Mich. Comp. Laws § 487.2142

Current through Public Act 171 of the 2024 Legislative Session
Section 487.2142 - Development, implementation, and maintenance of database
(1) On or before December 31, 2006, the commissioner shall develop, implement, and maintain a statewide, common database that has real-time access through an internet connection, is accessible at all time to licensees, and to the commissioner for purposes of subsections (10) and (11), and meets the requirements of this section. Before the commissioner determines that the database is fully operational for the purposes of this act, for at least 30 days the database provider shall operate a pilot program of the database to test all of the processes of the database. The database provider shall make the pilot program available to all applicants and licensees. During the 30-day period that begins on the date the commissioner determines that the database is fully operational, the commissioner shall not approve the imposition of any database verification fees under section 34(5).
(2) The commissioner may operate the database described in subsection (1) or may select and contract with a single third party provider to operate the database. If the commissioner contracts with a third party provider for the operation of the database, all of the following apply:
(a) The commissioner shall ensure that the third party provider selected as the database provider operates the database pursuant to the provisions of this act.
(b) The commissioner shall consider cost of service and ability to meet all the requirements of this section in selecting a third party provider as the database provider.
(c) In selecting a third party provider to act as the database provider, the commissioner shall give strong consideration to the third party provider's ability to prevent fraud, abuse, and other unlawful activity associated with deferred presentment service transactions and provide additional tools for the administration and enforcement of this act.
(d) The third party provider shall only use the data collected under this act as prescribed in this act and the contract with the office and for no other purpose.
(e) If the third party provider violates this section, the commissioner shall terminate the contract and the third party provider is barred from becoming a party to any other state contracts.
(f) A person injured by the third party provider's violation of this act may maintain a civil cause of action against the third party provider and may recover actual damages plus reasonable attorney fees.
(3) The database described in subsection (1) shall allow a licensee accessing the database to do all of the following:
(a) Verify whether a customer has any open deferred presentment service transactions with any licensee that have not been closed.
(b) Provide information necessary to ensure licensee compliance with any requirements imposed by the federal office of foreign asset control under federal law.
(c) Track and monitor the number of customers who notify a licensee of violations of this act, the number of times a licensee agreed that a violation occurred, the number of times that a licensee did not agree that a violation occurred, the amount of restitution paid, and any other information the commissioner requires by rule.
(d) Determine whether a customer is eligible for repayment of the deferred presentment service transaction in installments as provided in section 35(2) and notify the licensee of that eligibility.
(4) While operating the database, the database provider shall do all of the following:
(a) Establish and maintain a process for responding to transaction verification requests due to technical difficulties occurring with the database that prevent the licensee from accessing the database through the internet.
(b) Comply with any applicable provisions of the social security number privacy act, 2004 PA 454, MCL 445.81 to 445.87.
(c) Comply with any applicable provisions of the identity theft protection act, 2004 PA 452, MCL 445.61 to 445.77.
(d) Provide accurate and secure receipt, transmission, and storage of customer data.
(e) Meet the requirements of this act.
(5) When the database provider receives notification that a deferred presentment service transaction is closed under section 34, the database provider shall designate the transaction as closed in the database immediately, but in no event after 11:59 p.m. on the day the commissioner or database provider receives notification.
(6) The database provider shall automatically designate a deferred presentment service transaction as closed in the database 5 days after the transaction maturity date unless a licensee reports to the database provider before that time that the transaction remains open because of the customer's failure to make payment; that the transaction is open because the customer's check or an electronic redeposit is in the process of clearing the banking system; or that the transaction remains open because the customer's check is being returned to the licensee for insufficient funds, a closed account, or a stop payment order, or any other factors determined by the commissioner. If a licensee reports the status of a transaction as open in a timely manner, the transaction remains an open transaction until it is closed under section 34 and the database provider is notified that the transaction is closed under that section.
(7) If a licensee stops providing deferred presentment service transactions, the database provider shall designate all open transactions with that licensee as closed in the database 60 days after the date the licensee stops offering deferred presentment service transactions, unless the licensee reports to the database provider before the expiration of the 60-day period which of its transactions remain open and the specific reason each transaction remains open. The licensee shall also provide to the commissioner a reasonably acceptable plan that outlines how the licensee will continue to update the database after it stops offering deferred presentment service transactions. The commissioner shall promptly approve or disapprove the plan and immediately notify the licensee of his or her decision. If the plan is disapproved, the licensee may submit a new plan or may submit a modified plan for the licensee to follow. If at any time the commissioner reasonably determines that a licensee that has stopped offering deferred presentment service transactions is not updating the database in accordance with its approved plan, the commissioner shall immediately close or instruct the database provider to immediately close all remaining open transactions of that licensee.
(8) The response to an inquiry to the database provider by a licensee shall only state that a person is eligible or ineligible for a new deferred presentment service transaction and describe the reason for that determination. Only the person seeking the transaction may make a direct inquiry to the database provider to request a more detailed explanation of a particular transaction that was the basis for the ineligibility determination. Any information regarding any person's transactional history is confidential, is not subject to public inspection, is not a public record subject to the disclosure requirements of the freedom of information act, 1976 PA 442, MCL 15.231 to 15.246, is not subject to discovery, subpoena, or other compulsory process except in an action under section 53, and shall not be disclosed to any person other than the commissioner.
(9) The database provider may charge licensees a verification fee for access to the database, in amounts approved by the commissioner under section 34(5).
(10) The commissioner may access the database provided under subsection (1) only for purposes of an investigation of, examination of, or enforcement action concerning an individual database provider, licensee, customer, or other person. The commissioner and any employees of the commissioner, the office, or this state shall not obtain or access a customer's social security number, driver license number, or other state-issued identification number in the database except as provided in this subsection. An individual who violates this subsection is guilty of a misdemeanor punishable by imprisonment for not more than 93 days or a fine of not more than $1,000.00, or both, and if convicted, an individual who violates this subsection shall be dismissed from office or discharged from employment.
(11) The commissioner shall investigate violations of and enforce this section. The commissioner shall not delegate its responsibilities under this subsection to any third party provider.
(12) The commissioner shall do all of the following:
(a) Require by rule that data are retained in the database only as required to ensure licensee compliance with this act.
(b) Require by rule that data in the database concerning a customer transaction are archived within 365 days after the customer transaction is closed unless needed for a pending enforcement action.
(c) Require by rule that any identifying customer information is deleted from the database when data are archived.
(d) Require by rule that data in the database concerning a customer transaction are deleted from the database 3 years after the customer transaction is closed or any enforcement action pending 3 years after the customer transaction is closed is completed, whichever is later.
(13) The commissioner may maintain access to data archived under subsection (12) for future legislative or policy review.

MCL 487.2142

Added by 2005, Act 244, s 14, eff. 11/28/2005.