Skip to main content
Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations


Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • Senators release roadmap for federal AI policy

    Federal Issues

    On May 15, the Bipartisan Senate AI Working Group – comprising Senate Majority Leader Charles Schumer (D-NY), Sen. Mike Rounds (R-SD), Sen. Martin Heinrich (D-NM) and Sen. Todd Young (R-IN) – released the Bipartisan Roadmap For Artificial Intelligence Policy. The roadmap included their findings and outlined key policy priorities for bipartisan consideration in the 118th Congress and beyond. Understanding that artificial intelligence (AI) and related technologies would not fall into the jurisdiction of a single committee, and recognizing the need to manage AI's benefits and risks actively, the working group hosted nine AI Insight Forums to increase the Senate’s knowledge of AI-related policies. The Working Group hoped Senate committees would continue to seek outside input from a variety of stakeholders and experts to inform their decision making. The Working Group also encouraged the executive branch to share with Congress “updates on administration activities related to AI, including any AI-related [MOUs] with other countries and the results from any AI-related studies to better inform the legislative process.” 


    Key policy areas of the Senate’s AI roadmap included:

    • Developing a comprehensive federal data privacy framework.
    • Addressing potential long-term risks associated with AI.
    • Boosting AI innovation funding to secure U.S. leadership and global competitiveness.
    • Enforcing AI-related laws, addressing potential biases, and enhancing AI transparency and “explainability.”
    • Preparing the workforce for AI-induced changes, including job displacement and retraining.
    • Strengthening national security through adopting AI technology and managing related threats.
    • Addressing the issue of deepfakes in elections and protecting content creators and journalists.
    • Promoting competition in AI among higher education and businesses, supported by federal funding for the National AI Research Resource.


    Federal Issues Senate Artificial Intelligence State Legislation

  • Maryland enacts child consumer protection laws

    Privacy, Cyber Risk & Data Security

    On May 9, the Governor of Maryland approved SB 571 (the “Act) to provide consumer online protections for children. The Act will afford protections from online products aimed at children or that are likely accessed by children. Specifically, the Act will require companies that provide online products “reasonably likely to be access[ed] by children” to prepare a data protection impact assessment (DPIA) for the online product. The DPIA will identify the purpose of the online product, how the product uses children’s data, determine if the product would be in children’s best interests, and include a description of the compliance steps the company will have taken to comply with the duty to act in a manner consistent with the best interests of children, among other requirements. The Act outlined several violations, including against processing data not in children’s best interests, profiling children, processing geolocation, using of dark patterns, or monitoring of children’s activities without first notifying the parent/guardian. The Act will go into effect on October 1.

    Privacy, Cyber Risk & Data Security State Issues Maryland Consumer Protection State Legislation

  • Maryland enshrines its consumer online data privacy act

    Privacy, Cyber Risk & Data Security

    On May 9, the Governor of Maryland approved SB 541 (the “Act”) which enacted the Maryland Online Data Privacy Act of 2024, setting forth new provisions for businesses and data processors under the state’s UDAP commercial code. The Act will prevent persons or processors from providing access to consumer health data unless contractually required, or from using a geofence within a certain distance from health or mental health facilities. The Act will enable consumers to exercise certain rights with respect to their data, including confirming use, accessing data, correcting inaccuracies, requiring deletion of data (unless protected by law), and opting out of targeted advertising or sales of one’s personal data. Consumers will also be able to designate an agent to opt-out on their behalf.

    The Act will prohibit controllers from selling sensitive data and from collecting, processing, or sharing sensitive consumer data unless “the collection or processing is strictly necessary to… maintain a specific product,” among others. The Act will enable controllers to limit collection to what would be “reasonabl[y] necessary” and establish data security practices. Controllers will also be forced to provide consumers with a privacy notice that will outline their use of the data and a consumer’s rights, as well as establish a secure method for a consumer to exercise such rights. The Act will not apply to financial institutions or to consumer credit data that is protected under the FCRA. The Act will go into effect on October 1, 2025.

    Privacy, Cyber Risk & Data Security Maryland State Issues State Legislation

  • Maryland enacts new powers for regulators to examine third parties

    State Issues

    On May 9, the Governor of Maryland approved HB 250 (the “Act”) which will authorize the Commissioner of Financial Regulation to examine third parties that service entities under the supervision of the state’s Office of Financial Regulation (OFR). Such licensed entities include both depository and non-depository financial institutions. Currently, the OFR lacks the authority to examine third parties until the Act goes into effect. The Act will define third-party service providers as a “person who performs activities relating to financial services on behalf of a regulated entity for that regulated entity’s customers,” and include data processing centers, activities that support financial services, and internet-related services. On enforcement, the Act will authorize the OFR to enforce the law against any third party that refuses to submit to an examination, refuses to pay a fee, or engages in “unsafe or unsound” behaviors as determined by the OFR. The Act will outline several authorities of the OFR, including notifying the licensed person, which information the OFR can access, and levying fees. Following a notice and hearing, the Commissioner may issue a cease-and-desist order, suspend or revoke a violator’s license, or issue a penalty of up to $10,000 for the first violation and up to $25,000 for each subsequent violation. The Act takes effect on October 1.

    State Issues State Legislation Maryland Enforcement Fees

  • Connecticut becomes latest state to ban medical debts in credit reporting

    State Issues

    On May 9, the Governor of Connecticut approved SB 395 (the “Act”) banning health care providers from reporting medical debt to credit rating agencies. Further, the Act will prohibit hospitals and collection agents from reporting a patient to a credit rating agency, as well as initiating an action to foreclose a lien where the lien was filed to secure payment for health care (retroactive from October 1, 2022), and from garnishing wages for health care collections (also retroactive from October 1, 2022). The Act will go into effect on July 1. The CFPB wrote in favor of this bill’s enactment after the CFPB promulgated its NPRM to prohibit creditors from using medical bills in underwriting decisions, as covered by InfoBytes here.

    State Issues Connecticut State Legislation CFPB Medical Debt Credit Report

  • Tennessee amends consumer debt proceeding requirements and garnishment exemptions

    State Issues

    On May 3, the Governor of Tennessee signed into law HB 2320 (the “Act”), which will amend pleading requirements for consumer debt suits and garnishment exemptions. The Act would require that, in a civil suit or arbitration requesting judgment on a consumer debt, the plaintiff creditor would provide the following in the initial pleading: (i) if the debtor’s agreement does not exist, then provide written evidence of the debtor’s agreement or a document provided to the debtor while the account was active; (ii) a statement that the debt has been transferred or assigned; (iii) the date of the transfer or assignment; (iv) the name of any prior holders of the debt; and (v) the name or a description of the original creditor. Additionally, the Act will amend Tennessee’s garnishment provisions to automatically exempt them from execution, seizure, or attachment funds up to $2,500 in a debtor’s deposit account with a bank or financial institution. The Act will go into effect on July 1.

    State Issues State Legislation Tennessee

  • Georgia amends provisions for telemarketing provisions for defendants

    State Issues

    On May 6, Georgia enacted SB 73 (the “Act”), which amends, among other things,  Georgia’s telemarketing laws. The Act clarifies that no person or entity can make or cause any telephone solicitation violations, now on behalf of another person or entity, and sets forth that there is a private right of action against violators. The Act also amends the damages to be the actual monetary loss for each violation or a violation up to $1,000 in damages, whichever is greater.  However, if a class action lawsuit is brought under the Act, the $1,000 in statutory damages would not apply. The Act further provides that ignorance would not be a valid defense if a defendant did not make or was not aware how a telephone solicitation violated applicable laws. However, it is defensible if the defendant had established policies and procedures to prevent violations, and enforced such procedures, or if a phone number was provided in error so long as the defendant did not have any knowledge of the mistake.

    State Issues Georgia Telemarketing State Legislation

  • Tennessee amends its Consumer Protection Act

    State Issues

    Recently, the Governor of Tennessee signed into law HB 2711 (the “Act”) which amends, among other things, the state’s Consumer Protection Act. In particular, the Act establishes the factors that a court may consider when determining a civil penalty for violation of the Consumer Protection Act. The court may consider (i) the defendant’s participation in the attorney’s general complaint resolution process; (ii) and the defendant’s restitution efforts prior to the action; (iii) whether there was good or bad faith; (iv) injury to the public; (v) one’s ability to pay; (vi) the public’s interest in eliminating the benefits derived by the violator; and (vii) the state’s interest. Additionally, the Act expands its protection of elderly people to “specially targeted consumers” which includes persons who are at least 60 years old, persons under 18, and current and former military service members. Persons who are found to have targeted specially targeted consumers can be liable for penalties up to $10,000. Furthermore, the Act makes other changes such as procedural requirements for actions brought by the attorney general. The Act is effective immediately.

    State Issues State Legislation Consumer Protection Act Civil Money Penalties

  • Florida enacts new requirements for payment transaction classification

    State Issues

    On May 2, the Governor of Florida signed into law HB 939 (the “Act”) which, among other things, will expand the definition of “depository institution” and amend the requirements for information returns relating to payment-card and third-party network transactions.

    As it will relate to Florida’s commercial financing disclosure law, the Act will expand the definition of “depository institution” to mean a bank, credit union, savings or thrift association, or an industrial loan company doing business under the authority of a charter issued by the U.S., Florida, or any other state or territory which is authorized to transact business in Florida and is insured by the FDIC or NCUA Share Insurance Fund.

    Additionally, the Act will require third-party settlement organizations handling transactions for participating payees located in Florida to establish a system to identify whether transactions are for goods and services or are personal payments. Third-party settlement organization will be required to create a mechanism that clearly obligates the sender to classify the transaction type prior to completion. The Act will also set forth how the sender of the payment will be responsible for categorizing the transaction accurately. Furthermore, third-party settlement organizations will be instructed to keep detailed records that reflect the transaction type as specified by the sender. However, this requirement will not be applicable to third-party settlement organizations that are contractually bound to process transactions exclusively for goods and services. The Act will define “participating payee,” “third party network transaction,” and “third party settlement organization” as defined by the Internal Revenue Code. The Act will go into effect July 1.

    State Issues Florida State Legislation Payments

  • Maine enacts new money transmission law in line with the Money Transmission Modernization Act

    On April 22, the Governor of Maine signed into law LD 2112 (the “Act”) which will codify a new law titled the “Maine Money Transmission Modernization Act.” The Act will amend and repeal many parts of the state’s money transmission laws and brought the law more in alignment with the Money Transmission Modernization Act, the model law drafted with a goal of creating a single set of nationwide standards and requirements. The stated purpose of the Act will be to coordinate with states to reduce the regulatory burden, protect the public from financial crimes, and standardize licensing activities allowed and exempted by Maine.

    Among many other new provisions, the Act will require any person which engages in the business of money transmission or advertises, solicits, or holds itself out as providing money transmission to obtain a license. The Act will define “money transmission” as “(i) [s]elling or issuing payment instruments to a person located in [Maine]; (ii) [s]elling or issuing stored value to a person located in [Maine]; or (iii) [r]eceiving money for transmission from a person located in [Maine].” However, the Act will exempt, an agent of the payee to collect and process a payment from a payor to the payee for goods or services, other than money transmission services, provided certain criteria are met. Additionally, the Act will exempt certain persons acting as intermediaries, persons expressly appointed as third-party service providers to an exempt entity, payroll processors, registered futures commission merchants and securities broker-dealers, among others. Anyone claiming to be exempt from licensing may be required to provide information and documentation demonstrating their qualification for the claimed exemption.

    The Act also will include a section on virtual currency, which will be defined as “a digital representation of value that: (i) [i]s used as a medium of exchange, unit of account or store of value, and (ii) [i]s not money, whether or not denominated in money.” The Act will specify that “virtual currency business activity” will include, among other activities, exchanging, transferring, storing, or engaging in virtual currency administration, whereas “virtual currency administration” will be defined as issuing virtual currency with the authority to redeem the currency for money, bank credit or other virtual currency.

    The Act will require certain reporting, including about the licensee’s condition, financial information, and money transmission transactions from every jurisdiction, among other types of information. The amendments will also outline numerous licensing application and renewal procedures including net worth, surety bond, and permissible investment requirements. Maine will now join several other states that adopted the model law. The Act takes effect on July 16 of this year.

    Licensing Money Service / Money Transmitters Maine State Legislation NMLS State Issues Cryptocurrency Digital Currency


Upcoming Events