The Consumer Financial Protection Bureau’s aggressive rulemaking agenda has resulted in a number of proposed and final rules that stand to affect many community banks. ICBA experts weigh in on the actions and explain how rulemakings on overdraft, credit card late fees, nonsufficient funds (NSF) fees and personal financial data rights will affect community banks.

1. Overdraft credit

The CFPB has proposed to generally apply Regulation Z to overdraft credit provided by institutions with more than $10 billion in assets unless it is provided at or below costs and losses as a true courtesy to consumers. The proposed rule would accomplish this by updating two existing exceptions relating to the definition of “finance charge.”

Under the proposal, institutions could determine whether an overdraft charge is considered above break-even overdraft credit by either calculating its own costs and losses using CFPB standards set forth in the proposal, or relying on a benchmark fee set by the CFPB, which the agency is considering could be $3, $6, $7 or $14. Additionally, all transfer charges imposed on accounts with linked overdraft lines of credit would be deemed finance charges, and as such subject to Regulation Z.

“We’re concerned about these arbitrary fee aspirations that do not necessarily speak to the operational costs for processing overdrafts,” says Rhonda R. Whitley, ICBA’s senior vice president, senior regulatory counsel. “We’re also concerned that these rules can have an impact on consumers if their mortgage payment or payments for critical medications are rejected.”

These harmful effects will be worsened if the CFPB ultimately extends the rule to smaller institutions upon monitoring the market response to the rule, Whitley says.

“It is the third parties that profit from [Section 1033 of the Dodd-Frank Act] rule, not banks. We think it is unreasonable to require banks to bear all of the costs.”
—Mickey Marshall, ICBA

2. Credit card late fees

The CARD Act amended the Truth in Lending Act to establish a safe harbor for late fees. This is currently $30, but the CFPB recently finalized a rule to amend the 2009 law by drastically reducing the safe harbor amount to $8. The new $8 limit on late fees applies to credit card issuers with at least 1 million open credit cards, which only covers about the top 30 issuers.

In finalizing its proposal, the CFPB used data from the Federal Reserve’s Y-14 reports completed by issuers with $100 million or more in total consolidated assets—but “selectively picking data makes poor policy,” says Kari Mitchum, ICBA vice president, payments policy.

“We believe that an unintended consequence of the proposed rule would be that more consumers will likely be late in paying their credit card balances, incurring additional interest charges,” Mitchum says. “The CFPB new credit card late fee rule sounds like great relief for the 25% of people who CFPB estimates pay their bills late, but there will be impacts to all consumers.”

3. NSF fees on instantly declined transactions

The CFPB has also proposed to prohibit NSF fees on transactions declined at the swipe, tap or click. Transactions declined or rejected due to insufficient funds hours or days after the consumer’s attempt would not be covered by the proposal. Transactions authorized in the first instance, even if later rejected or failed to settle due to insufficient funds, also would not be covered.

“CFPB’s proposal on nonsufficient‑funds fees is another example of the bureau imposing arbitrary price controls that would distort market discipline and have a negative ripple effect on customers and businesses that rely on these services, undermining the bureau’s mission of protecting consumers,” says ICBA’s president and CEO, Rebeca Romero Rainey. “ICBA and the nation’s community banks continue calling on the CFPB to conduct a Small Business Regulatory Enforcement Fairness Act review before proceeding with the rulemaking.”

4. Personal financial data rights

The CFPB is also proposing to implement Section 1033 of the Dodd-Frank Act by requiring community banks to establish an API-enabled “developer portal” that third-party companies could use to access information—including up to 24 months of transaction data—about a bank’s customers. Banks would be prohibited from charging any fee associated with the creation or use of this portal.

Mickey Marshall
Mickey Marshall

“We expect this rule will create significant costs for community banks, who will be dependent on their core processors or other third-party companies to develop and maintain these portals,” says Mickey Marshall, ICBA assistant vice president and regulatory counsel.

“We also have concerns related to customer privacy, as it will be difficult for banks to vet the data security practices of third-party companies,” Marshall says. “The proposed rule does require third-party companies to implement data security measures that are equivalent to those of banks and limits the ways third parties can use customer data, but it will be very difficult for community banks to verify whether a third-party company is in compliance with these requirements.”

ICBA is advocating that institutions with less than $850 million in assets be exempt from the final rule. For those institutions that must comply, ICBA is encouraging the CFPB to allow them to charge a reasonable fee to third-party companies accessing consumer data.

“The third-party companies that access this data will use it to offer loans and other financial products to a bank’s customers,” Marshall says. “It is the third parties that profit from this rule, not banks. We think it is unreasonable to require banks to bear all of the costs.”