According to a recent report by WebRecon, court filings under the Fair Credit Reporting Act (FCRA) and Telephone Consumer Protection Act (TCPA) were down for the month of October, but filings under the Fair Debt Collection Practices Act (FDCPA) were up. Complaints filed with the Consumer Financial Protection Bureau (CFPB) were also up for the month.
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) recently announced a Notice of Proposed Rulemaking (NPRM) that identifies international convertible virtual currency mixing as a class of transactions of primary money laundering concern and seeks to increase transparency around virtual currency mixing to combat its use by illicit actors.
On October 18, the Federal Trade Commission (FTC) issued a report to Congress in which it outlined its ongoing efforts to protect older Americans from fraud related losses.
On October 9, a Florida state senator introduced SB 146, which would add a new section to the Florida Consumer Finance Act (CFA), attempting to curb evasion of the CFA. SB 146 would treat all payments incident to the loan as interest, even if voluntary, and would adopt both predominant economic interest and totality of the circumstance tests for true lender purposes. SB 146 follows other states’ attempts to address true lender issues, including legislation passed in Minnesota, discussed here, and Connecticut, discussed here.
On November 16, the Consumer Financial Protection Bureau (CFPB or Bureau) released its Fair Debt Collection Practices Act (FDCPA) Annual Report detailing the CFPB’s 2022 activities related to debt collection practices. This comprehensive document summarizes everything FDCPA-related undertaken by the agency during 2022, including enforcement actions, a summary of consumer complaints, education and outreach initiatives, and highlights from examinations it conducted. In addition to summarizing activities in the debt collection space from the past year, the report hints at potential future activities. Tellingly, the CFPB’s focus in 2022 was predominantly on medical debt, as highlighted by its press release announcing this report.
On November 13, the Consumer Financial Protection Bureau (CFPB) and the Federal Reserve Board (Fed) announced increased dollar thresholds used to determine whether certain consumer credit and lease transactions in 2024 are exempt from Regulation Z (Truth in Lending) and Regulation M (Consumer Leasing).
A California state court recently denied a preliminary injunction sought by the California Department of Financial Protection and Innovation (the DFPI) in its long-running litigation against Opportunity Financial (OppFi) contending that OppFi is the “true lender,” and therefore subject to usury limits, on loans originated by OppFi’s bank partner. The court found that on the factual record before it that the DFPI had not shown a reasonable probability of prevailing on the merits of its claim.
On November 7, the Consumer Financial Protection Bureau (CFPB) issued a proposed rule with request for public comment to amend existing regulations defining “larger participants” the CFPB supervises by adding a new section to define larger participants that offer digital wallets, payment applications, and similar services.
On October 13, California Governor Gavin Newsom (D) signed Assembly Bill 39 (Digital Financial Assets Law). This new law broadly empowers the California Department of Financial Protection and Innovation (DFPI) to govern “digital financial asset business activity” and prohibits entities from engaging in such activity with California residents without obtaining a license from the DFPI, among other criteria.
On November 1, New York Governor Kathy Hochul announced that the state’s Department of Financial Services (NY DFS) has amended its Cybersecurity Regulations to “enhance cyber governance, mitigate risks, and protect New York businesses and consumers from cyber threats.” According to the NY DFS, key changes in the regulations include: enhanced governance requirements; additional controls to prevent unauthorized access to information systems and mitigate the spread of an attack; requirements for more regular risk assessments, as well as a more robust incident response plans; updated notification requirements; and updated direction for companies to invest in at least annual training and cybersecurity awareness programs that are relevant to their business model. The newly amended compliance requirements will take effect in phases.