Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Republicans say regulators are coordinating on de-banking digital assets
On April 26, House Financial Services Committee Chairman Patrick McHenry (R-NC), Digital Assets, Financial Technology and Inclusion Subcommittee Chairman French Hill (R-AR), and Oversight and Investigations Subcommittee Chairman Bill Huizenga (R-MI) sent separate letters to the Federal Reserve Board Chair Jerome Powell, FDIC Chair Martin J. Gruenberg, and acting Comptroller of the Currency Michael J. Hsu seeking information to help the lawmakers determine whether there exists a “coordinated strategy to de-bank the digital asset ecosystem in the United States” and “suppress innovation.”
The text common to each letter pointed to actions taken by the federal prudential regulators as discouraging banks from offering services to digital asset firms. The lawmakers cited OCC guidance issued in 2021 (Interpretive Letter 1179, covered by InfoBytes here), which stated that banks can engage in certain cryptocurrency activities as long as they are able to “demonstrate, to the satisfaction of its supervisory office, that it has controls in place to conduct the activity in a safe and sound manner” and the banks receive a regulator’s written non-objection. Also discussed were FDIC instructions released in April 2022, which directed banks to promptly notify the agency if they intend to engage in, or are currently engaged in, any digital-asset-related activities, as well as a joint statement issued by the regulators in January that highlighted key risks banks should consider when choosing to engage in cryptocurrency activities. (Covered by InfoBytes here and here.)
Referring to certain recent bank collapses, the lawmakers argued that they do not believe that the underlying problems were caused by digital asset-related customers. The lawmakers requested information related to non-public records and communications between agency employees and supervised banks relating to the aforementioned guidance by May 9.
House subcommittee holds hearing on stablecoin regulation
The House Financial Services Subcommittee on Digital Assets, Financial Technology and Inclusion recently held a hearing to examine stablecoins’ role in the payment system and to discuss proposed legislation for creating a federal framework for issuing stablecoins. A subcommittee memorandum identified different types of stablecoins (the most popular being pegged to the U.S. dollar to diminish volatility) and presented an overview of the market, which currently consists of more than 200 different types of stablecoins, collectively worth more than $132 billion. The subcommittee referred to a 2021 report issued by the President’s Working Group on Financial Markets, along with the FDIC and OCC (covered by InfoBytes here), in which it was recommended that Congress pass legislation requiring stablecoins to be issued only by insured depository institutions to ensure that payment stablecoins are subject to a federal prudential regulatory framework. The subcommittee discussed draft legislation that would define a payment stablecoin issuer and establish a regulatory framework for payment stablecoin issuers, including enforcement requirements and interoperability standards.
Subcommittee Chairman, French Hill (R-AR), delivered opening remarks, in which he commented that the proposed legislation would require stablecoin issuers to comply with redemption requirements, monthly attestation and disclosures, and risk management standards. Recognizing the significant amount of work yet to be done in this space, Hill said he believes that “innovation is fostered through choice and competition,” and that “one way to do that is through multiple pathways to become a stablecoin issuer, though with appropriate protections [to] prevent regulatory arbitrage and a race to the bottom.” He cited reports that digital asset developers are leaving the U.S. for countries that currently provide a more established regulatory framework for digital assets, and warned that this will stymie innovation, jobs, and consumer/investor protection. He also criticized ”the ongoing turf war between the SEC and CFTC” with respect to digital assets, and warned that “[w]hen you have two agencies contradicting each other in court about whether one of the most utilized stablecoins in the market is a security or a commodity, what you end up with is uncertainty.”
Witness NYDFS Superintendent Adrienne A. Harris discussed the framework that is currently in place in New York and highlighted requirements for payment stablecoin issuers operating in the state. In a prepared statement, Harris said many domestic and foreign regulators call the Department’s regulatory and supervisory oversight of virtual currency the “gold standard,” in which virtual currency entities are “subject to custody and capital requirements designed to industry-specific risks necessary for sound, prudential regulation.” Harris explained that NYDFS established “additional regulations, guidance, and company-specific supervisory agreements to tailor [its] oversight” over financial products, including stablecoins, and said the Department is the first agency to provide regulatory clarity for these types of products. She highlighted guidance released last June, which established criteria for regulated entities seeking to issue USD-backed stablecoins in the state (covered by InfoBytes here), and encouraged a collaborative framework that mirrors the regulatory system for more traditional financial institutions and takes advantage of the comparative strengths offered by federal and state regulators. Federal regulators will be able to comprehensively address “macroprudential considerations” and implement foundational consumer and market protections, while states can “leverage their more immediate understanding of consumer needs” and more quickly modernize regulations in response to industry developments and innovation, Harris said.
House subcommittee discusses CFPB reform proposals
On March 9, the House Financial Services Committee’s Subcommittee on Financial Institutions and Monetary Policy held a hearing to discuss proposals that would alter the structure and authority of the CFPB. The subcommittee heard from several witnesses, including the CEO of the American Financial Services Association (AFSA), the Bureau’s former deputy director, and the Minnesota attorney general.
During the hearing, members discussed legislation that would reform the Bureau, including: (i) the Consumer Financial Protection Commission Act, which would make the Bureau an independent commission; (ii) the Transparency in CFPB Cost-Benefit Analysis Act, which would require the Bureau to include a statement justifying any proposed rulemaking (including “why the private market, State, local, or tribal authorities cannot adequately address the problem”), as well as provide qualitative and quantitative cost assessments and data or studies used in preparing a proposal; (iii) the CFPB-IG Reform Act, which would create a separate inspector general for the Bureau; and (iv) the Taking Account of Bureaucrats’ Spending (TABS) Act, which would make the Bureau an independent agency from the Federal Reserve System called the “Consumer Financial Empowerment Agency” that would be funded through congressional appropriations rather than the Fed.
In his prepared testimony, the AFSA CEO alleged several examples of regulatory overreach taken by the Bureau, including: (i) imposing limits on arbitration, despite the Bureau’s own finding that arbitration benefits consumers; (ii) releasing guidance, instead of legislative rulemaking, which creates ambiguity for companies and consumers; (iii) using “regulation by enforcement” to change TILA and creating an ability to repay standard that does not exist in any consumer financial law or regulation; (iv) issuing press releases that serve as regulations and provide recommendations inconsistent with the plain language of laws such as the SCRA; and (v) creating potential harm to servicemembers through misinterpretations of the Military Lending Act. He further explained that a press release issued by the Bureau last year on junk fees (covered by InfoBytes here) “goes beyond its authority” and creates confusion for both depository institutions and finance companies who are unsure what the rules are. He emphasized that “the best way to protect consumer is to protect access to credit,” and the best method for achieving this “is to have clearly defined terms and conditions that both industry and the regulatory community can understand and follow.”
The former CFPB deputy director also asserted in his prepared testimony that the agency is prone to exceeding statutory limits or requirements. He commented that “[w]hile one or two of these actions could perhaps be dismissed as over-exuberance, the frequency with which these issues arise suggests that the agency lacks adequate internal or external controls to ensure it operates within the law,” and that in “the absence of these controls . . . [it] compels the conclusion that the CFPB is ripe for reform.” He also maintained that having the Bureau go through the annual appropriations process would help the agency “focus its priorities” and “improve its effectiveness and efficiency.” He further noted that expanding the Bureau’s UDAAP authority to cover conduct it observes in the marketplace (such as applying UDAAP credit discrimination laws to any decision making by a financial institution) is “a decision fundamentally for Congress.”
The Minnesota attorney general, however, highlighted joint enforcement actions taken with the Bureau in his prepared testimony, stating that by serving “as a critical enforcement partner,” the agency is operating as Congress intended when it created the Bureau in response to the 2008 financial crisis. “The CFPB’s destruction would topple the whole system like dominos,” he stressed, adding that the funding arguments fall short as several federal agencies are not funded by Congress.
Senators Sherrod Brown (D-OH), Chair of the Senate Banking Committee, and Representative Maxine Waters (D-CA), Ranking Member of the House Financial Services Committee, issued a statement strongly disagreeing with the introduced legislation. “We will continue to work with our colleagues to stop any anti-consumer bill and protect the CFPB so that consumers can continue to have an agency solely dedicated to protecting their hard-earned money,” the lawmakers said.
House Republicans question CFPB’s card late-fee proposal
On March 1, several Republican House Financial Services Committee members sent a letter to CFPB Director Rohit Chopra expressing concerns over the Bureau’s credit card late fee proposal. Among other things, the lawmakers claimed that last year the Bureau broke precedent by failing to address, for the first time, credit card late fees when the agency issued the annual fee adjustments as required under Regulation Z, which implements TILA (covered by InfoBytes here). “In prior years when the CFPB did not make inflation adjustments, because inflation was low, it explained the statistical basis for not indexing the fee,” the letter said. “However, the CFPB has yet to explain or justify why there was not an increase in the most recent annual adjustment announcement—a striking lack of transparency and accountability, and especially so in an era of outsized inflation.” The lawmakers also addressed the Bureau’s February notice of proposed rulemaking (NPRM) to amend Regulation Z and its commentary. As previously covered by InfoBytes, the Bureau said the NPRM would lower the safe harbor dollar amount for first-time and subsequent-violation credit card late fees to $8, eliminate the automatic annual inflation adjustment, and cap late fees at 25 percent of the consumer’s required minimum payment. According to the lawmakers, the changes would disincentivize consumers to make timely payments and impact consumer behavior by shifting “delinquent payment costs to other, innocent, consumers who absorb the associated costs through higher rates or inability to further access unsecured credit that they may need to smooth their consumption.”
The lawmakers posed several questions to the Bureau, including asking why the agency failed to convene a panel as mandated by the Small Business Regulatory Enforcement Fairness Act of 1996 to advise on the rulemaking “[g]iven the broad applicability of this rule making to small institutions.” The Bureau was also asked to provide the data used to determine the dollar limits, as well as any communications the agency had with the Biden administration in the development of the NPRM.
House committees move forward on data privacy
On March 1, the House Subcommittee on Innovation, Data, and Commerce, a subcommittee of the House Energy and Commerce Committee, held a hearing entitled “Promoting U.S. Innovation and Individual Liberty through a National Standard for Data Privacy” to continue discussions on the need for comprehensive federal privacy legislation. House Energy and Commerce Committee Chair Cathy McMorris Rodgers (R-WA) delivered opening remarks, commenting that discussions during the hearing will build upon the bipartisan American Data Privacy and Protection Act (ADPPA), which advanced through the committee last July by a vote of 53-2. As previously covered by InfoBytes, the ADPPA (see H.R. 8152) was sent to the House floor during the last Congressional session, but never came up for a full chamber vote. The bill has not been reintroduced yet.
A subcommittee memo highlighted that absent a comprehensive federal standard, “there are insufficient limits to what types of data companies may collect, process, and transfer.” The subcommittee flagged the data broker industry as an example of where there are limited restrictions or oversight to prevent the creation of consumer profiles that link sensitive data to individuals. Other areas of importance noted by the subcommittee relate to data security protections, data minimization requirements, digital advertising, and privacy enhancing technologies. The subcommittee heard from witnesses who agreed that a comprehensive privacy framework would benefit consumers.
One of the witnesses commented in prepared remarks that preemption is key, calling the current patchwork of state laws confusing and costly to businesses and consumers. “Consumers need a strong and consistent law to protect them across jurisdictions and market sectors, and to clarify what privacy rights they should expect and demand as they navigate the marketplace,” the witness said. The witness also stated that the FTC is currently relying on outdated law, noting that while Section 5 of the FTC Act is frequently used, “virtually all of the FTC’s privacy and data security cases are settlements. That means that many of the legal theories advanced, as well as the remedies obtained, have never been tested in court.”
In advance of the hearing, the California governor, the California attorney general, and the California Privacy Protection Agency sent a joint letter opposing preemption language contained in H.R. 8152. “[B]y prohibiting states from adopting, maintaining, enforcing, or continuing in effect any law covered by the legislation, [the ADPPA] would eliminate existing protections for residents in California and sister states,” the letter warned. The letter asked Congress “to set the floor and not the ceiling in any federal privacy law” and “allow states to provide additional protections in response to changing technology and data privacy protection practices.”
Separately, at the end of February, Chairman of the House Financial Services Committee, Patrick McHenry (R-NC) introduced the Data Privacy Act of 2023 (see H.R. 1165). The bill moved out of committee by a 26-21 vote, and now goes to the full House for consideration. Among other things, the bill would modernize the Gramm-Leach-Bliley Act to better align the statute with the evolving technological landscape. The bill would also ensure consumers understand how their data is being collected and used and grant consumers power to opt-out of the collection of their data and request that their data be deleted at any time. Additional provisions are intended to protect against the misuse or overuse of consumers’ personal data and impose disclosure requirements relating to data collection methods, how data is used and who it is shared with, data retention policies, and informed choice. The bill is designed to provide consistency across the country to reduce compliance burdens, McHenry said.
CFPB proposes T&C registry for nonbanks
On January 11, the CFPB announced a proposed rule to create a public registry of terms and conditions used in non-negotiable, “take it or leave it” nonbank form contracts that “claim to waive or limit consumer rights and protections.” Under the proposal, supervised nonbank companies would be required to report annually to the Bureau on their use of standard-form contract terms that “seek to waive consumer rights or other legal protections or limit the ability of consumers to enforce or exercise their rights.” The terms and conditions—which would be made publicly available—would include those that address waivers of consumer claims, liability limits, legal action limits, class action bans, arbitration agreements, liquidated damages clauses, as well as other waivers of consumer rights.
The Bureau explained that its proposal is intended to “facilitate public awareness and oversight” about what nonbanks are putting in form contracts. “Some companies slip terms and conditions into their form contracts that try to take away consumer protections, try to limit how consumers exercise their rights, or try to quiet consumer complaints or criticism,” the Bureau stated in its announcement. “[M]ore broadly, the terms and conditions potentially undermine consumer financial protection law.”
The Bureau provided several examples of such terms and conditions, including: (i) unlawful mandatory arbitration agreements that are included in servicemember loan contracts; (ii) credit monitoring service agreements that “undermine credit reporting rights” by prohibiting consumers from pursuing legal action, including class action lawsuits, for FCRA violations; (iii) occurrences where lenders use clauses that waive liability for bank fees that borrowers incur due to repeated payment collection attempts; (iii) mortgage contracts that make “deceptive” use of waivers and limitations that are inconsistent with TILA restrictions; and (v) terms and conditions that try to quiet consumer complaints or criticism.
All supervised nonbanks, including those operating in payday lending, private student loan origination, mortgage lending and servicing, student loan servicing, automobile financing, consumer reporting, consumer debt collection, and international remittances would be subject to the rule. However, the Bureau is proposing certain exemptions for nonbanks with lower levels of receipts. Comments on the proposal are due 30 days after publication in the Federal Register.
“[T]the registry would help regulators and law enforcement more easily detect when companies are offering products and services using prohibited, void, and restricted contract terms described above. This would be especially useful to state and tribal regulators with limited resources to alert or take action against companies violating the law,” CFPB Director Rohit Chopra said in an accompanying statement, adding that the Bureau plans to “use data from the registry to identify supervised nonbanks and the risks their terms and conditions pose, prioritize which firms to examine, and plan the scope of those exams.”
House Financial Services Committee Chairman Patrick McHenry (R-NC) slammed the proposal, saying the “proposed registry of terms and conditions will facilitate the naming and shaming of firms to empower progressive activists. Requiring nonbank financial firms to register publicly with the Bureau is unprecedented—no other industry is required to make public such detailed contract information. The days of Congress giving Director Chopra a free pass for his reckless actions have come to an end.”
The proposed registry follows a proposal announced in December by the Bureau that would create a database of enforcement actions taken against certain nonbank covered entities, which would include all final public written orders and judgments (including any consent and stipulated orders and judgments) obtained or issued by any federal, state, or local government agency for violation of certain consumer protection laws related to unfair, deceptive, or abusive acts or practices. (Covered by InfoBytes here.)
Chopra testifies at congressional hearings
On December 14, CFPB Director Rohit Chopra testified at a hearing titled Consumers First: Semi-Annual Report of the Consumer Financial Protection Bureau held by the House Financial Services Committee on the CFPB’s most recent semi-annual report to Congress (covered by InfoBytes here). Chopra’s prepared statement focused on: (i) the current state of the economy and household finance; (ii) promoting an open, competitive, and a decentralized market; and (iii) actions by Congress where bipartisan support is expected. Chopra also cited concerns regarding the accuracy of medical debt credit reporting and noted that the CFPB is continuing “to examine how medical debt burdens are impacting household balance sheets.”
House Financial Services Chairwoman Maxine Waters (D-CA) praised Chopra’s leadership in her opening statement, stating that the Bureau has combated “redlining, housing discrimination, illegal evictions, and foreclosures, and has worked tirelessly to root out appraisal bias.” However, Ranking Member Patrick McHenry (R-PA) argued that the Bureau’s “lack of transparency is of grave concern.” McHenry discussed the CFPB’s six compliance bulletins, five advisory opinions, five interpretive rules, and seven circulars published this year, which he considers to have fostered “uncertainty” within the financial services industry. McHenry also warned Chopra that he can expect “much more thorough” oversight next year when Republicans take control of the House and when McHenry becomes the chair of the House Financial Services Committee.
During the hearing, Chopra acknowledged that the Bureau's Section 1071 Rulemaking “is on track to issue a final rule by March 31, 2023”—a deadline established by court order in July as a result of a stipulated settlement reached in February 2020 with a group of plaintiffs, including the California Reinvestment Coalition, related to the collection of small business lending data (covered by InfoBytes here). Chopra added that the Bureau wants to ensure it has “an implementation period that gives the smaller firms more time, and the ability to make sure it’s not duplicative with existing requirements under the Community Reinvestment Act.”
During the hearing, Republican committee members inquired about the agency’s creation and use of the term “junk fees” to describe, among other things, legal fees that banks charge for financial products and services. According to Rep. Blaine Luetkemeyer (R-MO) “there is no such word in financial services lexicon,” and the Bureau is “making up a word and then using it to go out and enforce something that doesn’t exist.” Republican committee members also inquired about the Bureau’s recent updates to its UDAAP exam manual. As previously covered by a Buckley Special Alert, in March, the CFPB announced significant revisions to its UDAAP exam manual, in particular highlighting the CFPB’s view that its broad authority under UDAAP allows it to address discriminatory conduct in the offering of any financial product or service. Rep. Andy Barr (R-KY) commented that “this is not interpretive guidance,” and said Chopra is “trying to change the law.”
Chopra reiterated the Bureau’s priorities in his December 15 testimony before the Senate Banking Committee. During the hearing, Ranking Member Sherrod Brown (D-OH) noted that Republican lawmakers proposed legislation to subject the CFPB to appropriations and to change the CFPB's single-director structure to a commission. Chopra was also questioned by Ranking Member Patrick Toomey (R-PA) who raised concerns regarding the Bureau’s “overreach and pursuit of a politicized agenda.” He further argued that “the Dodd-Frank Act exempted the CFPB from appropriations,” and “empowers the CFPB to simply take funds from the Fed, which is itself also not subject to appropriation, thereby doubly insulating the CFPB from any congressional control.” Other topics discussed during the hearing included, among other things, military lending, credit cards, and overdraft fees.
Senators demand answers on collapsed cryptocurrency exchange; NYDFS seeks tougher crypto approach
On November 16, Senator Elizabeth Warren (MA-D) and Senator Richard Durbin (IL-D) sent a letter to the ex-CEO and his successor of a cryptocurrency exchange that filed for bankruptcy. In the letter, the senators requested a series of files from the cryptocurrency exchange, including copies of internal policies and procedures regarding the relationship between the firm and its affiliated crypto hedge fund. The senators stated that the cryptocurrency exchange’s customers and Americans “fear that they will never get back the assets they trusted to [the cryptocurrency exchange] and its subsidiaries.” Additionally, the senators argued that “the apparent lack of due diligence by venture capital and other big investment funds eager to get rich off crypto, and the risk of broader contagion across the crypto market that could multiply retail investors’ losses, ‘call into question the promise of the industry.’” The senators emphasized that “the public is owed a complete and transparent accounting of the business practices and financial activities leading up to and following the cryptocurrency lending firm's collapse and the loss of billions of dollars of customer funds.” Among other things, the senators asked the cryptocurrency exchange to provide requested information by November 28, including: (i) complete copies of all the firm’s and its subsidiaries’ balance sheets, from 2019 to the present; (ii) an explanation of how “a poor internal labeling of bank-related accounts” resulted in the firm’s liquidity crisis; (iii) a list of all the firm’s transfers to its affiliated crypto hedge fund; (iv) copies of all written policies and procedures regarding the relationship between the firm and its affiliated crypto hedge fund; and (v) an explanation of the $1.7 billion in the firm’s customer funds that were allegedly reported missing.
The same day, NYDFS Superintendent Adrienne Harris participated in a “fireside chat” before the Brooking Institute’s event, Digital asset regulation: The state perspective - Effective regulatory design and implementation for virtual currency. During the chat, Harris expressed her support for a national framework similar to what New York has because she believes that “it is proving itself to be a very robust and sustainable regime.” Harris also discussed NYDFS priorities regarding digital assets for the future, stating that crypto companies can expect more guidance on a number of key regulatory issues. Specifically, Harris disclosed that NYDFS will “have more to say on capitalization,” and “on consumer protection, disclosures, advertising … [and] complaints, making sure these companies have an easy way for consumers to complain.” She also warned that NYDFS will “bolster and broaden” its authority, adding that there is “lots of work for us to do to make clear the expectations that we have already, and to make sure that the things we have on the books equip us well to keep up with this marketplace.”
Senators Warren and Sheldon Whitehouse (D-RI) also sent a letter to the DOJ asking that the former CEO and any complicit company executives be held personally accountability for wrongdoing following the cryptocurrency exchange’s collapse.
On December 13, the House Financial Services Committee will hold a hearing to discuss the cryptocurrency exchange’s collapse and the possible implications for other digital asset companies.
Senate Banking grills regulators on crypto
On November 15, the Senate Committee on Banking, Housing, and Urban Affairs held a hearing entitled “Oversight of Financial Regulators: A Strong Banking and Credit Union System for Main Street” to hear from federal financial regulators about growing risks related to bank mergers, bailouts, climate change, crypto assets, and cyberattacks, among other topics. Committee Chairman Sherrod Brown (D-OH) opened the hearing by emphasizing that Congress “must stay vigilant and empower regulators with the tools to combat these growing risks,” and said that banks and credit unions must be able to partner with third parties in a manner that enables competition but without risking consumer money. He also warned that big tech companies and shadow banks should not be allowed to “play by different rules because of special loopholes.” In his opening statement, Ranking Member Patrick J. Toomey (R-PA) challenged the regulators to “not stray beyond their mandates into politically contentious issues or establish unnecessary new regulatory burdens,” pointing to the participation of the Federal Reserve Board, FDIC, and OCC in the Network for the Greening the Financial System as an example of politicizing financial regulation.
Testifying at the hearing were the Fed’s Vice Chair for Supervision Michael S. Barr, NCUA Chair Todd M. Harper, acting FDIC Chairman Martin J. Gruenberg, and acting Comptroller of the Currency Michael J. Hsu. Cryptocurrency concerns were a primary focus during the hearing, where Toomey asked the regulators why they still have not provided public clarity on banks’ involvement in crypto activities, such as providing custody services or issuing stablecoins.
Pointing to a major cryptocurrency exchange’s recent major collapse, Toomey pressed Hsu on whether the OCC “discourages banks from providing custody services” for crypto assets. Toomey speculated, “it seems to me if people had access to custody services provided by a wide range of institutions, including regulated financial institutions, they might be able to sleep more comfortably knowing that those assets are unlikely to be used for some completely inappropriate purpose.” Answering that the OCC discourages banks from engaging in activities that are not safe, sound, and fair, Hsu acknowledged that there are underlying fundamental issues and questions about what it means to control crypto through a custody “which have not been fully worked out.” Toomey emphasized that part of the obligation rests on the OCC to provide clarity on how banks could provide these services in a safe, sound, and fair manner, and stressed that currently these activities are operating in a space outside the regulatory perimeter. Barr agreed that it would be useful for the Fed to provide guidance to banks on how to safely custody crypto assets and said it is something he plans to work on with his colleagues.
Toomy further noted that Congress’s failure “to pass legislation in this space and the failure of regulators to provide clear guidance has created ambiguity that has driven developers and entrepreneurs overseas where regulations are often lax at best.” Senator Bill Haggerty (R-TN) cautioned that lawmakers should not resort to a “heavy-handed” regulatory response to the cryptocurrency exchange’s collapse. “No amount of poorly considered, knee-jerk over-regulation here in the U.S. would have prevented a foreign-domiciled company like [the collapsed cryptocurrency exchange] from doing what it did,” Haggerty said. “The fact of the matter is that crypto, much like all of finance, isn’t beholden to a specific country or a specific legal system, and by not acting and by failing to provide legal clarity here in the United States, Congress only incentivizes activity to migrate outside of our country’s borders,” Haggerty stated, adding that it is “important to recognize that whatever happened with a bad actor running a centralized exchange and defrauding customers” has “nothing to do with the technology underpinning crypto itself.” When asked by Sen. John Kennedy (R-LA) which regulator was responsible for watching the collapsed cryptocurrency exchange, Gruenberg said “I think in the first instance, you’d probably want to engage with the market regulators, the SEC and the CFTC, to talk about the activities and the authorities in this area.”
The regulators also discussed efforts to mitigate cybersecurity risks and strengthen information security within the banking industry. Hsu stressed during the hearing that “the greatest risk is the risk of complacency,” while noting in his prepared remarks that the OCC is aware of the risks associated with cybersecurity and has “encouraged banks to stay abreast of new technology and threats.” Barr pointed to the importance of operational resilience in his prepared remarks, noting that “technology-based failures, cyber incidents, pandemics, and natural disasters,” combined with the growing reliance on third-party service providers, expose banks to a range of operational risks that are often challenging to anticipate. Harper commented in his prepared remarks that the NCUA continues to provide guidance for credit unions to reinforce their ability to withstand potential cyberattacks, and recommends that credit unions report cyber incidents to the NCUA, the FBI, and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. In his prepared remarks, Gruenberg pointed to recent examination findings revealing that banks that have dedicated resources for implementing appropriate controls are better at defending against cyberattacks, and said the FDIC is “piloting technical examination aids that will help  examiners focus on the controls  found to be most effective in defending against these attacks.”
The House Financial Services Committee also held a hearing later in the week that focused on similar topics with the regulators. Chair Maxine Waters (D-CA) and Rep. Patrick McHenry (R-NC) also announced that the committee will hold a hearing in December to investigate the aforementioned cryptocurrency exchange’s collapse and understand the broader consequences the collapse may have on the digital asset ecosystem.
West Virginia AG pings CFPB on "unconstitutionally appropriated" funds
On October 24, the West Virginia attorney general sent a letter to CFPB Director Rohit Chopra, and to the leadership of both the House Financial Services Committee and the Senate Banking Committee, regarding the constitutionality of the Bureau’s continuing operation. As previously covered by a Buckley Special Alert, the U.S. Court of Appeals for the Fifth Circuit held that the CFPB funding structure created by Congress violated the Appropriations Clause of the Constitution, which provides that “no money shall be drawn from the Treasury, but in Consequence of Appropriations made by Law.” The 5th Circuit ruled that, although the CFPB spends money pursuant to a validly enacted statute, the structure violates the Appropriations Clause because the CFPB obtains its funds from the Federal Reserve (not the Treasury), the CFPB maintains funds in a separate account, the Appropriations Committees do not have authority to review the agency’s expenditures, and the Bureau exercises broad authority over the economy. In the letter, the AG argued that the Bureau cannot discharge its duties in a constitutionally permissible way. He further noted that the Bureau “plainly cannot do that with a funding scheme that ‘sever[s] any line of accountability between [Congress] and the CFPB.’” The AG urged the Bureau to reassess its future plans and to reevaluate whether its present regulations have any effect. The letter also requested answers to a series of questions, no later than November 1: (i) “Does the agency believe that any of the regulations that it promulgated under the unconstitutional funding scheme remain in effect? If so, which ones—and why? Similarly, how does the decision affect past enforcement actions?”; and (ii) “What plans does the Bureau plan to undertake to comply with the ruling? How will its ongoing enforcement efforts be effected? How will this change affect any promulgation of regulations? How will bank supervision continue, if at all?”