Skip to primary navigation Skip to main content

CFPB: Unaccountable and Unrestrained

May 21, 2013

Senate Democrats will try to push for a vote this week on Richard Cordray to be the Consumer Financial Protection Bureau Director. Senate Republicans are pushing for commonsense solutions to an unaccountable and unrestrained bureau.

The Consumer Financial Protection Bureau (CFPB) raised concerns since its creation due to its unprecedented investigative and regulatory authority, its lack of accountability, and the unparalleled authority placed in its sole director. A recent action by the CFPB to monitor consumer credit cards and the spending habits of millions of Americans is raising new concerns in a government suffering from a trust deficit.  

The CFPB was established by the Dodd-Frank Act to “regulate the offering and provision of consumer financial products or services under the Federal consumer financial laws.” In pursuit of this, the CFPB has ramped up its demands for bank records and its acquisition of consumer financial information. 

Widespread Data Collection

According to a recent Bloomberg story, the CFPB awarded a New York-based company a $15 million contract to store and analyze credit card information from nine banks. It is requiring banks, as part of a separate review, to provide records of credit-card add-on products, such as credit monitoring and debt cancellation. This follows last year’s action to require banks to submit data on checking account overdraft activity. 

Bloomberg also reported that the CFPB is buying data from Experian, the credit-reporting company. The $8 million contract calls for the company to provide data on five to 10 million consumers “for use in a wide range of policy research projects.” The CFPB also plans to purchase auto loan information from the company. Separately, a Florida credit-reporting company is being paid nearly $500,000 to provide data on payday loans. 

In a joint effort with the Federal Housing Finance Agency, the CFPB is working to build a mortgage database to integrate consumer credit information with loan and property records. A California company will be paid around $800,000 for loan-level mortgage data. 

The CFPB says the data will be used to assess and examine compliance with consumer financial protection laws, and to inform its supervisory processes. One former CFPB enforcement official defended the efforts, stating the agency needs to know who is making a lot of money from a particular practice so it can know where to focus its efforts. 

The massive data collection is raising concerns. Banks have indicated they’ve been ordered to provide substantial amounts of data -- a particularly large burden for small and community banks. In a February 14 letter to CFPB Director Richard Cordray, the U.S. Chamber of Commerce reported other concerns. It noted that the bureau requires “companies to reformat and resort data according to the Bureau’s parameters, which sometimes are altered, requiring businesses to incur significant costs.” The letter also states that the CFPB is misusing the regular examination process of banks with “requests that are often unfocused, overly inclusive, and not coordinated with other regulators.” 

Concerns over Security

While the Dodd-Frank Act permits the CFPB to collect data as part of its supervisory and examination functions, it expressly prohibits the agency from gathering or analyzing personally identifiable financial information on consumers. Section 1022(4)(C) says that the CFPB “may not use its authority … to obtain records from covered persons and service providers participating in consumer financial services markets for purposes of gathering or analyzing the personally identifiable information of consumers.” 

The CFPB has said that it is not collecting personally identifiable information, but has provided limited details on its efforts. In response to a question by Senate Banking, Housing and Urban Affairs Committee Ranking Member Crapo, CFPB Director Cordray stonewalled, saying that information about the number of accounts it has and is currently following is confidential. 

Concerns also have been raised about data security issues at the CFPB. A report by the CFPB’s Inspector General highlighted a series of concerns with the CFPB’s information-security controls over their widely used contractor-operated systems. As part of its assessment, the IG examined a contractor-operated system and found several “management, operational, and technical control weaknesses.” Furthermore, “CFPB has not established a comprehensive information security strategy to guide the implementation of an agency-wide information security program.”  

Reforms Needed

The CFPB receives its funding from the Board of Governors of the Federal Reserve System and is not subject to the congressional authorization or the traditional appropriations process. Its process is to submit an annual budget proposal to the Fed based on the amount it expects to need. Its only limitation is an annual cap of 12 percent of the operating expenses of the Federal Reserve System.

cfpb growth

The bureau has grown rapidly. For its first full year of existence, fiscal year 2012, the CFPB had a budget of $299.8 million and a full-time equivalent employee count of 831. In fiscal year 2013, its budget grew to $541.4 million, with an employee count of 1,214; for fiscal year 2014, its requested budget is $497.5 million and 1,545 employees. 

Additionally, the CFPB has access to funds in the Consumer Financial Civil Penalty Fund it maintains for payments to victims. If victims cannot be located, the CFPB can use the funds for financial literacy or consumer education programs. For fiscal year 2012 and the first quarter of 2013, the fund had a balance of $46.2 million. 

In May 2011 and February 2013, Senate Republicans wrote to President Obama calling for structural reforms to the CFPB. The bureau is far too insulated from congressional oversight of its actions and its budget, and its director has too few meaningful checks and balances on his power. The letters said that the Senate should not consider any nominee to be director of the CFPB until common-sense reforms are adopted: 

  • Establish a bipartisan board of directors to oversee the CFPB;
  • Subject the bureau to the appropriation process, similar to other federal regulators; and
  • Establish a safety-and-soundness check for the prudential regulators.

The latest revelations make it abundantly clear additional information and greater transparency are needed on how the CFPB uses and protects its massive collection of private consumer financial information.