Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On April 1, the Arizona governor signed HB 2177, which modifies the state’s Regulatory Sandbox Program (RSP). As previously covered by InfoBytes, in March 2018, Arizona became the first state to create a regulatory sandbox for companies to test innovative financial products or services without certain regulatory requirements. The bill clarifies the RSP to allow participants to temporarily test an innovation “with respect to providing a financial product or service or a substantial component of a financial product or service,” as opposed to, an “innovative financial product or service.” Among other things, the bill also (i) removes the Arizona consumer residency requirement when participants test innovative money transmitter products, requiring only that the consumer have physical presence in the state at the time of the transaction; (ii) removes record keeping requirements for participants testing investment management products; and (iii) provides sole enforcement authority of state regulatory laws applicable to RSP participants to the state Attorney General. The bill is effective 91 days after the state’s legislative session ends.
On March 25, the Utah governor signed HB 378, which creates a state regulatory sandbox program through the state’s Department of Commerce (Department) that allows participants to temporarily test innovative financial products or services on a restricted basis without requiring a license or authorization to act under Utah law. Under the program, approved applicants will have 24 months from the date an application is approved to test the product or service on Utah residents without being subject to state laws and regulations that normally would regulate such products or services, unless the Department determines otherwise. Additionally, the Department, upon written notice, may end a participant’s participation program at any time and for any reason. The program allows for participants to request an extension of time up to six months after the end of the regulatory sandbox testing period in order to obtain a license or other authorization required by the law to continue to market the product or service. The act takes effect on May 13.
On February 19, the Wyoming Governor signed HB 57, which creates a fintech sandbox program in the state for companies to test innovative financial products and services. Wyoming is the second state to introduce a regulatory sandbox program, following Arizona’s sandbox introduction last March. (Previously covered by InfoBytes here.) Under the “Financial Technology Sandbox Act” (the Act), the state’s sandbox will be open to innovative financial products and services, including those focused on blockchain and cryptocurrencies, and will allow testing of these products for up to two years with the possibility of an additional 12 month extension before requiring participants to apply for formal licensure. Additionally, under certain conditions, the Act—which grants various supervisory and enforcement power to the state banking commissioner and the secretary of state, including revocation and suspension rights—will authorize (i) limited waivers of specified statutes or rules, and (ii) reciprocity agreements with other regulators. The Act takes effect January 1, 2020.
On February 11, the District of Columbia Department of Insurance, Securities and Banking announced the formation of the District of Columbia Financial Services Regulatory Sandbox and Innovation Council. The Council, which will examine the feasibility of implementing a financial services regulatory sandbox in the District, will also “develop a blockchain and innovation regulatory framework to facilitate financial services innovation in the District.” D.C. Mayor Bowser, who established the Council in January, has directed the advisory group to review barriers that fintech, insurtech, regtech, and other technology companies face when attempting to bring innovative services to the District, and to evaluate how these impediments can be mitigated or eliminated to foster innovation, including making recommendations for ways to reduce the regulatory burden on financial services providers that impede innovation. Among other things, the Mayor also has tasked the Council with studying the potential dangers regulatory sandboxes pose to consumers and the possible safeguards to such dangers. The Council—whose membership will include a cross section of professionals from the insurance, securities, banking, and lending industries; consumer representatives; technology industry members; and individuals specializing in financial services regulation and the captive insurance industry—will report legislative, programmatic, and policy recommendations to the Mayor within the first six months after its initial meeting.
On February 11, a coalition of 22 Democratic state Attorneys General responded to the CFPB’s proposed policy on No-Action Letters (NAL) and a new federal product sandbox, pushing back on the Bureau’s efforts to provide relief to financial institutions looking to implement new consumer financial products or services. (InfoBytes coverage on the proposal available here.) The Attorneys General argued that the Bureau “has no authority to issue such sweeping immunity absent formal rulemaking” and urged the Bureau to rescind the proposals, which the Bureau had stated were exempt from the notice and comment procedures of the Administrative Procedures Act.
In addition to challenging the Bureau’s authority to establish these policies, the Attorneys General asserted specific concerns with the NAL proposal, including (i) the fact that the proposed NAL policy would make NALs binding on the CFPB indefinitely; (ii) the streamlined application process and 60-day decision window, potentially causing the Bureau to render hasty, uninformed decisions; and (iii) the proposed NAL policy’s purported deviations from the policies of other federal agencies, such as the SEC.
As for the new product sandbox, the Attorneys General viewed the proposed policy as “even more troubling” than the NAL proposal, as it provides immunity from “enforcement actions by any Federal or State authorities, as well as from lawsuits brought by private parties.” The Attorneys General rejected the Bureau’s contention that the statutory safe harbors in TILA, ECOA, and the EFTA grant the authority to provide the broad enforcement relief and accused the Bureau of “abandoning its critical role in monitoring the risk that new and emergency technologies post to consumers in the financial marketplace.”
On January 31, the United Kingdom’s Financial Conduct Authority (FCA) announced that the Global Financial Innovation Network (GFIN) officially launched and is now seeking cross-border testing applications. As previously covered by InfoBytes, in August 2018, the FCA announced the creation of the GFIN in collaboration with 11 other global financial regulators. The network has now expanded to include 29 organizations, including financial regulators and other related entities, committed to supporting financial innovation. The GFIN has three primary functions: (i) to collaborate on innovation and to provide accessible regulatory contact information for firms; (ii) to provide a forum for joint regulation technology work; and (iii) to provide firms with an environment in which to trial cross-border solutions.
The announcement states that the network has opened a one month application window for firms interested in joining a pilot cohort for cross-border testing for new technologies. Firms interested in participating are required to meet the application requirements of all the jurisdictions in which they would like to test. Each applicable regulator will decide whether the firm’s proposed test meets the screening criteria and ensure safeguards are in place in their jurisdiction for testing. The deadline for testing applications is February 28.
On December 10, the CFPB released a new proposed policy on No-Action Letters (NAL) and a new federal product sandbox. The new NAL proposal, which would replace the 2016 NAL policy, is “designed to increase the utilization of the Policy and bring certain elements more in line with similar no-action letter programs offered by other agencies.” The proposal consists of six sections. Highlights include:
- Description of No-Action Letters. The letter would indicate to the applicant, that subject to good faith, substantial compliance with the terms of the letter, the Bureau would not bring a supervisory or enforcement action against the recipient for offering or providing the described aspects of the product or service covered by the letter.
- Submitting Applications. The proposal includes a description of the items an application should contain and invites applications from trade associations on behalf of their members, and from service providers and other third parties on behalf of their existing or prospective clients.
- Assessment of Applications. The Bureau intends to grant or deny an application within 60 days of notifying the applicant that the application is deemed complete.
- Issuing No-Action Letters. NALs will be signed by the Assistant Director of the Office of Innovation or other members in the office, and will be duly authorized by the Bureau. The Bureau may revoke a NAL in whole or in part, but before the Bureau revokes a NAL, recipients will have an opportunity to cure a compliance failure within a reasonable period.
- Regulatory Coordination. In order to satisfy the coordination requirements under Dodd-Frank, the Bureau notes it is interested in partnering with state authorities that issue similar forms of no-action relief in order to provide state applicants an alternative means of also receiving a letter from the Bureau.
- Disclosure of Information. The Bureau intends to publish NALs on its website and in some cases, a version or summary of the application. The Bureau may also publish denials and an explanation of why the application was denied. The policy notes that disclosure of information is governed by the Dodd-Frank Act, FOIA and the Bureau’s rule on Disclosure of Records and Information, which generally would prohibit the Bureau from disclosing confidential information.
Notable changes from the 2016 NAL policy include, (i) NALs no longer have a temporal duration—under the new proposal, there is no temporal limitation except in instances of revocation; (ii) applicants are no longer are required to commit to sharing data about the product or service covered by the application; and (iii) the letters are no longer staff recommendations, but issued by authorized officials in the Bureau to provide recipients greater assurance of the relief.
The proposal also introduces the Bureau’s “Product Sandbox,” which offers substantially the same relief as the NAL proposal but also includes: (i) approvals under one or more of three statutory safe harbor provisions of TILA, ECOA, or the EFTA; and (ii) exemptions by order from statutory provisions of ECOA, HOEPA, and FDIA, or regulatory provisions that do not mirror statutory provisions under rulemaking authority. The proposal notes that two years is the expected duration for participation in the Sandbox, but similar to the no-action relief above, the no-action relief from the Sandbox program can be of unlimited duration—if approved under the sandbox program, “the recipient would be immune from enforcement actions by any Federal or State authorities, as well as from lawsuits brought by private parties.”
Comments on the proposals are due within 60 days of publication in the Federal Register.
On November 1, the Arizona Attorney General announced the approval of two more participants in the state’s fintech sandbox program. The first company, which is based in New York, will test a savings and credit product, enabling Arizona consumers to obtain a small line of credit aimed at providing overdraft protection. If a consumer agrees to a repayment plan recommended by the company’s proprietary technology, the APR may be as low at 12 percent; if a consumer adopts a different repayment plan, the line of credit will have a standard APR of 15.99 percent. The company intends to report transactions under the payment plan to national credit bureaus to enable the building of credit histories. The second company, an Arizona-based non-profit, will test a lending product using proprietary blockchain technology, which has an APR cap of 20 percent.
As previously covered by InfoBytes, the Arizona governor signed legislation in March creating the first state sandbox program for companies to test innovative financial products or services without certain regulatory requirements. In October, the Attorney General announced the first sandbox participant, a mobile platform company (InfoBytes coverage available here).
On October 16, the CFPB announced the launch of its new webpage for innovation, which aims to engage with entrepreneurs and the innovation community to promote competition, innovation, and consumer access within financial services. The webpage is a result of the Bureau’s new Office of Innovation (previously known as Project Catalyst) and includes information regarding the Global Financial Innovation Network and the Bureau’s proposed revisions to the Trial Disclosure Program Policy (previously covered by InfoBytes here and here). The webpage also encourages groups to “pitch a pilot” to work with the Bureau on consumer-friendly innovation ideas.
On October 11, the Arizona Attorney General announced the state’s first fintech sandbox participant. The mobile payment platform company will test its product—a centralized wallet infrastructure designed to create “cheaper and faster payment transfers”—for two years by processing guest payments at a Tucson resort. Arizona resident-guests will receive a disclosure agreement outlining the company’s participation in the sandbox, an explanation of the test product, a privacy notice, and the ability to opt out of any information sharing with the resort. As previously covered by InfoBytes, the Arizona governor signed legislation in March creating the first state sandbox program for companies to test innovative financial products or services without certain regulatory requirements.
The Attorney General also announced the finalization of a Memorandum of Understanding (MOU) with Taiwan’s financial regulator, the Financial Supervisory Commission, to increase the reach of the state’s sandbox program. The MOU will establish an information sharing agreement “that may result in the opportunity for businesses to develop/test eligible [fintech] products in both markets,” the release stated.
- Buckley Webcast: Maintaining privilege in cross-border internal investigations
- Moorari K. Shah to discuss "State regulatory and disclosures" at the Equipment Leasing and Finance Association Legal Forum
- Daniel P. Stipano to discuss "The state of the BSA 2019: What’s working, what’s not, and how to improve it" at the West Coast Anti Money-Laundering Forum
- Buckley Webcast: The future of the Community Reinvestment Act
- Hank Asbill to discuss "Creative character evidence in criminal and civil trials" at the Litigation Counsel of America Spring Conference & Celebration of Fellows
- Buckley Webcast: Amendments to the CFPB's proposed debt collection
- Brandy A. Hood to discuss "Flood NFIP in the age of extreme weather events" at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference
- Michelle L. Rogers to discuss "UDAAP compliance" at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference
- Kathryn L. Ryan to discuss "Major state law developments" at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference
- Jonice Gray Tucker to discuss "Leveraging big data responsibly" at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference
- Kathryn L. Ryan to discuss "State examination/enforcement trends" at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference
- Benjamin K. Olson to discuss "LO compensation" at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference
- APPROVED Webcast: State and SAFE Act licensing requirements for banks
- John C. Redding to discuss "TCPA compliance in the era of mobile" at the Auto Finance Risk Summit
- Buckley Webcast: The next consumer litigation frontier? Assessing the consumer privacy litigation and enforcement landscape in 2019 and beyond
- Buckley Webcast: Data breach litigation and biometric legislation
- Buckley Webcast: Trends in e-discovery technology and case law
- Hank Asbill to discuss "Pay no attention to the man behind the curtain: Addressing prosecutions driven by hidden actors" at the National Association of Criminal Defense Lawyers West Coast White Collar Conference
- Daniel P. Stipano to discuss "Keep off the grass: Mitigating the risks of banking marijuana-related businesses" at the ACAMS AML Risk Management Conference
- Daniel P. Stipano to discuss "Mid-year policy update" at the ACAMS AML Risk Management Conference
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program