InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB seeking innovation in adverse action notices when using artificial intelligence
On July 7, the CFPB released a blog post discussing the use of artificial intelligence (AI) and machine learning (ML), addressing the regulatory uncertainty that accompanies their use, and encouraging stakeholders to use the Bureau’s innovation programs to address these issues. The blog post notes that “AI has the potential to expand credit access by enabling lenders to evaluate the creditworthiness of some of the millions of consumers who are unscorable using traditional underwriting techniques,” but using AI may create or amplify risks, including unlawful discrimination, lack of transparency, privacy concerns, and inaccurate predictions.
The blog post discusses how using AI/ML models in credit underwriting may raise compliance concerns with ECOA and FCRA provisions that require creditors to issue adverse action notices detailing the main reasons for the denial, particularly because AI/ML decisions can be “based on complex interrelationships.” Recognizing this, the Bureau explains that there is flexibility in the current regulatory framework “that can be compatible with AI algorithms.” As an example, citing to the Official Interpretation to Regulation B, the blog post notes that “a creditor may disclose a reason for a denial even if the relationship of that disclosed factor to predicting creditworthiness may be unclear to the applicant,” which would allow for a creditor to use AI/ML models where the variables and key reasons are known, but the relationship between them is not intuitive. Additionally, neither ECOA nor Regulation B require the use of a specific list of reasons, allowing creditors flexibility when providing reasons that reflect alternative data sources.
In order to address the continued regulatory uncertainty, the blog post encourages stakeholders to use the Trial Disclosure, No-Action Letter, and Compliance Assistance Sandbox programs offered by the Bureau (covered by InfoBytes here) to take advantage of AI/ML’s potential benefits. The blog post mentions three specific areas in which the Bureau is particularly interested in exploring: (i) “the methodologies for determining the principal reasons for an adverse action”; (iii) “the accuracy of explainability methods, particularly as applied to deep learning and other complex ensemble models”; and (iii) the conveyance of principal reasons “in a manner that accurately reflects the factors used in the model and is understandable to consumers.”
West Virginia creates regulatory sandbox program
On March 24, the West Virginia governor signed HB 4621, which creates a state fintech regulatory sandbox program through the state’s Division of Financial Institutions (Division) that allows participants to temporarily test innovative financial products or services on a restricted basis without requiring a license under West Virginia law. Under the program, approved applicants will have 24 months from the date an application is approved to test their product or service within the state without being subject to state laws and regulations that normally would regulate such products or services, unless the Division determines otherwise. HB 4621 outlines requirements for participants, which include specific state consumer protection laws, time limitations, and reporting requirements. Additionally, the Division, upon written notice, may end a participant’s participation in the program at any time and for any reason. The program allows participants to request an extension of time up to 12 months after the end of the regulatory sandbox testing period in order to obtain a license or other authorization required by the law to continue to offer the product or service. The act takes effect on June 5.
CFPB and Utah AG to hold joint office hours in Salt Lake City
On January 9, the CFPB and the Utah attorney general’s office announced that the first of the American Consumer Financial Innovation Network’s (ACFIN) joint office hours will be held in Salt Lake City, Utah on January 30. The CFPB’s announcement states that the office hours are intended to “provide innovators with the opportunity to discuss issues such as financial technology, innovative products or services, regulatory sandboxes, no action letters, and other matters related to financial innovation with officials from the CFPB and state partners.” As previously covered by InfoBytes, the CFPB, along with a number of state regulators, established ACFIN in September with the aim of reducing “regulatory burdens” and increasing “regulatory certainty for innovative financial products and services.” Members of ACFIN currently include state AGs from Alabama, Alaska, Arizona, Colorado, Georgia, Indiana, South Carolina, Tennessee, and Utah; and state financial regulators from Florida, Georgia, Missouri, and Tennessee. ACFIN membership is open to any state and federal partners interested in joining.
Federal financial regulators join the Global Financial Innovation Network
On October 24, the CFTC, FDIC, OCC, and SEC announced that they joined the Global Financial Innovation Network (GFIN). GFIN was created by the United Kingdom’s Financial Conduct Authority in 2018 and is an international network of 50 organizations, including the CFPB and other financial regulators. As previously covered by InfoBytes, GFIN members are committed to supporting financial innovation by (i) collaborating on innovation and providing accessible regulatory contact information for firms; (ii) providing a forum for joint regulation technology work; and (iii) providing firms with an environment in which to trial cross-border solutions. According to the FDIC’s announcement, “[p]articipation in the GFIN furthers these objectives and enhances the agencies’ abilities to encourage responsible innovation in the financial services industry in the United States and abroad.”
CFPB issues final No-Action Letter policy, sandbox policy, and trial disclosure policy
On September 10, the CFPB issued three final innovation policies, the No-Action Letter (NAL) Policy, Compliance Assistance Sandbox (CAS) Policy, and Trial Disclosure Program (TDP) Policy. Director Kraninger noted that the new policies will “improve how the Bureau exercises its authority to facilitate innovation and reduce regulatory uncertainty. . .contribut[ing] to an environment where innovation can flourish—giving consumers more options and better choices.” In September 2018, the Bureau published the proposed TDP policy (covered by InfoBytes here), and in December 2018, the Bureau published the proposed NAL and CAS policies (covered by InfoBytes here). Highlights of the final policies include:
- NAL. The NAL policy provides a NAL recipient reassurance that the Bureau will not bring a supervisory or enforcement action against the company for providing a product or service under the covered facts and circumstances. After an application is considered complete, the Bureau will grant or deny the request within 60 days. The Bureau intends to publish NALs on its website and, in some cases, a version or summary of the application. The Bureau may also publish denials and an explanation of why the application was denied. The policy notes that disclosure of information is governed by the Dodd-Frank Act, FOIA and the Bureau’s rule on Disclosure of Records and Information, which generally would prohibit the Bureau from disclosing confidential information.
- CAS. The CAS policy will evaluate a product or service for compliance with relevant laws and will offer approved applicants a “safe harbor” from liability for certain covered conduct during the testing period under TILA, ECOA, or the EFTA. The CAS was originally proposed as the “Proposed Sandbox Policy,” and included, in addition to the now listed carve-outs, exemptions by order from statutory provisions of ECOA, HOEPA, and the Federal Deposit Insurance Act (FDIA). The final CAS policy does not include the exemption program. The Bureau noted that, based on the comments received on the proposal, it will issue, at a later date, a new proposal to establish a program for exemptions by order through a separate notice-and comment rulemaking.
- TDP. The TDP policy creates the “CFPB Disclosure Sandbox,” which carries out the requirements of Section 1032(e) of the Dodd-Frank Act. The Bureau’s first TPD policy was finalized in 2013, allowing for approved company disclosures to be deemed in compliance with, or exempted from, applicable federal disclosure requirements during the testing period. Under the previous policy, the Bureau did not approve a single company program for participation. The updated TDP policy streamlines the application process, including providing formal determinations within 60 days of deeming an application complete. The policy provides procedures for requesting extensions of successful testing programs, as the Bureau expects most testing periods will start at two-years.
The Bureau also announced the first NAL issued under its new policy in response to a request by HUD on behalf of more than 1,600 housing counseling agencies (HCAs) that participate in HUD’s housing counseling program. The NAL states that the Bureau will not take supervisory or enforcement action under RESPA against HUD-certified HCAs that have entered into certain fee-for-service arrangements with lenders for pre-purchase housing counseling services. Specifically, the Bureau will not take such action against a HCA for including and adhering to a provision in such agreements conditioning the lender’s payment for the housing counseling services on the consumer making contact or closing a loan with the lender, even if that activity could be construed as a referral under RESPA, provided that the level of payment for the services is no more than a level that is commensurate with the services provided and is reasonable and customary for the area. The Bureau issued a template for lenders to seek a NAL for such arrangements, which includes certain anti-steering certifications that (i) the consumer will choose between comparable products from at least three different lenders; (ii) the funding is based on services rendered, not on the terms or conditions of any mortgage loan or related transaction; and (iii) no endorsement, sponsorship, or other preferential treatment will be conveyed to the lender for entering into the arrangement. According to the Bureau, the NAL, “is intended to facilitate HCAs entering into such agreements with lenders and will enhance the ability of housing counseling agencies to obtain funding from additional sources.” In addition to the template, the Bureau has made the HUD NAL application publicly available as well.
Nevada authorizes a regulatory sandbox program
On June 13, the Nevada governor approved SB 161, which requires the Director of the Department of Business and Industry to establish and administer the “Regulatory Experimentation Program for Product Innovation.” If the Director approves an applicant to participate in the Program, the participant’s product or service will be generally exempt from certain statutory and regulatory requirements related to financial products or services. Under the legislation, any consumer of the product or service must be a resident of Nevada and not more than 5,000 consumers may be provided the product or service during the period of testing, unless the Director approves up to 7,500 consumers. Participants must make certain disclosures to consumers, including, if applicable, that the participant does not hold a license to provide a product or service outside of the program and method of submitting a complaint to the Director. The Director may also require additional disclosures. The legislation also authorizes the Director to establish participant-reporting requirements by regulation and generally limits participation in the program to 2 years, although a participant may seek an extension of this period to apply for any license or other authorization otherwise required for the product or service. The legislation is effective on June 13 for the purpose of adopting any regulations and performing any other preparatory administrative tasks that are necessary to carry out the provisions of the bill, and on January 1, 2020, for all other purposes.
OCC proposes Innovative Pilot Program
On April 30, the OCC released a proposed Innovative Pilot Program (and accompanying program FAQs), which is designed to support responsible innovation in the U.S. federal banking system by allowing eligible entities to test novel products, services, or processes that could present significant benefits to consumers, businesses, financial institutions, and communities. Under the program, the OCC would provide eligible entities with regulatory input, through tools such as interpretive letters during the development and implementation of proposed innovative activities. Any proposal the agency determines to have potentially predatory, unfair, or deceptive features; poses undue risk to consumers; or poses undue safety and soundness risk to an institution would be deemed as inconsistent with existing law and policy and not permitted in the program. Highlights of the proposed program include:
- Eligibility. OCC-supervised financial institutions may participate in the program independently or when partnered with a third-party entity to offer an innovative activity. Third-party entities, not supervised by the OCC, may not independently participate. Additionally, eligible entities seeking to participate in the program must establish an uncertainty (“perceived to be a barrier to development and implementation”) that justifies the need for the OCC’s involvement during development or implementation of the innovative product or service and must also show how the innovative activity has the potential to benefit the needs of consumers, businesses, and or communities.
- Parameters. The OCC anticipates participation in the program to last between three and 24 months, but the duration of each pilot will be on a case-by-case basis. The program may include the use of interpretive letters, supervisory feedback, and technical assistance, as well as potential determinations of legal permissibility before a live test. Notably, the program will not provide any statutory or regulatory waivers, and all participants must continue to comply with applicable laws and regulations.
- Evaluation Process. The four-step application process includes (i) a preliminary discussion with the OCC about the proposed pilot; (ii) submission of a tailored expression of interest (EOI) to the OCC’s Office of Innovation or assigned supervisory office; (iii) evaluation of the EOI by the OCC; and (iv) acceptance or declination of the request. If a proposal is accepted, the testing phase will begin and the entity will be required to submit periodic information and reports, including key performance indicators, issues identified, and any steps taken to address the issues.
The OCC will maintain the confidentiality of proprietary information, including the identity of any participating entities. Comments on the proposal must be submitted by June 14.
Arizona modifies its Regulatory Sandbox Program
On April 1, the Arizona governor signed HB 2177, which modifies the state’s Regulatory Sandbox Program (RSP). As previously covered by InfoBytes, in March 2018, Arizona became the first state to create a regulatory sandbox for companies to test innovative financial products or services without certain regulatory requirements. The bill clarifies the RSP to allow participants to temporarily test an innovation “with respect to providing a financial product or service or a substantial component of a financial product or service,” as opposed to, an “innovative financial product or service.” Among other things, the bill also (i) removes the Arizona consumer residency requirement when participants test innovative money transmitter products, requiring only that the consumer have physical presence in the state at the time of the transaction; (ii) removes record keeping requirements for participants testing investment management products; and (iii) provides sole enforcement authority of state regulatory laws applicable to RSP participants to the state Attorney General. The bill is effective 91 days after the state’s legislative session ends.
Utah creates regulatory sandbox
On March 25, the Utah governor signed HB 378, which creates a state regulatory sandbox program through the state’s Department of Commerce (Department) that allows participants to temporarily test innovative financial products or services on a restricted basis without requiring a license or authorization to act under Utah law. Under the program, approved applicants will have 24 months from the date an application is approved to test the product or service on Utah residents without being subject to state laws and regulations that normally would regulate such products or services, unless the Department determines otherwise. Additionally, the Department, upon written notice, may end a participant’s participation program at any time and for any reason. The program allows for participants to request an extension of time up to six months after the end of the regulatory sandbox testing period in order to obtain a license or other authorization required by the law to continue to market the product or service. The act takes effect on May 13.
Wyoming is second state to create fintech sandbox
On February 19, the Wyoming Governor signed HB 57, which creates a fintech sandbox program in the state for companies to test innovative financial products and services. Wyoming is the second state to introduce a regulatory sandbox program, following Arizona’s sandbox introduction last March. (Previously covered by InfoBytes here.) Under the “Financial Technology Sandbox Act” (the Act), the state’s sandbox will be open to innovative financial products and services, including those focused on blockchain and cryptocurrencies, and will allow testing of these products for up to two years with the possibility of an additional 12 month extension before requiring participants to apply for formal licensure. Additionally, under certain conditions, the Act—which grants various supervisory and enforcement power to the state banking commissioner and the secretary of state, including revocation and suspension rights—will authorize (i) limited waivers of specified statutes or rules, and (ii) reciprocity agreements with other regulators. The Act takes effect January 1, 2020.