Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
DFPI clarifies licensing provisions for several state laws
The California Department of Financial Protection and Innovation (DFPI) recently filed a notice of proposed rulemaking with the Office of Administrative Law, seeking to add several sections to Title 10, Chapter 3 of the California Code of Regulations relating to the California Consumer Financial Protection Law (CCFPL), the California Financing Law (CFL), the California Deferred Deposit Transaction Law (CDDTL), and the California Student Loan Servicing Act (SLSA). (See also DFPI initial state of reasons here.) Among other things, the proposed regulations provide specific registration requirements for covered persons under the CCFPL and outline requirements for exemption from registration under the CCFPL for licensees under the CFL, CDDTL, and SLSA.
According to DFPI’s notice, the CCFPL grants the Department authority to require covered persons engaged in the business of offering and providing a consumer financial product or service to be registered but does not specify requirements for registration. The proposed regulations clarify these requirements, which include establishing an application process, outlining fees, and specifying persons and conditions for exemption. The proposed regulations also establish annual reporting requirements for filing reports with DFPI. The Department explained that “[e]xisting law exempts from CCFPL registration certain licensees who provide consumer financial products or services ‘within the scope of’ their licenses issued under other Department laws.” The proposed regulations clarify the meaning of “within the scope of” and specify that licensees under the CFL and the CDDTL are exempt from registering under the CCFPL. “[E]xempt licensees who provide products or services that would otherwise be subject to registration under the CCFPL [are required] to submit supplemental information on these activities in their annual reports required under their license,” DFPI explained.
With respect to the SLSA, DFPI noted that “[a]lthough an SLSA license does not confer upon a licensee the authority to originate financing within the scope of their license, the regulations exempt SLSA licensees from registration requirements for education financing when they meet specified requirements.”
The proposed regulations also clarify the applicability of the CFL to certain activities, by, among other things, providing that “an advance of funds to be repaid from a consumer’s future earned or unearned pay is a loan subject to the CFL” and that “providers of income-based advances and education financing who are registered under the CCFPL and whose charges do not exceed the charges permitted under the CFL” are exempt from licensure under the CFL. The proposed regulations also clarify provisions relating to collecting loan payments, monthly subscription fees, and loan contracts.
Comments on the proposed regulations are due May 2.
DFPI issues more proposed changes to Student Loan Servicing Act
On March 6, the California Department of Financial Protection and Innovation (DFPI) issued a notice of second modifications to proposed regulations under the Student Loan Servicing Act (Act), which provides for the licensure, regulation, and oversight of student loan servicers by DFPI (covered by InfoBytes here). Last September, DFPI issued proposed rules to clarify, among other things, that income share agreements (ISAs) and installment contracts, which use terminology and documentation distinct from traditional loans, serve the same purpose as traditional loans (i.e., “help pay the cost of a student’s higher education”), and are therefore student loans subject to the Act. As such, servicers of these products must be licensed and comply with all applicable laws, DFPI said. (Covered by InfoBytes here.) In January, DFPI issued modified proposed regulations, outlining additional changes to definitions, time zone requirements, borrower protections, and examinations, books, and records requirements. (Covered by InfoBytes here.)
Following its consideration of public comments on the modified proposed regulations, DFPI is proposing the following additional changes:
- Amendments to definitions. Among other changes, the proposed changes amend “education financing products” to include private student loans which are not traditional loans. This change reverts the definition back to the word used in the original proposed rules. DFPI explained that this change “is necessary because the term ‘private student loan’ is defined later in the rules . . . but the term ‘private education loan’ is not separately defined.” The proposed changes also clarify “that the payment cap, which is the maximum amount payable under an income share agreement, may be expressed as an APR or an amount or a multiple of the amount advanced, covered, credited, deferred, or funded, excluding charges related to default.” Additionally, the changes revise the definition of “qualifying payment” to explain that “qualifying payments count toward maximum payments and the payment cap but not also the payment term.”
- Borrower protections. The first round of changes revised the time zone in which a payment must be received to be considered on-time to Pacific Time, in order to protect California borrowers. However, in further modifying the timing requirement, DFPI explained in its notice that “[r]equiring cut off times different than those posted on the servicer’s website just for California borrowers would deviate from standard current practices, would require system changes and enhancements that would be very expensive to implement and could cause confusion and operational risk to both servicers and borrowers. Limiting the exception to only those situations where the servicer has not posted the cut off time aligns with servicers’ operational capabilities and national banking standards.”
- Qualified written requests. The proposed changes clarify requirements for sending acknowledgments of receipt and responses to qualified written requests.
The second modifications also clarify provisions related to education financing servicing report requirements, and provide that upon notice, a student loan servicer must make available for inspection its books, records, and accounts at a licensed location designated by the DFPI or electronically.
Comments on the second modifications are due March 23.
DFPI settles with student loan debt relief company
On February 28, the California Department of Financial Protection and Innovation (DFPI) announced a settlement with an unlicensed student debt relief company and its owner. The announcement is part of the DFPI’s continued crackdown on student loan debt relief companies found to have violated the California Consumer Financial Protection Law (CCFPL), the Student Loan Servicing Act (SLSA), and the Telemarketing Sales Rule (TSR). According to the settlement, a DFPI inquiry into the company’s practices found that since at least 2018, the company placed unsolicited phone calls to consumers advertising its student loan forgiveness and modification services. The company allegedly gave borrowers the impression that it was a part of, or affiliated with, an official government agency, and would act “as an intermediary between borrowers and the borrowers’ lenders or loan servicers with the goal of helping those consumers lower or eliminate their student loan debts.” The DFPI found that since 2018 at least 790 California consumers enrolled in the company’s debt relief program, whereby the company collected at least $713,000 through up-front servicing fees ranging from $116 to $2,449 from California consumers. By allegedly engaging in unlicensed student loan servicing activities, engaging in unlawful, unfair, deceptive, or abusive acts or practices with respect to consumer financial products or services, and by charging advance fees for debt relief services, the DFPI claimed the company violated the SLSA, CCFPL, and TSR.
Under the terms of the consent order, the company and owner must desist and refrain from engaging in the alleged conduct, rescind all debt relief, debt management, or debt consulting service agreements, and issue refunds to California consumers. The owner is also ordered to “desist and refrain from owning, managing, operating, or controlling any entity that services student loans, or which offers or provides any consumer financial products or services as defined by the CCFPL, unless and until he or the entity has the applicable approvals from the DFPI and is in compliance with the SLSA, CCFPL, TSR, and the Federal Trade Commission Act.”
DFPI modifies CCFPL proposal
On February 24, the California Department of Financial Protection and Innovation (DFPI) released modifications to proposed regulations for implementing and interpreting certain sections of the California Consumer Financial Protection Law (CCFPL) related to commercial financial products and services. As previously covered by InfoBytes, DFPI issued a notice of proposed rulemaking (NPRM) last June to implement sections 22159, 22800, 22804, 90005, 90009, 90012, and 90015 of the CCFPL related to the offering and provision of commercial financing and other financial products and services to small businesses, nonprofits, and family farms. According to DFPI, section 22800 subdivision (d) authorizes the Department to define unfair, deceptive, and abusive acts and practices in connection with the offering or provision of commercial financing. Section 90009, subdivision (e), among other things, authorizes the Department’s rulemaking to include data collection and reporting on the provision of commercial financing or other financial products and services.
After considering comments received on the NPRM, changes proposed by the DFPI include the following:
- Amended definitions. The proposed modification defines a “commercial financing transaction” to mean “a consummated commercial financing transaction for which a disclosure is provided in accordance with California Code of Regulations, title 10, section 920, subdivision (a).” The modifications to the definitions also amend a “covered provider” to exclude “any person exempted from division 24 of the Financial Code under Financial Code section 90002,” and defines a “small business” to be “a business entity organized for profit with annual gross receipts of no more than $16,000,000 or the annual gross receipt level as biennially adjusted by the Department of General Services in accordance with Government Code section 14837, subdivision (d)(3), whichever is greater.” In determining a business entity’s annual gross receipts, the proposed modifications state that covered providers “may rely on any relevant written representation by the business entity, including information provided in any application or agreement for commercial financing or other financial product or service.”
- UDAAP. In addition to making several technical changes, the proposed modifications clarify that “[i]t is unlawful for a covered provider to engage or have engaged in any unfair, deceptive, or abusive act or practice in connection with the offering or provision of commercial financing or another financial product or service to a covered entity.” The changes remove text that would have made it unlawful should a covered provider “propose to engage” in any if these practices.
- Annual reporting requirements. The proposed modifications specify that covered providers who offer commercial financing will be required to electronically file reports to the DFPI on or before March 15 of each year starting in 2025. The proposed changes to the reporting requirements also clarify certain terms, address when covered providers are not required to calculate or report certain information, and stipulate that covered providers “licensed under division 9 (commencing with section 22000) of the Financial Code shall not include in the report required under this section information for activity conducted under the authority of that license.”
Comments on the proposed modifications are due March 15.
DFPI launches crypto scam tracker
On February 16, the California Department of Financial Protection and Innovation (DFPI) launched a database to help consumers in the state spot and avoid crypto scams. The Crypto Scam Tracker compiles details about apparent crypto scams identified through a review of public complaints submitted to the DFPI, and is searchable by company name, scam type, or keywords. “Through the new Crypto Scam Tracker, combined with rigorous enforcement efforts, the DFPI is committed to shining a light on these ruthless predators and protecting consumers and investors,” DFPI Commissioner Clothilde Hewlett said in the announcement.
DFPI takes action against five debt collectors
On January 30, the California Department of Financial Protection and Innovation (DFPI) announced enforcement actions against five separate debt collectors for unlicensed activity under the Debt Collection Licensing Act (DCLA) and unlawful and deceptive acts or practices in violation of the California Consumer Financial Protection Law (CCFPL). According to DFPI, the desist and refrain orders allege that the subjects engaged in a variety of different unlawful and deceptive practices, including, among other things: (i) engaging in debt collection in California without a license from the DFPI; (ii) attempting to collect a debt that a consumer did not owe; (iii) making unlawful threats to sue on debts; (iv) making false claims of pending lawsuits; and (v) failing to notify consumers of their right to request validation of debts. According to DFPI Commissioner Clothilde Hewlett, the agency has observed “an increase in fake debt collector scams in recent months,” and is “committed to rigorous, ongoing enforcement efforts to protect Californians from these deceitful practices.” The combined actions resulted in penalties totaling $120,000 and ordered the debt collectors to desist and refrain from violating the DCLA and CCFPL.
DFPI announces $22.5 million multistate settlement with crypto platform
On January 26, the California Department of Financial Protection and Innovation (DFPI) announced that it entered into a $22.5 million settlement agreement with a Cayman Islands digital asset firm to resolve a securities enforcement action regarding its interest-bearing virtual currency account. As previously covered by InfoBytes, in September 2022, the New York attorney general sued the firm for allegedly offering unregistered securities and defrauding investors. A North American Securities Administrators Association working group—composed of the DFPI and state regulators from Washington, Kentucky, New York, Oklahoma, Indiana, Maryland, South Carolina, Vermont, and Wisconsin—collaborated in the investigation into the firm. The states alleged that the platform failed to register as a securities and commodities broker but told investors that it was fully in compliance. According to the New York AG’s complaint, the platform promoted and sold securities through an interest-bearing virtual currency account that promised high returns for participating investors. The New York AG said that a cease-and-desist letter was sent to the platform in October 2021, and that while the platform stated it was “working diligently to terminate all services” in the state, it continued to handle more than 5,000 accounts as of July. The complaint charges the platform with violating New York’s Martin Act and New York Executive Law § 63(12), and seeks restitution, disgorgement of profits, and a permanent injunction. The announcement also noted the SEC entered into a separate settlement with the firm for the same penalty amount, alleging that it to register the offer and sale of its retail crypto-asset lending product (covered by InfoBytes here).
DFPI modifies Student Loan Servicing Act proposal
On January 6, the California Department of Financial Protection and Innovation issued modified proposed regulations under the Student Loan Servicing Act (Act), which provides for the licensure, regulation, and oversight of student loan servicers by DFPI (covered by InfoBytes here). Last September, DFPI issued proposed rules to clarify, among other things, that income share agreements (ISAs) and installment contracts, which use terminology and documentation distinct from traditional loans, serve the same purpose as traditional loans (i.e., “help pay the cost of a student’s higher education”), and are therefore student loans subject to the Act. As such, servicers of these products must be licensed and comply with all applicable laws, DFPI said. (Covered by InfoBytes here.) The initial proposed rules also (i) defined the term “education financing products” (which now fall under the purview of the Act) along with other related terms; (ii) amended various license application requirements, including financial requirements for startup applicants; (iii) outlined provisions related to non-licensee filing requirements (e.g., requirements for servicers that do not require a license but that are subject to the Student Loans: Borrower Rights Law, which was enacted in 2020 (effective January 1, 2021)); (iv) specified that servicers of all education financing products must submit annual aggregate student loan servicing reports to DFPI; and (v) outlined new clarifications to the Student Loans: Borrower Rights Law to provide new requirements for student loan servicers (covered by InfoBytes here).
Following its consideration of public comments on the initial proposed rulemaking, DFPI is proposing the following changes:
- Amendments to definitions. The modified regulations revise the definition of “education financing products” by changing “private loans” to “private education loans,” which are not traditional loans. DFPI explained that changing the term to what is used in TILA will provide consistency for servicers and eliminate operational burdens. While the definition of “education financing products” also no longer includes “income share agreements and installment contracts” in order to align it with TILA, both of these terms were separately defined in the initial proposed rulemaking. The definition of “traditional student loan” has also been revised to distinguish which private student loans are traditional loans and which are education financing products (in order to help servicers determine the applicable aggregate reporting and records maintenance rules). The modifications also revise the definitions of “federal student loan,” “income,” “income share agreement,” “installment contract,” “payment cap,” “payment term,” and “qualifying payments,” remove unnecessary alternative terms for “income share,” and add “maximum payments” as a new defined term.
- Time zone requirement revisions. The modified regulations revise the time zone in which a payment must be received to be considered on-time to Pacific Time in order to protect California borrowers.
- Additional borrower protections. The modified regulations specify that servicers are required to send written acknowledgement of receipt and responses to qualified written requests via a borrower’s preferred method of communication. For borrowers who do not specify a preferred method, servicers must send acknowledgments and responses through both postal mail to the last known address and to all email addresses on record.
- Examinations, books, and records requirement updates. The modified regulations revise the information that servicers must provide in their aggregate reports for traditional student loans, including with respect to: (i) loan balance and status; (ii) cumulative balances and amounts paid; and (iii) aggregate information specific to ISAs, installment contracts, and other education financing products. Additionally, DFPI clarified that while the amount a borrower will be required to pay to an ISA provider in the future is unknown, many ISAs contain an “early completion” provision to allow a borrower to extinguish future obligations, and ISA providers must give this information to borrowers. DFPI further clarified that while servicers may choose to maintain records electronically, they must also be able to produce paper records for inspection at a DFPI-designated servicer location to allow an examination to be conducted in one place.
Comments on the modified regulations are due January 26.
DFPI issues recommendations for engaging in crypto technologies
In December, the California Department of Financial Protection and Innovation (DFPI) issued a report identifying six recommendations for how California should engage with blockchain and Web3 industries. The report follows a May 2022 Executive Order (E.O.) from the California governor to create a regulatory and business environment for blockchain and cryptocurrency companies that balances the benefits and risks to consumers. As previously covered by InfoBytes, one of the priorities of the E.O. included for DFPI to, among other things, engage in a public process, including with federal agencies, to “develop a comprehensive regulatory approach to crypto assets harmonized with the direction of federal regulations and guidance” and “exercise its authority under the California Consumer Financial Protection Law (CCFPL) to develop guidance and, as appropriate, regulatory clarity and supervision of private entities offering crypto asset-related financial products and services” in California. The report made six recommendations to “encourage the continued growth and adoption of blockchain technology.”
- Engagement with stakeholders. The state should “continue dialogue with industry, advocates, and regulators to stay apprised of new technologies, products, definitions and risks.”
- Consumer protection and education. The state should promote consumer protection and consumer education about blockchain and crypto products, which includes, among other things: (i) training staff to better supervise regulated entities, products, and services; (ii) increasing efforts to educate Californians on how to use certain crypto-asset related financial products and services; and (iii) developing and publishing “standards for use in reviewing crypto asset-related securities to help provide more meaningful investor disclosures and to allow companies who wish to offer such securities more quickly and efficiently.”
- Legislation and regulation. The state should identify legislative gaps and clarify statutory authority regarding crypto assets. DFPI will attempt to harmonize California’s regulatory approach with federal regulators, other states, and local jurisdictions.
- Government use. The state should consider ways to use blockchain technology to “increase efficiencies, improve access, and reduce costs.”
- Environmental protection. The state should encourage more environmentally efficient blockchain technologies and explore policy interventions to reduce energy use.
- Workforce and economic development. The state should tap its higher education systems to help support and grow the blockchain sector and related technologies.
DFPI modifies proposed regulations for complaints and inquiries under the CCFPL
On December 22, the California Department of Financial Protection and Innovation (DFPI) released modifications to proposed regulations for implementing and interpreting certain sections of the California Consumer Financial Protection Law (CCFPL) related to consumer complaints and inquiries. As previously covered by InfoBytes, DFPI issued a notice of proposed rulemaking (NPRM) last May to implement Section 90008 subdivisions (a) and (b) of the CCFPL, which authorize DFPI to promulgate rules establishing reasonable procedures for covered persons to provide timely responses to consumers and DFPI concerning consumer complaints and inquiries, as well as subdivision (d)(2)(D), which “permits covered persons to withhold nonpublic or confidential information, including confidential supervisory information, in response to a consumer request to the covered person for information regarding a consumer financial product or service.”
After considering comments received on the NPRM, changes proposed by the DFPI include the following:
- Amended definitions. The proposed regulations will not apply to, in addition to consumer reporting agencies and student loan servicers, a person or entity already exempt from the CCFPL under Section 90002. The definition of “complaint” is amended to include “an oral or written expression of dissatisfaction from a complainant regarding a specific issue or problem with a financial product or service.” Additionally, “complainant” is amended to also provide that a consumer must have been a resident of California at the time of the act, omission, decision, condition, or policy giving rise to the complaint. The proposed regulations also outline several categories that are not included in the definition of “complaint” or “inquiry.”
- Complaint procedure updates. The proposed regulations outline requirements for covered persons related to consumer disclosures and written communications covering the complaint process. The proposed regulations also require covered persons to accept all complaints, whether written or oral, provided the complaint includes a reason for filing the complaint and sufficient information to identify the complainant.
- Restrictions. Covered persons shall not (i) “[r]equest personal identifying information beyond what is reasonably necessary to identify the complainant and to send correspondence”; (ii) “[r]equest financial information unrelated to the specific complaint of the consumer:” or (iii) impose a time limit for filing a complaint that is shorter than one year from the time the complainant discovers the act, omission, decision, condition, or policy that is the subject of the complaint (if a time limit is imposed it must be stated in the required consumer disclosures).
- Complaint acknowledgements. For every complaint received, covered persons must send the complainant a written acknowledgement of receipt that is postmarked or otherwise shows that acknowledgement was sent within five business days after receiving the complaint. Within 15 business days after receiving a complaint, a covered person must provide a final decision on all issues. If additional time is required, a covered person must provide the complainant with a written update within three business days after the initial 15-business day period ends.
- Inquiry response requirements. Covered persons are required to develop and implement written policies and procedures to implement the regulations’ inquiry requirements, and must also respond to all issues raised by an inquiry within 10 business days. Covered persons must retain copies of all written inquiries and written responses for at least three years from the time the written response was issued.
- Reporting requirements. Covered persons must submit an annual complaint report to DFPI for each financial product or service offered or provided that will be made available to the public with limited exceptions. Each report shall include information regarding all complaints received by the covered person during the reporting period, and must be filed electronically with the Consumer Financial Protection Division no later than 60 business days after the end of each calendar year.
Comments on the proposed modifications are due January 20 (extended from January 13).
- Keisha Whitehall Wolfe to discuss “Tips for successfully engaging your state regulator” at the MBA's State and Local Workshop
- Max Bonici to discuss “Enforcement risk and trends for crypto and digital assets (Part 2)” at ABA’s 2023 Business Law Section Hybrid Spring Meeting
- Jedd R. Bellman to present “An insider’s look at handling regulatory investigations” at the Maryland State Bar Association Legal Summit