Politico has reported that in remarks made at a fintech policy event last week, Andrew Smith, the FTC’s Director of Consumer Protection, indicated that fintech companies will be a focus of the FTC’s enforcement activities.

According to Politico, Mr. Smith said that FTC was particularly interested in online lending, with an emphasis on small-business lending.  Mr. Smith is also reported to have identified lead generation in the context of online lending as a key area of interest for the FTC.

In a press release, the organizers of Varo Bank, N.A. announced they have been granted preliminary approval by the OCC of their application to form a de novo national bank, which they claim “put[s] Varo on track to become the first all-mobile national bank in the history of the United States.”

In July 2018, the OCC announced that it would begin accepting applications for special purpose national bank (SPNB) charters from financial technology (fintech) companies.  Rather than a SPNB charter, Varo is seeking a full-service national bank charter from the OCC.  A SPNB charter provides an option for a fintech company for whom, because of its own non-financial activities or those of an affiliate, the Bank Holding Company Act would be an obstacle to obtaining a full-service national bank charter.  Obtaining a full-service national bank charter, however, is the preferred option for a fintech company that can do so consistent with the BHCA.  Many years ago, two of my Ballard partners successfully converted a consumer finance company to a full-service national bank.

Federal court lawsuits challenging the OCC’s authority to issue SPNB charters were filed in 2017 by the Conference of State Bank Supervisors and the New York Department of Financial Services.  Both lawsuits were dismissed for failure to establish an injury in fact necessary for Article III standing and lack of ripeness for judicial review.  While such challenges may be renewed now that the OCC has announced that it will begin accepting SPNB charter applications, there would not appear to be any basis for a similar challenge to the issuance of a full-service national bank charter to Varo assuming it satisfies the standard conditions for obtaining such a charter.

I am pleased to announce that Chris Ford, an attorney who has led some of the country’s largest and most innovative Fintech and payment systems transactions, has joined Ballard Spahr as a partner in the firm’s Consumer Financial Services Group.  He will be based in the firm’s Washington, D.C. office.

Chris advises clients on large-scale commercial transactions, particularly those involving financial services, payments, technology, and outsourcing.  He also provides strategic counsel to clients on co-brand and private-label card transactions, card processing and network-related deals, merchant acquisition, and information technology and business process outsourcing.

Chris’ clients include Fortune 100 companies, merchants, and financial institutions.  His work includes representing one of the world’s largest financial institutions in its global, retail, commercial, and small business credit card processing agreements; assisting a global finance company in the issuance of a credit card in the United States; assisting one of the largest merchant-acquiring companies in a strategic partnership with a major credit card issuer; and advising a major grocery retailer in its merchant-acquiring and payment processing arrangements.

To learn more about our new colleague, read our firm’s announcement.

The U.S. Department of the Treasury’s recent report evaluating economic opportunities presented by nonbank financial institution and fintech company innovations includes a detailed account of current data aggregation activities in the financial services marketplace and provides policy recommendations that shed light on the federal government’s current views on data aggregation. (See our legal alert and blog posts (here and here) for a discussion of other portions of the Treasury’s report.)  In seeking to harness the potential benefits that can come from data aggregation, the Treasury report firmly supports the inclusion of these market participants.

Following are key takeaways from the Treasury’s report with respect to data aggregation practices and regulatory issues.

  • BCFP and private sector should develop consumer disclosure best practices. The Treasury suggests that the Bureau of Consumer Financial Protection (BCFP) should develop, either with the private sector or pursuant to its rulemaking authority, consumer-facing disclosures that are “plain language, readily accessible, readable through the preferred device used by consumers to access services… so that consumers can give informed and affirmative consent regarding to whom they are granting access, what data is being accessed and shared, and for what purpose,” and to opt-out of such sharing.
  • APIs provide advantages and should be supported. The report raises a number of issues with screen scraping while promoting the benefits of application programming interfaces (APIs) “that allow for the inclusion of robust security features, greater transparency and access controls for consumers, improved data accuracy, and more predictable and manageable information technology costs.”  Following is a graphic from the report identifying the similarities and differences between bilateral/partnered API and open API arrangements.  It highlights how APIs can remove the need for fintech apps (users of aggregated data) and data aggregators to access consumers’ bank account login credentials and, therefore, supports Treasury’s suggestion that the private sector and financial regulators should work to implement API solutions that “address data sharing, [data normalization,] security, and liability [and should support] efforts to mitigate implementation costs for community banks and smaller financial services companies with more limited resources to invest in technology.”

  • Clarifying applicability of third-party oversight guidance to data aggregators. The report states that there is some ambiguity regarding when third-party oversight guidance issued by federal banking regulators applies to data aggregator relationships, noting that data aggregators entering into “an API agreement with a bank [] may become subject to third-party guidance because of the contractual relationship, which can increase compliance costs.”  The Treasury suggests that federal banking regulators take action to resolve this ambiguity.
  • Third-party data aggregators should be treated as “consumers.”  Section 1033 of the Dodd-Frank Act provides “consumers” a right to access certain account information electronically upon request.  Treasury recommends that this section be interpreted so that “third parties properly authorized by consumers, including data aggregators and consumer fintech application providers, fall within the definition of ‘consumer’… for the purpose of obtaining access to financial account and transaction data.”
  • Data security addressed by GLBA Safeguards Rule. The report assumes that “data aggregators and consumer fintech application providers are subject to the Gramm-Leach-Bliley Act (GLBA)” and that “the Safeguards Rule appropriately addresses” data security concerns with data aggregation activities.  To the extent additional regulatory or legislative measures are considered to address data aggregation data security issues, the Treasury suggests that such activities occur at the federal level rather than the state level to ensure uniformity.
  • Other financial regulators should support data aggregation. The report suggests that regulators in addition to the BCFP should take steps to enhance data aggregation activities, including the Securities and Exchange Commission, the Financial Industry Regulatory Authority, Department of Labor, and state insurance regulators.

On September 20, 2018, from 12 p.m. to 1 p.m. ET, Ballard Spahr will conduct a webinar, “More Than Just Fintech: What Are the Important Takeaways for All Consumer Financial Services Providers from Treasury’s Sweeping Report?”  A link to register is available here.

 

 

 

A portion of the Treasury’s report entitled “A Financial System That Creates Economic Opportunities, Nonbank Financials, Fintech, and Innovation” focuses on the mortgage industry.  A detailed discussion of the Treasury’s mortgage-related findings and recommendations is available here.

We have previously blogged about the portion of the Treasury report that focuses on payments and have published a legal alert that discusses other portions of the report.

On September 20, 2018, from 12 p.m. to 1 p.m. ET, Ballard Spahr will conduct a webinar, “More Than Just Fintech: What Are the Important Takeaways for All Consumer Financial Services Providers from Treasury’s Sweeping Report?”  A link to register is available here.

 

Last week the CFPB announced an initiative to create a Global Financial Innovation Network (GFIN) with 11 other financial regulators and related organizations across the globe. The GFIN sprang from a previous proposition by the UK Financial Conduct Authority (FCA) to create a “global sandbox” for innovative financial services firms to be able to test new financial services and products such as artificial intelligence and blockchain based solutions in different financial markets. Feedback provided in response to that proposition indicated a need for more comprehensive collaboration among regulators to expand the innovation activities currently undertaken by financial services regulators around the world.

The GFIN, as described within the Consultation Document announcing its creation, is intended to serve three main functions:

  1. Facilitate information and knowledge sharing among financial services regulators on emerging innovation trends and best practices and to share appropriate regulatory contact information with financial services firms;
  2. Provide a forum for joint policy work and regulatory trials; and
  3. Develop a “global sandbox” for business to consumer (B2C) or business to business (B2B) firms to trial and scale new technologies in multiple jurisdictions.

In the press release announcing the initiative, CFPB Acting Director Mick Mulvaney stated that joining the GFIN “demonstrates the Bureau’s commitment to promoting innovation by coordinating with state, federal and international regulators. We look forward to working closely with other regulatory authorities—whether in the United States or abroad—to facilitate innovation and promote regulatory best practices in consumer financial services.”

The GFIN working group is encouraging responses and feedback from interested parties to 10 questions posed within the Consultation Document by October 14, 2018. Commenters can submit responses to the Bureau’s representative, Paul Watkins in the recently-established Bureau’s Office of Innovation. Responses and input are particularly sought from innovative financial services firms, technology companies and providers, accelerators, academia, consumer groups, financial services regulators, and other entities or individuals interested in helping to develop the GFIN. After October 14 the working group will review feedback and agree on next steps, including a timeline for when to launch the GFIN.

A portion of the Treasury’s report entitled “A Financial System That Creates Economic Opportunities, Nonbank Financials, Fintech, and Innovation,” focuses on payments.  (See our legal alert for a discussion of other portions of the Treasury’s report.)

Current payment methods.  The report notes four primary core payment systems: credit cards, debit cards, automated clearing house (ACH) transfers, and wire transfers.  Among the issues facing such systems is that their regulation is fragmented, with the first two systems subject to significant federal regulation, the ACH system heavily dependent on agreement, and wire transfers primarily subject to uniform state law.  The report, given its focus, ignores the check system, also regulated by uniform state law, and virtual currency payment methods that have yet to reach significant volume as a payment method.

Nonbank Funds Transfers.  The report focuses on nonbank methods of funds transfers between individuals.  It discusses money transmitters that, while subject to federal Bank Secrecy Act regulation, are primarily state-licensed and regulated by diverse state statutes and, for multi-state businesses, are subject to burdensome state licensing.  The report also discusses the Regulation E remittance provisions, P2P and non-P2P transfers, and so-called digital wallets.  The report’s discussion concludes with a review of (1) the effort to encourage faster payments including the Faster Payments Task Force, the Real-Time Payments System of The Clearing House, same day ACH efforts by NACHA and ACH operators, and the challenges these efforts face, and (2) the work of the Secure Payments Task Force.

Recommendations. The Treasury makes the following recommendations:

  • States should work to harmonize money transmitter requirements for licensing and supervisory examinations–a task that may require some federal incentives since the Uniform Money Services Act, requested by Congress that the Uniform Law Commission research and write, has only been enacted by 12 states to date;
  • The CFPB should provide more flexibility regarding the issue of remittance disclosures in Regulation E; and
  • The Federal Reserve should accelerate its efforts to facilitate a faster retail payments system.

Our observations.  While the Treasury’s report is a good start, it could have gone much further.  Noting the complexity in the U.S. payments system, the Treasury might have recommended that efforts be directed at reconciling the credit and debit card systems for similar issues.  For example, the Treasury could encourage the Uniform Law Commission to update Uniform Commercial Code (UCC) payment articles for electronic instruments.  Such a project is already under consideration by the UCC sponsors, the Uniform Law Commission, and the American Law Institute for notes which, when completed, would replace paper instruments as the only payment vehicles covered by the UCC.  Another recommendation could provide support for the Uniform Regulation of Virtual Currency Businesses Act, which supplies what the Treasury’s report characterizes as the need for “adequate prudential regulation and supervision” for that emerging payment method.

On September 20, 2018, from 12 p.m. to 1 p.m. ET, Ballard Spahr will conduct a webinar, “More Than Just Fintech: What Are the Important Takeaways for All Consumer Financial Services Providers from Treasury’s Sweeping Report?” A link to register is available here.

On August 3, 2018, Arizona began accepting applications for its regulatory sandbox that “enables a participant to obtain limited access to Arizona’s market to test innovative financial products or services without first obtaining full state licensure or other authorization that otherwise may be required.”  In March 2018, Arizona’s Governor signed into law legislation directing the state’s Attorney General to create the sandbox.  The Attorney General is also responsible for the application process and oversight of the sandbox.

To be considered for admission, applicants must complete the nine-page application and pay a $500 application fee.  Each application must be for an innovative financial product or service as defined by the enabling legislation.  For example, products or services regarding most types of credit extending services, such as peer-to-peer lending and online marketplace lending, and innovative products and services for money transmission and investment management would be eligible.  However, “securities trading, insurance products, or services that provide solely deposit-taking functions” are not eligible products.

Applicants must provide details regarding the innovative financial product or service, the testing plan, a “Consumer Protection Plan,” and exit plan.  For the Consumer Protection Plan, applicants must identify the targeted consumers; how the applicants plan to market to those consumers and disclose their participation in the sandbox; the key risks to consumers; the plan to address the risks; and how the applicants will monitor and assess the testing of the product or service to protect consumers in the event the test fails.

The Attorney General has indicated that he will take a holistic approach to determine the applicant’s ability to conduct a test that does not place undue risk on consumers.  The Attorney General may consider factors such as “capitalization; insurance or bonds and their terms; compliance or legal support; accounting practices; cash on hand; and the number and expertise of active advisors and key personnel.”  A weakness in any one area will not necessarily prevent an applicant’s admission into the sandbox.  Applicants will be notified of a decision within 90 days of submitting the application and payment.

The CFPB recently named the sandbox’s architect and former head of fintech initiatives at the Arizona Attorney General’s office, Paul Watkins, as Director of the Bureau’s Office of Innovation.  See our blog about Mr. Watkins.  In June 2018, Ballard Spahr attorneys held a webinar, “The Regulatory Sandbox – What it Means for Fintech Companies,” in which the topics included a discussion of the concept of a regulatory sandbox, the benefits and risks associated with using one, and what a possible sandbox created by the CFPB might look like.  Mr. Watkins was one of the webinar speakers and discussed the Arizona initiative.  We have also previously blogged about Arizona’s regulatory sandbox.

Yesterday, the three bills described below were passed by the House Financial Services Committee.  The first two bills were passed by unanimous votes and the third bill was passed by a vote of 34-22.

  • The “Bank Service Company Examination Coordination Act of 2017,” (H.R. 3626), which amends the Bank Service Company Act (BSCA) to enhance the ability of state and federal regulators to coordinate examinations and share information about third-party service providers to banks.  The BSCA authorizes a federal banking agency to supervise and regulate the activities of a bank service company with a “principal investor” supervised by the agency and, where a federal banking agency supervises a bank service company’s “principal shareholder or principal member, to authorize any other federal banking agency that supervises any other shareholder or member of the bank service company to examine the bank service company.  In addition, the BSCA authorizes a federal banking agency to supervise and regulate the activities of third-party service providers to a bank it supervises and to initiate enforcement actions against both the bank and its service provider for violations of law, including violations of Section 5 of the FTC Act which prohibits unfair or deceptive acts or practices.  The bill would amend the BSCA to:
    • authorize a state banking agency with supervisory authority over a bank service company’s principal investor to supervise and regulate the activities of the bank service company to the same extent as it can supervise and regulate the principal investor
    • authorize a federal banking agency with supervisory authority over a bank service company’s principal shareholder or principal member to authorize a state banking agency that supervises any other shareholder or member of the service company to examine the bank service company
    • when a state bank is a shareholder or member of a bank service company, require the federal banking agency authorized by the BSCA to supervise the bank service company to “provide reasonable and timely notice to, and consult with” the state banking agency with supervisory authority over the state bank and “to the fullest extent possible, coordinate and avoid duplication of examination activities, reporting requirements, and requests for information”
    • authorize a state banking agency with supervisory authority over a bank to supervise and regulate the activities of third-party service providers to the bank to the same extent as if such activities were performed by the bank itself
    • allow information obtained “pursuant to the regulation and supervision of service providers under [the BSCA] or applicable State law [to] be furnished by and accessible to Federal and State agencies to the same extent that supervisory information concerning depository institutions is authorized to be furnished to and required to be accessible by Federal and State agencies under [the FDIC Act] or State law, as applicable.”
  • The “Financial Technology Protection Act,” (H.R. 5036), would create an “Independent Financial Technology Task Force” to “conduct independent research on terrorist and illicit use of new financial technologies, including digital currencies” and “develop legislative and regulatory proposals to improve counter-terrorist and counter-illicit financing activities.”  The bill designates the Secretary of the Treasury as the head of the task force.  In addition to the Attorney General and other government officials, the members of the task force include “6 individuals appointed by the Secretary of the Treasury to represent the private sector (including the banking industry, nonprofit groups, and think tanks), with at least 1 of such individuals having experience in the Fintech industry.”  The bill would also establish a “FinTech Leadership in Innovation Program” to be funded through fines paid by individuals convicted of having been involved with “terrorist use of digital currencies.”  The bill would authorize the Secretary of the Treasury to make grants “for the development of tools and programs to detect terrorist and illicit use of digital currencies.”
  • The “Mortgage Fairness Act of 2017” (H.R. 2570), would amend the Truth in Lending Act to provide that the direct or indirect compensation paid by a consumer or creditor to a mortgage originator that is part of “points and fees” does not include “compensation taken into account in setting the interest rate and for which there is no separate charge to the consumer.”  It appears that the bill is intended to address situations in which a creditor charges a premium interest rate that the creditor will use to pay compensation to the mortgage originator.

Paul Watkins, who formerly was in charge of  fintech initiatives in the Arizona Attorney General’s office, has been named by Acting Director Mulvaney to serve as Director of the Bureau’s Office of Innovation.

The Bureau’s press release indicates that the recently-created Office of Innovation will “focus on creating policies to facilitate innovation, engaging with entrepreneurs and regulators, and reviewing outdated or unnecessary regulations” and identifies the encouragement of “consumer-friendly innovation” as “a key priority for the Bureau.”  The new Office will take over the work that was being done under Project Catalyst, the initiative launched by the CFPB in 2012 for facilitating innovation in consumer financial products and services.

Earlier this year, the State of Arizona created the first “regulatory sandbox” in the United States which allows new financial technologies and products to be tested in a controlled environment with reduced regulatory risk.  Last month, Ballard Spahr attorneys held a webinar, “The Regulatory Sandbox – What it Means for Fintech Companies,” in which the topics included a discussion of the concept of a regulatory sandbox, the benefits and risks associated with using one, and what a possible sandbox created by the CFPB might look like.  Mr. Watkins was one of the webinar speakers and discussed the Arizona initiative.

We applaud the Bureau for the selection of Mr. Watkins to serve in this important position.