The Consumer Financial Protection Bureau (CFPB) has issued its first No-Action Letter under the final policy on No-Action Letters that it released in early 2016. The No-Action Letter was requested by and issued to Upstart Network, Inc., an online marketplace lending platform. Under the No-Action Letter, the CFPB states that it “has no present intention” to recommend an enforcement or supervisory action against Upstart with regard to its compliance with the Equal Credit Opportunity Act (ECOA) and its implementing regulation, Regulation B. Like many marketplace and other new online lenders, Upstart uses alternative lending criteria in its underwriting process in order to expand access to credit for borrowers who might not otherwise qualify for loans or can only qualify for loans with higher interest rates.

On July 25, the US Securities and Exchange Commission (SEC) issued a Report of Investigation (Report), along with a companion investor bulletin, telling the world that if you use distributed ledger (blockchain) to raise capital, you must comply with federal securities laws. Is this a surprising development? We believe not.

The subject of the Report is The DAO and its related parties and founders. The DAO is an unincorporated organization styled as a “decentralized autonomous organization,” a form of virtual organization that conducts its commercial activities on a distributed ledger. The Report describes The DAO as a for-profit business that creates and holds assets through the sale of virtual DAO tokens (Tokens) to investors in exchange for virtual currency. These assets were to be used to fund a variety of “projects” generally entailing the automation—through a blockchain—of corporate governance and decision-making mechanisms, either within or outside of a traditional corporate structure.

The Office of the Comptroller of the Currency (OCC) has released FAQs to supplement its 2013 guidance on risk management of third-party relationships. The FAQs specifically address bank relationships with fintech companies and marketplace lenders, relationships that were not necessarily an OCC focus when the 2013 guidance was issued.

As with its 2013 guidance, the FAQs focus on managing risk through a bank’s adequate due diligence and ongoing monitoring of third-party service providers such as fintech companies, and places ultimate responsibility for risk management with the bank’s management and board of directors. The FAQs recognize that the levels of due diligence and ongoing monitoring may differ based on the risk and complexity presented by specific third-party relationships.

As we reported last fall, New York Department of Financial Services Superintendent Maria T. Vullo stated that she was “ardently opposed” to the Office of the Comptroller of the Currency’s (OCC’s) intention to process applications for a new financial technology (fintech) company charter. We now see just how much her counterparts in other states share that view, as the state bank regulators recently came together under the Conference of State Bank Supervisors (CSBS) banner to ask the federal courts to stop the OCC’s fintech charter initiative.

In its complaint in Conference of State Bank Supervisors v. Office of the Comptroller of the Currency  filed on April 26 in the US District Court for the District of Columbia (Complaint), the CSBS has asked the court to declare that the OCC’s creation of the fintech charter is unlawful and that the OCC be enjoined from pursuing this initiative—saying, in substance, that the OCC doesn’t have the statutory authority to grant nontraditional bank charters of this nature.

After signaling earlier this year that it was considering delaying the effective date of the Prepaid Accounts under the Electronic Funds Transfer Act (Regulation E) and the Truth in Lending Act (Regulation Z) final rule (Prepaid Accounts Rule), the Consumer Financial Protection Bureau (CFPB) has officially delayed the effective date of the Prepaid Accounts Rule for six months to April 1, 2018. This delay comes as the CFPB has been facing significant pressure from industry, the US Congress, and consumer groups to delay or (in the case of consumer groups) retain the original effective date of the rule.

Notwithstanding objections from both parties of the US Congress and state banking regulators, the Office of the Comptroller of the Currency (OCC) is moving forward with its proposal to accept applications from financial technology companies for a special purpose national bank charter (FinTech Charter) and has issued draft guidelines (FinTech Charter Guide) for its evaluation of FinTech Charter applications.

We have previously discussed the OCC’s FinTech Charter proposal and its somewhat rocky path (read our previous posts on the topic here and here). The OCC is inviting comments on the draft through April 14, 2017, although we do not expect the final version of the guide to deviate significantly from the current draft.

The Office of the Comptroller of the Currency’s (OCC’s) recent announcement that it will receive and process applications for financial technology (fintech) charters is attracting negative attention from diverse sectors of the public arena.

On January 9, Senators Sherrod Brown (D-OH and the ranking member of the US Senate Committee on Banking, Housing, and Urban Affairs) and Jeff Merkley (D-OR) wrote to Comptroller of the Currency Thomas Curry questioning whether the OCC has the authority to grant charters to fintech firms. The senators’ letter notes, among other things, that the authority granted by Congress to the OCC to charter special-purpose national banks is very specific and that the OCC’s proposed activity may exceed what is allowed under the National Bank Act.

On December 2, the Office of the Comptroller of the Currency (OCC) announced that it would “move forward with considering applications from financial technology companies” to become special purpose national banks. Simultaneously with that announcement, the OCC released a paper (FinTech Paper) outlining preliminary parameters for granting special purpose national bank charters for FinTech companies (FinTech charters).

Although the announcement and release of the FinTech Paper are being positively received in the financial services marketplace, the final parameters of a FinTech charter are still being developed. The OCC is seeking public comments on its FinTech Paper to help develop detailed policies, procedures, and standards for accepting, reviewing, and approving FinTech charter applications. As such, FinTech companies and other interested parties have a unique opportunity to help shape the OCC’s review standards for FinTech charters.

As National Cybersecurity Awareness Month comes to a close, the federal financial regulators have been releasing guidance related to cybersecurity and financial technology (FinTech) issues faster than a teen can complain about slow Wi-Fi.

In the last 10 days, there have been a number of notable releases:

  • The Board of Governors of the Federal Reserve System (Federal Reserve Board), the Office of the Comptroller of the Currency (OCC), and the Federal Deposit Insurance Corporation (FDIC) released a joint advance notice of proposed rulemaking titled Enhanced Cyber Risk Management Standards that would apply to large supervised financial institutions and their service providers.
  • The Federal Reserve Board’s Secure Payments Task Force identified its key priorities for addressing secure payments: payment identity management, information sharing to mitigate payments risk and fraud, and data protection. The task force has invited industry feedback on these priorities through November 8.

On October 5, the Consumer Financial Protection Bureau (CFPB) released its final rule (Final Rule) extending an array of new substantive restrictions, upfront and ongoing disclosure obligations, and government reporting requirements on prepaid cards and a range of electronic non-bank accounts, commonly referred to as “digital wallets.”

The Final Rule makes a number of changes to both Regulation E (which implements the Electronic Funds Transfer Act) and the credit card rules that are part of Regulation Z (which implements the Truth in Lending Act). The Final Rule takes effect on October 1, 2017, with certain provisions phased in over time, and the reporting requirement for issuers is delayed until October 1, 2018.