CFPB Investigations In Focus: Navigating CIDs

Similar documents
The CFPB: How to Prepare for an Examination

The Honorable Richard Cordray July 2, 2012 Page 2

The CFPB Examination Process

The Office of Financial Regulation Statement of Agency Organization and Operation

Risk And Reward For Industry In EPA 'Safer Choice' Label

CHAPTER 48 EMPLOYEE GRIEVANCE PROCEDURE. (1) It is the County's policy to treat all employees fairly and equitably.

The Company seeks to comply with both the letter and spirit of the laws and regulations in all jurisdictions in which it operates.

SAMPLE. Certificate and Affidavit of Completion of Mentoring Program

Lead Generation Regulation and Enforcement: Government Perspectives

Lacey Act Due Care Certification of Compliance

The New Era of Transparent Internal Audit: What You Should Know

SEMPRA ENERGY. Corporate Governance Guidelines. As adopted by the Board of Directors of Sempra Energy and amended through December 15, 2017

Preparing for a FINRA Cycle Examination

Prince Edward Island

Clean Water Act Challenges To Pipeline Projects

Employee Representatives and the OSHA Inspection Process

New Castle County Ethics Commission GOVERNMENT ETHICS NEW CASTLE COUNTY

SHRINERS HOSPITALS FOR CHILDREN CORPORATE COMPLIANCE PLAN

CGIAR System Management Board Audit and Risk Committee Terms of Reference

CITY OF PALO ALTO COUNCIL PROTOCOLS

Disciplinary Actions, Suspension and Dismissal

FOUNDATION BUILDING MATERIALS, INC. EMPLOYEE CODE OF CONDUCT

UNIT 14 - FRESNO SHERIFF S SERGEANTS ASSOCIATION FRESNO COUNTY EMPLOYEE GRIEVANCE PROCEDURE PURPOSE

Ethics Policy for Employees of the Presbyterian Mission Agency and the Office of the General Assembly of the Presbyterian Church (U.S.A.

GENERAL ASSEMBLY OF NORTH CAROLINA SESSION 2017 H 1 HOUSE BILL 366. Short Title: Retail Workers' Bill of Rights. (Public)

Delta Dental of Michigan, Ohio, and Indiana. Compliance Plan

REQUEST FOR PROPOSALS FOR STRATEGIC VISIONING AND PLANNING

Problem Solving. Why have a problem solving procedure? Volunteering England Information Sheet Volunteering England Summary

GROUP DATA PROTECTION POLICY

Pennsylvania Department of Environmental Protection

Constructing Effective Comments Under NEPA. Mary Anne Nash Public Policy Counsel Oregon Farm Bureau Federation

An Employer s Guide to Conducting Harassment Investigations

Order F Celia Francis, Adjudicator January 13, 2005

Determining Whether a Proposal is Subject to the National Environmental Policy Act (NEPA) Section 102 Updated March

Appendix G. Process For Protection of Proposal Information For 2016 Request For Proposals For Long-Term Renewable Generation Resources

International Standard on Auditing (Ireland) 402 Audit Considerations Relating to an Entity using a Service Organisation

INSTRUCTION ON METHODOLOGY ON PERFORMING FINANCIAL AUDIT AND REGULARITY AUDIT ( Official Gazette of MN, no. 07/15 from 17 th February 2015)

BUILDING AN EFFECTIVE COMPLIANCE PROGRAM

Human Resources Directorate

Measuring Effectiveness of Regulatory Agencies

THE CRYPT SCHOOL DISCIPLINARY PROCEDURE (FORMERLY THE CONDUCT PROCEDURE AND GUIDANCE)

As approved by Board of Directors 25 November 2008 BANK OF MONTREAL BOARD MANDATE

Overview of Colorado Municipal Home Rule By Rachel Allen, Staff Attorney Colorado Municipal League

A Firm s System of Quality Control

The SEC Is Open for Business: Takeaways from the AICPA s 2017 Conference on Current PCAOB and SEC Developments

Effects Of Biosimilars Legislation On Patent Litigation

LOS ANGELES UNIFIED SCHOOL DISTRICT POLICY BULLETIN

CONFLICT OF INTEREST STATEMENT AND DISCLOSURE

WITH EFFECT FROM 1 JANUARY Many difficulties that arise can be resolved quickly and informally between managers and their staff.

THE IMPORTANCE OF DEVELOPING A SOCIAL MEDIA COMPLIANCE POLICY

UNIVERSITY OF ST ANDREWS STUDENTS ASSOCIATION STAFF DISCIPLINARY PROCEDURE

Title VI Compliance Limited English Proficiency (LEP) Policy and Procedures

Employee termination decisions and contract non-renewal decisions are not subject to the informal resolution process.

UNIVERSITY OF MISSOURI GUIDELINES FOR OUTSIDE COUNSEL INTRODUCTION THE RELATIONSHIP

Over the last ten years, Congress has appropriated hundreds

6 Steps For Avoiding Expensive Trade Secret

IN THE UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE TRADEMARK TRIAL AND APPEAL BOARD

THE ANTITRUST COMPLIANCE PROGRAMME OF THE ITALCEMENTI GROUP

Open Contracting: Proactive Disclosure Of Procurement Records

MT. PLEASANT, MICHIGAN

Conducting Effective Internal Investigations. From Workplace Harassment to Criminal Conduct and Everything in Between

OHR POLICY LIBRARY Grievance

This policy is applicable to all DMS employees and program areas.

CODE OF CORPORATE GOVERNANCE Atlantic Grupa d.d.

Employee termination decisions are not subject to the informal resolution process.

The purpose of this Grievance Procedure is to provide to resolve grievances concerning discipline, termination and workplace safety.

Corporate Practice Center

PLUMAS RURAL SERVICES Serving people, Strengthening families, Building communities

Capability Policy and Procedure for All School Based Staff. Effective from 1 September 2012 CONTENTS

PROGRESSIVE DISCIPLINE: MISCONDUCT OR INAPPROPRIATE BEHAVIOUR #2-12

CORPORATE GOVERNANCE GUIDELINES

Division of Human Resources University Grievance Procedures

Audit Committee Self-Assessments: Why and How?

COMMENTARY. Expanding Compliance Obligations: What Federal. Disability and Veterans Regulations. Key Provisions of New Regulations JONES DAY

Just cause terminations cannot be actioned unless due process is confirmed by the Deputy Minister, BC Public Service Agency.

Terms of Reference. Quality and Value Audits

Schools Disciplinary Policy & Procedure

PUBLIC AUTHORITY BOARD MEMBER DUTIES Anita Laremont, SVP - Legal & General Counsel Empire State Development Corporation December 2005

Disciplinary Policy & Procedure

u.s. Department of Justice Office of Legislative Affairs Dear Senator Grassley:

Council Member Laliberte introduced the following resolution and moved its adoption:

Tales from the Trenches: BSA/AML Independent Audit Lessons. Juan Azel, Counsel, Hunton & Williams LLP

REPORT ON FEEDBACK ON MONEY LAUNDERING AND TERRORIST FINANCING CASES AND TYPOLOGIES 1. (Good practices)

Discipline Policy and Procedure. Adopted by the Trust Board on 6 December 2016

Elements of a Successful Compliance Management System and Vendor Management Rules of the Road

CODE OF ETHICS AND PROFESSIONAL CONDUCT

Disciplinary Policy. If these actions do not provide a resolution, then the Formal Disciplinary Procedure set out in this document should be followed.

Corporate Compliance & the Antitrust Division

Antitrust Law Update

Letter From Crown s President

Public Company Accounting Oversight Board

DISCIPLINARY POLICY AND PROCEDURE

An Employer s Guide To Adverse Action

2. Policy. Employee management and disciplinary action practices at the University are subject to the following policies:

DISPUTE RESOLUTION LEADER

Report on Inspection of KPMG AG Wirtschaftspruefungsgesellschaft (Headquartered in Berlin, Federal Republic of Germany)

ICANN ACCOUNTABILITY & TRANSPARENCY FRAMEWORKS AND PRINCIPLES. January ICANN Management Operating Principles January

AN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES

Expanded Access A Regulatory Balancing Act For Drug Cos.

Request for Proposals. to provide. Investment Management Services

Transcription:

Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com CFPB Investigations In Focus: Navigating CIDs Law360, New York (July 11, 2013, 12:16 PM ET) -- The Consumer Financial Protection Bureau was established in July 2011, with the mission of making markets for consumer financial products and services work for Americans. Over the last two years, it has been actively engaged in carrying out this mission using the arsenal of implements in its proverbial tool belt. From rulemaking and supervision to high-profile enforcement actions, the CFPB has been grabbing headlines as it has charted a new course in consumer protection. The CFPB s investigatory power has been a subject of significant interest, but in many ways remains shrouded in mystery. The Bureau has broad power to commence investigations into potential violations of federal consumer protection laws under its jurisdiction and, in its short life, has used this power to initiate investigations of numerous banks and nonbanks. Like many government agencies before it, the CFPB has relied heavily on the use of civil investigative demands (CIDs) in investigations. CIDs often are used to gather information from the target of an investigation, but also may be issued to third-parties who are in possession of information believed to be relevant to the potential violation being investigated. The CFPB s handling of investigations, including its procedures related to CIDs, are governed by a set of final rules. In crafting these rules, the CFPB drew from investigatory procedures used by other government entities, including in particular the FTC. By the letter of the law, the CFPB and FTC rules are close cousins. Notably, that family resemblance stops on paper in many areas. The CFPB s execution of its investigatory procedures, particularly with respect to CIDs, is quite different than the approach taken by the FTC creating a new playbook for enforcement lawyers and the institutions they represent. This article provides an overview of the CFPB s rules relating to CIDs and practical tips for responding. CIDs Generally The authority to issue CIDs resides with the director of the CFPB, the assistant director of the Office of Enforcement, and the deputy assistant directors of the Office of Enforcement. Under Section 1052(c)(1)

of the Dodd-Frank Act, the bureau may issue a CID [w]henever the Bureau has reason to believe that any person may be in possession, custody, or control of any documentary material or tangible things, or may have any information, relevant to a violation. As noted above, CIDs can be issued to any person who has the information sought, including third-parties, and the CFPB has been actively using its power to obtain information from third-parties in investigations. The final rules provide that any person who receives a CID shall be advised of the nature of the conduct constituting the alleged violation that is under investigation and the provisions of law applicable to such violation. While the CFPB would argue that it adheres to this requirement, from a practical standpoint, the information provided typically is very cursory often amounting to no more than a sentence or two with broad citation to the potential law at issue. The CID will set forth the nature of the information requested by the CFPB as well as the timeframe within which the information will be sought. The nature of the information requests may provide the only preliminary indication into the issues being investigated, and even then, requests are often so broad that it may be difficult to decipher the true nature of the potential violation. Generally, a CID recipient must meet and confer with a bureau investigator within 10 calendar days after receipt of the CID to discuss and attempt to resolve all issues regarding compliance. While the FTC has a similar rule, it rarely held to a hard and fast meeting within this meet and confer deadline. This meet and confer may be performed in person or via telephone and must include people with knowledge of the recipient s information systems. The meet and confer often includes both the enforcement attorneys as well as their technology personnel. The Bureau will come expecting a substantive, detailed discussion about concerns regarding process and scope as well as detailed information on the nature and location of the materials sought. This is another place where the CFPB departs from the FTC. Practically, while the meet and confer process with the CFPB typically begins on day 10, it often continues for many days beyond. However, insofar as a CID recipient seeks to formally challenge a CID, this challenge must be lodged within 20 calendar days of receiving the CID. This makes it mission critical for CID recipients to have discussions between day 10 and day 20 which are substantive enough for that recipient to evaluate whether any differences can be resolved consensually. The assistant director or the deputy assistant directors of the Office of Enforcement can negotiate the terms of satisfactory compliance with the CID and, for good cause shown, may extend the time for compliance. From a practical standpoint, such negotiations typically do not involve senior CFPB officials, but rather are negotiated by the staff and approved by senior management. Challenges to CIDs

Insofar as the CID recipient is unable to reach agreement with the CFPB regarding compliance, that recipient can petition the director for an order modifying or setting aside the CID. The final rules impose several requirements on such petitions. The bureau only will consider petitions if the recipient has meaningfully engaged in the meet and confer process and only will consider issues raised during that process. The petition shall set forth all factual and legal objections to the CID. The petition must be accompanied by a signed statement describing the recipient s good-faith efforts to resolve its objections, including a description of efforts during the meet and confer. Any petition must be filed within 20 calendar days after service of the CID unless a stricter deadline is established by the CID. Requests for extensions of time are disfavored. Although the filing of a timely petition stays the time for compliance with the portion of the CID being challenged, the petition and the director s order in response are made public unless good cause can be shown otherwise when the petition is filed. Thus, the confidential treatment provided to CID materials and investigations generally does not apply to petitions. Strict adherence to the filing deadline and the presumption of public disclosure are departures from the way matters typically were handled before the CFPB. Moreover, to date the CFPB has not found a petition it likes at least insofar as those petitions have been publicly disclosed. Thus far, the CFPB has issued three decisions, all denying petitions to modify or set aside CIDs. In ruling on these petitions, Director Cordray has adopted the deferential standard of review relied upon by Circuit Courts of Appeals in proceedings to enforce administrative subpoenas. That standard provides that a CID will be enforced if (1) the investigation is for a lawfully authorized purpose; (2) the information requested is relevant to the investigation; and (3) procedural requirements are followed. If the bureau establishes these factors, the CID will be enforced unless the CID imposes an undue burden or constitutes an abuse of process. Petitioners have raised numerous challenges to CFPB CIDs, including alleging that the CID should be modified because the CFPB is requesting material that substantially predates the statute of limitations. In one petition, the petitioner argued that the statute of limitations at issue was 3 years while the CID requested documents and information for more than 10 years. Even then, the CFPB declined to modify the subpoena, reasoning that the information was relevant to conduct that was actionable. Rules of the Road There are many practical takeaways from experiences to date with the CFPB s CIDs. We share a few below. Don t Wait to Seek Clarification

Dealing with CIDs can be a bear. They are often broad and ambiguous, and none of this is entirely surprising. The CFPB does not want to leave stones unturned when it may not know exactly what it is looking for, so broadness and ambiguity may be the result. This challenging situation is made more difficult for the CID recipient because it must prepare for a meaningful conversation at a meet and confer within 10 days. To the extent clarification is needed, it may be prudent to ask basic questions before the meet and confer. This does not mean using preliminary conversations to begin negotiation. Rather, early conversations can be used to obtain answers to basic questions so that the meet and confer is more meaningful and the recipient is able to allocate its internal resources in an efficient manner. Technicalities are Important It is imperative to involve the company s IT personnel early and often. The CFPB s electronic information requests often can be extensive, particularly with respect to data. Making matters more complicated, the CFPB typically has little knowledge about how electronic information is stored within a company, making its requests imperfect. Under such circumstances, extraction can be complicated within the best of systems and for the most experienced of IT personnel. The importance of involving IT personnel has been highlighted in the final rules which state that the meet and confer must include people with knowledge of the recipient s information systems. For these authors, experience has proven that this is not lip service early involvement of IT personnel will pay dividends in the long run. Involving IT personnel in deciding where to object based on accessibility and how to educate the CFPB on relevant information systems can be extremely beneficial. Rome Needs to Be Built in 20 Days The CID recipient is required to meet and confer with the bureau within 10 days of receipt of the CID. This means it is imperative to move fast. One must obtain information, in a matter of days, which typically would be developed over the course of months in civil discovery. This presents a challenging situation for entities large and small. While the large company may have greater resources, information may, quite literally, be scattered across the globe. For a small company, with little enforcement experience and scarce resources, the situation can be equally difficult. Coming to the table with significant substantive information within a short timeframe is a tall and often unrealistic order, but it must be taken seriously. The CID recipient should thoroughly review the CID and quickly assemble the people most knowledgeable about the existence and location of documents and data. This early preparation will inform objections as well as negotiations about production timing and scope. Remember, a formal petition to modify the CID must be filed within 20 days. And, if an issue is

not raised in the meet and confer session, it cannot be raised in any petition. If You Kick it Up A Notch, Be Prepared Insofar as reasonable negotiations with the CFPB regarding CIDs breakdown, the CID recipient will be faced with a difficult choice. Should it file a petition to modify or set aside the CID? In evaluating this course of action the CID recipient should consider a number of issues: Are you ready to make a confidential investigation public? Any decision to challenge a CID should take this real repercussion into consideration together with its collateral reputational, legal, and compliance implications. Is the result likely to change? The CFPB is judge and jury. Although the bureau investigators appear to be willing to negotiate the scope of CIDs, if negotiations breakdown, the recipient would need a reasonable basis to believe the bureau s leadership would break with the staff. Recent decisions suggest that even compelling arguments may not be enough. Have you planned ahead? Because timing is so compressed with respect to the filing of a petition, the recipient may be engaging in meaningful negotiations with the bureau up until the filing deadline. Thus, the recipient should continue to refine its petition to accurately reflect the current status of negotiations. Without a doubt, dealing with a CFPB CID can be challenging and cumbersome. CID recipients must have the flexibility and agility to meet broad demands and make important decisions in a short time frame. By Jonice Gray Tucker and Amanda M. Raines, BuckleySandler LLP Jonice Gray Tucker is a partner and Amanda Raines is counsel in BuckleySandler's Washington, D.C., office. The authors represent financial institutions in examinations, investigations and enforcement matters by the CFPB and other government regulators. The opinions expressed are those of the author(s) and do not necessarily reflect the views of the firm, its clients, or Portfolio Media Inc., or any of its or their respective affiliates. This article is for general information purposes and is not intended to be and should not be taken as legal advice. All Content 2003-2013, Portfolio Media, Inc.

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback