaccurate and misleading to consumers.

The CFPB released its new borrower education tool in January and immediately came under fire from the industry because it mentions rates and costs without including disclosure items that the bureau’s TILA-RESPA regulations require of mortgage lenders. From HousingWire.com on Jan. 15, 2014:

Basically, mortgage bankers said that if the Rate Checker were a lender advertisement or mortgage calculator, it would violate the CFPB’s disclosure rules.

“It sets borrowers up for severe disappointment,” David Stevens, president and CEO of the Mortgage Bankers Association, told HousingWire. “It should be taken down.”

The CFPB’s response, in a note to HousingWire, seems pretty unequivocal – it’s not coming down.

“As explained on the website, interest is only one of many costs associated with getting a mortgage. Before making a final decision, consumers should compare Good Faith Estimates from multiple lenders, which include all of these costs,” the CFPB spokesperson said.

Even more confounding is the lack of consultation with mortgage lenders about the implementation of this tool.

Yes, we don’t want to see overregulation, but why not ask service providers about the services they provide?

5. The CFPB’s internal management practices contradict the bureau’s “disparate impact” principle it applies to lenders.

Surely, this is the most grievous violation. Real people were hurt by discriminatory practices by lenders in the mortgage meltdown, and mortgage lenders should have to ensure that borrowers get treated fairly no matter what their race or ethnicity. One of the ways the CFPB has sought to enforce fairer lending practices is applying a disparate impact model to lenders’ data to root out discrimination. But if a survey of the bureau’s own employees shows them at fault using this model, what are lenders to think?

Either the model shows that the bureau is violating its own standards, or the bureau is using a model that is oversimplified in determining discrimination. Neither is very inspiring.

From American Banker on March 6, 2014:

The statistics themselves do not prove that CFPB managers are discriminating intentionally against minority employees. Yet they do indicate that racial disparities can be just as easily identified within the CFPB’s ranks as among the lenders the bureau regulates. The agency has pressed such claims under a controversial legal theory known as disparate impact — the assertion that different results for different racial groups are themselves a type of wrongful bias, even if they are unintentional.

“The level of hypocrisy at this agency is shocking,” said a current agency employee who spoke on condition of anonymity. “If it was a lender and had similar statistics, it would be written up, immediately referred to the Justice Department, sued and publicly shamed.”

The bureau’s reputation on this point was already abysmal, given the testimony from its employees to the House Financial Services subcommittee last year. A series of employees detailed how the bureau’s intake unit, staffed largely by black employees who were given little chance to advance, was referred to as the “plantation.”

 How can the bureau hope to fight the real problem of discriminatory lending when it lacks the moral authority given its own record?

The bureau clearly needs a regulator of its own.

 Protecting consumers is an appropriate and important function of the federal government. But that critical role means that the CFPB should have more accountability, not less. The idea that the CFPB’s “unique” mission puts it beyond congressional oversight makes no sense. Their operations, processes and rules will affect every consumer in America — so those operations, processes and rules should be under outside scrutiny.

The bureau’s actions in the past year prove that without significant accountability, it will disregard the very rules it imposes on others. And nothing is more corrosive to the foundation of government than that type of hypocrisy.

Here’s hoping that legislators of both parties will decide that congressional oversight of the CFPB is long overdue, and move to hold them accountable.

Most Popular Articles

3d rendering of a row of luxury townhouses along a street

Log In

Forgot Password?

Don't have an account? Please