Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • New York proposes “landmark” crypto legislation

    State Issues

    On May 5, New York Attorney General Letitia James announced proposed legislation to increase oversight of the cryptocurrency industry. Calling the “landmark legislation” the “strongest and most comprehensive set of regulations on cryptocurrency in the nation,” James said the bill would increase transparency, eliminate conflicts of interest, and impose “commonsense” investor protection measures consistent with other financial services regulations. Among other things, the bill would strengthen NYDFS’ regulatory authority over digital assets and codify the Department’s ability to license digital asset brokers, marketplaces, investment advisors, and issuers prior to engaging in business in the state. NYDFS would also be given jurisdiction to enforce violations of law within the crypto industry, including by issuing subpoenas; imposing civil penalties of $10,000 per violation per individual or $100,000 per violation per firm; collecting restitution, damages, and penalties; and shutting down businesses found to be engaging in fraud and illegal activities.

    The bill would also strengthen investor protections by enacting and codifying “know-your-customer” protections, “[b]anning the use of the term ‘stablecoin’ to describe or market digital assets unless they are backed 1:1 with U.S. currency or high-quality liquid assets as defined in federal regulations,” and requiring crypto platforms to reimburse victims of fraud, similar to a bank’s responsibility under the EFTA. Other provisions would, among other things, (i) implement protections to stop conflicts of interest, including by preventing common ownership of crypto issuers, marketplaces, brokers, and investment advisers and preventing such persons from engaging in more than one of those activities; and (ii) require public reporting of financial statements to increase transparency and mandate that companies be required to undergo independent audits and publish audited financial statements, among other things.

    The proposed bill will be submitted by the attorney general’s office to the New York Senate and Assembly for their consideration during the 2023 legislative session.

    State Issues Digital Assets State Legislation State Attorney General Cryptocurrency New York EFTA Fintech

  • CFPB general counsel highlights risks in payments industry

    Federal Issues

    On May 9, CFPB General Counsel and Senior Advisor to the Director, Seth Frotman, discussed the evolution of the payments system and its significant impact on consumer financial protection. Speaking before the Innovative Payments Association, Frotman commented that over the past few years, growth in the use of noncash payments (i.e. ACG, cards, and checks) accelerated faster from 2018 to 2021 than in any previous period, with the value of noncash payments since 2018 increasing nearly 10 percent per year, approaching almost $130 trillion in 2021. The value of ACH transfers and the number of card payments also increased tremendously, Frotman noted, pointing to a rapid decline in ATM cash withdrawals and the use of checks. He observed that the use of peer-to-peer (P2P) payment platforms and digital wallets is also growing quickly, with more traditional financial institutions redoubling their efforts to expand product offerings to capture market shares in this space. Additionally, several large tech firms, drawing on their significant customer bases and brand recognition, are looking to integrate payment services into their operating systems, with some offering payment products used by consumers daily, Frotman said.

    Addressing concerns relating to data harvesting and privacy, Frotman said the Bureau is concerned that companies, including big tech companies, are using payment data to engage in behavioral targeting or individualized marketing, while some companies are sharing detailed payments information with data brokers or third parties as a way to monetize data. These behaviors, which he said only increase as payment systems continue to grow, raise the potential for harm, including limiting competition and consumer choice and stifling innovation. Frotman added that these issues are not limited to big tech. Banks, Frotman said, are also rolling out digital wallets as a way to access payment information, and Buy Now Pay later lenders are collecting consumer data “to increase the likelihood of incremental sales and maximize the lifetime value extracted from each current, past, or potential borrower.” Frotman reminded attendees that the Bureau has several critical tools at its disposal to address concerns about how data is bought, sold, used, and protected, and warned the payments industry to comply with applicable legal requirements.

    Frotman also discussed challenges facing “gig” and other non-standard workers when trying to navigate consumer financial markets, particularly with respect to the intersection between how workers are being paid and the EFTA. According to Frotman, the Bureau is concerned about whether gig workers are being improperly required to receive payments through a particular financial institution or via a particular payment product or app. Frotman instructed employers to provide payment options that do not require workers to establish an account with a particular institution to ensure they do not run afoul of the EFTA’s “compulsory use” provision. Consumers who use a personal P2P app for work transactions are also entitled to EFTA protections with respect to fraud and error resolution, Frotman added. Frotman closed his remarks by touching briefly on liquidity and stability in the P2P payment system. He warned that consumers who use P2P payment products to store funds do not have the same level of protection as consumers who use traditional banking products.

    Federal Issues CFPB Payments Privacy, Cyber Risk & Data Security Consumer Finance Peer-to-Peer Digital Wallets EFTA

  • Online lender asks Supreme Court to review ALJ ruling

    Courts

    A Delaware-based online payday lender and its founder and CEO (collectively, “petitioners”) recently submitted a petition for a writ of certiorari challenging the U.S. Court of Appeals for the Tenth Circuit’s affirmation of a CFPB administrative ruling related to alleged violations of the Consumer Financial Protection Act (CFPA), TILA, and EFTA. The petitioners asked the Court to first review whether the high court’s ruling in Lucia v. SEC, which “instructed that an agency must hold a ‘new hearing’ before a new and properly appointed official in order to cure an Appointments Clause violation” (covered by InfoBytes here), meant that a CFPB administrative law judge (ALJ) could “conduct a cold review of the paper record of the first, tainted hearing, without any additional discovery or new testimony.” Or, the petitioners asked, did the Court intend for the agency to actually conduct a new hearing. The petitioners also asked the Court to consider whether an agency funding structure that circumvents the Constitution’s Appropriations Clause violates the separation of powers so as to invalidate prior agency actions promulgated at a time when the Bureau was receiving such funding.

    The case involves a challenge to a 2015 administrative action that alleged the petitioners engaged in unfair or deceptive acts or practices when making short-term loans (covered by InfoBytes here). The Bureau’s order required the petitioners to pay $38.4 million as both legal and equitable restitution, along with $8.1 million in penalties for the company and $5.4 million in penalties for the CEO. As previously covered by InfoBytes, between 2018 and 2021, the Court issued four decisions, including Lucia, which “bore on the Bureau’s enforcement activity in this case” by “deciding fundamental issues related to the Bureau’s constitutional authority to act” and appoint ALJs. During this time, two different ALJs decided the present case years apart, with their recommendations separately appealed to the Bureau’s director. The director upheld the decision by the second ALJ and ordered the lender and its owner to pay the restitution. A district court issued a final order upholding the award, which the petitioners appealed, arguing, among other things, that the enforcement action violated their due-process rights by denying the CEO additional discovery concerning the statute of limitations. The petitioners claimed that they were entitled to a “new hearing” under Lucia, and that the second administrative hearing did not rise to the level of due process prescribed in that case. 

    However, the 10th Circuit affirmed the district court’s $38.4 million restitution award, rejecting the petitioners’ various challenges and affirming the director’s order. The 10th Circuit determined that there was “no support for a bright-line rule against de novo review of a previous administrative hearing,” nor did it see a reason for a more extensive hearing. Moreover, the petitioners “had a full opportunity to present their case in the first proceeding,” the 10th Circuit wrote.

    The petitioners maintained that “[d]espite the Court’s clear instruction to hold a ‘new hearing,’ ALJs and courts have reached divergent conclusions as to what Lucia requires, expressing confusion and frustration regarding the lack of guidance.” What it means to hold a “new hearing” runs “the gamut,” the petitioners wrote, pointing out that while some ALJs perform a full redo of the proceedings, others merely accept a prior decision based on a cold review of the paper record. The petitioners argued that they should have been provided a true de novo hearing with an opportunity for new testimony, evidence, discovery, and legal arguments. The rehearing from the new ALJ was little more than a perfunctory “paper review,” the petitioners wrote.

    Petitioners asked the Court to grant the petition for three reasons: (i) “the scope of Lucia’s ‘new hearing’ remedy is an important and apparently unsettled question of federal law”; (ii) “the notion Lucia does not require a genuinely ‘new’ de novo proceeding is necessarily wrong because a sham ‘remedy’ provides parties no incentive to litigate Appointments Clause challenges”; and (iii) the case “is an ideal vehicle to provide guidance on Lucia’s ‘new hearing’ remedy.” The petitioners further argued that “Lucia’s remedy should provide parties an incentive to raise separation of powers arguments by providing them actual and meaningful relief.”

    The petitioners’ second question involves whether Appropriations Clause violations that render an agency’s funding structure unconstitutional, if upheld, invalidate agency actions taken under such a structure. The petitioners called this “an important, unsettled question of federal law meriting the Court’s review,” citing splits between the Circuits over the constitutionality of the Bureau’s funding structure which has resulted in uncertainty for both regulators and regulated parties. Recently, the Court granted the Bureau’s request to review the 5th Circuit’s decision in CFSAA v. CFPB, which held that Congress violated the Appropriations Clause when it created what the 5th Circuit described as a “perpetual self-directed, double-insulated funding structure” for the agency (covered by InfoBytes here).

    Courts CFPB U.S. Supreme Court Online Lending Payday Lending Appellate Tenth Circuit Fifth Circuit TILA EFTA CFPA UDAAP Enforcement Constitution Funding Structure ALJ

  • District Court says EFTA applies to cryptocurrency

    Courts

    On February 22, the U.S. District Court for the Southern District of New York partially granted a cryptocurrency exchange’s motion to dismiss allegations that its inadequate security practices allowed unauthorized users to drain customers’ cryptocurrency savings. Plaintiffs claimed the exchange and its former CEO (collectively, “defendants”) failed to correctly implement a two-factor authentication system for their accounts and misrepresented the scope of the exchange’s security protocols and responsiveness. Plaintiffs filed a putative class action alleging violations of the EFTA and New York General Business Law, along with claims of negligence, negligent misrepresentation, breach of contract, breach of warranty, and unjust enrichment. The defendants moved to dismiss, in part, by arguing that the EFTA claim failed because cryptocurrency does not constitute “funds” under the statute. The court denied the motion as to the plaintiffs’ EFTA claim, stating that the EFTA does not define the term “funds.” According to the court, the ordinary meaning of “cryptocurrency” is “a digital form of liquid, monetary assets” that can be used to pay for things or “used as a medium of exchange that is subsequently converted to currency to pay for things.” In allowing the claim to proceed, the court referred to a final rule issued by the CFPB in 2016, in which the agency, according to the court’s opinion, “expressly stated that it was taking no position with respect to the application of existing statutes, like the EFTA, to virtual currencies and services.” In the final rule, the Bureau stated that it “continues to analyze the nature of products or services tied to virtual currencies.” The court dismissed all of the remaining claims, citing various pleading deficiencies, and finding, among other things, that the “deceptive acts or practices” claim under New York law failed because plaintiffs did not identify specific deceptive statements the defendants made or deceptive omissions for which the defendants were responsible.

    Courts Digital Assets EFTA Cryptocurrency Class Action Privacy, Cyber Risk & Data Security State Issues New York CFPB Virtual Currency Fintech

  • D.C. Circuit says CFPB’s Prepaid Rule does not mandate model disclosures for payment companies

    Courts

    On February 3, the U.S. Court of Appeals for the D.C. Circuit reversed a district court’s decision that had previously granted summary judgment in favor of a payment company and had vacated two provisions of the CFPB’s Prepaid Rule: (i) the short-form disclosure requirement “to the extent it provides mandatory disclosure clauses”; and (ii) the 30-day credit linking restriction. As previously covered by InfoBytes, the company sued the Bureau alleging, among other things, that the Bureau’s Prepaid Rule exceeded the agency’s statutory authority “because Congress only authorized the Bureau to adopt model, optional disclosure clauses—not mandatory disclosure clauses like the short-form disclosure requirement.” The Bureau countered that it had authority to enforce the mandates under federal regulations, including the EFTA, TILA, and Dodd-Frank, and argued that the “EFTA and [Dodd-Frank] authorize the Bureau to issue—or at least do not foreclose it from issuing—rules mandating the form of a disclosure.”

    The district court concluded, among other things, that the Bureau acted outside of its statutory authority, and ruled that it could not presume that Congress delegated power to the agency to issue mandatory disclosure clauses just because Congress did not specifically prohibit it from doing so. Instead, the Bureau can only “‘issue model clauses for optional use by financial institutions’” since the EFTA’s plain text does not permit the Bureau to issue mandatory clauses, the district court said. The Bureau appealed, arguing that both the EFTA and Dodd-Frank authorize the Bureau to promulgate rules governing disclosures for prepaid accounts, and that the decision to adopt such rules is entitled to deference. (Covered by InfoBytes here.) However, the Bureau maintained that the Prepaid Rule “does not make any specific disclosure clauses mandatory,” and stressed that companies are permitted to use the provided sample disclosure wording or use their own “substantially similar” wording.

    In reversing and remanding the ruling, the appellate court unanimously determined that because the Bureau’s Prepaid Rule does not mandate “specific copiable language,” it is not mandating a “model clause,” which the court assumed for purposes of the opinion that the Bureau was prohibited from doing. While the Prepaid Rule imposes formatting requirements and requires the disclosure of certain enumerated fees, the D.C. Circuit stressed that the Bureau “has not mandated that financial providers use specific, copiable language to describe those fees.” Moreover, formatting is not part of a “model clause,” the appellate court added. And because companies are allowed to provide “substantially similar” disclosures, the appellate court held that the Bureau has not mandated a “model clause” in contravention of the EFTA. The appellate court, however, did not address any of the procedural or constitutional challenges to the Bureau’s short-form disclosures that the district court had not addressed in its opinion, but instead directed the district court to address those questions in the first instance.

    Courts CFPB Appellate D.C. Circuit Prepaid Rule Disclosures Prepaid Accounts Dodd-Frank EFTA TILA

  • CFPB says EFTA applies to pandemic assistance prepaid cards

    Courts

    On January 10, the CFPB filed an amicus brief in a case before the U.S. Court of Appeals for the Fourth Circuit concerning the scope of accounts covered under EFTA and Regulation E. (See also CFPB blog post here.) As previously covered by InfoBytes, last August the U.S. District Court for the District of Maryland dismissed a putative class action alleging violations of EFTA and state privacy and consumer protection laws brought against the national bank on behalf of consumers who were issued prepaid debit cards providing pandemic unemployment benefits. The named plaintiff alleged that he lost nearly $15,000 when an unauthorized user fraudulently used a prepaid debit card containing Pandemic Unemployment Assistance (PUA) funds that were intended for him. However, the district court dismissed the class claims with respect to EFTA and Regulation E, finding that the PUA payments were “qualified disaster relief payments” and, as such, they were excluded from Regulation E’s definition of a “prepaid account.”

    The Bureau disagreed. In its amicus brief, it argued that a prepaid debit card loaded with PUA funds is a “government benefit account” subject to EFTA and Regulation E and their error resolution requirements, which apply to alleged unauthorized transfers such as the one at issue in the case. Writing that the district court erred by applying “a regulatory exclusion to hold that prepaid accounts loaded with pandemic unemployment benefits were excluded from coverage,” the Bureau claimed that the holding is not supported by statutory and regulatory text and “undermines the primary purpose of EFTA to provide individual rights to consumers.” According to the Bureau, a “prepaid account” under Regulation E includes specific categories of accounts, including a “government benefit account,” which is not subject to the prepaid account exclusions.

    Courts CFPB Appellate Fourth Circuit EFTA Regulation E Class Action Covid-19 Consumer Finance

  • CFPB says remittance provider violated EFTA

    Federal Issues

    On December 22, the CFPB announced a consent order against an international remittance company for multiple alleged violations of the requirements governing electronic money transfers. According to the Bureau, the company allegedly failed to comply with many requirements of the Electronic Fund Transfer Act, including failing to provide refunds to customers after the company made money transfer errors. The Bureau also alleged that the company violated the Remittance Rule by failing to develop and maintain required written policies and procedures for error resolution, and claimed the company violated Regulation E by failing to retain evidence demonstrating compliance with the Remittance Rule’s error-resolution requirements. Under the terms of the consent order, the company is required to provide consumer redress of approximately $30,000 to harmed customers and pay a $700,000 civil money penalty to the Bureau. The company is also required to update disclosure and key transfer information that is provided to customers, as well as its error-resolution policies and procedures.

    Federal Issues CFPB Enforcement Consumer Finance Remittance Rule EFTA Regulation E

  • District Court stays action against remittance provider while Supreme Court weighs CFPB’s funding structure

    Courts

    On December 9, the U.S. District Court for the Southern District of New York stayed an action brought by the CFPB and the New York attorney general against a defendant remittance provider until after the U.S. Supreme Court decides if it will review whether the U.S. Court of Appeals for the Fifth Circuit erred in holding that the Bureau’s funding structure violates the Appropriations Clause of the Constitution. Last month the DOJ, on behalf of the CFPB, submitted a petition for a writ of certiorari seeking Supreme Court review of the 5th Circuit’s decision during its current term. (Covered by InfoBytes here.) The New York AG and the Bureau sued the defendant in April for allegedly violating the EFTA and its implementing Regulation E, the Remittance Rule, and the Consumer Financial Protection Act (CFPA), among various consumer financial protection laws, in its handling of remittance transfers. (Covered by InfoBytes here.)

    The defendant argued that the district court should hold off on deciding on its motion to dismiss per the aforementioned argument, but should nonetheless rule on its pending motion to transfer. The Bureau opposed the defendant’s request for a stay, countering “that a stay would not promote efficiency” since the issue of the Bureau’s standing would not affect the claims brought in the current action. The Bureau further asserted “that the public and the parties’ interest weighs against a stay, as it would hinder Plaintiffs’ enforcement of the consumer protection laws and make obtaining evidence down the line more difficult.”

    The district court disagreed, stating that the Supreme Court may address the broader issue of the Bureau’s standing to bring enforcement actions in its decision, and that, regardless, the agency’s claims in the current action “are inextricably linked to CFPB rules and regulations, which themselves may be implicated by a Supreme Court decision should it grant the petition.” The district court stayed the case in its entirety and said that it will wait to decide on both motions until after the Supreme Court decides on the Bureau’s filed petition for a writ of certiorari.

    Courts State Issues CFPB Enforcement New York State Attorney General Consumer Finance CFPA Remittance Rule Regulation E EFTA U.S. Supreme Court Repeat Offender Appellate Fifth Circuit Constitution Funding Structure

  • CFPB sues payment processor over junk fees and dark patterns

    Federal Issues

    On October 18, the CFPB filed a complaint against a Texas-based payment processing service platform (primarily related to collecting and processing event fees) for allegedly violating the Consumer Financial Protection Act (CFPA) and the EFTA by engaging in deceptive and abusive acts and practices. The Bureau alleged that the defendant enrolled consumers in, and charged them, for discount club memberships without their consent that were largely unrelated to the event the consumers were signing up for. The complaint noted that although the defendant’s memberships had a 30-day free “negative option trial membership,” the memberships automatically begin charging the membership fees at the end of the trial period. The Bureau also alleged that the defendant deployed dark patterns, which “are hidden tricks or trapdoors that companies build into their websites to get consumers to inadvertently click links, sign up for subscriptions, or purchase products or services.” The Bureau further alleged that the defendant violated the EFTA and Regulation E by increasing consumers’ membership fees without sending the consumer written notice of the new amount and the date of the new payment at least 10 days before initiating the new payment, which also constitute violations of the CFPA. The Bureau is seeking permanent injunctive relief, damages, restitution, disgorgement, civil money penalties, and other relief.

    According to a statement by CFPB Director Rohit Chopra, the Bureau is “closely watching whether financial services firms are deploying digital dark patterns,” and is “looking at a range of ways to reduce unwanted junk fees.” He also added that the Bureau is “working to ensure our payments system is working safely and fairly” and that it “will continue to look at how payment platforms extract data and fees from their users.”

    Federal Issues CFPB Enforcement Junk Fees Dark Patterns CFPA EFTA UDAAP Consumer Finance Payment Processors

  • Fed finalizes debit card transaction requirement changes

    On October 3, the Federal Reserve Board adopted a final rule amending Regulation II, which implements Section 920 of the EFTA, to require that each debit card transaction, including “card-not-present” transactions, must be able to be processed on at least two unaffiliated payment card networks. The final rule, which is substantially similar to the Fed’s notice of proposed rulemaking issued in May 2021 (covered by InfoBytes here), also clarified that the debit card issuer is responsible for ensuring at least two unaffiliated networks have been enabled to process a debit card transaction, and standardizes and clarifies the use of certain terminology in the Fed’s Official Board Commentary on Regulation II. The Fed noted that when the rule was initially issued in 2011, the market had not yet developed solutions to broadly support multiple networks for card-not-present debit card transactions. Claiming technology has since evolved to address these challenges, the Fed said the final rule includes changes to make it easier for debit card issuers to determine whether they are in compliance and encourages competition between networks. The Fed noted, however, that the final rule does not modify interchange fee requirements. The agency said it will continue to review these requirements in light of recently collected debit card industry cost data, and may propose to modify these requirements in the future. The final rule is effective July 1, 2023.

    Federal Reserve Governor Michelle W. Bowman voted against adopting the final rule. “During the public comment process, community banks raised substantial concerns with the proposal,” she said. “Although the Board has attempted to identify the likely effects of the proposed rule based on available information, I believe that significant questions remain about how the rule will affect banks, and particularly community banks, with respect to both fraud and the cost of compliance. Given this continued uncertainty, I do not support the final rule.”

    Bank Regulatory Federal Issues Agency Rule-Making & Guidance Debit Cards Federal Reserve EFTA Regulation II

Pages

Upcoming Events