Detecting and remediating discrimination has been a focus of financial services regulators and enforcement agencies for many years, but today’s regulatory toolbox includes a new tool for fighting discrimination. There is a growing movement to consider discrimination to be an unfair practice under the Dodd-Frank Wall Street Reform and Consumer Protection Act (DFA) and the Federal Trade Commission Act (FTCA).

Background: Laying the Legal Groundwork

As early as 2012, researchers found that banks located in counties with larger proportions of African-American residents are more likely to involuntarily close deposit accounts. In 2018, a New America analysis of survey data on deposit account terms and conditions found that minimum balance requirements were higher for banks located in majority black communities compared to banks located in majority white communities. The same study found that, on average, African-American, Hispanic, and Asian individuals are subjected to higher minimum required balances and higher monthly maintenance fees than white individuals.

In May 2020, discussing a Federal Trade Commission (FTC) investigation of discriminatory pricing in auto lending, two FTC commissioners asserted that discrimination is unfair under the FTCA. Then-Commissioner Rohit Chopra stated the FTC can “use its unfairness authority to attack harmful discrimination in other sectors of the economy” and Commissioner Rebecca Slaughter concurred that discriminatory pricing is unfair under the FTCA. Later that year, Chopra noted in a speech that disparate impact analysis helps “uncover hidden forms of discrimination” and can be a “gap-filler” in parts of the economy not covered by specific antidiscrimination laws.

In 2021, the Student Borrower Protection Center issued a white paper (SBPC White Paper) titled “Discrimination Is ‘Unfair:’ Interpreting UDA(A)P to Prohibit Discrimination.” The SBPC White Paper and accompanying blog post recommended that policymakers and enforcement agencies ensure there is “no room for doubt that discrimination is illegal and will be regulated . . .” The SBPC White Paper stated that:

“Leveraging UDA(A)P laws can help ensure discrimination is prohibited and regulated in areas where it has traditionally been disregarded. There is also crucial signaling and remediation value to treating civil rights violations as civil rights violations. Policy and enforcement actions that do not address discriminatory abuses as civil rights issues will fall short of providing historically disadvantaged consumers and communities of color adequate redress and preventing future exploitative practices.”

In addition, the SBPC White Paper presented a strategy for leveraging prohibitions on Unfair, Deceptive, or Abusive Acts and Practices (UDAAPs) under the DFA or Unfair or Deceptive Acts and Practices (UDAPs) under the FTCA or corresponding state laws:

  • Federal and state agencies should pursue the theory that discrimination is unfair under UDAAP/UDAP through both supervision and enforcement;
  • The Consumer Financial Protection Bureau (CFPB) and FTC should issue informal guidance or interpretive rules adopting the theory that discrimination is a UDAAP/UDAP; and
  • The CFPB or other agencies may wish to ultimately engage in formal rulemaking with a notice and comment period to strengthen enforcement options and articulate standards and compliance requirements.

Current Status: Updating Informal Regulatory Guidance

The August 2021 issue of the Federal Reserve Bank of San Francisco’s Community Development Innovation Review included How Can Regulation Facilitate Financial Inclusion in Fintech? In it, the authors argued that the current financial services regulatory landscape lacked sufficient protections against discrimination outside of lending, including discrimination in access to deposit accounts or advisory services, as well as fees charged for checking accounts, savings accounts, investment advisory services, or other non-credit financial products and services.

In March 2022, the CFPB published an update to the UDAAP section of the CFPB Supervision and Examination Manual. In a blog post accompanying the exam manual revision, the CFPB stated, “As part of our broad efforts to identify and address unfair acts and practices, we recently announced changes to the manual we use to guide our supervision of covered financial institutions … The updated manual guides examiners in looking beyond discrimination directly connected to fair lending laws, asking them to review any policies or practices that exclude individuals from products and services, or offer products or services with different terms, in an unfairly discriminatory manner.”

In the update, the CFPB adopted the first two components of the SBPC’s recommended strategy. The exam manual provides several examples of discriminatory acts or practices that it considers to be UDAAPs, including:

  • An institution giving “inferior terms to one customer demographic as compared to other customer demographics”;
  • A covered entity improperly offering or providing “more products or services to one customer demographic as compared to other customer demographics”;
  • “Customer service representatives improperly treat customers of certain demographics worse or provide extra assistance or exceptions to customers of certain demographics”;
  • A financial services company engaging “in targeted advertising or marketing in a discriminatory way”; and
  • An institution using “decision-making processes in its eligibility determinations, underwriting, pricing, servicing, or collections that result in discrimination.”

In June 2022, the Federal Deposit Insurance Corporation (FDIC) updated the FTCA Section 5 Unfair or Deceptive Acts or Practices portion of its Consumer Compliance Examination Manual. In the revised section, the FDIC notes that discrimination may violate FTCA or DFA prohibitions on UDAAPs/UDAPs and cross-references the CFPB’s UDAAP examination procedures.

Several banking and business trade associations wrote to the CFPB in June 2022 regarding the exam manual revisions. The associations expressed three primary concerns. First, they believe the CFPB has conflated two distinct statutory concepts, discrimination and unfair acts or practices. Second, the associations noted that the exam manual revisions created “significant uncertainty in the financial market.” Finally, the associations stated that using the revisions to the examination manual to expand the agency’s interpretation of “unfair” and thereby avoiding the rulemaking processes mandated by the Administrative Procedures Act raised “profound substantive and procedural legal concerns.”

Outstanding Questions: Demographics, Standards, Exceptions

As noted in the trade association letter to the CFPB, the exam manual includes references to consumer demographics, but it does not specify exactly which demographic groups will be considered. It is unclear which classes of customers would be considered in assessing discrimination as a UDAAP. Although many guess that the CFPB will consider the treatment of groups protected under the Equal Credit Opportunity Act (ECOA), there are different prohibited bases under the Fair Housing Act (FHA). Beyond those groups, the CFPB has, at times, identified additional groups as vulnerable populations, including service members, disabled persons, the elderly, justice-involved individuals, low-income households, young people aging out of foster care, students, native communities, and financially distressed consumers. Are these demographic groups within the scope of the CFPB’s expectations for a robust compliance management system (CMS)?

The standards for analyzing discrimination as a UDAAP are also unclear. In the case of credit products, the standards for assessing disparate impact are well established. Allegations of discriminatory disparate impact are evaluated using a three-pronged, burden-shifting approach. First, the challenger identifies a policy or practice resulting in a discriminatory effect. Next, the institution evidences that the policy or practice meets a legitimate, nondiscriminatory business interest. Finally, the challenger attempts to prove there is a less discriminatory way to meet the business need.

Unfairness analysis under UDAAP consists of a different three-pronged test. An act or practice is unfair if:

  • It results in substantial consumer harm;
  • The harm is not reasonably avoidable by the consumer; and
  • It is not outweighed by countervailing benefits to consumers or competition.

However, the examination manual appears to assume that the first two prongs of the unfairness test will be met in the case of discrimination. For example, the manual asserts, “Foregone monetary benefits or denial of access to products or services, like that which may result from discriminatory behavior, may also cause substantial injury,” and “Nevertheless, in certain circumstances, such as unreasonable debt collection harassment or discriminatory conduct, emotional impacts or dignitary harms may amount to or contribute to substantial injury.” The manual further states, “Consumers cannot reasonably avoid discrimination.”

It is unclear what type of countervailing benefit to consumers or competition could outweigh discrimination. Will a legitimate, nondiscriminatory business need, such as the ones considered in assessing disparate impact in lending, be sufficient? What about other regulatory requirements? For example, if a bank’s tools for customer due diligence or transaction monitoring are highly effective in fighting financial crimes but also have a disparate impact, will use of those tools be considered UDAAPs?

Assessing Risk: Reviewing Compliance Programs

Given the novelty of the approach and the unexplored risks, financial institutions considering expanded risk assessments or monitoring and testing may wish to conduct initial tests under the direction of counsel. For institutions assessing whether their existing UDAAP CMS is adequate to prevent discrimination as a UDAAP, the CFPB exam manual lays out the requirements of a robust CMS, including board and management oversight, policies and procedures, training, monitoring and testing, corrective actions, and complaint response.

Institutions could begin by reviewing documentation that CPFB examiners are instructed to review, which the bureau described as:

  • Information collected, retained or used regarding customer demographics, including the demographics of customers using various products or services, and the breakdown of consumer demographics for various product uses, fees, revenue sources, and costs, or the impacts of various products and services on specific demographics; and
  • Any demographic research or analysis relating to marketing or advertising of consumer financial products or services.

Institutions should also review compliance programs, policies, and procedures in light of the following examination review topics, as laid out here by the CFPB:

  • The entity has a process to prevent discrimination in relation to all aspects of consumer financial products or services the entity offers or provides, which includes the evaluation of all policies, procedures, and processes for discrimination prior to implementation or making changes, and continued monitoring for discrimination after implementation;
  • The entity’s compliance program includes an established process for periodic analysis and monitoring of all decision-making processes used in connection with consumer financial products or services, and a process to take corrective action to address any potential UDAAP concerns related to their use, including discrimination;
  • The entity has established policies and procedures to review, test, and monitor any decision-making processes it uses for potential UDAAP concerns, including discrimination;
  • The entity has established policies and procedures to mitigate potential UDAAP concerns arising from the use of its decision-making processes, including discrimination;
  • The entity’s policies, procedures, and practices do not target or exclude consumers from products and services, or offer different terms and conditions, in a discriminatory manner;
  • The entity has appropriate training for customer service personnel to prevent discrimination; and
  • The entity evaluates and makes necessary adjustments and corrections to prevent discrimination.

Monitoring and Testing: Complaints, Loans, and Deposit Accounts

Complaint analysis can be especially helpful in identifying UDAAPs, and is also helpful in detecting discrimination. Analyzing your risk of discrimination as a UDAAP will require a thorough review of complaints, responses, and root cause analysis. Be sure to consider which customers received financial remediation. It will be helpful to analyze complaints and responses by their demographic and geographic distribution.

Using fair lending tools to test for discrimination will be helpful for identifying discrimination as a UDAAP. Institutions that choose to test for discrimination outside of credit products have many areas to consider. As with complaints, for each review component below, the institution should evaluate the demographic and geographic distribution of affected customers and prospects.

First, how do you market deposit accounts and other non-credit products and services? Evaluate the distribution of direct mail and email, including marketing exclusion criteria, as well as newspaper, television, and radio advertisements. Carefully review your digital marketing, including ad placement practices, lead generation and aggregation, and use of digital tracking and geolocation data.

Next, review your account opening processes. Consider use of consumer reports, account qualification criteria, and “know your customer” processes. Assess the distribution and impact of client classifications. If your institution uses bonus interest or other promotional offers, evaluate customers’ ability to receive the promised bonus.

Third, review deposit account pricing. The review should encompass APY exceptions, maintenance fees, fee waivers or reductions, and penalty or back-end fees. In the current environment, fees for overdrafts, non-sufficient funds transactions, and ACH representments are receiving particular scrutiny.

Fourth, consider deposit account servicing. Possible areas for testing include disputes and error resolution, collections, deposit holds, fraud and transaction monitoring processes, payment processing, consumer reporting of charged-off accounts, and mobile transaction limits.

Finally, in each stage of your analysis, consider risks associated with the use of third parties. Data and algorithmic bias should be assessed wherever models are used in decisions affecting consumers. If staff receive incentive compensation based on new account openings or account servicing processes, evaluate the effectiveness of controls over the incentive plans and the alignment of incentive compensation plans with the best interest of both consumers and the institution. For any deficiencies identified, make sure the institution develops an appropriate corrective plan.

Author

Lynn Woosley

Lynn Woosley is a Senior Director with Treliant.  She is a seasoned executive with extensive risk management experience in regulatory compliance, consumer and commercial credit risk, credit and compliance risk modeling, model governance, regulatory change management, acquisition due diligence, and operational risk in both financial services and regulatory environments.