InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FTC examines small business credit reporting
On March 16, the FTC launched an inquiry into the small business credit reporting industry, seeking information from firms on how information is collected and processed for business credit reports, how these reports are marketed, and firms’ approaches for addressing factual errors contained in the reports. Firms are also asked to provide information on the types of services provided to businesses for monitoring or enhancing their own credit reports. The FTC noted that currently there is no federal law that specifically outlines credit reporting processes and protections for small businesses, unlike individual consumer credit reports, which are governed by the FCRA.
FTC asks how cloud computing affects competition and data security
On March 22, the FTC announced it is seeking information on cloud computing providers’ business practices with respect to the potential impact on competition and data security. FTC staff noted that the agency is also interested in how cloud computing is impacting specific industries, including healthcare, finance, transportation, e-commerce, and defense. The request for information (RFI) solicits feedback on a range of issues, including (i) market power and competition (e.g. do particular segments of the economy have to rely on a small handful of cloud service providers); (ii) contract negotiation flexibility; (iii) incentives given to customers to ensure they obtain more of their cloud services from a single provider; (iv) security risks (e.g. what are the data security implications if particular segments of the economy rely on a small number of cloud service providers, and are these providers competing on their ability to provide secure storage for customer data); (v) products or services tied to artificial intelligence; and (vi) how cloud providers identify and notify customers of security risks related to security design, implementation, or configuration. Comments on the RFI are due May 22.
Biden administration questions crypto assets
President Biden recently issued his sweeping economic report, in which the administration’s Council of Economic Advisers addressed numerous economic policy concerns, including the current crypto ecosystem and the perceived appeal of crypto assets. The report discussed claims made about the purported benefits of crypto assets, such as the decentralized custody and control of money, as well as the potential for “improving payment systems, increasing financial inclusion, and creating mechanisms for the distribution of intellectual property and financial value that bypass intermediaries that extract value from both the provider and recipient,” but argued that “[s]o far, crypto assets have brought none of these benefits.” The report countered that, in fact, “crypto assets to date do not appear to offer investments with any fundamental value, nor do they act as an effective alternative to fiat money, improve financial inclusion, or make payments more efficient; instead, their innovation has been mostly about creating artificial scarcity in order to support crypto assets’ prices—and many of them have no fundamental value.”
Arguing that these issues raise questions about the role of regulations in protecting consumers, investors, and the financial system on a whole, the report conceded that some of the potential benefits of crypto assets —including (i) serving as investment vehicles; (ii) offering money-like functions without having to rely on a single authority; (iii) enabling fast digital payments; (iv) improving the underbanked population’s access to financial services; and (v) improving the current financial technology infrastructure through distributed ledger technology—may be realized down the road. However, the report cautioned that “[m]any prominent technologists have noted that distributed ledgers are either not particularly novel or useful or they are being used in applications where existing alternatives are far superior.” Highlighting the risks and costs of crypto assets, the report asserted, among other things, that cryptocurrencies are not as effective as a medium of exchange and do not serve “as an effective alternative to the U.S. dollar” due to their use as both money and an investment vehicle.
FTC proposes changes to Negative Option Rule
On March 23, the FTC announced a notice of proposed rulemaking (NPRM) seeking feedback on proposed amendments to the agency’s Negative Option Rule, which is used to combat unfair or deceptive practices related to subscriptions, memberships, and other recurring-payment programs. (See also FTC fact sheet here.) Claiming that current laws and regulations do not clearly provide a consistent legal framework for these types of programs, the NPRM, which applies to all subscription features in all media, proposes to add a new “click to cancel” provision that would make it as easy for consumers to cancel their enrollment as it was to sign up. The NPRM would also require sellers to first ask consumers whether they want to hear about new offers or modifications before making a pitch when consumers are trying to cancel their enrollment. If a consumer says “no” a seller must immediately implement the cancellation process. Sellers would also be required to provide consumers who are enrolled in negative option programs with an annual reminder involving anything other than physical goods before they are automatically renewed.
Commissioner Christine Wilson issued a dissenting statement, in which she argued that while the NPRM “may achieve the goal of synthesizing the various requirements in one rule,” it “is not confined to negative option marketing [as it] also covers any misrepresentation made about the underlying good or service sold with a negative option feature.” Wilson commented, “as drafted, the Rule would allow the Commission to obtain civil penalties, or consumer redress under Section 19 of the FTC Act, if a marketer using a negative option feature made misrepresentations regarding product efficacy or any other material fact.”
2nd Circuit: CFPB funding is constitutional
On March 23, the U.S. Court of Appeals for the Second Circuit held that the CFPB’s funding structure is constitutional—splitting from the U.S. Court of Appeals for the Fifth Circuit’s decision in Community Financial Services Association of America v. Consumer Financial Protection Bureau, which concluded that Congress violated the Constitution’s Appropriations Clause when it created what that Court described as a “perpetual self-directed, double-insulated funding structure.” The U.S. Supreme Court is scheduled to review the 5th Circuit’s decision next term (covered by InfoBytes here).
Meanwhile, the 2nd Circuit concluded that it “cannot find any support” for the 5th Circuit’s determination in Supreme Court precedent, the text of the Constitution text, or in the history of the Appropriations Clause. “Because the CFPB’s funding structure was authorized by Congress and bound by specific statutory provisions, we find that the CFPB’s funding structure does not offend the Appropriations Clause,” the 2nd Circuit wrote. As such, the appellate court affirmed a 2020 district court order requiring the defendant debt collection law office to comply with a civil investigative demand issued by the Bureau in June 2017. As previously covered by InfoBytes, the CID requested information from the defendant as part of a Bureau investigation into whether debt collectors, furnishers, or other persons associated with the collection of debt and furnishing of information have engaged or are engaging in unfair, deceptive, or abusive acts or practices in violation of the CFPA, FDCPA, and FCRA. The defendant objected on several grounds, including that the CID was void ab initio under Seila Law LLC v. CFPB (the defendant contended that “the CFPB Director was shielded from presidential oversight by an unconstitutional removal provision at the time the CID was issued”), and that the Bureau is unconstitutionally funded. As noted in the opinion, the Bureau ratified the CID and the enforcement action against the defendant following the Supreme Court’s decision in Seila Law, and the district court ultimately granted the Bureau’s petition to enforce the CID.
On review, the 2nd Circuit affirmed the district court’s order, concluding that the CID was not void ab initio because “there is no dispute that the CFPB Director who issued the CID was properly appointed.” The appellate court pointed to the majority opinion in the Supreme Court’s decision in Collins v. Yellen (covered by InfoBytes here), which held that “‘an unconstitutional removal restriction does not invalidate agency action so long as the agency head was properly appointed[,]’” and therefore the Bureau’s actions are not void and do not need to be ratified, unless a plaintiff can show that “the agency action would not have been taken but for the President’s inability to remove the agency head.” The panel further noted that “[s]ince the CID was issued, there have been three different CFPB Directors appointed by two different presidents, each of whom has been subject to at-will removal at some point in their tenure. There is nothing to suggest that the Director’s removal protection affected the issuance of the CID or the investigation into [the defendant].” The 2nd Circuit further concluded that “the CFPB’s funding structure is not constitutionally infirm under either the Appropriations Clause or the nondelegation doctrine, and that the CID served on [the defendant] is not an unduly burdensome administrative subpoena.”
North Dakota amends mortgage licensing requirements
On March 13, the North Dakota governor signed SB 2090, which, among other things, revises licensing requirements for residential mortgage lenders. The act provides that “a person other than a residential mortgage lender licensed and authorized under this chapter may not engage in residential mortgage lending in the state without a residential mortgage lender license issued by the commissioner. A person engages in residential mortgage lending if the borrower resides in North Dakota.” The act outlines provisions related to application for licensure; licensing fees; surety bond and minimum net worth requirements; license renewal, expiration, revocation, suspension, and surrender; recordkeeping requirements; prohibited acts and practices; prohibitions on advance fees; and permitted maximum charges for loans and installment payments. Provisions relating to orders, injunctions, investigations, subpoenas, examinations, and penalties are also discussed. The act also provides a comprehensive list of exemptions.
The act stipulates that lenders in possession of a valid state money broker’s license as of August 1, are not required to obtain a residential mortgage lenders license until December 31. All other provisions of this chapter are applicable to residential mortgage lenders as of August 1.
CSBS seeks comments on uniform mortgage licensing standards
On March 16, the Conference of State Bank Supervisors (CSBS), on behalf of the NMLS Policy Committee, issued a request for public comments on proposed uniform state licensing standards for mortgage companies. The Proposal: Mortgage Business-Specific Requirements would create a national standard for mortgage industry licensing to help improve uniformity within the state system and streamline the licensing process for mortgagees seeking licensure in multiple states.
The proposal is broken down into eight components:
- Contacts. All licensees will be required to provide contacts within the company for accounting, legal, licensing, data breach/cybersecurity, exam billing, exam delivery, and mortgage call reports, in addition to a primary company contact and a primary consumer complaint contact. If a licensee chooses to list a third-party contact, “the company will be deemed to have expressly authorized a state agency to contact the third party without further approval from the company” and “the company is ultimately responsible for the area of responsibility.”
- Periodic reporting. All licensees will be required to complete periodic reports covering mortgage call reports, audited financial statements, and reportable incidents.
- Data requirements. All licensees will be required to “provide numbers for any approvals or designations the company holds[,]” as well as business bank account information for accounts held in the name of the applicant and used for mortgage activities.
- Document requirements. Required documentation includes financial statements; policies and certifications; current Bank Secrecy Act/anti-money laundering and Gramm-Leach Bliley Privacy Act policies; current disaster recovery or business continuity plans; a current consumer grievance/complaint policy (as well as the required certification); and documents used in the regular course of business such as operating agreements, consumer complaint notices, customer agreements, and third-party contracts.
- Required functionality. All licensees must abide by a three-party electronic surety bond agreement in order to guarantee “the surety’s performance or monetary compensation to the obligee should there be a failure by the principal to perform specified acts within a stated time period.” The surety bond will be electronically managed by NMLS.
- Location reporting. All licenses will be required to provide locations where licensed activity will be performed, where records will be stored, or where support staff for licensed activities will be located. Licensees must also provide the primary location for accounting services, regardless of whether they are provided in house or by a third-party accounting firm, cloud storage services (including services used to collect data from customers), and the primary location for legal services, regardless of whether they are provided in house or by a third-party law firm.
- Company operated work locations’ information. The proposal outlines information required for each company operated work location, including business activities, licensing authorities, addresses, books and records information, and “doing business as” names.
- Key individual requirements. Licensees will be required to identify key individuals in the areas of management, ownership, functional risk areas, and industry specific roles. The proposal explains that the key individual inquiry focuses on key risk and functional areas (operations, finance, compliance, and information security), rather than titles. Key individuals for mortgages must also submit credit reports and complete an FBI criminal background check. Key individuals who have lived outside the United States at any time in the past 10 years must also provide an investigative background report.
Comments on the proposal are due May 15.
North Dakota passes law on money transmitter licensure
On March 15, the North Dakota governor signed SB 2119, which revises provisions related to money transmitters. The act, among other things, provides that a “person may not engage in the business of money transmission or advertise, solicit, or hold itself out as providing money transmission unless the person is licensed under this chapter.” The provision does not apply to a “person that is an authorized delegate of a person licensed under this chapter acting within the scope of authority conferred by a written contract with the licensee” or to exempt persons provided the person “does not engage in money transmission outside the scope of the exemption.” The act outlines provisions related to consistent state licensure, application for licensure, information requirements for certain individuals, reporting and recordkeeping requirements (including those related to anti-money laundering), and bond requirements. Provisions relating to examinations, investigations, and licensee supervision, as well as unauthorized activities are also discussed. The act also provides a comprehensive list of exemptions.
The act is effective August 1. For current licensees, the provisions take effect upon license renewal but no later than December 31.
DFPI clarifies licensing provisions for several state laws
The California Department of Financial Protection and Innovation (DFPI) recently filed a notice of proposed rulemaking with the Office of Administrative Law, seeking to add several sections to Title 10, Chapter 3 of the California Code of Regulations relating to the California Consumer Financial Protection Law (CCFPL), the California Financing Law (CFL), the California Deferred Deposit Transaction Law (CDDTL), and the California Student Loan Servicing Act (SLSA). (See also DFPI initial state of reasons here.) Among other things, the proposed regulations provide specific registration requirements for covered persons under the CCFPL and outline requirements for exemption from registration under the CCFPL for licensees under the CFL, CDDTL, and SLSA.
According to DFPI’s notice, the CCFPL grants the Department authority to require covered persons engaged in the business of offering and providing a consumer financial product or service to be registered but does not specify requirements for registration. The proposed regulations clarify these requirements, which include establishing an application process, outlining fees, and specifying persons and conditions for exemption. The proposed regulations also establish annual reporting requirements for filing reports with DFPI. The Department explained that “[e]xisting law exempts from CCFPL registration certain licensees who provide consumer financial products or services ‘within the scope of’ their licenses issued under other Department laws.” The proposed regulations clarify the meaning of “within the scope of” and specify that licensees under the CFL and the CDDTL are exempt from registering under the CCFPL. “[E]xempt licensees who provide products or services that would otherwise be subject to registration under the CCFPL [are required] to submit supplemental information on these activities in their annual reports required under their license,” DFPI explained.
With respect to the SLSA, DFPI noted that “[a]lthough an SLSA license does not confer upon a licensee the authority to originate financing within the scope of their license, the regulations exempt SLSA licensees from registration requirements for education financing when they meet specified requirements.”
The proposed regulations also clarify the applicability of the CFL to certain activities, by, among other things, providing that “an advance of funds to be repaid from a consumer’s future earned or unearned pay is a loan subject to the CFL” and that “providers of income-based advances and education financing who are registered under the CCFPL and whose charges do not exceed the charges permitted under the CFL” are exempt from licensure under the CFL. The proposed regulations also clarify provisions relating to collecting loan payments, monthly subscription fees, and loan contracts.
Comments on the proposed regulations are due May 17.
OFAC continues to sanction Iran’s UAV procurement network
On March 21, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions in coordination with the FBI against four entities and three individuals in Iran and Turkey accused of supporting Iran’s unmanned aerial vehicle (UAV) procurement efforts. The sanctions, taken pursuant to Executive Order (E.O.) 13382, follow the recent designation of a China-based network, as well as several prior OFAC actions targeting Iran’s UAV manufacturers and their executives (covered by InfoBytes here). According to OFAC, the procurement network operates on behalf of Iran’s Ministry of Defense and Armed Forces Logistic, which was sanctioned by OFAC in 2007 “for having engaged, or attempted to engage, in activities or transactions that have materially contributed to, or pose a risk of materially contributing to, the proliferation of weapons of mass destruction or their means of delivery.”
As a result of the sanctions, all property interests belonging to the sanctioned individuals and entities that are in the U.S. or in the possession or control of U.S. persons are blocked and must be reported to OFAC. Further, “any entities that are owned, directly or indirectly, 50 percent or more by one or more blocked persons are also blocked.” U.S. persons are generally prohibited from engaging in any dealings involving the property interests of blocked or designated persons. Persons that engage in certain transactions with the designated individuals or entities may themselves be exposed to sanctions, and “any foreign financial institution that knowingly facilitates a significant transaction or provides significant financial services for any of the individuals or entities designated today pursuant to E.O. 13382 could be subject to U.S. sanctions.”