-
AGENCY:
Consumer Financial Protection Bureau.
ACTION:
Consumer financial protection circular.
SUMMARY:
The Consumer Financial Protection Bureau (CFPB) has issued Consumer Financial Protection Circular 2024-05, titled “Improper Overdraft Opt-In Practices.” In this circular, the CFPB responds to the question, “Can a financial institution violate the law if there is no proof that it has obtained consumers' affirmative consent before levying overdraft fees for ATM and one-time debit card transactions?”
DATES:
The CFPB released this circular on its website on September 17, 2024.
ADDRESSES:
Enforcers, and the broader public, can provide feedback and comments to Circulars@cfpb.gov.
FOR FURTHER INFORMATION CONTACT:
George Karithanom, Regulatory Implementation & Guidance Program Analyst, Office of Regulations, at 202-435-7700 or at: https://reginquiries.consumerfinance.gov/. If you require this document in an alternative electronic format, please contact CFPB_Accessibility@cfpb.gov.
SUPPLEMENTARY INFORMATION:
Question Presented
Can a financial institution violate the law if there is no proof that it has obtained consumers' affirmative consent before levying overdraft fees for ATM and one-time debit card transactions?
Response
Yes. A bank or credit union can be in violation of the Electronic Fund Transfer Act (EFTA) and Regulation E if there is no proof that it obtained affirmative consent to enrollment in covered overdraft services. The form of the records that demonstrate consumer consent to enrollment may vary according to the channel through which the consumer opts into covered overdraft services. ( print page 80076)
Regulation E's overdraft provisions establish an opt-in regime, not an opt-out regime, where the default condition is that consumers are not enrolled in covered overdraft services. Financial institutions are prohibited from charging fees for such services until consumers affirmatively consent to enrollment. Violations of 12 CFR 1005.17(b)(1) can be proven in part by showing evidence that a consumer was charged an overdraft fee on a covered transaction where the available evidence does not adequately validate that the consumer opted in.[1]
Regulatory Background
Regulation E implements the EFTA and governs the assessment of certain overdraft fees. Specifically, before a financial institution may charge a consumer a fee in connection with an ATM or one-time debit transaction, Regulation E requires the financial institution to provide consumers with a “reasonable opportunity for the consumer to affirmatively consent, or opt in” to covered overdraft services, and to obtain the consumer's “affirmative consent, or opt in” to such services.[2] Institutions are also required to provide consumers with a written or electronic notice describing the institution's overdraft services prior to opt in, and to provide consumers with confirmation of the consumer's consent to enrollment in writing or electronically with a notice informing the consumer of the right to revoke such consent.[3] These rules do not apply to overdraft fees charged on written checks, recurring debit transactions, or ACH transactions.
Analysis
As noted above, Regulation E sets forth an opt-in, rather than opt-out, process before financial institutions are permitted to assess fees for covered overdraft services. The opt-in provisions provide that, absent affirmative enrollment by consumers, consumers' default status is to not be enrolled in covered overdraft services. Regulation E's opt-in provisions were established after the Federal Reserve Board found that consumers who were automatically enrolled in overdraft services may prefer to “avoid fees for a service they did not request.” [4] Therefore, consistent with this opt-in design, when determining compliance with Regulation E's opt-in provisions, regulators and enforcers should inspect the financial institutions' records to determine whether there is evidence of affirmative consent to enrollment in covered overdraft services.
In the CFPB's supervisory work, examinations have found that some institutions have been unable to provide evidence that consumers had opted into overdraft coverage before they were charged fees for ATM and one-time debit transactions. While some institutions maintained policies and procedures relating to Regulation E's overdraft opt-in requirements, supervisory examinations found that the institutions were unable to show that these policies and procedures were actually followed with respect to individual consumers. In response to examination findings, institutions began maintaining records to prove the consumer's affirmative consent to enrollment in covered overdraft services.
In supervisory and enforcement work, the CFPB has also identified numerous other violations of law relating to Regulation E's overdraft opt-in requirements over the years. These violations have included, for example: the failure of institutions to obtain consumers' affirmative consent to enrollment in covered overdraft services,[5] and obtaining consumers' opt-in to covered overdraft services through deceptive and abusive acts or practices.[6] The prevalence of violations related to overdraft opt in underscores the need for effective supervision and enforcement of Regulation E's overdraft opt-in provisions.
Form of Records Evidencing Opt-In
The form of the records that demonstrate consumer consent to enrollment may vary according to the channel through which the consumer opts into covered overdraft services. For example:
- For consumers who opt into covered overdraft services in person or by postal mail, a copy of a form signed or initialed by the consumer indicating the consumer's affirmative consent to opting into covered overdraft services would constitute evidence of consumer consent to enrollment.
- For consumers who opt into covered overdraft services over the phone, a recording of the phone call in which the consumer elected to opt into covered overdraft services would constitute evidence of consumer consent to enrollment.
- For consumers who opt into covered overdraft services online or through a mobile app, a securely stored and unalterable “electronic signature” as defined in the E-Sign Act (15 U.S.C. 7006(5)) conclusively demonstrating the specific consumer's action to affirmatively opt in and the date that the consumer opted in would constitute evidence of consumer consent to enrollment.
About Consumer Financial Protection Circulars
Consumer Financial Protection Circulars are issued to all parties with authority to enforce Federal consumer financial law. The CFPB is the principal Federal regulator responsible for administering Federal consumer financial law, see12 U.S.C. 5511, including the Consumer Financial Protection Act's prohibition on unfair, deceptive, and abusive acts or practices, 12 U.S.C. 5536(a)(1)(B), and 18 other “enumerated consumer laws,” 12 U.S.C. 5481(12). However, these laws are also enforced by State attorneys general and State regulators, 12 U.S.C. 5552, and prudential regulators including the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, and the National Credit Union Administration. See, e.g.,12 U.S.C. 5516(d), 5581(c)(2) (exclusive enforcement authority for banks and credit unions with $10 billion or less in assets). Some Federal consumer financial laws are also enforceable by other Federal agencies, including the Department of Justice and the Federal Trade Commission, the Farm Credit Administration, the Department of Transportation, and the Department of Agriculture. In addition, some of these laws provide for private enforcement.
Consumer Financial Protection Circulars are intended to promote consistency in approach across the ( print page 80077) various enforcement agencies and parties, pursuant to the CFPB's statutory objective to ensure Federal consumer financial law is enforced consistently. 12 U.S.C. 5511(b)(4).
Consumer Financial Protection Circulars are also intended to provide transparency to partner agencies regarding the CFPB's intended approach when cooperating in enforcement actions. See, e.g.,12 U.S.C. 5552(b) (consultation with CFPB by State attorneys general and regulators); 12 U.S.C. 5562(a) (joint investigatory work between CFPB and other agencies).
Consumer Financial Protection Circulars are general statements of policy under the Administrative Procedure Act. 5 U.S.C. 553(b). They provide background information about applicable law, articulate considerations relevant to the Bureau's exercise of its authorities, and, in the interest of maintaining consistency, advise other parties with authority to enforce Federal consumer financial law. They do not restrict the Bureau's exercise of its authorities, impose any legal requirements on external parties, or create or confer any rights on external parties that could be enforceable in any administrative or civil proceeding. The CFPB Director is instructing CFPB staff as described herein, and the CFPB will then make final decisions on individual matters based on an assessment of the factual record, applicable law, and factors relevant to prosecutorial discretion.
Rohit Chopra,
Director, Consumer Financial Protection Bureau.
Footnotes
1. Depending on the circumstances, a financial institution's overdraft practices may also implicate the CFPA's prohibition on unfair, deceptive, or abusive acts or practices. 12 U.S.C. 5531, 5536. See, e.g., Consumer Financial Protection Circular 2022-06, Unanticipated Overdraft Fee Assessment Practices (Oct. 26, 2022).
Back to Citation2. 12 CFR 1005.17(b)(1)(ii) & (iii).
Back to Citation3. 12 CFR 1005.17(b)(1)(i) & (iv). 12 CFR 1005.13(b)(1) requires a person to retain evidence of compliance with the requirements of EFTA and Regulation E for a period of not less than two years from the date disclosures are required to be made or action is required to be taken. This is an independent legal obligation, which does not change the fact that the absence of records proving that an opt-in occurred is suggestive that a consumer did not opt in.
Back to Citation4. Electronic Fund Transfers, 74 FR 59033, 59038 (Nov. 17, 2009) (amending 12 CFR part 205).
Back to Citation5. See, e.g., CFPB Consent Order, In re Atlantic Union Bank, No. 2023-CFPB-0017 (Dec. 7, 2023); CFPB Consent Order, In re Regions Bank, No. 2015-CFPB-0009 (Apr. 28, 2015); Supervisory Highlights, Summer 2015 Edition, at 23, available at https://files.consumerfinance.gov/f/201506_cfpb_supervisory-highlights.pdf.
Back to Citation6. See, e.g., CFPB Consent Order, In re TD Bank, N.A., No. 2020-BCFP-0007 (Aug. 20, 2020); CFPB v. TCF National Bank, Stipulated Final Judgment and Order, No. 17-cv-00166 (July 20, 2018).
Back to Citation[FR Doc. 2024-22551 Filed 10-1-24; 8:45 am]
BILLING CODE 4810-AM-P
Document Information
- Published:
- 10/02/2024
- Department:
- Consumer Financial Protection Bureau
- Entry Type:
- Rule
- Action:
- Consumer financial protection circular.
- Document Number:
- 2024-22551
- Dates:
- The CFPB released this circular on its website on September 17, 2024.
- Pages:
- 80075-80077 (3 pages)
- PDF File:
- 2024-22551.pdf
- CFR: (1)
- 12 CFR None