On October 16, the New York State Department of Financial Services (NY DFS) issued an industry letter to entities regulated by NY DFS (covered entities) providing guidance addressing the cybersecurity risks associated with the use of artificial intelligence (AI). The guidance purportedly aims to assist covered entities in understanding and assessing cybersecurity risks associated with threats arising from the use of AI by cybercriminals and the controls that may be used to mitigate those risks. The NY DFS emphasizes that this new guidance does not impose any new requirements on covered entities, but rather it provides an outline for meeting existing compliance obligations under the NY DFS Cybersecurity Regulation, 23 NYCRR Part 500, in light of the advancements in AI technology.

In the latest episode of Payments Pros, host Carlin McCrory is joined by Jason Cover to discuss the role of artificial intelligence (AI) in the payments industry. They define AI and generative AI, highlighting its capabilities in generating text, images, and other data. Jason outlines four key considerations for using AI: ensuring data quality, adhering to applicable laws, understanding AI operations, and maintaining human oversight.

In the latest episode of The Crypto Exchange, host Ethan Ostroff is joined by Addison Morgan to discuss the recent CFTC enforcement action against Uniswap. The CFTC alleged that Uniswap violated the Commodity Exchange Act (CEA) by facilitating retail commodity transactions on behalf of non-eligible contract participants (i.e., retail consumers) through its decentralized exchange, which enabled consumers to purchase and sell ERC-20 tokens that track the prices of Bitcoin and Ether and offer their holder a potential compounded yield of approximately two times the consumer’s initial investment.

Earlier this week, we discussed the Federal Trade Commission’s (FTC) final amendments to the Negative Option Rule, now retitled the Rule Concerning Recurring Subscriptions and Other Negative Option Programs. These amendments, which are set to take effect 180 days after publication in the Federal Register, are purportedly aimed at stopping deceptive and unfair practices in negative option marketing. However, the rule has now drawn a legal challenge.

In this episode of The Consumer Finance Podcast, Chris Willis is joined by Troutman Pepper Partner David Anthony and Rami Haddad, deputy general counsel for Compliance, Litigation, and Privacy at PRA Group. The discussion dives into a variety of pressing issues in the consumer finance sector and covers current litigation trends, the impact of the Supreme Court’s overruling of Chevron in the Loper Bright case, and the CFPB’s new nonbank registry rule. The episode also explores the heightened focus on medical debt collection by the CFPB and its potential implications for the industry. Tune in for expert insights and a comprehensive overview of these critical topics.

On October 11, the Office of Administrative Law (OAL) approved the California Department of Financial Protection and Innovation’s (DFPI) proposed regulations on direct-to-consumer (i.e., non-employer offered) earned wage access (EWA) products. This approval marks the culmination of a lengthy regulatory process that began in March 2023 and involved multiple rounds of modifications and public comments. The regulations also impose requirements on debt settlement companies and education financing providers. It will become effective on February 15, 2025.

Yesterday, the Consumer Financial Protection Bureau (CFPB or Bureau) issued its final rule on personal financial data rights, purportedly aimed at enhancing consumer control over their financial data and promoting competition in the financial services industry. According to the Bureau’s press release, “[t]he rule requires financial institutions, credit card issuers, and other financial providers to unlock an individual’s personal financial data and transfer it to another provider at the consumer’s request for free… help[ing] lower prices on loans and improve customer service across payments, credit, and banking markets.” Later that same day, a complaint was filed challenging the Bureau’s authority.

Yesterday, we discussed the constitutional legal challenge against New York City’s recently amended debt collection rules, which were scheduled to go into effect on December 1, 2024. These rules would stringently regulate various debt collection activities by debt collectors operating in the city. Today, the New York City Department of Consumer and Worker Protection (DCWP) announced a delay in the enforcement of these new rules until April 1, 2025.