It’s Your Money: Some gifts for consumers to end 2024

NEWS: The Consumer Financial Protection Bureau has taken numerous year-end actions that will benefit consumers in the coming year.

WHAT THIS MEANS TO YOU: More money in your pocket, more protection from fraud and scams.

Consumers may not realize that when they get a break in their favor, the Consumer Financial Protection Bureau is behind it. The CFPB was created in 2011, in the wake of the Great Recession, by the Dodd-Frank Wall Street Reform and Consumer Protection Act. It’s an independent federal agency that exists to make sure consumers are treated fairly, enforcing consumer financial laws and reviewing business practices to make sure they’re on the level and not ripping people off. It has a toll-free hotline and website for consumer complaints and two years ago set up an easy petition process to make it easier for organizations and consumers to petition the government for change (your right under the First Amendment).

The CFPB has ended 2024 with a bang, taking action on several issues that will put money in consumer pockets, as well as finding new ways to keep consumers from getting ripped off or scammed.

Enjoy it while you can – the Trump administration and Republican lawmakers in Washington, D.C., have promised they will curtail the agency’s powers. One of the new administration’s main focuses is to remove regulations and rules for big business, which means consumer wallets will take a beating. That’s a column for next month, though. Today, as 2024 comes to an end, let’s celebrate some of the gifts that the CFPB has given American’s working folks.

Buh-bah overdraft loophole

The CFPB earlier this month announced that it is closing the loophole that allows large banks to charge excessive overdraft fees for account holders, which the agency considers junk fees. Overdraft fees, or NSF (non-sufficient funds) fees, cost American consumers billions a year, and have the most negative impact on low-income and marginalized consumers, who can least afford to lose their bank account or pay the cascading effect of fee upon fee.

My first-ever It’s Your Money column, in December 2021 addressed overdraft fees and noted that some banks during the pandemic had quietly lowered or eliminated them. The new rules apply to the biggest banks – those with $10 billion in assets or more. When the agency first started looking at closing the overdraft loophole, it found that Wells Fargo and JPMorgan Chase accounted for more than $1 billion overdraft revenue reported by banks, one third of what was reported overall.

The CFPB has gone after large banks, and continues to, to get them to return illegal overdraft fees to consumers. The agency reported in its December news release that it brought a $95 million enforcement action against Navy Federal Credit Union for illegal surprise overdraft fees. It also took action against Wells Fargo, Regions Bank, and Atlantic Union for illegal overdraft fees – $205 million, $141 million, and $5 million in unlawful fees respectively, the agency said.

Banks claim that overdraft fees are the product of a practice that helps customers – the bank allows a payment that would normally be returned to go through. The fee, often $35 or more, is just the cost of doing business. When the bank covers your overdraft, technically its making a loan to you. So, overdraft protection is a very high-interest loan. Most consumers cover the overdraft in three days or less, but still pay that “high interest.”

The whole overdraft fee thing started decades ago when people paid their bills using paper checks, which they mailed. Sometimes the checks would take weeks or more to clear the consumer’s bank account, and by then the money may no longer be there to cover it. Those fees didn’t account for much profit for banks back in the 1960s, when the Truth in Lending Law was drafted, so banks successfully lobbied for a loophole that exempted the fees from the rules other financial fees came under. So, unlike loans, the lenders weren’t required to disclose the fee to customers.

Now, 50-plus years later, NSF fees are big money for banks. Most banks don’t give an account-holder the choice of overdraft protection (I’m old enough to remember when many did, and charged a fee for it). Once people started using debit cards, financial institutions “began raising fees and using the exemption to churn high volumes of overdraft loans on debit card transactions,” the CFPB said. Enrollment became automatic – it just happened without the customers realizing it.

When the CFPB proposed the rule in 2023, it estimated 23 million households pay overdraft fees annually. Since the agency announced its initiative to curb junk fees, it said, many banks have started to reduce or eliminate them. Consumers have saved $6 billion annually because of that, the agency said. “However, even with these changes, consumers still paid more than $5.8 billion in 2023 in reported overdraft and NSF fees.”

The new rule, which is scheduled to go into effect Oct. 1 (giving banks 10 months to figure out a plan or the new administration a chance to scuttle it) allows lenders to choose an option:

• Cap overdraft fees $5, which is the estimated amount most banks can cover costs associated with administering a courtesy overdraft program.
• Cap the fee at an amount that covers costs and losses “for banks that wish to offer overdraft as a convenient service rather than as a profit center,” the CFPB said.
• Disclose the terms of their overdraft loan just like other loans. If the lender wants to have a profit-making overdraft service, it must comply with standard requirements governing other loans, like credit cards. Customers must have a choice on whether to open the overdraft credit line, and the bank must provide account-opening disclosures that would allow comparison shopping, send periodic statements, and give the account-holder a choice of whether to pay automatically or manually.

The CFPB is part of the White House Competition Council, a group of independent federal agencies and cabinet departments established by President Joe Biden’s 2021 Executive Order on Promoting Competition in the American Economy.  The council includes the Federal Trade Commission and U.S. Department of Transportation, which also have taken action on junk fees. The overdraft fee action is part of the CFPB’s effort, as a member of that council, to tackle junk fees in general.

4.3 million consumers get ‘credit repair’ refund

Earlier this month, the CFPB returned $1.8 billion to 4.3 million Americans who were ripped off by “credit repair” businesses that charged illegal advance fees or used deceptive bait-and-switch advertising. Companies that engaged in these illegal practices included Lexington Law and CreditRepair.com. The refund constituted the largest-ever distribution from the CFPB’s victims relief fund, which is funded by civil penalties paid by companies that violate consumer protection laws, the agency said.

A court ruled in August 2023 that the credit repair conglomerate violated the Telemarketing Sales Rule’s advance fee prohibition, which requires credit repair companies that engage in telemarketing to not collect fees until they provide documentation showing they have achieved the promised results, at least six months after the results were achieved.

Following the court’s ruling on the suit, which was filed by the CFPB, the companies filed for Chapter 11 bankruptcy protection, shutting down 80% of their business operations, including their telemarketing call centers, the CFPB said.

By the way, here’s tip if you’re looking for help repairing your credit or getting out from under credit debt: Find a nonprofit consumer credit agency. You can find one on the National Federation for Credit Counseling website. One big clue that an agency is a nonprofit is that it will have .org at the end of it’s url, not .com.

If you opt for a for-profit debt settlement company, similar to the ones the CFPB came down on, keep an eye on fees, tax implications and the hit that your credit score will take. It’s a good idea to research for-profit debt settlement online before taking that leap.

Payment app oversight

Digital non-bank payment apps like Venmo, Zelle, and GooglePay, have become incredibly popular. It may surprise you to learn that there is very little regulation, and that means a big opening to set you up to be scammed, among other things.

The CFPB estimates that the most widely used apps process more than 13 billion consumer payments a year – this includes Apple, Google, Amazon, PayPal, Block, Venmo, and Zelle, among others.

In late November, the agency finalized a rule to supervise the largest nonbank companies that offer digital funds transfer and payment wallet apps. The rule means that companies that handle more than 50 million transactions a year must follow the same federal law that applies to large banks, credit unions, and other financial institutions.

The rule gives the CFPB authority to enforce financial law with these companies, particularly in these major areas:

• Privacy and Surveillance. Federal law allows consumers to opt out of certain data collection and sharing practices, and also prohibits misrepresentations about data protection practices. These large companies, which collect vast quantities of data about an individual’s transactions, should provide that option.
• Errors and Fraud. Consumers have the right, under federal law, to dispute transactions that are incorrect or fraudulent, and financial institutions must investigated such complaints. The agency said that’s particularly concerned “about how digital payment apps can be used to defraud older adults and active duty servicemembers.” It said that the payment apps should manage these issues on their own instead of designing their systems, which many do, to shift disputes to banks, credit unions, and credit card companies.
• Debanking. Consumers rely on payment apps and “can face serious harms when they lose access to their app without notice or when their ability to make or receive payments is disrupted.” Consumers have reported concerns to the CFPB about disruptions to their lives because of account closures or freezes.

The agency’s supervision unit has also created a supervision technology program that assesses, among other things, technology and technology controls and its impact on compliance with federal consumer financial law.

Protecting your data

You’ve heard that your data is out there. That it’s sold. That bad people may use it for bad purposes. But like many people you may think, “Meh. Me? It just doesn’t seem like something to worry about.”

Well, lucky for those who feel that way, the CFPB is still looking out for you. The agency proposed a rule in early December to rein in data brokers that sell sensitive personal and financial information that can be used to target and defraud consumers.

The proposed rule would limit the sale of identifiers like Social Security numbers and phone numbers, and would make sure that financial data, like income, is only shared for legitimate purposes (facilitating a mortgage approval, for instance), and not sold to scammers targeting people who are in financial distress.

The rule would clarify that when data brokers sell sensitive consumer information they are acting as a consumer reporting agency under the Fair Credit Reporting Act, “which requires them to comply with accuracy requirements, provide consumers access to their information, and maintain safeguards against misuse,” the agency said.

The FCRA was enacted in 1970 “to, among other things, strictly limit the use of personal data by a growing data surveillance industry,” the CFPB pointed out in its news release about the proposed rule. It would ensure that the FCRA’s privacy protections protect consumers from technology that wasn’t even dreamed up when that law was enacted.

The CFPB developed the proposed rule after “extensive market monitoring that revealed widespread evasion of consumer protections” by data brokers. The brokers claim they aren’t subject to FCRA requirements “even while selling the very types of sensitive personal and financial information Congress intended the law to protect,” the agency said.

Data brokers “collect and sell detailed information about Americans’ personal lives and financial circumstances to anyone willing to pay,” the agency said in a news release. The proposal would address “critical threats” data-selling agencies pose, including:

National security and surveillance risks. “Countries of concern,” like China and Russia, can buy detailed personal information about military service members, veterans, government employees, and other Americans for pennies per person, the CFPB said. “This enables the creation of detailed dossiers for potential espionage, surveillance, or blackmail operations, allowing relatively small investments to be leveraged into mass surveillance operations.”

Criminal exploitation. Identity thieves and scammers buy financial profiles to target vulnerable consumers, particularly seniors and people who are in financial distress. The information is used to run fraud schemes and steal retirement savings, “often targeting Americans who can least afford the losses.”

Violence, stalking, and personal safety threats to law enforcement personnel and domestic violence survivors: Dangerous people who target judges, law enforcement officers, government employees, domestic abuse survivors, or individuals in an unpopular profession can use contact information to stalk, threaten and harm. Perpetrators can buy current contact information in order to do that.

To address these risks, under the rule:

• Any company that sells data about income or financial tier, credit history, credit score, or debt payments would be considered a consumer reporting agency required to comply with the FCRA, regardless of how the information is used.
• When consumer reporting agencies collect information like names, addresses, or ages for credit reports, any sale of that information would be covered by the FCRA’s protections.
• Companies relying on consumers’ consent to obtain or share a consumer’s credit report would need separate, explicit authorization to do so from the consumer, rather than burying permissions in fine print.

“These changes would significantly limit the ability of data brokers to sell sensitive contact information that could be used to target, harass, or dox individuals seeking privacy protection, including domestic violence survivors,” the agency said.

The proposed rule would preserve pathways created by the FCRA for government agencies to access consumer report information for legitimate law enforcement, counterterrorism, and counterintelligence purposes, it said.

The proposed rule is part of a broader government-wide initiative to protect Americans’ sensitive personal data, complementing recent Executive Orders and actions by other federal agencies, CFPB said. In October, the Department of Justice proposed a rule to prevent access to Americans’ sensitive personal data by Russia, Iran, China, and other countries of concern.

The rule hasn’t gone into effect yet – it goes through a public comment period, which ends in March, then is reviewed by several panels and agencies, before it becomes final, likely a year or so from now. It would likely be enacted in 2026. That means it’s still up to you to protect your data as best as you can.

New protections for domestic abuse, fraud victims?

The CFPB earlier this month launched rulemaking to address the harmful effects of inaccurate credit reporting that negatively affects survivors of domestic, elder and other financial abuse.

“People trapped by domestic abuse must often sign documents under the threat of violence, ruining their financial lives and making it even more difficult to escape,” CFPB Director Rohit Chopra said in a news release. “Expanding identity theft protections could help survivors rebuild their financial lives and would ensure that our credit reporting system is not used as a tool for domestic and elder abuse.”

I wrote in April 2022 about financial abuse as a major, but unrecognized, factor in domestic abuse. The CFPB is on board, too. “Abusers often use coerced debt as a tool of control, forcing their partner or other family members to take out credit cards or loans through threats, physical violence, or manipulation,” the release said. “They may secretly open accounts in survivors’ names, force them to sign financial documents, or run up charges on existing accounts.”

This type of financial abuse “creates substantial, long-lasting harm for survivors,” the agency said.

Nearly three-quarters of domestic violence survivors report staying in abusive relationships longer in part because of coerced debt. “The impact falls particularly hard on women of color, who face higher rates of financial abuse resulting in nearly double the average debt burden,” the CFPB said.

Once the debt is removed from survivors’ credit reports, credit scores for one-third improve by 20 points or more, enough to qualify for better rates on loans, the agency said.

The agency seeks public comment on:

• The prevalence and extent of harm to people with coerced debt, including through the credit reporting system.
• Evidence regarding the relevance of coerced debt to a survivor’s credit risk.
• Barriers to accessing existing protection under federal or state law for survivors of economic abuse.
• Challenges resulting from coerced debt facing specific populations including survivors of intimate partner violence and gender-based violence, older Americans, and children in foster care.
• Potential documentation or self-attestation requirements for showing that a person’s debt was coerced.

The rulemaking was in response to a petition submitted by the National Consumer Law Center and the Center for Survivor Agency and Justice. The agency established a petition process in 2022 “to help Americans exercise the constitutional rights to petition the government,” it said. “The new protocols ensure that there is an easy and transparent way to request action.”

The deadline for submitting comments on the advance notice is March 7.

It’s not the first time the agency has tackled abuse and its relation to credit. In 2022, the CFPB finalized a rule that prohibits credit bureaus from providing reports that contain negative information about human trafficking survivors when the information resulted from the trafficking. The CFPB is also working on identifying potential violations of these rules, it said.

Will there be more in 2025?

We’ll keep you updated on what goes on with these new rules and proposed ones.

Banks and other financial institutions have fought hard against the agency’s junk fee rules and the Trump administration has promised “significant changes” to curtail the CFPB’s power.

The Washington Post reported in November that Trump’s transition team is looking for candidates to lead the agency – likely pro-business and banking ones – and would also scale back its oversight.

The agency is funded by the Federal Reserve, unlike most federal agencies, which are funded by Congress. It was done this way in order to keep its rule-making and enforcement independent of the political process. The law governing the CFPB sets a cap for its budget, which is adjusted for cost of living.

The U.S. Supreme Court in May voted 7-2 that the funding method is constitutional after two trade associations representing payday (high-interest) lenders challenged it. In June, after the Supreme Court ruling, a group of Republican senators introduced the Consumer Financial Protection Bureau Accountability Act, which would shift funding the agency to Congress. That bill didn’t pass, but is likely to come up again now that the Senate will and House will both have a Republican majority. The Trump administration and congressional Republicans campaigned on promises to reduce regulations on business. They are under increasing pressure from banks and other money-driven businesses and institutions to roll back rules that keep them from making higher profits, and have indicated they support that, too.

Next month we’ll take a look at what consumers can expect in the coming few years, and how the rules we talking about today, and others, may be affected.

You can reach Maureen Milliken at mmilliken@manchesterinklink.com