As federal agencies pull back on consumer protection regulations under the Trump administration, California is stepping up to fill the void. This shift was forecasted in January, when the Consumer Financial Protection Bureau (CFPB) released a report titled “Strengthening State-Level Consumer Protections” (discussed here), which provided a roadmap for states looking to bolster their consumer protection laws after the anticipated rollback with the new administration.
Last Friday, the Federal Deposit Insurance Corporation (FDIC) announced the rescission of Financial Institution Letter (FIL-16-2022) and issued new guidance clarifying the process for FDIC-supervised institutions to engage in crypto-related activities. The new Financial Institution Letter (FIL-7-2025) represents a 180 degree turn from the prior Chairman’s position, which required prior notification and relevant information by banks seeking to engage in crypto-related activities.
On March 26, the U.S. Court of Appeals for the Fourth Circuit reversed a district court’s decision holding a credit union liable for a wire transfer in a business email compromise scam case where the credit union lacked “actual knowledge” of the mismatch between the account number and beneficiary.
On March 7, the Office of the Comptroller of the Currency (OCC) issued a significant update regarding the involvement of national banks and federal savings associations in cryptocurrency activities. Interpretive Letter 1183 reaffirms the permissibility of various crypto-asset activities and aims to streamline the regulatory process for banks engaging in these activities.
On January 8, Senate Bill No. 1252 (SB 1252) was introduced to the Virginia General Assembly, aiming to amend and reenact sections of the Code of Virginia related to the application of usury rates. Just two weeks ago, the bill was passed by both the House and Senate. Opponents of the bill contend that the language and effect is very unclear, but that broad language and stringent provisions could stifle innovation and ultimately harm consumers by limiting their access to credit.
On January 14, Patriot Bank, N.A. entered into an agreement with the Office of the Comptroller of the Currency (OCC) to address and rectify several unsafe or unsound practices and violations of law. This agreement follows the bank’s reported loss of nearly $27 million for the quarter ending September 30, 2024.
In a recent letter to Andrea Gacki, Director of the Financial Crimes Enforcement Network (FinCEN), Federal Deposit Insurance Corporation (FDIC) Acting Chairman Travis Hill expressed his support for updating the Customer Identification Program (CIP) requirements to better align with modern financial services practices. This initiative is part of Hill’s broader commitment to regulatory reform and innovation, as outlined in his recent policy statements.
This week, President Trump designated National Credit Union Administration (NCUA) Vice Chairman Kyle Hauptman as the thirteenth Chairman of the NCUA Board. Hauptman succeeds Todd Harper as NCUA Chairman. In the press release announcing his appointment, Chairman Hauptman said, “I am deeply honored that President Trump has asked me to serve as Chairman of NCUA. I look forward to leading the agency’s dedicated professionals and working with my Board colleagues to create a regulatory structure that promotes growth, opportunity, and innovation within the credit union system.”
On January 7, the National Credit Union Administration (NCUA) released its supervisory priorities for 2025, outlining the key areas of focus for federally insured credit unions. This guidance is crucial for credit unions as it highlights the areas posing the highest risk to members, the industry, and the National Credit Union Share Insurance Fund (Share Insurance Fund).
On January 8, the Consumer Financial Protection Bureau (CFPB) officially recognized Financial Data Exchange, Inc. (FDX) as the first standard-setting body under the Personal Financial Data Rights promulgated rule under Section 1033 of the Dodd-Frank Act. This rule, released in October 2024, requires depository and nondepository entities to make available to consumers and authorized third parties certain data relating to consumers’ accounts, establish obligations for third parties accessing a consumer’s data, and provide basic standards for data access.