1 (888) 836-6463 CONTACT US

OCC Issues Bulletin 2020-65 to Help Understand UDAP/UDAAP Enforcements

Jul 1, 2020 by Branan Cooper

Very recently, on June 29, 2020, the Office of the Comptroller of the Currency (OCC) issued Bulletin 2020-65, the Comptroller’s Handbook Booklet: Unfair or Deceptive Acts or Practices and Unfair, Deceptive or Abusive Acts or Practices.

First, let’s set aside the fact that the title may constitute a UDAAP violation or something in and of itself – kidding, but only slightly… wow, that was a mouthful. The bulletin is really aimed to inform examiners on what to look for in reviewing national and community banks for potential UDAP/UDAAP violations. As a reminder, the extra “A” in UDAAP stands for abusive and was added with the creation of the Consumer Financial Protection Bureau (CFPB) under the Dodd Frank Act. Abusive has never been fully defined, though the current director, Kathy Kraninger, has pledged to do so.

UDAP/UDAAP is a common violation for organizations, especially because of their vendors. You’re still responsible for what a third or fourth party does on your behalf. This is because third party relationships are often acting on behalf of your organization in offering a product or service to customers.

What to Know About the Bulletin?

Here are 4 key takeaways:

  1. CFPB is the only agency to wield full authority to enforce UDAAP. The bulletin reminds us of this. Meanwhile, in UDAP, as put in place by section 5 of the Federal Trade Commission Act, it’s made clear that several agencies do own authority to enforce it – just not full authority. So, don’t fall victim to thinking that the CPFB is the only one who can slap a fine for violation.

  2. UDAP guidance issued by the now defunct Office of Thrift Supervision is rescinded and it reasserts previous UDAP guidance and authority issued under other agencies. The bulletin goes on here to provide clear definition of the terms “Unfair” and “Deceptive”.

    Per the bulletin:

    Unfair – “The practice causes substantial consumer injury. Generally, monetary harm, such as when a consumer pays a fee or interest charge or incurs other similar costs to obtain a bank product or service as a result of an unfair practice, will be deemed to involve substantial injury. An injury may be substantial if it does a small harm to a large number of consumers or if it raises a significant risk of specific harm. The injury is not outweighed by benefits to the consumer or to competition. To be unfair, a practice must be injurious in its net effects. Generally, an analysis of the net effects includes not only the costs and harm to the consumer, but also consideration of the costs and regulatory burdens to banks, and the potential restrictions on competition and the availability of credit that may result from a finding of unfairness. The injury caused by the practice is one that consumers could not reasonably have avoided.”

    Deceptive – “Practices that can be misleading or deceptive include false oral and written representations; misleading claims about costs of services or products; use of bait-and-switch techniques; and failure to provide promised services or products. For example, there is an implied representation that a product or service is fit for the purposes for which it is being sold or marketed. In addition, the focus of this inquiry is on whether a practice is likely to mislead, rather than whether it actually misleads. The OCC will consider the entire advertisement, transaction or course of dealing in determining whether practices are misleading. The act or practice would be deceptive from the perspective of a reasonable consumer. The totality of the circumstances and the net impression that is made will be evaluated in making this determination. A bank’s failure to provide information also may be a deceptive act or practice and will be evaluated from the perspective of whether a reasonable consumer is likely to have been misled by the omission. A consumer’s reaction to an act or practice may be reasonable even if it is not the only reaction that a consumer might have.”

  3. Examiners  are provided examples and guidance to assist them when examining banks under UDAP and UDAAP. This is the real meat of the guidance. It cites specific examples of potential violations, including consumer complaints. Most of us know consumer complaints have been a common theme as well for how the CFPB has mined its own database for investigating potential enforcement actions. The bulletin goes on to cite specific examples of products and services that may give rise to potential concerns – citing many of the same items we have discussed in recent years – heavily fee laden products, products of questionable value, products with confusing terms or terms that haven’t been adequately reviewed by management, debt cancellation products, refund anticipation loans, etc.

  4. Reinforces the need for active board and senior management involvement. This is to prevent issues that may lead to UPAP/UPDAAP violations – continuing a drumbeat we’ve heard since at least 2013.

In short, while aimed at examiners, OCC Bulletin 2020-65 is well worth reading so you can understand what the examiners will expect from a UDAP/UDAAP perspective in your next examination. It never hurts to walk in the shoes of others and better understand their point of view, especially when that group is your examiner. 

Use this resource to learn more about what examiners expect. Download the eBook.

Vendor Risk Management Examination or Audit Preparation Guidebook

Branan Cooper

Written by Branan Cooper

Branan has nearly 30 years of experience in the financial services industry with a focus on the management of operational and regulatory processes and controls—most notably in the area of third party risk and operational compliance. Branan also serves as an industry thought leader. He's a member of InfraGard and the Professional Risk Management Industry Association (PRMIA). And, he was selected in 2018 as an advisor to the Center for Financial Professionals (CEFPro) and board member for the Global Sourcing Resource Network (GSRN).

Follow Branan Cooper

Subscribe to the Venminder Blog