New FDIC Focus On ECOA: Credit Report Fees
March 1, 2010
Is it a violation of the Equal Credit Opportunity Act (ECOA) if married applicants were charged one price for a credit report and unmarried joint applicants were charged another price? In recent examinations the FDIC has said yes. On its face the rationale is not unreasonable, and banks are quite attuned to the need to avoid disparate treatment of joint applicants based on marital status.
The issue arises mostly when a credit reporting agency furnishes single, merged reports only for married couples who share the same home address and, for all others, multiple individual reports.
This violation cannot be avoided if the bank elects to pass through the credit report fees to the applicants without an up-charge. Equal treatment for purposes of ECOA, in the FDIC’s view, now extends to banks ensuring that third party credit report fees are equalized as to all joint applicants. A bank could contact its credit report provider and ensure that it can produce merged reports for all joint applicants for the same price. The FDIC has had discussions with the three major agencies and determined that they can and will provide merged reports for unmarried applicants when requested. If the bank’s provider is unable or unwilling to do so, the FDIC expects that the bank find one that will. Alternatively, a bank could avoid a violation by absorbing fees as necessary to ensure that all joint applicants pay the same amount, including by waiving credit report fees altogether. Equalizing the fees by selective up-charging, on the other hand, may raise concerns, particularly if the credit is covered by RESPA.
The FDIC takes the position that all joint applicants are entitled to credit report price parity, not just couples—married, unmarried, domestic partners, or otherwise. But it is difficult to articulate why a father and daughter applying jointly for an auto loan, or two unrelated business partners, should even be described in terms of marital status or have any expectation to be treated on par with married couples. Even less clear is how to handle joint applications involving more than two individuals. One general solution is to order individual reports in all instances, including for married couples.
Some have voiced privacy concerns to the FDIC over the resulting disclosure of credit information by the bank to co-applicants. The FDIC believes that co-applicants do not have privacy expectations regarding credit information among themselves. The agency points to the March 18, 2003 Federal Reserve Board issuance of an amendment to Regulation B that requires a creditor to disclose in some detail the reasons for a credit denial in an adverse action notice. Responding to a comment that such an explanation is a disclosure to the primary applicant of sensitive information regarding a co-applicant or guarantor, the FRB responded, “When a person agrees to be a co-applicant, guarantor, or similar party, however, there is (or should be) a general understanding that information will be shared.” This is a quote from the FRB’s Federal Register preamble to the rule amendment, not from the rule itself or its official staff commentary.
Unfortunately, banks cannot afford to be as sanguine as the FRB about potential privacy violations and certainly cannot expect to rely on the FRB’s general perspective. While under both GLBA and SB 1 an application for a bank product constitutes consent to disclosure of nonpublic personal information as necessary to deliver the product, it is not evident that a disclosure of credit information to one’s co-applicant will be considered necessary. As a precaution, a bank should consider whether to obtain a specific consent from applicants to disclose if it requests merged reports.
The FDIC further believes that equal treatment extends to how the creditor processes the applications. Thus, for example, it could be a violation if a bank uses a joint application for married couples and multiple individual applications for other joint applicants.
Staff at the FDIC confirms that it has not published or otherwise released any written guidance regarding its position. It is not based on an amendment to ECOA or Regulation B, or described in a Financial Institutions Letter, and it appears to be a recent change at least in California. The FDIC is still working out the details, but in the meantime it is holding banks responsible for complying. In light of all this, perhaps the most disturbing aspect of the policy is that, according to the FDIC, a violation could result in a referral of the bank to the Department of Justice for possible action. This much is known—the FDIC is serious about this.
The information contained in this CBA Regulatory Compliance Bulletin is not intended to constitute, and should not be received as, legal advice. Please consult with your counsel for more detailed information applicable to your institution.
© This CBA Regulatory Compliance Bulletin is copyrighted by the California Bankers Association, and may not be reproduced or distributed without the prior written consent of CBA.