“Unfair or deceptive acts or practices in or affecting commerce are hereby declared unlawful.”
THIS ONE SENTENCE, courtesy of Section 5 of the Federal Trade Commission Act [ 15 USC 45(a)( 1)], is the statutory genesis of the rule we know fondly as “UDAP.” While all businesses are generally covered by Section 5 of the FTC Act, federal banking regulators have the authority to cite institutions
for engaging in practices that are considered unfair or deceptive.
In recent years, examining agencies have increased their UDAP-related scrutiny
and stepped up enforcement activities in this area. Cease and desist orders citing
UDAP violations are on the rise and by all indications will continue to grow. With
the passage of the Dodd-Frank Act in 2010, supervisory focus on UDAP will become
even more intense. The Dodd-Frank Act not only restates the general prohibition
against “unfair or deceptive” practices, but it also adds a new standard—“abusive
practices”—for which banks may soon be cited. Overall, the UDAP net has grown
wider and is being cast even farther by policymakers and regulators. In the end, this
means there is greater likelihood that banking practices may be caught in the snare
of a UDAP finding.
Core UDAP concepts
Before we delve into the most recent developments in UDAP law and enforcement, let’s
review the foundational aspects of the rule. To bring clarity to the types of practices
that are prohibited, the FTC developed policy statements containing key definitional
elements of conduct or practices that may be considered “unfair” or “deceptive.”
Over 30 years later, these general standards continue to serve as the foundation
for UDAP analysis and enforcement. Over 10 years ago, when bank regulators began
seriously enforcing the UDAP rule, they generally adopted the FTC standards, but
built upon them with additional industry-specific guidance.