Like most industries today, Consumer Finance Services businesses are being significantly impacted by the novel coronavirus (COVID-19). Troutman Pepper has developed a dedicated COVID-19 Resource Center to guide clients through this unprecedented global health challenge. We regularly update this site with COVID-19 news and developments, recommendations from leading health organizations, and tools that businesses can use free of charge.
Our bank and loan servicing clients also face novel challenges affecting their industry due to COVID-19, particularly the ever-changing rules and regulations concerning evictions and foreclosures. We closely track these updates and have assembled an interactive tracker containing state orders and guidance documents regarding residential foreclosure and eviction moratoriums.
To help you keep abreast of relevant activities, below find a breakdown of some of the biggest COVID-19 driven events at the federal and state levels to impact the Consumer Finance Services industry this past week:
Privacy and Cybersecurity Activities
- On November 20, the Federal Reserve, Federal Deposit Insurance Corporation, and Office of the Comptroller of the Currency announced an interim final rule that provides temporary relief for certain community banking organizations concerning regulations and reporting requirements as a result of their growth in size from the coronavirus response. Community banking organizations must follow different rules and requirements based on their risk profile and asset size. The temporary increase in size could subject community banking organizations to new regulations or reporting requirements. For more information, click here.
- On November 19, U.S. Treasury Secretary Steven T. Mnuchin sent a letter to Chairman of the Federal Reserve Board of Governors Jerome Powell requesting a 90-day extension of the Commercial Paper Funding Facility, the Primary Dealer Credit Facility, the Money Market Liquidity Facility, and the Paycheck Protection Program Liquidity Facility. For more information, click here.
- On November 18, the U.S. Treasury Department and Internal Revenue Service released guidance clarifying the tax treatment of expenses, where a Paycheck Protection Program (PPP) loan has not been forgiven by the end of the year the loan was received. Since businesses are not taxed on the proceeds of a forgiven PPP loan, the expenses are not deductible. For more information, click here.
- On November 16, the U.S. Federal Trade Commission (FTC) sent a warning letter to a financial aid company based in New York as part of its effort to monitor the marketplace for questionable claims arising from the COVID-19 pandemic. The Coronavirus Aid, Relief, and Economic Security (CARES) Act provides emergency grants to qualifying borrowers. The FTC identified potentially misleading claims regarding the CARES Act and emergency borrowing on the company’s website. The FTC directed the company to respond promptly with the specific actions it has taken to address the concerns. For more information, click here.
- On November 15, Washington Governor Jay Inslee announced new restrictions on indoor and outdoor gatherings. Professional service employers must require that employees work from home when possible and close offices to the public. Any offices that remain open must limit occupancy to 25% of indoor occupancy limits. The new restrictions extend through December 14. For more information, click here.
- On November 13, Illinois Governor J.B. Pritzker issued Executive Order 2020-71, which reinstituted 30 previous executive orders. Among those directives, the service of a garnishment summons, wage deduction summons, or a citation to discover assets on a consumer debtor or consumer garnishee are suspended through December 12. For more information, click here.
- On November 16, the Texas Office of the Consumer Credit Commissioner issued an amended bulletin discussing emergency measures for credit access businesses to consider during the COVID-19 pandemic. The bulletin urged businesses to work with consumers experiencing hardship, discussed use of electronic signatures, and provided protocols for licensees to work remotely. For more information, click here.
Privacy and Cybersecurity Activities:
- On November 18, the United Nations (UN) and UN System Organizations released a joint statement saying that “[w]e can only defeat Covid-19 with trust, science and solidarity.” The statement is made to reinforce the “commitment to using data and new technologies in ways that respect the right to privacy and other human rights[.]” The UN aims to raise awareness about the benefits and challenges that data use practices implicate during an emergency response, such as the current pandemic. Click here to read more.
- On November 17, the New York State Department of Financial Services (DFS) announced the development of free resources for small businesses to enhance their cybersecurity during COVID-19. In partnership with the nonprofit Global Cyber Alliance (GCA), the two organizations released a free cybersecurity toolkit to help small businesses “adapt to the new demands of doing business online” during the pandemic. DFS highlights the 2019 Verizon Data Breach Investigation report, where “more than 43% of cyberattacks are targeted at small businesses.” The toolkit offers small businesses free operational tools and educational resources to help reduce cyber risks. The toolkit also assists businesses in implementing critical and effective cybersecurity best practices. To read the announcement, click here.
- On November 16, the Federal Trade Commission (FTC) issued its Fiscal Year 2020 Agency Financial Report. The report describes the FTC’s performance during the past year, which includes highlights of its continued leadership in protecting consumers “from fraudulent business practices, stopping illegal robocalls, and protecting privacy and promoting data security.” As consumers continue to depend on technology during the COVID-19 pandemic, the FTC recognizes its increased use “enables new vehicles for fraudulent, deceptive, and unfair practices in the marketplace.” Additionally, as children continue remote classes, the report states that the agency will continue to “bring appropriate enforcement actions against entities that violate the Children’s Online Privacy Protection Act (COPPA) Rule.” For those interested in reading the announcement, click here.
- On November 16, the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) announced the release of Special Publication (SP) 800-181 Revision 1, also known as the “Workforce Framework for Cybersecurity (NICE Framework).” As the pandemic continues, NIST updated the NICE Framework “to keep pace with these changes and increase flexibility” for groups across the public and private sectors. NIST focused its revision on the building blocks of a workforce framework, which include “Tasks, Knowledge, and Skills,” each describing the two main concepts of “the work and the learner.” The goal of this revision is to provide organizations a common language to describe their cybersecurity work. To read the announcement, click here.
On November 16, the Electronic Frontier Foundation (EFF) called on universities to make COVID-19 tracking technology voluntary for students and disclose details about their data collection practices. EFF recognizes that monitoring public health during the COVID-19 pandemic is essential, but “requiring students, faculty, and staff returning to campus to commit to using unspecified tracking apps that record their every movement” is not the proper approach when it fails to inform them about the data practices involved. The EFF’s announcement follows the New York Times report discussing how universities are preparing to hand out tracking devices to their students that aim to log data, such as location, skin temperature, and proximity to others.