Press Release of Senator Crapo
Crapo: I Will Continue to Fight for Accountability and Transparency at CFPB
Tuesday, July 16, 2013
Washington, D.C. – In a speech on the Senate Floor today, U.S. Senator Mike Crapo (R-Idaho), Ranking Member of the Senate Banking, Housing and Urban Affairs Committee, reiterated his serious concerns with the structure of the Consumer Financial Protection Bureau, highlighting common-sense improvements that should be made to increase accountability and transparency at the agency while strengthening protections for consumers.
“[T]his is not a debate about whether Republicans in the Senate support consumer protection, as some would like to portray it. Both sides agree that everyone benefits from a marketplace free of fraud and other deceptive and exploitative practices. What the Republicans have been asking for is that the bureau be restructured in the same way as the other similarly-situated financial regulators, with accountability and transparency to Congress and taxpayers. . .
“During the last several months, I have raised significant concerns with the CFPB’s data collection efforts. Questions still remain about what type of personal information is collected by the CFPB and what is collected by the agency’s contractors. But without the structural changes to the agency that we are asking for, it is hard to get answers to these questions.”
Crapo went on to say there remains significant work and oversight to ensure the CFPB is an accountable agency and transparent in its actions for all Americans to see, and that he will continue to work to ensure accountability for all consumers.
Below is the text of Crapo’s full speech delivered on the Senate Floor today:
Mr. President, earlier today the Senate held the first of a series of cloture votes on controversial nominations by voting to invoke cloture on the nominee to be Director of the Consumer Financial Protection Bureau.
This agency is unlike any other federal agency.
Under its current structure, the CFPB has very broad discretion, but little in terms of Congressional oversight.
It is not a debate about whether Republicans in the Senate support consumer protection, as some would like to portray it. Both sides agree that everyone benefits from a marketplace free of fraud and other deceptive and exploitative practices.
Republicans did not object to consumer protection when it was placed within each of the prudential banking regulators.
In fact, bills aimed specifically at consumer protection passed with an overwhelming majority in the Senate: the Fair and Accurate Credit Transactions Act of 2003 passed 95-2, and the Credit Card Act of 2009 passed 90-5.
During the Dodd-Frank debate, the key point of contention was not the value of consumer protection, but rather the bureau’s design.
One of the lessons of the financial crisis is that we need a supervisory program that looks and considers how safety and soundness and consumer protection work together to create a better functioning financial system.
What the Republicans have been asking for is that the bureau be restructured in the same way as the other similarly-situated financial regulators, with accountability and transparency to Congress and taxpayers.
As outlined in two letters to the President sent by Republican Senators in May of 2011 and this past February, the changes highlighted are not new—in fact, they exist in the current federal regulatory landscape.
One of the key changes sought by Republicans is the establishment of a board of directors to oversee the CFPB, with staggered terms. This is the structure of the Securities and Exchange Commission, the Commodity Futures Trading Commission, the Consumer Products Safety Commission, the Federal Trade Commission, the Federal Deposit Insurance Corporation and the Federal Reserve.
A board of directors would allow for the consideration of multiple viewpoints in decision-making and would reduce the potential for the politicization of regulations.
Indeed, the Administration originally supported a board of directors for the bureau. In 2009, the Obama Administration proposed a standalone Consumer Financial Protection Agency with a board of directors, funded through the Congressional appropriations process.
The bureau also should be subject to the Congressional appropriations process, funded through the Federal Reserve.
While Mr. Cordray stated that he would come and testify before the Appropriations Committee, this is quite different than Congress being able to oversee how the agency’s monies are spent.
For example, the CFPB intends to spend close to $100 million dollars to renovate its headquarters.
This amount is double the amount the Government Services Administration has for property acquisition and renovation in any one year.
Finally, consumer protection cannot and must not be detached from prudential regulation. Though the bureau must consult with other prudential regulators before finalizing its rulemakings, the bureau can simply disregard their advice.
By establishing a solid safety and soundness check for prudential regulation, the link and coordination between prudential supervision and consumer protection would be strengthened by allowing prudential regulators to provide meaningful input into the CFPB’s actions and proposals. Such collaboration will only strengthen our financial system, not weaken consumer protection.
Without it, the CFPB and prudential regulators may issue rules that result in confusion for the regulated entities, as has already been the case with conflicting guidance for private student loans and the many questions raised by the Qualified Mortgages final rule.
The Dodd-Frank solution was to have the Financial Stability Oversight Council review certain CFPB actions, but set the threshold at two-thirds of the FSOC members.
This very high threshold before the FSOC can act renders its veto virtually meaningless.
Since the beginning of this year, I have encountered a number of items with the CFPB that are a cause of concern and warrant greater scrutiny.
But it is this federal agency’s data collection initiative that is most disturbing to me.
Recently, we learned from press accounts that the CFPB was spending tens of millions of dollars to collect Americans’ credit data.
We have learned from the recent IRS, Associated Press, and NSA scandals what happens when government agencies cross the line and watch citizens, instead of watching out for them. There is a trust deficit in government today.
During the last several months, I have raised significant concerns with the CFPB’s data collection efforts.
I have been told that the bureau needs “big data” to level the playing field. However, the bureau’s efforts go far beyond leveling the playing field.
Unfortunately, for an agency that prides itself on transparency, I have encountered very little concrete answers to very basic questions.
For example, I have asked the bureau on three occasions to give me information on the number of Americans’ credit accounts the CFPB is currently monitoring.
In response, the CFPB said the information was confidential and cannot be supplied to me.
Information coming from last week’s hearing in the House Financial Services Committee indicates the CFPB is undertaking unprecedented data collection on possibly hundreds of millions of accounts, possibly as many as 900 million credit card accounts.
The size of this data collection and the amount of money being spent by the agency are a cause of concern for me, and should be for those Americans whose financial and credit data is sent to the Bureau each and every single month.
The CFPB is collecting credit card account data, bank account data, mortgage data, and student loan data.
In addition, the bureau has hired third parties to act as its agents to collect, aggregate and produce consumer credit data on behalf of the agency. Some contracts even contain instructions to follow specific consumer accounts over time.
This ultimately allows the CFPB to monitor—on a monthly basis—an individual consumer’s financial activity. Some of the data collected and provided to the CFPB monthly includes “account balances,” zipcode+4 data, year of birth, and other demographic information.
Thus, the CFPB can know how much you owe, how much money you have, how much you pay each month and where you live within a few blocks.
The bureau has stated publicly on several occasions that it does not collect personally identifiable information other than the voluntary personally identifiable information consumers submit to the Consumer Complaint Database and in supervisory exams.
However, two documents drafted by the CFPB seem to raise doubts about this federal agency’s actions.
Pursuant to the Privacy Act of 1974, the CFPB’s System of Records Notice of November 2012 for the Consumer and Market Research Database states that some of the collected data “will be personally identifiable information.”
In addition, a CFPB contract with a third party data aggregator states, “Most, if not all, of the data will be confidential supervisory information, and some of the data will contain sensitive Personal Identifiable Information (PII).”
Questions still remain about what type of personal information is collected by the CFPB and what is collected by the agency’s contractors.
But without the structural changes to the agency that we are asking for, it is hard to get answers to these questions.
At the hearing in the House last week, a CFPB official was unable to state how many agency employees have access to this enormous amount of credit data.
He also was unaware of any logs used to know when employees access the data.
I also question whether the bureau has put in proper policies and procedures to prevent this data from being reverse engineered?
I consider these to be very serious privacy concerns by the very agency that was supposed to watch out for consumers, not to watch them.
Banks constantly worry about cyber-attacks and recent news reports have run stories about the Federal Reserve and IRS being susceptible to cyber-attacks.
But what assurances do we have from the CFPB that these massive troves of consumer credit information are safe?
Data safety is of particular concern given that both the GAO and CFPB’s Inspector General (IG) have found weaknesses in CFPB’s data security programs and policies.
Because I was unable to get sufficient answers out of the CFPB, I turned to the Governmental Accountability Office and requested that it look into the agency’s data collection and security efforts.
That review is now underway.
With regard to its regulatory role, in the past two years the bureau has issued numerous new rulemakings resulting in a significant cumulative burden for affected institutions, especially small and community banks that often have only a handful of employees.
And remember, there is no board directing this agency, there is no board to whom the director of the agency responds. One single individual has been given the authority in this statute, without oversight by Congress of his or her budget, to single-handedly issue rules and regulations.
In the span of ten days this past January, the CFPB issued more than 3,500 pages of final rules affecting the mortgage market. This represents more than one million total words of regulatory text.
When I asked at an April hearing about the overwhelming number of regulations the bureau issued in a single month, I was told that there were “less than 100 pages of rules” when translated into the Federal Register.
But this ignores the more than 2,500 pages of guidance, analysis, and interpretations, which are admissible in court, and all of which are required reading for anyone who has to comply with this complex web of rules.
In order to understand and comply with these regulations, institutions are forced to hire lawyers and compliance officers, tying up resources that could be better spent on growing business, creating jobs and boosting the economy.
And again, recall that the connection between safety and soundness regulation was severed with the creation of this agency.
Instead, these additional compliance costs are inevitably passed on to consumers, which is especially harmful during a time of high unemployment and sluggish economic growth.
And if we were convinced that the agency was at least protecting consumers, rather than collecting data on all individual Americans who have credit cards, student loans, mortgages or bank accounts, then perhaps we could at least engage in a discussion or a debate about whether the agency’s actions are appropriate or effective.
I am concerned that without strong cost-benefit analysis and input from the small business panels in crafting rules, even well-intentioned rules could make consumer credit more expensive and less affordable.
Another concern I have with the CFPB is the enactment of policy changes outside of the established notice-and-comment rulemaking process.
In March, the CFPB posted a legal bulletin on its blog instructing auto lenders to adjust compensation practices to avoid violating fair lending laws.
The bulletin includes significant legal interpretations and suggests that the bureau may utilize its enforcement powers to ensure that lenders adhere to its guidance.
The only example that the CFPB uses in this bulletin on how auto lenders can effectively comply with fair lending laws is flat pricing as is interpreted by many that any other type of pricing will be a clear violation in CFPB’s eyes.
If the CFPB intends to make major policy changes, then it needs to go through a regular notice-and-comment rulemaking, not a blog post.
This bulletin also represents a backdoor attempt by the CFPB to regulate auto dealers, a group that is explicitly exempted from the CFPB’s regulatory purview by Dodd-Frank, in what appears to be yet another example of CFPB’s regulatory overreach.
In conclusion, I will continue to work towards oversight of the agency to ensure accountability and transparency for the American people.
Those who are trying to paint the Republican demands as being extraordinary need to look at the extraordinary data collection and actions of this agency, and look at our regulatory landscape with similarly-situated financial regulators.
Those who are trying to portray Republican demands as being another attempt to water down consumer protection need to realize that consumer protection divested from safety and soundness does not make for a better financial system or greater benefit to consumers.
We have found in our review of the CFPB that the agency does have serious problems in a number of different areas.
The lack of prompt and complete responses from the agency regarding its Big Data collection of American’s credit accounts is very troubling.
But is indicative of the lack of transparency established when this agency was created.
The expenditure of nearly $100 million just for building renovations is extremely troubling in these tight economic times.
Mr. President, while the confirmation of the nominee is now all but certain, there remains significant work and oversight to ensure the CFPB is an accountable agency and transparent in its actions for all Americans to see.