To keep you informed of recent activities, below are several of the most significant federal and state events that have influenced the Consumer Financial Services industry over the past week.
Federal Activities:
On January 16, the Federal Trade Commission (FTC) finalized changes to the Children’s Online Privacy Protection Rule (COPPA), significantly enhancing protections for children’s data and requiring operators to provide more information to parents. The new rule mandates that parents must opt in to third-party advertising, addressing the evolving ways companies collect and monetize children’s data. The amendments also include stricter data retention limits, increased transparency for COPPA Safe Harbor programs, and expanded definitions of personal information to cover biometric and government-issued identifiers. The final rule will be effective 60 days after its publication in the Federal Register, with a one-year compliance period for affected entities. For more information, click here.
On January 15, the U.S. Attorney’s Office for the Southern District of New York announced that HDR Global Trading Ltd., also known as BitMEX, was fined $100 million for willfully violating the Bank Secrecy Act by failing to implement adequate anti-money laundering (AML) and know-your-customer (KYC) programs. BitMEX, which has been servicing U.S. traders since its inception in 2014, allegedly knowingly flouted these requirements to boost revenue, requiring only an email address for customer verification. The company’s executives, who were aware of their legal obligations, allegedly took steps to circumvent U.S. laws, allowing illicit transactions to flow through the U.S. financial system. In addition to the fine, BitMEX was sentenced to two years of probation. For more information, click here.
On January 15, the Consumer Financial Protection Bureau (CFPB) released a blogpost highlighting the growing efforts by financial institutions to serve consumers with limited English proficiency (LEP). The increased availability of multilingual communications fosters a more competitive market, benefiting consumers by streamlining processes, reducing costs, and expanding access to credit. However, according to the CFPB, despite these advancements, significant barriers remain for LEP individuals in accessing fair and competitive financial services. Some entities even exploit language barriers to obscure key costs and terms, leading to high-cost or predatory products. The CFPB, along with state attorneys general, has taken actions against such practices in industries like auto lending and green product financing. For more information, click here.
On January 15, the CFPB issued a compliance aid to clarify the requirements under the Electronic Fund Transfer Act (EFTA) and Regulation E. Electronic Fund Transfers (EFTs) are defined as “any transfer of funds that is initiated through an electronic terminal, telephone, computer, or magnetic tape for the purpose of ordering, instructing, or authorizing a financial institution to debit or credit a consumer’s account.” The compliance aid, presented in a frequently asked questions (FAQs) format, addresses various aspects of EFTs, including coverage, financial institutions’ obligations, and error resolution processes. Compliance aids are not rules under the Administrative Procedures Act, but instead “present the requirements of existing rules and statutes in a manner that is useful for compliance professionals, other industry stakeholders, and the public.” For more information, click here.
On January 15, the CFPB released an Issue Spotlight, a consumer advisory, and an amicus brief concerning home equity contracts, often referred to as home equity “investments” (HEIs). Home equity contracts provide homeowners with an upfront payment in exchange for a future lump sum repayment based on the home’s value. The homeowner retains the right to occupy the home and is responsible for the maintenance of the home, including property taxes and hazard insurance. If the homeowner does not maintain the property to the standards required by the agreement, the payoff amount may increase. The home equity contract company secures their interest with a lien on the property, just like a traditional mortgage. These contracts can be appealing to consumers looking to tap into their home equity without traditional loan structures. According to the CFPB, in the first 10 months of 2024, the four largest home equity contract companies securitized approximately $1.1 billion backed by about 11,000 home equity contracts. However, these contracts come with significant considerations. For more information, click here.
On January 14, the FTC finalized an order banning data broker Mobilewalla Inc. from selling sensitive location data, following allegations that the company sold such information without verifying consumers’ consent. The FTC’s complaint, initially announced in December, accused Mobilewalla of unlawfully tracking and selling data related to visits to healthcare facilities and places of worship. The final order prohibits Mobilewalla from collecting consumer data from online real-time bidding advertising exchanges for non-auction purposes, marking a first in the agency’s enforcement actions. Additionally, Mobilewalla is barred from misrepresenting its data practices and from using, transferring, or disclosing location data from sensitive locations such as health clinics, religious organizations, and military installations. For more information, click here.
On January 14, the CFPB released a report titled “Strengthening State-Level Consumer Protections.” This report appears to be a strategic move by the CFPB to influence state-level consumer protection laws before the anticipated shift in federal regulatory policy, and the CFPB’s recommendations appear to be items that would need to be the subject of legislation, if they are to occur. As detailed below, the changes advocated by the CFPB would strengthen the position of both state regulators and private plaintiffs in actions against industry participants. For more information, click here.
On January 13, the CFPB released a report providing its analysis of the growth and impact of Buy Now, Pay Later (BNPL) loans in the U.S. since 2019. BNPL loans, typically zero-interest loans repaid in four or fewer installments, have not been widely reported to nationwide consumer reporting companies, creating a lack of data, according to the CFPB. (Most consumer reporting agencies do not offer a readily available mechanism to report BNPL loans.) The stated purpose of the CFPB’s study was to bridge that gap by using a matched sample of BNPL applications and originations from six major BNPL firms along with corresponding de-identified credit records. The report highlights the significant increase in BNPL applications and approval rates from 2019 to 2022. The number of daily applications rose from just over 100,000 in 2019 to more than 1 million in 2022. The approval rate also increased from 56% in 2019 to 79% in 2022, apparently driven by the use of counteroffers and the inclusion of returning customers. The report also identifies the practice of what the CFPB refers to as “loan stacking,” i.e., where borrowers have multiple active BNPL loans. In 2021 and 2022, 63% of BNPL borrowers had simultaneous loans at some point, with 32% having loans across different firms. The CFPB noted that this practice is particularly pronounced during the holiday season. For more information, click here.
On January 13, the CFPB proposed a new ruleaimed at banning certain contractual provisions in agreements for consumer financial products or services. The CFPB’s proposal targets certain terms and conditions sometimes found in so-called contracts of adhesion or standard-form contracts, including waivers of legal rights and protections, contract terms that limit free expression, and other terms that the CFPB believes undermine consumers’ rights and protections. The proposed rule also seeks to codify certain prohibitions under the FTC’s Credit Practices Rule. The proposed rule would generally apply to “covered persons” under the Consumer Financial Protection Act, including any person offering or providing a consumer financial product or service, as well as affiliates acting as service providers. Small businesses, small organizations, or small governmental jurisdictions, as defined by the Small Business Act, would be exempt. The CFPB is accepting public comments on the proposed rule until April 1. For more information, click here.
On January 13, the CFPB released a report revealing that hundreds of thousands of mortgages in the Southeast and Central Southwest U.S. are likely underinsured against flood risk, particularly for homeowners near inland rivers and creeks. The report, which analyzed mortgage applications from 2018-2022, found that coastal homeowners are more likely to have flood insurance and possess higher incomes and assets, making them better equipped to recover from flooding. In contrast, those living near inland streams and rivers are less likely to have flood insurance and fewer financial resources, increasing their vulnerability to catastrophic loss. The analysis highlighted discrepancies in flood risk assessments between FEMA’s coastal-focused maps and the First Street Foundation’s broader, forward-looking data, suggesting that current flood insurance maps may not accurately capture true flood risk exposure. Consequently, more than 400,000 homes in these regions may be underinsured, with inland homeowners particularly at risk due to lower incomes and smaller down payments, limiting their ability to recover from flood events. For more information, click here.
On January 10, the CFPB issued a notice of proposed interpretive rule. The proposed rule would apply the Electronic Fund Transfer Act (EFTA) — which protects consumers against errors and fraud — to new types of digital payment mechanisms, including stablecoins and other digital currencies. The proposed rule is targeted at EFTs through accounts established primarily for personal, family, or household purposes. Potentially impacted parties include a wide swath of the crypto industry — e.g., cryptocurrency exchanges, digital wallet providers, and stablecoin issuers. The deadline for comments is March 31. For more information, click here.
On January 7, the National Credit Union Administration (NCUA) released its supervisory priorities for 2025, outlining the key areas of focus for federally insured credit unions. This guidance is crucial for credit unions as it highlights the areas posing the highest risk to members, the industry, and the National Credit Union Share Insurance Fund (Share Insurance Fund). The NCUA has observed continued financial stress on credit union balance sheets throughout 2024. Loan performance has deteriorated since 2022, with delinquency and charge-off rates reaching their highest levels in over a decade. Despite these challenges, the credit union system remains stable and resilient against economic disruptions. For more information, click here.
On January 7, a federal grand jury in the Northern District of Georgia indicted three Russian nationals for operating the cryptocurrency mixing services Blender.io and Sinbad.io. The indictment alleges that these services were used to launder funds from ransomware and wire fraud, facilitating cybercriminal activities that threaten public safety and national security. Both services have been sanctioned by the Department of Treasury’s Office of Foreign Assets Control for their involvement in laundering stolen virtual currency, including funds linked to North Korean state-sponsored hacking groups. If convicted, the defendants face significant prison sentences for conspiracy to commit money laundering and operating unlicensed money transmitting businesses. For more information, click here.
State Activities:
On January 13, Superintendent Adrienne A. Harris of the New York Department of Financial Services (NY DFS) launched the inaugural Transatlantic Regulatory Exchange (TRE) with the Bank of England (BOE). This international secondment program facilitates the exchange of senior staff between NY DFS and other regulators, promoting the sharing of resources, knowledge, and regulatory strategies. The first exchange, commencing in February, will involve experts in emerging payments and digital assets. Superintendent Harris emphasized the importance of this partnership in strengthening regulatory frameworks, protecting consumers, and supporting innovation. Deputy Governor for Financial Stability at the BOE, Sarah Breeden, highlighted the initiative’s role in enhancing global financial stability and safe innovation. The secondment positions, open to internal candidates with expertise in digital financial technologies, will last a minimum of six months, extendable up to one year, with secondees expected to bring back enhanced insights to their home regulators. For more information, click here.