CFPB’s Policy Statement Attempts to Clarify “Abusive” Conduct

11 minute read | April.06.2023

On April 3, 2023, the Consumer Financial Protection Bureau (CFPB) issued a policy statement on its interpretation of the prohibition on abusive conduct under the Consumer Financial Protection Act (CFPA). Director Rohit Chopra said the policy statement would “provide a practical analytical framework for identifying abusive conduct.” Here’s what you need to know:

What happened?

The CFPA prohibits unfair, deceptive, or abusive acts or practices (UDAAPs), and while there are longstanding policy statements—and decades of precedent—elucidating the meaning of “unfair” and “deceptive” conduct under the Federal Trade Commission Act (and, by extension, the CFPA), the CFPB had issued limited guidance on its views of “abusive” conduct. During one of his early visits to Capitol Hill, Director Chopra stated that he had “huge aspirations to create durable jurisprudence” regarding the meaning of “abusive” in the CFPA and suggested that the “CFPB may use rules and guidance to help articulate those standards.” The CFPB’s policy statement attempts to summarize the CFPB’s historical understanding of the term based on 43 different enforcement actions and “numerous” non-public examination citations alleging abusive conduct.

What should companies take away from the policy statement?

The policy statement said that an act or practice can be abusive under the CFPA if it meets one of four criteria, and the CFPB noted that—like deception claims—abusiveness “requires no showing of substantial injury to establish liability.” Here are the key items that companies should take away from the policy statement:

Companies may not materially interfere with consumers’ understanding of terms and conditions. Under the policy statement, an act or omission can materially interfere if it obscures, withholds or de-emphasizes information relevant to the consumer’s understanding of the terms or conditions of the product or service.
- The CFPB considers the use of buried disclosures, fine print, complex language and jargon to be examples of material interference.
- So-called digital “dark patterns,” such as pop-ups, drop-downs, pre-checked boxes for default options and hiding important information behind multiple click-throughs, can impede a consumer’s ability to understand the product or service.
- Intent to interfere is not required—material interference can be established with evidence that the natural consequence of the act or omission would be to impede the consumer’s ability to understand, or that the act or omission did in fact impede the consumer’s understanding.
Companies may not take unreasonable advantage of a consumer’s lack of understanding of the material risks, costs or conditions of a product or service. When there are gaps in a consumer’s understanding of material risks, costs or conditions of a product or service, entities may not take unreasonable advantage of that gap. According to the policy statement:
- The company does not have to create the consumer’s misunderstanding of the product or service—“the consumer’s lack of understanding, regardless of how it arose, is sufficient.”
- A consumer’s unreasonable lack of understanding can still be sufficient for a claim of abusiveness under the CFPA.
- There is no minimum threshold of consumers who must not understand a product or service for an abusiveness claim. Even a small number of consumers failing to understand the product or service can be sufficient for an abusiveness claim.
Companies may not take unreasonable advantage of the inability of consumers to protect themselves in selecting or using a product or service. If there is an unequal bargaining power when a consumer selects a product or service or while the consumer is using the product or service, and as a result, the consumer cannot protect their interests, a company may not take unreasonable advantage of the consumer. According to the CFPB:
- A consumer’s interests include monetary and non-monetary interests—including the consumer’s property, privacy or reputation—as well as the consumer’s interest in limiting the time or effort to obtain products and customer support assistance.
- Even if consumers can protect their interests, if it is impractical, onerous or expensive to do so, a company cannot take advantage of that impediment.
- A consumer’s inability to select a different provider up front or during the course of a customer relationship could demonstrate consumers’ inability to protect themselves.
Companies may not take unreasonable advantage of the consumer’s reasonable reliance on a covered person to act in the consumer’s interest. A company may not exploit or betray a consumer’s trust where the consumer may reasonably expect that the entity will make decisions or provide advice in the consumer’s interest. Reasonable reliance exists when a company:
- Communicates to the person, or to the public generally, that it will act in its customers’ best interest.
- Assumes the role of acting on behalf of consumers or helping them select providers in the market. The CFPB specifically referred to “brokers” and “intermediaries” as potentially being covered here.

What does it mean to take “unreasonable advantage”?

The CFPB said “unreasonable” advantage depends on all facts and circumstances. While it doesn’t explain what type of advantage taking is “reasonable,” it does provide a few examples of what it might consider “unreasonable:”

A product that is designed so that the company benefits when consumers default on their contractual obligations—which the CFPB describes as products that are “set up to fail.”
The company seeks to deprive consumers of legal rights or takes advantage of consumer vulnerabilities that the company created.
A company reaps benefits that it would not have otherwise obtained because of one of the statutorily identified consumer vulnerabilities.

Notably, the CFPB makes clear that “typical” (i.e., widespread) advantage taking may still be “unreasonable.” Again, these are just illustrative examples, and the CFPB makes clear that it might find other, unspecified conduct to be unreasonable as well.

Didn’t the CFPB issue a statement on abusiveness before?

This is not the first time the CFPB has issued a policy statement regarding its enforcement of the prohibition on abusive conduct. The CFPB previously issued guidance in 2020 to clarify how it intended to enforce compliance with the “abusiveness” standard in supervision and enforcement (covered by InfoBytes here). The following year, however, the CFPB’s acting director appointed by President Biden rescinded the guidance (covered by InfoBytes here).

What’s next?

The policy statement is open for public comment period until July 3, 2023. See CFPB Press Release on Abusive Conduct in Consumer Financial Markets.

Implications for potential enforcement activity

There are now policy statements explaining all three prongs of the CFPB’s UDAAP authority. Chopra noted that prior policy statements were “immensely influential in providing guidance to courts and the market” and that he expects the abusiveness statement to be helpful to “practitioners, enforcers, and industry.” However, unlike the FTC’s policy statements on deception and unfairness, which were based largely on judicial precedent and rulemakings, the April 3 “abusiveness” policy statement is based largely on the CFPB’s characterization of its prior assertions in complaints and consent orders that have rarely been subject to judicial scrutiny. It is not clear to what extent courts, other regulators and industry will embrace the policy statement’s approach to abusiveness.

Nonetheless, companies subject to the CFPB’s authority should view the abusiveness policy statement as an indication of where the CFPB will focus its enforcement and supervisory authority.

For more information on the policy statement, please contact Marshall Bell, John Coleman, Melissa Baal Guidorizzi, Sasha Leonhardt, Manley Williams or an Orrick attorney with whom you have worked in the past.

Authors

Marshall Bell Partner, Financial & Fintech Advisory, Strategic Advisory & Government Enforcement (SAGE)

Washington, D.C.

See my bio

D:+1 202 461 2997
E: [email protected]

Practice:

Financial & Fintech Advisory
Strategic Advisory & Government Enforcement (SAGE)
Fintech

vCard

See full bio

Marshall Bell Partner

Washington, D.C.

He assists clients in relation to regulatory examinations and in enforcement actions by the Consumer Financial Protection Bureau (CFPB), Department of Justice (DOJ) and state regulators. He also represents clients in financial services transactions matters, including providing advice regarding regulatory due diligence, risk mitigation and obtaining any necessary regulatory approvals.

Marshall has been recognized by Legal 500 as a leading lawyer in Financial Services: Regulation. Prior to joining Orrick, Marshall was a partner at Buckley LLP. He was also in-house counsel for Ally Financial, providing advice regarding regulatory issues in connection with Ally’s auto finance operations and fair lending matters. Before going in-house, he was an associate at Weil, Gotshal & Manges LLP and Wilmer Cutler Pickering Hale and Dorr LLP, where his practice focused on financial services litigation, regulatory and transactional matters.

John Coleman Partner, Financial & Fintech Advisory, Strategic Advisory & Government Enforcement (SAGE)

Washington, D.C.

See my bio

D:+1 202 349 8006
E: [email protected]

Practice:

Financial & Fintech Advisory
Strategic Advisory & Government Enforcement (SAGE)
Fintech

vCard

See full bio

John Coleman Partner

Washington, D.C.

Prior to joining Orrick, John was a partner at Buckley LLP, which he joined after 15 years in federal government service as a litigator and advisor to senior policymakers, most recently as Deputy General Counsel for Litigation and Oversight at the Consumer Financial Protection Bureau. He joined the CFPB soon after its creation in 2010 and was one of a core group of attorneys tasked with interpreting the authorities granted to the agency by the Consumer Financial Protection Act of 2010 and establishing the procedures by which the agency exercises those authorities. He was the first person to appear in court on behalf of the CFPB and was involved in every significant litigation matter in the agency’s history prior to his departure. As Deputy General Counsel, he managed the team of attorneys responsible for representing the Bureau in litigation, including appellate matters, and before congressional oversight bodies.

John served every director or acting director in the CFPB's history during his tenure at the CFPB, advising them and senior officials in the Division of Supervision, Enforcement, and Fair Lending on a range of complex legal and policy matters, including those arising in the course of examinations, investigations and enforcement actions. He also advised the Director and senior officials in the Division of Research, Markets, and Regulations with respect to rulemakings, and represented the agency in all rulemaking challenges.

Prior to joining the CFPB, John was a trial attorney in the Federal Programs Branch of the Department of Justice’s Civil Division, representing federal agencies and officials in high-profile civil litigation, including cases brought under the U.S. Constitution, the Administrative Procedure Act and federal antidiscrimination laws.

Following law school, he served as a law clerk for the Honorable T.S. Ellis III, of the United States District Court for the Eastern District of Virginia.

Melissa Baal Guidorizzi Partner, Financial & Fintech Advisory, Strategic Advisory & Government Enforcement (SAGE)

Washington, D.C.

See my bio

D:+1 202 339 8648
E: [email protected]

Practice:

Technology & Innovation Sector
Finance Sector
Financial & Fintech Advisory
Strategic Advisory & Government Enforcement (SAGE)
Fintech
Blockchain and Virtual Currency
Cyber, Privacy & Data Innovation
Global Compliance & Regulatory

vCard

See full bio

Melissa Baal Guidorizzi Partner

Washington, D.C.

During Melissa's tenure at the CFPB's Office of Enforcement, she developed supervision and enforcement priorities, identifying subjects for examinations and investigations. She also shaped federal consumer financial laws that impact cryptocurrency markets, new payment technologies, and established financial institutions, including the Electronic Fund Transfer Act (EFTA), the Truth in Lending Act (TILA), Unfair, Deceptive, or Abusive Acts or Practices (UDAAP) and the Fair Credit Reporting Act.

Melissa also spent nearly a decade in-house at a large multinational financial institution, where she was responsible for implementing regulatory compliance initiatives, defending enforcement actions and managing regulatory examinations.

Sasha Leonhardt Partner, Financial & Fintech Advisory, Strategic Advisory & Government Enforcement (SAGE)

Washington, D.C.

See my bio

D:+1 202 349 7971
E: [email protected]

Practice:

Financial & Fintech Advisory
Strategic Advisory & Government Enforcement (SAGE)
Cyber, Privacy & Data Innovation
Fintech
Government Investigations and Enforcement Actions

vCard

See full bio

Sasha Leonhardt Partner

Washington, D.C.

Sasha also has substantial experience advising clients on the Servicemembers Civil Relief Act (SCRA), Military Lending Act (MLA), Consumer Financial Protection Act (CFPA), Truth in Lending Act (TILA), Real Estate Settlement Procedures Act (RESPA), Equal Credit Opportunity Act (ECOA), Fair Housing Act (FHA), and Fair Debt Collection Practices Act (FDCPA). He advises companies, non-profits and industry associations with consumer privacy issues arising from the Gramm-Leach-Bliley Act (GLBA) and Regulation P, the Fair Credit Reporting Act (FCRA) and its Affiliate Marketing Rule and state and federal laws that address data privacy and information security.

In addition to representing clients, Sasha has published numerous articles on various aspects of consumer financial services law and practice, including data privacy, class action litigation, white collar litigation, whistleblower lawsuits and recent trends in regulation and enforcement. He also maintains an active pro bono practice and serves as a member of the Legal Counsel for the Elderly’s Young Lawyers Alliance. A frequent speaker on a variety of legal topics, Sasha has taught at Duke University School of Law and American University Washington College of Law, and was previously a Professorial Lecturer in Law at the George Washington University Law School.

Prior to joining Orrick, Sasha was a partner at Buckley LLP. He also previously served as Deputy Press Secretary to Maryland Governor Martin O’Malley. He is accredited as a Privacy Law Specialist, a Fellow of Information Privacy, a Certified Information Privacy Manager (CIPM/US), and a Certified Information Privacy Professional (CIPP/US) by the International Association of Privacy Professionals.

Manley Williams Partner, Financial & Fintech Advisory, Strategic Advisory & Government Enforcement (SAGE)

Washington, D.C.

See my bio

D:+1 202 349 8060
E: [email protected]

Practice:

Financial & Fintech Advisory
Strategic Advisory & Government Enforcement (SAGE)
Fintech

vCard

See full bio

Manley Williams Partner

Washington, D.C.

Manley has extensive experience working with clients to develop credit programs, simplify credit agreements, adapt procedures for online and mobile environments, and implement, improve and amend customer rewards programs. She also helps companies sell their products over time, whether traditional banks with credit cards, online lenders with installment loans, startups with charge cards or merchants with installment plans. She helps companies navigate the federal and state law governing credit, licensing, prohibitions on unfair, deceptive or abusive acts or practices (UDAAP) and limitations on lending to the military and compliance with antidiscrimination laws.

She helps institutions evaluate fair lending issues in judgmental underwriting, advises financial institutions where to locate their card issuing banks to benefit from state laws on the exportation of interest rates and assists merchants and emerging companies with implementing their credit programs. Manley assists lenders in revising and refining key operational processes, disclosures and customer agreements necessitated by changing legal standards. She also conducts training for in-house counsel on legal developments in the credit card industry, including compliance with emerging UDAAP standards.

Prior to joining Orrick, Manley was a partner at Buckley LLP. She was also counsel with Wilmer Cutler Pickering, Hale and Dorr LLP, and a staff attorney at the Federal Reserve Board’s (FRB) Legal Division and Division of Consumer and Community Affairs, where she advised financial institutions on compliance with regulations including Regulations Z (Truth in Lending Act (TILA)), B (Equal Credit Opportunity Act (ECOA)), E (Electronic Fund Transfer Act (EFTA)), and CC (Availability of Funds and Collection of Checks).

Manley organizes and hosts card roundtables at which industry leaders discuss emerging issues in a congenial environment. She has a particular interest in financial literacy and is a frequent presenter at public schools in the greater Washington, D.C., area, instructing students and teachers in understanding and using credit and debit cards, mobile phone plans and other common consumer credit vehicles.