Like most industries today, Consumer Finance Services businesses are being significantly impacted by the novel coronavirus (COVID-19). Troutman Pepper has developed a dedicated COVID-19 Resource Center to guide clients through this unprecedented global health challenge. We regularly update this site with COVID-19 news and developments, recommendations from leading health organizations, and tools that businesses can use free of charge.

Our bank and loan servicing clients also face novel challenges affecting their industry due to COVID-19, particularly the ever-changing rules and regulations concerning evictions and foreclosures. We closely track these updates and have assembled an interactive tracker containing state orders and guidance documents regarding residential foreclosure and eviction moratoriums.

To help you keep abreast of relevant activities, below find a breakdown of some of the biggest COVID-19 driven events at the federal and state levels to impact the Consumer Finance Services industry this past week:

Federal Activities

State Activities

Privacy and Cybersecurity Activities

Federal Activities:

  • On March 6, the U.S. Senate passed a $1.9 trillion COVID-19 relief package, which will now head back to the U.S. House of Representatives for approval. The stimulus package includes a provision that would end the current policy of considering any student debt forgiven taxable income. Currently, any student loan debt canceled by the government can be considered taxable and levied at the borrower’s normal income tax rate. For more information, click here.
  • On March 5, the Federal Reserve Board clarified guidance relating to definitions for minority depository institutions (MDIs), expanded the MDI definition to include women-owned financial institutions, and highlighted resources available to MDIs through its Partnership for Progress program. By law, the term “minority” means any Black American, Native American, Hispanic American, or Asian American. The definition of MDI is consistent with the statutory definition of “minority bank,” and states that an MDI denotes any depository institution where a majority of the voting stock is owned by one or more socially and economically disadvantaged individuals. For more information, click here.
  • On March 5, U.S. Representative Madeleine Dean reintroduced the Fair Debt Collection Practices for Servicemembers Act. The bill will amend Section 1692c of the FDCPA to prohibit collectors from threatening to have a covered member reduced in rank, to have his/her security clearance revoked, or to have the covered member prosecuted under the Uniform Code of Military Justice. The bill also requires the Government Accountability Office to report the act’s impact on military readiness and national security, including the extent covered members with security clearances would be impacted by uncollected debt. For more information, click here.
  • On March 3, the Consumer Financial Protection Bureau (CFPB) released a notice of proposed rulemaking to delay the mandatory compliance date of the General Qualified Mortgage final rule from July 1, 2021 to October 1, 2022. The CFPB proposed to extend the compliance date to assist homeowners struggling with the financial impacts of the COVID-19 pandemic. For more information, click here.
  • On March 2, the Department of the Treasury announced that it opened the application process for the Emergency Capital Investment Program, a new initiative supporting access to capital in communities that have struggled the most during the COVID-19 crisis. The program will invest $9 billion in community development financial institutions and minority depository institutions. For more information, click here.
  • On March 1, the CFPB issued a report warning of widespread evictions and foreclosures once federal, state, and local pandemic protections come to an end. Over 11 million families are behind on their rent or mortgage payments: 2.1 million families are behind at least three months on mortgage payments, while 8.8 million are behind on rent. Homeowners owe an estimated almost $90 billion in missed payments. For more information, click here.
  • On February 23, the Federal Communications Commission hosted “A Webinar for Consumers: COVID-19 Scams and Older Adults.” The webinar focused on the financial protection of older adults during the COVID-19 pandemic, and included a panel discussion from experts from the CFPB, the Federal Communications Commission, and Health and Human Services. On March 1, the CFPB announced the availability of the webinar recording for on-demand viewing. To view the webinar, click here.
  • U.S. Senator Kevin Cramer intends to introduce legislation to codify a rule from the Office of the Comptroller of the Currency, which will require banks to conduct a risk assessment of individual customers, rather than make broad-based decisions affecting whole categories or classes of customers when provisioning access to services, capital, and credit. The rule was recently placed on hold until the president appoints a permanent director to review it. For more information click here.

State Activities:

  • On March 4, the New Jersey Supreme Court issued a notice to the state bar that it’s “possible” that summoning of new jury pools for in-person, socially distanced jury trials will begin to take place starting May 17, 2021. The Court will monitor local COVID-19 levels and provide “further guidance in a future Order before any jurors… are asked to report in person or any trial proceeds in person.” For more information, click here.
  • On March 4, Nevada announced new guidance pertaining to its upcoming May 1 transition of authority over COVID-19 mitigation measures to local authorities. Nevada’s Roadmap to Recovery Transition Plan builds upon the phased-in approach and long-term timeline outlined by Governor Steve Sisolak in Emergency Directive 037, while also setting forth the minimum requirements that local authorities must consider and address in their mitigation and enforcement plans to assume authority over the COVID-19 mitigation and management efforts at the county level. Local mitigation and enforcement plans must receive endorsements from the local health district/authority, superintendent for the local school district, city manager (in cities with a population greater than 100,000), and the Nevada Hospital Association and/or Nevada Rural Hospital Association. After receipt of all required endorsements, the respective Board of County Commissioners must approve by a vote the finalized plan. For more information, click here.
  • On March 3, New Jersey Governor Phil Murphy signed Executive Order No. 229, extending a moratorium preventing residents from having their utilities disconnected through at least June 30. This moratorium applies to all residential gas, electric, and water utilities, both public and private. The moratorium also applies to cable and telecommunications providers for households with one or more school-aged children. Additionally, New Jersey utilities will not be permitted to charge late fees or fees to reconnect services that have been disconnected. For more information, click here.
  • On March 2, California Attorney General Xavier Becerra issued an alert regarding COVID-19 fees charged by health care providers. The alert identifies whether health care providers can charge patients a fee for “more frequent cleaning and disinfecting” and “greater use of Personal Protective Equipment” during the pandemic. For more information, click here.
  • On March 2, the Supreme Court of Virginia entered an order to extend the Declaration of Judicial Emergency through March 28. For more information, click here.
  • On March 1, New York Attorney General Letitia James released a list of New Yorkers’ top 10 consumer complaints during 2020. “The havoc unleashed by the COVID-19 pandemic, in addition to the numerous other ways consumers were defrauded in 2020, sadly resulted in my office receiving a record number of consumer fraud complaints in 2020,” said Attorney General James. Internet-related issues, COVID-19 price gouging, and landlord-tenant disputes topped the list. For more information, click here.
  • On March 1, Connecticut’s Department of Banking extended the temporary remote work memorandum through June 30. The memo includes temporary mitigation actions licensees need to take to continue business due to COVID-19. For more information, click here.
  • On February 28, New York Attorney General Letitia James extended the suspension of debt collection for medical and student debt owed to the state of New York through at least the end of March in an ongoing response to financial impacts resulting from the spread of COVID-19. For more information, click here.

Privacy and Cybersecurity Activities:

  • On March 5, the Federal Trade Commission (FTC) warned consumers that scammers might target individuals facing financial distress during the COVID-19 pandemic. The FTC states that scammers might “claim to be from the government [or] an official-sounding organization” to offer prize and lottery winnings. The FTC reminded consumers that:
    • Legitimate contests don’t ask you to pay a fee or give your financial information;
    • Legitimate contests never send money by wire transfer, gift card, or cryptocurrency; and
    • Consumers should never trust caller ID because scammers can make it look like they’re calling from anywhere.

To learn more, click here.

  • On March 4, the FTC warned consumers looking for ways to meet romantic partners online during a pandemic to be aware of scammers creating fake profiles and asking for money. The FTC shares, “these scams always end the same way — with a made up story about why the person needs money.” Even for those not directly involved in these online relationships, the FTC said that friends and family could help others avoid relationship scams. Some things to keep in mind:
    • If a friend or loved one mentions an online love interest, ask if they’ve met in person;
    • If they haven’t met in person, and that love interest asks for money, that’s a scam; and
    • Only scammers tell people to send money by gift cards, money transfers, or cryptocurrency.

To report a romance scam, the FTC reminded victims to report scammers to the dating or social networking sites and the FTC’s For additional information, click here.

  • On March 3, the FTC launched an initiative tasked to expand outreach to lower-income community members with legal aid organizations. The initiative aims to connect consumers “who have experienced fraud and other consumer problems with an easy way to report it and with advice to help them recover.” As consumers continue to face COVID-19-related financial pressures, the FTC asks members of the legal community to encourage local organizations to participate in the FTC’s initiative. For more information on the initiative, click here. To read the announcement, click here.
  • On March 2, the FTC warned that scammers are taking advantage of COVID-19 vaccination confusion. The FTC first warned consumers they do not need to pay to sign up for the COVID-19 vaccine. “Anyone who asks for a payment to put you on a list, make an appointment for you, or reserve a spot in line is a scammer.” Further, you can’t pay to get early access to the vaccine. The FTC also reminds consumers to ignore sales ads for the vaccine because it’s not something you can buy. The vaccine is “only available at federal- and state-approved locations.” To learn more about COVID-19-related scams, click here.
  • On March 2, The Wall Street Journal reported that large retail pharmacies are “collecting data from millions of customers as they sign up for shots, enrolling them in patient systems and having recipients register customer profiles.” The retailers state they are “using the information to promote their stores and services, tailor marketing and keep in touch with customers.” It appears executives at a large retailer confirmed they plan to “stay in touch with recipients beyond receiving their second shot [to] use information gleaned in the process to better market them.” To learn about potential privacy implications, we recommend Troutman Pepper’s article, published earlier last year, that discussed privacy guidelines for COVID-19 contact-tracing app makers; many of the same privacy principles apply to retail pharmacies collecting customer information. To learn more about The Wall Street Journal’s report, click here.
  • On March 2, Virginia Governor Ralph Northam signed the Consumer Data Protection Act (CDPA) into law. The CDPA provides consumers with the right to opt-out of the processing of personal data for purposes of targeted advertising, the right to confirm if their data is being processed, the right to amend inaccuracies, and the right to data deletion. The CPDA also mandates that data controllers provide consumers with a privacy notice, conduct data protection assessments, and maintain reasonable data security practices. The CPDA will become effective on January 1, 2023. For more information, click here.
  • On March 1, it was reported the European Commission is set to unveil a proposal for a “digital green pass” that will provide proof of vaccination. The European Commission’s pass will display COVID-19 test results and information on those who have recovered from the virus, in addition to vaccination status. Commission President, Ursula von der Leyen said, “[t]he aim is to gradually enable [individuals] to move safely in the European Union or abroad — for work or tourism[.]” For those interested in learning more about data compliance issues in vaccine verification applications, check out Troutman Pepper’s Law360 article. To read the full report discussing the European Commission’s potential plans, click here.
  • On March 1, Massachusetts Attorney General Maura Healey announced the launch of a series to educate consumers on several consumer protection issues, including those relating to COVID-19 scams, robocalls, and identity theft. AG Healey’s office also shared the various actions they have taken to protect consumers during the pandemic. For those interested in learning more, click here.
  • Late last month, an Oxford University lab conducting COVID-19 research confirmed it experienced a security incident. The breached data compromised teams researching the coronavirus and potential vaccine candidates. The incident does not appear to have affected work done toward the development of the Oxford University-AstraZeneca vaccine. A spokesperson shared they “are aware of an incident affecting Oxford University and are working to fully understand its impact[.]” To read the full report, click here.