Last fall, I suspect that most regulatory compliance professionals in the U.S. consumer lending market anticipated 2017 would be more of the same. This meant a continued focus on implementation of recently adopted rules, while bracing for a wave of new regulations from the federal banking agencies. Everything changed on November 8. The unexpected election of Donald Trump resulted, in many cases, in a 180-degree course correction.
The Trump administration, bolstered by the reelection of a Republican majority in both houses of Congress, has fostered a new environment that is expected to promote de-regulation. While I won’t ever be mistaken for Nostradamus, amidst this regulatory sea change, I feel (relatively) confident in sharing with you my top regulatory compliance predictions for 2017.
A little-known law will have big impact on regulation.
Haven’t heard of the Congressional Review Act (CRA)? You are not alone. This obscure statutory provision was adopted in 1996 as part of the Small Business Regulatory Enforcement Fairness Act. Under the CRA, before a new regulation takes effect, Congress can take action (through a simple majority vote) on a joint resolution disapproving of the rule. If approved in both houses, the resolution is sent to the President for signature or veto.
To date, the CRA has only been used successfully one time. In fact, on several occasions during the past two years, Congress passed joint resolutions disapproving of a new regulation only to have President Obama veto the resolutions. Republicans did not have the 2/3 vote majority needed to override the President’s veto.
All of this changed with the election of Donald Trump. President Trump would likely sign any such resolution adopted by the Republican Congress.
This means that the future fate of controversial rulemaking, such as the CFPB’s arbitration and small dollar lending proposals that began under a Democratic administration, will be subject to the Republican Congress’ potential use of the CRA. How this will change the content of future regulations is anyone’s guess, but it now must be factored into the equation when federal agencies issue final rules.
A patchwork quilt of cybersecurity rules will emerge.
As the federal government races to address growing cybersecurity concerns, financial institutions will likely have to navigate through a growing number of federal and state cybersecurity regulations in the upcoming year. We’ve already seen several early indications of this. The FDIC, Fed and OCC recently initiated the process for drafting new cybersecurity regulations for banks with assets exceeding $50 billion. Also in 2016, federal agencies like the Commodity Futures Trading Commission and the Department of Defense issued cybersecurity-related rules.
However, perhaps the most noteworthy development was the issuance of a first-of-its kind cybersecurity regulatory proposal by the New York Department of Financial Services, which regulates banks, insurance companies and other financial services entities. As I’ve blogged previously, this has the potential to be a game changer, by requiring regulated entities to adopt the most prescriptive requirements seen to date. While New York has recently revised its cybersecurity rule in an effort to address widespread industry concerns (public comments are due at the end of January with an effective date of March 1, 2017), its actions will likely spark more activity in this area from other states.
New FCC leadership will provide much-needed TCPA relief.
As I have previously written, the Federal Communications Commission has not provided much relief for those seeking legal clarity when using modern technology to communicate important non-telemarketing messages to customers’ mobile phones (e.g., fraud alerts) in accordance with the 1991 Telephone Consumer Protection Act (TCPA). Under Chairman Tom Wheeler’s leadership, FCC actions have been widely criticized as further chilling the use of text and automated messaging preferred by many consumers. However, change is on its way with the departure of Wheeler on January 20, 2017, the eventual confirmation of two new FCC commissioners and a much-anticipated decision by the DC Circuit on the industry’s appeal of the FCC’s most recent TCPA guidelines.
As FICO continues to work with existing and prospective customers interested in fully utilizing our solutions for automated customer communications, we join the many who continue to monitor developments that appear to support a new regulatory approach in this area.
Federal focus on disparate impact will diminish.
Led by the CFPB, federal agencies have aggressively used the disparate impact legal doctrine in the lending arena. The doctrine allows a party to establish discrimination if a practice or policy has a statistically disproportionate "adverse impact" on persons in a protected class.
Traditionally, the doctrine was most widely applied in employment and housing, however in recent years, the doctrine was used more frequently in auto finance and other lending activities subject to the Equal Credit Opportunity Act. Despite legal and legislative action challenging its expanded use, the CFPB, the Department of Housing and Urban Development and the Department of Justice (DOJ) have been strong supporters of its application in these areas.
With Donald Trump’s new U.S. Attorney General leading the DOJ, there will undoubtedly be a change in the government’s use of the disparate impact legal doctrine. Perhaps in anticipation of this change, the CFPB in its recently released 2017 fair lending agenda signaled it was shifting focus away from the auto finance market, where the disparate impact doctrine was aggressively applied, in order to concentrate on other priorities.
While I hope to bat 1.000 on my predictions, one thing I can promise is that next year will not be a repeat of 2016. When I look out at the new political and regulatory landscape here in Washington, I can’t help but think that the well-known David Bowie song refrain captures it best: prepare for “ch-ch-changes” in 2017.
Read the 2017 predictions of Daniel's fellow FICO bloggers:
- Migration and the “Cloud Ceiling”: 5 Compliance Predictions for 2017
- 2017 Predictions: 4 Trends that Will Shake Up Banking Next Year
- 5 Cyber Predictions for 2017: Will Your Fingerprints Get Hacked?
- 4 Payments Predictions for 2017 – Mobile, Fintechs and EMV (Still)
- 4 Analytic Predictions for 2017 – From Killer Devices to AI Hype