By Charles H. Green
The NYTimes reported that thousands of cash-strapped Americans who filled out online loan applications on sites with names like paymeloans.com instead found their financial details had been used to make unauthorized debits or credit card charges, according to an investigation by federal regulators.
The Federal Trade Commission charged two information resale companies with illegally selling the payday loan applications of more than 500,000 consumers. The third parties that bought the information subsequently “raided” consumers’ bank accounts for at least $7.1 million, regulators said.
While no such accusations or investigations have yet been announced regarding commercial loan lead aggregators, loan brokers, or online lenders, these cases will probably fuel support for advocates looking to crackdown on all parties to financial services, and tighten the regulatory web among all parties that interface with private information for consumers and business owners.
The Fair Credit Reporting Act already restricts how credit and personal information is shared for enabling credit decisions, but is less precise when such information is sold for marketing purposes. Logically there should be no difference, although some critics point to gaps that exist that allow mass data bartering that is conducted with no oversight among non-regulated financial intermediaries.
Much attention has been drawn to banks that sell off uncollected debts, which are purchased by collection agencies who benefit from the entire contents of the bank’s credit file on the subject debt. In those instances, the purchasing party has a direct interest in getting the consumers’s private information, which is usually needed to collect the debt. And, it would be presumed that the selling bank, subject to a myriad of applicable regulations, would contractually restrict how that information could be used by the buyer.
But what happens to non-regulated enties that are provided this kind of information by prospective borrowers? Online marketplace borrower aggregators such as BoeFly, Lendio.com and Biz2Credit gather thousands of credit files and route them to various client banks. It’s easy to assume that responsible bank clients are careful about the data they receive and what happens to it afterward. But what restrictions are there on these companies from reselling their entire database to other non-regulated entities, even those not in the lending business?
My guess is that these kinds of questions are being explored by the federal government as fintech lenders and their innovations are changing the financial landscape in ways not anticipated only a decade ago. As worrisome for regulators is the lax approach of many consumers, who’ve become accustomed to volunteering their personal information over the internet now for a dozen years to trusted brands such as Amazon and other retailers. Many are probably too trusting and offer up their information to unknown parties, making themselves vulnerable to these kind of crimes.
Lest this all sound like strictly a digital problem, recognize that there are plenty of manual data transfers as well that leave consumers and business owners vulnerable. A few months ago we published a story about unethical loan brokers, and the recommendation by some advocates to place their activity under the umbrella of regulation.
The article described a call for regulation by Brayden McCarthy, Head Policy and Strategy at Fundera. While the most prevalent ethical lapse he cited was price gouging borrowers for extraordinary and undisclosed fees, the handling of client’s private data was another concern that he explained needs to be attended. It’s no secret in the trade that many loan brokers engage in the practice of exchanging data after placing loan accounts, often leading to stacking or double parking among several online lenders.
In July, the Treasury Department opened a ‘request for information’ to explore online lending and the many issues that have arisen as fast as the sector itself. Although there are naysayers quickly reacting to this move, I’m guessing that privacy concerns of consumer data will be among the items at the top of the list.
And, I’m guessing that a robust regulatory response will follow, which will be welcomed by the top performing companies in the field not wanting to be dragged down due to consumer fear of the bad guys lurking around the space.
Did you know SBFI offers commercial lender training–learn more here.
Read more stories of interest to commercial lenders here.
What do you think about this story? Comment below or write me at Director@SBFI.org.