Like most industries today, Consumer Finance Services businesses are being significantly impacted by the novel coronavirus (COVID-19). Troutman Sanders and Pepper Hamilton have developed a dedicated COVID-19 Resource Center to guide clients through this unprecedented global health challenge. We regularly update this site with COVID-19 news and developments, recommendations from leading health organizations, and tools that businesses can use free of charge.

To help you keep abreast of relevant activities, below is a breakdown of some of the biggest COVID-19 driven events at the Federal and State levels to impact the Consumer Finance Services industry this past week:

Federal Activities

State Activities

Privacy and Cybersecurity Activities

Federal Activities:

  • The Consumer Financial Protection Bureau (CFPB) released two new FAQ documents outlining responsibilities of certain financial firms during the COVID-19 pandemic, and a statement regarding billing error responsibilities of credit card issuers and other open-end non-home secured creditors. The first new FAQ document is entitled, “The Bureau’s Payments and Deposits Rules FAQs related to the COVID-19 Pandemic,” and is available here. The CFPB’s second FAQ document, “Open-End (not Home-Secured) Rules FAQs related to the COVID-19 Pandemic,” is available here. For more information, click here.
  • The Democrats on the House Financial Services Committee are pushing their proposed package of bills in response to the COVID-19 pandemic. They are supporting a bill that would place a moratorium on debt collection activities for the duration of the pandemic. For more information, click here.
  • The Federal Reserve Board, the Federal Deposit Insurance Corporation, the National Credit Union Administration, and the Office of the Comptroller of the Currency issued principles for offering small-dollar loans in a responsible manner to meet financial institutions’ customers’ short-term credit needs. For more information, click here.
  • The U.S. Department of Labor’s Occupational Safety and Health Administration (OSHA) has adopted revised policies for enforcing OSHA’s requirements with respect to COVID-19 as economies reopen in states throughout the country. For more information, click here.
  • The U.S. Department of Labor has released updated resources for employers, employees, and states to prevent fraud or misuse in the unemployment insurance system, including the new unemployment insurance programs under the Coronavirus Aid, Relief and Economic Security (CARES) Act. For more information, click here.
  • The Department of Veterans Affairs issued an update to Circular 26-20-10, concerning loan guaranty certificates for borrowers affected by COVID-19. The initial update to Circular 26-20-10 provided guidance related to: (i) income verification; (ii) loan underwriting; (iii) electronic mortgages, electronic notes and the use of allonges; (iv) lien positions; and (v) the timeline to request evidence of guaranty. The recently issued update to Circular 26-20-10 relates to the timeline to request evidence of a loan guaranty certificate. For more information, click here.
  • On May 22, Senators Chuck Grassley and Ron Wyden introduced a bipartisan bill that would prohibit stimulus funds received under the CARES Act from being garnished by private debt collectors. For more information, click here.

State Activities:

  • The Connecticut Department of Banking has extended its no-action position regarding licensed entities, including collection agencies, that are allowing employees to work from home during the COVID-19 pandemic. The position will now remain in effect until June 30. For more information, click here.
  • The Minnesota Department of Commerce on Friday issued new guidance to collection agencies that have collectors working from home, reminding the companies that, among other things, they are responsible for supervising employees working from home to ensure that consumer information and data are being protected. For more information, click here.
  • Los Angeles’ Mayor issued two ordinances scheduled to go into effect on June 14, 2020, which apply to certain workers employed by or contracted to provide services to select businesses, such as airports, event centers, and hotels, operating in the city of Los Angeles. The ordinances govern the re-hiring of laid-off employees and the retention of workers in certain positions following a change in control. For more information, click here.

Privacy and Cybersecurity Activities:

  • As COVID-19 testing increases across the country, state health departments have been implementing contact tracing to contain viral spread. Contact tracing identifies and monitors individuals who come into contact with persons testing positive for COVID-19. Typically, contact tracers work with infected individuals to obtain the contact information for everyone with whom they recently came into contact. Contact tracers often will send an initial text message to let these individuals know that they will be calling. A legitimate contact tracer will never ask for money or personal information, like a Social Security number, bank account number, or credit card number. For a discussion of best practices that makers of contact-tracing apps should consider, see Troutman Sanders’s article here.
  • Cybercriminals are leveraging the pandemic for their commercial gain, and we have already seen several businesses and state governments fall victim to the exposure of personal information.
    • Businesses in the health care and legal industry have been victims of attacks. For businesses interested in learning more about ransomware attacks amid COVID-19, click here.

States such as Ohio, Colorado, Illinois, and Arkansas have reportedly confirmed the exposure of personal information of COVID-19 unemployment applicants.