There was a lot of optimism in the business community following the 2016 election as dreams of tax reform and deregulation swirled around in CEO’s heads. But, in reality, it’s been a lot of the same partisan gridlock that tends to mire the process.
A partisan fight over healthcare continues to take up all of Congress’ time, state attorneys general up their enforcement amid uncertainty over the Consumer Financial Protection Bureau’s future in 2018, and changing securitization rules make it harder to navigate the landscape.
“We’re six months in and do we have any clearer view of what the future looks like? It remains to be seen whether deregulation is a just a glimmer in Trump’s eye or if he is actually even able to affect it,” said Joseph Cioffi, chair of the insolvency, creditors’ rights, and financial products practice group at Davis & Gilbert. “There is even more uncertainty than we had because at least back in December and January there was this idea that the future was uncertain with deregulation, but we know we’re headed in a certain direction. Now, I can’t even say we’re headed in a particular direction when the leadership is unable to affect its policies.”
Since compliance is here to stay, here are six topics lenders should be paying attention to right now:
1. Arbitration Rule
The CFPB’s ban on mandatory arbitration isn’t popular in the industry, but unless a gridlocked congress does something in the next month or so, the rule will take effect on Sept. 19.
Lenders will have to hustle to work with dealers and third-party contract providers to get documents changed in time, said David Keene, director of compliance and licensing for Sierra Auto Finance LLC.
“We’re going to have to work with all the dealers and dealer groups to make sure they have the right contracts,” Keene told Auto Finance News. “Although we don’t furnish them, we’ll have to direct them back to their vendors. We’ll have to notify 3,000 dealers that we can no longer take arbitration contracts.”
Industry groups argue that consumers get less money in a class action than they do through arbitration, and thus paint the CFPB’s rule as unfriendly to consumers.
“I’d rather arbitrate: You get to a decision a lot quicker, you don’t have to get on a docket, you don’t have to go through a lot of the legal loopholes,” Keene said. “To me what’s in place now is a lot more consumer-friendly than making this big sweeping change just so you can have class actions.”
However, the CFPB argues that it’s financially prohibitive for many consumers to acquire legal counsel to argue in arbitration and that lawyers have incentives to side with the lenders because that’s where they get their business.
“I think there are studies that show on average you get $5,000 in arbitration versus $32 in a class action, but the problem is, how many times will a consumer hire their own counsel, pay the legal fees, and go to arbitration?” said Davis & Gilbert’s Cioffi. “But class actions have their own issues in that it can be incredibly expensive and expose the banks to such great uncertainty and large legal exposure. Yet, consumers on average don’t benefit that much. We’ve all gotten checks for like 50 cents in the mail for a class action.”
2. New York Cyber Security
In March, New York state’s new cyber security regulations went into effect, requiring lenders to come up with a detailed “incident response” policy and hire a chief information security officer (either internally or through a third party).
Full compliance is on a two-year transitional period, according to the rule’s text. However, the first annually-prepared certificates of compliance are due to the superintendent of the New York State Department of Financial Services on Feb. 15, 2018.
“They have passed one of the toughest cyber security laws in the nation,” Keene said. “Normally, Texas, for example, has one where if we have a security breach we have to report it if it affects Texas residents. New York’s has national reach. Their language is such that if we have a security breach, the regulations we have to put into place to protect consumer information apply to all of our customers nationwide, not just New York residents.”
In order to comply, Sierra is changing its document retention policy, adding oversight to its cyber security team, changing internal policies, adding the newly required chief information security officer, making action plans so it can report security breaches within 72 hours to the state, and preparing its February annual report, which must be signed by a board member, he said.
“It’s a pretty tough regulation and we understand California is about to follow suit with basically the same language,” Keene said. “Cyber security [is important], we understand that, but now we’re having states pass regulation with national reach.”
3. State Regulators
“Normally the states look at: Are we complying with their state’s regulations? We all get audited, we pass the audit, we move on,” he said. “But now they are looking into what I would consider national issues on a state level. Now you have to keep your eye on all the states.”
Perhaps no lender has seen more scrutiny than Santander Consumer USA. Earlier this year, the company agreed to pay $26 million to settle allegations from the attorneys general of Massachusetts and Delaware claiming the company knowingly originated loans that consumers could not afford. The company is still facing similar allegations from the attorney general of Mississippi.
“Yes, the states care about the same things everyone else cares about, and their enforcement efforts, their auditing efforts, are better and more stringent than they have ever been,” Jason Kulas, chief executive of the subprime lender, told AFN earlier this year. “We don’t see that changing, and in fact we see it continuing as we move down the path. The companies who are successful long-term are the ones who embrace this and deal with it at their business.”
4. Regulation AB II
This Securities and Exchange Commission regulation adds a lot of data to an already complicated market. Lenders who bundle loans for sale now have to provide “asset-level” data about the borrowers in that pool if they want to make a public issuance.
Regulators argue it makes the process more open and gives investors better information to make informed decisions. However, it also brings more consistency to the data, said Tara Castillo, partner at Alston and Bird LLP, who has arranged legal documentation for auto securitization deals this year.
“[Reg AB II data] is granular but also standardized,” Castillo told AFN. “It’s done in a way that all the issuers have to provide the same information or respond to the same data field as to create a standardized framework of disclosure reporting so as to glean performance across the various asset classes.”
Lenders also have to update data on these issuances monthly — which provides a continuing stream of information — rather than sparse updates from the ratings agencies, Mark Harris, another partner at Alston and Bird noted.
“We expect to use these loan tapes — and they get reported every month now on an existing deal — and use them for research,” said Hylton Heard, senior director of Fitch Ratings’ U.S. ABS group. “Then, as they mature — three to five years down the line — we could potentially use them to do a loan-level analytical approach. Not that we feel that’s necessary now, because we feel our criteria is more than adequate to analyze and rate these transactions, but it will provide an additive tool for us to take a look at.”
5. Risk Retention
Another change to securitization regulation is the Dodd-Frank Act’s risk-retention requirements that went into effect this year. Essentially, lenders are now required to keep at least 5% of the credit risk from their transaction.
“It basically requires the lender to retain skin in the game, rather than offload that risk to third parties,” Alston and Bird’s Harris said. “It’s intended to make sure that originators are out there and participating in the same risk that their investors are participating in.”
There are roughly three different structures lenders can use to retain the risk: horizontal, vertical, or a combination of both. Horizontal structures allow lenders to absorb the lowest, most risky first losses in the bundle. Vertical structures allow the lender to take a bit from each risk pool in the bundle until it adds up to 5%.
“We actually did the first auto securitization that was subject to risk retention that closed in January this year for Consumer Portfolio Services,” Harris said. “CPS elected for the horizontal risk- retention option, which allowed them to retain the most subordinate piece of the deal that would absorb the first losses in the transaction.”
6. The State of the CFPB
On Sunday’s Meet The Press, Corey Lewandowski, the former campaign manager for President Donald Trump, renewed calls to fire the CFPB’s Director Richard Cordray as the new Chief of Staff John Kelly takes the reigns in the White House.
Republicans have been calling for Cordray to step down since the president’s inauguration, which hasn’t happened yet. In fact, the passing of the arbitration rule was taken by many as a sign that Cordray is not backing down.
However, the speculation continues. Cordray could voluntarily step down and make a run for Governor of Ohio, where democratic donors are awaiting his announcement, Cleveland.com reported Monday.
Kelly could attempt to fire Cordray, but the CFPB and its director has made it clear they are prepared to fight it in court if it comes to that. Alternatively, a single director structure for the bureau could be ruled unconstitutional as a case works its way through the courts.
Of course, Republicans with their majority control of congress could pass Dodd-Frank reform and change the CFPB to a five-person panel structure, like the Federal Trade Commission, or outright eliminate the CFPB altogether. However, Republicans haven’t been able to affect “any of their goals so far,” Davis & Gilbert’s Cioffi said.
— Meet the Press (@MeetThePress) July 30, 2017