CFPB Issues Advisory Opinion on Credit Reporting and Permissible Purpose Under FCRA

The opinion outlines covered entities’ obligations to protect the public’s data privacy, but once again, the bureau fails to provide relevant data in order to assess if there is a real problem.

07/07/2022 4:00 P.M.

3 minute read

The Consumer Financial Protection Bureau issued an advisory Thursday to ensure that companies that use and share credit reports and background reports have a permissible purpose under the Fair Credit Reporting Act.

“While Congress and regulators must do more to protect our privacy, the CFPB will be taking steps to use the Fair Credit Reporting Act to combat misuse and abuse of personal data on background screening and credit reports,” said CFPB Director Rohit Chopra.

The advisory opinion, according to a press release, “will help to hold responsible any company, or user of credit reports, that violates the permissible purpose provisions of the Fair Credit Reporting Act.”

The press release says that the advisory opinion clarifies that:

  • Insufficient matching procedures can result in credit reporting companies providing reports to entities without a permissible purpose, which would violate consumers’ privacy rights: For example, when a credit reporting company uses name-only matching procedures, the items of information appearing on a credit report may not all correspond to a single individual. That means the user of a credit report could be provided a report about a person for whom the user does not have a permissible purpose.
  • It is unlawful to provide credit reports of multiple people as “possible matches”: Credit reporting companies may not provide reports on multiple individuals where the requester only has a permissible purpose to obtain a report on one individual. They must have adequate procedures to find the right person, or else the result may be that they provide a report on at least one wrong person.
  • Disclaimers about insufficient matching procedures do not cure permissible purpose violations: Disclaimers will not cure a failure to take reasonable steps to ensure the information contained in a credit report is only about the individual for whom the user has a permissible purpose.
  • Users of credit reports must ensure that they do not violate a person’s privacy by obtaining a credit report when they lack a permissible purpose for doing so: The Fair Credit Reporting Act strictly prohibits anyone from using or obtaining credit reports without a permissible purpose.”

The CFPB said it will continue to take steps to ensure credit reporting companies and other relevant entities adhere to the FCRA and other consumer financial protection laws.

ACA Insights

Whether finding solutions to problems or creating new regulatory measures, the bureau’s actions need to be based on current data and results from working with all constituents.

What is not clear is the prevalence of name-only matching. In addition to societal goals regarding privacy reflected in the FCRA, as well as efficient and cost-effective credit granting decisions to be made, it’s important to note the mainstream free market has no incentive to either provide or use inaccurate credit bureau reports.

As it did in an interpretive rule on states’ authority in credit reporting markets last month, the CFPB fails to provide relevant and timely data to truly assess if there is a real problem, and seemingly skirted stakeholder input yet again. The rulemaking process allows voices closest to the actual processes to be heard, data-driven insights to be gained, and better decisions to be made, including decisions that benefit consumers.

“We know ACA members are diligent about employing strong compliance management systems to ensure compliance with the wide range of federal and state laws that govern collections, and we are continuing to focus on that in our advocacy with the CFPB,” said ACA CEO Scott Purcell.

ACA is continuing to review the opinion to provide updates on compliance and other takeaways for members.

If you have executive leadership updates or other member news to share with ACA, contact our communications department at [email protected]. View our publications page for more information and our news submission guidelines here.

This site uses cookies. By continuing to use our site, you are agreeing to our use of cookies. Review our Privacy Policy for more information. You may change your preferences on how cookies are stored by reviewing the settings on your browser.

The content on this site is presented for educational, general reference, and informational purposes only; is not intended to serve as legal or other advice; is not intended to be a full and exhaustive explanation of the law in any area; and should not replace the advice of your own legal counsel. By continuing to use our site, you are agreeing to the legal disclaimers in our Terms of Use. Review our Terms of Use for more information.

Friendly Reminder

Get continued access to ACA International’s wide array of resources, which can help you become more profitable, compliant and successful.

Renew your membership today to take advantage of tools you won’t find anywhere else:

  • Discounts on seminars, products, services and events
  • Resources to strengthen your compliance department
  • Industry-specific risk management products and services
  • Participation in ACA’s online community, The Hub
    Members-only website content
  • Professional development and training opportunities, and so much more!