To keep you informed of recent activities, below are several of the most significant federal events that have influenced the Consumer Financial Services industry over the past week.
Federal Activities:
On March 20, President Donald J. Trump unveiled a national artificial intelligence (AI) legislative framework outlining the administration’s blueprint for “winning the AI race” by pairing aggressive support for innovation with federal guardrails on key risks, and calling on Congress to enact uniform nationwide rules that preempt a patchwork of state laws. The framework centers on six objectives: (1) protecting children and empowering parents with stronger account controls, privacy tools, and safety features on AI platforms likely to be accessed by minors; (2) safeguarding and strengthening communities by ensuring ratepayers are not forced to subsidize data centers, streamlining permitting so data centers can generate on-site power, and enhancing federal tools to combat AI-enabled scams and national security threats; (3) respecting intellectual property and supporting creators while still allowing AI systems to make fair use of information needed to improve; (4) preventing censorship and protecting free speech by barring the use of AI as a vehicle for government-driven viewpoint suppression or political “right-think”; (5) enabling innovation and securing American AI dominance by removing outdated regulatory barriers, accelerating AI deployment across sectors, and expanding access to testing environments; and (6) educating Americans and building an AI-ready workforce through expanded skills training and workforce development so that workers can share in AI-driven growth. For more information, click here.
On March 20, the Commodity Futures Trading Commission’s (CFTC) Market Participants Division and Division of Clearing and Risk issued FAQs providing additional guidance to futures commission merchants (FCMs), swap dealers, and derivatives clearing organizations (DCOs) on the use of crypto assets and blockchain technologies, clarifying earlier staff letters on tokenized collateral (Staff Letter 25-39) and digital assets accepted as margin (Staff Letter 26-05). The FAQs explain, among other points, that FCMs relying on the no‑action relief may treat certain nonsecurity crypto assets (including payment stablecoins, bitcoin, and ether) posted as margin as securing customer debit/deficit balances; may deposit proprietary payment stablecoins (but not other crypto) as residual interest in segregated customer accounts subject to capital haircuts; but may not invest customer funds in stablecoins or use crypto as eligible collateral for uncleared swaps, where existing margin-eligibility rules still control. The FAQs further address appropriate capital charges for proprietary positions (20% for bitcoin and ether, 2% for qualifying payment stablecoins, harmonized with U.S. Securities and Exchange Commission (SEC) guidance), confirm that DCOs may accept crypto (including payment stablecoins) as initial margin only if it meets “minimal risk” standards and is properly haircut under Regulation 39.13, and outline procedural and reporting conditions for FCMs that choose to rely on Staff Letter 26‑05, including advance notice filings, an initial three‑month period in which only bitcoin, ether, and payment stablecoins may be accepted as crypto margin, prompt incident reporting, and weekly position reporting. For more information, click here.
On March 20, the Congressional Research Service (CRS) issued a report outlining how the rapid growth of prediction markets, i.e., online exchanges offering binary “event contracts” on outcomes such as sports, politics, economic indicators, and weather, raises policy questions for Congress around jurisdiction, regulatory arbitrage, and insider trading. The report explains that, unlike traditional legalized sports gambling where sportsbooks set odds, CFTC-regulated platforms like Kalshi (onshore, CFTC-registered) and Polymarket (primarily offshore, with a smaller CFTC-approved venue) use continuous trading to set prices, and that sports contracts now dominate trading volume after a post‑2025 shift in CFTC leadership toward a more permissive view that many event contracts fall within the Commodity Exchange Act’s (CEA) definition of swaps and thus under the CFTC’s “exclusive jurisdiction.” This stance, combined with exchanges’ self‑certification authority and the CEA’s “contrary to the public interest” bar for certain contracts (e.g., gaming, elections, terrorism), has sparked litigation with states and tribes that view sports event contracts as gambling subject to state or tribal law, and has raised concerns that prediction markets may circumvent state sports‑betting restrictions, age limits, and taxes, especially in states that still ban sports gambling. The report also highlights insider trading risks where traders possess nonpublic information about outcomes (e.g., policy decisions, earnings, geopolitical actions), notes that some protections already exist via CFTC anti‑manipulation rules and exchange-level restrictions but their practical enforceability remains uncertain, and summarizes pending federal legislation that would either tighten federal limits on certain categories of event contracts or, alternatively, exclude them from the CEA and shift regulation to the states with added safeguards such as higher age thresholds. For more information, click here.
On March 20, the CRS updated its report on the Financial Crimes Enforcement Network (FinCEN) and implementation of the Anti-Money Laundering Act of 2020 (AMLA), describing how AMLA expanded FinCEN’s mandate to modernize the U.S. anti-money laundering (AML)/countering the financing of terrorism (CFTC) regime, create a federal beneficial ownership reporting system under the Corporate Transparency Act (CTA), strengthen enforcement and whistleblower tools, and bring “value that substitutes for currency” (including certain digital assets) more squarely within Bank Secrecy Act (BSA) coverage. The report details FinCEN’s central role in issuing numerous AMLA-required rules and reports, with mixed progress: a controversial March 26, 2025, interim final rule effectively exempting domestic entities and U.S. persons from CTA beneficial ownership reporting; a February 2026 “exceptive relief” order easing customer due diligence requirements for beneficial-owner verification at each new account opening; stalled or withdrawn rulemakings on antiquities dealers, a Suspicious Activity Report (SAR)-sharing pilot, and a formal no‑action letter process; and ongoing rulemakings on national AML/CFT priorities, residential real estate, and investment adviser obligations, as well as special measures and geographic targeting orders. CRS underscores resource and policy constraints on AMLA implementation, the Trump administration’s deregulatory emphasis (including scaling back CTA implementation as an explicit small‑business relief measure), and the resulting oversight and legislative debates in the 119th Congress — ranging from proposals to repeal or narrow the CTA to bills that would reinforce beneficial ownership transparency and adjust FinCEN’s authorities, funding, and reporting obligations going forward. For more information, click here.
On March 20, the Federal Housing Finance Agency issued a technical correcting amendment clarifying that its March 17, 2026, final rule related to reinstating “grandfather” exceptions to restrictions on private transfer fee covenants is a final rule and technical amendment only, and is not a request for public comment, by revising the ACTION line in the prior Federal Register notice to read “Final rule; technical amendment.” For more information, click here.
On March 19, U.S. Senate Democratic Whip Dick Durbin (D-IL), joined by Senators Elizabeth Warren (D-MA), Peter Welch (D-VT), Bernie Sanders (I-VT), Tina Smith (D-MN), and Mazie Hirono (D-HI), introduced the No Bailout for Crypto Act to bar federal agencies from using taxpayer funds to rescue crypto companies or related financial institutions in the event of an industry crash or wave of bankruptcies, citing crypto’s volatility, history of corruption, and strong public opposition to a bailout. Framing the bill against Trump’s embrace of the “scandal-ridden” crypto industry, Durbin’s legislation would prohibit federal financial assistance aimed at preventing crypto-related failures, restrict access by crypto firms to Federal Reserve emergency lending under § 13(3), and block use of the Treasury’s Exchange Stabilization Fund for the benefit of the crypto sector. Supported by a range of consumer and financial reform organizations, the bill is presented as a safeguard to ensure that, unlike during the 2008 financial crisis, taxpayers are not forced to “hold the bag” for losses in a speculative digital asset market. For more information, click here.
On March 19, the U.S. Departments of Education (ED) and Treasury announced a new Federal Student Assistance Partnership under which Treasury will assume operational responsibility for collecting on defaulted federal student loans and, over time, provide broader operational support for managing ED’s nearly $1.7 trillion student loan portfolio and other Federal Student Aid (FSA) functions, with the stated goals of correcting what the Trump administration describes as years of mismanagement, mitigating taxpayer losses, and helping defaulted borrowers return to repayment. The agreement, framed by Education Secretary Linda McMahon and Treasury Secretary Scott Bessent as a historic step toward “breaking up the Federal education bureaucracy” and importing Treasury’s financial and operational expertise into student aid administration, will roll out in phases and feature direct communication with students, parents, borrowers, institutions, and vendors about timelines and changes. Building on prior efforts such as fixing the FAFSA process and modeled on recent interagency partnerships (including with the Department of Labor on an integrated education–workforce system), the partnership is intended to improve the delivery and stewardship of federal financial aid programs while imposing greater financial discipline on the student loan system. For more information, click here.
On March 18, the Internal Revenue Service (IRS) issued Notice 2026-20 extending through December 31, 2026, the temporary relief originally provided in Notice 2025-7 under Treas. Reg. § 1.1012-1(j)(3)(ii), allowing taxpayers, for federal income tax purposes, to make an adequate identification of digital asset units held in the custody of a broker by recording specific identifications or standing orders in their own books and records rather than communicating those identifications to the broker. During this expanded “relief period” (January 1, 2025, through December 31, 2026), taxpayers may rely on book-and-record identifications even if the broker reports basis and holding period information using different assumptions (such as FIFO) on Form 1099-DA, and taxpayers using the safe harbor in Rev. Proc. 2024-28 may also rely on this relief once that safe harbor’s requirements (including any global allocation) are satisfied. The notice clarifies that the choice of which digital asset units to treat as sold (for example, earliest acquired, latest acquired, or highest basis) is not a method of accounting under sections 446 or 481; that the relief applies only to broker-custodied digital assets and only for transactions within the relief period; that it does not alter brokers’ information reporting obligations or the effective date of the final digital asset basis regulations under § 1.1012-1(j); and that Notice 2025-7 is modified accordingly. For more information, click here.
On March 18, Senator Tim Scott, chairman of the Senate Banking, Housing, and Urban Affairs Committee, highlighted at the DC Blockchain Summit both the successful passage of the GENIUS Act — establishing a framework for payment stablecoins — and the need for Congress to finalize broader, bipartisan digital asset market structure legislation to provide clear “rules of the road” that keep innovation and economic opportunity in the U.S. In a fireside chat, Scott emphasized that momentum has grown in recent weeks on issues such as decentralized finance (DeFi), ethics, and jurisdictional questions, and that negotiations on topics like stablecoin yield remain constructive and inclusive of both the crypto industry and traditional financial institutions. He praised new SEC leadership under Chairman Paul Atkins for taking a more transparent, pro-innovation approach, and described a 10-year vision in which blockchain and digital assets are fully integrated into financial markets, government operations, and national defense, enhancing U.S. economic and strategic leadership. Drawing on feedback from South Carolinians and young Americans building wealth through digital assets, Scott underscored that this technology is “changing the face of wealth and opportunity and access,” urged industry advocates to stay engaged, and stressed that digital asset policy must be a unifying, bipartisan effort focused on America’s future rather than partisan divides. For more information, click here.
On March 17, the U.S. House Financial Services Committee held a hearing titled “Updating America’s Financial Privacy Framework for the 21st Century.” Among other things, the committee discussed a draft bill from Representative Bill Huizenga (R-MI) that would significantly update Title V of the Gramm‑Leach‑Bliley Act (GLBA) to reflect how financial data is collected, shared, and monetized in today’s market. The draft purports to give consumers greater control over their financial data, impose new limits on financial institutions and data aggregators, and create a more uniform national privacy regime for consumer financial information. Substantively, the draft shifts the focus of Title V from disclosure to overall “treatment” of consumer financial information. It would impose a statutory data‑minimization obligation, limiting collection, use, retention, and disclosure of nonpublic personal information to what is necessary for legitimate business, legal, or regulatory purposes. Consumers’ opt‑out rights would be strengthened by clarifying that they may direct a financial institution not to share nonpublic personal information with nonaffiliated third parties prior to initial disclosure as well as at any time thereafter. The draft also directly targets financial data aggregators and other nonaffiliated third parties that use consumer credentials to access accounts, requiring clear, upfront disclosures about how credentials will be used and shared, the associated privacy and security risks, and an opportunity for consumers to refuse such access. The bill would also significantly expand what must be included in GLBA privacy notices. For more information, click here.
On March 17, the SEC, in coordination with the CFTC, issued an interpretation clarifying how federal securities laws apply to certain crypto assets and related transactions, providing a coherent taxonomy for digital commodities, digital collectibles, digital tools, stablecoins, and digital securities, and explaining when a “non-security crypto asset” may become subject to, and later cease to be subject to, an investment contract analysis. The interpretation, which acknowledges that most crypto assets are not themselves securities and that investment contracts can terminate, also addresses the treatment of airdrops, protocol mining, protocol staking, and wrapping of nonsecurity crypto assets. Framed as an effort to deliver long-awaited regulatory clarity and harmonized SEC-CFTC oversight while Congress advances market structure legislation, the release emphasizes the agencies’ intent to create clear, rational rules of the road so that innovators, issuers, and investors can better understand the jurisdictional boundaries and compliance obligations applicable to crypto activity in the U.S. For more information, click here.
On March 17, the CFTC’s Market Participants Division issued a no-action letter (CFTC Letter No. 26-09) to Phantom Technologies Inc., a developer of self-custodial crypto asset wallet software, stating that it will not recommend enforcement against Phantom or certain personnel for failing to register as an introducing broker (IB) or associated persons solely in connection with providing and marketing front-end software that allows users to trade commission‑regulated derivatives (including event and perpetual contracts) through registered futures commission merchants, introducing brokers, and designated contract markets. The letter treats Phantom as a technology service vendor and emphasizes that its role must remain limited to passively enabling users to send orders directly to registered intermediaries without custody of assets, generating buy/sell signals, or exercising trading discretion, and is conditioned on measures such as user risk and conflict-of-interest disclosures, adherence to communications standards as if it were an IB, limits on advertising, joint and several liability undertakings with collaborating FCMs/IBs/Designated Contract Markets (DCMs), recordkeeping, and notice and reporting obligations. The relief applies only until the commission adopts rules or guidance on IB registration requirements for software providers. For more information, click here.
On March 17, CFTC Chairman Michael S. Selig, speaking at the 9th Annual DC Blockchain Summit, framed a “trust revolution” in which decentralized technologies — public blockchains, DeFi, and prediction markets — offer new, transparent ways to establish trust in both financial and information systems, in contrast to legacy institutions and prior regulatory approaches that he criticized as politicized, hostile to crypto, and prone to censorship and debanking. He argued that permissionless networks, smart contracts, and open-source code can democratize access to financial services and reduce reliance on centralized gatekeepers, while prediction markets and user-driven social media can function as decentralized mechanisms for truth discovery through price signals and broad participation. Highlighting recent SEC-CFTC coordination, including a new memorandum of understanding and efforts to develop a practical token taxonomy and clarify which onchain systems must register, Selig emphasized that jurisdictional clarity and engagement with developers are essential for compliant innovation to flourish in the U.S. He concluded that, under current national leadership, regulators should not suppress this shift but instead provide a balanced framework that allows decentralized, market-based systems to restore trust in America’s financial and information infrastructures. For more information, click here.
On March 16, the CFTC issued an Advance Notice of Proposed Rulemaking on “Prediction Markets,” seeking public comment on how the Commodity Exchange Act and CFTC core principles should apply to event contract derivatives traded on designated contract markets and swap execution facilities, including issues of listing standards, surveillance, manipulation risk, position limits, margin and clearing, reporting, and the treatment of such contracts as swaps or futures. The notice specifically asks for input on when event contracts should be deemed contrary to the public interest under CEA section 5c(c)(5)(C) — particularly those involving unlawful activity, terrorism, assassination, war, gaming, or similar activities — as well as on the use of inside information, contracts controlled by small groups or individuals, and the regulation of blockchain-based prediction markets. It also requests comment on the appropriate public-interest and cost‑benefit framework (including hedging, price discovery, market integrity, antitrust, and small‑entity impacts) that should guide any future CFTC rulemaking in this area. Written comments are due by April 30, 2026. For more information, click here.
On March 16, the CRS issued a report providing an overview of DeFi, describing it as a suite of permissionless, cryptocurrency-based financial services — built on public blockchains, smart contracts, and oracles — that replicate functions such as trading, lending, staking, and mixing without traditional intermediaries, but instead rely on overcollateralization, automated code, and pseudonymous self-custodied wallets. The report notes that while DeFi’s total value locked is about $98 billion as of March 2026 — small relative to traditional markets — it is growing and increasingly intersecting with the broader financial system via stablecoins and tokenization, raising questions about how (and whether) existing regulatory regimes under securities, commodities, and BSA/AML laws apply. CRS highlights key policy issues, including regulatory arbitrage between centralized and decentralized platforms, the potential build-up of risk in less-regulated sectors, challenges of policing illicit finance and mixers, and tensions between “same activity, same risk, same regulation” principles and industry pushes to exempt noncustodial developers and protocols — particularly in light of the GENIUS Act’s stablecoin framework, the House-passed CLARITY Act, and shifting enforcement postures under the Trump administration. The report concludes that Congress may need to decide whether to regulate DeFi directly, fold it into broader crypto market structure legislation, or codify certain exemptions, while weighing innovation, financial stability, AML/sanctions enforcement, and even potential First Amendment constraints on regulating open-source code and decentralized protocols. For more information, click here.
On March 16, it was reported that the SEC has voluntarily dismissed its civil enforcement action against BitClout founder Nader Al‑Naji and related relief defendants in the Southern District of New York, following a “reassessment of the evidentiary record” and a jointly stipulated filing entered on March 12. The case, filed in July 2024, had alleged that Al‑Naji raised more than $257 million through unregistered securities offerings tied to the BitClout token, a decentralized social networking project that tokenized Twitter (now X) profiles and attracted backing from major venture and crypto investors. This dismissal comes after the Department of Justice previously dropped its parallel wire‑fraud charge without prejudice, and places Al‑Naji’s matter alongside a growing list of high‑profile crypto enforcement actions that have been withdrawn or resolved since the onset of the Trump administration’s more crypto‑friendly posture. For more information, click here.
On March 13, Trump issued an Executive Order on Promoting Access to Mortgage Credit that directs financial regulators to reduce regulatory burdens on community and other smaller banks in order to expand mortgage availability and affordability, particularly for rural and low- and moderate-income borrowers. The order calls for reforms to Ability-to-Repay/Qualified Mortgage and TILA-RESPA Integrated Disclosure rules (including broader Qualified Mortgage safe harbors for portfolio loans, exemptions or adjustments for small mortgages, and streamlined rescission and refinancing requirements); modernization of Home Mortgage Disclosure Act data-collection thresholds; and alignment of capital and liquidity rules so that portfolio mortgages, servicing rights, and warehouse lines are risk-weighted more proportionately, supported by expanded and modernized Federal Home Loan Bank funding and collateral processes. It further urges revising supervisory guidance to encourage construction lending for one‑ to four‑family housing, modernizing appraisal rules and technology, advancing “digital mortgage” standards (e-signatures, e-notes, and remote online notarization), and providing greater servicing and supervisory certainty by focusing examinations and enforcement on borrower harm and repeated or willful misconduct rather than technical errors. Finally, the order encourages agencies to adopt enforcement and licensing policies that recognize good-faith compliance efforts, permit correction-first approaches, and eliminate duplicative or unnecessary licensing requirements for mortgage loan officers at smaller banks. For more information, click here.
On March 13, Senator Dick Durbin introduced the No Crypto in Social Security Act to bar the $2.56 trillion Social Security Trust Funds from ever investing in cryptocurrencies, warning that crypto’s extreme volatility and the president’s own crypto ventures make it a “risky asset” that could jeopardize benefits for roughly 70 million Americans if trust fund assets were exposed to market downturns or conflicts of interest. Framing Social Security as a “bedrock promise” that must not be “gambled away,” Durbin pointed to a roughly 45% decline in overall crypto market value between October 2025 and March 2026, and criticized recent Trump administration actions, including rescinding Department of Labor cautions about crypto in 401(k)s and directing regulators to ease retirement-plan access to crypto, while the president’s family reportedly gained more than $1.4 billion from crypto ventures. The bill, endorsed by leading retiree, labor, and consumer advocacy groups, builds on Durbin’s prior efforts in the 21st Century ROAD to Housing Act to prevent Social Security from investing in crypto, crack down on crypto ATM fraud, and ensure taxpayers never fund bailouts for crypto companies, consistent with his broader push for stronger guardrails on the crypto market to avoid a repeat of the 2008 financial crisis. For more information, click here.
On March 13, the Office of the Comptroller of the Currency (OCC) filed an amicus brief in the Seventh Circuit supporting banking and credit union trade associations’ challenge to Illinois’s Interchange Fee Prohibition Act (IFPA), arguing that both IFPA’s ban on collecting interchange fees on the tax and gratuity portions of card transactions and its restrictions on banks’ use of transaction data are preempted by the National Bank Act (and, by parallel reasoning, HOLA), because they prevent or significantly interfere with national banks’ federally authorized powers to lend, take deposits, process payments, charge noninterest fees, and use financial data. The OCC contends the district court applied an incorrect “direct regulation” standard and improperly focused on who “sets” interchange fees rather than on banks’ express power to charge and receive them, and that IFPA would impose “business‑ending” consequences, disrupt the nationally uniform card‑payment system, and invite a patchwork of state regimes. While urging reversal of the district court’s ruling that upheld IFPA’s interchange‑fee prohibition, the OCC agrees with and asks the court to affirm the holding that IFPA’s data‑usage limitation is preempted because it would in many respects eliminate banks’ ability to process and use transaction data for core functions such as fraud prevention, risk management, and customer service, thereby depriving them of the flexibility and efficiency federal law is designed to protect. For more information, click here.
On March 13, Beba LLC and the DeFi Education Fund voluntarily dismissed without prejudice their suit against the SEC, explaining that, in light of the SEC Crypto Task Force’s recent work and public comments suggesting a shift in the commission’s position on free airdrops, continuing the litigation was unnecessary for now and that they could refile if needed. The suit, originally filed on March 25, 2024, in the Western District of Texas, sought a declaratory judgment that Beba’s free airdrop of $BEBA tokens — used as a marketing tool to unlock access to exclusive apparel products — did not constitute a securities transaction and that the tokens themselves were not investment contracts, and further alleged that the SEC had unlawfully adopted a de facto “nearly all tokens are securities” enforcement policy in violation of the Administrative Procedure Act. Over 2024–2025, the SEC moved to dismiss, Beba and DEF amended and opposed the motion, and numerous industry groups and market participants filed amicus briefs supporting the plaintiffs or opposing the SEC’s motion, before the court ultimately placed the case in abeyance and the plaintiffs later chose to withdraw it in light of perceived regulatory movement. For more information, click here.
On March 12, Federal Reserve Vice Chair for Supervision Michelle W. Bowman, speaking at the Cato Institute, outlined forthcoming proposals to modernize U.S. bank capital requirements by implementing the final phase of Basel III and related reforms aimed at better aligning capital with actual risk while supporting credit to the real economy. She described a recalibrated framework for the largest banks across four pillars — stress testing, the supplementary leverage ratio, risk-based capital under Basel III, and the G-SIB surcharge — that would streamline overlapping calculations, improve risk sensitivity for credit, operational, market, and CVA risks, and realign the G-SIB surcharge with international standards and economic growth. Bowman also highlighted a new standardized approach for non-G-SIB banks and enhancements to the community bank leverage ratio intended to reduce regulatory burden and disincentives for traditional activities such as mortgage origination, servicing, and business lending, while maintaining robust capital. Collectively, she emphasized, the changes are expected to produce only modest net adjustments in capital requirements for large banks and slightly larger reductions for smaller, more traditional lenders, preserving resilience and safety and soundness while mitigating the migration of financial activity to less regulated nonbank sectors. For more information, click here.
On March 12, SEC Commissioner Hester Peirce, speaking at the SEC’s Investor Advisory Committee, framed her remarks around the 250th anniversary of Adam Smith’s Wealth of Nations to caution against overbearing regulation and emphasize a classical liberal focus on individual liberty and market-driven outcomes, then applied that philosophy to three current policy topics before the committee. She urged a rethinking and streamlining of public company disclosure requirements — criticizing, for example, complex executive compensation tables that obscure useful information — and welcomed long-overdue reform of mutual fund proxy voting rules, noting that current quorum requirements are costly and ill-suited to funds with largely retail shareholder bases, while stressing that proxy votes belong to the fund (and its adviser acting for that fund), not to individual shareholders. Turning to tokenization and blockchain, she previewed staff work on a narrow “innovation exemption” for limited trading in tokenized securities and asked the committee to sharpen its draft recommendation by addressing concrete questions, including: whether existing issuer disclosures already adequately describe ownership rights; whether tokenized security entitlements warrant different disclosures from traditional entitlements; why atomic settlement would require relief from T+1 rules; how to regulate when intermediaries are absent or do not fit existing Exchange Act categories; whether multiple tokenization models and issuer-consent requirements should be allowed within any exemption; and what conditions are needed to preserve core investor protections and prevent regulatory arbitrage. For more information, click here.
On March 10, the CRS issued an In Focus report outlining key policy issues in the $1.67 trillion U.S. automobile loan market, highlighting that rising vehicle prices, higher interest rates, and longer loan terms have increased borrowers’ costs and contributed to elevated delinquencies, particularly among subprime and near-prime borrowers with loans originated from 2021–2023. The report explains that most auto loans are indirectly originated through dealers, who may receive discretionary rate markups, and that roughly half of loans come from depository institutions serving generally lower-risk borrowers, while captive and nonbank finance companies and “Buy Here, Pay Here” dealers tend to lend at higher rates to riskier segments. It reviews the regulatory framework centered on the Consumer Financial Protection Bureau’s (CFPB) authority under Dodd-Frank and related statutes, noting gaps in direct oversight of auto dealers and recent CFPB actions, including an advance notice of proposed rulemaking to expand its supervision of larger nonbanks and a proposed rule that would bar disparate impact claims under the Equal Credit Opportunity Act, consistent with the current Administration’s meritocracy-focused policy stance. The report also flags how broader federal policies influence auto affordability and loan costs — such as tariffs, changes to Corporate Average Fuel Economy (CAFE) standards, and the P.L. 119-21 above-the-line deduction of up to $10,000 in auto loan interest for qualifying U.S.-assembled vehicles — framing ongoing congressional debates over how to balance consumer protection, credit access, and industry burden in the auto finance market. For more information, click here.
On March 10, the National Credit Union Administration (NCUA) announced the seventh round of proposed regulatory changes under its Deregulation Project, seeking public comment on revisions to its Records Preservation Program rule at 12 C.F.R. § 749 that aim to reduce obsolete, overly burdensome, and duplicative requirements while sharpening the focus on safety, soundness, and resilience. The proposal would remove Appendices A and B (relocating guidance outside the regulation), formally define “vital member services” and “vital records,” revise headings and text to clarify that Part 749 applies only to vital records, and expressly allow records preservation logs to be maintained in electronic form. It would also permit destruction of older versions of records unless another law or regulation requires retention and clarify that credit unions using third-party service providers for vital records must exercise effective oversight, collectively giving boards more flexibility in records destruction, improving clarity about regulatory obligations versus guidance, and modernizing recordkeeping practices while maintaining necessary protections. For more information, click here.
State Activities:
On March 18, New York Governor Kathy Hochul signed Chapter 90 (S.8830) into law, amending the General Business Law provisions on coerced debt that were enacted in 2025 to refine and implement the new protections for victims. The chapter amendment clarifies and narrows the statutory definition of “coerced debt,” to consumer debt incurred through duress, intimidation, threats, force, or similar conduct within specific relationships, including family members, intimate partners, caregivers, and traffickers. The law further adjusts the structure of how and when the protections apply in actions involving coerced obligations, and expressly permits creditors to disclose debtor information when reasonably necessary to bring or defend an action. It also creates a cure period and safe-harbor mechanism for creditors that make good-faith efforts to address coerced debt claims, while preserving and implementing the underlying law’s core policy: limiting certain collection actions and establishing a civil right of action for individuals whose debts were incurred through coercion. For more information, click here.
On March 13, the Florida Office of Financial Regulation (OFR) filed a final order approving and incorporating a stipulation and consent agreement with Patriot Software, LLC, resolving allegations that the company engaged in unlicensed money transmission activity in Florida from January 1, 2011, through August 25, 2025 in violation of Chapter 560, Florida Statutes. Without admitting or denying the findings for purposes of the settlement, Patriot Software agreed to future compliance with Chapter 560, to pay an administrative fine of $155,000, and to accept entry of a final order adopting the agreement as the agency’s findings of fact and conclusions of law, while waiving any rights to a separate administrative hearing, recommended order, or appeal of the agreement’s terms. In return, OFR agreed to approve the pending money transmitter license application of Patriot Software’s subsidiary, Patriot Pay, LLC, within one business day of entry of the final order, and the agreement provides that any future noncompliance with its terms may subject Patriot Software to additional enforcement, including a potential emergency cease‑and‑desist order. For more information, click here.
On March 13, the California Court of Appeal (Sixth Appellate District) reversed a judgment dismissing the plaintiff’s putative class action against debt buyer LVNV Funding, LLC, holding that the Fair Debt Buying Practices Act confers standing on a consumer who merely alleges a statutory violation, without any need to plead or prove additional “actual harm.” The plaintiff alleged that LVNV, which had purchased his charged‑off debt and then, through its agent, sent him a collection letter, violated the act because the required notice of his right to request records was printed in a font smaller than 12‑point type. The trial court granted LVNV judgment on the pleadings on the theory that the plaintiff lacked standing under California law absent allegations of concrete injury. The court of appeal rejected that reasoning, emphasizing the act’s remedial scheme, which makes a debt buyer that “violates any provision” of the act liable for actual damages (if any) plus discretionary statutory damages. The court held that the legislature treated the violation of these informational requirements as a cognizable injury in itself and intended to allow enforcement via statutory damages even where no further harm is alleged, and thus the plaintiff had standing and his case must proceed. For more information, click here.
On March 13, the “New York Financial Data Rights Act,” (A.10640) was introduced, which would amend New York state banking law to create a new article 14‑C granting New York consumers and small businesses a statutory right to access and port their financial data, at no charge, to authorized third parties. The bill defines “covered data” broadly to include at least 24 months of transaction history, balances, payment-initiation details, product terms and fee schedules, upcoming bills, and basic identity information, and requires banks and other covered financial institutions to provide that data in a secure, electronic, machine‑readable format via a developer interface. It bars “unreasonable” denial or impairment of access — placing the burden on institutions to justify any refusal on safety‑and‑soundness or legal grounds and to notify customers of denials — and prohibits any fees related to data access or the operation of the interface. The bill also imposes obligations on “authorized representatives” (such as fintechs) to obtain express informed consent, offer simple revocation mechanisms, limit collection and use of data to what is reasonably necessary, and maintain Gramm‑Leach‑Bliley-level information security, while directing institutions to authenticate access using the same processes as online banking. Enforcement authority would rest with the Superintendent of Financial Services, with civil penalties up to $10,000 per violation, and the act would take effect 60 days after becoming law. For more information, click here.
On March 11, South Dakota Governor Larry Rhoden signed Senate Bill 98 into law, creating a new chapter in title 51A to prevent virtual currency kiosk fraud by requiring all kiosk operators to be licensed money transmitters and imposing detailed consumer protection, reporting, and anti-fraud obligations. The act mandates granular quarterly and annual reporting on kiosk activity, complaints, refunds, and suspicious activity; requires clear receipts and multilingual disclosures that warn users about fraud risks and the lack of federal deposit or investor protections; caps per-user transactions at $1,000 per day and $10,000 per 30-day period; and limits total charges on a transaction to 25%. It also obligates licensees to offer live customer service, promptly refund fraud victims who timely report and substantiate scams, implement written anti-fraud and BSA compliance programs, deploy blockchain analytics to block known high-risk or foreign illicit addresses, verify user identity and collect specified know-your-customer information at the kiosk, cooperate with law enforcement through dedicated contact channels, and annually train onsite kiosk staff to recognize and help prevent virtual currency fraud. For more information, click here.
On March 9, Indiana Governor Mike Braun signed into law House Enrolled Act 1116, which immediately amends the state deceptive consumer sales statute and creates a new Chapter 7 in IC 28-8 to prohibit the operation of virtual currency kiosks anywhere in Indiana and to treat any such operation as a “deceptive act” enforceable by the attorney general (AG). The act defines “virtual currency,” “virtual currency kiosk,” “operator,” “user,” and “charges,” and provides that no person may operate a virtual currency kiosk in the state, with violations actionable under IC 24-5-0.5 and subject to consumer protection remedies and penalties. In addition to those remedies, courts may order violators to forfeit to the state all charges collected from users during the period of unlawful operation, forfeit any kiosks owned and located in Indiana, and reimburse the AG’s investigative costs, and premises owners who knowingly or intentionally allow kiosks on their property may also be liable, with all remedies being cumulative. For more information, click here.