Maryland has issued a temporary emergency regulation allowing remote work for state-regulated entities, including collection agencies.
The regulation will be published in the Maryland Register Jan. 29 and will be valid for six months while the Maryland Commissioner of Financial Regulation works to enact a final rule on remote work arrangements.
“This regulation balances appropriate consumer protections with a recognition of today’s workforce needs and the progression towards more consistent remote work and work location flexibility,” the notice from the commissioner states.
Maryland was expected to be one of the next states to consider permanent work-from-home rules after Washington recently finalized its rule, which will take effect Feb. 17, 2021.
Andrew Madden, ACA International’s vice president of state government and unit affairs, and Jedd Bellman, president of the North American Collection Agency Regulators Association (NACARA) and assistant commissioner for non-depository supervision at the Maryland Commissioner of Financial Regulation, recently discussed the regulation and remote work trends in an ACA Huddle webinar available to members.
The webinar was part of ACA’s Huddle series on the Consumer Financial Protection Bureau’s debt collection rule. It focused on how the rule intersects with state laws as well as a discussion of state regulations in development because of the COVID-19 pandemic. A recording of the webinar is available on the ACA Huddle series website under Part One Recordings.
During the November webinar, Bellman and Madden discussed the progress on Maryland’s temporary rule at that time and how regulators can provide flexibility for financial services companies through remote work guidance.
Maryland currently has rules in place regarding remote work for mortgage loan originators, and the emergency regulation for additional licensees allows flexibility in office locations if technology and security protocols are in place.
For example, employers “shall provide a workspace that is secure, provide for appropriate protection of personal information as required under applicable law, and have the appropriate technological security measures and physical safeguards in place to protect personal information,” according to the notice.
- A licensee that allows any employee to work at an authorized location shall develop, implement, and maintain a security program that is consistent with all applicable laws and regulations, meets or exceed standards of the industry in which the licensee conducts its business, addresses known vulnerabilities, and is commensurate with the licensee’s size and complexity of the licensee and its information and technology systems.
- In connection with the security program, a licensee shall complete a comprehensive remote access and data security risk assessment, including identification and assessment of risks and vulnerabilities created by allowing employees to work at authorized locations and to access the licensee’s information technology systems, other systems, and data from such locations.
- The licensee must also identify devices, data, information technology system, and other systems that need to be protected.
For more information on how the ACA licensing staff can assist with your licensing application completion needs, please contact us at email@example.com or call (952) 926-6547.