Financial services are primarily based on taking in deposits of money from one group and then putting that money to work by lending it to others to use. Please see Deposit Account Compliance for what is required for the deposit side of financial services. This guide will walk you through what is required for Platforms to be compliant in offering credit and lending financial services.

Onboarding

When you are adding a new Client to your Platform to take advantage of your credit or lending product offerings, they also will need to be onboarded to the Mbanq platform as a program manager for the Partner Bank. Regulations require that the client is satisfactorily known by the Platform and to Mbanq. In addition, how you, the Platform, market to and solicit the Client must be compliant with regulations as well.

Soliciting the Client

Government regulations are clear regarding how you represent credit and lending services and target your potential clients with your sales and marketing programs.

UDAAP

Unfair, Deceptive, or Abusive Acts or Practices (UDAAPs) are legal standards that protect consumers from unethical or misleading marketing practices and tactics by financial product and service providers. UDAAPs are regulated under the Federal Trade Commission Act (FTC Act) and the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act.)

These regulations stipulate that you cannot mislead Clients with your marketing materials, such as bait and switch, where you market one product or interest rate and instead only have them qualify for another less advantageous rate. You also cannot discriminate against any particular protected groups such as race, religion, age, etc. Government agencies may require that you produce data that proves you are not discriminating against these groups or marketing around them. The primary federal agency that monitors and brings actions in such cases is the Consumer Financial Protection Bureau. Many states also have their own business and banking regulations in this area.

To help you stay in compliance with these regulations, Mbanq and the Partner Bank will review your marketing materials, websites and apps to ensure they follow the regulations.

The Offer of Credit

Beyond being potentially unfair, credit and lending products are required to be presented in a way that allows consumer Clients to clearly understand what is being offered through the extension of credit and what is required of them in return. This includes an explanation of why they may have been denied credit and in many cases what they can do to either challenge the decision or better their chances the next time they apply.

ECOA

The Equal Credit Opportunity Act (ECOA) is a federal law that prohibits creditors from discriminating against applicants for credit based on certain factors. The ECOA applies to all types of credit, including credit cards, car loans, home loans, student loans, and small business loans. ECOA expands beyond UDAAP to enforce that there can be no discrimination in who the Platform extends credit to. Like UDAAP, the Platform may be required to present documentation including the demographics of who was offered credit and who was denied.

Mbanq and the Partner Bank will review your underwriting guidelines to help you ensure that your program does not discriminate against any class of potential borrowers.

Truth in Lending Act - Reg Z

The Truth in Lending Act (TILA), also known as Reg Z, is a federal law that requires lenders to provide borrowers with standardized information before extending consumer credit. The law was created to promote honesty and clarity in consumer credit, and to protect consumers from unfair and inaccurate credit billing practices. The regulation states that you must present the consumer Client with a document that shows how much they are borrowing, the interest rate on an annual basis (APR) and over the life of the loan how much they would have paid in interest and finance charges. Below is an example TIL disclosure.

Adverse Action Notice (AAN)

Federal regulation requires that the Platform inform consumer Clients the reason why their application for credit was denied. This notice will inform the Client as to what criteria for credit extension was deficient as well as the source of any decisioning data that was used, for example a FICO credit score from a Credit Bureau. For rating scores and other derived values, the Adverse Action Notice needs to provide contact information for the Credit Reporting Agency that provided the data in case the Client wants to challenge it, as well as some basic steps on how to improve their scores before they apply the next time. Below is an example AAN:

The Mbanq Compliance team will assist you in creating these templates as well as providing the data via our APIs to populate them.

Knowing the Client

In the past, bankers typically knew who they were lending money to. Today, it is not uncommon for a Platform to have no prior relationship with a potential Client. Further it is not uncommon for the Client to not really be who they say they are. By using fake or synthetic identities a fraudulent Client can take out a loan or credit in the name of someone else, not only receiving loan proceeds fraudulently, but also in the process damaging the credit history of the person whose identity they have stolen.

CIP and KYC

A Customer Identification Program (CIP) is a US requirement that financial institutions must follow to verify the identity of customers before they can conduct financial transactions. The CIP is part of the USA Patriot Act and Know Your Customer (KYC) guidelines.

To ensure you know who your Clients are and have the data to back that up, at a minimum the Platform will be required to collect the following information for every potential Client:

Name
Address
DOB
Phone
Email
Tax ID (like SSN)
Country of Residence
Photo ID - Driver's License, Passport, College ID
- Gov't ID Front
- Gov't ID Back
Video Auth (capturing a video selfie to match up with the photo on the ID)

For more details please refer to our Know Your Customer Guide.

This data will be matched with other databases using third party vendors to better ensure its authenticity. For more information regarding your obligations as a Platform offering financial services, please reach out to your Mbanq compliance professional.

Known Fraud and Watchlists

Your Client data must also be checked against various third party and government watchlists for known fraudsters.

OFAC

The Office of Foreign Assets Control ("OFAC") of the US Department of the Treasury administers and enforces economic and trade sanctions based on US foreign policy and national security goals against targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the United States.

Mbanq will check your potential Clients against OFAC and other lists.

Military Service

With credit and lending products, consumer Clients that are in the military and their families are offered special protections when it comes to interest rates, collections and the like.

MLA

The Military Lending Act (MLA) is a Federal law implemented by the Department of Defense (DoD), which protects active duty members of the military, their spouses, and their dependents from certain lending practices such as capping interest rates on many loan products.

The Platform is required to check the applicant's military status at the time of onboarding, and should they be extended and accept an offer of credit or a loan, their status must be checked every 30 days thereafter.

SCRA

The SCRA (Servicemembers Civil Relief Act, (SCRA) is a federal statute that allows military personnel, and sometimes military dependents, to postpone or suspend some civil obligations so they can devote their energy and attention to the defense needs of the nation. A key component of the SCRA is the capping of the credit interest rate at 6%.

At the time of onboarding or initial offer, the credit interest rate offered to an active duty military service member cannot be presented for more than 6%.

Privacy

As part of onboarding a Client, you will accumulate a number of pieces of personal information about the Client that you, as the Platform, are required to protect as if it were your own. This means that you have to safeguard this information from being viewed or stolen when in motion between systems as well as at rest in a database or file system.

CCPA and CPRA

The California Consumer Privacy Act (CCPA) has an array of consumer privacy rights and business obligations related to the collection and sale of personal information.

GDPR

The General Data Protection Regulation (GDPR) is a European Union regulation on information privacy in the European Union and the European Economic Area. It protects personal information. It outlines several requirements businesses must follow to process that data legally.

As a Platform, you will be asked to have a data privacy policy as well as to provide details on your data protection systems and practices. Your Mbanq compliance expert and onboarding teams can help you to assemble the necessary documentation.

Daily Credit Operations

Like other financial services, a key component is monitoring activity daily, calculating fees and interest, and providing the Client with monthly statements. The Mbanq platform automates all of these activities and more.

Transactions and Interest

Transactions, interest accrued and fees need to be captured and calculated daily. Details on how interest is calculated must be supplied to the Partner Bank as well as regulatory agencies and disclosed to the Client. The Platform needs to provide the Client with access to their daily transaction records. Fortunately, Mbanq's credit and lending platform automates all these processes and calculations.

SCRA

If at any time the Client is called to Active Duty in the military, the Platform must reduce the interest rate of any ongoing credit extended to the Client to no more than 6%. In addition, any delinquencies or collections activities must be suspended while they are on Active Duty.

Monthly Statements

The Platform is required by regulation to supply the Client with a monthly statement of their credit account. This should include all credit transactions (such as purchases via a credit card), fees and interest assessed, as well as any payments made, which is then totaled as the outstanding balance.

Truth in Lending Act - Reg Z

Transaction Disputes

Clients have the right to dispute purchase or credit transactions that they see on their monthly statements. The Platform is responsible to being able to deal with such disputes in a compliant manner. Please see Card Disputes for more information.

Credit Reporting

Platforms are required to report the Client's payment history and performance to at least one Credit Reporting Agency (CRA), such as Experian, TransUnion or Equifax. This reporting needs to be updated monthly.

FCRA

The Fair Credit Reporting Act (FCRA) is U.S. federal legislation that promotes the accuracy, fairness, and privacy of consumer information contained in the files of Consumer Reporting Agencies. It is intended to shield consumers from the willful and/or negligent inclusion of erroneous data in their credit reports.

FCRA stipulates how credit data is to be reported to the CRAs which is typically sent in accordance with the Metro2 standard data format. Mbanq can provide this reporting on behalf of the Platform, although the Platform may have to register directly with the CRA.

Under FCRA, consumer Clients have the right to challenge or dispute what they are seeing recorded on their credit reports. This means that to be compliant with FCRA, the Platform, has to be able to address these disputes in a timely manner (as stipulated in the regulation). Mbanq can provide this service to the Platform or assist the Platform in setting themselves up to handle these disputes in a compliant fashion.