Like most industries today, Consumer Finance Services businesses are being significantly impacted by the novel coronavirus (COVID-19). Troutman Pepper has developed a dedicated COVID-19 Resource Center to guide clients through this unprecedented global health challenge. We regularly update this site with COVID-19 news and developments, recommendations from leading health organizations, and tools that businesses can use free of charge.

Our bank and loan servicing clients also face novel challenges affecting their industry due to COVID-19, particularly the ever-changing rules and regulations concerning evictions and foreclosures. We are closely tracking these updates and have assembled an interactive tracker containing state orders and guidance documents regarding residential foreclosure and eviction moratoriums. You may access this interactive tool at https://covid19.troutman.com/.

To help you keep abreast of relevant activities, below find a breakdown of some of the biggest COVID-19 driven events at the federal and state levels to impact the Consumer Finance Services industry this past week:

Federal Activities

State Activities

Privacy and Cybersecurity Activities

Federal Activities:

  • On February 12, the Secretary of the Treasury Janet Yellen participated in a virtual meeting with G7 finance minsters and central bank governments. The secretary emphasized the commitment of the Biden administration to multilateralism to solve global issues, stating that the United States “places a high priority on deepening our international engagement and strengthening our alliances.” For more information, click here.
  • On February 12, the Federal Reserve Board released the hypothetical scenarios for its 2021 bank stress tests. Last year, the board found that large banks were generally well capitalized under a range of hypothetical events, but due to continuing economic uncertainty, placed restrictions on bank payouts to preserve the strength of the banking sector. The exercise evaluates the resilience of large banks by estimating their loan losses and capital levels, which provide a cushion against losses under hypothetical recession scenarios that extend nine quarters into the future. For more information, click here.
  • On February 10, Acting Director of the Consumer Financial Protection Bureau Dave Uejio published a blog post, sharing the directions he gave to the agency’s Consumer Education and External Affairs unit. The post also referenced “companies [that] have been lax in meeting their obligation to respond to complaints.” He has asked the unit to prepare a report that highlights companies “with a poor track record” on these issues and said that the analysis will be published. For more information, click here.
  • On February 9, the Federal Reserve Board announced the second extension of a rule to bolster the effectiveness of the Small Business Administration’s (SBA) Paycheck Protection Program (PPP). Like the earlier extensions, this one will temporarily modify the board’s rules so that certain bank directors and shareholders can apply to their banks for PPP loans for their small businesses. For more information, click here.
  • On January 27, a group of trade associations, led by the American Bankers Association, requested that the Federal Communications Commission correct an apparent error when it recently entered an order to implement Section 8 of the TRACED Act by amending 47 CFR 64.1200(a)(3). According to the trade associations, the new order inadvertently imposed a prior express written consent requirement on information prerecorded or artificial voice calls to residential numbers. For more information, click here.

State Activities:

  • On February 12, the Maryland Senate overrode Governor Hogan’s veto of H.B. 732 to pass the nation’s first digital ad tax. Industry representatives expressed concerns that the bill would place an untoward financial burden on small businesses already struggling during the COVID-19 pandemic. For more information, click here.
  • On February 10, Connecticut Governor Ned Lamont signed Executive Order 10A (EO 10A), extending the state’s COVID-19 eviction moratorium until April 21, as well as other related emergency measures. However, civil liabilities protections for health care that were previously in effect will expire on March 1, 2021, absent any further action from Governor Lamont or the legislature. Governor Lamont previously signed an executive order that protected health care providers from civil liability for injuries or death related to COVID-19, as long as the providers were acting in good faith. Based on EO 10A, those protections will expire at the end of the month.
  • On February 10, Montana Governor Greg Gianforte signed Senate Bill No. 65 into law. SB 65 shields businesses, health care providers, nonprofit organizations, and places of worship from coronavirus-related lawsuits, provided they take “reasonable measures” to protect individuals from COVID-19 and follow public health guidelines. The only exceptions to this liability shield are actions constituting gross negligence, willful and wanton misconduct, or intentional torts.
  • On February 9, North Carolina Attorney General Josh Stein released his department’s 2020 annual report and detailed the top 10 consumer complaints the North Carolina Department of Justice received in 2020. “In a year unlike any other, my colleagues at the DOJ and I remained committed to the work of serving North Carolinians,” said Attorney General Josh Stein. “They worked hard to protect people’s health and hard-earned money during the pandemic, improve our criminal justice system to address systemic racial inequities, help law enforcement investigate violent crimes and identify offenders, and prosecute criminals to keep people safe.” For more information, click here.
  • On February 8, HB 32 was introduced in Ohio, seeking to place a moratorium on the collection of some student loans and health care debt. The bill, if passed, would take immediate effect and remain in force until Ohio’s COVID-19 state of emergency ends. For more information, click here.
  • The Colorado legislature is considering a draft bill that would expand Colorado Student Loan Servicers Act. The new student loan bill would remove an exemption for licensed collection agencies on compliance provisions of the Student Loan Servicers Act, while also adding new requirements and imposing stiffer penalties. This bill appears to be sponsored by state Senator Faith Finter, who recently introduced another bill that extended the moratorium on extraordinary collection activities in Colorado through June 30. For more information, click here.

Privacy and Cybersecurity Activities:

  • On February 11, the International Association of Privacy Professionals (IAPP) announced a March 8 web conference to “discuss the new normal for privacy protections in the post-pandemic age.” The web conference will include speakers from the Council of the European Head of Data Protection Unit, Sony Corporation, and the Commission Nationale de L’informatique et des Libertés (France’s Data Protection Agency). The event is free for IAPP members. For those interested in registering, click here.
  • On February 9, the Cybersecurity and Infrastructure Agency (CISA), in coalition with CYBER.ORG, announced an information security video series to inform K-12 students about cyber-related risks due to the current teleworking and distance learning reality introduced by the COVID-19 pandemic. Bad actors are taking advantage of the pandemic due to this “shift to remote work and online learning[.]” Each animated video will offer cybersecurity concepts under three minutes to encourage viewers to “embrace behaviors that are safe, secure and that can best protect their privacy.” To read the announcement, click here. To access the videos, click here.
  • On February 9, Wired reported that scammers are claiming to have access to COVID-19 vaccines through social media platforms. Scammers are offering the Sinovac COVID-19 vaccine, in addition to those developed by Moderna, Pfizer, and AstraZeneca. As vaccine demand far outweighs supply, scammers will likely continue to target those in need of vaccination. Further, concert halls, airports, and schools are reportedly looking for ways to control the pandemic through vaccination verification. Discussion of these requirements may further increase demand for vaccinations. For developers interested in learning more about efforts to facilitate vaccine verification, read our recently published Law360 article. To learn more about scammers’ actions in Wired’s report, click here.
  • Earlier this month, Virginia passed the Consumer Data Protection Act (CDPA), a comprehensive data-privacy law with similarities to the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). Virginia’s CDPA will broadly apply to “all persons that conduct business in the [state] and either (i) control or process personal data of at least 100,000 consumers or (ii) derive over 50 percent of gross revenue from the sale of personal data and control or process personal data of at least 25,000 consumers.” Virginia Governor Ralph Northam is expected to sign the bill later this month. For those interested in learning how this bill stacks up against California’s CCPA and CPRA, stay tuned for an upcoming article. To read about the bill’s status, click here.