On May 28, Maryland Governor Wes Moore signed House Bill 1294 into law, establishing a comprehensive regulatory framework for Earned Wage Access (EWA) providers operating in the state. Effective October 1, the new law provides for licensing of both employer-integrated and consumer-directed EWA providers under the Maryland Consumer Loan Law, while also introducing a host of new consumer protection requirements.Continue Reading Maryland Enacts Earned Wage Access Law

On May 23, the CFPB notified a Kentucky federal court that it now considers its own 2023 open banking rule “unlawful” and plans to set the rule aside. The Bureau announced its intent to seek summary judgement against the rule, which was issued under Section 1033 of the Dodd-Frank Act to promote consumer-authorized data sharing with third parties.Continue Reading CFPB Seeks to Vacate Open Banking Rule

On May 14, the CFPB issued a proposed rule to rescind recent amendments (here, here, and here) to its nonbank supervisory program. The amendments were designed to expand and formalize the Bureau’s process for subjecting nonbank covered persons to supervision under the Consumer Financial Protection Act (CFPA). Under the CFPA, the CFPB is authorized to supervise a nonbank covered person if it has reasonable cause to determine if the nonbank covered person was engaged in financial services-related conduct that posed a risk to consumers. Among other things, the amendments introduced a mechanism for the Director to publicly release final decisions and order.Continue Reading CFPB Proposes to Rescind Risk-Based Supervision Rulemaking

On May 15, the CFPB withdrew three Biden-era rulemaking proposals, including a December 2024 proposal to regulate data brokers as consumer reporting agencies under the Fair Credit Reporting Act (FCRA), a January proposal to extend Regulation E to emerging payment systems such as those used in video games and esports betting, and a proposed interpretive rule targeting restrictive and potentially unlawful terms in consumer contracts.Continue Reading CFPB Withdraws Guidance and Proposed Rules on Data Broker, Video Game Payments, and Contract Clauses

On May 12, the CFPB formally withdrew nearly 70 guidance materials—including policy statements, advisory opinions, circulars, and interpretive rules—through a Federal Register notice issued by Acting Director Russell Vought. The move stems from an internal memo circulated last month to identify guidance that allegedly imposed unlawful compliance burdens or exceeded statutory authority.Continue Reading CFPB Withdraws Dozens of Guidance Documents as Part of Deregulatory Push

On May 9, President Trump signed a Congressional Review Act resolution repealing the CFPB’s final rule restricting overdraft fees at large financial institutions. The rule, originally finalized under the Biden administration, would have imposed new limits on overdraft fees charged by banks with over $10 billion in assets.Continue Reading President Trump Signs Resolution Nullifying CFPB Overdraft Fee Rule

On May 6, Indiana Governor Mike Braun signed House Enrolled Act No. 1125 into law, making Indiana the latest state to enact a statutory framework for regulating earned wage access (EWA) products.  The Indiana Earned Wage Access Act, which takes effect January 1, 2026, requires most EWA providers to obtain a license from the Indiana Department of Financial Institutions and comply with operational, disclosure, and consumer protection requirements.  Continue Reading Indiana Enacts Earned Wage Access Law 

On April 15, Judge Mark T. Pittman of the U.S. District Court for the Northern District of Texas entered an Order and Final Judgement vacating the CFPB’s 2024 credit card late fee rule (previously discussed here) for violating the federal Credit Card Accountability and Disclosure (CARD) Act and the Administrative Procedure Act. The rule, which amended Regulation Z, had established a new $8 late fee safe harbor for larger credit card issuers and eliminated annual inflation adjustments. Continue Reading CFPB Late Fee Rule Vacated by Texas Federal Court 

On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates a new data security mandate for financial corporations—a category that includes non-depository entities regulated by the Department of Financial Institutions (DFI). It also expands the licensing requirement for brokers to include “alternative financing products,” potentially impacting a broad array of fintech providers.Continue Reading North Dakota Expands Data Security Requirements and Issues New Licensing Requirements for Brokers