Payment apps and the legal and regulatory issues they present were front and center at a November 5 meeting of state attorneys general consumer protection leaders.

Attorneys general recognize the value of these apps and noted those available through traditional banking services. Moreover, there is a general recognition that the unbanked and underbanked require digital access in order to perform routine consumer functions and that payment apps can provide this service.

The Consumer Financial Protection Bureau (CFPB, the Bureau) today issued a Notice of Proposed Rulemaking (the Proposal) to establish implementing regulations for the Fair Debt Collection Practices Act (FDCPA). Although it has been more than 40 years since President Jimmy Carter signed the FDCPA into law, if implemented, these would be the first authoritative regulations to clarify key aspects of what is permissible under the federal debt collection laws.

The Consumer Financial Protection Bureau (CFPB) recently advised that it has significantly changed its Civil Investigative Demand (CID) process to increase transparency and to better permit targets and subjects to understand the nature of an investigation. The changes will bring the CFPB into compliance with opinions rendered by two Federal Circuit courts as well as policy changes implemented by the Federal Trade Commission (FTC). The change may well have some persuasive impact on other enforcement agencies, such as state attorneys general, who enforce many of the same laws as the CFPB and generally have CID authority as well.

Kathleen Kraninger, only the second Senate-confirmed director of the Consumer Financial Protection Bureau (CFPB) in its almost eight-year existence, recently gave her first public remarks. The priorities Director Kraninger laid out will materially impact the CFPB’s direction and mission until the end of her term in December 2023. Director Kraninger, appointed by President Donald Trump, succeeds the first CFPB director, Richard Cordray, who was appointed by President Barack Obama.

We write frequently about the SEC’s and the CFTC’s focus on cryptocurrencies, but potential issuers should also be alert to other oversight, including possible enforcement actions, from other regulators as well. Indeed, state Attorneys General are playing a greater role in evaluating whether the mining and use of cryptocurrencies works to the disadvantage of consumers and small businesses. These state enforcement and regulatory officials are becoming ever more powerful. Furthermore, some of them may seek to expand the scope of their authority by pushing the “round peg” of “virtual” financial technology offerings into the “square hole” of outdated “physical only” state statutes and rules.

Meetings of the Conference of Western Attorneys General (CWAG) in New Mexico last week and of the Republican Attorneys General Association (RAGA) (Rule of Law Defense Fund) in California this week included panel discussions of cryptocurrency issues that are now before the Attorneys General and senior staff. Accordingly, fintech companies that intermediate cryptocurrencies should be aware of the increased risk in conducting these activities in particular states.

Arizona has become the first state in the United States to enact a law to create a “Fintech Sandbox” – a safe zone for fintech startups to test new applications and financial services otherwise subject to state money transmitter, banking, and similar licensing requirements without having to obtain a state license. Although other countries, such as the United Kingdom, Singapore, and Australia, have created similar fintech sandboxes, similar legislation or regulations thus far have not been adopted in the United States at the federal or state level.

The Fintech Sandbox idea was promoted by the Arizona attorney general and will be administered by the Arizona Office of the Attorney General (AZ OAG). However, the Fintech Sandbox does not mean that fintech companies will be unregulated in Arizona. There will be a substantive application and oversight process.

At a recent meeting of state attorneys general, Consumer Financial Protection Bureau (CFPB) Acting Director Mick Mulvaney reiterated his message, previously reported here that his bureau will no longer “push the envelope” on enforcement matters.

At the conclusion of his remarks, Pennsylvania Attorney General Josh Shapiro (D) asked Mulvaney whether this change in enforcement philosophy means that the CFPB will interfere in or otherwise impede the use of state attorney general authority to enforce certain Dodd-Frank provisions, specifically those penalizing conduct which is “unfair, deceptive, or abusive” (UDAAP) in federal court. Mulvaney responded unequivocally that it would not.

On August 17, 2017, the Consumer Financial Protection Bureau (CFPB) and 12 state attorneys general (the Government) filed proposed settlements with Aequitas Capital Management, a now-defunct private equity firm, in connection with loans that Aequitas funded for students of another bankrupt entity, Corinthian Colleges, Inc. The settlements follow the Government’s allegations that Aequitas engaged in “unfair, deceptive, or abusive acts or practices” (UDAAP) under Dodd-Frank and under similar state statutes targeting “unfair and deceptive acts and practices” (UDAP). Corinthian, formerly one of the largest for-profit colleges in the country, suffered a total collapse in 2015 following enforcement actions by both the US Department of Education (ED), for alleged violations of its rules, and the US Securities and Exchange Commission (SEC), for alleged securities fraud. Aequitas itself is currently in receivership following SEC allegations of securities fraud and of Aequitas operating in a “Ponzi-like fashion.”

In a concise panel ruling (CFPB vs. Accrediting Council for Independent Colleges and Schools) that no doubt stings for the Consumer Financial Protection Bureau (CFPB), the US Court of Appeals for the DC Circuit has held that the CFPB failed to provide adequate notice of the purpose of a civil investigative demand (CID) it issued to an accrediting group for for-profit colleges, and has accordingly declined to enforce the CID.

The unanimous decision of the DC Circuit panel comes just a day shy of a year after a district court found that the CID was a “bridge too far.” As we reported at the time, that court also declined to enforce the CID.

In a rare judicial rebuke of the Consumer Financial Protection Bureau’s (CFPB’s) oft-criticized efforts to seek penalties despite no damages for allegedly “unfair, deceptive, or abusive acts or practices” (UDAAP) conduct, the US District Court for the District of North Dakota in CFPB v. Intercept Corporation has dismissed without prejudice a complaint (Complaint) filed by the CFPB against Intercept (a third-party payment processor for payday and title lenders and debt collectors) and two of its officers for failure to state a plausible claim under Fed. R. Civ. P. 12(b)(6).

District Court Decision

The district court held that the CFPB failed to allege any facts suggesting that consumers were injured or likely to be injured by Intercept, or that any potential injury was not counterbalanced by benefits to the consumers in the matter. Accordingly, there was a failure of the most basic form of notice pleading, and the Complaint was dismissed.
While the CFPB may refile its Complaint, one may presume that a sophisticated federal agency like the CFPB is aware of its Rule 12 notice obligations and did what it could to file an actionable complaint in the first place.