Photo of Ethan G. Ostroff

Ethan G. Ostroff

Subscribe to Ethan G. Ostroff's Posts

Ethan’s practice focuses on financial services litigation and compliance counseling, as well as digital assets and blockchain technology. With a long track record of successful litigation results across the U.S., both bank and non-bank clients rely on him for comprehensive advice throughout their business cycle.

Follow:Read more about Ethan G. OstroffEthan G.'s Linkedin Profile

In a significant turn of events, the Consumer Financial Protection Bureau (CFPB or Bureau) has decided to initiate a new rulemaking process concerning its final rule on personal financial data rights under Section 1033 of the Consumer Financial Protection Act of 2010 (1033 rule). This decision comes amidst ongoing legal challenges, notably from Forcht Bank, N.A.; Kentucky Bankers Association; and the Bank Policy Institute, which filed a lawsuit immediately after the 1033 rule was finalized challenging it.

Today, the New York City Department of Consumer and Worker Protection (NYC DCWP) announced another delay in the effective date of its amended debt collection rules. This marks the second postponement. As discussed here, the rules were initially set to take effect on December 1, 2024. Then the enforcement date was first postponed to April 1, 2025, following industry concerns and legal challenges, and then to October 1, 2025. However, the NYC DCWP has now stated that the rules will not go into effect on October 1, 2025, and has committed to providing an update at least three months prior to the new effective date.

On July 14, the Federal Trade Commission (FTC) secured a court order aimed at halting allegedly deceptive practices against seven companies and three individuals operating the “Accelerated Debt” program. The defendants allegedly contacted consumers through telemarketing calls or in response to calls resulting from their mail and online ads and made false claims about their ability to substantially reduce consumer debts and misleading consumers about fees. The FTC alleged these actions violated the FTC Act, the Telemarketing Sales Rule, the Impersonation Rule, the Fair Credit Reporting Act (FCRA), and § 521 of the Gramm-Leach-Bliley Act by making false statements to get consumers’ financial account numbers. The court’s order includes a temporary restraining order, asset freeze, and the appointment of a temporary receiver to oversee the defendants’ business operations.

On July 18, America’s Credit Unions sent a letter to the Honorable Kyle Hauptman, Chairman of the National Credit Union Administration (NCUA), urging the agency to initiate rulemaking that would allow credit unions to take custody of digital assets for their members. This request comes in the wake of the recently enacted “Guiding and Establishing National Innovation for U.S. Stablecoins Act of 2025” (GENIUS Act), which provides a comprehensive federal framework for the regulation of payment stablecoins.

On July 14, the Consumer Financial Protection Bureau (CFPB or Bureau) filed a status report announcing its decision not to reissue its Medical Debt Collection Advisory Opinion, which had been issued in 2024 to “remind debt collectors of their obligations to comply with the Fair Debt Collection Practices Act [FDCPA] and Regulation F’s prohibition on false, deceptive, or misleading representations or means in connection with the collection of any medical debt and unfair or unconscionable means to collect or attempt to collect any medical debt.” The Advisory Opinion had been challenged in the U.S. District Court for the District of Columbia by ACA International and Collection Bureau Services, Inc.

On July 14, the Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System (the Board), and the Federal Deposit Insurance Corporation (FDIC) jointly issued a statement addressing the safekeeping of crypto-assets by banking organizations on behalf of their customers. This announcement clarifies how existing laws, regulations, and risk management principles apply to the safekeeping of crypto-assets by banks and does not create any new supervisory expectations. Importantly, the federal banking regulators clearly signal that banks can serve as custodians of digital assets including storing cryptographic keys.

Recently, the Department of Financial Protection and Innovation (DFPI) in California issued a consent order against Coinme Inc., a company operating digital financial asset kiosks, commonly known as Bitcoin ATMs, across the state. This order comes after findings that Coinme violated several provisions of the California Consumer Financial Protection Law (CCFPL) and the Digital Financial Assets Law (DFAL). Notably, this is the first enforcement action taken under the DFAL and signals that DFPI is focused on trying to prevent scammers from taking advantage of Californians.