On Deck: Employee Credit Checks, UDAAP & More

Compliance Weekly

» Forward Compliance Weekly to a friend.

Get practical answers and get on with your work

Massachusetts Debt Collection Regulations: An Explainer

Things are a swirl of confusion in the Commonwealth of Massachusetts, with two separate pieces of legislation maybe not working perfectly together.

The deets

Massachusetts currently has two pieces of legislation covering collection agencies:

  • 940 CMR 7.00 Debt Collection Regulations (published by the Office of the Attorney General in 2018)
  • 209 CMR 18.00 Conduct of the Business of Debt Collectors and Loan Servicers (published by the Division of Banks and Loan Agencies in 2016)

I’m not interested in getting into some of the should they/shouldn’t they w/r/t the Massachusetts Attorney General taking on debt collection under its belt – especially since, traditionally, regulating collection agencies fell under the purview of the Division of Banks. For our purposes, both pieces of legislation exist, and we need to figure out how they work together.

“The AG rules are more restrictive and have more requirements,” shares attorney Michael Kraft, who is not giving us legal advice at all; he just answered my email. “I advise following those. Any time that there are different rules, I think the best course is to follow that which is more restrictive.”

Validation of debts

Of concern for agencies collecting in Massachusetts is a requirement for signed documents from the consumer as part of a validation packet.

The Division of Banks and Loan Agencies 209 CMR 18.00, which had traditionally governed the activities of collection agencies in the state (up until October of 2018) wants:

All papers or copies of papers and electronic records, in the possession of the debt collector, which bear the signature of the consumer and which concern the debt being collected. [Emphasis added]

The Office of Attorney General 940 CMR 7.00, essentially new in town to governing debt collection, has similar requirements for debt validation:

All documents, including electronic records or images, which bear the signature of the debtor and which concern the debt being collected.

What’s the difference?

Great question. The Division of Banks and Loan Agencies document seems to offer some wiggle room around that signature requirement: in the possession of the debt collector. If the debt collector has it, 209 CMR 18.00 requires you to provide copies to the consumer.

That softening language isn’t present in the stricter, newer 940 CMR 7.00. Agencies, per this document, need to provide copies of signed documents, allegedly, even if the agency itself isn’t, at that time, in possession.

Member reactions

“It has always been our practice that if our client cannot provide the contract signed by the borrower, we return the account/dispute to the client and notify the borrower that we have returned the account.”

“How far back does the collectors have to go in providing the statements? For example, if the debt was incurred several years ago and the debtor was paying min due for several months before defaulting on the debt, providing statements from more recent 12 months would not be sufficient to prove when the debt was incurred originally, right?”

“We do collect debt in MA.  The only item that could be an issue with our clients is producing items noted in 1. with an original signature.  We made the decision to cancel accounts when clients cannot provide signed documents.  While it isn’t clear what the result would be to continue to work the account, we felt it wasn’t worth the risk of  pursuing.”

Can You / Should You: Employee Credit Checks

Barring client requirements, it might be time to stop using employee credit checks as part of your hiring/promoting policy.

The deets

Many financial organizations use employee background and credit checks as a tool to choose among potential applicants. The thinking: employees with solid credit reports, free of most delinquencies and other dings, are less likely to, say, embezzle thousands of dollars or steal hundreds of identities.

We’re going to set aside most of that – it may or may not be true (it isn’t true). What we’re going to look at instead are the compliance stresses employee credit checks can add to your already full plate.

My advice? If you don’t have to do them (because of a client requirement), you shouldn’t.

Even more deets

Eleven states have passed laws that limit the use of employ credit checks:

  • California
  • Colorado
  • Connecticut
  • Delaware
  • Hawai’i
  • Illinois
  • Maryland
  • Nevada
  • Oregon
  • Vermont
  • Washington

Add to that three cities – Chicago, New York City, and Philadelphia – and the District of Columbia.

These aren’t solid laws, by which I mean: there’s a lot of wiggle-room in them. They’re tough to enforce and there isn’t a lot of caselaw to draw on to get a sense of landscape.

Still, these states and cities (and D.C. which is neither a state or a city and every time I take the Metro to downtown it’s mobbed with people wearing Caps jerseys for some guy named Ovenchicken) do have those laws, and it matters little if those laws currently aren’t enforced to the best of their ability now; all it takes is one domino to start the whole domino line-up to crash.

So why don’t you want us doing it?

Because I love you. And I don’t want you wasting your time (and money – background and credit check costs can add up) on unnecessary tasks.

For one thing, credit checks aren’t clear indicators, one way or the other, whether an employee is going to Get Rich Quick by pulling a bunch of shenanigans and goings-on. Credit checks are theatrical, in that they appear to be useful, but aren’t actually useful.

Okay but that’s just you using soft science.

Okay. Another thing: you need to be incredibly specific in your policies and procedures around employee credit checks as to whom you’re credit-checking and why. Think of it along the lines of “permissible purpose.”

Consider also that many of those states mentioned previously also hold laws regarding what can/cannot be pulled and, even more importantly, when: is it pre- or post-offer?

We’re doing it anyway. What do we need to know?

Credit expert John Ulzheimer, formerly of FICO and Equifax, says, “The most common alleged FCRA violations I see with respect to using credit reports for employment screening are either 1) not getting overt written permission from the applicant or 2) not providing the required disclosures in the proper format. The best practice should include having an attorney who is knowledgeable about FCRA obligations screen your use of credit reports to ensure legal compliance. It would also be smart to have written policies regarding the use of credit reports, for any use including employment screening. It would be hard to argue that you have sound policies regarding the use of credit reports if you cannot produce any written policies on the subject.  That doesn't play well in court.”

You’ll want to make sure the application that the potential employee fills out includes an FCRA-compliant form, signed by the applicant, allowing the credit check to occur. (It should also explain that credit checks for employment purposes have no negative effects on their credit score.)

If you do end up pulling a job offer or denying a promotion due to findings in the credit report, you’re required to provide a bunch of disclosures to the employee:

  • An explanation that the candidate is no longer viable because of information on the credit report – specifically what in the report caused the negative action
  • Copy of the report
  • The contact information for the third-party agency used to pull your credit report

Also, applicants have a chance to dispute what is found on the report, which can lead to its own morass of frustrations.

I’ll close by repeating myself from the top of this article: unless you have a client with strict requirements for credit checks, they’re costly, ineffective, and a headache to manage. Drop ‘em.

Members will find a policies and procedures packet relating to employee credit checks here.

 

UDAAP Pitfalls: Hardship Policies

Hardship policies are offered to consumers in dire straits. There’s a willingness to pay, but maybe not an ability to pay. Should hardship policies be on your Hot for 2019 list? I think they’re risky.

The deets

There are some entities – for instance, and specifically, healthcare – where hardship policies are the norm. Hardship polices of those stripes are usually client-driven; you’re simply following their policy.

Agency-based hardship policies – by which I mean, policies that you may have in place at your agency – are a little more complicated, and risky, to manage.

Risky how? You keep saying that.

Hardship policies in the collections space that aren’t client-dictated are a breeding ground for UDAAP – Unfair and Deceptive Acts and Practices -- considerations. (Which is not to say that client-dictated policies aren’t without their own UDAAP risks, but that’s on them for the moment.)

Offering a hardship deal to some, but not all, of your accounts can create unexpected disparate impacts, especially if you don’t have a solid objective requirements for acceptance into a Hardship Plan.

Ontario Systems’s Rozanne Andersen explained it this way: “The moment you don’t have any real, solid criteria – where you’re only relying on warm and fuzzies rather than data – is when you can find yourself at risk of a UDAAP.”

Okay. We want to do this anyway. What should we do?

These are only suggestions. I’m not the boss of you, nor am I your legal counsel (but imagine how wonderful that world would be if you all worked for me?). But some thoughts:

  • Make sure your criteria are based on data, rather than situations. “Hardship” is a slippery word to define. “My take-home pay after all of my bills and responsibilities is a coupon for Bed Bath & Beyond” is a measurable hardship. “My spouse, a very promising dermatologist, left me” may not be.
  • Make sure your hardship policy is visible to everyone. This might mean having a space on your site with a description of your hardship policy and a link to download and submit the application.
  • Not everyone is going to ask for a hardship consideration – and that’s where you can get into trouble. If you only offer it to people who sound like they’re in a hardship, you run the risk of creating a UDAAP class of consumers.
  • Spend time thinking about the line between an inability to pay, but still worth pursuing; and a refusal to pay. How are you defining that? And how are you ensuring you’re not creating another UDAAP class of consumers.
  • Be very careful that settlement offers aren’t less than hardship policy offers. When you give consumers the opportunity to, in a sense, shop around for the best deal with you, you are in dangerous compliance waters.

Members will find a policies and procedures packet relating to Hardship Plans here