Credit-card disclosures: fine print not fine for some

Henry Gilgoff

Richard Zaun hasn't stayed on the sidelines as the Federal Reserve Board reviews policies on credit-card disclosures. He has registered dissatisfaction with the status quo.

A retired state banking examiner, Zaun tries to keep up with credit rules. So when the Shelter Island resident read that the Fed was asking for public comment on one of its key regulations, adopted under the Truth in Lending Act, he responded.

"The disclosure rules should be increased, as well as the type font in which they are usually printed," Zaun, 56, wrote the board by its March 28 deadline. He also raised concerns about the adequacy of disclosures in an area of increasing controversy. "Most people," he wrote, "do not understand the harsh penalties attached to a majority of credit agreements until they omit making a timely payment."

Depending on the card, penalties that boost a regular annual percentage rate (APR) to a so-called default rate can be imposed under various circumstances, including a late payment or a run-up of debt that pushes outstanding balances close to credit limits. A default rate disclosed in one recent solicitation: 29.74 percent.

The Fed says its review is routine, to see if an update is needed. But the opportunity to influence policy was timely, as card issuers increasingly have made provisions for default rates and reaped a higher percentage of profits from late charges and other fees. In all, 197 submissions were made by trade associations, consumer groups, financial-services companies, individuals and others.

Among questions the Fed asked in the notice it issued to set the parameters for its review was this one: "Is the 'Schumer box' effective as currently designed?" Named after Sen. Charles Schumer (D-N.Y.), the box is a table of terms that must be in credit-card solicitations and application materials, including information such as the annual percentage rate of interest on purchases and any annual fees. Many regulators, industry representatives and advocates call it the "Schumer box" because he sponsored the disclosure legislation while in the House in 1988.

Schumer said in a recent interview that he had intended to make it easier for consumers to compare credit-card solicitations, and, thereby, spur competition. The box, the senator said, helps shoppers save. Referring to the Fed, Schumer said: "If they want to make it stronger, so much the better, but I'll fight tooth and nail any backtracking."

Carolyn Carter of the National Consumer Law Center, a Boston-based advocacy group active in credit issues, said, "I think the Schumer box is a great thing." However, she added, "it obviously isn't enough on its own to eliminate the abuses in the credit card industry."

In one submission to the Fed, card issuer Capital One said the box is "very effective" in providing standardized disclosures. But the company also called for standardized explanations of "default repricing" - the changing of an APR based on such criteria as late payment to the card issuer or another creditor - and advocated placement of those explanations in the box or in a fact sheet it proposed in its submission. Currently, the Fed does not permit those conditions to be included in the box. They have to be disclosed "clearly and conspicuously," and usually are put "right under the box," said Nessa Feddis, senior federal counsel for the American Bankers Association. Capital One declined to comment on its filing.

When the Fed announced after an earlier review, in 2000, that any penalty or default APR must be in the box, it said the related explanatory information had to be disclosed outside it in order to keep the box "uncluttered." Feddis says she supports keeping the explanations outside the box for the same reason.

The National Consumer Law Center wrote the Fed that it believes default-rate increases often are unfair, penalizing even some people who pay bills on time - a practice defended by the bankers' group as a way to keep interest rates aligned with assessments of changes in risk. Also, the center said it sampled default-rate explanations and found some "less than prominent or understandable." The comments were made for a coalition of consumer groups.

A submission by Minnesota Attorney General Mike Hatch commented broadly on disclosures of credit-card terms, saying they "probably are fully meaningful only to a few thousand lawyers" and others in the consumer credit field. The federal rules on credit, he argued, are "inadequate" to help or protect consumers.

One solicitation checked by Newsday showed how much a customer may have to do to find all the relevant credit policies. In that case, the default APR was inside the box, as required, and it was followed by a note, also inside the box: "See explanation below." A footnote under the box said the higher APR may be imposed if "you fail to make a payment to us when due, you exceed your credit line, or you make a payment to us that is not honored."

Footnotes on rate increases did not end there. Another added that factors considered in determining a default rate "may include how long your account has been open, the timing or seriousness of a default, or other indications of account performance." Still another under-the-box disclosure said the issuer may change an APR any time for any reason with notice, and it explained that such an increase could be based on a check of a customer's credit report.

If that trip through a solicitation has you shaking your head, and you're shopping for a card, consider a guide from the Fed: "Choosing a Credit Card." (Go to www.federalre serve.gov/pubs/shop/default. htm.) Don't look for Schumer's name there, though. An example of the table of information is included, referred to as a "disclosure box," with explanation of its contents.

Contact Henry. Gilgoff@news day.com

Inside - and outside - the box

Federal law and a regulation governing the "Schumer box" - a table of data that appears in credit-card solicitations and applications - dictate what must be inside the box, what must be outside it, and what can be inside or outside at a card issuer's discretion.

Items that must be inside the box named after Sen. Charles Schumer (D-New York), who sponsored the 1988 law that led to the first version, include:

The annual percentage rates of interest for purchases, cash advances and balance transfers.

The name of the balance computation method if "you carry over a balance and will pay a finance charge," according to a Federal Reserve brochure. (If that method is not a common one, listed in a federal regulation, an explanation on how it works is required, according to the Fed's staff. )

Any minimum finance charge per billing cycle.

Any annual fee.

The grace period for purchases, if any. If no grace period is provided, that fact must be disclosed.

The APR for purchases must be printed in at least 18-point type; that's a quarter-inch high. No size is specified for the other APRs, such as an introductory rate or a so-called penalty rate, but they're supposed to be "readily noticeable." Twelve-point type meets that standard, the Fed's staff says; disclosures in less than 8-point type would likely be considered too small. (The type you're reading here is 9-point.)

Although any penalty APR must appear in the box, information explaining what triggers imposition of that rate must appear outside the box.

Any fees for late payments, balance transfers, over-the-credit-limit purchases and cash advances must be disclosed somewhere in the solicitation and application, but they can appear inside or outside the box.

Data Brokers Step Into Senate Panel's Fire

By Roy Mark

WASHINGTON -- LexisNexis and ChoicePoint took their lumps before Congress today after admitting to more customer data security breaches not previously disclosed by the data brokers.

The breakdowns all occurred prior to 2003, when a California state law began requiring brokers to disclose breaches to consumers.

While no numbers were disclosed to a testy Senate Judiciary Committee, the two companies said they did not inform consumers of the pre-2003 breaches.

Since 2003, compliance with the California law has resulted in a series of embarrassing public-data hijacking admissions. A little more than a year after the law went into effect, there have been at least 12 disclosed database breaches exposing more than 10 million people to possible identity theft.

Wednesday's new disclosures by LexisNexis and ChoicePoint added momentum to a growing consensus in Congress that a national disclosure law based on the California measure is needed.

"This is my point, if it weren't for the California law we would have no way of knowing breaches had occurred," Sen. Dianne Feinstein (D-Calif.) told the packed hearing. "We in no way shape or form are able to pierce the depth of what has happened in that industry [pre-2003]."

Feinstein is pushing a new bill she introduced earlier this week requiring a business or government agency to notify an individual in writing or by e-mail when it is believed that personal information has been compromised.

Sen. Charles Schumer (D-N.Y.) is stumping for his own version of the same bill, but to also establish tougher regulations for the data brokers themselves.

"We would actually regulate the use of people's personal data," he said.

Included in Schumer's legislation is a disclosure provision for any company that plans to sell or transfer personal data. Modestly touting the provision as a "Schumer Box," the disclosure would let consumers know "this information may be sold or given to an unaffiliated third party without your additional consent."

On the Republican side, Sen. Arlen Specter (R-Penn.) predicted, "I believe there will be some firm federal legislation coming out of this hearing."

Specter, chairman of the Judiciary Committee, grew particularly annoyed at an evasive ChoicePoint President and CEO Douglas C. Curling. Under a series of tough questions from Specter, Curling ultimately said he couldn't explain why his company chose not to make pre-2003 disclosures.

Specter grumbled that Curling's answer was "very, very disconcerting," growling "some tough legislation will have you do your duty."

The lawmakers' call for, at a minimum, a national disclosure law drew no opposition from LexisNexis, ChoicePoint and other witnesses at the hearing, including the Federal Trade Commission (FTC), the FBI and the Secret Service.

Curling said ChoicePoint's position was "clear and unequivocal" in support of national disclosure. Kurt P. Sanford, president and CEO of LexisNexis' U.S. and corporate markets, echoed Curling's support, although both urged that any national law pre-empt state laws.

Vermont Attorney General William H. Sorrell urged the lawmakers not to make any law pre-emptive of state laws.

"The time for federal action is now," he said. "I hope Congress will follow the lead of California, but make [a new law] a floor and not a ceiling."

Feinstein objected to that notion, saying, "Different standards for notification make it difficult. It seems to me it needs to be the same."

LexisNexis' Sanford also made a distinction about when consumers need to be informed of a data breach, suggesting notification is only necessary "when there is a substantial risk of harm to consumers."

FTC Chairman Deborah Majoris agreed with Sanford.

"Eventually consumers will become numb if they are continuously notified of every breach," she said.