IBA Compliance Connection

Your go to source for compliance!

For auditing purposes, should we apply Reg AA, UDAP, the CFPB’s UDAAP, or the FTC Credit Practices Rule?

by

admin

We believe your audits should cover all of the above: UDAP, UDAAP, and the FTC’s Credit Practices Rule (which was adopted by the banking regulators as Regulation AA).

UDAAP

The newest standard is the UDAAP standard (with an extra “A” for “abusive,” which was added by the Dodd-Frank Act in 2010). The UDAAP standard is found in the Consumer Financial Protection Act, which states that “it shall be unlawful for (1) any covered person or service provider . . . to engage in any unfair, deceptive, or abusive act or practice.” 15 USC 5536. The law provides standards for the Consumer Financial Protection Bureau (CFPB) to use when issuing rules that define “unfair,” “deceptive,” and “abusive.” 15 USC 5531. However, the CFPB has not yet issued any regulations related to UDAAP.

UDAP

There is also a “UDAP” standard, which lacks the “A” for “abusive.” The UDAP standard is found in the Federal Trade Commission (FTC) Act, which states that “unfair or deceptive acts or practices in or affecting commerce, are hereby declared unlawful.” 15 USC 45(a). The FTC Act provides a standard to be used by the FTC in declaring acts or practices to be “unfair” (15 USC 45(n)), and the FTC has issued guidance on what acts and practices it considers to be “deceptive” (FTC Policy Statement on Deception).

Note that the Dodd-Frank Act removed language granting the banking regulators’ enforcement authority for the UDAP standard (DFA § 1092(2)see the OCC’s Capitol One Bank, N.A. Enforcement Order (July 16, 2012), pages 19–22. The CFPB itself states in its Supervision and Examination Manual that the existing case law, official policy statements, guidance, examination procedures, and enforcement actions on UDAP from the FTC and the federal banking regulators “may inform” the CFPB (page 174, footnote 2).

Regulation AA

Regulation AA also applies to financial institutions. 12 CFR 227.1(c). Those rules prohibit certain credit practices: unfair contract provisions (12 CFR 227.13), deceptive practices and disclosures to cosignors (12 CFR 227.14), and pyramiding late charges (12 CFR 227.15). The requirements of the rule are further explained in an OCC Comptroller’s Handbook, Other Consumer Protection Laws and Regulations, beginning on page 37.

For a helpful explanation of the applicability of UDAAP and UDAP, view the FRB Philadelphia’s recorded webinar, Consumer Compliance Outlook slides from an Outlook Live Webinar (March 5, 2013). For more information about the UDAAP law see the IBA’s Unfair, Deceptive, and Abusive Acts and Practices Topic Page.