The Consumer Financial Protection Bureau (CFPB) took action against Xerox Business Services, LLC, now called Conduent Business Services, for software errors that led to incorrect consumer information about more than 1 million borrowers being sent to credit reporting agencies. The company also failed to notify all of its auto finance clients about known flaws in its software that led to the errors. The consent order requires Xerox to pay a $1.1 million civil penalty, explain its mistakes to its finance clients, and fix its faulty software.Xerox Business Services operated and customized a third-party software application for five auto creditors. The software automatically generated and transmitted information about borrowers’ auto loans to consumer reporting agencies. Lenders use information furnished to the consumer reporting agencies when considering whether to issue a loan and on what terms, so it is essential the information is accurate. Widespread defects in the finance-servicing software that Xerox used led creditors to report inaccurate information about consumers’ performance on their contracts. In 2016, its reports for more than one million of the auto creditors’ 6.4 million customer accounts had one or more errors. Xerox had acquired the rights to this software from its creator, an independent software developer. When creditors asked for certain features, Xerox would modify the software’s source code. Between 2004 and 2010, one modification was supposed to enable three of Xerox’s clients to provide consumer data in the Metro 2 Format. Metro 2 is the standard industry format used for furnishing this information in a uniform way to credit reporting agencies. However, Xerox’s modifications were based on a flawed, unreleased version of Metro 2 source code that led to the reporting of incorrect consumer information. This violated the Dodd-Frank Wall Street Reform and Consumer Protection Act.