Financial Flashcards
4-6 questions
What entities does the FCRA regulate?
- any consumer reporting agency (CRA) that furnishes a consumer report
- users of consumer reports: lenders, insurers, employers and others that use consumer reports
- furnishers: lenders, retailers and others that furnish credit history or other personal information to the CRAs
Define:
consumer reporting agency
FCRA
any person or entity that compiles or evaluates personal information for the purpose of furnishing consumer reports to third parties for a fee
Define:
consumer report
any witten, oral, or other communication of any information by a CRA related to an individual that pertains to the person’s credit worthiness, credit standing, credit capacity, character, general reputation, personal characteristics or mode of living which is used in whole or in part for the purpose of serving as a factor in establishing a consumer’s eligibility for credit, insurance, employment or other business purpose
What are the five main requirements under the FCRA for CRAs?
- CRAs must provide consumers access to the information contained in their consumer reports as well as the opportunity to dispute any inaccurate information
- CRAs must take reasonable steps to ensure the maximum possible accuracy of information in the consumer report
- CRAs must not report negative information that is outdated
- CRAs must maintain records regarding entities that received consumer reports
- CRAs must provide consumer assistance
What information is “outdated” under the FCRA?
typically account data > 7yo or bankruptcies > 10yo
What are the main requirements for users under the CRA?
- must have permissible purpose
- must certify the purpose and that the report won’t be used for any other purpose
- must provide certain notice of adverse action to the consumer
- must obtain consent if obtaining for employment purposes; if obtaining investigative consumer report; if medical info
What are “permissible purposes” under the FCRA for a user to obtain a recredit report?
- as instructed by consumer in writing
- for extension of credit as a result of an application from a consumer, or the review or collection of a consumer’s account
- for employment purposes where consumer has given written permission
- for underwriting of insurance as result of application from consumer
- when there is a legitimate business need, in connection with a business transaction that is initiated by the consumer
- to review a consumer’s account to determine whether the consumer continues to meet the terms of the account
- to determine a consumer’s eligibility for benefit granted by a governmental instrumentality required by law to consider an applicant’s financial responsibility or status
- for use by a potential investor or servicer, or current insurer, in assessment of the credit or prepayment risks associated with an existing credit obligation
- for use by state and local officials in connection with determination of child support payments
- in response to court order or subpoena
- for purpose of making “prescreened” unsolicited offers of credit or insurance
Define:
adverse action
under FCRA
includes all business, credit and employment actions affecting consumers that can be considered to have a negative impact
What are three types of “adverse actions”?
under FCRA
- adverse actions based on info obtained from CRA
- adverse actions based on info obtained from 3Ps that are not consumer reporting agencies
- adverse actions based on info obtained from affiliates
What is a user required to do if taking an adverse action based on info obtained from a CRA?
under FCRA
must notify the consumer in writing, orally or by electronic means, and contain following elements:
- name, address and phone # of CRA that provided report
- statement that CRA did not make the adverse decision and can’t explain why decision was made
- statement setting forth consumer’s right to obtain a free disclosure of the consumer’s file from the CRA if the consumer makes a request within 60 days
- statement setting forth the consumer’s right to dispute directly with the CRA the accuracy or completeness of any information provided by the CRA
What is a user required to do if taking an adverse action based on info obtained from 3Ps that are not CRAs?
under FCRA
if info is covered by the FCRA, user required to clearly and accurately disclose to the consumer their right to be informed of the nature of the information that was relied upon if the consumer makes a written request within 60 days of notification
- user must then respond within reasonable period of time
What is a user required to do if taking an adverse action based on info obtained from affiliates?
if info is covered by the FCRA and info obtained from an entity affiliated with the user of the information by common control or ownership, user required to clearly and accurately disclose to the consumer their right to be informed of the nature of the information that was relied upon if the consumer makes a written request within 60 days of notification
- user must then respond within 30 days after receiving request
What are the main requirements for a furnisher under FCRA (Furnisher Rule)?
- must provide accurate info
- must correct and update info by notifying CRA
- must notify CRA of consumer dispute of information to CRA
- must respond to a CRA report related to information resulting from identity theft info
Define:
Risk-Based Pricing Rule
under FCRA
- requires those offering credit to notify customers if they are receiving less favorable terms because of their credit report, and if less favorable than what is available to a substantial proportion of consumers acquiring loans from or through that person, then must also provide a risk-based pricing notice in accordance with regulations jointly prescribed by the CFPB and Fed
- requires disclosure by all persons who use credit scores in making or arranging loans secured by residential real property to provide credit scores and other information about credit scores to applicants
What requirements apply if an organization intends to use consumer report information for employment purposes?
- make clear and conspicuous written notification to the consumer before the report is obtained, in a document that consists solely of the disclosure, that a consumer report may be obtained by the employer
- obtain prior written consumer authorization in order to obtain a consumer report
- authorization to access reports during term of employment may be obtained at time of employment
- certify to CRA that above and following steps have been followed, that info being obtained won’t be used in violation of any federal or state equal opportunity law or regulation
- before taking an adverse action, provide a copy of the report + summary of consumer’s rights (from CRA) to the consumer
- provide adverse action notice safter adverse action taken
What is the exception to the notice/consent requirements under the FCRA if obtaining a consumer report for employment purposes?
investigations of:
1. suspected misconduct by an employee
2. compliance with federal, state or local laws or rules of a self-regulatory organization or
3. compliance with written policies of the employer
employer must:
1. comply with procedures set forth in the act
2. not use any credit information
3. provide a summary describing the nature and scope of the inquiry to the employee if adverse action is taken based on the investigation
Define:
investigative consumer reports
under FCRA
- contain information about a consumer’s character, general reputation, personal characteristics, and mode of living
- info obtained through personal interviews by entity or person that is a CRA
What is the requirement for investigative consumer reports under the FCRA?
if a user intends to obtain an investigative consumer report, must disclose use to the consumer and the disclosure is subject to following requirements:
- consumer must be informed that an investigative consumer report may be obtained
- disclosure must be made in writing and must be mailed/otherwise delivered to consumer some time before report is obtained, but no later than five days after the date on which the report was first requested
- disclosure must include statement informing consumer of their right to request additional disclosures of the nature and scope of the investigation, and the summary of consumer rights required by the FCRA
- user must certify to CRA re disclosures
- upon written request of consumer made w/in reasonable period of time after required disclosures, user must make complete disclosure of nature and scope of investigation
- nature and scope disclosure must be made in written statement that is mailed/delivered to consumer no later than 5 days after the later of (i) date on which request was received from consumer and (ii) date on which report was first requested
What limits does the FRCA place on use of medical information obtained from CRAs?
consumer must provide consent if:
- medical info is to be used for an insurance transaction
- if report to be used for employment purposes or in connection with a credit transaction (and medical info must be relevant)
Define:
prescreening
under FCRA
creditors and insurers obtaining limited consumer report information for use in connection with firm unsolicited offers of credit or insurance
What are the requirements under the FCRA for a user that intends to use prescreened lists?
- before offer is made, establish the criteria that will be relied upon to make the offer and grant credit or insurance
- maintains such criteria on file for 3-year period from date of offer to each consumer
- include with each written solicitation a clear and conspicuous statement that states:
1. info contained in a consumer’s CRA file was used in connection with the transaction
2. consumer received the offer because they satisfied criteria for creditworthiness or insurability used to screen for the offer
3. credit or insurance may not be extended if, after the consumer responds, it is determined that the consumer does not meet the criteria used for screening or any applicable criteria bearing on creditworthiness or insurability, or the consumer does not furnish required collateral
4. consumer may prohibit the use of info in their file in connection with future prescreened offers of credit or insurance by contacting the notification system established by the CRA that provided the report (+ address and phone # of appropriate notification system)
5. easy-to-understand language explaining that consumer can opt out of receiving such offers
How can the FCRA be enforced by consumers?
- dispute resolution
- private right of action
How does dispute resolution under the FCRA work?
consumer can fill a request with the CRA to dispute the accuracy of information and then require the CRA to investigate the consumer’s complaint
How does the private right of action under the FCRA work?
- civil penalties: actual damages + statutory damages of $1k per violation, a max penalty of $4705 per willful violation
- criminal penalties: officer or employer of CRA who, both knowingly and willingly, provides info concerning an individual from the company’s files to someone who isn’t authorized to receive that info can face criminal penalties and imprisonment
Who can bring government actions under FCRA?
- can be brought by FTC, CFPB and state AG
- state AGs have had concurrent enforcement authority but are generally required to give notice to FTC prior to filing suit and the FTC retains authority to intervene
Define:
Fair and Accurate Credit Transactions Act
FACTA (2003) amended FCRA