To keep you informed of recent activities, below are several of the most significant federal events that have influenced the Consumer Financial Services industry over the past week.
Federal Activities:
On May 22, the Board of Directors of the Federal Deposit Insurance Corporation (FDIC) approved a notice of proposed rulemaking to implement Bank Secrecy Act (BSA) and sanctions compliance standards for FDIC‑supervised permitted payment stablecoin issuers (PPSIs) as required by the GENIUS Act, establishing that PPSIs must comply with applicable anti‑money laundering and countering the financing of terrorism (AML/CFT) regulations, economic sanctions programs, and related reporting requirements, including those of the Financial Crimes Enforcement Network (FinCEN) and Office of Foreign Assets Control (OFAC). The proposal would also align supervision and enforcement provisions for PPSI AML/CFT programs with FinCEN’s framework, clarifying expectations and enforcement tools for these entities. Comments will be accepted for 60 days after publication in the Federal Register, and under the GENIUS Act, the FDIC serves as the primary federal regulator for PPSIs that are subsidiaries of insured state nonmember banks and state savings associations approved by the FDIC to issue payment stablecoins. For more information, click here.
On May 21, the U.S. Securities and Exchange Commission (SEC) and the National Futures Association announced a memorandum of understanding (MOU) to enhance regulatory coordination and information sharing in areas of common interest, including emerging risks, examination planning, and market conditions, with the goal of improving oversight quality while minimizing duplicative efforts. The MOU, which is nonbinding and preserves each body’s independence and enforcement authority, establishes a framework for periodic staff meetings, coordinated supervision of jointly regulated or affiliated firms, and discretionary sharing of examination findings and market-risk assessments related to securities and derivatives markets. It sets detailed expectations for the permissible use and confidentiality of nonpublic information, requires robust safeguards consistent with federal information security standards, and confirms that information sharing will not waive applicable privileges, thereby providing a more predictable and streamlined compliance environment for entities overseen by both regulators. For more information, click here.
On May 21, the U.S. House Financial Services Subcommittee on National Security, Illicit Finance, and International Financial Institutions held a hearing titled “Modernizing the BSA for Financial Crime in the 21st Century” to examine how to update the BSA’s AML framework. In his opening statement, Chairman Warren Davidson emphasized that current requirements generate massive volumes of largely unused reports and impose heavy compliance burdens without commensurate law‑enforcement benefit, calling for higher currency transaction report and suspicious activity report thresholds, a more risk‑based, intelligence‑driven approach, and greater use of artificial intelligence so financial institutions can focus on truly suspicious activity rather than “check‑the‑box” reporting. Witnesses provided perspectives on leveraging technology, reforming examinations, and ensuring that any shift away from volume does not undermine the national security value of BSA data, including in the context of related legislation such as the draft Small Business Relief Act of 2026. For more information, click here and here.
On May 21, U.S. Senate Banking Committee Chairman Tim Scott (R-SC) issued an ICYMI summary of his Fox Business in-depth interview with Charles Payne, highlighting the Committee’s historic progress on digital asset market structure and stablecoin legislation, his goal of keeping the U.S. at the forefront of global crypto and financial innovation, and the importance of clear “rules of the road” that protect consumers while lowering costs and speeding transactions. Scott emphasized that affordability is “job one” for the Banking Committee, underscored growing bipartisan momentum behind digital asset legislation, and outlined key negotiated issues (rewards, ethics, quorum, DeFi, and AML) that had to be resolved. He stressed that digital assets and stablecoins can democratize finance by giving everyday Americans more control over their money, expand access to financial tools, and function much like a digital cashier’s check, while stablecoin reforms under the GENIUS Act are designed to make U.S. Treasuries more attractive globally and reinforce the U.S. dollar’s role as the world’s reserve currency. For more information, click here.
On May 21, the U.S. House Financial Services Subcommittee on Digital Assets, Financial Technology, and Artificial Intelligence issued a press release on its hearing examining how bank-fintech partnerships are modernizing financial services, with Chairman Bryan Steil and other members emphasizing both the benefits of these arrangements and the need for clearer, better-calibrated regulatory frameworks. Members highlighted that bank-fintech collaborations are expanding access to innovative products, improving compliance and documentation, modernizing payments, and supporting small businesses and rural communities, while also underscoring concerns that regulators and examiners are not keeping pace with rapid technological change and require significant upskilling. Witnesses described how partnerships around digital assets, AI, data networks, and nontraditional underwriting can broaden credit access and extend the reach of community banks, provided they are supported by robust compliance frameworks, subject-matter expertise, and targeted regulatory reforms that preserve consumer protection, data security, and financial integrity while enabling responsible innovation. For more information, click here.
On May 21, the SEC proposed rules to simplify and recalibrate public company filer categories by consolidating Exchange Act reporting companies into two primary groups, large accelerated filers and non‑accelerated filers, and extending scaled accommodations to a broader universe of smaller issuers. The proposal would raise the large accelerated filer public float threshold from $700 million to $2 billion, add a 60‑month seasoning period and a two‑year lookback test before a company can move into or out of large accelerated status, and make all other issuers non‑accelerated filers eligible for the current smaller‑reporting‑company and emerging‑growth‑company style accommodations (including two years of audited financials, scaled Management’s Discussion and Analysis and executive compensation, exemption from the Internal Control over Financial Reporting auditor attestation, and, for the smallest companies, extended periodic report filing deadlines). The SEC would eliminate the separate “accelerated filer” and “smaller reporting company” categories, update the definition of “small entity” for Regulatory Flexibility Act purposes, continue to require full, non‑scaled disclosure and faster deadlines only for the largest issuers that collectively represent about 93.5% of U.S. public equity market float, and maintain separate treatment for asset‑backed issuers and most foreign private issuers. Comments must be received by July 20, 2026. For more information, click here.
On May 20, the Federal Reserve Board issued a proposal (following a December 2025 request for information) to create a new, special-purpose “payment account” that eligible financial institutions could use solely to clear and settle payments. The proposed payment account is designed as a constrained alternative to a traditional master account, aimed especially at uninsured depository institutions and other nontraditional firms seeking direct access to the Fed’s payment rails. The core concept is to allow these institutions to clear and settle payments at the Federal Reserve, while sharply limiting risk to the Reserve Banks, the payment system, and monetary policy. At the same time, the Board signaled that Federal Reserve Banks should temporarily pause decisions on certain master account applications from higher-risk institutions while this policy work proceeds. If adopted, the new account type would be implemented through coordinated changes to the Federal Reserve’s Payment System Risk (PSR) Policy (including a new Part IV on accounts and services), the Account Access Guidelines, Regulation A, and Regulation D. For more information, click here.
On May 20, Senator Mike Crapo (R-ID) announced his support for the bipartisan Strengthening Agency Frameworks for Enforcement of Cryptocurrency (SAFE Crypto) Act, which would create an intergovernmental task force, chaired by the U.S. Department of the Treasury and including key federal agencies, law enforcement, state regulators, and private-sector stakeholders, to improve coordination in detecting, disrupting, and preventing cryptocurrency-related fraud amid rising crypto scam losses. The task force would leverage blockchain intelligence and public‑private collaboration to track and interdict illicit networks in real time, issue an initial update within one year to the Senate Banking and Agriculture Committees and the House Financial Services and Agriculture Committees, and provide annual reports thereafter, with representation from stablecoin issuers, exchanges, custodians, blockchain analytics firms, consumer advocates, and law enforcement at all levels to help safeguard Americans from crypto-enabled financial crime. For more information, click here.
On May 20, the U.S. Department of Housing and Urban Development (HUD) announced its State and Local Best Practices for Home Construction Report, outlining recommended regulatory reforms for state and local governments to reduce homebuilding costs, unlock land for new housing supply, and accelerate construction timelines in order to expand affordable homeownership. HUD emphasized that regulatory costs can add more than $100,000 to the price of a new single-family home (with some green energy code mandates adding up to $30,000) highlighting that 2025 deregulation efforts are projected to save Americans a collective $212 billion. As part of implementing President Donald Trump’s Executive Order 14394 on removing regulatory barriers to affordable home construction, HUD noted actions already taken, including rescinding the 2021 International Energy Conservation Code, ending the prior administration’s Affirmatively Furthering Fair Housing rule, rescinding certain Federal Housing Administration single‑family mortgage insurance rules, and supporting homeownership and housing affordability for over one million Americans, including more than half a million first‑time buyers. For more information, click here.
On May 19, the Federal Financial Institutions Examination Council issued a notice and request for comment on proposed revisions to the Uniform Financial Institutions Rating System (UFIRS), or CAMELS, aimed at strengthening the link between ratings and a financial institution’s safety and soundness by focusing composite and component ratings on factors that materially affect financial condition and risk profile, and by improving transparency. The proposal would remove the current “special consideration” given to the management component, narrow management evaluation factors to the most material risk‑management issues and tie ratings of 3 or worse to demonstrable material financial risk or significant noncompliance, and limit the impact of specialty review findings (e.g., consumer compliance, BSA/AML) on CAMELS ratings to situations where they pose material financial risks or reflect significant legal violations. It would also revise composite rating definitions to establish clearer thresholds for ratings 1–5, refine and standardize risk‑management evaluation factors across all components, modernize terminology (including updating to “allowance for credit losses” under Current Expected Credit Losses and removing “reputation risk”), and clarify that any additional evaluation factors used must be critical to assessing an institution’s financial condition or risk profile and be specifically documented, with comments on the proposal due by August 17, 2026. For more information, click here.
On May 19, Trump signed an executive order titled “Integrating Financial Technology Innovation into Regulatory Frameworks.” The order directs federal financial regulators to review and streamline regulations, guidance, supervisory practices, and application processes that may impede financial technology (fintech) innovation and competition, and it asks the Federal Reserve to evaluate potential direct access to Reserve Bank accounts and services for uninsured depository institutions and certain nonbank financial firms, including digital asset companies. The executive order is best understood as a high‑level policy and process directive rather than an immediate change to substantive law. The administration is clearly prioritizing financial innovation, removing regulatory burdens, and promoting fintech competition to facilitate integration of digital assets and other novel fintech into traditional financial services and payment systems, and views existing regulatory frameworks as favoring incumbents in ways that may no longer be justified. However, the order does not change existing law but rather must be implemented “consistent with applicable law,” and expressly states that it creates no enforceable rights. For more information, click here.
On May 19, Congressman Max Miller (R-OH) and Congressman Steven Horsford (D-NV) introduced the bipartisan Digital PARITY Act to modernize the federal tax code for digital assets by creating clearer, more consistent tax rules that both support innovation and close perceived loopholes. The bill would establish common-sense tax treatment for regulated payment stablecoins so routine payments do not trigger unnecessary tax reporting, clarify source‑of‑income rules for digital asset trading, and extend existing securities‑lending rules to bona fide digital asset lending. It would also apply wash‑sale and constructive‑sale rules to digital assets, allow mark‑to‑market elections for digital asset dealers and traders, create an elective framework for staking and mining rewards that recognizes income but permits deferral to address liquidity concerns, modernize charitable contribution rules to distinguish between highly liquid and speculative tokens, and direct Treasury to study a de minimis threshold for native tokens while issuing interim administrative guidance. For more information, click here.
On May 19, Trump signed the “Restoring Integrity to America’s Financial System” executive order, directing Treasury, the federal banking regulators, and the Consumer Financial Protection Bureau (CFPB) to tighten BSA and credit‑risk standards in ways that specifically target financial activity involving non-work‑authorized and removable noncitizens and their employers. The order declares it U.S. policy to treat low‑dollar cross‑border transfers and basic financial services as potential vehicles for terrorism, narcotics and human trafficking, and other illicit finance absent robust know‑your‑customer controls, and instructs Treasury to issue an advisory detailing red flags and typologies (e.g., payroll tax evasion schemes, funnel accounts, unregistered money services businesses, structured cash transactions, labor‑trafficking indicators, and ITIN‑based accounts without verified lawful status). It further directs Treasury and the prudential regulators to consider BSA regulatory changes that would strengthen risk‑based customer due diligence and identification requirements — potentially including collection of immigration and work‑authorization information and limits on the use of foreign consular IDs — and requires the CFPB and the banking regulators to clarify that deportation and loss of wages for nonwork‑authorized borrowers are relevant “ability‑to‑repay” considerations and to issue guidance on managing the structural credit risks such borrowers pose to insured institutions. For more information, click here.
On May 18, the SEC announced that it has rescinded Rule 202.5(e), the informal rule that, since 1972, conditioned settlement of an enforcement action on a defendant’s agreement not to publicly deny the Commission’s allegations. In its press release, the SEC said the policy had set the agency apart from most other federal regulators and may have created the misimpression that the Commission was trying to insulate itself from criticism, and it emphasized that ending the policy will give the SEC greater flexibility to resolve cases while preserving resources and speeding relief to investors. The most significant practical point is that the SEC is not only eliminating the policy going forward, but also disavowing enforcement of existing no‑deny provisions. The Commission stated that it is not aware of ever having moved to reopen a case based on a breach of a no‑deny clause, and that in light of the rescission it will not seek to vacate prior settlements or reopen administrative proceedings if a settling defendant now publicly denies the allegations. The SEC also made clear what has not changed. The agency’s basic “neither admit nor deny” settlement framework remains intact, and the rescission does not limit the Commission’s ability either to settle without admissions or, in appropriate cases, to require admissions as a condition of settlement. What has changed is that the agency will no longer require a blanket promise of silence or nondenial as the price of resolving an enforcement action. For more information, click here.
On May 18, the U.S. Small Business Administration (SBA) announced a new rule doubling the cumulative borrowing limit across its 7(a) and 504 programs from $5 million to $10 million in SBA‑backed financing, effective July 4, allowing eligible small businesses in all industries to combine up to $5 million in 7(a) funding with up to $5 million in 504 financing. Framed by Administrator Kelly Loeffler as part of the Trump administration’s “America First” economic agenda, the rule decouples 7(a) balances from the 504 cap to give capital‑intensive firms (such as those in construction, logistics, energy, and food production) greater flexibility to pair long‑term, fixed‑rate financing for real estate and equipment with working capital for operations and expansion, and permits small manufacturers, who can already obtain multiple 504 loans for distinct projects, to also access up to $5 million in 7(a) loans. SBA highlighted this as the highest maximum financing level in the agency’s history and noted it complements other recent initiatives, including fee waivers for manufacturing NAICS codes, a dedicated manufacturing loan program, 90% “Made in America” and “Grocery” guarantees, and the 7(a) Working Capital Pilot, all aimed at supporting record small‑business formation, resurgent manufacturing job growth, and expanded access to credit. For more information, click here.
State Activities:
On May 21, the New York Department of Financial Services (DFS) issued an industry letter to entities and individuals it regulates, providing nonbinding guidance on measures they should consider when operating in a heightened cybersecurity threat environment, such as during geopolitical tensions or in light of technological developments like frontier AI models. The letter explains that while 23 NYCRR Part 500 already establishes minimum cybersecurity requirements, regulated entities may need to go beyond those baselines by reducing their attack surface (for example, promptly remediating known exploited vulnerabilities, enforcing phishing‑resistant MFA, segmenting networks, and tightening privileged access), enhancing threat detection and readiness (including updating intrusion detection and response tools, improving log monitoring, acting on threat intelligence, and engaging third‑party service providers), and strengthening resilience and response capabilities (such as testing backup integrity, refining incident response and business continuity plans, planning communications for prolonged disruptions, ensuring critical operational technology can function during outages, and closely monitoring financial and virtual currency transactions for sanctions and AML compliance). For more information, click here.
Also on May 21, the New York State DFS issued an industry letter to chief information security officers (CISOs) of DFS‑regulated entities warning of heightened cybersecurity risks associated with powerful “frontier” AI models that can rapidly identify and exploit system vulnerabilities, urging firms to strengthen their security posture in anticipation of broader availability of such tools. The advisory, which does not create new legal obligations, emphasizes that the best preparation is a robust cybersecurity program fully compliant with 23 NYCRR Part 500, supported by updated risk assessments, potential replacement of legacy systems, and use of the Department’s companion guidance on heightened threat environments. DFS highlights specific priorities for frontier‑AI‑related risk: accelerating vulnerability management and remediation; mapping and coordinating with critical third‑party and downstream dependencies; tightening secure programming practices and validating inputs and AI‑generated code before production use; and enhancing logging, security event alerting, and testing of operational resilience procedures, while encouraging entities to take any additional steps needed to address their particular risks and referencing its October 2024 AI cybersecurity guidance for further detail. For more information, click here.
On May 20, Vermont Governor Phil Scott approved H.385, an act relating to remedies and protections for victims of coerced debt, which defines “coerced debt” incurred through domestic abuse, human trafficking, or exploitation of vulnerable adults, declares such debt unenforceable once substantiated, and establishes a detailed process for victims to submit sworn statements and documentation that triggers creditor duties to halt collection, investigate, and correct related credit reporting, while preserving confidentiality of sensitive information. The act creates civil remedies allowing courts to vacate default judgments on coerced debt, shift the burden to creditors once a prima facie case is shown, and grant both creditors and debtors causes of action against perpetrators, with specified limitation periods and protections against future abuse, as well as enforcement under Vermont’s unfair and deceptive acts statute. In addition, the act authorizes banks and credit unions to delay or refuse suspicious customer-directed transactions, notify certain trusted third parties, and receive immunity for good-faith protective actions to prevent financial exploitation, and it directs the commissioner of financial regulation to collect data and report on suspicious transaction holds and coerced debt claims. Certain provisions (including identity theft complaints and financial exploitation protections) take effect upon passage, while the coerced debt remedies, credit reporting obligations, and related reporting requirements take effect on July 1, 2028, and apply to all outstanding coerced debt, including debt incurred before that date. For more information, click here.
On May 19, New York Attorney General Letitia James co-led a coalition of 24 states, the District of Columbia, and the governors of Kentucky and Pennsylvania in suing the Trump administration over a new U.S. Department of Education rule that sharply narrows which programs qualify as “professional” degrees for purposes of higher federal student loan limits, effectively capping many health care and related programs at $20,500 per year in federal loans. The lawsuit argues that by excluding programs such as nursing, physical therapy, occupational therapy, physician assistant studies, social work, speech-language pathology, audiology, and athletic training from the higher $200,000 lifetime “professional degree” cap Congress intended, and by unlawfully stripping grandfather protections from students who transfer or temporarily withdraw and re-enroll, the rule forces students into more expensive private debt or out of these programs altogether, exacerbates already severe health care workforce shortages, harms public institutions’ finances, and violates the Administrative Procedure Act as arbitrary, capricious, and contrary to federal law; the coalition asks the court to block the rule and restore access to the higher federal loan limits as Congress enacted. For more information, click here.
On May 18, the California Department of Financial Protection and Innovation (DFPI) announced that Anh Management, LLC, doing business as Hermes Bitcoin, must shut down all 42 of its California digital asset kiosks by May 20 and is permanently barred from engaging in any digital financial asset business in the state, after investigators found repeated violations of the Digital Financial Assets Law, the California Consumer Financial Protection Law, and federal anti-money laundering rules, including accepting more than $1,000 in cash per customer per day, charging excessive fees, failing to provide required pre‑transaction disclosures, issuing deficient receipts, and operating an ineffective BSA/AML program. DFPI characterized the action as part of its broader effort to protect consumers from fraud and abuse in the crypto kiosk sector. For more information, click here.
On May 12, Maryland Governor Wes Moore signed two measures overhauling aspects of the state’s financial regulatory framework. The first, SB 741, updates virtual currency kiosk oversight by expanding the definition of “virtual currency kiosk operator” to cover anyone who installs or operates software that enables a stand‑alone device to provide virtual currency services in the state, while expressly excluding cash activity tied to credit, deposit, or convenience accounts so those services remain regulated under Maryland’s existing ATM framework and requiring that kiosks not provide the same services as ATMs. The second, HB 38, revises licensing rules for “affiliated insurance producer-mortgage loan originators” by allowing commissioner‑approved licensed mortgage lenders and brokers in good standing to sponsor such licensees (in addition to qualifying financial institutions), and permitting sponsored originators to originate loans for multiple approved institutions rather than a single exclusive lender, while maintaining prohibitions on handling borrower funds, receiving finder’s fees, or making/servicing loans and preserving sponsors’ supervisory duties, joint and several liability, and surety bond obligations. Both laws take effect October 1. For more information, click here and here.
On May 11, the Illinois Department of Financial and Professional Regulation (IDFPR) announced a new unified online complaint portal for its Division of Banking and Division of Financial Institutions, streamlining how Illinois consumers lodge complaints against a wide range of regulated financial entities, including state-chartered banks, credit unions, debt collectors, money transmitters, consumer lenders, student loan servicers, mortgage lenders, and pawnbrokers. Citing a sharp national increase in CFPB complaints and a steep decline in federal mediation success, IDFPR leaders framed the modernization as a state-level response to a federal enforcement “step back,” intended to make it easier for consumers to report problems, improve early detection of industry issues, strengthen voluntary mediation, and support enforcement of protections such as the state’s 36% APR cap under the Predatory Loan Prevention Act. For more information, click here.
On May 11, the Texas banking commissioner entered a consent order against SeedTrust, LLC, a Florida-based escrow provider for surrogacy arrangements, concluding that its receipt and later disbursement of client funds constituted unlicensed money transmission under Finance Code Chapters 151 and 152, imposing a $90,000 administrative penalty, requiring $50,000 in surrogacy-related pro bono services for Texas residents over one year, and directing the company within 90 days either to file a complete money transmission license application or cease Texas operations and return customer funds. Three days prior, on May 8, 2026, the commissioner issued a separate consent order against Brotherhood Works, LLC, an Indiana payroll processor, finding that its payroll processing activities likewise qualified as money transmission without a license, assessing a $75,000 administrative penalty, and requiring the firm to continue its good-faith efforts to complete its pending Texas money transmission license application or, if that application is withdrawn or denied, to promptly notify Texas customers, wind down money transmission activity within 60 days, and confirm in writing that all unlicensed activity has ceased. For more information, please click here and here.