The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) recently announced a Notice of Proposed Rulemaking (NPRM) that identifies international convertible virtual currency mixing as a class of transactions of primary money laundering concern and seeks to increase transparency around virtual currency mixing to combat its use by illicit actors.

On October 9, a Florida state senator introduced SB 146, which would add a new section to the Florida Consumer Finance Act (CFA), attempting to curb evasion of the CFA. SB 146 would treat all payments incident to the loan as interest, even if voluntary, and would adopt both predominant economic interest and totality of the circumstance tests for true lender purposes. SB 146 follows other states’ attempts to address true lender issues, including legislation passed in Minnesota, discussed here, and Connecticut, discussed here.

Last week, the annual Community Reinvestment Act & Fair Lending Colloquium took place in Austin, Texas. Two officials from the U.S. Department of Justice (DOJ) discussed in detail the “Combatting Redlining Initiative” led by the DOJ using a “whole of government” approach, the current state of redlining investigations, and the future direction of enforcement. In prepared remarks Assistant Attorney General Kristen Clarke stated, “we are proud of the work we have been able to accomplish in these past two years through the Combatting Redlining Initiative. But we are by no means done. We are also focusing on unlawful practices such as reverse redlining, and steering.”

On November 13, the Consumer Financial Protection Bureau (CFPB) and the Federal Reserve Board (Fed) announced increased dollar thresholds used to determine whether certain consumer credit and lease transactions in 2024 are exempt from Regulation Z (Truth in Lending) and Regulation M (Consumer Leasing).

A California state court recently denied a preliminary injunction sought by the California Department of Financial Protection and Innovation (the DFPI) in its long-running litigation against Opportunity Financial (OppFi) contending that OppFi is the “true lender,” and therefore subject to usury limits, on loans originated by OppFi’s bank partner. The court found that on the factual record before it that the DFPI had not shown a reasonable probability of prevailing on the merits of its claim.

On November 1, New York Governor Kathy Hochul announced that the state’s Department of Financial Services (NY DFS) has amended its Cybersecurity Regulations to “enhance cyber governance, mitigate risks, and protect New York businesses and consumers from cyber threats.” According to the NY DFS, key changes in the regulations include: enhanced governance requirements;  additional controls to prevent unauthorized access to information systems and mitigate the spread of an attack; requirements for more regular risk assessments, as well as a more robust incident response plans; updated notification requirements; and updated direction for companies to invest in at least annual training and cybersecurity awareness programs that are relevant to their business model. The newly amended compliance requirements will take effect in phases. 

As discussed here, on August 1, the two major national credit union trade associations — the National Association of Federal Credit Unions (NAFCU) and the Credit Union National Association (CUNA) — announced plans to merge and create a new organization called America’s Credit Unions. Today, CUNA announced that the organizations’ members voted overwhelmingly (94% of CUNA members and 86% of NAFCU members) in favor of the merger. America’s Credit Unions will be legally formed on January 1, 2024.

In a major victory for small business lenders, yesterday the U.S. District Court for the Southern District of Texas granted motions filed by three groups of trade association intervenors to extend the court’s existing injunction against the Consumer Financial Protection Bureau’s (CFPB or Bureau) enforcement of its final rule under § 1071 of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Final Rule) to cover all small business lenders nationwide. A discussion of the preliminary injunction issued by that Texas federal court on July 31 can be found here. The injunction in Texas Bankers Association v. CFPB will dissolve if the U.S. Supreme Court reverses the Fifth Circuit in Community Financial Services Association v CFPB (CFSA case), which found the CFPB’s funding structure unconstitutional.

On October 24, the Federal Reserve Board (Fed), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC) (collectively, the agencies) finally issued their long-awaited final rule modernizing how they assess lenders’ compliance under the Community Reinvestment Act (CRA). The CRA was enacted in 1977 to address systemic inequities in access to credit and encourages banks to meet the credit needs of the entire community, including low- and moderate-income (LMI) communities, consistent with safety and soundness principles. The last meaningful, comprehensive revision to the CRA regulations occurred in 1995.

On October 19, the Consumer Financial Protection Bureau (CFPB) issued its highly anticipated notice of proposed rulemaking under Section 1033 of the Consumer Financial Protection Act of 2010 (CFPA). The proposed Personal Financial Data Rights Rule would require depository and nondepository entities to make available to consumers and authorized third parties certain data relating to consumers’ accounts, establish obligations for third parties accessing a consumer’s data, and provide basic standards for data access. Notably, the proposed rule only provides for narrow exceptions, such as community banks and credit unions that have no digital interface with their customers. The CFPB is currently accepting comments on the proposed rule until December 29, 2023.