On January 27, 2015, the Consumer Financial Protection Bureau (“CFPB”) issued Compliance Bulletin 2015-01 as a “reminder” of certain confidentiality and disclosure requirements related to CFPB examinations and investigations. Though the CFPB’s Bulletin did not cite examples of historic violations, those subject to the CFPB’s authority should assess their practices, particularly in litigation, with respect to the disclosure of information and be sensitive to the Bulletin’s message in doing so.
The Bulletin provides warnings of two types of potential violations. One type arises out of a financial institution’s obligations with respect to “confidential supervisory information (CSI).” Examples of CSI include but are not limited to:
- CFPB examination reports and supervisory letters;
- All information contained in, derived from, or related to those documents, including an institution’s supervisory Compliance rating;
- Communications between the CFPB and the supervised financial institution related to the CFPB’s examination of the institution or other supervisory