Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations
Section Content

Upcoming Events

Filter

Subscribe to our InfoBytes Blog weekly newsletter for news affecting the financial services industry.

  • Senate Banking Committee’s Fintech Hearing Discusses Regulatory Challenges and Innovation Risks

    FinTech

    On September 12, the full Senate Committee on Banking, Housing, and Urban Affairs held a hearing entitled “Examining the Fintech Landscape” to discuss topics concerning fintech innovation and the regulatory landscape. Committee Chairman Mike Crapo (R-Idaho) opened the hearing by asserting that while fintech firms provide “new and innovative products and services in areas such as marketplace lending, digital payments and currencies, wealth management, insurance and more . . . [u]ncertainty remains around questions like data security and the proper regulatory treatment to ensure consumers and the financial system are safeguarded.” Sen. Crapo said that he welcomes the opportunity to learn more about fintech innovations, the impact on the financial system, and the current regulatory approach to this sector.

    Sen. Sherrod Brown (D-Ohio), ranking member of the Committee, also released an opening statement in which he called for the need to “improve federal oversight of data collection and data security,” especially in light of the recent credit reporting data breach. (See previous InfoBytes summary here.) Sen. Brown noted that he is interested in understanding “how Congress can encourage fintech innovation to make it easier for community banks to serve their customers, comply with important safety and soundness and anti-money laundering rules.”

    The three witnesses offered numerous insights related to the fintech industry, including (i) the need to manage risk without stifling fintech innovation; (ii) the importance of creating consistent standards and a regulatory framework; (iii) the need to clearly outline the definition of fintech firms and digital lenders; (iv) challenges when using algorithms and alternative data to assess creditworthiness; and (v) concerns regarding state preemption in the fintech space. The witnesses also answered questions concerning the concept of utilizing a regulatory sandbox to allow fintech firms to operate on a limited basis to test new ideas, and offered support for an innovation office, which would help fintech firms and regulators understand the emerging landscape.

    • Mr. Lawrance Evans, Director, Financial Markets, U.S. Government Accountability Office (testimony);
    • Mr. Eric Turner, Research Analysis, S&P Global Market Intelligence (testimony); and
    • Mr. Frank Pasquale, Professor of Law, University of Maryland Francis King Carey School of Law (testimony).

    Fintech Federal Issues Senate Banking Committee Privacy/Cyber Risk & Data Security Data Collection / Aggregation

    Share page with AddThis
  • CFPB Issues Consent Order to Online Lead Aggregator, Settles Separate 2016 Lead Aggregator Action

    Consumer Finance

    On September 6, the CFPB ordered an online loan lead aggregator to pay $100,000 for its alleged involvement in selling leads to small-dollar lenders and installment loan purchasers who then extended loans that were void in whole or in part under the borrower’s state laws. The consent order alleges that the California-based company knew the state of residence for each lead sold, yet “regularly sold [l]eads for consumers located in states where the resulting loan was void or the lender had no legal right to collect the principal, interest, or fees from the consumer based on state-licensing requirements or interest-rate limits.” The order also claims that, because the company knows the identity of each purchaser prior to the sale of the loan, it should also know (i) whether the purchaser is likely to comply with the state laws, or (ii) whether the leads it sells will result in loans exceeding state usury interest rate limits or fail to be in compliance with the consumer’s state laws. Pursuant to the consent order, in addition to the $100,000 civil money penalty, the company must (i) “undertake reasonable efforts to ensure” leads do not result in loans that are void under the laws of the consumer’s state; (ii) obtain, among other things, copies of licenses required by each state for its end users “where the absence of such a license would render a loan void in whole or in part under the laws of that state”; (iii) implement procedures for reviewing loans that result from its leads to ensure compliance with privacy and other laws; (iv) establish a policy to prohibit lenders from making loans that are likely to result in loans that are void under the consumer’s state-licensing requirements or interest-rate limits and “refrain from conveying” leads for such loans; and (v) submit registration for the Bureau’s Company Portal.

    On the same day, the CFPB also entered into a $250,000 settlement with the company’s president and primary owner for his alleged actions cited in a 2016 complaint involving his role as the operator of a different online lead aggregator. (See previous InfoBytes summary here.) In addition to the civil money penalty, the president has agreed to (i) make efforts to guarantee that all loans offered to consumers are valid in the states where they live; (ii) ensure that there is no misleading, inaccurate, or false information contained in the consumer-facing content of all lead generators from which leads are accepted; and (iii) require all lead generators to “prominently disclose to consumers an accurate description” of how leads will be received, conveyed, and processed. The president has neither admitted nor denied the CFPB’s allegations.

    Consumer Finance CFPB Payday Lending Data Collection / Aggregation Enforcement Settlement

    Share page with AddThis
  • Legislation Proposed to Create Consistent Financial Data Reporting Standards Across Federal Agencies

    Federal Issues

    On March 16, Congressmen Darrell Issa (R-Calif.) and Jared Polis (D-Colo.) introduced the Financial Transparency Act of 2017 (H.R. 1530), a bipartisan bill intended “to amend securities, commodities, and banking laws to make the information reported to financial regulatory agencies electronically searchable.”  Specifically, H.R. 1530 would require the Treasury Department to disseminate data standards for all financial regulatory agencies, while directing each agency to transform its regulatory reporting regime from disconnected documents into standardized, searchable data. The bill further provides that any information required by other laws to be public must be published as open data, and includes specific directives for the SEC to improve that agency’s existing data reporting regime.

    Additional details concerning the proposed measure are explained in a summary prepared by www.datacoalition.org. U.S. Representative Randy Hultgren (R-IL)—one of the bill’s co-sponsors and current Vice Chairman of the House Subcommittee on Capital Markets, Securities and Investment—has also promoted the legislation in an op-ed for The Guardian, entitled How to stop the next Bernie Madoff.

    Federal Issues Congress Department of Treasury Data Collection / Aggregation

    Share page with AddThis
  • OFR Director Delivers “Reducing the Regulatory Reporting Burden” Remarks at the Financial Data Summit

    Privacy, Cyber Risk & Data Security

    On March 16, the Office of Financial Research (OFR) posted remarks made by Director Richard Berner at the third annual Financial Data Summit hosted by the Data Transparency Coalition. "Reducing the Regulatory Reporting Burden" outlines OFR’s mission to identify areas of “duplication, overlap, and inefficiency in regulatory reporting,” presents steps to be undertaken in partnership with the Financial Stability Oversight Council (and its member agencies) to “improve data quality and reduce the reporting burden [by] requiring standards, including precise and agreed-on definitions, identifiers, and formats; industry-regulator agreement on essential data elements; adherence to best practices in data collection; and more data sharing among regulators,” and seeks participation and input from the private sector.

    Privacy/Cyber Risk & Data Security OFR Data Collection / Aggregation

    Share page with AddThis
  • CFPB Issues Largest HMDA Fine in Bureau History Against Nonbank Mortgage Lender

    Lending

    On March 15, the CFPB announced a consent order assessing a $1.75 million civil money penalty against a national mortgage lender for failing to accurately report mortgage data in violation of the Home Mortgage Disclosure Act (“HMDA”). The Bureau alleged that, during the supervision process, it found the lender’s HMDA compliance systems to be flawed, and that the flaws led to the generation of “significant, preventable” errors in its mortgage lending data. The following violations were also alleged: (i) a failure to “maintain detailed HMDA data collection and validation procedures”; (ii) a failure to “implement adequate compliance procedures”; and (iii) a failure to “consistently define data among its various lines of business,” which resulted in data discrepancies.  As reported by the Bureau, the size of the penalty reflects the lender’s market size, the magnitude of the errors, and its history of violations. The terms of the consent order require the lender to pay a $1.75 million penalty, develop an effective compliance management system to prevent future violations, and review and correct HMDA reporting inaccuracies for the defined time period. Notably, the consent order does not provide for consumer redress.

    Later that day, the mortgage lender issued a statement announcing the resolution of the Bureau’s examination and highlighting the company’s efforts “over the past two years” to “proactively ma[ke] substantial investments in new staff, training and technology to enhance all of [their] HMDA-related processes and controls.”

    Lending CFPB Mortgage Lenders HMDA Data Collection / Aggregation

    Share page with AddThis
  • Fed Report Provides Information on Debit Card Transactions in 2015

    Federal Issues

    On November 30, the Fed announced the release of its annual report on debit card transactions in 2015. The report is the fourth in a series to be published every two years pursuant to Section 920 of the Electronic Fund Transfer Act (EFTA). As in prior years, the 2015 report reflected that issuers’ costs of authorizing, clearing, and settling debit card transactions (excluding issuer fraud losses) varied greatly across respondents. Data compiled in the report estimates that debit-card fraud losses to all parties (merchants, cardholders, and issuers) increased by 44 percent from 2013 to an estimated total of $2.41 billion in 2015. The median covered issuer had average fraud prevention and data security costs of 1.9 cents per transaction.

    Federal Issues Federal Reserve Debit Cards EFTA Payments Data Collection / Aggregation

    Share page with AddThis
  • CFPB Launches Inquiry into Consumer Financial Data Access

    Consumer Finance

    On November 17, the CFPB formally announced the launch of an inquiry into the benefits and risks associated with consumers authorizing third-parties to access their financial and account information held by financial service providers. The CFPB has been investigating and assessing issues related to data access and technological innovation for some time, including through Project Catalyst.

    As detailed in the Request for Information (Dkt No. CFPB-2016-0048) issued on November 17, the CFPB is focused on three main points of inquiry: (i) secure access for consumersi.e., are consumers able to securely access, and authorize others to securely access, their financial records? Are there any “business burdens” that must be addressed to provide access and use of financial records?; (ii) third-party risk -- i.e., some financial institutions have expressed concern that providing third parties with access to records may compromise consumer privacy or put their funds at risk. The CFPB would like learn more about options for ensuring that financial records are securely obtained, stored and used; and (iii) consumer control -- i.e., to what extent are consumers able to control how shared data is being used by third-parties with authorized access?  Are consumers able to limit the number of times those firms can access the data?

    In prepared remarks delivered at a field hearing in Salt Lake City, UT, CFPB Director Richard Cordray explained: “The technology around digital financial records continues to develop and, so far, there are many unanswered questions about how the information is being shared, by and to whom, and how safely. As with any emerging industry, we are hearing about some bumps in the road. Both Fintech companies and financial institutions, as well as consumer groups, are describing to us the various challenges, risks and technological obstacles to further progress in this area.”

    Consumer Finance CFPB Data Collection / Aggregation Privacy/Cyber Risk & Data Security

    Share page with AddThis
  • OCC Proposes Revisions to Stress Test Information Collection

    Federal Issues

    On November 15, the OCC published a notice and request for comment on proposed changes to its rules requiring certain covered financial institutions, including national banks and federal savings associations with assets over $50 billion, to report certain financial information as part of stress testing. The proposed revisions to the OCC’s reporting requirements are “intended to promote consistency with” the Fed’s proposed changes to its form FR Y-14A, and consist generally of clarifying instructions, shifting the “as-of date”, adding data items, deleting data items, and redefining existing data items—including an expansion of the information collected in the scenario schedule. The proposed revisions also reflect the implementation of the final Basel III regulatory capital rule, which is set to revise and replace the OCC’s risk-based and leverage capital requirements to be consistent with agreements reached by the Basel Committee on Banking Supervision in ‘‘Basel III: A Global Regulatory Framework for More Resilient Banks and Banking Systems’’ (Basel III). All comments must be received by January 19, 2017.

    Federal Issues Banking Federal Reserve OCC Basel Data Collection / Aggregation Stress Test Agency Rule-Making & Guidance

    Share page with AddThis
  • California AG Harris Launches New Consumer Privacy Tool

    State Issues

    On October 14, California AG Harris released an online complaint form designed to help consumers report potential violations of the California Online Privacy Protection Act (CalOPPA). Pursuant to the CalOPPA, commercial websites and online services collecting consumer information are required to post privacy policies that include “the categories of information collected, the types of the third parties with whom the operator may share that information, instructions regarding how the consumer can review and request changes to his or her information, and the [policy’s] effective date.” As part of AG Harris’s “multi-pronged” effort to improve online privacy for consumers, the form will allow consumers to “crowdsource” privacy policy violations, thus “exponentially increasing the California Department of Justice’s ability to identify and notify those in violation of CalOPPA.”

    State Issues State AG Data Collection / Aggregation Privacy/Cyber Risk & Data Security Vendor Management

    Share page with AddThis
  • CFPB Considers Registration Rule for Nonbank Financial Institutions

    Consumer Finance

    The CFPB recently issued a Request for Information (RFI) seeking vendor feedback on the agency’s consideration of establishing a web-based system that would require nonbank financial institutions to register with the CFPB. The RFI outlines the potential registration system’s capabilities and services, noting that nonbank financial institutions would use it to “apply for, amend, update, or renew a registration online using a single set of uniform applications.” In addition to other data gathering components, the potential registration system may be used for the collection of financial, operational, and organizational structure data. Responses from technology system vendors were due on July 29, 2016, with a disclaimer that the RFI was not “to be construed as a commitment that the CFPB will propose a rulemaking on the registration of nonbank financial institutions or that the CFPB will propose any specific system requirements.”

    CFPB Vendors Data Collection / Aggregation

    Share page with AddThis

Pages