The Fair Credit Reporting Act (“FCRA”) became effective on April 25, 1971. The FCRA is a group of acts contained in the Federal Consumer Credit Protection act, such as the Truth in Lending Act and the Fair Debt Collection Practices Act.
Congress substantively amended the FCRA upon the passage of the Fair and Accurate Credit Transactions Act of 2003 (“FACT Act”). The FACT Act created many new responsibilities for consumer reporting agencies and users of consumer reports. It contained many new consumer disclosure requirements as well as provisions to address identity theft. In addition, it provided free annual consumer report rights for consumers and improved access to consumer report information to help increase the accuracy of data in the consumer reporting system.
The identity theft rights summary includes the identity theft rights granted to consumers by FACTA, including the right to place fraud alerts on their credit reports, to block businesses and credit bureaus from reporting information in their credit files that is a result of identity theft, and to obtain from businesses information about accounts or transactions in their name that result from identity theft. The identity theft rights summary will be provided by consumer reporting companies to consumers who contact the agencies because they believe they are victims of fraud or identity theft.
The general consumer rights summary includes, among other things, consumers' right to see their credit files and know when they have been used against them, to correct inaccuracies, and to opt-out of unsolicited offers. The summary also notes that, in addition to identity theft victims, active duty military personnel have additional rights under the FCRA and FACTA. This general summary of rights updates the current summary, which credit reporting companies provide to consumers with their credit reports. The furnisher and user notices explain to businesses their duties under the FCRA.
The FCRA contains significant responsibilities for business entities that are consumer reporting agencies and lesser responsibilities for those that are not. Generally, financial institutions are not consumer reporting agencies.
In addition to the requirements related to financial institutions acting as consumer reporting agencies, FCRA requirements also apply to financial institutions that operate in any of the following capacities:
Financial institutions are subject to a number of different requirements under the FCRA. The statute contains some of the requirements, while others are in regulations issued jointly by the FFIEC agencies or in regulations issued by the Federal Reserve Board and/or the Federal Trade Commission.
The Dodd-Frank Act granted rulemaking authority under the FCRA (except for §615(e) (identity theft) and §628 (disposal)) to the Consumer Financial Protection Bureau (“CFPB”) and, with respect to entities under its jurisdiction, granted authority to the CFPB to supervise for and enforce compliance with the provisions of the FCRA and the implementing regulations.
The CFPB structured the examination procedures as a series of modules, grouping similar requirements together. The modules contain general information about each of the requirements:
Summaries of Rights and Notices of Duties Under the FCRA and FACT Act: Publication of Final Guidance on Model Disclosures
Summaries of Rights and Notices of Duties Under FCRA and FACTA.pdf
The CFPB required that the standard FCRA notices that refer to the FTC must be updated by Jan. 1, 2013 to reflect the role of the CFPB under the FCRA. Part 1022 of the Code of Federal Regulations:
CFPB Notice Support Spanish-speaking customers with Spanish language disclosures:
CFPB Notice Support Spanish-speaking customers with Spanish language disclosures
Appendix I to Part 1022—Summary of Consumer Identity Theft Rights
Appendix I to Part 1022—Summary of Consumer Identity Theft Rights (Spanish)
MicroBilt - Summary of Consumer Identity Theft Rights (Spanish).pdf
MicroBilt - Summary of Consumer Rights (Spanish)
MicroBilt - Summary of Consumer Rights (Spanish).pdf
Appendix K to Part 1022—Summary of Consumer Rights
Appendix M to Part 1022—Notice of Furnisher Responsibilities
Appendix N to Part 1022—Notice of User Responsibilities
H-1 Model form for risk-based pricing notice.
H-1 Model form for risk-based pricing notice.pdf
H-2 Model form for account review risk-based pricing notice.
H-2 Model from for account review risk-based pricing notice.pdf
H-3 Model form for credit score disclosure exception for credit secured by one to four units of residential real property.
H-3 Model form for credit score disclosure exception for credit secured by one to four units of residential.pdf
H-4 Model form for credit score disclosure exception for loans not secured by residential real property.
H-4 Model form for credit score disclosure exception for loans not secured by residential real property.pdf
H-5 Model form for credit score disclosure exception for loans where credit score is not available.
H-5 Model form for credit score disclosure exception for loans where credit score is not available.pdf
H-6 Model form for risk-based pricing notice with credit score information.
H-6 Model form for risk-based pricing notice with credit score information.pdf
H-7 Model form for account review risk-based pricing notice with credit score information.
H-7 Model form for account review risk-based pricing notice with credit score information.pdf
MicroBilt - Sample Adverse Action Letter (Spanish)
MicroBilt - Sample Adverse Action Notifications (09-16-16)
MicroBilt - Credit Reports for Collections Notice
MicroBilt - Credit Reports for Collections Notice.pdf
MicroBilt - UDAAP Procedure
MicroBilt - Military Act Lending Compliance
MicroBilt - Military Act Lending Compliance.pdf
MicroBilt - CCPA Statement
MicroBilt - CCPA Statement.pdf
MicroBilt – California Consumer Privacy Act of 2018 ("CCPA")
MicroBilt - California Consumer Privacy Act of 2018 (CCPA).pdf
MicroBilt - Data Broker Registry Under CCPA (CRA Exceptions)
MicroBilt - Data Broker Registry Under CCPA (CRA Exceptions).pdf
CCPA - HIPAA Amendment
CCPA - HIPAA Amendment (09-28-20).pdf
MicroBilt – California Privacy Rights Act of 2020 ("CPRA")
MicroBilt – California Privacy Rights Act of 2020 ("CPRA").pdf
MicroBilt – Virginia Consumer Data Protection Act ("VCDPA")
MicroBilt – Virginia Consumer Data Protection Act ("VCDPA").pdf
MicroBilt – Colorado Privacy Act ("CPA")
MicroBilt – Colorado Privacy Act ("CPA").pdf
MicroBilt - Utah Consumer Privacy Act ("UCPA")
MicroBilt - Utah Consumer Privacy Act (UCPA).pdf
MicroBilt – Connecticut Data Privacy Act ("CTDPA")
MicroBilt – Connecticut Data Privacy Act ("CTDPA").pdf
California Employment Screening – Use of Credit Reports
MicroBilt - California Use of Credit Reports for Employment Purposes.pdf
New York City Credit Report Restrictions & FADV Sybersecurity Survey
New York City - Restricts Requests or Use of Credit Reports for Employment.pdf
New York City Salary History Inquiry Law
New York Shield Act
EU – U.S. Privacy Shield Invalidated
Final Rule on Consumer Disclosures related to Debt Collection
MicroBilt - Colorado Affirmation Form For Employment Repealed
Landlords Property Managers the ADA
State Laws Limiting Use of Credit Information For Employment
MicroBilt - I-9 Employment Eligibility Verifcation Update
MicroBilt - I-9 Employment Eligibility Verifcation Form
MicroBilt - I-9 New Employment Eligibility Verifcation Form
MicroBilt - I-9 Employment Eligibility Verifcation Instructions
The FTC opines on what “reasonable procedures to ensure accuracy” are (and those should be read to apply to employment screening as well). The FTC maintains: “[c]ertain practices may be indicators that a background screening company isn’t following reasonable procedures. For example, if a report lists criminal convictions for people other than the applicant or tenant – for instance, a person with a middle name or date of birth different from the applicant’s – that raises FCRA compliance concerns. Other examples that raise FCRA compliance concerns include screening reports with multiple entries for the same offense or that list criminal records that have been expunged or otherwise sealed. Another indication that a company’s procedures might not be reasonable are reports that list housing court actions, but do not include the outcome of the action – for instance, that a case was resolved in the tenant’s favor.”
Background screeners should also note that the FTC calls out reports with multiple entries for the same offense, the reporting of expunged or sealed records, reports with no dispositions, and finally, the failure to use a middle name to ensure accuracy.
Please see the following materials from the FTC:
Screening Tenants New FTC Guidance
What Tenant Background Screening Companies Need to Know About the Fair Credit Reporting Act
Using Consumer Reports What Landlords Need to Know
Employers - Criminal Background Check Policy
Employers should be aware that in 2012 guidance on the use of criminal history records in employment, the Equal Employment Opportunity Commission made clear that blanket prohibitions on employment based on criminal history are frowned upon due to the potential for discrimination.
Information subject to change without notice. All rights reserved © 2022 MicroBilt