On April 25, 2022, the Consumer Financial Protection Bureau (CFPB) announced plans to revive its powers to investigate “non-bank” financial companies that pose risks to consumers. Although the CFPB has held this authority since its inception in 2010, the agency has rarely invoked it, leaving it largely “dormant.” The CFPB announcement marks a possible reversal of this trend.
Supervision of “non-banks”
In addition to large deposit-taking institutions, the CFPB’s regulator also extends to certain “non-bank” — deposit-free financial institutions that do not have a banking charter. Many “fintechs” are non-banks. Generally, fintechs use technology to provide consumer financial products and services nationwide.
Three categories of non-banks currently fall under the CFPB’s non-bank supervision program:
Firstall non-banks that issue mortgages, personal student loans, and payday loans, regardless of size;1
secondNon-banks in certain other markets – such as B. Consumer Reporting, Collections, Student Loan Administration, International Wire Transfers and Auto Loan Administration – if they qualify as a “Major Entrant” as determined by the thresholds set in the CFPB Rules;2 and
third party, non-banks operating in an industry or market when the CFPB has reasonable grounds to determine that their activities pose risks to consumers. Actionable risks include any unfair, deceptive, or abusive act or practice, or any other act or practice that may violate the Federal Consumer Finance Act.3
It is the third category where CFPB oversight is largely dormant. The CFPB noted that while a 2013 rule of procedure sets out procedures for the CFPB to determine whether a non-bank’s conduct poses a risk to consumers, the CFPB has not applied that rule and “has now begun to rely on that authority.” to appoint”. CFPB Director Rohit Chopra noted that “the CFPB now uses dormant authority to hold non-banks to the same standards that banks are held to,” which will give the CFPB “a crucial agility to move as quickly as the market does.” allows [the CFPB] conduct audits of financial entities that pose risks to consumers and stop harm before it spreads.” Director Chopra’s words thus signal the CFPB’s intention to use the full power of its regulators to investigate non-bank providers of financial products and services for Regulate consumers – including businesses that would not qualify for oversight under the CFPB “major participant” rule.
Increased transparency about risk assessments
With its new reliance on the power to regulate risk posed by non-banks, the CFPB has issued a new code of practice to shed light on the process it uses to determine risk.
The CFPB uses various sources to identify risks, including CFPB complaints, whistleblower complaints, court and administrative decisions, information from state or federal partners, and news reports. If the CFPB may determine that its activities pose risks to consumers, non-banks will receive notification and an opportunity to respond.4 Existing CFPB rules consider all documents, records and communications related to these risk assessment processes to be “confidential” and protect them from disclosure.
The CFPB’s new procedural rule creates an exception to the confidentiality rule for a final “decision or order” of the director determining that the respondent is subject to the CFPB regulator because of the risks its conduct poses to consumers.5 Within seven days of service of the director’s decision or order, the respondent may file a request for confidentiality. The Director then decides whether the decision or order will be considered confidential or published in whole or in part on the CFPB’s website. The proposed rule states that this exception is based on “a public interest in transparency in relation to these potentially significant decisions by the director as head of the agency”. The rule also opens the door for decisions or orders to be used as “precedents in future proceedings”.
The CFPB noted that its new rule of procedure is exempt from the notification and comment requirements of the Administrative Procedures Act because it is “a rule of the organization, procedure or practice of an agency”. Nonetheless, the CFPB welcomes public comments and may change the Rule of Procedure based on comments. Comments are due by May 31, 2022.
* * *
The CFPB’s move comes amid mounting pressure from some lawmakers in Congress, who have called for tighter regulation of fintechs and other emerging banking alternatives. Director Chopra has previously raised concerns about the risks consumers would take to less regulated non-banks for an ever-expanding array of financial services. Just last October, the CFPB ordered it to collect information about the business practices of major tech companies that operate payment systems in the United States – including Apple, Facebook and Google, for example. This was followed last December by an investigation into companies offering increasingly popular buy now, pay later (BNPL) credit – Affirm, Afterpay, Klarna, PayPal and Zip.
It’s too early to tell if the CFPB’s announcement signals the start of an era of increased scrutiny for non-banks, or if it was a token gesture to assuage concerns from fintech critics. These critics include traditional banks, along with some in Congress, who have accused fintechs of playing on an unequal basis given their less stringent regulatory environment.
The new CFPB transparency rule, at least in its current form, leaves significant open questions as to its application. The proposed rule does not codify a standard governing the director’s decision as to when a decision or order should be made public, although the CFPB “welcomes” comments on whether such a standard would be appropriate in the final rule. Nor does the rule address how quickly a decision or order is published after the director has determined that publication is appropriate. There is also no administrative mechanism to appeal the Director’s decision. This means that a non-bank wishing to challenge the agency’s assertion of supervisory powers under the rule must seek other remedies, including possible judicial review under the Administrative Procedures Act.
1 12 USC § 5514(a)(1)(A), (D) and (E).
2 ID. § 5514(a)(1)(B) (for “a major participant in a market for other consumer financial products or services, as defined in the CFPB Rules). See 12 CFR Part 1090 (contains the CFPB rules that define major participants in certain consumer financial products and services markets).
3 ID. Section 5514(a)(1)(C).
4 ID. Section 5514(a)(1)(C).
5 See 12 CFR §§ 1091.103(b)(2), .109(a) and .113(e).
© Copyright 2022 Cadwalader, Wickersham & Taft LLPNational Law Review, Volume XII, Number 124