InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Wisconsin updates licensing and regulation of financial services providers
On April 4, Wisconsin enacted SB 668 (the “Act”) which will amend many provisions to the Wisconsin Department of Financial Institution’s (DFI) regulation of non-banks. According to an analysis by the state’s Legislative Reference Bureau, the Act will change how multiple financial practices are regulated and rely on the Nationwide Multistate Licensing System and Registry (NMLS). The Act will allow Wisconsin to use NMLS to administer licensing needs concerning consumer lenders, payday lenders, collection agencies, sales finance companies, money transmitters, mortgage bankers and brokers, adjustment service companies, community currency exchanges, and insurance premium finance companies. The amendments were modeled after the Model Money Transmission Modernization Act approved by the CSBS.
The Act will require licensees to provide information directly to NMLS. For collection agencies, the Act will eliminate the requirement that a collector hold a separate license from the one held by his employer, update the definition of collection agency to add the exception for mortgage bankers, and require separate collection agency licenses for each place of business, among others – including repeals. As to consumer lenders, the Act will better define consumer loans, specify provisions governing licensed lenders, and specify which activities require licensure. With respect to sellers of checks and money transmitters, the Reference Bureau noted three provisions governing licensing and regulation of money transmitters will be replaced by the MTMA. This will include registering a license through the NMLS; granting the power to suspend, revoke, or refuse renewal of a license to the DFI; and allowing a licensed money transmitter to conduct business through an authorized delegate; among others. The Act also updated NMLSR requirements and DFI powers concerning payday lenders, sales finance companies, adjustment service companies, community currency exchanges, and insurance premium finance companies.
Hsu notes a “trip wire approach” for FSOC review of payments, private equity systemic risk
On February 21, Acting Comptroller of the Currency Michael Hsu delivered remarks at Vanderbilt University, discussing banking and commerce, regulatory effectiveness, and financial stability. Hsu further discussed the “blurring of the line” between banking and private credit/equity, its relevance to different market crashes, and how it can create risk. Hsu mentioned the potential to fill a regulatory gap regarding payments.
Hsu highlighted that the FSOC’s recent analytic framework indicated vulnerable points that can commonly contribute to financial stability risks and discussed how FSOC may address the risks. The framework also established how the council determines whether a given nonbank should be under the Fed’s supervision and prudential standards (covered by InfoBytes here). In his speech, Hsu defines banking as “institutions that take deposits, make loans, and facilitate payments” and commerce as “everything else” including nonbank finance.
He added that the FSOC should use its macro-prudential tools to address risk and develop metrics and thresholds to identify when a payments or private equity firm may need an assessment of systemic risk. This “trip wire approach” would leverage the FSOC’s framework, moving a firm from the identification phase to the assessment phase of the FSOC’s analytic framework, and the assessment would inform if there was a need for FSOC response. Because of the rise in cash managed by nonbanks on behalf of consumers, Hsu said that could serve as a metric for the trip wire for payments-focused fintechs and other nonbank companies. “The standardization, scalars, and level at which an FSOC assessment would be triggered would be informed by public comment,” he added. Finally, Hsu highlighted how the trip wire approach offered a transparent and proactive method for identifying and addressing systemic risks before they escalate.
CFPB fines and shuts down debt collector for alleged FDCPA, FCRA violations
On December 15, the CFPB announced a consent order against a Pennsylvania-based nonbank medical debt collection company for alleged violations of the FCRA and FDCPA. According to the order, the company failed to (i) establish and implement reasonable written policies and procedures for ensuring the accuracy and integrity of information furnished to consumer reporting agencies; (ii) conduct reasonable investigations into direct and indirect consumer disputes about furnished information; (iii) report direct dispute investigation results to consumers; and (iv) indicate disputed items when furnishing information to reporting agencies. The company also allegedly lacked a reasonable basis for debt-related representations made to consumers and engaged in collection activities after receiving a written dispute within 30 days of the consumer’s receipt of a debt validation notice but before obtaining and mailing a verification of the debt.
The consent order permanently bans the company from involvement or aid in debt collection, purchasing or selling of any debts, or any consumer reporting activities. The company must also request credit reporting agencies to delete all collection accounts previously reported by the company. Additionally, the company is obligated to pay a $95,000 civil money penalty and must display on its website information that informs consumers about the option to file a complaint with the CFPB.
FSOC approves analytic framework for financial stability risks and guidance on nonbank financial company determinations
On November 3, the Financial Stability Oversight Council (FSOC) announced that it unanimously voted to issue the final versions of a new analytic framework regarding financial stability risks, in addition to updated interpretive guidance on the council’s nonbank designation guidance. The analytic framework indicates vulnerable points that commonly contribute to financial stability risks, and it explains how FSOC may address the risks, including interagency coordination, recommendations to regulators, or the designation of certain entities. The nonbank designation guidance establishes how the council determines whether a given nonbank should be under the Fed’s supervision and prudential standards under Section 113 of Dodd-Frank. In April, FSOC released the proposed analytic framework and the proposed nonbank designation guidance (as covered by InfoBytes here) and opened a comment period on the proposals.
FSOC adopted key changes in consideration of public comments on the proposed framework, including (i) clarifications to the interpretation of “threat to financial stability”; (ii) more examples of quantitative metrics considered in its analysis; (iii) expanded discussion of transmission channels; and (iv) additional emphasis on FSOC’s engagement with state and federal financial regulatory agencies regarding risk. Comments directed at the interpretive guidance were addressed, and some changes are reflected in the framework. Both CFPB Director Rohit Chopra and OCC Acting Comptroller Michael J. Hsu issued statements supporting the issuance of the interpretive guidance and the framework. Chopra commented that FSOC’s actions to evaluate whether any “shadow bank” meets the statutory threshold for enhanced oversight are essential in preventing potential threats to financial stability. Hsu also noted the significance of leveraging Dodd-Frank's tools for “monitoring and mitigating risks to U.S. financial stability.”
The analytic framework will be effective upon publication in the Federal Register, and the nonbank designations guidance will be effective 60 days after publication in the Federal Register.
SBA issues new SBLC licenses for the first time in 40 years
On November 1, the SBA announced that three new Small Business Lending Company (SBLC) licenses have been issued to lenders focused on underserved markets, which is notably the first expansion of the SBLC program in more than 40 years. An SBLC license permits lending institutions to leverage government guarantees during the process of approving small business loans, decreasing risk for the lender, and lowering costs for the borrower. Consequently, SBA noted, SBLCs can extend a greater number of loans to small businesses than would be feasible without government support. The announcement stated that SBA's current SBLCs surpass banks and credit unions in their ability to provide loans to minority-owned businesses.
In June, the SBA opened a window for new applications for lenders. In announcing the new licensees, SBA Administrator Isabel Guzman stated that “[w]ith the addition of three new Small Business License Companies, the SBA will be able to serve even more small business owners who need capital to start, operate, and grow their businesses.” The SBA highlighted that “[e]ach of the three new SBLC license holders will focus on historically underserved markets, including small businesses in Native, rural, and low-income communities.”
CFPB announces civil money penalty against nonbank, alleges EFTA and CFPA violations
On October 17, the CFPB announced an enforcement action against a nonbank international money transfer provider for alleged deceptive practices and illegal consumer waivers. According to the consent order, the company facilitated remittance transfers through its app that required consumers to sign a “remittance services agreement,” which included a clause protecting the company from liability for negligence over $1,000. The Bureau alleged that such waiver violated the Electronic Fund Transfer Act (EFTA) and its implementing Regulation E, including Subpart B, known as the Remittance Transfer Rule, by (i) requiring consumers sign an improper limited liability clause to waive their rights; (ii) failing to provide contact and cancellation information in disclosures, and other required terms; (iii) failing to provide a timely receipt when payment is made for a transfer; (iv) failing to develop and maintain required policies and procedures for error resolution; (v) failing to investigate and determine whether an error occurred, possibly preventing consumers from receiving refunds or other remedies they were entitled to; and (vi) failing to accurately disclose exchange rates and the date of fund availability. The CFPB further alleged that the company’s representations regarding the speed (“instantly” or “within seconds”) and cost (“with no fees”) of its remittance transfers to consumers were inaccurate and constituted violations of CFPA. The order requires the company to pay a $1.5 million civil money penalty and provide an additional $1.5 in consumer redress. The company must also take measures to ensure future compliance.
Treasury issues statement on U.S.-UK Financial Regulatory Working Group biannual meeting
On September 29, the Department of Treasury issued a statement on the U.S.-UK Financial Regulatory Working Group, comprised of officials from both countries, and its meeting to discuss key themes including: (i) economic stability; (ii) banking issues; (iii) non-bank sector developments; (iv) climate-related financial risks; (v) international engagement; and (vi) digital finance.
In their meeting, participants discussed international banking regulations, specifically Basel III, emphasizing the importance of consistent global implementation. They also acknowledged ongoing work by the Financial Stability Board (FSB) and Basel Committee on Banking Supervision regarding lessons learned from events in March 2023, with a focus on bank resolution. In addition, the group deliberated on the urgency of strengthening resilience within the non-bank financial intermediation (NBFI) sector. Topics included national reforms related to money-market funds, forthcoming work by the FSB to address vulnerabilities linked to leverage in the NBFI sector, and the value of globally implementing reforms in this sector to maintain financial stability. Among other topics, the group also noted progress in climate-related financial risks and sustainable finance mandates.
The group emphasized the importance of international cooperation and agreed to meet again in 2024 to continue their dialogue. Established in 2018, this biannual dialogue aims to enhance financial stability, investor protection, market efficiency, and capital formation in both countries.
FDIC's chairman addresses CRA rulemaking, unbanked households, and nonbank payment services
On September 20, FDIC Chairman Martin J. Gruenberg delivered prepared remarks at the Exchequer Club, discussing the risks posed by nonbank financial institutions (nonbanks) to the U.S. financial system. He noted that nonbanks hold a significant share of the financial sector, with assets totaling around $20.5 trillion in 2021, emphasizing their importance alongside traditional banks. Gruenberg highlighted the financial stability concerns associated with nonbanks, especially their limited regulation and supervision compared to traditional banks. He further mentioned the interconnectedness between nonbanks and banks, and the potential for nonbanks to transmit risk during market shocks, which underscores the need for attention to these issues. Specifically, Gruenberg stated that the “information about the risks undertaken by a variety of nonbanks is severely lacking”, and transparency about these issues will ensure a safer financial system. Gruenberg also pointed out that nonbanks are becoming increasingly active in mortgage finance, business lending, and consumer financial services. He discussed some risks associated with hedge funds and leveraged investment vehicles generally, such as their reliance on short-term funding, and their potential to disrupt the stability of financial markets. Gruenberg concluded by advocating for a comprehensive strategy to address the financial stability risks posed by nonbanks, emphasizing the importance of transparency, oversight, and prudential requirements for nonbank financial institutions.
CFPB announces consent order against leasing company
On September 11, the CFPB issued a consent order against an Ohio-based nonbank consumer finance company (respondent), for deceptive practices related to consumer leasing agreements. The CFPB, along with 41 states and the District of Columbia, addressed respondent’s conduct in a parallel multi-state settlement. According to the consent order, respondent, operating through major retailers, allegedly concealed contract terms and costs from consumers, leading them to unknowingly enter into costly leasing agreements. The Bureau claims that deceptive practices left consumers unable to return products and burdened with unexpectedly high payments, violating the CFPA and Regulation M, implementing the Consumer Leasing Act.
The consent order states that respondent concealed lease agreement terms, often providing consumers with copies of the agreements after transactions or relying on verbal descriptions from store employees. Consumers were also allegedly trapped by unreasonable return practices, as respondent did not accept returns for many items, forcing consumers to pay excessively high prices. Additionally, the CFPB claimed respondent failed to provide legally required disclosures, leading to revenues of approximately $192 million from around 325,000 consumers.
As a result of the consent order, respondent is permanently prohibited from offering consumer leases and is required to close all outstanding consumer accounts. Consumers will be allowed to keep leased merchandise without further payment, amounting to approximately $33.6 million in released payments. Respondent must also pay a $2 million penalty, with $1 million going to the CFPB's victims’ relief fund and the remaining $1 million allocated to the participating states.
The CFPB's director, Rohit Chopra, emphasized the significance of the order, stating that it permanently bans respondent from engaging in such agreements. The alleged deceptive practices, which occurred from January 1, 2015 to the present, and allegedly affected over 1.8 million consumers who entered into financial agreements with the company covering a wide range of items, from auto parts to furniture and jewelry. Respondent neither admitted nor denied the CFPB’s claims.
CSBS announces Nonbank Model Data Security Law
The Conference of State Bank Supervisors (CSBS) recently released a comprehensive framework for safeguarding sensitive information held at nonbank financial institutions. CSBS’s Nonbank Model Data Security Law is largely based on the FTC’s updated Safeguards Rule, which added specific criteria for financial institutions and other entities, such as mortgage brokers, motor vehicle dealers, and payday lenders, to undertake when conducting risk assessments and implementing information security programs. (Covered by InfoBytes here.) Adopting the Nonbank Model Data Security Law allows for a streamlined and efficient approach to data security regulations for nonbank financial institutions, CSBS explained, adding that by leveraging the existing Safeguards Rule’s applicability to state covered nonbanks, the model law imposes minimal additional compliance burdens and ensures smoother implementation for financial institutions. States can also choose an alternative approach by requiring nonbank financial institutions to conform to the Safeguards Rule, CSBS said.
The Nonbank Model Data Security Law outlines numerous provisions, which are intended to protect customer information, mitigate cyber threats, and foster a secure financial ecosystem. These include standards for safeguarding customer information, required elements that must be included in a nonbank financial institution’s information security program, and an optional section that requires entities to notify the commissioner in the wake of a security event. CSBS noted that because “the proposed rule on notification requirements for the FTC Safeguards Rule is still pending, the model law allows each state to establish their own customer threshold number, providing flexibility in determining the extent of impact that triggers the notification obligation.” CSBS also provided a list of resources for adopting the Nonbank Model Data Security Law.