Like most industries today, Consumer Finance Services businesses are being significantly impacted by the novel coronavirus (COVID-19). Troutman Pepper has developed a dedicated COVID-19 Resource Center to guide clients through this unprecedented global health challenge. We regularly update this site with COVID-19 news and developments, recommendations from leading health organizations, and tools that businesses can use free of charge.

Our bank and loan servicing clients also face novel challenges affecting their industry due to COVID-19, particularly the ever-changing rules and regulations concerning evictions and foreclosures. We closely track these updates and have assembled an interactive tracker containing state orders and guidance documents regarding residential foreclosure and eviction moratoriums.

To help you keep abreast of relevant activities, below find a breakdown of some of the biggest COVID-19 driven events at the federal and state levels to impact the Consumer Finance Services industry this past week:

Federal Activities

State Activities

Privacy and Cybersecurity Activities

Federal Activities:

  • On June 10, President Joe Biden announced that the United States plans to donate 500 million Pfizer COVID-19 vaccine doses globally as part of his efforts to reassert U.S. leadership on the world stage. The move also will serve to counter efforts by Russia and China to use their own state-funded vaccines to expand their global influence. For more information, click here.
  • On June 9, the Occupational Safety and Health Administration (OSHA) released its long anticipated interim final rule and request for comments for the Occupational Exposure to COVID-19; Emergency Temporary Standard (ETS). The ETS is limited to covered health care employers and excludes from coverage certain health care workplaces that have a fully vaccinated workforces and that exclude individuals with possible COVID-19 infections. The rule becomes effective on the date of publication in the Federal Register with deadlines for compliance that vary by section of the ETS. For more information, click here.

State Activities:

  • On June 11, Connecticut Attorney General William Tong and D.C. Attorney General Karl Racine led a coalition of 23 attorneys general to file a brief with the Supreme Court, supporting the Centers for Disease Control and Prevention’s (CDC) order that prohibits evictions during the COVID-19 pandemic. “Lifting of this stay would trigger a disastrous wave of sudden evictions across the country and in Connecticut. It would be highly unusual for the Supreme Court to step in at this juncture. The CDC order is lawful, necessary to protect public health, and must remain in place,” said Attorney General Tong. For more information, click here.
  • On June 8, California Attorney General Rob Bonta warned “financial institutions, creditors and debt collectors that it is illegal to seize federal Child Tax Credit payments for individual debts in California.” In his statement, Attorney General Bonta reminded financial institutions that Governor Newsom’s April 23, 2020 executive order makes any such garnishment unlawful as it is financial assistance provided due to the COVID-19 pandemic. For more information, click here.
  • The Idaho Department of Finance is expected to extend its temporary guidance through December 31, 2021, allowing remote work without a branch license. Licensees must still comply with security requirements enumerated in the original guidance. For more information, click here.

Privacy and Cybersecurity Activities:

  • On June 11, Troutman Pepper released a brief overview of President Biden’s executive order (EO) signed on May 12. “This EO calls on both the federal government and the private sector to identify, deter, detect, and respond to cyber incidents.” The EO appears to respond to the significant rise of cyberattacks from cybercriminals, potentially relating to the increased remote workforce due to COVID-19. A major takeaway includes that the “EO should remind all companies [to] assess their information security program and practices” because the Biden administration may update and adopt additional security practices moving forward. To learn about other notable EO requirements, click here.
  • On June 8, the Massachusetts attorney general’s office released a report, detailing the rise of ransomware attacks and stressing the importance of protecting data. The COVID-19 pandemic has increased the risk of ransomware for many organizations, such as hospitals, governments, and universities. The report warned that “[a]ll organizations, regardless of sector, size, or location, must recognize that no company is safe from being targeted by ransomware,” and Attorney General Maura Healy “strongly encourage[d] all Massachusetts business and government organizations to take the appropriate steps to strengthen data security and ensure its computer networks are secure as required by law.” To view the list of safeguards recommended by the AG’s office and for a link to the Massachusetts Data Security Regulations, click here.
  • On June 7, it was reported that as California reaches nearly 40 million individuals vaccinated as a result of the state’s cash incentive program, “the flood of corresponding medical information is sparking fresh privacy concerns about Californians’ health data.” These concerns arise from the increased proliferation among nonclinical entities, such as employers, pharmacies, community-based health organizations, and telehealth providers of medical patient data across third-party platforms. Also, these concerns are coupled with updates to confidentiality laws, such as the federal Health Insurance Portability and Accountability Act (HIPPA) — for instance, emergency waivers to make protected information available to fight the pandemic. The emergence of vaccination verification systems linking vaccinated patients’ health statuses and identities has sparked debates around the efficacy of the systems’ design, implementation, and confidentiality. For those interested in learning more, click here.