The US Court of Appeals for the Ninth Circuit on May 6 upheld the constitutionality of the structure of the Consumer Financial Protection Bureau (CFPB). In CFPB vs. Seila Law LLC, a panel of the court determined that the limitation on the president’s authority to remove the CFPB director, other than for cause, did not impede the president’s authority under the US Constitution’s Appointments Clause. Citing longstanding US Supreme Court precedent established in Humphrey’s Executor v. United States, 295 U.S. 602 (1935) (upholding President Franklin Roosevelt’s removal of an FTC Commissioner), and Morrison v. Olson¸487 U.S. 654 (1988) (upholding the Independent Counsel Act as then constituted), the Ninth Circuit panel concluded that the CFPB’s structure is constitutionally permissible.

The Consumer Financial Protection Bureau (CFPB) recently advised that it has significantly changed its Civil Investigative Demand (CID) process to increase transparency and to better permit targets and subjects to understand the nature of an investigation. The changes will bring the CFPB into compliance with opinions rendered by two Federal Circuit courts as well as policy changes implemented by the Federal Trade Commission (FTC). The change may well have some persuasive impact on other enforcement agencies, such as state attorneys general, who enforce many of the same laws as the CFPB and generally have CID authority as well.

The Federal Trade Commission (FTC) will hold public hearings on March 25-26 in Washington, DC, on “Competition and Consumer Protection in the 21st Century.” Titled, “The FTC’s Role in a Changing World,” the hearings pose downstream risk to the fintech community, especially to smaller enterprises that may lack the resources and knowledge to comply with any complex new regime.

A recent letter from a bipartisan group of 31 state attorneys general to the Federal Trade Commission (FTC) asks the agency to both continue and enhance its various identity theft rules. The group, led by attorneys general Ellen Rosenblum (D-OR) and Kevin Clarkson (R-AK), points to the challenges presented by emerging technologies being regulated by dated rules. While the concept of regulatory obsoleteness is not new, the speed at which new technologies now emerge means that rules can become dated quickly.

The Great Schism at the Consumer Financial Protection Bureau (CFPB) is over, at least for now, and White House Office of Management and Budget Director Mick Mulvaney is now firmly in control of the agency as its acting director, having been appointed pursuant to the president’s authority under the Federal Vacancies Reform Act. He has imposed a hiring and regulations freeze and said that while he does not intend to “burn the place down,” he intends to ensure that the CFPB operates under a budget and consistent with other executive branch agencies.

For the time being, we expect that this will mean new rules will be put on hold and be scrutinized further, particularly for the burden they impose on regulated businesses. We also expect a more measured approach in enforcement matters, and that the CFPB’s examination functions will be better coordinated with those of other federal banking agencies, further easing compliance costs and burdens for the CFPB-regulated firms.

Acting Federal Trade Commission (FTC) Chairman Maureen Ohlhausen has released a list of changes to how the agency’s Bureau of Consumer Protection (BCP) will issue civil investigative demands (CIDs)—the principal consumer protection investigative tool the agency wields. These changes result from Chairman Ohlhausen’s previously announced effort to reduce administrative burdens on legitimate businesses.

In a concise panel ruling (CFPB vs. Accrediting Council for Independent Colleges and Schools) that no doubt stings for the Consumer Financial Protection Bureau (CFPB), the US Court of Appeals for the DC Circuit has held that the CFPB failed to provide adequate notice of the purpose of a civil investigative demand (CID) it issued to an accrediting group for for-profit colleges, and has accordingly declined to enforce the CID.

The unanimous decision of the DC Circuit panel comes just a day shy of a year after a district court found that the CID was a “bridge too far.” As we reported at the time, that court also declined to enforce the CID.

In a rare judicial rebuke of the Consumer Financial Protection Bureau’s (CFPB’s) oft-criticized efforts to seek penalties despite no damages for allegedly “unfair, deceptive, or abusive acts or practices” (UDAAP) conduct, the US District Court for the District of North Dakota in CFPB v. Intercept Corporation has dismissed without prejudice a complaint (Complaint) filed by the CFPB against Intercept (a third-party payment processor for payday and title lenders and debt collectors) and two of its officers for failure to state a plausible claim under Fed. R. Civ. P. 12(b)(6).

District Court Decision

The district court held that the CFPB failed to allege any facts suggesting that consumers were injured or likely to be injured by Intercept, or that any potential injury was not counterbalanced by benefits to the consumers in the matter. Accordingly, there was a failure of the most basic form of notice pleading, and the Complaint was dismissed.
While the CFPB may refile its Complaint, one may presume that a sophisticated federal agency like the CFPB is aware of its Rule 12 notice obligations and did what it could to file an actionable complaint in the first place.

Pushing the limits of its already broad and undefined consumer protection authority, the Consumer Financial Protection Bureau (CFPB) issued a Consent Order stating that MasterCard and UniRush, a prepaid card issuer, have engaged in “unfair acts or practices” by failing to conduct adequate testing and preparation for the conversion of UniRush’s RushCard prepaid card onto the Mastercard Payment Transaction Services (MPTS) platform. The CFPB has required the two respondents to pay $10 million in consumer restitution and $3 million in civil penalties, and to create a plan to avoid such problems in the future.

According to the consent settlement reached by MasterCard and UniRush, when technical problems arose during the transfer of RushCard’s operating platform to the MPTS platform in October 2015, many consumers who rely on RushCard for services such as direct deposit of their payroll were unable to access funds in a timely manner. In announcing the action, CFPB Director Richard Cordray stated that this failed systems conversion falls under the CFPB’s authority to penalize unfair, deceptive, and abusive acts and practices (UDAAP) under operative provisions of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act). The CFPB press release announcing the action put the matter prosaically, saying, among other things, that the respondents “botched the processing of deposits and payments” during the conversion.