In an interesting coincidence, the comment period for the CFPB’s Request for Information (“RFI”) on mobile financial services closed the same day, September 10th, that Apple announced “Apple Pay”—a new mobile wallet included with the iPhone 6 that could shake up the mobile payments landscape.  The RFI, which we reported on earlier, speaks optimistically of potential cost savings for underbanked consumers while expressing concern about ensuring that consumers remain adequately protected.  Director Cordray repeated these twin messages in his prepared remarks to the Consumer Advisory Board on September 11th.  Director Cordray stated that “mobile devices . . . can make some transactions cheaper or faster or both.  But we need to make sure that the legal and regulatory framework can keep up effectively . . .”

The RFI and Director Cordray’s comments may be a trial balloon to test whether additional guidance, or even new regulation, is needed to specifically address mobile financial services.  Thus far, in addition to the RFI, the CFPB has only publicly addressed mobile financial services in the context of Project Catalyst and trial disclosures.

The American Bankers Association’s response to the RFI supported the goal of engaging the underbanked through the mobile channel, but questioned both whether mobile financial services will provide greater access to the underbanked and whether those services can be provided at a substantial discount.  The ABA pointed out that the top two reasons why people do not have bank accounts is that they “don’t have enough money” or “don’t need or want an account.”  The ABA also cited with approval the FDIC’s findings in an April 2014 whitepaper that providing access to mobile financial services alone may have limited success in getting the underbanked to use bank products.

On cost savings, the ABA stated that any savings to consumers from using mobile financial services would be “marginal.”  There are two reasons for this.  First, mobile banking, for example, is a channel that is an added service on top of all the other channels provided to consumers.  Second, there are unique compliance challenges with providing mobile financial services, which could cause banks to either not provide a product through a mobile channel or to charge more for the product.

We will be discussing these unique compliance challenges in greater detail in our webinar tomorrow.  Our webinar will also provide an overview of the mobile payments landscape, including a summary of the implications of Apple Pay.  The number of merchants, issuers, and consumers Apple will bring to the table through Apple Pay means that the new iPhone 6 has the potential to further accelerate the move toward mobile payments.  This in in turn could cause the CFPB and other regulators to move beyond RFIs and whitepapers in their efforts to ensure that consumers using mobile financial services are adequately protected.

The CFPB announced yesterday that it will hold a field hearing on mobile financial services on June 12, 2014 at 10 a.m. in New Orleans. The hearing will be held at The Old U.S. Mint, located at 400 Esplanade Ave., and feature remarks from Director Cordray and testimony from consumer groups, industry representatives, and members of the public. Field hearings are typically used by the CFPB to announce new initiatives and developments. The CFPB has not yet released the list of speakers for the event, but we speculate that the CFPB may be addressing issues related to disclosures on mobile devices, as well as privacy and data security concerns in the mobile environment.

The hearing will be open to the public but anyone wishing to attend must notify the CFPB at its RSVP website, cfpb.events@cfpb.gov. A livestream of the hearing will be available on the Bureau’s blog.

The CFPB has issued a proposed policy under which it would exempt individual companies, on a case-by-case basis, from current federal disclosure requirements to allow those companies to test trial disclosures.  The proposal, which is directed at “banks, thrifts, credit unions, and other financial services companies,” contemplates that participating companies would share test result data with the CFPB.  The CFPB believes the information generated by the trial programs “may then help the Bureau to establish more effective disclosure rules and practices.”  

The proposal is issued in reliance on the CFPB’s authority under Dodd-Frank Section 1032(e) to permit providers of consumer financial services and products “to conduct a trial program that is limited in time and scope, subject to specified standards and procedures, for the purpose of providing trial disclosures to consumers.”   To encourage participation in such programs, Section 1032(e) allows the CFPB to “establish a limited period during which a trial disclosure program shall be deemed to be in compliance with, or exempted from, a requirement of a rule or an enumerated consumer law.” 

The proposed policy has four sections that address the: (1) requirements for a proposed trial disclosure program to be considered eligible for a temporary waiver from disclosure requirements, (2)  factors the CFPB may consider in deciding which programs to approve for a waiver, (3) CFPB’s procedures for approved programs, and (4) CFPB’s disclosure of information on trial programs. Comments on the proposal are due by February 15, 2013.  

In its announcement of the proposal, the CFPB stated that the proposal “builds on the Bureau’s streamlining initiative, which intends to update, modify, or eliminate outdated or unnecessary provisions in the Bureau’s inherited regulations.” To date, of the candidates for streamlining identified by the CFPB in its request last year for public comment on opportunities for streamlining, the only candidate on which the CFPB has acted is the Regulation Z credit card ability-to-pay rule.  The CFPB has proposed to amend that rule to permit issuers to consider income or assets to which an applicant who is 21 or older has a “reasonable expectation of access.”  (Another candidate was the ATM sticker requirement but Congress preempted the CFPB last week by passing  a bill that amends the Electronic Fund Transfer Act to eliminate the sticker requirement.)

According to the CFPB’s announcement, the proposal is also part of its “Project Catalyst” initiative.  The CFPB had described that initiative as “designed to encourage consumer-friendly innovation and entrepreneurship in markets for consumer financial products and services.”   We have previously shared our thoughts on that initiative, and suggested several things technology innovators should do before presenting their ideas to the CFPB.

I regularly work with technology innovators to help them get their ideas cleaned up for financial institutions and to give them a headstart in understanding the types of risk concerns and controls that financial institutions are going to have and want.  To technology innovators who may be intrigued by the CFPB’s request for dialogue, I wanted to provide my thoughts on some steps to take before charging through the Project Catalyst doors and throwing your ideas in front of the CFPB.

On the face of it, the CFPB has asked technology innovators to provide simple information – just tell them who you are and what your ideas are.  But, they immediately follow that request by pointing to the regulations the CFPB enforces and their supervision and examination manual.  What does that mean?

I think it means that when you present ideas to the CFPB, you should do the following:

1.         Be clear about the types of consumer financial products or services to which the innovation will apply.  In other words, if the innovation is something intended only to affect deposit products and not mortgages, then, you should say that.

2.         Understand, at least at a very basic level, what consumer disclosures may be required because the innovation will be used with a specific type of consumer product or service.  Mention those disclosures in your submission to the CFPB and, if applicable, provide information about how the consumer would receive those disclosures.

3.         Provide high-level information about fees that could be charged for the innovative product or service.

4.         In describing the idea, talk about how the innovative product or service would be combined with an existing consumer financial product or service, what data would be required for the innovation to work properly and how the consumer would know about and take advantage of the innovation.

5.         If the innovation requires incursions into the consumer’s privacy or requires consumer personally-identifiable information, talk about how the innovation addresses disclosure of the use of PII and how the PII will be securely protected.

6.         Finally, as with any presentation of new technology, I think it is also very useful to have a couple of use-case scenarios that illustrate the difference the technology innovation will make to the average consumer.

The CFPB publicly acknowledged yesterday their interest in innovation in consumer financial services by launching Project Catalyst, as already reported in this blog.  It is quite the departure from precedent for a banking regulator to actually express interest in being supportive of new technologies and how they could improve consumer financial services.  For practitioners like me, who work closely with financial institutions to help them implement new technologies in the consumer space, this is an exciting announcement, although tinged with concern about the CFPB’s good intentions potentially causing more delay in technologies actually getting to market.

As part of the CFPB’s Project Catalyst initiative – presumably the pet name of “Catalyst” implies that they hope to be a “catalyst for change” – the CFPB flings open its doors and asks innovators to come charging in with their fantastic financial technology innovations so that the CFPB can evaluate, examine and eventually, one supposes, opine.

I actually spoke with CFPB staff some months ago about the biggest hurdles that I see in financial services technology innovation.  I talked about how ESIGN and its uneven implementation through the consumer regulations is a big hurdle and, given the general regulatory environment, how important it is to take the time to understand the privacy implications of the technology before racing to the consumer market with it.  One question they asked me was whether I thought it made more sense for them to work with the financial institutions on the technological innovations they were looking to implement, or for the CFPB to focus on the technology providers themselves. 

My opinion?  I think that they use their resources most effectively by working with the financial institutions that have sifted through the various technologies themselves and chosen the most attractive, most viable, most effective technologies to invest time and money in.  There are lots of fantastic ideas out there – from what I see, the U.S. is still a hotbed of innovation – but, if there is no market for the technology, then spending precious resources on examining it is wasteful.

Mobile PhoneWe frequently hear that regulations take a long time to catch up with the technology.  On June 29, the House Subcommittee on Financial Institutions and Consumer Credit held a hearing to determine whether regulations need to catch up to cover consumer payments made using mobile devices. According to written testimony submitted by the CFPB’s Marla Blow, Assistant Director for Card and Payment Markets, the answer seems to be “yes.”  In her Statement for the Record, Ms. Blow states that regulations addressing disclosures on mobile phones may be necessary and that it may also be appropriate to issue regulations applicable to mobile wallet operators.  Given the CFPB’s enhanced authority to regulate unfair, deceptive, or abusive acts and practices as well as its authority to enforce other financial consumer protection laws, the CFPB may be well suited to write such regulations.

In contrast, the witnesses at the hearing, FinCEN Director Jim Freis and Federal Reserve Board Associate General Counsel Stephanie Martin seemed to indicate that regulatory changes to address mobile payments may not be necessary, at least not yet.  Accordingly, Mr. Freis and Ms. Martin expressed a “wait-and-see” approach.  Although they believe that existing regulations are broad and flexible enough to cover most of the current transactions and participants in mobile payments, they were careful to highlight that the field is still immature and evolving.

The Subcommittee members were focused on whether mobile payments presented new risks to consumers.  Mr. Freis and Ms. Martin were specifically asked what consumers should do if they dispute a transaction following a mobile payment, if they lose the phone they use for mobile payments, and if they are charged additional fees on their wireless bills.  Ms. Martin delicately and correctly responded that each of these situations is well covered by existing, technology-neutral laws and regulations.  For example, Regulation E governs a disputed credit card transaction regardless of whether the transaction was initiated with a plastic card or a virtual card stored in a mobile wallet. 

Ms. Martin did indicate that more regulation may be necessary in the mobile payments space where nonbanks, who might not be subject to existing financial regulations, are participants in the mobile payment transaction.  Applying financial regulations to nonbanks can be a complex exercise, but regulators have addressed similar concerns by writing such regulations as the Safeguards Rule (administered by the FTC), which protects financial data, regardless of who is holding the data, and the Prepaid Access Rule (administered by FinCEN), which applies broadly to nonbanks engaged in prepaid card programs. 

And the big question: Who should be the primary regulator for mobile payments?  Given that mobile payments cover a range of transaction types and participants, the Fed’s Stephanie Martin understandably declined to identify just one regulator in her oral testimony.  Although she ackowledged that the CFPB would be responsible for interpreting and enforcing consumer financial laws and regulations, she stated that the mobile payments space is so broad that a range of regulators should continue to “consult and coordinate” as the field develops.