FCRA Case Law

Hyundai Hurting Credit Reports

On July 26th on the Consumer Financial Protection Bureau (CFPB) penalized Hyundai Capital America (Hyundai) for providing inaccurate information to nationwide credit reporting companies and did not take the proper measures to address or correct this information when it was identified between 2016 and 2020.

Hyundai Capital America serves approximately 1.7 million drivers of Hyundai, Kia and Genesis vehicles and has agreed to pay a $6 million civil fine and $13.2 million in restitution to current and former customers, making this the CFPB’s largest Fair Credit Reporting Act case against an auto servicer.

The CFPB found that Hyundai used manual and outdated systems, processes, and procedures to furnish credit reporting information. This resulted in Hyundai providing negative inaccurate information over 8.7 million times across 2.2 million accounts from January 2016 to March 2020, damaging customers’ credit reports and often resulting in lowered credit scores.

In a statement Hyundai Capital America stated that it launched an “end-to-end review” of it’s credit reporting, and was committed to giving customers “timely, accurate, high-quality service and care.” In the investigation the CFPB received many consumer complaints that Hyundai was inaccurately reporting their accounts. Hyundai identified many of the issues causing these inaccuracies in its internal audit books but it still took years to address the problems.

The CFPB concluded that between January 2016 and March 2020 Hyundai violated the Fair Credit Reporting Act (FCRA) and it’s implementing regulation, Regulation V, by:

  • Failing to report complete and accurate loan and lease account information: Hyundai repeatedly did not take steps to promptly update and correct information it furnished to credit reporting companies that it determined was not complete or accurate, and continued to furnish this inaccurate and incomplete information.

  • Failing to provide date of first delinquency information when required: FCRA requires data furnishers to provide credit reporting companies the date of delinquency for when a delinquent account is being charged off or placed for collections. Hyundai failed to report a date of delinquency for many consumers who were more than 90 days delinquent.

  • Failing to modify or delete information when required: Hyundai’s furnishing system often overrode manual corrections made by employees in responding to consumer disputes. The furnishing system would provide monthly updates to credit reporting companies that reintroduced the data error after it had been disputed and corrected.

  • Failing to have reasonable identity theft procedures: FCRA requires furnishers to respond to any notifications from credit reporting companies about furnished information that is the result of identity theft. Hyundai failed to establish reasonable identity theft and related blocking procedures to respond to identity theft notifications, and continued to report such information that should have been blocked on a consumer’s report.

  • Failing to have reasonable accuracy and integrity policies and procedures: Regulation V requires furnishers to maintain written policies and procedures regarding the accuracy and integrity of the information furnished. Hyundai failed to review and update its credit reporting furnishing policies and procedures from 2010 to 2017. It was not until 2021 that the company finally updated some of its credit reporting policies and procedures.

Enforcement Action

The CFPB was created by the Consumer Financial Protection Act, and has the authority to take action against institutions violating consumer financial laws, including engaging in unfair, deceptive, or abusive acts or practices and violating FCRA, which protects consumers from the transmission of inaccurate information about them. Today’s order requires Hyundai to:

  • Pay $13.2 million in compensation to current and former customers: As identified by the CFPB, consumers about whom Hyundai, after determining the information was inaccurate, furnished to credit reporting companies inaccurate information that the consumers were 30 or more days past due on an automobile retail installment contract or lease will receive compensation for the harm incurred.

  • Pay a $6 million fine: Hyundai will pay a civil money penalty to the CFPB, which will be paid towards the victims relief fund. This fund provides compensation to consumers harmed by violations of federal consumer financial protection law.

  • Take steps to correct all inaccurate account information: Hyundai will review all account files that it currently furnishes to credit reporting companies and correct all inaccuracies and errors described in the order and send updated information to the credit reporting companies. Hyundai will also examine its monthly furnishing data processes for the errors described in the order, take reasonable steps to identify such errors, and resolve identified errors before providing the data to any credit reporting company.

  • Address procedures identifying and correcting inaccurate information: Hyundai will establish and implement written policies and procedures regarding the accuracy and integrity of the information relating to consumers that it furnishes to a credit reporting company. Hyundai must specifically include processes for identifying and promptly correcting systemic errors in Hyundai’s credit report furnishing system. Hyundai will also examine current policies and procedures and implement changes to the practices of its employees to ensure that its employees properly route, categorize, investigate, and respond to all direct and indirect credit reporting disputes.

Plaintiff Alleges Obtaining Credit Report for Marketing Purposes is Not Permissible. 

Last month, on February 16, 2021, the United States District Court Middle District of Florida Tampa Division denied a motion to dismiss by Defendant when Plaintiff claimed that Defendant allegedly violated the federal Fair Credit Reporting Act (FCRA). Plaintiff claims that Defendant requested their credit report from two Consumer Credit Reporting Agencies without a “permissible purpose” under the FCRA. 


Plaintiff alleged the Defendant had obtained their credit report without their consent for “marketing purposes” which is not a permissible purpose under the FCRA. The FCRA prohibits a person from using or obtaining a consumer report for any purpose unless “the consumer report is obtained for a purpose for which the consumer report is authorized to be furnished” under the FCRA and “the purpose is certified in accordance” with the FCRA.


Plaintiff alleged that Defendant engages in consumer lending of high-interest bearing loans and had obtained Plaintiff’s credit report two times without her consent to assess whether she would be a good loan prospect for Defendant’s marking efforts.


The United States District Judge Kathryn Kimball Mizelle stated in the order that the court must accept the conduct is not a permissible purpose as true at this point under the FCRA. She also stated that “Defendant fails to make any argument that it obtained Plaintiff’s credit report for a permissible purpose or under a reasonable interpretation of the statute. Accepting Plaintiff’s allegations as true and viewing them in the light most favorable to her, the Court concludes that Plaintiff has adequately pleaded enough facts to proceed past the motion-to-dismiss stage.”


In 1970, Congress enacted the FCRA to promote the accuracy, fairness, and privacy of consumer information contained in the files of consumer reporting agencies (CRA’s), protect consumers from the willful and/or negligent inclusion of inaccurate information in their consumer reports, and regulate the collection, dissemination, and use of consumer information, including consumer credit information. 


In background screening, lawsuits for alleged violations of the FCRA have become very common and can result in monetary awards in thousands or even millions of dollars. In 2020, FCRA lawsuit settlement proposals reached up to an $18 million. According to the provider Employment Screening Resources® (ESR), FCRA lawsuits will continue to serve as a legal compliance signposts for employers conducting background checks on job applicants. 

FTC is Launching Identity Theft Awareness Week


The FTC is launching an Identity Theft Awareness week. We will be doing the same. Follow us on social media to gain more insight.

Below is from the FTC website with helpful links and information.

FTC Marks Identity Theft Awareness Week with Events to Help Consumers Identify Risks of Identity Theft During the COVID-19 Pandemic

The Federal Trade Commission is launching Identity Theft Awareness Week, February 1-5, 2021, with a series of events to highlight steps consumers can take to help reduce their risk of identity theft and recover if identity theft occurs.

Identity theft happens when someone steals personal information about you such as your Social Security number or credit card information, and uses it to commit fraud. Reports about any type of identity theft topped the list of consumer complaints submitted to the FTC through the third quarter of 2020.

As part of Identity Theft Awareness Week, the FTC will participate in webinars and other events to highlight what you can do to protect your personal information, red-flag warning signs of possible identity theft, and steps to take if identity theft happens to you. Events include a webinar on Monday, February 1, with Identity Theft Resource Center and FTC experts discussing identity theft during the pandemic, and a Facebook Live discussion on Thursday, February 4, hosted by the AARP Fraud Watch Network, focused on COVID-19-related identity theft, current trends, and ways to protect yourself.

You can find the full list of events at ftc.gov/IDtheftweek, along with details on how to participate and tips on how to reduce the risk of identity theft.

The Federal Trade Commission works to promote competition and to protect and educate consumers. You can learn more about consumer topics and report scams, fraud, and bad business practices online at ReportFraud.ftc.gov. Like the FTC on Facebook, follow us on Twitter, get consumer alerts, read our blogs, and subscribe to press releases for the latest FTC news and resources.

For Consumers

Identity Theft Awareness Week Calendar of Events

More news from the FTC >>

Home Security Company Violated FCRA and Must Pay a $600,000 Civil Penalty 

On December 11th, 2020 a home security company in Utah  had an alleged violation of the Fair Credit Reporting Act (FCRA). The Consumer Financial Protection Bureau (CFPR) announced that the Arkansas Attorney Generally reached a settlement with Alder Holdings, LLC. Alder charged higher activation fees to consumers with lower credit scores without providing a notice. 


The settlement terms include a $600,000 civil penalty that Alder will pay and they will have be required to provide proper notices to their customers in the future. Alder sells home security alarm systems by door-to-door selling. They have sold products and services to over 115,000 customers. When a salesperson sells an alarm system, the customer is entered into a long-term contract that contains monthly monitoring fees and an initial activation fee. Through monthly installments, the activation fee may be deferred. 


The alarm and monitoring material is sold to the customer at a much lower price than the retail value. Alder then recoups their costs and makes a profit through the deferred activation fee, monitoring fee, and the arrangement of the long-term contract. 


Alder grants that their customers have the right to defer payment of the activation fee and this arrangement qualifies as an extension of credit for FCRA purposes, according to the complaint. Not all customers of Alder are charged the same activation fee. Each customer is evaluated by Alder, and is evaluated by their credit score. The score determines the amount that the customer has to pay for the activation fee. The FCRA’s Risk-Based Pricing Rule regulates the practice of providing a less than favorable credit terms based on a review of a consumers credit report. This requires that that a company utilizing this practice must provide a Risk-Based Pricing Notice to the affected customers. This notice has to contain information about the consumers report, the identity of the provider of the report, and the customers rights under the federal law to obtain a copy of the report and include an option to dispute its accuracy, among other things. 

Alder failed to provide these notices to their customers, and has violated the FCRA and regulation V according to the complaint. 


Alder is also currently involved in a related litigation with the State of Arkansas in Arkansas state court. According to the terms of the settlement, if Alder will agree to pay $100,000 to settle the related state-court litigation, that amount will be offset from the $600,000 civil penalty in this case. 


Artificial Intelligence for Consumer Protection

The Consumer Financial Protection Bureau (CFPB) is currently monitoring the innovation of Artificial Intelligence (AI), and more precisely the subset of Machine Learning (ML) as part of their mission of consumer protection. The CFPB was tasked by congress to ensure that markets for consumer financial products and services are operating transparently and efficiently. 

Financial institutions have already started to instill the use of AI in a range of functions such as virtual assistants that take customer requests, detecting fraud as well as other illegal activity, and compliance monitoring tools. 

AI has the potential to use traditional underwriting techniques that could enable lenders to evaluate the creditworthiness of millions of consumers who are considered to be “unscorable”. It is said that 1 in 10 adults in the United States are considered credit invisible due to not having a credit record at the nation wide bureaus. Around 19 million other consumers have too little information to be evaluated by the widely used credit monitoring model. This technology would involve models that would allow the lenders to evaluate more information about credit applicants which could lead to more efficient credit decisions and the potential to lower the cost of credit. 

On the downside, AI could potentially amplify risks that include unlawful discrimination and privacy concerns.  The bias in the model could also lead to inaccurate predictions. An important issue to note is how the AI models will address the adverse action notice requirements in the Equal Credit Opportunity Act (ECOA) and the Fair Credit Reporting Act (FCRA). The FCRA requires that the creditors provide the consumers with the main reasons for their credit denial and other adverse actions. Questions of concern will arise concerning how these institutions will comply with the requirements when they are basing their information on complex interrelationships driven by the AI. 

Hopefully financial institutions ponder how to most effectively take advantage of the AI’s potential benefits. It would be a good use of time for them to explore ways to engage with consumers with features that would allow access to educational components and sharing information with consumers on how the underwriting decisions are made and what data/factors are used. 

Promising technology could allow for a better overall experience that would benefit the consumers. 

If you are seeing inaccuracies on your credit report, fill out our form to get your questions answered. We are leading experts in the field and can help you get your credit and life back on track. 

Supreme Court Ruling Prompts the FTC, the Department of Justice, and the CFPB to Intervene

In May 2012, the Federal Trade Commission, the Department of Justice, and the Consumer Financial Protection Bureau intervened and filed a memorandum in support of the constitutionality of the Fair Credit Reporting Act (FCRA). The issue arose in Shamara King v. General Information Services, Inc. when the defendant, General Information Services (GIS), moved to dismiss the case; claiming that the FCRA was unconstitutional based upon the recent Supreme Court ruling in Sorrell v. IMS Health, Inc., 131 S. Ct. 2653 (2011). As the dissent in Sorrell noted, the ruling would potentially open a Pandora’s Box of First Amendment challenges pertaining to the disclosure of public information. The issue of disclosing public information is the very issue at the heart of a class action lawsuit which was filed in the U.S. District Court for the Eastern District of Pennsylvania against the credit reporting agency, GIS.