The Consumer Financial Protection Bureau ("CFPB") and the Federal Trade Commission ("FTC") recently signed a Memorandum of Understanding ("MOU"), as required under the Dodd-Frank Act, to coordinate their efforts to enforce consumer financial laws, avoid duplicative activities, and promote information sharing. The MOU broadly outlines the CFPB's and FTC's agreement to coordinate their actions concerning: (1) supervisory and examination information; (2) law enforcement; (3) rulemaking and agency initiatives; and (4) consumer complaints. The MOU primarily affects nonbank entities that are subject to the FTC's jurisdiction and provide financial products and services for personal, family, or household use ("MOU Covered Person"), e.g., payday lenders. As discussed below, the CFPB's agreement to share examination and supervisory information with the FTC adds additional uncertainty concerning protecting privileged and confidential information provided during a CFPB examination of an MOU Covered Person. And despite the CFPB's and FTC's attempt to coordinate, the reality is that nonbanks offering consumer financial products and services are still subject to Section 5 enforcement under the FTC Act from two different entities.

Sharing Supervisory and Examination Information

The CFPB has agreed to share with the FTC information the CFPB obtains through its supervisory and examination process of any MOU Covered Person. The agencies will meet at least quarterly to discuss the CFPB's plans to examine MOU Covered Persons and the results of any examinations. Further, the CFPB will provide the FTC a copy of the examination report for an MOU Covered Person, updates to such reports, and information obtained confidentially during the supervision process. This will allow the FTC to gather extensive information concerning MOU Covered Persons through the CFPB's supervisory powers. To the extent the CFPB shares privileged or confidential information collected through the supervisory process, the FTC is required to maintain such privilege and confidentiality claims. But that raises a question concerning the CFPB's authority to maintain privilege and confidentiality claims for information shared during the examination process. Recently, the CFPB released Bulletin 12-01, asserting that the CFPB has the same supervisory authority as other regulators (e.g., OCC, FDIC), and therefore can maintain the privileged and confidential status of information provided pursuant to the CFPB's supervisory powers. The Bulletin does not appear to have considered nonbanks. Because it is unclear whether Dodd-Frank or other statutes authorized the authority claimed by the CFPB in Bulletin 12-01, it is uncertain whether the positions taken in Bulletin 12-01 or the MOU's purported protection for privileged documents will be upheld.

The CFPB's and FTC's efforts to protect privileged and confidential information are designed to prevent third parties from circumventing the CFPB and requesting privileged or confidential information shared with the FTC. The MOU outlines how the agencies will handle subpoenas, court orders, or requests made under the Freedom of Information Act (the "FOIA") for shared confidential information. The requested agency must notify the providing agency of the request. And if the request is made pursuant to the FOIA, the requested agency should refer the requesting party to seek a direct response from the providing agency. If not, then the providing agency must have a reasonable opportunity to respond to the demand or request or assert any legal exemptions or privileges. It remains to be seen how willing the CFPB will be to release nonpublic information, whether in connection with an FTC investigation, civil complaint, or administrative proceeding.

Coordinating Law Enforcement Activities

The CFPB and FTC agreed to minimize duplicating law enforcement activities by implementing notification procedures before beginning an investigation, filing an action, commencing an administrative proceeding, or settling an action or proceeding. For example, before beginning an investigation, each agency must consult with the other to determine what investigations, court actions, or administrative proceedings the other agency has already conducted concerning the MOU Covered Person. An agency must also notify the other agency five business days before commencing an investigation and 10 days before filing an action or commencing an administrative proceeding. Both the CFPB and FTC will provide the other agency with a list of currently binding orders and judgments obtained against MOU Covered Persons within 60 days of the MOU's execution. 

The agencies also agreed that neither party will commence a court action or administrative proceeding during the pendency of an action already filed by the other agency. This applies only if the action is against the same MOU Covered Person for violation of any consumer financial law already alleged in the complaint, notice of charges, or similar document. But the agencies may intervene in any court action in which they share jurisdiction under a consumer financial law that the other party has commenced.

Consulting Concerning Rulemaking and Agency Initiatives

The CFPB and FTC will also consult prior to the issuance of a proposed or final rule no later than 60 days before the publication of an Advance Notice of Proposed Rulemaking, Notice of Proposed Rulemaking, Final Rule, or other notice in connection with the issuance of proposed or final rules. In addition, the agencies will discuss formal guidance documents that address unfair, deceptive, or abusive acts or practices concerning MOU Covered Persons. Further, the agencies agreed to meet periodically to review agency advisory opinions, agency guides, comprehensive guidance documents, or comprehensive commentaries that interpret or apply consumer financial laws to the conduct of MOU Covered Persons.

Coordinating Consumer Complaints

Finally, the CFPB and FTC will share consumer complaint information through the FTC's consumer complaint database. The FTC already maintains this secure database and makes it available to federal, state, local, and foreign agencies engaged in law enforcement activities. The MOU does not explicitly state whether the CFPB will provide information from its consumer complaint database, discussed in the January 2011 Jones Day Commentary, " U.S. Treasury's New 'Consumer Inquiry and Complaint Database': How Will It Affect Civil Litigation?" The agencies also agreed to develop a process to review and respond to individual consumer complaints and guidance to assist consumers concerning the proper agency to which to complain.

Conclusion

The MOU increases the uncertainty for nonbanks considering providing privileged information to the CFPB during an examination, particularly in light of the CFPB's recent bulletin concerning protecting privileged information. Notably lacking from the MOU, however, is any method for an MOU Covered Person to confirm that the CFPB and FTC are coordinating their efforts as outlined in the MOU. And although the MOU may lead to increased efficiency for the agencies, and potentially decrease compliance costs for MOU Covered Persons, nonbanks in the consumer financial services industry ultimately remain subject to enforcement by two federal agencies. It remains to be seen whether the CFPB and FTC will be able to coordinate their activities and prevent duplicate enforcement efforts.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.