New violations and compliance management system weaknesses under the Fair Credit Reporting Act (FCRA) and Regulation V are outlined in the 20th issue of “supervisory highlights” published by the federal consumer financial protection agency Monday.
According to the Consumer Financial Protection Bureau (CFPB), the violations were committed, by those which the agency calls “larger participants in the consumer reporting market” as well as furnishers of consumer information – including “banks, mortgage servicers, auto loan servicers, student loan servicers, and debt collectors” to consumer reporting companies (CRCs)
Among the violations (and remedies) reported are:
- Some exams of debt collector organizations providing information found that the policies and procedures of the organizations did not differentiate between FCRA disputes, Fair Debt Collection Procedures Act (FDCPA) disputes, or validation requests. The report states that the debt collector organizations categorized and handled direct FCRA disputes, FDCPA disputes, and validation requests the same way and without consideration for the applicable regulatory requirements. “Furthermore, the policies and procedures did not address the regulatory timeframes for conducting reasonable investigations of disputes, or for reporting the results of the investigations to the consumers or to CRCs, as appropriate,” the bureau wrote. Instead, the bureau stated, the exams found that policies and procedures provided general instructions on how to indicate that accounts are disputed and how to label dispute-related correspondence from consumers. “The policies and procedures did not contain any substantive instructions on how to conducti investigations of disputed accounts,” the report states. The agency said, as a result of the exams, some debt collectors are “are developing and implementing reasonable policies and procedures covering the steps necessary to conduct reasonable and timely investigations of disputes, as that term is defined in Regulation V.”
- In some exams of auto loan information furnishers, the agency found policies and procedures did not provide sufficient guidance for conducting reasonable investigations of indirect disputes that contain allegations of identity theft. “For example, the furnishers’ policies and procedures did not specify that agents investigating disputes alleging identity theft should review internal records of fraud investigations before completing dispute investigations and responding to CRCs,” the report states. As a result of the exam findings, the report adds that “one or more furnishers” are developing and implementing policies and procedures with respect to identity theft disputes to ensure the furnisher conducts its investigation, including review of internal records, prior to responding to the CRC.”
- Examiners found that some mortgage information furnishers’ policies and procedures were not appropriate to the nature, size, complexity, and scope of the furnisher’s activities. “For example, one or more furnishers maintained general FCRA-related policies and procedures that did not provide sufficient guidance for responding to disputes in a timely manner or reporting credit reporting changes in furnished accounts when the status of such accounts had changed.” The report states that, as a result of the findings, one or more furnishers are developing and implementing reasonable furnishing procedures for account reporting that are designed to ensure the timely update of information to reflect the current status of consumer accounts.
- Some furnishers of deposit account information, the report states, had no written policies or procedures for furnishing that information to specialty CRCs. The report stated that some of those organizations are developing and implementing reasonable written policies and procedures regarding the furnishing of deposit account information.
In addition, regarding deposit account information, the agency said its exams found that some organizations did not have reasonable written policies and procedures regarding the information. “For example, policies and procedures did not require that the furnishers validate the data furnished to specialty deposit CRCs, causing the furnisher to inaccurately furnish consumers’ account status information to one or more specialty CRCs.” The bureau stated that some furnishers of the deposit account information are now “evaluating the effectiveness of existing policies and procedures regarding the accuracy and integrity of information furnished to nationwide specialty CRCs and develop new written policies where appropriate.”