Hello,

I’m trying to understand the differences between the Fair Credit Reporting Act and Fair Credit Reporting-Regulation V. Why is there two regulations with different requirements with almost the same name.

I also noticed that Regulation V has this > § 1022.42 Reasonable policies and procedures concerning the accuracy and integrity of furnished information.

and FCRA has > § 623. Responsibilities of furnishers of information to consumer reporting agencies [15 U.S.C. § 1681s-2] (a) Duty of Furnishers of Information to Provide Accurate Information.

I’m a little confused, can someone explain the differences or direct me to some guidance. Thank you.

One is a statute (FCRA), one is a regulation that implements parts of the the statute.

Here is my explanation that I use:

Congress substantively amended FCRA with the passage of the Fair and Accurate Credit Transactions Act of 2003 (FACTA or FACT Act). The FACT Act created many new responsibilities for consumer reporting agencies and users of consumer reports.

Historically, rulemaking authority for the FCRA was divided among the Board of Governors of the Federal Reserve System (Board), the Federal Deposit Insurance Corporation (FDIC), the Federal Trade Commission (FTC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), [and the Office of Thrift Supervision (OTS).

The Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act) amended provisions of the FCRA. In addition, the Dodd-Frank Act transferred rulemaking authority for most provisions of the FCRA to the Bureau of Consumer Financial Protection (Bureau), effective July 21, 2011.

The Dodd-Frank Act did not transfer to the CFPB the authority to promulgate: rules on the disposal of consumer information; rules on identity theft red flags and corresponding interagency guidelines on identity theft detection, prevention, and mitigation; and rules on the duties of card issuers regarding changes of address. These existing provisions are not included in the CFPB’s Regulation V.

Specific requirements of the FCRA, including requirements regarding Identity Theft, have been included in the CFPB’s Regulation V.

The requirements of the FCRA regarding proper disposal of customer information must be included in a bank’s Information Security Program, as required by the safety and soundness standards of the Bank’s primary regulator (OCC, FDIC, FRB). Information on Disposal of Records remains in the Federal Reserve’s Regulation V and the corresponding requirements for national banks regulated by the OCC and for FDIC regulated banks. This authority was not transferred to the CFPB because it is a safety and soundness standard, regulated by the banks’ prudential regulators.

Ok, I understand now but I'm left with a little confusion.

I brought this up because during an audit it was noted that we don’t have written policies and procedures concerning the accuracy and integrity of furnished information” under FCRA. However, that section is not under FCRA.
So if Regulation V implements parts of FCRA, is section 1022.42 of Reg V implementing section 623 of FCRA or are those two different requirements?

Thank for your explanation!

Did you review the last provision of section 623 of FCRA (Duties of Furnishers)?

http://www.bankersonline.com/regs/fcra/fcra.html#623

(2) Criteria. In developing the guidelines required by paragraph (1)(A), the Bureau shall –

(A) identify patterns, practices, and specific forms of activity that can compromise the accuracy and integrity of information furnished to consumer reporting agencies;

(B) review the methods (including technological means) used to furnish infor- mation relating to consumers to consumer reporting agencies;

(C) determine whether persons that furnish information to consumer reporting agencies maintain and enforce policies to ensure the accuracy and integrity of information furnished to consumer reporting agencies; and

(D) examine the policies and processes that persons that furnish information to consumer reporting agencies employ to conduct re investigations and correct inaccurate information relating to consumers that has been furnished to consumer reporting agencies.

And yes, 1022.42 is implementing 623 of FCRA.

I had not seen that part.

Thank you again!

Does anyone know what the timeframe is to respond to FCRA/Reg V Direct Disputes that are also Notices of Error under RESPA/Reg X? Reg V requires 30 "days" (which I believe to be calendar days), and Reg X requires 30 "days (excluding Saturdays, Sundays, and legal public holidays)" -- so more like "business" days.

The Final Rule published in the Federal Register for the CFPB's 1/10/14 Servicing Rules has a footnote on page 43 indicating the following but provides no further guidance:

"Notably, a notice of error may also constitute a direct dispute under Regulation V, which implements the Fair Credit Reporting Act, if it complies with the requirements in 12 CFR 1022.43."

Does anyone know where I might find additional guidance on which to follow - calendar vs. business days for NOE's that are also Direct Disputes? Absent any, I'm inclined to use the more conservative calendar days.

Appreciate any help!