This article is a work in progress. If you have any questions, thoughts, or corrections, contact us.

Legal

Consumer protection regulations

Consumer protection regulations

If you’re financing consumer assets, federal and state consumer protection laws are embedded in the collateral. Your diligence must confirm origination compliance, your reps and warranties address it, and ongoing servicing must maintain it.

This guide covers the major federal consumer protection regimes, asset-class-specific rules, and practical compliance considerations for ABF transactions.

Why consumer protection matters for ABF

Consumer protection violations create multiple risks:

Assignee liability:

  • When you purchase a loan, you may inherit liability for origination violations
  • Certain violations (TILA, HOEPA) have statutory assignee liability
  • Defense of “bona fide purchaser” has limits

Loan enforceability:

  • Material violations can render loans unenforceable
  • State usury violations can void the debt entirely
  • Loss of security interest possible

Regulatory action:

  • CFPB and state regulators actively pursue purchasers
  • FTC has brought cases against loan purchasers
  • Consent orders can impose operational burdens

Litigation risk:

  • Class action exposure for systematic violations
  • Statutory damages can exceed actual damages
  • Attorney’s fees shifted to prevailing plaintiffs

Truth in Lending Act (TILA) / Regulation Z

TILA requires disclosure of credit terms to consumers and is one of the most frequently litigated consumer protection statutes.

Coverage

What’s covered:

  • Consumer credit (credit extended to natural persons for personal, family, or household purposes)
  • Closed-end loans (installment loans, mortgages)
  • Open-end credit (revolving credit, credit cards, HELOCs)

What’s not covered:

  • Business-purpose loans (even to individuals)
  • Loans to legal entities
  • Commercial real estate loans

Key disclosure requirements

Closed-end credit:

  • Annual Percentage Rate (APR) accurate to 1/8 of 1%
  • Finance charge (total cost of credit)
  • Amount financed
  • Total of payments
  • Payment schedule
  • Prepayment penalty disclosures
  • Late payment charges

Timing:

  • Disclosures must be provided before consummation
  • For rescindable transactions, specific timing rules apply

APR calculation issues

APR errors are the most common TILA violation in ABF portfolios:

Common errors:

  • Fees improperly included or excluded from finance charge
  • Irregular payment schedules calculated incorrectly
  • Prepaid finance charges mishandled
  • Rounding errors

Why it matters:

  • APR tolerance is tight (1/8 of 1% for most loans)
  • Material APR errors trigger rescission rights for mortgages
  • Statutory damages apply

Diligence tip: Sample APR testing should be part of any consumer loan portfolio acquisition. Don’t rely solely on originator representations.

Right of rescission

For certain mortgage transactions, TILA provides a right to rescind:

Transactions covered:

  • Consumer mortgage loans secured by principal dwelling
  • Refinances where new money is extended
  • HELOCs

Not covered:

  • Purchase-money mortgages
  • Refinances with same lender (no new money)
  • Non-owner occupied

Rescission period:

  • 3 business days after consummation or delivery of required disclosures
  • If disclosures not properly provided: 3 years

Rescission remedy:

  • Consumer returns the property to pre-transaction status
  • Creditor returns all payments made
  • Security interest is void

Assignee liability under TILA

TILA has specific assignee liability provisions:

What assignees inherit:

  • All claims and defenses the consumer could assert against the original creditor
  • For residential mortgages, rescission rights

Limits on liability:

  • Damages capped at amount paid by consumer (for non-mortgage)
  • Good-faith purchaser defense (if violation not apparent on face of disclosure)

Apparent violation standard:

  • Violation “apparent on the face” of disclosure documents
  • Missing required disclosures
  • Obvious APR errors

Practical implication:

  • Review disclosures as part of diligence
  • APR testing catches apparent violations
  • Missing disclosures are red flags

Equal Credit Opportunity Act (ECOA) / Regulation B

ECOA prohibits discrimination in credit decisions.

Protected classes

Discrimination is prohibited on the basis of:

  • Race
  • Color
  • Religion
  • National origin
  • Sex
  • Marital status
  • Age (if applicant has capacity to contract)
  • Receipt of public assistance
  • Good-faith exercise of rights under the Consumer Credit Protection Act

Types of discrimination

Disparate treatment:

  • Treating applicants differently based on protected class
  • Explicit discrimination (rare)
  • Implicit bias in decision-making

Disparate impact:

  • Neutral policy that disproportionately affects protected class
  • No legitimate business justification
  • Less discriminatory alternative available

Fair lending compliance

Originator obligations:

  • Fair lending policies and procedures
  • Statistical analysis of lending patterns
  • Training and monitoring

What ABF investors should diligence:

  • Originator’s fair lending program
  • Any regulatory findings or consent orders
  • Statistical analysis of portfolio (if available)
  • Underwriting criteria that could create disparate impact

AI and algorithm concerns

Algorithmic underwriting faces increasing scrutiny:

CFPB focus areas:

  • “Black box” models that can’t explain decisions
  • Training data that embeds historical bias
  • Proxy discrimination (factors correlated with protected class)

ABF implications:

  • Diligence should address model governance
  • Adverse action notices must explain reasons (even for AI decisions)
  • Fintech originators are particular focus

Fair Credit Reporting Act (FCRA)

FCRA governs the use of consumer reports and obligations of those who furnish data to credit bureaus.

Permissible purpose

To obtain a consumer report, you need a permissible purpose:

  • Credit transaction (evaluating creditworthiness)
  • Employment (with consumer consent)
  • Insurance underwriting
  • Legitimate business need in connection with a transaction initiated by consumer

Furnisher obligations

If the servicer furnishes data to credit bureaus (and they typically do):

Accuracy requirements:

  • Furnish accurate information
  • Correct errors when notified
  • Have reasonable procedures to ensure accuracy

Dispute handling:

  • Investigate disputes reported by consumer or bureau
  • Report results within 30 days
  • Correct or delete inaccurate information

Monthly reporting:

  • Most servicers report monthly to major bureaus
  • Reporting must be timely and accurate

ABF servicing implications

Servicing agreements should address:

  • FCRA compliance obligations
  • Dispute handling procedures
  • Accuracy requirements
  • Audit rights for FCRA compliance

Common issues:

  • Incorrect balance reporting after acquisition
  • Failure to report payoffs
  • Continued reporting on charged-off accounts

Fair Debt Collection Practices Act (FDCPA)

FDCPA regulates debt collection practices by “debt collectors.”

Who is a debt collector?

Covered:

  • Third parties collecting debts owed to another
  • Companies that regularly collect debts for others
  • Servicers if the debt was in default when acquired

Not covered (generally):

  • Original creditors collecting their own debts
  • Servicers if debt was current when acquired
  • Internal collection departments of the creditor

Key restrictions

Prohibited conduct:

  • Harassment or abuse
  • False or misleading representations
  • Unfair practices (e.g., collecting unauthorized fees)

Required disclosures:

  • Mini-Miranda warning (identifying as debt collector)
  • Validation notice (within 5 days of initial contact)
  • Amount of debt
  • Name of creditor

Contact restrictions:

  • No contact at inconvenient times (before 8am or after 9pm)
  • Must stop contact if consumer requests in writing
  • No contact at workplace if employer prohibits

State collection laws

Many states have their own debt collection statutes:

  • California Rosenthal Act (covers original creditors too)
  • New York debt collection rules
  • State licensing requirements for collectors

Practical approach:

  • Servicers should be licensed in all required states
  • Collection policies should address strictest state requirements
  • Monitor for state regulatory changes

UDAP and UDAAP

The catch-all consumer protection regimes.

Federal UDAAP (Dodd-Frank)

Enforced by CFPB against consumer financial service providers:

Unfair practices:

  • Cause substantial injury to consumers
  • Injury not reasonably avoidable by consumer
  • Not outweighed by countervailing benefits to consumers or competition

Deceptive practices:

  • Representation, omission, or practice that misleads
  • Consumer’s interpretation is reasonable under the circumstances
  • Material to consumer’s decision

Abusive practices:

  • Materially interferes with consumer’s ability to understand terms
  • Takes unreasonable advantage of:
    • Consumer’s lack of understanding
    • Consumer’s inability to protect their interests
    • Consumer’s reasonable reliance on the covered person

State UDAP

Every state has its own UDAP or consumer protection statute:

  • Some are broader than federal law
  • State AGs actively enforce
  • Private rights of action in most states

UDAAP in ABF context

Areas of CFPB focus:

  • Servicing practices (especially distressed loan servicing)
  • Fee practices (late fees, convenience fees)
  • Collection practices
  • Loan modification programs

Emerging product issues:

  • BNPL: unclear disclosures, autopay practices
  • Earned wage access: fee structures, employer relationships
  • Fintech lending: rate disclosures, platform model issues

Asset-class-specific consumer rules

Auto loans

FTC Holder Rule:

  • Required notice preserving consumer defenses against assignees
  • Without notice, assignee may take subject to all claims/defenses
  • Check for proper notice in loan documents

GAP insurance:

  • State-specific regulation
  • Refund requirements on early payoff
  • Disclosure requirements

Add-on products:

  • Service contracts, tire-and-wheel, theft protection
  • State dealer regulations apply
  • Back-end product complaints increasing

Repossession:

  • State-specific procedures (notice, redemption rights)
  • Self-help repossession vs. judicial process
  • Deficiency balance collection rules

Mortgage loans

RESPA (Real Estate Settlement Procedures Act):

  • Settlement procedures and cost disclosures
  • Escrow account requirements
  • Servicing transfer notice requirements
  • Prohibition on kickbacks

ATR/QM (Ability-to-Repay / Qualified Mortgage):

  • Lenders must make reasonable determination of ability to repay
  • QM safe harbor provides presumption of compliance
  • Non-QM loans have higher litigation risk

TRID (TILA-RESPA Integrated Disclosure):

  • Loan Estimate (within 3 days of application)
  • Closing Disclosure (at least 3 days before closing)
  • Tight tolerance for fee changes

State foreclosure procedures:

  • Judicial vs. non-judicial states
  • Notice and cure requirements
  • Mediation programs in some states

Student loans

Federal loan servicing:

  • Specific regulatory requirements for federal loan servicers
  • Income-driven repayment programs
  • Public Service Loan Forgiveness compliance

Private education loans:

  • TILA disclosures (Reg Z Subpart F)
  • Application and approval disclosures
  • Final disclosure at consummation

State licensing:

  • Growing number of states require student loan servicer licenses
  • California, DC, Illinois, and others
  • NMLS participating for some states

BNPL

Regulatory landscape is evolving:

CFPB position:

  • BNPL is “credit” under TILA
  • Supervisory authority asserted over larger providers
  • Interpretive rule on digital wallet consumer protections

State regulation:

  • Some states examining licensing requirements
  • California DFPI has asserted jurisdiction
  • State-by-state analysis required

Compliance considerations:

  • Clear fee disclosures
  • Dispute resolution procedures
  • Autopay authorization and cancellation

Diligence framework for consumer protection

Originator compliance review

Document review:

  • Compliance management system documentation
  • Policies and procedures
  • Training materials
  • Complaint log

Regulatory history:

  • Consent orders, enforcement actions
  • State examination findings
  • Litigation history (class actions, AG investigations)

Third-party reports:

  • Compliance audits
  • Regulatory examination reports (if available)
  • Rating agency operational reviews

Sample loan file review

Documentation completeness:

  • All required disclosures present
  • Proper signatures
  • Timing requirements met

APR testing:

  • Recalculate APR on sample basis
  • Check finance charge components
  • Verify payment schedules

Fair lending indicators:

  • Pricing exceptions
  • Override patterns
  • Demographic information (if available)

Rep and warranty framework

Originator should represent:

  • Loans originated in compliance with applicable law
  • Required disclosures provided
  • No known TILA violations
  • ECOA compliance
  • Licensing compliance

Repurchase triggers:

  • Material compliance violation discovered
  • Regulatory action against specific loans
  • Successful borrower defense based on violation

Servicer compliance

Servicing agreement requirements

Compliance covenants:

  • Comply with all applicable laws
  • Maintain required licenses
  • Implement complaint handling procedures
  • Provide compliance certifications

CFPB Servicing Rules (mortgages):

  • Loss mitigation procedures
  • Error resolution
  • Information requests
  • Force-placed insurance requirements

Reporting requirements:

  • FCRA furnishing obligations
  • Collection call compliance
  • Payment application rules

Ongoing monitoring

Compliance indicators:

  • Complaint volumes and trends
  • Regulatory examination results
  • Litigation activity
  • Audit findings

Periodic reviews:

  • Annual compliance audit
  • Sample file review
  • License status verification
  • Policy and procedure updates

Compliance checklist

Pre-acquisition diligence:

  • Originator compliance program review
  • Regulatory history check (CFPB, state regulators)
  • Sample loan file review
  • APR testing on sample basis
  • Fair lending analysis review
  • License verification (origination states)

Documentation:

  • Reps and warranties cover compliance
  • Repurchase obligations for violations
  • Servicing agreement addresses compliance
  • Audit rights for compliance verification

Ongoing compliance:

  • Servicer compliance certifications
  • Complaint monitoring
  • License status tracking
  • Regulatory development monitoring
  • Periodic sample file review

When violations are discovered

Assessment

Scope determination:

  • How many loans affected?
  • What is the violation?
  • Is there ongoing harm?

Exposure calculation:

  • Statutory damages (per loan or aggregate)
  • Class action risk
  • Regulatory penalty risk
  • Loan value impairment

Remediation options

Loan-level remediation:

  • Repurchase demand to originator
  • Substitution of compliant loans
  • Price adjustment

Borrower remediation:

  • Refund of overcharges
  • Rate adjustment
  • Account correction

Regulatory notification:

  • Evaluate self-disclosure
  • Consult counsel on obligations
  • Document remediation steps

Documentation

  • Memorialize the issue
  • Document investigation and findings
  • Record remediation actions
  • Establish procedures to prevent recurrence
← All Topics