The CFPB’s top 10 actions to protect consumers so far in 2023

As a reminder, the CFPB opened its doors on July 21, 2011, one year after President Barack Obama signed the Dodd-Frank Wall Street Reform and Consumer Protection Act. Typically referred to as “Dodd-Frank” or “Wall Street Reform,” this law created the CFPB in the aftermath of the 2008 economic crash caused, in large part, by the financial industry’s malfeasance. The CFPB became the United States’ first federal agency dedicated to protecting consumers from financial shenanigans. 

Since opening its doors 12 years ago, the CFPB has recouped $17.5 billion for consumers, enforced consumer protection laws by taking more than 300 actions against companies, and processed 4 million consumer complaints against financial companies. (You can submit your own complaint here.) 

Despite — or likely, because of — its record, the CFPB finds itself under attack by special interests intent on seeing it weakened. The Supreme Court will hear oral arguments in October for a case about the constitutionality of the CFPB’s independent funding. As we and numerous other consumer advocates contend in an amicus brief filed this spring, when Congress created the CFPB in the wake of the 2008 economic crash, it clearly used its Constitutional authority to provide a reliable and annually capped source of funding for the agency to do its one job of protecting consumers.

1. Ordering Bank of America to pay nearly $200M for charging illegal fees, withholding credit card rewards, and opening fake accounts

The Consumer Financial Protection Bureau (CFPB) in July ordered Bank of America to return more than $100 million to customers who were illegally charged multiple “insufficient funds fees” for the same transactions, had credit card rewards points withheld, and had fake credit card accounts opened without their authorization. Additionally, Bank of America was ordered to pay $90 million in penalties to the CFPB and $60 million in penalties to the Office of the Comptroller of the Currency (OCC). 

The compensation timeline is available here and here.

The opening of fake accounts might sound familiar if you remember that in September 2016 the CFPB fined Wells Fargo a record $100 million after it was discovered that executives had facilitated a toxic culture and supervised a sales quota scheme that forced low-paid frontline workers to open an estimated 2 million fake accounts in the names of actual customers to meet unreasonable goals. 

Incidentally, in December 2022 the CFPB ordered Wells Fargo, defined as a “repeat offender,” to pay $3.7 billion for wrongful foreclosures, car repossessions, overdraft fees and more in the largest enforcement action in its history.

2. Investigating the harms of medical credit cards

The CFPB hosted a hearing in July on the proliferation of “medical credit cards” and the impact of medical debt on families after announcing with with the Departments of Treasury and Health & Human Services a Request for Information (RFI) to solicit feedback on the patient impact of the proliferation of medical credit cards and its relationship to growing medical debt. 

A 2021 OSPIRG (Oregon State PIRG) study of bankruptcies in Oregon showed that the most frequently listed creditor was the issuer of a health-care-specific credit card, CareCredit (from Synchrony Bank), followed by big hospital/provider networks.

In June, U.S. PIRG submitted comments to urge the CFPB to issue rules to prohibit health care professionals from promoting medical credit cards and to prohibit the inclusion of medical debt on credit reports.

3. Closely examining medical billing and collections practices

The CFPB released a report in February showing a 33% reduction in medical debt reporting, from 2018 to 2022. As the CFPB explains:

“CFPB market monitoring indicates that some debt collectors are moving away from furnishing medical collections information to credit reporting companies in part due to their concerns about data integrity and their ability to comply with the Fair Credit Reporting Act, including dispute processing.”

This report continues the CFPB’s broad efforts to monitor medical debt and its impact on consumers, including the release of a March 2022 report on medical debt which found that at least $88 billion of medical debt sits on consumer credit reports, squashing their hopes and dreams. A few weeks after that report was published, Equifax, Experian and TransUnion, the three major credit bureaus, announced they would be erasing paid medical debt from credit reports and excluding medical debt of less than $500. 

CFPB analysis of these changes found that, “about half of all consumers who currently have medical collection tradelines on their credit reports will likely still have medical collections reported once the Medical Collections Reporting Change goes into effect.” 

Because so many health issues are beyond our control, U.S. PIRG and other consumer advocates contend that medically necessary debt on credit reports shouldn’t just be limited — it shouldn’t be reported or considered at all.

4. Highlighting the unique risks of digital payment apps to servicemembers

The CFPB released its annual report in June on top financial concerns facing servicemembers, veterans, and military families, highlighting the growing risks of digital payment app usage in the servicemember community. The report made the following recommendations to digital payment app providers:

• Improve the safety and security of their networks to prevent fraud by, for example, detecting and removing repeat fraudsters.
• Improve their responsiveness to fraud by, for example, coordinating more closely with financial institutions, to resolve problems quickly.  
• Tailor refund policies to military families’ unique experiences that might, for example, limit servicemembers’ abilities to recognize or respond to fraud.

5. Advising consumers to transfer the billions of dollars stored on payment apps that might not have federal deposit insurance 

The CFPB issued an advisory to consumers to transfer their funds sitting in payment apps to their bank or credit union accounts. The advisory coincided with the release of CFPB analysis, which found that payment app accounts might not have federal deposit insurance that protects deposits in the event of the app company going out of business or filing for bankruptcy. As the CFPB warns:

“When users receive payments, through these apps, these funds are not automatically swept into their linked bank or credit union account. In addition, payment app companies do not necessarily store customer funds in an insured account through a business arrangement with a bank or credit union. The company’s investments carry risk and if it were to fail, customers could lose their funds…Until payment apps are designed to automatically sweep balances into a user’s insured account, consumers may need to take action to move their balances stored in payment apps.”

6. Providing guidance on what constitutes abusive conduct in financial markets 

In addition to creating the CFPB, Dodd-Frank also prohibited “abusive” acts and practices in the financial marketplace. The CFPB issued guidance in the form of a policy statement in April to help federal and state financial regulators and financial firms identify what constitutes such abusive conduct. The policy statement explains how companies are prohibited from obscuring important features of a product or service, or taking unreasonable advantage of consumers’ lack of understanding, unequal bargaining power, or reliance on them. The CFPB explains: 

“In particular, the statement describes how the use of dark patterns, set-up-to-fail business models like those observed before the mortgage crisis, profiteering off captive customers, and kickbacks and self-dealing can be abusive.”

7. Launching an inquiry into business practices of data brokers 

Companies like data brokers gather huge amounts of data on Americans – like every website we visit, purchase we make, and web search we conduct. There are no real rules regulating the collecting, buying and selling of Americans’ data, leaving us vulnerable to identity thieves, hackers, scammers and manipulative advertisers.

The CFPB issued a Request for Information in March about these shadowy companies and how their business model affects consumers’ financial health. As CFPB director Rohit Chopra explained:

“Modern data surveillance practices have allowed companies to hover over our digital lives and monetize our most sensitive data. Our inquiry will inform whether rules under the Fair Credit Reporting Act reflect these market realities.”

PIRG joined our friends at the Center for Digital Democracy in sharing our concerns in response to the inquiry. As our comment explains:

“For consumers, the process of identifying data brokers that hold their data is nearly impossible. Submitting requests to access, correct or delete data from even major data brokers is often limited to residents of the few states with data privacy laws. This comment includes a study of the access, correct[ion] and deletion processes [of] 32 data brokers, and finds the current systems almost entirely unusable…The Bureau should adopt rules that make accountable all companies collecting, sharing, selling and providing access to consumer data used for financial services.”

8. Uncovering illegal junk fees on bank accounts, mortgages, and student and auto loans 

The CFPB released in March a special “junk fees” edition of its regular report about the agency’s work to examine financial companies for compliance with consumer protection laws. 

The report details the CFPB’s examinations between July 1, 2022 and February 1, 2023, which uncovered the charging of numerous illegal junk fees, including surprise overdraft fees, excessive payment processing fees for auto loans, and mortgage servicing fees for property inspection visits to known wrong addresses. 

In response to the findings detailed in the report, many companies ceased illegal practices and waived or refunded ill-gotten fees. 

The CFPB’s increased scrutiny of junk fees began with its launch of an initiative last January to  save Americans billions of dollars a year from junk fees associated with their bank, credit union, prepaid or credit card account, mortgage, loan, or payment transfers that are unexpected, unclear, or too high. The initiative continued when Director Chopra and Federal Trade Commission (FTC) Chair Lina M. Khan joined President Biden last October to explain federal actions against junk fees, including the CFPB’s guidance to counter the worst bank junk fees, including both unfair overdraft and penalty fees. The CFPB’s current rulemaking agenda indicates the agency will be considering whether to amend rules related to overdraft fees. 

9. Monitoring and improving the credit card market

The CFPB is required to review the Credit Card Accountability, Responsibility and Disclosure (CARD) Act, enacted by Congress in 2009 to ensure fair and transparent credit card company practices, every two years and report back to Congress about its findings. As part of the next review, required this year, the CFPB issued a Request for Information about the public’s experience with credit cards. The report is due to come out later this year.

In March, the CFPB launched improvements to a survey used for the statutorily required semi-annual collection of data from the largest 25 issuers of credit cards and at least 125 additional institutions. The improved survey is intended to help consumers comparison shop for the best interest rates and credit products.

The CFPB also proposed a rule that would reduce standard credit card late fees from up to $41 to $8, to keep in line with the CARD Act’s requirement that such fees be “reasonable and proportional” to the costs of handling late payments. The CFPB estimates that the largest credit card companies are generating income from late fees that are approximately five times greater than processing costs. 

10. Cracking down on subscription services that charge people who don’t want them 

The CFPB and the FTC are cracking down on so-called “negative option marketing” and the use of “dark patterns” or “deceptive design” that lock consumers into subscription renewals or charge them for optional add-on fees without adequate disclosure or consent.

In January, the CFPB issued guidance affirming that subscription services risk violating consumer protection law if they fail to provide proper disclosure and obtain informed consent, or if they make consumers jump through hoops to cancel. Violations might include the following practices:

• Failing to provide disclosure: Misrepresenting or failing to provide information, such as the total amount of charges or the fact that charges will continue until canceled, that would likely inform a consumer’s decision to enroll in the first place.
• Failing to obtain informed consent: Signing consumers up for services when they don’t understand there are recurring charges.
• Making consumers jump through hoops: Erecting barriers to canceling services, such as forcing consumers to talk to customer service agents repeatedly or for unreasonably long times.