Hot Topic: CFPB’s Mixed Messages on Add-On Products

By Adam Maarec

November 6, 2013

The Consumer Financial Protection Bureau made a splash last year when it issued a bulletin outlining the laws and specific practices that banks and other covered entities must follow when selling “add-on products” in connection with credit cards. But many banks and financial service providers that sell insurance in connection with various financial products through joint marketing arrangements have struggled to determine whether insurance is an “add-on product.” This challenge has arisen because of the CFPB’s mixed messages on add-on products. This question is important because the CFPB does not have authority to regulate “the business of insurance” and, to the extent the Bureau intends to regulate the way insurance is sold by banks and other covered entities as an add-on product, it may be exceeding its authority.

The Various Definitions of “Add-on Product”

The CFPB’s bulletin does not clearly define what constitutes an add-on product. Rather, it states that add-on products include “debt protection, identity theft protection, credit score tracking, and other products that are supplementary to the credit provided by the card itself.” In a footnote, the CFPB expanded this definition by stating that the bulletin also applies when banks and other covered entities “offer similar products in connection with other forms of credit or deposit services.” Based on the bulletin alone, would life or accident and disability insurance marketed to an existing bank customer with a mortgage be considered “supplementary” to the loan? If the insurance is marketed to such a customer via telemarketing, or via a printed statement insert, would the Bureau consider it to be offered “in connection with” the underlying loan? Without more guidance from the CFPB, it is impossible to answer these questions.

The CFPB has issued several consent orders for alleged violations of the law related to “add-on products.” Where the Bureau has opted to define the term add-on product in its consent orders, it has done so differently. And although the CFPB has repeatedly said its enforcement actions only apply to the parties involved, and that they do not apply to the industry generally, they nonetheless provide some guidance.

In 2012, the CFPB entered two significant consent orders for improper sales practices in connection with payment protection (debt cancellation), credit monitoring, credit score tracking, identity theft protection, and wallet protection services. In the agency’s press releases for these two consent orders (here and here),  the Bureau referred to the products as “add-on products,” but the consent orders themselves did not use the term “add-on product”(here and here). 

In the CFPB’s first (and only as of this writing) enforcement action against a “service provider,” the Bureau defined an add-on product as “GAP insurance, which covers the difference, if any, between the insurance payout for the vehicle and the outstanding principal in the event that the vehicle is stolen or declared a total loss, and a Vehicle Service Contract (“VSC”), which covers certain repairs and costs.” This definition appears to cover insurance products. (The Bureau used the same definition in its enforcement action against the bank issuing the underlying credit product.)

In its most recent consent order, issued in September 2013, the CFPB defined an add-on product as “any consumer financial product or service, as defined by Section 1002(5) of the [Consumer Financial Protection Act], which is offered as an optional add-on product to Bank credit cards and/or as an optional add-on product to co-branded consumer products of the Bank.” This definition would not cover insurance products since the business of insurance is specifically excluded from the definition of “consumer financial product or service.”

More Guidance is Needed

Given the ambiguity of the definition of “add-on product” in the add-on product bulletin, and the varied definitions of add-on product in the CFPB’s consent orders, additional guidance is needed to determine whether the Bureau considers insurance to be an “add-on product.” Should the Bureau consider insurance to be an add-on product, industry should strongly consider contesting the Bureau’s authority to regulate the sale, solicitation and negotiation of insurance, even if the activity is conducted by a bank or other covered entity.

Consumer Financial Protection Bureau Hosts "Abusive" Symposium

On June 25, the CFPB held a symposium to discuss whether the definition of abusive, as that term is used in the Dodd-Frank Act, should be clarified by a rule or other guidance.

What Banks, Ins. Agencies Need to Know About CA’s New Privacy Law

The CCPA will mandate the most stringent consumer privacy protections in the country. And although the Act contains some exemptions for financial firms, it will undoubtedly affect their operations.

Appellate Courts Split on the Definition of an Autodialer

What exactly is an autodialer? This year, several appellate courts have tried to answer the question, but the most recent decision by the Ninth Circuit has left TCPA litigators and the telemarketing industry more confused than ever before.