How Safe Are Safe Harbors?

Almost two years ago, the industry lobbied hard for a safe harbor in fair lending. Fair lending enforcement had become hot. Of most concern was the fact that information developed through research, examinations and self-assessment had been used against banks in developing cases.

The most upsetting of these cases was Shawmut. In that case, the Justice Department used data developed by the Federal Reserve Bank of Boston in a study on lending discrimination. The hitch was that Shawmut and other banks had provided data to FRB/Boston in reliance on their promise that the data and findings would not be used for enforcement. Unfortunately, DOJ wasn't a party to that promise and the rest is history.

The industry reasoned that lenders ought to be safe from prosecution for conducting self-assessment and finding and fixing any questionable lending practices order to encourage lenders to self assess their performance. Being safe from prosecution for self-diagnosis is pretty strong encouragement. Particularly when the enforcement momentum comes from the Department of Justice (whose approach is to sue now and explain later) it is important to have some sort of immunity when questioning lending practices and experimenting with alternative, hopefully less discriminatory ways to make loans.

So the industry lobbied Congress for a safe harbor and Congress provided it. What Congress actually passed was a broadly worded statute on self-testing privilege and a mandate to HUD and the Federal Reserve to develop complementary regulations under ECOA and the Fair Housing Act. That seemed reasonable. It usually makes sense to leave the detail up to the specialists rather than have Congress micro-manage.

So, what happened? The two agencies got out their rulers and ruled through the protection. What remains is a narrowly defined protection for mystery shopping and customer surveys. There is no protection for any other aspect of self assessment.

What emerged, instead of a fair lending safe harbor, is a highly technical regulation governing when and how certain types of information can be used against a lender in enforcement actions and lawsuits. In short, it is a regulation designed to set the scope and resources for enforcement and litigation. It governs when an institution may and may not withhold information from investigators. It governs when regulatory agencies or a litigant can have access to certain information and what information it has access to. The regulation is not designed to encourage banks to find creative (and safe) ways to lend to people who have been kept out of the credit market.

So, what happened to that safe harbor? More important, what has happened to fair lending? The attention of the regulation drafters was focused on the technical aspects of the law and developing regulation. Because they are also responsible for enforcement, they gave careful attention to enforcement procedures, including when the safe harbor is forfeited by supplying information about the test (even if it is a leak from a disgruntled employee!) This focus was also driven by frantic cries from fair lending and consumer advocacy groups who feared that a broader safe harbor would inhibit litigation and the scope of information subject to discovery.

What is lost in all this is the ultimate goal: promoting a climate in which banks and other lenders can scrutinize, evaluate, and question their own practices and decisions in order to get closer to the ideal of truly fair lending - without fear of having its own work product used by the prosecution. So we have a safe harbor that is in reality, only a technical addition to a pair of laws and regulations that leave lenders hanging out to dry.

If we really care about fair lending, then we should be encouraging self-assessment; not drawing rigid lines around it. Information derived from any source, including an analysis or review of application and loan files should be privileged. How else do we learn how to be fairer lenders?

Copyright © 1997 Compliance Action. Originally appeared in Compliance Action, Vol. 2, No. 18, 12/97