Congress substantively amended the FCRA upon the passage of the Fair and Accurate Credit Transactions Act of 2003 (“FACT Act”). The FACT Act created many new responsibilities for consumer reporting agencies and users of consumer reports. It contained many new consumer disclosure requirements as well as provisions to address identity theft. In addition, it provided free annual consumer report rights for consumers and improved access to consumer report information to help increase the accuracy of data in the consumer reporting system.
The identity theft rights summary includes the identity theft rights granted to consumers by FACTA, including the right to place fraud alerts on their credit reports, to block businesses and credit bureaus from reporting information in their credit files that is a result of identity theft, and to obtain from businesses information about accounts or transactions in their name that result from identity theft. The identity theft rights summary will be provided by consumer reporting companies to consumers who contact the agencies because they believe they are victims of fraud or identity theft.
The general consumer rights summary includes, among other things, consumers' right to see their credit files and know when they have been used against them, to correct inaccuracies, and to opt-out of unsolicited offers. The summary also notes that, in addition to identity theft victims, active duty military personnel have additional rights under the FCRA and FACTA. This general summary of rights updates the current summary, which credit reporting companies provide to consumers with their credit reports. The furnisher and user notices explain to businesses their duties under the FCRA.
The FCRA contains significant responsibilities for business entities that are consumer reporting agencies and lesser responsibilities for those that are not. Generally, financial institutions are not consumer reporting agencies.
In addition to the requirements related to financial institutions acting as consumer reporting agencies, FCRA requirements also apply to financial institutions that operate in any of the following capacities:
- Procurers and users of information (for example, as credit grantors, purchasers of dealer paper, or when opening deposit accounts).
- Furnishers and transmitters of information (by reporting information to consumer reporting agencies, other third parties, or to affiliates).
- Marketers of credit or insurance products.
Financial institutions are subject to a number of different requirements under the FCRA. The statute contains some of the requirements, while others are in regulations issued jointly by the FFIEC agencies or in regulations issued by the Federal Reserve Board and/or the Federal Trade Commission.
The Dodd-Frank Act granted rulemaking authority under the FCRA (except for §615(e) (identity theft) and §628 (disposal)) to the Consumer Financial Protection Bureau (“CFPB”) and, with respect to entities under its jurisdiction, granted authority to the CFPB to supervise for and enforce compliance with the provisions of the FCRA and the implementing regulations.
The CFPB structured the examination procedures as a series of modules, grouping similar requirements together. The modules contain general information about each of the requirements:
- Module 1 Obtaining Consumer Reports.
- Module 2 Obtaining Information and Sharing Among Affiliates.
- Module 3 Disclosures to Consumers and Miscellaneous Requirements.
- Module 4 Financial Institutions as Furnishers of Information.
- Module 5 Consumer Alerts and Identity Theft Protections.
Summaries of Rights and Notices of Duties Under the FCRA and FACT Act: Publication of Final Guidance on Model Disclosures
The CFPB required that the standard FCRA notices that refer to the FTC must be updated by Jan. 1, 2013 to reflect the role of the CFPB under the FCRA. Part 1022 of the Code of Federal Regulations:
Appendix I to Part 1022—Summary of Consumer Identity Theft Rights
Appendix K to Part 1022—Summary of Consumer Rights
Appendix M to Part 1022—Notice of Furnisher Responsibilities
Appendix N to Part 1022—Notice of User Responsibilities
H-1 Model form for risk-based pricing notice.
H-1 Model form for risk-based pricing notice.pdf
H-2 Model form for account review risk-based pricing notice.
H-2 Model from for account review risk-based pricing notice.pdf
H-3 Model form for credit score disclosure exception for credit secured by one to four units of residential real property.
H-3 Model form for credit score disclosure exception for credit secured by one to four units of residential real property.pdf
H-4 Model form for credit score disclosure exception for loans not secured by residential real property.
H-4 Model form for credit score disclosure exception for loans not secured by residential real property.pdf
H-5 Model form for credit score disclosure exception for loans where credit score is not available.
H-5 Model form for credit score disclosure exception for loans where credit score is not available.pdf
H-6 Model form for risk-based pricing notice with credit score information.
H-6 Model form for risk-based pricing notice with credit score information.pdf
H-7 Model form for account review risk-based pricing notice with credit score information.
H-7 Model form for account review risk-based pricing notice with credit score information.pdf
Credit Reports for Collections Notice: New limitation on “permissible purpose” and use of Credit Reports for collections of delinquent child support, judgments, fines, liens, and medical debts
MicroBilt - Credit Reports for Collections Notice.pdf
California Employment Screening – Use of Credit Reports
MicroBilt - California Use of Credit Reports for Employment Purposes.pdf
Return to Top