InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Michigan requires annual reporting on payday lending from director
On May 22, Michigan enacted HB 4343 (the “Act”) to include new reporting requirements regarding payday lending for the director or the Michigan Department of Insurance and Financial Services (the Department). By October 31 of each year, from 2025 to 2031, the director of the Department must submit a report to the relevant senate and house committees tasked with the oversight of banking and financial services issues. The report must cover various aspects of the payday lending business in the state, including the number of licensed providers, program fees received by the Department, and local and statewide statistics on provider locations, transaction volumes and amounts, and customer usage patterns. The Act will require the Department to include the names and addresses of all licensees, the number of complaints filed against both licensees and non-licensees arising from transactions conducted in the state, and any additional information deemed relevant by the director. According to the Act, the purpose of this reporting will be to enforce and regulate the payday lending industry. The Act will go into effect after the 91st day after the final adjournment of the 2024 regular session.
NYDFS issues loss mitigation guidance for property insurance
On May 23, NYDFS issued Insurance Circular Letter No. 3 (2024) which encouraged all insurers – authorized to write property/casualty insurance in New York – to offer loss mitigation tools and services to the insured for free or at a reduced fee. Insurers are encouraged to offer devices like smart water monitors and provide discounts for the installation of loss prevention systems, such as smoke alarms and sprinkler systems. Additionally, the letter reminded insurers of their obligation to provide an actuarially appropriate reduction in rates for the installation of hurricane/storm shutters and hurricane-resistant windows and doors. It opined that any such tools or services offered by an insurer that are $25 or less in market value need not be specified in the insurance policy, while those exceeding $25 must be. This initiative, the letter stated, will aim to create a more affordable and resilient insurance market.
Colorado enacts consumer protections for artificial intelligence
On May 17, Colorado enacted SB 24-205 (the “Act”) concerning consumer protections in interactions with artificial intelligence (AI) systems. The Act requires developers of “high-risk” AI systems—defined as AI systems that make “consequential” decisions relating to education, employment, financial or lending services, housing, or insurance, etc.—to take reasonable care to protect consumers from “any known or reasonably foreseeable risks of algorithmic discrimination” that could arise from the use of such systems. The Act grants the Attorney General (AG) rule-making authority to implement and enforce the associated requirements.
Beginning in February 2026, developers must provide deployers with comprehensive documentation comprising a general statement of the AI system’s foreseeable uses and known harmful or inappropriate applications, high-level summaries of the training data, known or reasonably foreseeable limitations and risks, the system’s purpose, and its intended benefits and uses. Furthermore, developers must share how the AI system was evaluated for performance and algorithmic discrimination mitigation, the data governance measures applied to its data sets and sources, the intended outputs, the measures taken to mitigate risks, and the guidelines on the proper use and monitoring of the system.
Developers must share publicly a summary statement on their website or in a public use case inventory summarizing the types of high-risk AI systems that developers have developed or substantially modified and how they manage the potential risks of algorithmic discrimination associated with these systems. Additionally, deployers of high-risk AI systems must notify consumers of a system’s involvement in significant decision making, allow consumers to correct inaccurate personal data, and establish an appeal process for adverse determinations which, if technically feasible, allows for human review.
Finally, developers of high-risk AI systems are required to disclose any known or reasonably foreseeable risks of algorithmic discrimination to the AG and all known deployers or other developers of the system. Such disclosure must occur without unreasonable delay and no later than 90 days after a developer becomes aware of the risk. Furthermore, under the Act, the AG has the authority to request documentation or statements from developers to ensure compliance.
Colorado extends and amends law for debt-management service providers
On May 22, the Governor of Colorado approved HB 1251 (the “Act”) which will extend the regulation of debt-management service providers through September 1, 2035 (without legislative action, the relevant law would have been repealed on September 1 of this year). The Act will require debt-management service providers to provide personal finance management education to consumers and keep records of such education, require settlements between a consumer and creditor to be made in writing, and allow the Colorado Attorney General’s office to use the administrative process (instead of the rulemaking process) to establish reasonable fees to be paid by debt-management service providers. The Act will go into effect 90 days following the adjournment of the state assembly, provided no referendum would be filed.
Massachusetts’ Attorney General settles with lender for alleged usury claims
On May 21, the Massachusetts Attorney General (AG) released an Assurance of Discontinuance against a lender for allegedly violating the state’s Consumer Protection Act (CPA) provision on unfair and deceptive acts and practices. Specifically, the AG stated that the lender made loans with “usurious interest rates” from May 30, 2018, to December 29, 2022. The AG also alleged that, although the CPA prohibited charging interest greater than 20 percent per year, the lender’s Massachusetts loans had an average APR above 100 percent and that the interest on these loans exceeded 20 percent “uniformly.” The lender neither admitted nor denied any of the AG’s findings.
Under the Assurance of Discontinuance the lender will perform a self-audit of all Massachusetts loans and pay a pro-rata refund to affected consumers totaling $625,000. The lender agreed to not “collect, attempt to collect, or assign any right to collect payment” on all defaulted and active loans. The lender must also submit a report based upon its self-audit to the AG.
Florida appellate court reverses crypto-asset company’s money license suspension
On May 22, a Florida appellate court set aside the state’s Office of Financial Regulation (OFR) Emergency Suspension Order (ESO), suspending a Florida-based digital assets company’s (Petitioner) money services business (MSB) license. The OFR issued the ESO because Petitioner’s controlling shareholder and CEO had entered into federal plea agreements for BSA/AML violations. Under Fla. Stat. § 120.60(6), the OFR “may” suspend an MSB’s license if the OFR finds the licensee posed an “immediate serious danger” to “public health, safety, or welfare.” However, the OFR may only take such action by procedure that would be “fair under the circumstances,” and must describe its “reasons” for concluding that the procedure was fair. Petitioner argued that the ESO, among other things, did not meet this standard, and the Court agreed.
The OFR’s ESO did not state specific reasons for concluding that its procedures were fair, and instead merely relied on § 120.60(6) for blanket authorization. According to the court, the ESO should have offered an explanation as to why less drastic measures were insufficient or acknowledged the potential harm to Florida consumers. To comply with the ESO, for example, Petitioner would need to liquidate all digital asset holdings for all Florida customers, with a total of 170,000 accounts, which would threaten financial harm and might create “unplanned and extensive” tax liabilities to customers. Because the ESO did not discuss the OFR’s reasoning or alternative remedies, the court held the ESO was not fair under the circumstances. As such, the court set aside the ESO, but stayed its order pending timely and authorized motions for rehearing.
Maryland banking regulators release settlement agreement with bank
On May 16, the Maryland Office of Financial Regulation (OFR) publicized an April 30 settlement agreement pursuant to which the Maryland banking agencies will withdraw its four counts against the bank and dismiss the case with prejudice. The OFR alleged the bank violated certain of the state’s credit provisions by making loans without a license, and that its fintech partners allegedly violating the Maryland Collection Agency Licensing Act (MCALA) and the Maryland Credit Services Business Act (MCSBA). Under the settlement agreement, the respondents agreed to clearly and conspicuously provide the bank’s name and contact information in all advertisements and other communications related to credit issuance to Maryland consumers, and the fintech company agreed to get licensed as a debt collection agency under MCALA and otherwise comply with the MCSBA (without explicitly agreeing to obtain a license or not); the fintech will pay the OFR a $50,000 investigative fee and a $225,000 administrative payment.
FFIEC releases its revisions to call reports during open comment period
On May 22, members of the FFIEC, comprising the FDIC, Fed, and OCC, released their changes to how banks report their financial information through all three versions of the Call Report (FFIEC 031, FFIEC 041, and FFIEC 051) and the FFIEC 002 report. These revisions are intended to improve data accuracy and promote reporting consistency across institutions.
The first wave of updates will affect all three versions of the Call Report, as well as the FFIEC 002, and will go into effect on June 30. The primary focus will be on the alignment of reporting language with recent changes in accounting standards. Changes will include replacing references to “troubled debt restructurings” and will be replaced with “modifications to borrowers experiencing financial difficulty.” Additionally, the revisions will include new standards for electronic signatures. In addition, the agencies are implementing revisions related to the reporting of loans to nondepository financial institutions and government-backed structured financial products.
The agencies will still consider public comments on other proposed changes, including revisions to reporting requirements for loan modifications for struggling borrowers, past-due loans, and long-term debt. These potential future revisions aim to further enhance bank financial reporting clarity. Comments on these revisions must be submitted by June 21.
OCC’s Hsu speaks on recovery planning to avoid banking crises
On May 27, the Acting Comptroller of the Currency, Michael J. Hsu, delivered a speech emphasizing the importance of recovery planning in mitigating the risks associated with bank crises. Hsu argued that while preventing crises through risk management, capital and liquidity requirements, and strong supervision was the primary goal, having a robust recovery plan was critical for stabilizing banks and restoring confidence in stressful times. He noted his comments came in light of recent bank failures in the U.S. and abroad.
Acting Comptroller Hsu drew an analogy to the philosophical “trolley problem,” highlighting the difficult choices regulators face. Hsu emphasized how banks and their regulators need actionable recovery plans with options to sell certain portfolios or businesses, increase liquidity and capital, or reduce risk-weighted assets to avoid losses. The Acting Comptroller also detailed how effective recovery plans should incorporate timely triggers for action, thorough impact assessments, and clear communication with stakeholders. He concluded by calling for the application of recovery planning requirements to all large banks with at least $100 billion in assets (down from the current $250 billion in assets requirement) suggesting that applying recovery planning guidelines in this manner could have mitigated recent regional bank failures and limited losses to the Deposit Insurance Fund.
CFPB says SCRA-related complaints are increasing
On May 23, the CFPB published a blog post reporting that complaints from servicemembers, veterans, and their families significantly increased, with the total number of complaints surpassing 400,000 since the CFPB began cataloging complaints. The Bureau noted a 27 percent rise in complaints from 2022 and a 98 percent increase compared to 2021, with servicemember complaints mostly alleging credit reporting errors, mortgage problems, and financial fraud and scams.
The CFPB’s blog post specifically focused on the application of interest rate protections under the Servicemembers Civil Relief Act (SCRA), which among other protections permitted servicemembers to request a decrease to 6 percent in interest rates on loans they took out before active duty. However, after a review of the complaints, the Bureau found servicemembers who claimed to face challenges in obtaining interest rate reductions. The CFPB noted a significant number of otherwise eligible servicemembers did not receive SCRA benefits. The CFPB suggested possible solutions like automated interest rate reductions, which it argued have been successful for federal student loans. The CFPB also noted instances where the CFPB cannot directly resolve an issue, it would refer complaints to appropriate agencies, such as the DOJ, for potential SCRA violations. The CFPB has also coordinated with other agencies to address military community complaints, including identity theft and financial fraud.