As part of its semi-annual address to Congress, the Consumer Financial Protection Bureau (CFPB) issued a statement, on April 25, 2022, announcing it will begin utilizing a previously dormant authority allowing the Bureau to conduct supervisory examinations of nonbank entities offering traditional bank products and services to consumers. It also issued a procedural rule to increase the transparency of the risk-determination process.
As reported in banking news articles in our Resource Center, the Bureau has been increasing its review of fintechs and Buy Now, Pay Later service companies. In an effort to provide relevant and robust resources, Naehas is continuing to monitor statements from CFPB, as well as the financial service industry’s response to such actions.
We work collaboratively with banks, wealth management firms and financial technology and insurance firms to help them solve challenges brought about by the complexities of regulated industries. As such, we’re committed to providing information on technology and digital transformation trends which support the need of finserv entities to coordinate regulatory compliance, disclosure management and reviews of regulated content across multiple use cases. The fairly certain increase of regulations in the growing nonbank sector calls for greater understanding of current events, as well as awareness of the technology platforms which help companies comply with all related regulations. To that end, here is the latest on an important issue, which we hope adds value and clarity to an evolving, fast-changing and complex industry.
The CFPB statement, issued on April 25, 2022, as part of its semi-annual address to Congress, included the following:
The Consumer Financial Protection Bureau (CFPB) announced that it is invoking a largely unused legal provision to examine nonbank financial companies that pose risks to consumers. The CFPB believes that utilizing this dormant authority will help protect consumers and level the playing field between banks and nonbanks. The CFPB is also seeking public comments on a procedural rule to make this process more transparent.
“Given the rapid growth of consumer offerings by nonbanks, the CFPB is now utilizing a dormant authority to hold nonbanks to the same standards that banks are held to,” said CFPB Director Rohit Chopra. “This authority gives us critical agility to move as quickly as the market, allowing us to conduct examinations of financial companies posing risks to consumers and stop harm before it spreads.”
Under the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, the CFPB has authority to use traditional law enforcement to stop companies from engaging in conduct that pose risk to consumers; this can involve adversarial litigation. However, the law also gives the CFPB authority to conduct supervisory examinations to review the books and records of regulated entities. CFPB examiners typically provide a report to entities with problems that need to be addressed, and responsible institutions typically take prompt corrective action.
Nonbank Supervision: For decades before the Dodd-Frank Act, only banks and credit unions were subject to federal supervision. But after the 2008 financial crisis in which nonbank companies played a pivotal role, Congress tasked the CFPB with supervising certain nonbanks, in addition to large depository institutions with more than $10 billion in assets, and their service providers. Nonbanks do not have a bank, thrift, or credit union charter; many today operate nationally and brand themselves as “fintechs.”
Congress authorized several categories of entities subject to CFPB’s nonbank supervision program. First and foremost, all nonbank entities in the mortgage, private student loan, and payday loan industries, regardless of size. Another category of supervised entities includes what the law calls “larger participants” in other nonbank markets for consumer financial products and services. The CFPB conducted rulemakings to define thresholds for entities subject to supervision in the markets of consumer reporting, debt collection, student loan servicing, international remittances, and auto loan servicing.
The third category of entities subject to the CFPB nonbank supervision are nonbanks whose activities the CFPB has reasonable cause to determine pose risks to consumers. This authority is not specific to any particular consumer financial product or service. While the CFPB did implement the provision through a procedural rule in 2013, the agency has now begun to invoke this authority. This will allow the CFPB to be agile and supervise entities that may be fast-growing or are in markets outside the existing nonbank supervision program.
Such risky conduct may involve, for example, potentially unfair, deceptive, or abusive acts or practices, or other acts or practices that potentially violate federal consumer financial law. The CFPB may base such reasonable cause determinations on complaints collected by the CFPB, or on information from other sources, such as judicial opinions and administrative decisions. The CFPB may also learn of such risks through whistleblower complaints, state partners, federal partners, or news reports.
Transparency: The CFPB is also issuing a procedural rule today (April 25, 2022) to increase the transparency of the risk-determination process. Unlike other provisions of law regarding nonbank supervision, entities subject to supervision based on risk are given notice and an opportunity to respond. In order to provide greater guidance to the marketplace on how the CFPB will make determinations, the CFPB is updating an aspect of its procedures for risk determinations to authorize the release of certain information about any final determinations made. The company involved will have an opportunity to provide input to the CFPB on what information is released to the public.
Response to CFPB by CBA
The Commercial Bankers Association (CBA) issued a reply to the CFPB statement on nonbank supervision, which offered comment from CBA President and CEO Richard Hunt, shared in part here:
“As the rise in banking activity outside our nation’s well-regulated and well-supervised banking system accelerates, so too does the risk to consumers who do not receive the same level of protection from non-banks as they do from traditional banks. As a leading advocate for a level playing field, CBA commends efforts by the CFPB to ensure the same level of consumer protections, regardless of where they bank or which tools they use to meet their financial needs.
“As regulators look to mitigate the growing risk of consumer harm in the under-regulated and quickly growing non-bank marketplace, CBA will continue to urge the Bureau to issue a larger participant rule to ensure the highest level of consumer protections are upheld. The banking industry is rapidly evolving. It’s well past time for our rules and regulations to follow suit.”
Despite competing for the same customers, fintechs are not required to abide by the same federal oversight as traditional banks. Senate Banking Committee Chair Sherrod Brown (D-OH) warned fintechs offering traditional bank products and services through online platforms may put consumers at risk. Brown said:“Fintech companies that want to act like banks – but without the consumer protections and safeguards that actual banks must adhere to – put people’s hard earned money at risk. Consumers shouldn’t be getting locked out of their accounts, leaving them with no way to access their money to buy groceries, pay their bills, or make rent.”
Clearly, the laser focus on nonbank entities and the move by government regulatory bodies to develop regulations for consumer protections is not going to dim anytime soon. For all companies involved in financial services, the reality of regulations and the complexities of compliance and disclosures call for a stronger understanding of technology that answers these challenges. From intelligent reviews of regulated content to disclosure management, the emphasis on hyper personalization and omnichannel marketing, and the need for increased auditability, the demands on marketing, compliance and risk management teams are greater than ever. Keeping attuned to regulations and the technology that solves for them is key.