Part 6: Consumer Financial Protection Bureau’s NPRM – A Vendor’s Perspective

By George Buck and Judd Peak

On May 7, the Consumer Financial Protection Bureau (CFPB) released the long-awaited 538-page Notice of Proposed Rulemaking (NPRM) that would update and modernize the Fair Debt Collection Practices Act (FDCPA). The rule would be the first major update to the FDCPA since its enactment more than 40 years ago. The NPRM is intended to provide much needed guidance and clarification on acceptable debt collection practices, as well as outline parameters for electronic communications.

The NPRM was formally published in the Federal Register on May 21 and will be open for public comment through September 18. Originally, the comment period closed in mid-August. However, consumer advocates delivered a letter to the CFPB requesting a 60-day extension to the comment period. Instead, the agency decided to extend comments for an additional 30 days. The comment period allows for industry, creditors, and consumer advocacy groups to voice concerns on the impact of the proposed rule and to seek clarification as to the intent of each section. After the comment period is closed, the CFPB will then issue its final rule which will likely become effective one year from the date of publication.

The CFPB intends for the proposed rules to provide consumers with clear protections against harassment by debt collectors, as well as provide options (beyond what are currently available) to dispute debts. The focus of the new rules can be boiled down to seven main areas:

  • Proposed limits on communication: The NPRM limits a debt collector to no more than seven attempts to contact a consumer via phone over a week or seven-day period and no more than one conversation in a week without the consumer’s consent. The rule also prohibits a collector from calling a consumer within the next seven days of a telephone conversation, unless it is in response to a request for information from the consumer.
  • The definition of a “consumer”: The definition would be expanded to include deceased and successors-in-interest. In other words, the NPRM proposes that a person acting on behalf of an individuals’ estate, such as an executor or administrator, would operate as a consumer for purposes of receiving the validation notice and having the right to dispute a debt. This person would also have standing to file litigation for violations of the FDCPA.
  • Electronic communications with consumers: The proposed rules endorse the use of electronic means (email and text) to send notices. The CFPB recognizes that consumers increasingly wish to receive communications in varying ways, and this is an attempt to meet consumers in their desired fashion. However, the proposed rule establishes a variety of hurdles to overcome, such as compliance with the E-Sign Act (getting consumers to consent in writing to receive electronic communications) and discerning between a work and personal email address.
  • Safe harbor for limited content messages: The collections industry has long sought an allowance to leave consumers a limited content message (i.e., benign voicemail message) that would provide safe harbor from unintended third-party disclosure or an unauthorized HIPAA disclosure. In the NPRM, the CFPB provides a proposed model voicemail message that will not be interpreted to be an unlawful disclosure. According to the CFPB’s commentary, this “limited content message” will not be considered a “communication” under the FDCPA and, therefore, would not be a third-party disclosure. This portion of the NPRM is generally opposed by consumer advocacy groups.
  • Validation notices: The NPRM also includes a model proposed validation notice, which has prompted much discussion by industry and consumer advocates alike. The CFPB has taken a ‘one-size-fits-all’ approach to the model validation notice — it does not distinguish between various types of debt (medical, student loan, etc.). This could result in healthcare providers needing to revise or upgrade their software systems to match the data points required by the CFPB. For example, the proposed validation notice will require an itemization of the financial history of the account/debt. The information required will include date of service, original amount billed, debits and credits to the balance, additional charges, contractual adjustments, insurance payments, write-offs, charity write-offs, and patient payments — ending with the current (owed) balance. Many patient accounting system export modules do not include this information needed to comply with the required “financial itemization” of the account. As proposed, the NPRM will require debt collection validation notices to itemize the financial pieces of the account/debt.

Additionally, the proposed model validation notice includes a link to the CFPB website for a description of consumer protections and a tear-off form offering specific consumer options to dispute or request further information about the debt. There is a general consensus in the industry that requiring overt inclusion of these options for consumers will result in an increase in consumer disputes.

  • Increased record retention requirements: The NPRM includes new record retention requirements, including call recordings to be maintained for at least three years.
  • Communicating before credit reporting: The new provision will prohibit a debt collector from furnishing consumer data to a credit reporting agency unless it has already communicated with the consumer about the debt. A debt collector “communicates” with a consumer when information is provided, directly or indirectly, to the consumer through any medium. An initial validation notice would qualify as a communication for the purposes of this provision. However, if the mail is returned or the address is shown as invalid, this requirement cannot be met, and a debt collector will not be able to credit report the account.

As stated earlier, the comment period ends September 18 of this year. As of July 22, there have been 1,197 comments already submitted, with the vast majority of those coming from consumers or consumer advocacy groups seeking broader and stricter regulations (for instance, a reduction in call limits to three per month and a total prohibition on text and email communications). It is imperative that industry advocates and creditors provide their own perspective on the proposed rules.

Buck George.Frost Arnett.2017Judd Peak
President Emeritus George Buck and Chief Compliance Officer and General Counsel Judd Peak are part of the leadership team at Nashville-headquartered Frost-Arnett Company, which has been helping healthcare clients resolve healthcare account balances for 125 years. Now staffing three offices, Frost-Arnett works with clients nationwide on early-out, bad debt recovery, as well as pre-certification, pre-service, insurance follow-up and cleanup work for legacy systems. For more information, go online to


FDCPA Proposed Rule & Where to Submit Comments