Over the past four installments of this series, we have taken a quick look at how the consumer financial services industry ended up with a new regulator, the Consumer Financial Protection Bureau (CFPB). This new regulator is enforcing a set of new standards—unfair, deceptive or abusive acts or practices (UDAAP)—under a new statute, the Dodd-Frank Wall Street Reform and Consumer Protection Act. We examined the standards themselves and found that “unfair” is rife with subjectivity; “deceptive” does not require intent; and “abusive” is a largely a big unknown.
One thing that is (or should be) readily apparent at this point in the series is that the UDAAP standards are going to present significant compliance challenges and regulatory risks into the foreseeable future. In addition, it is highly likely that, as the CFPB continues to ramp up its UDAAP enforcement and pronouncements, UDAAP will spawn civil litigation under the so-called mini-Federal Trade Commission Acts of the majority of states that provide civil remedies for consumers damaged by unfair or deceptive acts or practices (Dodd-Frank does not have a civil remedy provision).
So what about real, concrete solutions to manage the UDAAP challenges, risks and threats? There are many solutions, seven of which are detailed below.
1. Get lawyers and compliance officers versed in UDAAP into the room when the product brainstorming is occurring—not so they can say no early and often, but rather to allow these risk managers to gain a better understand of the development process and help the business lines make adjustments before the point of no return.