It’s been over a year since the Consumer Financial Protection Bureau (CFPB) issued an interpretive rule that enhanced the regulation of digital financial services marketing under the Consumer Financial Protection Act (CFPA), ushering in a new era of regulatory scrutiny for marketers in the space.
Given the increase in digital advertising investment from financial institutions (FIs), it’s more critical than ever for advertisers working for FIs to understand and adhere to these regulations. However, legal documents like the 13-page CFPB ruling can be difficult to understand.
If you’re a finserv marketer looking to make sure you understand everything you need to know about this ruling, you’ve come to the right place. This piece will break down what the ruling means, how it’s changed the advertising landscape, and how marketers can adapt.
Even before the CFPB ruling, there were some regulations in place to ensure financial institutions marketed their products and services in a way that was clear and non-deceptive. After all, these products are inherently quite personal and, as such, they need to be advertised in a way that builds—rather than erodes—trust.
Pre-CFPB ruling, financial institutions were responsible for ensuring their advertisements met messaging and targeting requirements outlined in the CFPA. Specifically, FIs had to make sure none of their ads were “unfair, deceptive, or abusive acts or practices” in how they portrayed and/or targeted their products or services. To comply, FIs adopted many internal processes to ensure that all aspects of their advertising—from the creative, to the messaging, to the targeting—were reviewed by internal legal compliance teams and/or evaluated by compliance third parties.
But as investment in digital channels has grown, FIs have spent more and more money purchasing advertising services from third-party companies. These agencies and other service providers are helping brands develop messaging and creative, and, in some cases, actually executing on different campaigns. In other words, there are a lot of different third-party organizations and companies that can make up the matrix of an FI’s advertising operations, and while some FIs handle everything internally, some leverage full-service external offerings, and others use a combination of the two.
Here's why all of this matters: Before the CFPB ruling, it was the financial institutions who were responsible for ensuring their ads and campaigns maintained regulatory compliance. But what happens when an external agency oversees crafting messaging and developing creative, or when a third-party service provider handles targeting? That’s where the CFPB interpretive ruling comes in.
With the CFPB’s interpretive rule, it’s no longer just financial institutions that are culpable for regulatory compliance and who bear responsibility for the messaging and targeting of their ads: Agencies and third-party service providers are also responsible. In other words, all the digital marketers who contribute to an FI’s campaigns are as subject to the CFPA as the FIs themselves.
Now that financial services marketers can also be held liable if they violate the CFPA, it’s no longer an option just assume (or hope) that that FIs are maintaining compliance and not doing anything that’s considered “unfair, deceptive, or abusive”. Instead, Service providers must ensure they are doing due diligence on their end so that their campaigns—specifically, the messaging and targeting of their campaigns—comply with all necessary regulation.
So, how can agencies and other service providers set themselves up to comply with this CFPB ruling? Here are a few key strategies:
With the new CFPB ruling, agencies and other service providers need to take a step back and ask: “How well do we understand the CFPA, and what systems do we have set up to ensure we adhere to it?” If your team already has deep expertise—great! If not, there’s an opportunity to collaborate with your legal/compliance department to dig into these regulations and up your team’s expertise.
When your team has an expert-level understanding of these regulations, you’re in a better position to lend that expertise to your clients. Which leads us to our next strategy…
Service providers need to communicate clearly and work closely with clients to ensure campaigns meet all regulations and to demonstrate that they can trust you and your capabilities when it comes to compliance. This might mean lending that aforementioned expertise on how to best leverage different digital channels within campaigns while maintaining regulatory compliance. It could mean developing new review processes across both service providers and FIs. Or it could mean building new methods of communication around campaigns to ensure all parties are on the same page about messaging, creative, and targeting tactics.
In the context of this ruling, it is critical for teams to have an in-depth understanding of how data is collected and leveraged. This is especially important when there are multiple sources of data used in a campaign—for instance, if an FI uses both first-party data as well as second- or third-party data they’ve purchased through a data collection agency. Both agencies and FIs themselves need to get clarity on how data is collected and stored (and anonymized, if applicable), as well as how consumers can opt in or out, depending on their personal privacy preferences. In other words, it must be clear to all involved parties where data comes from and how it is being utilized.
Though the CFPB ruling may have made things a bit more complex for many financial services marketers, it will also help agencies and other service providers ensure they are connecting with customers in a way that builds trust. By embracing the opportunity to deepen their knowledge of consumer financial protections, strengthening partnerships with the financial institutions they serve, and clarifying how data is collected and stored, agencies and other service providers in the financial services space can meet today’s regulatory demands while satisfying consumer expectations—in other words, a win-win.
Making sure campaigns are compliant with the CFPA is one critical piece of running successful campaigns in the financial services industry—but it isn’t the only one. In today’s privacy-centric world (and with the deprecation of third-party cookies in Google Chrome fast approaching), advertisers also need to make sure they’re connecting with consumers in privacy-friendly ways. Like adhering to the CFPA, using privacy-friendly advertising solutions can help financial services advertisers strengthen trust with key audiences.
Eager to learn more about advertising in a privacy-friendly way? Check out our guide, Beyond Third-Party Cookies: Your Guide to Privacy-Friendly Advertising.