Agency Rule-Making & Guidance

Subscribe to Agency Rule-Making & Guidance

On December 16, the CFPB issued a series of orders to five companies offering “buy now, pay later” (BNPL) credit.  The orders seek to collect information on the risks and benefits of these “fast-growing” products over concerns about “accumulating debt, regulatory arbitrage, and data harvesting in a consumer credit market already quickly changing with technology.”  BNPL is a deferred payment option that allows consumers to split a purchase into smaller installments, typically four or less, often with a down payment of 25 percent due at checkout.  To underscore BNPL’s current popularity, a report issued by the California Department of Financial Protection and Innovation recently reported that “[t]he top six buy now pay later lenders accounted for 10,924,547, or 91 percent, of the total consumer loans originated in 2020” (we discussed this report in an earlier Consumer Finance & FinTech Blog post here).

Continue Reading CFPB Issues Orders to Companies Offering BNPL Credit

The CFPB has amended Regulation Z to address the anticipated sunset of LIBOR, which is expected to be discontinued in June 2023.  Some creditors currently use LIBOR as an index for calculating rates for open-end and closed-end products.  The effective date of this final rule is April 1, 2022.


Continue Reading CFPB Published Reg. Z Amendments to Facilitate Libor Transition

Last month, the FDIC, Federal Reserve Board, and the OCC announced a final rule to improve information sharing about cyber incidents that may affect the U.S. banking system.  Among other things, the final rule requires banking organizations to inform their primary federal regulator no later than 36 hours after a determination that a “computer-security incident” has reached the level of a “notification incident.”  The final rule notes that notification is required for incidents that have affected, in certain circumstances:

Continue Reading Federal Bank Regulators Approve New Cybersecurity Incident Notification Rule

The Consumer Financial Protection Bureau (“CFPB”) has enhanced its regulatory scrutiny of the fees financial institutions assess on consumer depositors.  To better understand the gamut of such fees and financial institutions’ practices with respect to the same, the CFPB has required financial institutions to submit detailed quarterly statements identifying and breaking out the various types of fees assessed on consumer accounts.  In particular, the CFPB has required them to provide aggregate amounts charged as (i) overdraft and non-sufficient funds (“NSF”) fees; (ii) periodic account maintenance fees; and (iii) ATM fees (in particular, the fees charged in connection with consumer transactions at out-of-network ATMs).  The CFPB has now analyzed the consumer fee data going back to 2015 and published two reports: (i) Data Point: Overdraft/NSF Fee Reliance Since 2015—Evidence from Bank Call Reports; and (ii) Data Point: Checking Account Overdraft at Financial Institutions Served by Core Processors.  In general, the reports reveal that overdraft and NSF fees constitute one of the primary sources of financial institution revenues generated from consumer banking operations.  Indeed, overdraft fees alone generated more than $15 billion in revenues for banks and credit unions in 2019.

Continue Reading The CFPB Study Shines Spotlight on Banking Fees as a Presage to Greater Regulatory Scrutiny of Consumer Banking Fees

On November 18, the Chief Counsel of the Office of the Comptroller of the Currency (OCC) issued a fourth interpretive letter (Letter 1179) regarding whether it is permissible for national banks and federal savings associations to engage in certain cryptocurrency, distributed ledger, and stablecoin activities.  The letter clarifies ambiguities in the previous three letter including  the authority of a bank to engage in certain cryptocurrency activities and the authority of the OCC to charter a national trust bank.

Continue Reading OCC Chief Counsel Clarifies Bank Authority to Engage in Crypto

On November 23, the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, and Office of the Comptroller of the Currency (“banking agencies”) released a joint statement recognizing that the emerging crypto-asset sector presents potential opportunities and risks for banking organizations, their customers, and the overall financial system.

Continue Reading Banking Agencies Provide Crypto-Asset Roadmap as a Result of Interagency “Policy Sprints”

On November 1, the President’s Working Group on Financial Markets (PWG), the FDIC, and the OCC announced the release of a report on stablecoins — virtual currencies that, unlike Bitcoin, are backed by assets like gold or fiat currency. Stablecoins aim to eliminate the hesitation many consumers have about mainstream cryptocurrencies, namely their unpredictable volatility.

Continue Reading President’s Working Group Releases Report on Stablecoins

On October 28, the FTC issued a new enforcement policy statement warning companies against deploying “illegal dark patterns” that trick or trap consumers into subscription services, and often making websites difficult to navigate to find cancellation or refund options.  The statement is intended to assist marketers by providing specific guidance on the FTC’s interpretation of existing law as it applies to “negative option marketing” through deceptive sign up tactics, including unauthorized charges or ongoing billing that is impossible to cancel.  The policy statement notes that “[n]egative option offers come in a variety of forms, but all share a central feature: each contains a term or condition under which the seller may interpret a consumer’s silence or failure to take affirmative action to reject a good or service or to cancel the agreement as acceptance or continuing acceptance of the offer.”  Examples include automatic renewals, free trials that convert to pay features, and continuous periodic shipments that continue until the customer cancels the shipment.
Continue Reading FTC to Increase Enforcement Against “Dark Patterns” Directed at Consumers

On October 27, the FTC announced a final rule amending the Standards for Safeguarding Customer Information, known as “the Safeguards Rule,” under the Gramm-Leach-Bliley Act, which is applicable to a broad range of non-banking financial institutions, such as check-cashing businesses, payday lenders, mortgage brokers, nonbank lenders, personal property or real estate appraisers, professional tax preparers, courier services, and credit reporting agencies to develop, implement, and maintain a comprehensive security system to keep their customers’ information secure.

Continue Reading FTC Finalizes Safeguard Rules for Non-Bank Financial Institutions

On September 21, 2021, the FinTech task force of the U.S. House Committee on Financial Services held a hearing on consumer privacy. The hearing was live-streamed and the archived webcast is available on the Committee website.

Continue Reading More Regulatory Clarity on the Horizon for FinTech

Recently Florida and Arkansas made it a requirement for those engaging in virtual currency activities to obtain money transmission licenses in their respective jurisdictions.

Continue Reading Money Transmission Licenses Required for Virtual Currency Activities in Arkansas and Florida