Weekly Fintech Focus

  • FTC explains that merchants using BNPL services are also subject to consumer protection obligations.
  • CFPB ends its no-action letter and compliance sandbox policies.
  • CFPB sues an online lender for Military Lending Act violations related to the lender’s membership fees.
Continue Reading Fintech Legal Report—Week of September 30, 2022

Weekly Fintech Focus

  • The OCC is focusing on fintech-bank partnerships as explained in a speech by Acting Comptroller of the Currency Michael J. Hsu
  • Congressmembers seek information related to a firearms BNPL provider
Continue Reading Fintech Legal Report—Week of September 9, 2022

Weekly Fintech Focus

  • CFPB warns firms about UDAAP violations for information security weaknesses.
  • CFPB issued an interpretive rule to clarify that digital marketing providers can be covered service providers under the CFPA for targeting and placement of advertisements for financial products and services.
Continue Reading Fintech Legal Report—Week of August 12, 2022

CFPB Highlights Emerging Risks in the Convergence of Payments and Commerce

On August 4, 2022, the Consumer Financial Protection Bureau (CFPB) released a report on the emerging risks consumers face in the growing presence of new products that blur the line between payments and commerce, namely: buy now, pay later (BNPL) offerings; embedded commerce; and integrated “super apps.” Specifically:

Continue Reading Fintech Legal Report—Week of August 19, 2022

Weekly Fintech Focus

  • Democratic senators urge CFPB to focus on bank liability for fraud occurring on P2P payment platforms.
  • CFPB and OCC issue $225M fine to a bank for failures related to unemployment benefits payments.
  • UK financial regulators open consultation on oversight of financial institutions’ third-party service providers.
Continue Reading Fintech Legal Report—Week of July 22, 2022

Weekly Fintech Focus

  • The CFPB terminates a no-action letter with an AI credit underwriter.
  • A CFPB circular confirms that AI underwriting models are subject to anti-discrimination laws including adverse action notices.
  • BNPL companies and credit bureaus face urging by the CFPB to properly report consumer information.
  • The CFPB launches an initiative to improve customer service at big banks.
Continue Reading Fintech Legal Report—Week of June 17, 2022

Weekly Fintech Focus

  • The CFPB plans to review CARD Act Rules.
  • The Treasury Department proposes clarifications to regulatory treatment of Earned Wage Access programs.

CFPB Director Chopra Plans to Review CARD Act Rules

The day after a tough hearing with the Senate Banking Committee, on April 27, 2022, the House Financial Services Committee held a hearing in which Consumer Financial Protection Bureau (CFPB) Director Rohit Chopra spoke with lawmakers about his plans to explore whether the CFPB should revisit and potentially revise previously written rules to implement the Credit Card Accountability Responsibility and Disclosure Act (the CARD Act).

These rules cover various consumer protection requirements and restrictions such as limits on interest rate increases and certain fees. Particularly, Chopra’s comments suggest that the CFPB could pursue tougher restrictions on issuer fees as part of a broader effort to manage what he refers to as “junk fees.” Chopra did not provide a specific definition on what fees the agency may scrutinize, but his responses to inquiries from lawmakers indicates that it could cover a broad array of charges that are imposed on bank accounts, credit cards, and other financial products, such as late fees and other fees that do not compensate for a specific service.

Continue Reading Fintech Legal Report—Week of May 6, 2022

Weekly Fintech Focus

  • The CA DFPI issued an interpretive opinion on an earned wage access product, finding that the structure of the earned wage access program was not a loan product.
  • The CFPB issued a compliance bulletin outlining and reiterating prohibitions and restrictions under ECOA and Regulation B related to the distribution of government benefits via prepaid cards.
  • Numerous financial regulators issued an interagency statement to encourage creditors to engage in special purpose credit programs.

CA DFPI Issues Interpretive Opinion on Earned Wage Access

On February 11, 2022, the California Department of Financial Protection and Innovation (DFPI)  issued an interpretive opinion letter that FlexWage, a New Jersey-based financial services company that partners with employers to provide employees’ earned wages in advance of payday, is not subject to licensure under the California Deferred Deposit Transaction Law (CDDTL) with respect to its earned wage access (EWA) product. EWA products provide employees with access to earned but as yet unpaid wages. DFPI also concluded that FlexWage did not require a license under the California Financing Law (CFL).

DFPI stated that FlexWage’s EWA product is not a loan subject to the CFL because it is the employer, not FlexWage, that is providing the funds and those funds do not exceed the amount that the employer already owes the employee. FlexWage does not originate or facilitate loans since the wages have already been earned by the employee and are not subject to repayment.  Therefore, this product is not a loan but a facilitation of an existing financial obligation from the employer to the employee.

While cost typically is not a factor in the assessment, DFPI considered whether FlexWage’s EWA product suggested evasion of the CFL. DFPI determined that it did not and noted the fact that the fee FlexWage charges for this service, which appears as an itemized deduction from the employee’s pay, is substantially lower than what it could charge as an “administrative fee” under the CFL.

DFPI also determined that the EWA product was not a “deferred deposit transaction” under the CDDTL. This was based largely on the same reasoning as DFPI’s reasoning under the CFL–specifically, the source of the funding, the limit on the funding amount, and the limit on the fees were determining factors against imposing a licensing requirement on FlexWage under the CDDTL.

CFPB Issues Compliance Bulletin on Reg. E’s Compulsory Use Prohibition

On February 15, 2022, the CFPB issued a compliance bulletin on outlining and reiterating prohibitions against prepaid cards being the sole method for distributing government benefits.

The Electronic Fund Transfer Act (EFTA), as implemented by Regulation E, provides that no person may require a consumer to establish an account for receipt of electronic fund transfers with a particular financial institution as a condition of receipt of a government benefit. This prohibition applies to “government benefit accounts,” accounts established by a government agency for distributing government benefits to a consumer electronically, with certain exemptions listed in Regulation E.

Typically, consumers receive their government benefits (e.g., social security payments, veterans’ benefits, unemployment insurance, child support, pension plan payments) through direct deposit into their bank account, by prepaid card, or by check.

The compulsory use prohibition is designed to ensure that consumers receiving government benefits have a choice with respect to how they receive their funds. For example, a government agency that requires consumers to receive benefits through direct deposit will not violate the compulsory use prohibition if it allows consumers to choose the financial institution they want to use in receiving the direct deposit. Alternatively, a government agency may give a consumer the choice of having their benefits deposited at a particular institution (designated by the government agency) so long as the consumer is able to receive their benefits by another means.

However, the CFPB’s Compliance Bulletin highlights and reinforces the CFPB’s existing position that consumers are not provided a choice, and that there is a violation of the EFTA, when a consumer is required to receive the first payment of government benefits on a prepaid card (or otherwise at a particular institution), even if the consumer can later redirect the payment to an account of their choice. In such a scenario, the CFPB’s position is that the consumer does not have a choice with respect to how to receive the first payment of the government benefit; rather, with respect to that first payment, the consumer was required to establish an account with the financial institution that issued the prepaid card as a condition of receiving the funds.

Although the Compliance Bulletin does not announce a new position, it serves to highlight one that was recently an element of a CFPB consent order issued to prison financial services company JPay that included a $6 million fine (as covered in our blog here).

Financial Regulators Encourage Special Purpose Credit Programs

On February 22, 2022, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, the Office of the Comptroller of the Currency, the Consumer Financial Protection Bureau, the Department of Housing and Urban Development, the Department of Justice, and the Federal Housing Finance Authority issued an interagency statement reminding creditors that ECOA and Regulation B permit creditors to establish special purpose credit programs (SPCPs) to provide credit to specified classes of persons.

The interagency statement notes that there has been confusion over the applicability and permissibility of creditors instituting SPCPs and this interagency statement aims to encourage creditors to pursue SPCPs that comply with ECOA and Regulation B. If creditors have questions, the agencies also encourage engagement and consultation with the applicable regulator.

A number of agencies have made prior statements through advisory opinions or other guidance to explain the availability of SPCPs to various types of creditors, including:

  • The CFPB issued an Advisory Opinion on SPCPs to clarify that for-profit creditors must include a written plan to establish and administer to SPCP and to clarify the types of data that may be relied on to inform the creditor’s determination of the need for the SPCP.
  • HUD released guidance concluding that SPCPs that conformed with the requirements of ECOA and Regulation B did not violate the Fair Housing Act.

This blog has covered these developments here, here and here.

Weekly Fintech Focus

  • CFPB announces initiatives to address junk fees in consumer financial products and services.
  • CFPB seeks comment on BNPL services.
  • The OCC approves another banking charter for a fintech company.
  • FDIC and FinCEN launch Tech Sprint to address challenges in digital identity.

Continue Reading Fintech Legal Report—Week of February 4, 2022

FTC Orders an End to Illegal Mastercard Business Tactics and Requires it to Stop Blocking Competing Debit Card Payment Networks

On December 23, the Federal Trade Commission (FTC), in a 4-0 vote, ordered Mastercard to start providing competing payment networks with the customer account information they need to process debit payments, alleging that the company has violated the Durbin Amendment and federal regulations.

According to the FTC, Mastercard has allegedly been using its control over the tokenization process to keep competing networks out of the e-commerce debit payment business, in violation of provisions of the 2012 Dodd-Frank Act known as the Durbin Amendment and its implementing rule, Regulation II. Generally, the Durbin Amendment requires banks to enable at least two unaffiliated networks on every debit card and prohibits payment card networks from inhibiting merchants from using other networks.

E-commerce transactions that involve payment cards in e-wallets often replace the cardholder’s primary account number with a different number, known as a token, and store that number in the e-wallet. This “tokenization” process aims to protect the primary account number during certain stages of the transaction, as well as to reduce fraud. When a debit cardholder makes a debit purchase using an e-wallet, the merchant receives the token from the cardholder’s device and sends it to the merchant’s bank. The merchant’s bank then sends the token to a payment card network for processing, which converts it to the associated primary account number (PAN).

With respect to Mastercard-branded debit cards in e-wallets, not only does Mastercard’s policy require that a token be used, but banks that issue such cards also nearly universally use Mastercard to generate the tokens and store the corresponding PANs, according to the FTC. As a result, the FTC alleged that merchants are dependent on Mastercard to convert the token to process e-wallet transactions using Mastercard-branded debit cards, because competing payment networks do not have access to the tokens stored by Mastercard. The FTC also alleged that Mastercard refused to provide conversion services to competing payment networks for e-wallet debit transactions conducted online and in apps (rather than in person), making it impossible for merchants to route e-wallet transactions on any network other than Mastercard.

Under the FTC’s proposed order, if a competing network receives a token to process a debit card payment, Mastercard is required to provide that network with the customer’s PAN that corresponds to the token. The order also prohibits Mastercard from taking any action that prevents other payment networks from providing their own tokens or tokenization services.

The proposed order is subject to a 30-day public comment period, after which the FTC will decide whether to make it final. The FTC’s statement on its proposed order didn’t say whether it had reached a similar agreement with Visa.