In recent weeks, the Trump administration has significantly reduced funding for federal financial regulators. The Consumer Financial Protection Bureau (CFPB) is struggling to operate, with its staff unable to access their headquarters, supervisory exams suspended, and enforcement cases being abandoned. The Federal Deposit Insurance Corporation (FDIC) fired 700 employees on the last day of February.1 Even the Office of the Controller of the Currency (OCC) has endured job cuts.
Due to the decline in federal oversight of financial services, fintech and subprime lenders may reasonably question the extent of resources they should allocate to compliance, considering other competing priorities.
For subprime auto lenders, this environment presents both challenges and opportunities. On one hand, the reduced scrutiny may increase lenders’ risk tolerance for certain investments and business practices. On the other hand, the lack of regulatory oversight could lead to increased risks and uncertainties, particularly for those operating in legal gray areas.
But for the vast majority of subprime lenders, compliance should still matter, and here is why.
The States will fill in the gap: Regulators abhor a vacuum. There are 50 state regulators who are incentivized to increase their regulatory oversight if Federal regulators dial back. Under the Dodd-Frank Act (see 12 U.S.C. § 5552), states (both financial regulators and the Attorney General) have authority to enforce certain federal consumer financial laws. Additionally, states already have their own independent laws to enforce consumer protection and are bulking up even further. New York State Attorney General, Letitia James, for example, recently introduced the FAIR Act which has provisions to address predatory lending, hidden fees, misleading subscription policies, online scams, and deceptive health care billings.
Private litigants can still go after companies for violations: A number of Federal and State laws have a private right of action including the Telephone Consumer Protection (TCpA), the California Consumer Privacy Act(CCPA), and the Fair Credit Reporting Act (FCRA), the Equal Credit Opportunity Act (ECOA), and the Fair Housing Act.
Beware a future change in administration: A future Administration under a different President may prosecute a company for current violations. Discrimination claims under ECOA can be brought as many as five years after the alleged violation, so a company’s action today could be subject to scrutiny by a new Federal Administration in 2028. Keeping a consistent compliance program enables companies to avoid regulatory risk that comes from uncertain shifts in political leadership.
Good compliance programs mitigate reputational risk. Even without federal or state enforcement, compliance plays a crucial role in protecting a company’s reputation. No business wants its practices to be the subject of a multi-part exposé in a major newspaper. Robust compliance operations can help prevent a business from attracting negative attention from the media or the public.
Effective compliance fosters consumer trust: Many government regulations are established in response to significant consumer harms in the marketplace. For example, Congress enacted the Fair Credit Reporting Act (FCRA) after years of severe misconduct by credit bureaus, where false and defamatory information was included in consumers’ credit files. Consequently, a robust compliance program typically incorporates safeguards that protect consumers, build consumer trust, and uphold the company’s brand value.
Compliance is good for business: Irrespective of its role in addressing outside legal and regulatory risks, the compliance function is good for business because it assures good business hygiene. Compliance operates as a forcing function with an organization to keep data assets organized, to understand and assess business processes, and to monitor business activities. This type of monitoring can have positive impacts on business strategy, operational efficiency, and customer experience.
For the above reasons, subprime auto lenders should continue to treat compliance as a core part of their approach to risk management. Cars loans, along with student loans, occupy the biggest part of a typical American family’s household debt after mortgage payments. Because these loans are so visible and consequential to American households, one should expect legal, compliance, and regulatory risks to persist. Auto lenders should continue to prioritize compliance to avoid future regulatory risks and maintain their brand value in an evolving regulatory landscape.
The best advice for lenders reassessing their compliance function is stay the course. A robust, working compliance program is valuable regardless of what happens with cuts at federal financial regulators.
1: https://www.americanbanker.com/news/fdic-has-cut-10-of-staff-under-trumps-downsizing-effort
