Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On February 21, the Conference of State Bank Supervisors (CSBS) issued a request for information (RFI) on issues related to state money transmission and payments regulation as state regulators begin coordinating model legislation for all 50 states to adopt in whole or in part. CSBS’ RFI is based upon recommendations made by the Fintech Industry Advisory Panel (a part of CSBS’ Vision 2020 previously covered by InfoBytes here) and seeks feedback on several areas of law and regulation to help states create harmonized definitions and interpretations on a national level. According to the Advisory Panel, “despite the general similarity of state money transmission laws, each state defines and interprets money transmission and its exemptions differently.” The RFI solicits comments framed towards outlined policy standards and risks on the following issues:
(i) The scope of covered money transmission activities and applicable exemptions; (ii) the change in control process, including the personal vetting requirements for individuals deemed new control persons; (iii) prudential regulations—in particular, permissible investment, net worth, and surety bond requirements; (iv) supervision processes; and (v) coordination—in particular, how states can ensure the areas outlined above are implemented consistently without state-by-state policy diversion or needless duplication of effort.
Comments on the RFI are due April 20 and will be made publically available here.
Colorado regulator exempts certain cryptocurrency exchanges from money transmitter licensing requirements
On September 20, the Colorado Department of Regulatory Agencies Division of Banking (Division) issued interim guidance exempting certain types of cryptocurrency exchanges from the state’s money transmitter licensing requirements. Under the interim guidance—which outlines the Division’s interpretation of Colorado’s existing Money Transmitters Act (the Act)— the Division determined that the Act regulates the transmission of money, meaning legal tender, and that cryptocurrencies are not legal tender under the Act. As a result, virtual currency exchanges operating in Colorado do not require a license if transmitting only cryptocurrencies without any legal tender issued and backed by a government (fiat currency) involved in the transaction. However, if fiat currency is present in a transaction, then a virtual currency exchange may require a license. Additionally, a virtual currency exchange must obtain a license when it performs all of the following: (i) it engages in the business of selling and buying cryptocurrencies for fiat currency; (ii) it allows a Colorado customer to transfer cryptocurrency to another customer within the exchange; and (iii) it allows the transfer of fiat currency through the medium of cryptocurrency within the exchange. If a virtual currency exchange offers the ability to transfer fiat currency through the medium of cryptocurrency, the Division encourages the exchange to contact the Division to determine whether it must obtain a license.
On August 24, 13 state banking supervisors sent a letter asking congressional leaders “to consider legislation that creates a safe harbor for financial institutions to serve state-compliant [marijuana] business, or entrusts sovereign states with the full oversight and jurisdiction of marijuana-related activity.” According to the letter, while 31 states, the District of Columbia, and two territories have legalized medical and/or recreational marijuana use as of August 1, many financial institutions choose not serve marijuana businesses due to a perceived threat of asset forfeitures or criminal penalties. The letter notes that this results in inadequate regulation, cash transactions that are difficult to track, “a diminished ability to identify operators acting to circumvent federal and state licensing and regulatory frameworks,” and concerns for public safety. In addition, according to the state regulators, the rescission of the 2013 “Cole Memo”—which outlined the DOJ’s marijuana enforcement priorities and was relied upon by a limited number of financial institutions—has led to greater uncertainty for banks that serve marijuana businesses. The letter also discusses the Financial Crimes Enforcement Network’s 2014 guidance—which clarifies expectations under the Bank Secrecy Act for financial institutions providing services to marijuana businesses—and further stresses that “the Rohrabacher amendment prohibiting federal funds being used to inhibit state medicinal marijuana programs [is] an impermanent approach that requires a permanent resolution.”
In July, and as previously covered in InfoBytes, the New York Department of Financial Services (NYDFS) issued guidance which encouraged New York state chartered banks and credit unions to consider establishing relationships with regulated and compliant medical marijuana and industrial hemp-related businesses operating in New York. NYDFS stated it will not impose any regulatory action on a New York financial institution that establishes a relationship with a regulated marijuana business as long as the institution also complies with other applicable guidance and regulations.
On July 24, the Washington Department of Financial Institutions adopted new mortgage-related provisions of the state’s Consumer Loan Act (CLA). In addition to technical changes and certain definition modifications, the rulemaking, among other things, (i) adds a requirement that if electronic records are stored using a closed service, the service must be located in the U.S. or its territories; (ii) prohibits certain servicing activities, such as receiving payments and collection activities, from being conducted outside the U.S. or its territories; and (iii) requires servicers to maintain a compliance management system with the functionalities that are described in the CFPB’s Supervision and Examination Manual. The rulemaking is effective September 1.
Georgia Department of Banking and Finance issues cease and desist over licensing violation involving bitcoin
On July 26, the Georgia Department of Banking and Finance (Department) announced the issuance of a cease and desist order against a bitcoin trading platform. According to the Department, the company allegedly engaged in the sale of payment instruments and money transmissions without first acquiring a valid license or applicable exemption in violation of the state’s financial institutions code. Licensure requirements in the state apply to persons engaged in transactions involving virtual currency.
Conference of State Bank Supervisors supports legislation to coordinate federal and state examinations of third-party service providers
On July 12, the Conference of State Bank Supervisors (CSBS) issued a statement to the Senate Banking Committee, offering support for legislation that would “enhance state and federal regulators’ ability to coordinate examinations of, and share information on, banks’ [third-party technology service providers (TSPs)] in an effective and efficient manner.” H.R. 3626, the Bank Service Company Examination Coordination Act, introduced by Representative Roger Williams, R-Texas, would amend the Bank Service Company Act to provide examination improvements for states by requiring federal banking agencies to (i) consult with the state banking agency in a reasonable and timely fashion, and (ii) take measures to avoid duplicating examination activities, reporting requirements, and requests for information. Currently, 38 states have the authority to examine TSPs, however, according to CSBS, amending the Bank Service Company Act would more appropriately define a state banking agency’s authority and role when it comes to examining potential risks associated with TSP partnerships. In its statement, CSBS also references a recent action taken by eight state regulators against a major credit reporting agency following its 2017 data breach that requires, among other things, a wide range of corrective actions, including improving oversight and ensuring sufficient controls are developed for critical vendors. (See previous InfoBytes coverage here.) The House Financial Services Committee advanced H.R. 3626 on June 24 on a unanimous vote.
CFTC, NASAA enter cryptocurrency, fraud information sharing partnership; CFTC releases virtual currency derivative guidance
On May 21, the U.S. Commodity Futures Trading Commission (CFTC) announced it had signed a mutual cooperation agreement with the North American Securities Administrators Association (NASAA) to increase cooperation and information sharing on cryptocurrencies and other potential market fraud. The memorandum of understanding (MOU) is designed to “assist participants in enforcing the Commodity Exchange Act, which state securities regulators and state attorneys general are statutorily authorized to do alongside the CFTC,” leading to the possibility of additional enforcement actions brought under other areas of law. In order to receive the benefits—including investigative leads, whistleblower tips, complaints, and referrals provided to NASAA members by the CFTC—individual jurisdictions will be required to sign the MOU.
The same day, the CFTC’s Division of Market Oversight and Division of Clearing and Risk (DCR) issued a joint staff advisory providing guidance on several enhancements to which CFTC-registered exchanges and clearinghouses should adhere when listing derivatives contracts based on virtual currencies. The advisory addresses the following five key areas for market participants: (i) “[e]nhanced market surveillance”; (ii) “[c]lose coordination with CFTC staff’; (iii) “[l]arge trader reporting”; (iv) “[o]utreach to member and market participants”; and (v) “Derivatives Clearing Organization risk management and governance.” According to the DCR director, the information provided is intended in part, “to aid market participants in their efforts to design risk management programs that address the new risks imposed by virtual currency products . . . [and] to help ensure that market participants follow appropriate governance processes with respect to the launch of these products.”
On February 6, the Conference of State Bank Supervisors (CSBS) announced that financial regulators from seven states have agreed to a multi-state compact that will offer a streamlined licensing process for money services businesses (MSB), including fintech firms. The seven states initially participating in the MSB licensing agreement are Georgia, Illinois, Kansas, Massachusetts, Tennessee, Texas and Washington. The CSBS expects other states to join the compact. According to the CSBS, “[i]f one state reviews key elements of state licensing for a money transmitter—IT, cybersecurity, business plan, background check, and compliance with the federal Bank Secrecy Act—then other participating states agree to accept the findings.” CSBS noted that the agreement is the first step in efforts undertaken by state regulators to create an integrated system for licensing and supervising fintech companies across all 50 states.
The announcement of the MSB licensing agreement follows a May 2017 CSBS policy statement, which established the 50-state goal, and—as previously covered by InfoBytes—is a part of previously announced “Vision 2020” initiatives designed to modernize and streamline the state regulatory system to be capable of supporting business innovation while still protecting the rights of consumers.
On October 19, the Conference of State Bank Supervisors (CSBS) announced that 33 financial technology companies have agreed to serve on the CSBS Fintech Industry Advisory Panel. The goal of the panel is to identify ways to help modernize the state regulatory system. According to CSBS, the 33 participating companies range from start-ups to national brands and represent differing industry sectors, as well as, geographic locations and business models. The advisory panel will have three working groups, (i) money transmission and payments; (ii) lending; and (iii) community banking and innovation.
A complete list of the panel’s membership is here.
In July, the CFPB Ombudsman’s Office issued its mid-year update for 2017. Each year, the Ombudsman is required to submit an annual report to the CFPB Director. The mid-year update outlines issues related to individual inquires made to the Ombudsman’s Office, the accessibility of CFPB print materials, whistleblower communications, Ombudsman Forums, Ombudsman Interactives, and the office’s independent outreach programs. Highlighted are several key points:
- Individual Inquires. The Ombudsman’s Office reported that 820 inquiries were received from consumers, financial entities, consumer and trade groups, and others in the first six months of 2017—an increase from the 541 inquiries received during the same time frame the previous year
- Whistleblower Communications. The Bureau continued to receive complaints about alleged violations of consumer financial protection laws. However, according to the Ombudsman, the contact points for whistleblowers have become more difficult to find since the CFPB’s 2016 website refresh. The Ombudsman’s Office provided suggestions to make the information easier to locate.
- Ombudsman Forums. The Ombudsman’s Office recently conducted a forum with compliance officers, or people in similar roles, from companies that engage with the CFPB. The forum facilitated discussions on: (i) compliance management and the consumer complaint process; (ii) the public Consumer Complaint Database; (iii) the examination process; (iv) CFPB compliance tools and resources; and (v) current regulatory compliance process considerations. Additionally, an event with the associations of state government regulators is planned.
- Ombudsman Interactives. The “Ombudsman Interactives” initiative was launched earlier this year to facilitate discussions similar to those at the Ombudsman Forums. Attendees at consumer, trade, and other conferences participated in the onsite interactives.
- Ombudsman Outreach. The Ombudsman’s Office reported that it continues its independent outreach programs intended to share information on the CFPB’s resources and latest work. A coordinated outreach program held this year was attended by nationwide state banking associations.
- Buckley Webcast: The next consumer litigation frontier? Assessing the consumer privacy litigation and enforcement landscape in 2019 and beyond
- Buckley Webcast: The CFPB’s proposed debt collection rule
- Buckley Webcast: Trends in e-discovery technology and case law
- Brandy A. Hood to discuss "What the flood? Don’t get washed away by a flood of changes" at the American Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano to discuss "Mitigating the risks of banking high risk customers" at the American Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano, Kari K. Hall, Brandy A. Hood, and H Joshua Kotin to discuss "Regulations that matter in a deregulatory environment" at the American Bankers Association Regulatory Compliance Conference Power Hour
- Buckley Webcast: Data breach litigation and biometric legislation
- Hank Asbill to discuss "Pay no attention to the man behind the curtain: Addressing prosecutions driven by hidden actors" at the National Association of Criminal Defense Lawyers West Coast White Collar Conference
- Daniel P. Stipano to discuss "Keep off the grass: Mitigating the risks of banking marijuana-related businesses" at the ACAMS AML Risk Management Conference
- Daniel P. Stipano to discuss "Mid-year policy update" at the ACAMS AML Risk Management Conference
- Amanda R. Lawrence to discuss "Navigating the challenges of the latest data protection regulations and proven protocols for breach prevention and response" at the ACI National Forum on Consumer Finance Class Actions and Government Enforcement
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program
- Brandy A. Hood to discuss "RESPA Section 8/referrals: How do you stay compliant?" at the New England Mortgage Bankers Conference
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference
- Douglas F. Gansler to discuss "Role of state AGs in consumer protection" at a George Mason University Law & Economics Center symposium