What to Do if You Face the Threat of Sanctions
Jeb Hensarling, chairman of the House Financial Services Committee, amusingly described the CFPB as the “single most powerful and least accountable federal agency in all of Washington.” The broad power and authority of the CFPB places the agency in a highly leveraged position when it targets a financial entity. The CFPB can conduct informal, time-consuming and costly investigations, and can then pursue action without court approval. Once the action is initiated, the financial entity under review faces an administrative hearing before an administrative law judge that was appointed by the CFPB director. An appeal from this court winds up before that same CFPB director, where the next appeal would land you in federal court, where the CFPB director’s ruling is given considerable deference.
With the implicit burden on defendants in enforcement proceedings, a financial services entity must be well prepared to defend itself in a CFPB action. Internal compliance procedures are the first line of defense to preventing CFPB action; however, identifying and addressing activities that can lead to violations can be elusive.
When the CFPB initiates an examination to determine whether enforcement action will be pursued, there are some practices and strategies that can help an entity mitigate the possibility of action. Examples include:
- Use candor, respect, and timeliness when communicating with the CFPB. When dealing with a regulatory agency such as the CFPB, it is important to recognize that a good rapport with the regulators and investigators can only help to alleviate its concerns. Conveying that you are committed to resolving issues fairly and quickly will serve this goal.
- Create detailed records of any information provided per a CFPB request. A thorough record of the investigation can avoid misunderstandings and can help with future interactions with the CFPB.
- Organize information regarding the entity’s operations. Some examiners may not be familiar with certain industry specific practices. By actively informing the examiners of the entity’s business operations, an entity can improve its position with the CFPB.
When an examination is concluded, the CFPB internally evaluates its findings. If the CFPB finds it necessary, it will issue a Potential Action and Request for Response (“PARR”) letter to the target entity. A PARR letter sets out the CFPB’s preliminary findings regarding any alleged violations, and notifies the entity if further action will be taken. The target entity will typically have 14 days to respond to the PARR letter. An entity’s response to the PARR letter can be crucial in deflecting action from the CFPB. It is a chance for the entity to frame their defenses, describe the remedial measures taken to address the alleged violation, and explain why enforcement action is inappropriate. The PARR letter is often reviewed by the CFPB’s Action Review Committee, who decides whether to take further action. In evaluating whether to take action, the Action Review Committee considers the likelihood of success, the harm to consumers caused by the alleged violation, the remedial measures taken by the entity, and the entity’s cooperation during the examination. CFPB Bulletin 13-06, 2013. The Committee makes a recommendation to the CFPB director, who ultimately decides whether to pursue enforcement action or to simply further supervise the entity to ensure future compliance.
How to Successfully Defend Sanctions
The CFPB enforces its regulatory authority in 4 primary ways:
- Civil Investigative Demands (CIDs)
- Notice and Opportunity to Respond and Advise (NORA) letters
- Consent Orders; and
- Administrative and Judicial Proceedings.
CIDs are the CFPB’s primary method for gathering facts. CIDs are usable whenever the CFPB “has reason to believe that any person may be in possession, custody, or control of any documentary material or tangible things, or may have any information, relevant to a violation” 12 U.S.C. § 5562(c)(1). Following a CID, the entity must meet with the CFPB within 10 days. This meeting provides a great opportunity for the entity to ascertain the primary goals of the CFPB in pursuing the action, which can lead to the formation of a stronger defense. Once the meeting settles what is required to be produced under the CIDs, the entity should comply with these requests in a timely and respectful manner. Transparency and cooperation in this segment of the enforcement action can pay large dividends when the CFPB evaluates how they will continue to pursue the action.
In some circumstances, the CFPB may issue NORA letters notifying the entity of the nature of potential violations and inviting a written response. These letters are similar to PARR letters in many respects. A NORA letter often is accompanied by a telephone call during which CFPB staff members describe their findings and any alleged violations. This segment of the enforcement action provides the entity with the opportunity to lay out their defenses to possibly deflect additional action.
Consent Orders allow targeted entities to reach a negotiated settlement with the CFPB. Compliance with a consent order is similar to the supervisory process because entities must meet deadlines, comply with substantive requirements, and demonstrate a commitment to responding to the Bureau’s concerns. The entity should ensure that the content of the consent order aligns with the nature and strength of the allegations. Also, strict compliance with the consent order is crucial, as violations can lead to additional enforcement action.
If the entity cannot settle the action through a consent order, the action will proceed to litigation in a federal district court or an administrative proceeding under the Administrative Procedure Act (APA). 12 U.S.C. § 5563. An administrative proceeding is governed by the CFPB’s rules of practice, which contrast standard district court actions in the following ways:
- Initiating documents. An administrative proceeding is commenced when the CFPB’s Office of Enforcement files a public Notice of Charges (Notice), rather than a typical complaint. A target entity must respond to the Notice within 14 days and attend a scheduling conference with the Judge within 20 days.
- Permitted discovery. Most customary forms of pretrial discovery, such as interrogatories and depositions, are not permitted. However, limited expert discovery is allowed. The CFPB may withhold documents on the basis of privilege, work product, or relevance, but may not withhold material exculpatory evidence.
- Hearing process. The hearing typically begins 30 to 60 days after the date of the Notice. As in a civil trial, the parties at the hearing make opening and closing statements and present evidence to the Administrative Law Judge through testimony and exhibits.
- Motion practice. The CFPB’s rules allow the filing of dispositive motions, including motions to dismiss and for summary disposition, and if warranted, authorize the Administrative Law Judge to grant partial summary disposition. The Administrative Law Judge must rule on dispositive motions within 30 days of their filing.
- Decisions and appeals. The Administrative Law Judge must issue a merits decision within 300 days of the date of the Notice. Both parties may appeal specific pieces of the Administrative Law Judge’s decision to the CFPB Director, but must file a notice of appeal within 10 days after the service of the decision. On appeal, the Director reviews both the facts and law in the Administrative Law Judge’s decision de novo. The Director’s decision, in turn, can be appealed to the US court of appeals in the circuit in which the entity’s principal office is located or the District of Columbia Circuit.
These court proceedings can result in substantial penalties, thus strong, meticulous, and knowledgeable legal representation is crucial for the targeted entity. Diligent counsel is needed from the preliminary examination phase all the way through the CIDs, settlement negotiations, and eventual court proceedings. Every exchange between the entity and the CFPB can affect the outcome of the case. While full and transparent compliance is beneficial in many ways, the entity must be weary as the CFPB is a fledgling administrative agency that is still exploring its authority.
The CFPB was created with honest intentions to remedy the genesis of a crisis that will forever change the financial industry. Because the agency is in its infancy and uncertainty exists as to their routine enforcement practices, financial service entities must exercise caution. The guidance and best practices expressed in this blog are starting points, but to formulate a comprehensive compliance system, the entity must look at its own business activities and tailor them as the CFPB’s enforcement strategies become more predictable.