CFPB Probes of Big Tech and Finance Frozen Under Trump — ProPublica

Since the Trump administration moved to dismantle the Consumer Financial Protection Bureau last month, the bureau has dropped nine lawsuits that it had brought on behalf of consumers.

The actions effectively freed major financial firms like Capital One and the mortgage giant Rocket Homes from the threat of consequences for their alleged significant wrongdoing, shocking consumer advocates and raising questions about the future of America’s consumer watchdog. For their part, when the cases were dropped, the companies lauded the decisions, with a bank spokesperson welcoming the dismissal of the case, “which we strongly disputed,” and Rocket Homes calling the suit an “empty claim.”

But the administration’s new hands-off approach to enforcement at the CFPB extends far beyond those public lawsuits. Behind the scenes, dozens of ongoing investigations into alleged corporate malfeasance are now frozen at the agency, potentially denying accountability and financial relief for untold numbers of consumers, a ProPublica investigation has found.

Under a stop-work order issued by the agency’s new leaders, CFPB investigators have been unable to press forward on probes into companies whose products and services are used by tens of millions of Americans, including Carvana, the online used-car retailer; Mr. Cooper, one of the country’s largest mortgage servicers; and CareCredit, a leader in medical credit cards, according to multiple people with knowledge of the matters.

The ongoing inquiries, the existence of which ProPublica is revealing for the first time, were at various stages of development, with subpoenas issued in most of them and companies submitting records in response. And while the nature of the alleged wrongdoing wasn’t clear in all cases, people familiar with the inquiries said several probes tracked closely with problems featured in the agency’s own recent public reports.

Last fall, for example, the CFPB examined automobile finance companies and found numerous problems with industry practices, including failing “to timely provide consumers with title after loan payoff,” which can result in drivers losing their cars after traffic stops and accidents. That issue is one of several at play in probes of Carvana and VW Credit Inc., said the people, who like others interviewed by ProPublica spoke on condition of anonymity to discuss sensitive bureau actions.

Carvana didn’t respond to multiple emails seeking comment and a spokesperson didn’t return a voicemail. Spokespeople for VW Credit haven’t responded to emails seeking comment and a spokesperson didn’t return a phone call.

The investigatory pullback worries consumer advocates who fear the agency is now poised to effectively walk away from years of work that undergirds civil actions — a decision that they say will ultimately neuter the government’s ability to enforce America’s consumer financial protection laws while signaling to companies that all business practices, no matter how pernicious, are fair game. The latest agency data shows that it takes an average of 35 months from opening an investigation to either filing a lawsuit or settling the case.

“What we’re seeing is a wholesale abandonment of consumer protection, leaving people to fend for themselves when credit card companies, banks, payday lenders and payment apps violate the law,” said Lauren Saunders, the associate director of the National Consumer Law Center.

Indeed, the freeze in enforcement has stalled probes into companies that had previously agreed to legal payouts to settle allegations that they’d harmed consumers, the people said. At least two such companies were under investigation for allegedly backsliding into similar problematic behavior, the people said, even after those businesses had struck deals: data furnisher Afni Inc., which in 2020 agreed to pay a $500,000 civil penalty and more accurately report information to credit reporting agencies, and the home improvement fintech company GreenSky, which in 2021 paid a $2.5 million civil penalty and agreed to stop making fraudulent loans.

Afni didn’t respond to an email seeking comment and a spokesperson didn’t return a voicemail. GreenSky declined to comment.

The enforcement freeze effectively halts the CFPB’s efforts begun under former President Joe Biden to police tech companies, some of which have donated millions to President Donald Trump, the people said. Among the firms under agency scrutiny are Meta, the parent company of Facebook, and Greenlight Financial Technology, the maker of a popular debit-card-for-kids app.

The inquiry into Meta was being watched closely as a test case for the agency’s expansion into regulating tech companies whose businesses intersect with financial services.

According to people familiar with the probe, the CFPB was looking into whether Facebook was, without users’ knowledge, improperly holding onto confidential financial information that users entered into loan applications advertised by businesses on the platform.

The company disclosed the existence of the CFPB inquiry to shareholders last fall, saying it disagreed with the bureau’s claims that its advertising practices had violated the consumer financial protection laws and believed “an enforcement action is unwarranted.” In January, CEO Mark Zuckerberg told podcaster Joe Rogan that he didn’t know what the agency’s initials stood for and said of the bureau’s inquiry that “we had organizations that were looking into us that were, like, not really involved with social media.”

“We’re not a bank,” he added. “But they kind of found some theory that they wanted to investigate, and it’s like, OK.”

Meta donated $1 million to Trump’s inauguration. Asked for comment, a spokesperson referred ProPublica to the company’s September 2024 securities filing.

Another prominent Trump donor, venture capitalist Marc Andreessen, has similarly criticized the bureau’s efforts to oversee financial technology companies. Andreesen, whose firm was a major backer of Greenlight, told Rogan last November that the bureau works to “terrorize financial institutions, prevent fintech, prevent new competition, new startups that want to compete with the big banks.” He didn’t disclose his investment in Greenlight during the appearance.

The CFPB has been looking into allegations that the company wasn’t allowing kids immediate access to their money as it had advertised that it would, leaving some users unable to pay for purchases, the people said. Then, they said, the company allegedly failed to provide sufficient customer service.

Greenlight didn’t respond to emailed requests for comment sent to its media address, and the company’s general counsel didn’t respond to a voicemail or an email. Neither Andreessen, his assistant nor his venture capital firm’s press office responded to emails seeking comment, and his assistant didn’t return a voicemail.

The tech leaders’ criticisms mirror those of Elon Musk, the billionaire head of Trump’s Department of Government Efficiency. He posted “Delete the CFPB” on his social media site, X, after Trump’s presidential victory in November and then, just over two months later, as DOGE workers were given access to the agency, he posted “CFPB RIP.” Between those posts, Musk’s X announced that it was getting into the mobile payments business via a partnership with Visa. That would put it squarely in the jurisdiction of the CFPB; the bureau said last fall it would also start supervising large technology companies that provide digital payments.

A spokesperson for DOGE didn’t respond to a request for comment. A voicemail left with the entity handling X’s payment services wasn’t returned. In an interview last month, Musk, when asked about how his business interests and government work may intersect, said, “I’ll recuse myself if it is a conflict.”

Since Musk’s posts, the administration has sought to fire most of the more than 1,700 agency staffers, has canceled more than 200 contracts and has issued sweeping stop-work orders, court records show. Unionized employees sued the CFPB’s acting director, Russell Vought, last month to stop many of those moves, and a federal judge has temporarily blocked some of them. The court is expected to rule soon on what staffing levels the administration must maintain for the CFPB to meaningfully perform dozens of statutorily required functions that Congress built in when it created the agency in the wake of the 2008 financial crisis.

Amid the back-and-forth, Vought and Mark Paoletta, the agency’s chief legal officer, have backed off some of their positions, permitting some work and undoing some of the canceled contracts, according to court records. The result, though, said people familiar with the bureau’s operations, is a highly micromanaged work environment.

Within the enforcement division, virtually all pending investigations have been brought to a near standstill. Except for attorneys working on seven ongoing lawsuits that Paoletta has permitted to move forward, investigators still can’t speak with lawyers representing companies that have been subpoenaed, interview witnesses or take other significant actions without first obtaining his approval, bureau emails reviewed by ProPublica show. One Feb. 10 directive from Paoletta threatened enforcement division employees with “insubordination” for working without approval. Some employees’ requests for permission to work have gone unanswered. Others haven’t logged onto their computers for days at a time.

When administrations change, it is not uncommon for agency leaders to evaluate existing work and shift priorities to align with the new president’s agenda. During Trump’s first administration, Mick Mulvaney, the CFPB’s acting director, ordered agency attorneys to write summaries to justify working on more than 100 open cases, The New York Times reported. No such mandate has been issued since Trump took office two months ago.

Neither the CFPB nor Paoletta responded to ProPublica’s requests for comment.

While some of the stalled cases involve companies with no prior enforcement history, like Meta, others have had past run-ins with the agency.

The mortgage servicer Mr. Cooper, for example, had previously agreed to pay $73 million to more than 40,000 borrowers as part of a 2020 settlement with the CFPB to resolve allegations that it had engaged in multiple servicing problems, including improperly increasing monthly loan payment amounts and foreclosing on borrowers after it had promised not to do so while they were in the process of resolving the loans.

The bureau’s current inquiry revolves around the company’s disclosure that the sensitive personal information of nearly 15 million people — what the company described in a 2023 securities filing as “substantially all of our current and former customers” — was hacked, people familiar with it said. The CFPB had publicly issued guidance a year prior warning companies that “inadequate security for the sensitive consumer information collected, processed, maintained, or stored by” companies subject to agency oversight can violate consumer financial protection laws.

The company didn’t respond to an emailed message seeking comment, and the chief legal officer did not respond to a call and email.

Likewise, Synchrony Financial, whose subsidiary CareCredit is one of the top three medical credit card issuers, agreed to pay $225 million in 2014 to resolve a bureau probe into discriminatory card practices. It was subpoenaed again in 2017 by the agency for information about credit cards it promoted that allowed consumers to defer paying interest, court records show. The deals can result in consumers owing huge sums of accrued interest all at once when the deferral period ends. The American Banker reported that that inquiry did not result in any enforcement.

CareCredit is now the subject of another inquiry that, according to people familiar with it, closely tracks with a bureau report from last summer that found consumers “frequently complained of healthcare providers misrepresenting the specifics” of medical credit card promotions. Consumers also said they were “pressured by healthcare providers to open a credit card while receiving treatment.”

A spokesperson said the company works closely with federal regulators but wasn’t aware of any CFPB enforcement actions. In a July 2023 earnings call, Synchrony CEO Brian Doubles said the company was “very proud of the CareCredit products that we offer.”

The agency was also investigating Point, a major player in the so-called alternative mortgage industry, another sector that caters to vulnerable borrowers, people familiar with the investigation said.

Lenders offer an up-front payment in exchange for a percentage of the growth in the value of the home at a future date. The deals often result in huge balloon payments, and purchasers have complained “about the financing terms, surprise at the size of the repayment amounts, disputes about appraisal values” and other issues, according to a CFPB industry report issued five days before Trump’s inauguration.

A spokesperson for Point didn’t respond to an email or voicemail seeking comment.