Like most industries today, Consumer Finance Services businesses continue to be significantly impacted by COVID-19. To help you keep abreast of relevant activities, below find a breakdown of some of the biggest legislative and regulatory events at the federal and state levels to impact the Consumer Finance Services industry this past week:
Privacy and Cybersecurity Activities
- On April 29, the Consumer Financial Protection Bureau (CFPB) released Spanish language translations for certain model and sample forms included in the Prepaid Rule in Regulation E and for certain adverse action model and sample notices included in Regulation B. For more information, click here.
- On April 28, Representatives Glenn Thompson (R-PA), Ro Khanna (D-CA), Tom Emmer (R-MN), and Darren Soto (D-FL) introduced the Digital Commodity Exchange Act of 2022, which would create a definition for “digital commodity” and allow the Commodity Futures Trading Commission to oversee companies issuing or letting people trade these types of tokens, while having the Securities and Exchange Commission continue to oversee tokens that fall under U.S. securities laws. For more information, click here.
- On April 28, the Department of Education announced it will deliver relief to tens of thousands of borrowers harmed by pervasive and widespread misconduct at Marinello Schools of Beauty. The 28,0000 borrowers who enrolled in the schools from 2009 through its closure in February 2016 will receive loan discharges based on borrower defense findings, totaling approximately $238 million. This group discharge also includes borrowers who enrolled at Marinello during this period, but have not yet applied for a borrower defense discharge. For more information, click here.
- On April 27, Acting Comptroller of the Currency Michael J. Hsu issued a statement, calling for unified standards for stablecoins after his appearance at the Artificial Intelligence and the Economy: Charting a Path for Responsible and Inclusive AI Symposium hosted by the U.S. Department of Commerce, National Institute of Standards and Technology (NIST), FinRegLab, and the Stanford Institute for Human-Centered Artificial Intelligence. Hsu stated that creating one set of technical and legal standards for the dollar-pegged cryptocurrencies is as “vital to keeping the dollar competitive in the blockchain-based digital economy” as setting the standards for the World Wide Web was to the development of the modern internet economy. For more information, click here.
- On April 25, the CFPB announced that it would begin invoking a provision in Dodd-Frank, previously used only infrequently, to conduct supervisory examinations over a greater number of nonbank financial companies that may “pose risks to consumers,” in particular fintechs. For more information, click here.
- On April 28, Southern District of New York Judge Vyskocil granted a preliminary injunction, preventing sheriffs from enforcing New York’s Fair Consumer Judgment Interest Act on a retroactive basis. The act, which became effective on April 30, lowers the statutory rate of interest accrued on money judgment for consumer debt to 2% per year (from 9%). The amendment applies retroactively to judgments unsatisfied at the time the law went into effect. The court enjoined the sheriff’s office “from refusing to execute an existing judgment calculated with the interest rate in effect at the time the judgment was obtained, and from enforcing reduction of the existing interest rate of the judgments entered prior to the effective date of the Amendment.” For more information, click here.
- On April 28, the New York Department of Financial Services issued guidance on the use of blockchain analytics, emphasizing “the importance of blockchain analytics to effective policies, processes, and procedures, including, for example, those relating to customer due diligence, transaction monitoring, and sanctions screening.” For more information, click here.
- On April 26, Washington, DC Attorney General Karl Racine issued a press release, announcing his office’s legal victories in protecting housing for D.C. residents. The announced victories included restitution secured for residents for tenants in the district and directed residents to resources and tips for how to report problems with landlords. For more information, click here.
- On April 22, Arkansas Attorney General Leslie Rutledge joined a bipartisan coalition of attorneys general, urging “GoFundMe to better disclose policies and to provide greater clarity in terms of service for consumers who use its platform.” GoFundMe has helped organizers raise more than $5 billion since 2010 and collects fees between 2.2 to 2.9% plus $0.3 per transaction. However, according to the press release, information “related to blocking, freezing, refunding, and re-directing donations, is hard to find and unclear.” For more information, click here.
- On April 20, Tennessee became the second state to pass legislation, recognizing and allowing the registration of decentralized autonomous organizations (DAOs) as LLCs under Tennessee’s Revised Limited Liability Company Act. For more information, click here.
Privacy and Cybersecurity Activities:
- On April 28, the Connecticut Data Privacy Act (SB-6) cleared the penultimate legislative hurdle, passing in the House by a vote of 144-5. This legislation previously passed Connecticut’s State Senate by a vote of 35-0 on April 20, and will now head to Governor Ned Lamont for final signature. If signed, Connecticut would be the fifth state in the country to pass a data privacy law, and the majority of the substantive requirements would take effect on July 1, 2023. The final version of SB-6 shares many similarities with other recently enacted state privacy statutes, but most closely resembles the Colorado Privacy Act (CPA). Notably, this legislation does include temporary right to cure, which sunsets on December 31, 2024. For more information, click here.
- On April 25, the Federal Trade Commission (FTC) released guidance titled, “What the Pandemic Has Taught Businesses About the Collection of Health Information.” This guidance includes several recommendations for businesses to consider regarding checking/storing information from employee’s COVID-19 vaccination cards. This includes, but is not limited to, considering the objection of the data collection, analyzing how long this sensitive health information needs to be retained, and providing secure technology to safely store this information. The guidance also makes specific recommendations for companies that provide vaccine verification “passport” applications used to store information related to vaccination status. For more information, click here.