Like most industries today, consumer finance services businesses are being significantly impacted COVID-19. Troutman Sanders and Pepper Hamilton have developed a dedicated COVID-19 Resource Center to guide clients through this unprecedented global health challenge. We regularly update this site with COVID-19 news and developments, recommendations from leading health organizations, and tools that businesses can use free of charge. Additionally, this Tuesday, April 14, 2020 at 2:00 p.m. EDT, the Third Party Payment Processors Association will host a webinar on “Consumer Protection and COVID-19 – An Overview of Federal Guidance and Enforcement, and State Activity in light of COVID-19.” Click here to register for the webinar.
To help you keep abreast of relevant activities, below is a breakdown of some of the biggest COVID-19-driven events at the federal and state levels to impact the consumer finance services industry this past week:
Privacy and Cybersecurity Activities
Federal Activities:
- A new bill was proposed on April 7 in the United States House of Representatives which, if passed, would amend the Fair Debt Collection Practices Act and the Fair Credit Reporting Act. The proposed bill aims to regulate how medical debts are handled under the statutes. For more information on this bill, click here.
- The Department of Housing and Urban Development issued new Coronavirus Aid, Relief, and Economic Security (CARES Act) mortgage payment relief for Federal Housing Administration single family homeowners. The Department of Housing and Urban Development issued a Mortgagee Letter on April 1 with guidance spelling out how it will implement one of the key provisions of the CARES Act. The HUD announcement and the Mortgagee Letter also contain information about special considerations for Home Equity Conversion Mortgages. For more information, click here.
- The Consumer Financial Protection Bureau released guidance on the FCRA and Regulation V compliance during COVID-19. This statement provides guidance outlining the CFPB’s expectations of furnishers and consumer reporting agencies during the COVID-19 pandemic and signals that the CFPB will take a flexible supervisory and enforcement approach to compliance with the FCRA and its implementing regulation, Regulation V. For more information, click here.
- The Federal Reserve announced that the Main Street Lending Program and other facilities will provide credit to businesses, states, and municipalities impacted by COVID-19. These additional actions will provide up to $2.3 trillion in loans to support the economy. For more information, click here.
State Activities:
- On April 7, 2020, the Council for the District of Columbia unanimously passed the COVID-19 Response Supplemental Emergency Amendment Act of 2020, an emergency relief bill which includes mandatory mortgage payment deferments, a credit reporting restriction for mortgage servicers, renting restrictions and a significant prohibition against debt collection activity. More analysis of that Act can be found here.
- The New Jersey Senate introduced a bill that aims to prohibit creditors and debt collectors from collection activities during the pandemic. For more information on the “COVID-19 Financial Security for Consumers Act,” click here.
- New York abandoned plans to implement state licensure of debt collectors. Last Thursday, New York’s legislature granted final approval to Gov. Andrew Cuomo’s proposed 2021 Executive Budget, ending a months-long policy battle to focus instead on the ongoing war with COVID-19. The approved budget, however, is substantially different than the one originally submitted by Gov. Cuomo on January 21, 2020. Among the abandoned proposals was a bill to license consumer debt collectors which, if enacted, would have required certain covered parties to first obtain a license from the New York Superintendent of Financial Services before engaging in any debt collection activity. Although the deletion of the licensure bill from the 2021 budget undoubtedly will delay the Governor’s plan to reform New York’s debt collection law, the bill is likely to reemerge on the state’s legislative agenda once the pandemic subsides. For a more in-depth analysis, click here.
- The North Carolina Insurance Commissioner released guidance on the application of the debt collection deferral requirements. The North Carolina Insurance Commissioner recently published a Frequently Asked Questions document clarifying its order, amended order, and bulletin issued over the past week, which require debt collection agencies to give North Carolina consumers the option of deferring debt payments for a period of 30 days from the due date of payment. For more information, click here.
- The Massachusetts Attorney General clarified emergency regulations governing debt collection during COVID-19. After a flood of calls to its office, on April 3, the Office of the Attorney General for the Commonwealth of Massachusetts issued Guidance in Response to Some Frequently Asked Questions (Guidance) related to its prior emergency order regarding debt collection, codified at 940 CMR 35.00. The Guidance answers several questions, including who is now considered a debt collector and what constitutes an unfair or deceptive act or practice under the emergency regulation. These emergency regulations will remain in place for the duration of the COVID-19 state of emergency. For more information, click here.
- The Supreme Court of Appeals of West Virginia extended its Judicial Emergency to reduce in-person proceedings due to COVID-19. The Court’s new order delays all court deadlines for matters scheduled between March 23, 2020 and May 1, 2020 to May 4, 2020. Emergency proceedings, however, can take place via video conference or telephone, if the constitutional rights of the parties are not affected. For more information, click here.
- The Nevada Department of Business & Industry’s COVID-19 debt collection guidance raises more questions than answers. The Department’s prior notice deemed collection agencies non-essential businesses in accordance with the Governor’s mandatory emergency directive, requiring all collection agencies licensed under Nevada Revised Statutes Chapter 649 and located in the state to close until April 16, 2020. The Deputy Commissioner provided the following clarification:
-
- Collection agencies should be mindful of the hardship this causes for everyone adversely affected by COVID-19 and take that into consideration before letting safety measures negatively impact a consumer’s account. If a consumer initiates the communication/payment and he or she wants to pay and has the ability to do so, you may accept the payment. A consumer should have the choice to proceed with his or her pre-arranged payment(s) or to pause the collections. No fees should be charged for late or missed payments. For more analysis of this guidance, click here.
- Maryland’s Governor issued an amended executive order suspending residential foreclosures and certain residential and commercial evictions. This order directs the Commissioner of Financial Regulation to suspend the Notice of Intent to Foreclose Electronic System’s operation, which effectively prevents initiation of new residential foreclosures by stopping the Commissioner’s acceptance of notices of intent to foreclose. For more information, click here.
- California’s Emergency Rule 2 suspends all judicial foreclosures, including actions for deficiency judgments. All judicial foreclosures are stayed and the statute of limitations is tolled until 90 days after the COVID-19 state of is lifted or until the Rule is amended by the Judicial Council. For more information, click here.
- States continue to expand and weigh in on how their governments will conduct “the public’s business” in the public eye, despite increasing precautions with regard to public meetings. Click here for more analysis.
Privacy and Cybersecurity Activities:
- The Federal Bureau of Investigation warns that cyber scammers are leveraging COVID-19 fears to steal money, personal information, or both through phishing emails, fake Centers for Disease Control and Prevention emails, and solicitations selling counterfeit treatment, masks, and respirator equipment. See the FBI’s March 20 alert here. Business email compromise continues to pose a significant risk to companies and individuals, particularly in the work–at–home environment and with closings occurring virtually. For more information, click here.
- On April 2, the Federal Communications Commission released an order establishing the COVID-19 Telehealth Program. The COVID-19 Telehealth Program will provide immediate support to eligible health care providers responding to the COVID-19 pandemic by fully funding their telecommunications services, information services, and devices necessary to provide critical connected care services until the program’s funds have been expended or the COVID-19 pandemic has ended. The COVID-19 Telehealth Program application portal will open on Monday, April 13, 2020 at 12:00 p.m. EDT. For more information, click here.
- On April 8, a joint alert was issued by the United States Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre. The alert provides information on exploitation by cybercriminal and advanced persistent threat groups of the COVID-19 global pandemic. It also includes a non-exhaustive list of indicators of compromise for detection as well as mitigation advice.
- On April 8, CISA released Trusted Internet Connections guidance to aid agencies in securing their network and cloud environments.
- On April 9, enforcement discretion was announced by an office of the Department of Health and Human Services stating it will not impose penalties for violations of the Health Insurance Portability and Accountability Act against covered entities or business associates in connection with the good faith participation in the operation of COVID-19 testing sites during the COVID-19 nationwide public health emergency.
- On April 9, the United States Equal Employment Opportunity Commission updated its Technical Assistance Questions and Answers page. A couple Q&As are summarized below:
-
- If an employer requires all employees to have a daily temperature check before entering the workplace, the employer may maintain a log of the results and needs to maintain the confidentiality of the information.
-
- If a temporary staffing agency or contractor that places an employee in an employer’s workplace learns the employee has COVID-19, the staffing agency or contractor may notify the employer and disclose the name of the employee to the employer, because the employer may need to determine if the employee had contact with anyone in the workplace.
- Apple Inc. and Google partnered on COVID-19 contact tracing technology. According to the press release issued on April 10, the joint effort is “to enable the use of Bluetooth technology to help governments and health agencies reduce the spread of the virus, with user privacy and security central to the design.”