Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On December 16, the enforcement section of the Massachusetts Securities Division filed an administrative complaint against a broker-dealer online trading platform alleging the company violated various state laws by using “aggressive tactics” to gain inexperienced investors. According to the complaint, the company, among other things, (i) used advertising techniques, including using young actors, to target younger individuals (with a median customer age around 31 years old) with little to no investment experience; (ii) failed to implement policies and procedures that were “[r]easonably [d]esigned to [p]revent and [r]espond to [o]utages and [d]isruptions on its [t]rading [p]latform,” resulting in nearly 70 outages throughout 2020; (iii) used “gamification strategies,” such as confetti raining down on the screen after a trade or requiring customers to “tap” a fake debit card to increase their position on the waitlist, to “lure customers into consistent participation” with the platform; and (iv) failed to review and supervise, in accordance with its own procedures, the approval of options trading accounts. The complaint asserts that the company’s tactics failed to adhere to the fiduciary conduct standard required of broker-dealers in the state of Massachusetts since the adoption of amendments in March, with enforcement beginning on September 1. Massachusetts is seeking an injunction, restitution, disgorgement, and administrative fines.
On October 15, NYDFS, in collaboration with the Conference of State Bank Supervisors and the Alliance for Innovative Regulation, announced that a first-of-its-kind techsprint focusing on virtual currency will take place early 2021. The techsprint will bring together regulators, fintech and virtual currency industry stakeholders, and experts to collaborate on regulatory compliance solutions. Possible solutions may include “process improvements to a functional prototype of a reporting mechanism,” such as Digital Regulatory Reporting (DRR), which will “give regulators instant access to data provided by firms under their supervision.” Based on the takeaways from the techsprint, NYDFS intends to “develop a set of common standards and an open source technical framework for DRR” that may be adopted by NYDFS and other regulatory agencies. As part of the collaboration, future techsprints will also be developed that focus on other types of nonbank entities subject to financial regulation.
On July 17, the CFPB announced a new Compliance Assistance Statement of Terms Template (CAST Template) under its Compliance Assistance Sandbox (CAS) Policy issued to a company’s program designed to help employees build emergency savings. Specifically, under the approved template, known as “Autosave,” interested employers could help employees build emergency savings by directing a portion of the employee’s pay to an employee-designated account at a financial institution; or if an employee does not designate an account, directing the funds to an “Autosave” account at an employer-designated institution. The Bureau notes that a CAST Template is necessary for this program due to the legal uncertainty around the application of the “compulsory use” prohibition in the Electronic Fund Transfer Act (EFTA), and Regulation E. However, the applicants assert the Autosave program embodies a “reasonable default enrollment method,” which, according to the Bureau, can be consistent with the consumer choice requirements of the EFTA and Regulation E.
On July 7, the CFPB released a blog post discussing the use of artificial intelligence (AI) and machine learning (ML), addressing the regulatory uncertainty that accompanies their use, and encouraging stakeholders to use the Bureau’s innovation programs to address these issues. The blog post notes that “AI has the potential to expand credit access by enabling lenders to evaluate the creditworthiness of some of the millions of consumers who are unscorable using traditional underwriting techniques,” but using AI may create or amplify risks, including unlawful discrimination, lack of transparency, privacy concerns, and inaccurate predictions.
The blog post discusses how using AI/ML models in credit underwriting may raise compliance concerns with ECOA and FCRA provisions that require creditors to issue adverse action notices detailing the main reasons for the denial, particularly because AI/ML decisions can be “based on complex interrelationships.” Recognizing this, the Bureau explains that there is flexibility in the current regulatory framework “that can be compatible with AI algorithms.” As an example, citing to the Official Interpretation to Regulation B, the blog post notes that “a creditor may disclose a reason for a denial even if the relationship of that disclosed factor to predicting creditworthiness may be unclear to the applicant,” which would allow for a creditor to use AI/ML models where the variables and key reasons are known, but the relationship between them is not intuitive. Additionally, neither ECOA nor Regulation B require the use of a specific list of reasons, allowing creditors flexibility when providing reasons that reflect alternative data sources.
In order to address the continued regulatory uncertainty, the blog post encourages stakeholders to use the Trial Disclosure, No-Action Letter, and Compliance Assistance Sandbox programs offered by the Bureau (covered by InfoBytes here) to take advantage of AI/ML’s potential benefits. The blog post mentions three specific areas in which the Bureau is particularly interested in exploring: (i) “the methodologies for determining the principal reasons for an adverse action”; (iii) “the accuracy of explainability methods, particularly as applied to deep learning and other complex ensemble models”; and (iii) the conveyance of principal reasons “in a manner that accurately reflects the factors used in the model and is understandable to consumers.”
On June 3, NYDFS and France’s Autorité de Contrôle Prudentiel et de Résolution (ACPR) signed a Memorandum of Understanding (MOU) to help ease fintech innovators’ entry into the New York and French markets. This is the first fintech cooperation agreement signed by the ACPR with a U.S. regulator. Under the terms of the MOU, the two regulators will (i) refer companies to one another for potential market entry; (ii) “exchange information about regulatory and policy issues”; (iii) ensure innovators in both jurisdictions receive equal levels of support; and (iv) “share regulatory and supervisory expertise and best practices.” According to NYDFS, the regulators aim to encourage and support financial innovation, enhance consumer protections, and encourage “healthy market competition in their respective markets.”
On February 19, the Conference of State Bank Supervisors announced the launch of a technology platform called the State Examination System (SES) to increase transparency and collaboration with regulated entities. State regulators, who are the primary regulators of non-bank and fintech firms, can use the system for investigations, enforcement actions and complaints. According to the press release, “state regulators will be able to enhance supervisory oversight of nonbanks while making the process more efficient for regulators and companies alike.” Among other things, SES is designed to: (i) “[s]upport networked supervision among state regulators”; (ii) “[s]tandardize workflow, business rules and technology across states”; (iii) [f]acilitate secure collaboration between licensees and their regulators”; (iv) allow examiners to “focus…on higher risk cases”; and (v) promote efficiency by “[m]ov[ing] state supervision towards more multistate exams and fewer single-state efforts.” SES will be managed by the State Regulatory Registry, which also manages the Nationwide Multistate Licensing System.
On February 7, NYDFS announced it will hold its first “Symposium on Financial Innovation and Inclusion” on April 2 during New York Fintech Week. The symposium seeks to connect stakeholders—including policymakers, regulators, innovators, established financial institutions, investors, and consumer representatives—to explore innovation and inclusion, while also exploring opportunities to benefit consumers and mitigate potential risks.
On February 10, Federal Reserve (Fed) Governor Michelle W. Bowman spoke before the Conference for Community Bankers on the interaction between innovation and regulation for community banks. In discussing her “vision for creating pathways to responsible community bank innovation,” Bowman identified particular challenges facing smaller banks when identifying and integrating new technologies and offered suggestions for ways the Fed can assist these banks in managing relationships with third-party service providers. Acknowledging that responsible innovation requires community banks to identify goals and pinpoint products and services to implement their strategies, Bowman recognized that compliance costs can create an outsized and undue burden on smaller banks and stated that federal regulations should be tailored to bank size, risk, and complexity. Among other things, Bowman stated that the Fed could align its third-party service provider guidance with the OCC and other banking agencies to provide uniform standards to banks. “It is incredibly inefficient to have banks and their potential fintech partners and other vendors try to navigate unnecessary differences and inconsistencies in guidance across agencies,” Bowman noted. Regulators and supervisors have a role in easing the burden for community banks, she added, noting that third-party guidance should allow banks to conduct shared due diligence on potential partners and pool resources to avoid duplicating work. In addition, Bowman commented that the Fed could help banks make this choice by publishing a list of service providers subject to regulatory supervision and increasing transparency around “who and what” the Fed evaluates. Bowman further stated that any guidance should also explain what due diligence looks like for potential fintech partners, since standards applied to other third parties may not be universally applicable. Giving community banks a better vision of what success in due diligence looks like, Bowman stated, will require releasing more information on its necessary elements.
Bowman also highlighted the Fed’s upcoming fintech innovation office hours, as well as the Fed’s recently launched fintech website section, (both covered by InfoBytes here), which are designed to help provide access to Fed staff, highlight supervisory observations regarding fintech, provide a hub of information for interested stakeholders on innovation-related matters, and deliver practical tips for banks and other companies interested in engaging in fintech activity.
On January 7, the Conference of State Bank Supervisors (CSBS) released a report by its Fintech Industry Advisory Panel outlining progress made on several initiatives to streamline state licensing and supervision of financial technology companies. As previously covered by InfoBytes, the panel was convened in 2017 as part of Vision 2020—a state regulator initiative to modernize the regulation of fintech companies and other non-banks by creating an integrated, 50-state system of licensing and supervision. The Accountability Report charts progress on initiatives identified by the panel, which, according to the announcement, fit into four focus areas: (i) the use of CSBS regtech for licensing and exams, including expanding the use of NMLS among states across all license types for nonbank financial services, developing “state licensing requirements for multi-state consistency,” and launching a new state examination system; (ii) improved consistency among states, including 26 states signing on to the Multistate Money Service Business (MSB) Licensing Agreement, which is intended to streamline the MSB licensing process; (iii) the creation of uniform definitions and practices and the development of a 50-state MSB model law and state accreditation programs for MSBs, which will encourage greater consistency among states; and (iv) increased regulatory transparency, including online resources for state guidance and exemptions, as well as information sessions with regulators and industry to discuss fintech developments.
On December 17, the Federal Reserve Board (Fed) released a new issue of the Consumer Compliance Supervision Bulletin focusing on supervisory insights into consumer compliance issues related to fintech to assist financial institutions with assessing and managing risk associated with technological innovation. Among the topics covered in the bulletin, are (i) managing risk with fintech collaborations—the Fed stresses the importance of creating strong policies and procedures, as well as board and senior management oversight, comprehensive and tailored training, and risk monitoring; (ii) managing UDAP risks with online and mobile banking platforms—the Fed recommends a focus on ensuring consistency and accuracy in disclosures on the platforms and the regular monitoring of complaints; and (iii) managing possible fair lending risks resulting from targeted online marketing—the Fed suggests careful monitoring over marketing activities and vendors, as well as close review of filters used with internet advertising to prevent excluding populations with legally protected characteristics. The bulletin will be featured on the agency’s new fintech page previously covered by InfoBytes here.
- Sasha Leonhardt to discuss "The Servicemembers Civil Relief Act and the Military Lending Act: Enforcement lessons, common pitfalls and emerging issues" at an NAFCU webinar
- H Joshua Kotin to discuss "Diversity & inclusion: Litigation and enforcement" at the Tri-State Mortgage Conference
- Tim Lange to discuss "State legislative impacts of 2020" at the NMLS 2021 Annual Conference
- Daniel R. Alonso to discuss "How to become an AUSA" at the New York City Bar Association Minorities in the Courts Committee “How To” series