On September 20, 2021, the CFPB issued a press release announcing it filed suit against a California-based software company, Credit Repair Cloud (Cloud), and its owner, Daniel Rosen, for allegedly assisting illegal credit repair businesses.
The CFPB alleges that Cloud and Mr. Rosen violated the Telemarketing Sale Rule (TSR) and the Consumer Financial Protection Act of 2010 (CFPA) by providing substantial assistance, including training, materials, and software to credit-repair companies that use telemarketing to reach consumers and charge unlawful advance fees.
Notably, most of the allegations from the CFPB’s complaint came from publicly available resources: Cloud’s website, Mr. Rosen’s podcast, and a Facebook page on which Mr. Rosen provides advice and frequently comments. If the allegations are true, the CFPB’s complaint indicates Cloud is no typical software company, nor is Mr. Rosen a typical software company owner. Instead, the allegations suggest that Cloud and Mr. Rosen actively trained and encouraged their clients to violate consumer protection laws.
It’s not too far of a stretch to think the CFPB will use this approach in other areas, including ones that could affect your operations. If you want to mitigate this new, potential risk, here are three areas you should consider when reviewing this case:
1. Evaluate your Vendor Relationships
While the CFPB hasn’t pursued the credit repair companies who used Credit Repair Cloud in this case, it certainly wouldn’t be surprising if they do. You should evaluate your vendor relationships, including your service agreements and how exactly you use your vendors. Are you (or is anyone in your organization) taking advice from them? You employ vendors because they are ostensibly experts in their field, and they often have experience working in the world of a third party debt collector, which you value. But are you analyzing their advice, and consulting internally (or with general counsel)?
2. Don't Forget to Vet Social Media
Many of the allegations in this case are derived from publicly available sources, like the company’s website and social media, as well as a podcast hosted by the owner. Is this an area you review when you are looking to onboard a vendor? Until recently, there probably weren’t many looking at social media when vetting a vendor, but this lawsuit certainly suggests you should.
A little closer to home: some third party debt collectors are investing in a marketing department, including podcasts and social media posts. How closely are you monitoring the information you are releasing on social media? This information is publicly available, and while it might seem harmless to do some self promotion via LinkedIn or other social media platforms, it’s important to track and monitor the information you’re releasing to make sure it’s accurate and can’t be construed as misleading or harmful.
3. Prepare for Potential Vendor Relationship Fallout
Could the results of this lawsuit potentially further limit vendors’ willingness to work with third party debt collectors? Of course, this lawsuit targets a vendor working with credit repair companies, and alleges the software company itself actively trained and encouraged their clients to violate consumer protection laws. But, vendors are already difficult to find given the level of scrutiny and regulation that third party debt collectors face. If any of your technology vendors decide to prohibit relationships with debt collectors, do you have a plan B?
Erin Kerr is the Director of Content at insideARM; the chair of iA Strategy & Tech, a digital resource for collections strategy executives; and the Executive Director of the iA Innovation Council, a membership group for collections / receivables executives interested in solving major industry challenges through tech solutions and collaboration. She is a seasoned receivables management professional, with recent experience in digital strategy and a passion for crafting digital solutions for a better customer experience.