Overall, bank regulator guidance provides insights into how
UDAP standards will be applied to the business of banking. We
get further insight into how bank regulators, state attorneys
general, and even civil courts interpret and apply the “deception”
and “unfairness” standards through settlement agreements and
other public announcements related to UDAP cases.
Practices That Have Been
m;Marketing practices that did not convey the whole
truth or explain requirements to obtain a benefit, or
that contained claims that could not be substantiated.
m;Promises that did not materialize.
m;Rates “as low as” or “as high as” were not available to the
majority of customers.
m;Teaser rates that did not explain the duration.
m;Claims that could not be substantiated.
m;Asterisks that are buried.
m;Using the term “free” when fees could result.
m;Security deposits/fees for subprime cards that consumed
most of the available credit.
m;Hidden terms such as balloon payments.
m;Gift cards without pre-sale disclosures, especially where
fees could be imposed on the balance.
m;TM balances that included overdraft protection.
An act or practice is considered to be deceptive if it has the
following three elements: ( 1) the representation, omission or
practice is likely to mislead consumers ( 2) who are acting reasonably in the circumstances presented, and ( 3) the representation,
omission or practice is material.
Note that under this standard the conduct needs only to
be likely to mislead—there is no requirement that consumers
were, in fact, misled. It is also important to remember that the
focus is on the “reasonable consumer,” which generally means
the average person who is the intended target market of the
product or service. (See sidebar above for examples of practices
that have been deemed deceptive.)
Regulators have more recently begun to rely on the unfairness
standard, which defines an unfair practice as one that
m;Causes or is likely to cause substantial consumer injury.
m;The injury cannot be reasonably avoided.
m;The injury is not outweighed by benefits to consumers or
This standard generally focuses on the bank’s course of
conduct or business practices that result in financial harm.
Here, the focus is generally on the lack of consumer choice,
or situations where consumers appear to be taken advantage
of—by being coerced into making a purchasing decision or
by being powerless to avoid financial harm at the hands of the
bank. (See sidebar on page 24 for examples of practices that
have been deemed unfair.)
UDAP compliance standards have evolved over the years. As
noted above, there was a time when UDAP compliance was
primarily centered on a bank’s disclosure practices—with a
focus on accurate advertising copy, well-worded disclaimers
and the like. The goal was to be certain that marketing messages and other disclosures were not misleading or deceptive.
In response, banks generally developed a series of compliance
controls focused on the marketing function—to ensure that the
bank’s promotional materials and product-related statements
accurately described the products’ features and benefits.
In today’s regulatory regime, regulators continue to cite and
prosecute UDAP cases based on this more traditional UDAP
analysis, so a bank must not lose focus on ensuring that its
marketing and product promotion practices are sound. But in
recent years there seems to have been a shift—or perhaps an
expansion of the traditional interpretation of UDAP—beyond
the realm of appropriate disclosures and into a more paternalistic
pattern. We will explore this development and suggest ways to
protect yourself in this ever-expanding field.
The UDAP net has grown wider and is being
cast even farther by policymakers and
New directions in enforcement
The traditional interpretation of UDAP began to shift in 2008
when regulators used it to establish a duty to protect customers and customers’ customers from fraud, although there was
never an allegation that the financial institution in question
was the perpetrator.
Protecting customers from fraudsters
In a July 2008 case involving MoneyGram, a global payment-services company with its headquarters in Dallas, Texas, the