Fair Credit Reporting Act (FCRA) (Regs V and FF)

Question 1

ABC Bank is considering offering a special loan promotion in conjunction with the local cosmetic surgeon, Dr. Tucker, PC. The bank’s loan application forms will be available in the doctor’s office and patients who want to finance cosmetic surgery procedures can arrange financing directly with the bank. Dr. Tucker’s office will refer patients to the bank and provide bank application forms upon request. The bank’s application forms include an authorization that the applicant signs allowing the bank to obtain information from Dr. Tucker’s office as necessary to process the application for credit. Which of the following is true in connection with such applications?

A. The bank is permitted to contact the doctor’s office to determine and verify the medical purpose of the loan
B. The bank is not permitted to contact the doctor’s office for information relating to the credit application
C. The bank is permitted to contact the doctor’s office only if the loan is approved
D. The bank is permitted to contact the doctor’s office to obtain any information about the applicant because the applicant provided the signed authorization

Answer 1

A. The bank is permitted to contact the doctor’s office to determine and verify the medical purpose of the loan

Regulation FF implements the medical information provisions of the FCRA. This provides that creditors may NOT use any medical information in its decisioning processes for loans. Verifying a determination that a particular loan will be used for a medical purpose is not covered by this prohibition, since this information will not impact the qualifications of the borrower; it will be used only to verify the loan’s purpose. This is true whether or not the loan is approved. Just because the authorization is provided by the customer, the creditor may not obtain information Regulation FF would otherwise prohibit.

Question 2

Which of the following should the compliance officer accomplish FIRST to implement the information sharing provisions of the Fair Credit Reporting Act?

A. Draft a privacy policy
B. Identify the institution’s affiliates
C. Modify account holders’ agreements by adding opt-out language
D. Prepare opt-in agreements to mail to existing account holders

Answer 2

B. Identify the institution’s affiliates

Question 3

An auditor asked for your guidance regarding an audit in process. Review of 20 adverse action notices revealed that 2 were sent late, and 2 did not show the name and address of the consumer reporting agency when required by the Fair Credit Reporting Act. Each of the errors was made by a different employee. Given these findings, you should advise the auditor to:

A. Continue with the audit, but this is not a problem
B. Cite the errors as technical exceptions
C. Review more items to determine a root cause of the problem
D. Read Regulation B and the Fair Credit Reporting Act for guidance

Answer 3

C. Review more items to determine a root cause of the problem

There are clear problems here with adverse action notices, and thus far the problems are not specific to any particular employee or even a common issue. Therefore, to get a better handle on the scope of the problem, additional notices should be reviewed. This is clearly a problem and a violation of the FCRA, and they potentially could be more than simply technical violations. Having the auditor read Regulation B and FCRA may be useful, but not the best course of action in this situation.

Question 4

Your bank was criticized in an examination because it did not have an Identity Theft Red Flags Program in place in accordance with the Fair Credit Reporting Act (Regulation V). What is the FIRST step you should take to initiate such a program?

A. Prepare an annual report to the board of directors
B. Write detailed procedures for notifying law enforcement of reported incidents of identity theft
C. Identify all the types of covered accounts the bank offers
D. Train all staff on how to respond to customers who are victims of identity theft

Answer 4

C. Identify all the types of covered accounts the bank offers

Not having an Identity Theft Red Flags Program is a critical oversight that must be rectified. The natural first step in implementing a program is to determine the scope of the issue that may impact the bank. Preparing a report to the board, writing procedures to notify law enforcement, and training, while all potential parts of the process, would not come before identifying the scope of the program that must be developed. Identifying covered accounts is a natural first step here, and each of the other steps would follow that.

Question 5

What should the compliance professional consider a risk when monitoring for compliance with the Fair Credit Reporting Act (Regulations V and FF)?

A. Adverse action notices were sent to customers who were denied checking accounts
B. Prescreened solicitations do not include an opt-out to be excluded from future screenings
C. Credit reports are pulled on business purpose loans where the applicant has personal liability
D. Firm offers of credit are to be made to qualified applicants without the applicants’ prior permission

Answer 5

B. Prescreened solicitations do not include an opt-out to be excluded from future screenings

The Fair Credit Reporting Act requires prescreened solicitations to include appropriate opt-out language in both short-form and long-form. The absence of this required language would be a violation of the FCRA, and thus a risk to be identified when monitoring. Each of the other choices is a compliant action taken under Regulations V and FF.

Question 6

Your customer is a victim of identity theft. He has requested copies of records related to the fraudulent transaction. You must provide copies within how many days from the date of his request?

A. 5
B. 10
C. 30
D. 60

Answer 6

C. 30

Question 7

True/False: FCRA affects more than just credit.

Answer 7

True. FCRA also affects deposit accounts, insurance, employment and child support.

Question 8

What is a consumer report?

Answer 8

Any written or oral communication bearing on a consumer’s individual creditworthiness or general reputation that is collected to establish the consumer’s eligibility for:
- Credit or insurance to be used for personal, family, or household purposes
- Employment purposes
- Any other authorized purposes

Question 9

Is a report containing information about the transactions or experiences between the consumer and the person making the report considered a consumer report?

Answer 9

No

Question 10

CRAs, among other responsibilities, must purge obsolete information and report negative credit information for no longer than __ years and bankruptcies for no longer than __ years unless the information is related to credit or insurance for more than $___.

Answer 10

7
10
$150,000

Information reported because of an application for more than $150,000 worth of credit or life insurance has no time limitation.

Question 11

Before procuring a consumer report for ______ purposes, the ______ must disclose to the individual in writing and obtain written authorization that a consumer report may be obtained.

Answer 11

Employment
Employer

Question 12

When is an AAN provided under FCRA?

Answer 12

When information from the CRA contributes in whole or in part to take adverse action against the consumer, such as

• a denial of consumer credit or insurance
• the refusal to open a checking account
• an adverse change in terms of consumer credit or insurance such as refusing to renew a policy, credit card, or line of credit.
• the denial of employment

Question 13

If information from a CRA was used to make the adverse action decision, what 4 things must the user disclose?

Answer 13

• The CRA’s name, address and telephone number
• Statement that the CRA did not make the decision
• Statement that the consumer has the right to obtain a free copy of their consumer credit report within 60 days
• Inform the consumer of the right to dispute the accuracy or completeness of any info contained in the credit report.

Question 14

If credit information received from a 3rd party (not a CRA) including an affiliate, is used to make the AA, the user must:

• Notify the consumer of the action, including a statement that the consumer may obtain the info if it is requested within __ days after transmittal of the notice
• On the receipt of a request for the info by the consumer, disclose to the consumer the nature of the information on which the action is based within __ days of receipt of the request

Answer 14

60
30

Question 15

If the employer uses a credit report in whole or in part to make an adverse employment decision, what two things must the user provide to the consumer?

Answer 15

A copy of the report and a description of the consumer’s rights under FCRA

Question 16

Notice of address discrepancy is a notice informing a user that a consumer address supplied by the user in its request for a report is _____ ______ from one in the consumer’s file at the CRA.

Answer 16

substantially different

Question 17

True/False: After receiving an accurate address (from an address discrepancy), the user must notify the CRA of the accurate address as a part of the information the user regularly reports to the CRA for the reporting period.

Answer 17

True

Question 18

Under red flag requirements, these are accounts that involve continuing relationships established for personal, family or household purposes that involve or are designed to permit multiple payments or transactions, including credit cards, mortgages, checking accounts, savings accounts, utility accounts and phone accounts.

Answer 18

Covered accounts

Question 19

True/False: Banks are required to perform risk assessments and maintain an identity theft program under FCRA.

Answer 19

True

Question 20

True/False: Staff training is a required element of an identity theft program.

Answer 20

True

Question 21

Issuers of debit and credit cards must implement reasonable policies and procedures to assess the validity of changes of address if they receive a change of address for a consumer’s debit or credit card within a short period of time (during at least the first __ days after receiving the notice) the issuer receives a request for a replacement or an additional card.

Answer 21

30

Question 22

Any communication required to be sent to the cardholder in connection with an identity theft red flags program must be sent _____ from the issuer’s regular correspondence with the cardholder.

Answer 22

Separately

Question 23

When is a risk-based pricing notice required?

Answer 23

When a creditor extends credit to a consumer on terms that are materially less favorable than the terms offered to a substantial portion of other consumers, based on information from the consumer’s credit report.

Essentially, when a consumer receives a less favorable loan offer due to their credit history, they must receive a risk-based pricing notice.

Question 24

Is the bank required to provide a risk based pricing notice to business customers?

Answer 24

No, business credit is excluded.

Question 25

What is a cutoff score?

Answer 25

The score representing the point of which 40% of the lender’s borrowers have higher scores and 60% have lower scores.

Question 26

How often does the cutoff score have to be recalculated?

Answer 26

Every two years

A person using the credit score proxy method must recalculate its cutoff score(s) no less than every two years. A person using the credit score proxy method using market research, third-party data, or information from a party which it acquired, with which it merged, or from which it acquired the portfolio, generally must calculate a cutoff score(s) based on the scores of its own consumers within one year after it begins using the cutoff score derived from other parties.

Question 27

If a lender uses the cutoff score to provide a Risk Based Pricing Notice, what does the creditor do if the consumer has no score?

Answer 27

It must provide a RBPN to that consumer

Question 28

A person using secondary source method based on market research or using the method of another party due to a merger or acquisition must base the cutoff score on its own customer data within _ ____.

Answer 28

1 year

Question 29

If a lender uses the tiered pricing method, if there are __ or fewer pricing tiers, consumers in all tiers except the top tier (lowest price) must be provided with RBPNs.

Answer 29

4

Question 30

If a lender uses the tiered pricing method with __ or more tiers, consumers in all tiers except the top two tiers must be provided with Risk Based Pricing Notices, so long as the top two tiers comprise between __% and __% of the consumers.

Answer 30

5
30%
40%

Question 31

Credit card issuers may use the credit score proxy or tiered pricing method or may do what if the consumer is responding to a direct mail application or solicitation?

Answer 31

Provide a Risk Based Pricing Notice if the consumer receives an APR that is greater than the lowest rate available for that product.

Question 32

Is a credit card issuer required to provide a Risk Based Pricing Notice if the issuer’s program offers only one rate or if the issuer offers the consumer the lowest APR on the program?

Answer 32

No.

The issuer doesn’t need to provide a RBPN if the program offers only one rate (not including the temporary discounted rate or a penalty rate) or if the issuer offers the consumer the lowest APR available on the program, even if there is a lower APR offered by the issuer on another card program.

Question 33

True/False: A Risk Based Pricing Notice doesn’t have to be provided to the consumer when a lender uses a consumer report in the review of an existing account and, as a result, increases the APR on the account.

Answer 33

False

Question 34

The Risked Based Pricing Notice must contain a statement that federal law gives the consumer the right to requires a copy of the consumer report without charge for __ days after receiving the notice.

Answer 34

60

Question 35

The Risk Based Pricing Notice must note the key factors that adversely affected the credit score, which can’t exceed __ key factors. However, if one of the key factors is the number of inquiries made, then the number of key factors can’t exceed __.

Answer 35

4
5

Question 36

If a lender conducts a review of an account and provides a Risk Based Pricing Notice, what additional statements must be made in the disclosure?

Answer 36

• That the lender has conducted a review of the account using the consumer’s credit history, and
• That as a result, the consumer’s APR has been increased

Question 37

When must the Risk Based Pricing Notice be delivered for contemporaneous purchases (instant credit)?

Answer 37

Either at the time of the first mailing to the consumer after the purchase OR within 30 days of the purchase.

Question 38

If a transaction involves multiple consumers, how many Risk Based Pricing Notices must be given?

Answer 38

One to each

Question 39

True/False: A lender is not required to give a Risk Based Pricing Notice to a consumer to whom it provides an Adverse Action Notice.

Answer 39

True

RBPN Use: When a lender extends credit but at terms less favorable than what is typically offered to a substantial portion of consumers, based on information from a credit report.
AAN Use: When a lender denies credit to a consumer based on information from a credit report.
Key point: Since an AAN indicates that credit was denied, which is considered a more severe action than offering less favorable terms, the law does not require a lender to also provide a RBPN.

Question 40

Is a Risk Based Pricing Notice required for pre-screened solicitations?

Answer 40

No. This applies even if the lender makes offers to other consumers on more favorable terms.

A pre-screened offer is considered a “firm offer of credit”. The consumer has not yet applied for credit, so the terms of the offer are based on the pre-determined criteria used to select them for the pre-screened list

Question 41

Is a lender required to provide a Risk Based Pricing Notice if the extension of credit is secured by a 1-4 family residence?

Answer 41

No. When a loan is secured by a 1-4 family residence, lenders should provide a credit score disclosure in place of a full risk-based pricing notice.

Question 42

What is the alternative way to comply with FCRA if lenders choose not to provide the Risk Based Pricing Notice?

Answer 42

They provide a credit score disclosure exception notice.

If a lender chooses not to provide a Risk-Based Pricing Notice, an alternative way to comply with the FCRA is to provide a “credit score disclosure exception notice” to all credit applicants, essentially giving them information about their credit score instead of a detailed RBPN explanation.

Question 43

What notice is required for credit score disclosures when the loan is secured by a 1-4 family residence?

Answer 43

Notice to the Home Loan Applicant, which details the credit score used, the factors that contributed to that score, and how the score impacted the loan terms.

Question 44

What is the timing requirement for credit score disclosures for credit secured by a 1-4 family residence?

Answer 44

Notice must be provided before consummation for a closed-end loan or prior to the first transaction for an open-end loan. This is the same timing requirement as for Risk Based Pricing Notices.

Question 45

Is the lender required to provide a risk based pricing notice if the extension of credit is for non-residential property loans?

Answer 45

No, so long as they provide a credit score disclosure.

Question 46

What are the three types of credit score disclosures?

Answer 46

• Residential (loans secured by residential real property)
• Non-residential (other extensions of credit)
• No credit score (credit score not available)

Question 47

What are examples of contemporaneous credit?

Answer 47

Any open-end plan for the purpose of financing a purchase, such as a department store card.

Question 48

True/False: In a transaction involving more than one consumer, each consumer must receive a notice that contains only their credit score and not the credit score of the other consumer, regardless of whether the consumers have the same address.

Answer 48

True

Question 49

In a transaction involving more than one consumer, when can the lender send the Risk Based Pricing Notices together to the same address?

Answer 49

When the notice does NOT contain a credit score.

Question 50

Information reporters must provide the month and year of the start of the delinquency that resulted in a charge-off, placing the account for collection or similar action within __ days of furnishing the charge-off or collection information.

Answer 50

90

Question 51

_____ _____ refers to a fraud committed or attempted using the identifying information of another person without authority.

Answer 51

Identity theft

Question 52

____ ____ refers to any name or item of information that may be used, alone or in conjunction with other information to identify a person, such as name, SSN, DOB, ID#, and biometric data.

Answer 52

Identifying information

Question 53

After an identity theft report is filed, a person may request additional information, provided the requestor makes the request not later than __ days after the date of receipt of the report or the request for service by the consumer, whichever is later.

Answer 53

15

Question 54

After an identity theft report is filed, a person may request additional information or request supplemental information within __ days after the date of the __ request for information or documentation

Answer 54

15
initial

Question 55

If additional documentation or information is received on the 11th day or later within the 15-day period after an identity theft report is filed, the requestor will have __ days to make a final determination on the acceptance of the ID theft report.

Answer 55

5

Question 56

Fraud alerts must notify users of reports that the consumer may be what?

A. Victim of fraud
B. Active duty military
C. A or B

Answer 56

C. A or B

Question 57

At the request of the consumer, a Credit Reporting Agency must include a __ day initial fraud alert in the file of the consumer and alert other CRAs.

Answer 57

90

Question 58

Credit reporting agencies must include extended fraud alerts if the consumer provides what?

Answer 58

An identity theft report like a police report

Question 59

If a CRA extends the fraud alert, consumers are excluded from prescreen lists for __ years.

Answer 59

5

Question 60

On request, CRAs must include an active duty alert in the file for __ months.

Answer 60

12

Question 61

If an active duty alert is placed in the consumer’s file, the consumer is excluded from prescreened lists for __ years.

Answer 61

2

Question 62

How long is a consumer’s opt out effective?

Answer 62

At least 5 years from when the consumer’s choice is received

Question 63

Persons who accept debit or credit cards may print no more than the last __ digits of the card on any paper receipt provided to the customer at the time of the transaction.

Answer 63

5

Question 64

True/False: Banks that extend credit regularly and furnish info to CRAs must provide to the consumer notice that it has furnished negative info to the CRA. This notice must be provided within 30 days after furnishing the information.

Answer 64

True

Question 65

True/False: Mortgage lenders and brokers that use credit scores must provide to the consumer either the credit score it developed and used or a score developed by the CRA, even if it used its own proprietary internal credit score.

Answer 65

True

Question 66

True/False: A creditor may obtain and use medical information in connection with a determination of the consumer’s eligibility for credit so long as these 3 conditions are met:

1. The info is the type of info routinely used in making credit eligibility determinations (debts, income, expenses, assets, purpose or proceeds of the loan, or collateral)
2. The creditor uses the info in a way that is no less favorable than it would use any other comparable, nonmedical info.
3. The creditor doesn’t take into account the consumer’s physical, mental or behavioral health condition or history, type of treatment, or prognosis into account as a part of any such determination.

Answer 66

True

A creditor can use medical information to determine if a “medically-triggered forbearance program” applies to a consumer, meaning they can review the consumer’s medical details to see if they qualify for a temporary payment suspension due to a significant health issue. They can only use this, though, if the use is within the specific legal exceptions outlined under the Fair Credit Reporting Act (FCRA) regarding medical information usage.

Question 67

True/False: A creditor can consider any medical debt of the consumer for purposes of determining the consumer’s repayment ability; however, the creditor can’t treat debt owed to a hospital less favorable than debt owed to a retail store when considering the consumer’s credit history.

Answer 67

True

Question 68

Which of the following communications is NOT a consumer report regulated by FCRA?

A. A report telephoned by loan officer Sue to a loan officer Axl, describing Sue’s lending experience with borrower Brick.
B. A report from a credit bureau to a bank containing general credit information on a consumer
C. A bank’s written credit reference sent to a dept store as requested by the individual with bank credit file information, including other lenders; information from a credit bureau report
D. A bank’s report to a contractor with credit information on a mutual customer, including references from retailers gathered by the bank at the customer’s request

Answer 68

A. A report telephoned by loan officer Sue to a loan officer Axl, describing Sue’s lending experience with borrower Brick.

A consumer report does not include a report that only contains info about experiences between the person making the report and the consumer. Therefore, a bank can provide info about is own lending experience and not be covered by FCRA.

Question 69

Mrs. Williams applies to rent an apartment from Better Living Apartments. She has been a customer of First National Bank for several years, so she lists the bank as a credit reference. Better Living sends the bank a credit inquiry letter, and the bank sends Better Living a list of Mrs. Williams’s bank transactions. The report states that she has had several insufficient checks on her account over the last two months and that she has satisfactorily paid off a car loan. Better Living calls the bank and speaks to Consumer Loan Officer George Dillon. Mr. Dillon states that Mrs. Williams applied for a loan 3 months ago, and he denied the loan because of a slow-pay report from ABC Dept Store that appeared on Mrs. Williams’s credit report.

Did the bank give Better Living a consumer report under the FCRA?

A. No. Providing limited amounts of information from others will not cause the bank to be covered under FCRA.
B. Yes. By giving deposit-related info concerning returned checks, the bank has created a consumer report.
C. Yes. The bank gave credit information it received from another source.
D. No. The ABC Dept Store info was part of the bank’s own experience, because it was used by the bank to make a credit decision.

Answer 69

A. No. Providing limited amounts of information from others will not cause the bank to be covered under FCRA.

Question 70

In which of the following circumstances is it NOT permissible for a bank to obtain a consumer report from a CRA?

A. The bank requests reports on all delinquent borrowers for collection purposes.
B. The bank requests prescreen lists on prospective credit card applicants to solicit credit card accounts.
C. As an employee service, the bank requests credit reports on employees’ family members for the employees’ and their families own use.
D. The bank obtains a credit report on prospective employees, with their consent, after the first interview but before the job offer.

Answer 70

C. As an employee service, the bank requests credit reports on employees’ family members for the employees’ and their families own use.

Question 71

Consumer reports used for credit transactions may contain which of the following terms?

A. Records of bankruptcies for 7 years
B. Adverse credit items for 7 years and bankruptcies for 10 years
C. Records of arrests or convictions for 10 years
D. Paid tax liens for 10 years

Answer 71

B. Adverse credit items for 7 years and bankruptcies for 10 years

Question 72

First National Bank has denied a credit application from Mr. Johnson because the application scored too low on the bank’s internal credit-scoring systems. Mr. Johnson’s credit report, received from a CRA, scored a 4 out of a possible 10. Other parts of Mr. Johnson’s application received low scores also. Which statement best describes First National’s responsibility to Mr. Johnson under the FCRA?

A. Send an AAN that states the reasons the credit was denied
B. Send a notice that a credit report was used
C. Send an AAN that states that a credit report was used and gives the name and address of the CRA
D. Send an AAN that summarizes the information on the credit report.

Answer 72

C. Send an AAN that states that a credit report was used and gives the name and address of the CRA.

When credit is denied based wholly or partly on info contained in a consumer report, the user of the report must advise the consumer of the fact and supply the name and address of the CRA. Under ECOA/Reg B, the AAN must either give the reasons for the action or explain to the applicant that he or she ahs the right to request the reasons.

Question 73

Mr. Hilliard applied to First National Bank for a car loan. The bank requested a credit report on Mr. Hilliard from the local CRA and found that he had almost no credit. No negative items were on the report. In addition, Mr. Hilliard had been employed at his job for four months and his previous work experience was difficult to verify. The bank denied his application for a loan and set him an AAN. What should the bank do under FCRA?

A. Notify Mr. Hilliard that a credit report was obtained and give him the name and address of the credit bureau.
B. Nothing. The bank has no responsibilities under the FCRA because the report contained no adverse items.
C. In person or over the telephone, explain to Mr. Hilliard that, although the credit report had no negative items, he has too little credit history.
D. Give Mr. Hilliard a copy of the credit report.

Answer 73

A. Notify Mr. Hilliard that a credit report was obtained and give him the name and address of the credit bureau.

That info on the credit report was partially responsible for the credit denial gives rise to the responsibility to report it to the consumer. Even too little credit history is enough reason to report under the FCRA. In addition, under ECOA’s Reg B, the reasons for credit denial must be provided either automatically or on request after notice of the right is provided.

Question 74

First National Bank received a credit application from Lewis Nelson for a home equity loan. Mr. Nelson indicated that he has a $75,000 loan from the Overton Cancer Center. The bank called the cancer center to check the credit history and balance on the loan. The bank discovered that Mr. Nelson is 4 months past due on the loan. Based on this information, the bank denied the home equity credit application. Which statement is correct?

A. The bank’s denial, based on the information, was wrong because the fact that he had a loan from the cancer center involves medical information about the consumer
B. The bank should not have contacted the cancer center at all because doing so involves medical information about the consumer
C. The bank should have disclosed on its consumer application that medically related debts do not have to be listed
D. The bank acted correctly because it treated the applicant’s medical debt just as it would any other debt.

Answer 74

D. The bank acted correctly because it treated the applicant’s medical debt just as it would any other debt.

Using medical information in a manner that is no less favorable than it uses other forms of credit info is an exception to the general rule.

Question 75

To avoid being considered a CRA, the FCRA requires banks that regularly purchase dealer paper from auto dealers to be sure that the:

A. Dealer properly discloses the reasons for a denial of credit
B. Bank’s name does not appear on the application or on the contract signed by the customer
C. Dealer reports to the consumer the name and address of the bank
D. Statement of disclaimer of liability is on any application for credit purchased by the bank.

Answer 75

A. Dealer properly discloses the reasons for a denial of credit

This info must be given to the consumer in order to prevent the bank from becoming a CRA.

Question 76

A compliance officer is monitoring a bank’s credit reports for compliance with the FCRA requirements. Which of the following is NOT a permissible purpose for obtaining and using the consumer report?

A. Application to open a new personal deposit account
B. Annual review of a personal credit card account before issuing a renewal card
C. Review of the personal credit history of a prospective customer on whom the bank officer plans to call
D. Application for a commercial loan by an individual where the individual authorized the bank to investigate his credit history.

Answer 76

C. Review of the personal credit history of a prospective customer on whom the bank officer plans to call.

The bank can’t obtain a consumer report without a legitimate credit or employment purpose. The consumer must either apply for credit or employment, or the bank must be planning to make a firm offer of credit in order to obtain a consumer report.

Question 77

Friendly Service Bank is a new bank that will focus on offering financial services to consumers. The compliance officer needs to comply with the identity theft prevention requirements of FACTA. What should she do first?

A. Write a complaint policy that the board can approve
B. Establish procedures for handling address changes
C. Appoint a task force to establish compliance priorities
D. Perform a risk assessment of the bank’s risk factors for identity theft

Answer 77

D. Perform a risk assessment of the bank’s risk factors for identity theft.

The first step in developing an identity theft prevention program is to perform a RA to determine whether the bank offers or maintains covered accounts, consider the methods used to open and provide access to accounts in order to assess the bank’s exposure to identity theft threats.

Question 78

Friendly Service Bank has an affiliated insurance company, FSB Insurance. In which of the following cases would the consumer receiving the marketing materials have to have received the affiliate marketing opt-out opportunity?

A. FSB obtains credit score qualification info from FSB Insurance to identify which of the bank’s loan customers would be eligible for FSB Insurance’s products
B. FSB using a city phone directory, sends a brochure containing marketing materials on its own products, as well as FSB Insurance products
C. FSB Insurance receives individualized credit score information from FSB about the bank’s loan customers. After selecting eligible customers from the list, FSB Insurance sends a qualified list back to FSB who sends the FSB Insurance marketing materials to the selected bank customers.
D. FSB sends its own customers a marketing brochure containing info about its own loan products.

Answer 78

C. FSB Insurance receives individualized credit score information from FSB about the bank’s loan customers. After selecting eligible customers from the list, FSB Insurance sends a qualified list back to FSB who sends the FSB Insurance marketing materials to the selected bank customers.

The affiliate marketing rules allow the bank to obtain selection information from an affiliate to send marketing materials to its own customers who might be eligible for the products sold by the affiliate without requiring a notice and opt out by the bank’s own customers. The bank can send info to individuals whose names are obtained on public lists without giving an opt-out notice, even if some of them happen to be customers of their affiliates. The bank can also market its own products without requiring an opt-out opportunity. However, when an affiliate, such as FSB Insurance, obtains individualized information on the bank’s customers and selects them to receive marketing materials, then the opt-out notice requirement is triggered.

Question 79

In which of the following cases must a furnisher of consumer information investigate the dispute?

A. A dispute submitted by a credit repair company on behalf of one of the furnisher’s customers
B. A dispute submitted by one of the furnisher’s customers on a form supplied by a credit repair company
C. A dispute about a charged off loan for which the consumer refused to provide his SSN
D. A dispute about a delinquent account that has been previously submitted but upon which the furnisher took no action

Answer 79

D. A dispute about a delinquent account that has been previously submitted but upon which the furnisher took no action.

A furnisher can consider a dispute to be a frivolous dispute if it does not include sufficient identifying information, such as a SSN, it is submitted by a credit repair company or on a form by a credit repair company. Disputes that have been submitted previously can be considered to be frivolous if the furnisher investigated the dispute when it was previously submitted.

Question 80

Which of the following methods is NOT valid for determining which consumer borrowers should receive a Risk Based Pricing Notice?

A. The credit score proxy method
B. The direct comparison method
C. The tiered pricing method
D. The comparative file method

Answer 80

D. The comparative file method.

The direct comparison method is used when the lender directly compares borrowers to other similar borrowers in the portfolio to determine who receives a notice. The credit score proxy method is used when the lender derives a cutoff credit score where at least 40% of its borrowers fall above the cutoff and 60% below the cutoff. Borrowers below the cutoff receive notices. The tiered pricing method allocates notices to borrowers in the higher pricing tiers.

Question 81

The Fair Credit Reporting Act Notice to Home Loan Applicants must be provided to:

A. All consumers whose applications for personal purpose credit secured by a principal dwelling are denied
B. All consumers who apply for a home loan
C. All consumers who apply for a home loan and are turned down because of information contained in a consumer report
D. All consumers who apply for a home loan in which the creditor uses a consumer credit score

Answer 81

D. All consumers who apply for a home loan in which the creditor uses a consumer credit score

Question 82

A Notice to Home Loan Applicant under the FCRA must include:

A. A statement that if the consumer has questions about the terms of the loan, the consumer should contact the consumer reporting agency
B. A statement that the lender plays no part in the credit decision
C. A statement describing what a credit score is
D. A statement that credit scores are not as important as income in determining whether a consumer will receive credit

Answer 82

C. A statement describing what a credit score is

Question 83

What is “medical information” covered under Reg FF?

Answer 83

Information or data relating to a consumer’s

• Physical, mental or behavioral health or condition
• Provision of health care to an individual
• Payment for the provision of health care
• Does not apply to demographic information (age, gender, etc.)

Question 84

Under Reg FF, a creditor is not prohibited from ______ medical information, as long as they don’t specifically request such information.

Answer 84

obtaining

Question 85

Creditors cannot use medical information to determine a consumer’s __________ for credit, unless it is a type normally used in credit decisions (debts, expenses, etc.), and the information is considered no less favorably than other credit information, and health, condition, history, type of treatment, or prognosis is not taken into account.

Answer 85

eligibility

Question 86

Which of the following would be prohibited used of medical information pertaining to a consumer in connection with determining the consumer’s eligibility for credit?

A. Consideration of a consumer’s terminal illness in deciding to deny a loan request
B. Consideration of a consumer’s medical debts to a care facility specializing in terminal illnesses in overall debt calculation
C. Consideration of a consumer’s disability income and other income in relation to total debt
d. Consideration of a consumer’s past due debts to a medical supply company for medical equipment to disqualify the loan request

Answer 86

A. Consideration of a consumer’s terminal illness in deciding to deny a loan request

Question 87

The compliance officer has been asked to participate in a working group charged with formulating the bank’s Identity Theft Prevention Program. Which types of accounts should the compliance officer include in the coverage of the program?

A. All consumer and commercial checking accounts
B. Only consumer checking accounts
C. Safe deposit boxes
D. All consumer and commercial loans and lines of credit

Answer 87

A. All consumer and commercial checking accounts

The Identity Theft Prevention Program aspects of the FCRA dictate that all consumer and commercial deposit accounts be covered by the requirements. Safe deposit boxes need not be covered, nor do commercial loans and lines of credit.

Question 88

The compliance officer is tasked with determining whether appropriate remediation was performed within its credit card operations. What is the appropriate response when a customer requests a change of address within 30 days of opening a new credit card account?

A. Validate the changed address by contacting the customer at the previous address the bank has on file
B. Validate the changed address by contacting the customer at the new address provided by the customer
C. Immediately close the account as there is clear evidence of identity theft
D. Begin providing periodic statements to both addresses on file with a written request that the customer validates which address is correct

Answer 88

A. Validate the changed address by contacting the customer at the previous address the bank has on file

The Identity Theft Prevention Program aspects of the FCRA require that a change of address request received within 30 days of the opening of a new credit card be addressed by validating the request by the customer at the (former) address the bank has on file, not the new (requested) address. There is no requirement to immediately close the account or provide periodic statements to both addresses.

Question 89

When reviewing the bank’s Identity Theft Prevention Program, the compliance officer becomes aware of some scenarios the bank has experienced that may indicate possible identity theft. When determining the appropriate NEXT steps, what guidelines should the compliance officer follow when it comes to determining red flag guidelines?

A. Limit the list of red flags to those listed in the appendix to the Fair Credit Reporting Act, as the regulation limits red flag events to those listed
B. Examine the Bank Secrecy Act to determine examples of red flags to include the program
C. Examine the scenarios presented in the appendix to the Fair Credit Reporting Act, but also determine whether there are additional scenarios to add based on the bank’s experience
D. Examine the scenarios presented in the appendix to the Fair Credit Reporting Act, but also determine whether there are scenarios identified in the Bank Secrecy Act to add to the program

Answer 89

C. Examine the scenarios presented in the appendix to the Fair Credit Reporting Act, but also determine whether there are additional scenarios to add based on the bank’s experience

The red flag guidelines in the FCRA’s Identity Theft Prevention Program rules require banks to examine the scenarios indicated in the appendix to the rule for possible inclusion in the bank’s program, but also to identify additional scenarios to include, even if not listed in the appendix. Red flags are not contained in the BSA.

Question 90

A consumer reporting agency contacts your bank and explains that an individual is disputing the accuracy of her credit report regarding information about a delinquent loan that your bank reported. Your bank is required to FIRST:

A. Promptly cease reporting any information regarding the account in question
B. Investigate the issue and report the results back to the consumer reporting agency
C. Contact the individual directly and ask her to complete a dispute form
D. Immediately update bank records to avoid further furnishing of inaccurate information

Answer 90

B. Investigate the issue and report the results back to the consumer reporting agency