Fintech Law TL;DR (July 21)

Regulatory Scrutiny - Payactiv Termination - Fraud Measures

Jul 21, 2022

Hi all 👋

Hope everyone had a good July 4th. This edition is coming out a bit later and less in depth than I normally like, but I was OOO for a week and busy getting engaged 🎉.

Since we last talked:

We released two new Fintech Layer Cake podcast episodes:
- Crypto infrastructure with Sara Xi, Chief Product Officer at Prime Trust
- A primer on Fintech State Regulators
I was quoted in an American Banker piece on the current administration’s approach to crypto.
My Lithic colleagues have been on a tear, writing great guides to payment card fraud, digital wallets and tokenized cards, and many others.

If your email clips this, click here to read it in browser.

For the past several weeks, word has spread that some fintechs have come under increased regulatory scrutiny. I won’t call out specifics (see Fintech Business Weekly if you want more), but the gist is a few bank partners are making fintechs (particularly BaaS fintechs) slow down or stop onboarding new customers, or even terminating partnerships altogether. And this seems to stem, in part, from regulators’ scrutiny of partner banks and how their fintech partnerships are managed.

It could be a sign of some banks getting caught understaffed. The OCC recently released its latest semiannual report on federal banking system risks, and they specifically called out compliance staffing as a risk. Apparently, banks are having a hard time hiring and retaining good compliance folks. And that makes managing fintech partnerships hard.

Similar to the stock market’s ups and downs, you can think of regulatory scrutiny as having periods of loosening and tightening. This recent news is just more evidence we’re in a regulatory tightening phase in a way that affects fintech startup operations (see also how, back in May, it started getting harder for credit fintechs to find bank sponsors).

Legal and compliance are a core part of fintech operations. Responsible BaaS providers and other fintechs should be fine. They’ve thought about right-sizing their compliance functions (check out our podcast episode on the topic!) and choosing bank partners wisely. This period of tightening will cull fintech startups.

EWA Approval Not So Active Anymore

Payactiv offers an earned wage access (EWA) product and back in December 2020 the CFPB issued a sandbox approval for the product. That order confirmed Payactiv’s EWA product didn’t count as “credit” under the Truth in Lending Act and Reg Z, the main federal rules that regulate credit. Payactiv’s model generally involves contracting with employers (i.e., not direct-to-employee) and recouping the advanced funds directly from an employer via a payroll deduction.

Welp, this month the CFPB announced it terminated the 2020 approval. According to the Bureau’s news release, the CFPB told Payactiv it was considering terminating the approval order “in light of certain public statements the company made wrongly suggesting a CFPB endorsement of its product.” Whoops. Don’t do that.

A few weeks later, Payactiv told the CFPB it wanted to modify its fee model—but that would require modifying the order, which isn’t a speedy process. So Payactiv asked the Bureau to terminate the order so they could move faster (sounds similar to Upstart terminating its CFPB no action letter, which we talked about last time).

What’s it mean for EWA?

The release says the CFPB has gotten requests for clarifying guidance on EWA products and plans to issue further guidance “soon.” Depending on what comes out, this could make EWA providers’ lives more difficult. Realistically, though, I expect the Bureau might formalize the factors regulators and legislators use to evaluate whether EWA products are considered credit (e.g., the advances are non-recourse, and don't have mandatory fees).

Certainty (stemming from good guidance!) can help innovative products grow. That might just be what the CFPB is cookin’ up. If you want more on current EWA policy and guidance, check out this guest piece from Ben LaRocco, Head of Policy at Earnin, from back in April.

Barr Passed

Michael Barr was confirmed as Vice Chair for Supervision of the Federal Reserve with bipartisan support. In that role, he’ll help set the Fed’s regulatory and supervisory agenda.

But, uhh, what does that even mean?

The Vice Chair role makes policy recommendations for bank supervision and regulation. So fintechs that work with banks regulated by the Fed could be impacted by Barr.1

Some concrete examples of what Barr might influence:

What role the Fed should play in crypto markets
How hard bank mergers should be
What kind of scenarios banks must be stress tested on

He’ll also have a vote on interest rate movements. And what do we know about his views? He’s no stranger to fintech and the problems it can address. Barr previously advised LendingClub and Ripple. And he’s published academic work suggesting a central bank digital currency could boost financial inclusion.

But he’s also played a role in many pro-consumer initiatives. For example, he helped architect the Dodd-Frank Act and develop the CFPB. It seems like Barr will be the sort of policymaker who’ll be willing to listen to fintech advocates…but don’t expect him to acquiesce to them.

Fraud Measures in the Crosshairs

There’s been some fun recent news on how financial services companies handle fraud.

First, the CFPB and OCC fined Bank of America $225 million over issues the bank had disbursing state unemployment benefits. The problems seem to have come from a fraud detection program that allegedly threw false positives but didn’t provide sufficient resolution options.

Second, five federal financial regulators issued a joint statement reminding banks of the risk-based approach to assessing customer relationships and conducting KYC due diligence. The statement cautions against overly broad de-risking strategies, like denying or closing accounts on the basis of customer type (e.g., non-US individuals, nonprofits, cash intensive businesses). It might foreshadow increased scrutiny of KYC programs that set overly broad parameters.

These two are pretty interesting, right? They send the message that regulators might not be kind if they see your fraud and KYC tools are overly broad. This can be especially potent when you remember the CFPB has expanded its ability to go after discrimination. Overly broad KYC parameters or fraud flags can easily lead to unintentional discrimination. This is why there’s a great market opportunity for startups like FairPlayAI (who just raised $10M).

Lastly, the CFPB will release guidance soon that pushes banks to refund more Zelle fraud victims, per the WSJ. This follows the NYT’s March coverage of how banks are saying existing fraud protections don’t apply when a consumer initiates a transaction, even if they were duped by fraudsters.

Elsewhere:

We talked about the CFPB’s move to expand UDAAP to cover discrimination back in March. Now, trade groups are urging the Bureau to rescind it.
The Fed announced final plans to implement a new Fedwire message format.
Authentic Brands Group (ABG), the parent company of Forever21 (among others), settled its suit against Bolt and became a shareholder of the company. The suit had claimed Bolt hadn’t delivered on its tech promises. Insider previously suggested the ABG suit was an attempt to acquire shares in Bolt.
Freddie Mac announced it will consider on-time rent payments in mortgage purchase decisions, a move that will likely help underserved communities.
NY’s financial regulator issued new guidance to NY-regulated banks on prohibited unfair and deceptive overdraft and non-sufficient funds practices. The guidance is aimed at promoting financial inclusion by prohibiting certain fees (see footnote for detail ↗️2).
The CFPB created a new office devoted solely to responding to congressional inquiries, in expectation of a deluge of questions from Republican lawmakers, per American Banker.
The House Financial Services Committee released its report on the meme stock craze. One takeaway of note: Robinhood faced liquidity and other risk issues, contrary to public statements at the time.
The CFPB published its Spring ‘22 agenda, including Sections 1033 (open banking regs) and 1071 (small business lending data reporting).

The Federal Housing Financing Agency created an Office of Financial Technology, which will support the FHFA in addressing emerging risks and agency priorities related to fintechs operating in the area of housing finance.

Elsewhere (crypto):

The US Office of Government Ethics released an advisory opinion saying government employees that work on crypto policy can’t hold crypto, though they can hold mutual funds that are concentrated in crypto.
Celsius filed for bankruptcy. So did Voyager, which is also being investigated by the FDIC over claims it made that its customer accounts were FDIC-insured, per WSJ. By the end of these bankruptcy proceedings, we’ll get an answer to whether crypto held by an exchange is viewed as the exchange’s assets in bankruptcy.
Treasury asked for public comments on the opportunities and risks of crypto.
The SEC rejected Grayscale’s BTC spot ETF application and Grayscale promptly sued the agency, asking the US Court of Appeals to review the SEC’s order. Like prior rejections, the SEC’s decision was based on market manipulation concerns.
Treasury released a framework for how it will work with non-US regulators to address crypto.
A putative class action suit was filed against Solana based on claims key players illegally profited from the sale of SOL, which the suit alleges was an unregistered security.
Louisiana proposed administrative rules for its crypto business license.
The DOJ seized $500K of random payments and crypto from North Korean hackers, per CoinDesk.

Sui Generis (Fun Finds)

Matt @regulatorynerd

@AlexH_Johnson It’s only Bankruptcy if it comes from the Le Banc Ru P’tcy region of France. Everything else is just sparkling business reorganizations.

Eduardo 🇨🇺 @fintechgtm

I put together a reading list to help new hires get up to speed on Fintech and payments. Ton of great books & blogs in here from @sophgoldb, @siddiquiahmed, @ReggieCYoung, @lithic, @ModernTreasury, @unit_co_, and @treasuryprime. Hope you find it useful:

fintechgtm.substack.comU.S. Fintech & Payments Crash CourseIf you’re new to the world of fintech and payments, or you’re hiring people who are new to the industry, this post will help with onboarding.

Art collective MSCHF had a popup ice cream truck where you could eat the rich:

Hi. I’m Reggie. I’m a fintech product lawyer at Lithic

Reach out (email or Twitter) if you’re interested in any of the following:

Sponsoring the newsletter
Early stage fintech looking to raise
Collaborating
Just want to say hey!

If you want to use a card issuer that makes it simple for companies of all sizes to issue cards insanely fast, come talk to Lithic. We’re hiring if you want to come work with me!

Any views expressed are my own (well, sort of? I mean, they’re based on laws and regulations, so they’re not really “mine”?). Nothing here is legal or financial advice.

There’s a lot of nuance here…but, for example, the Fed supervises bank holding companies. State-chartered banks might also be overseen by the Fed.

NY-regulated banks will be prohibited from (1) charging fees when consumer had sufficient balance to cover a transaction at the time of authorization, (2) charging fees for transferring funds from other accounts to prevent overdrafts in an account, and (3) charging more than one NSF fee for the same declined transaction when a merchant makes multiple attempts to collect funds.

Fintech Law TL;DR