To help you keep abreast of relevant activities, below find a breakdown of some of the biggest events at the federal and state levels to impact the Consumer Finance Services industry this past week:

Federal Activities

State Activities

Federal Activities:

• On September 12, the deadline for comments on the proposed Motor Vehicle Dealers Trade Regulation Rule will expire. This new rule would allow the Federal Trade Commission to regulate dealers exempt from the Consumer Financial Protection Bureau’s (CFPB) jurisdiction under Section 1029(a) of the Dodd-Frank Act, and it would impose significant limits on how dealers advertise, impose up-front price disclosure requirements, require new paperwork for any optional “add-on” products, and prohibit a laundry list of specific kinds of sales process misrepresentations. For more information, click here.

• On August 25, the Office of Management and Budget director issued a memorandum to its agencies regarding medical debt that directs agencies with direct loan and loan guarantee programs that focus on consumer loans or small and medium businesses, where a consumer’s credit history is a factor, to take actions to reduce the impact of medical debt in the underwriting of federal credit programs whenever possible and consistent with the law. For more information, click here.

• On August 23, U.S. Congressman Tom Emmer of Minnesota wrote a letter to Treasury Secretary Janet Yellen, seeking clarity on the Office of Foreign Assets Control’s recent banning of crypto mixer Tornado Cash. For more information, click here.

• On August 22, the Bank Policy Institute, Consumer Bankers Association, and the American Bankers Association objected to the CFPB’s insinuation that big banks provide a sub-par customer experience and challenged the CFPB’s authority to regulate customer service. For more information, click here.

• On August 19, the Federal Deposit Insurance Corporation issued cease-and-desist letters to five cryptocurrency companies, demanding they refrain from making allegedly false and misleading statements about deposit insurance. For more information, click here.

• On August 18, the U.S. Court of Appeal for the First Circuit vacated and remanded a decision from a lower court, dismissing a suit against the Internal Revenue Service (IRS), which claimed that IRS violated the plaintiff’s constitutional rights when it procured records about the plaintiff’s financial holdings from third-party cryptocurrency platforms. For more, information, click here.

• On August 16, the Securities and Exchange Commission (SEC) charged John Joseph Roets and the three entities he controls — Dragonchain, Inc., Dragonchain Foundation, and The Dragon Company — for their roles in raising $16.5 million in unregistered crypto asset securities offerings. The complaint charges the defendants with violating Sections 5(a) and (c) of the Securities Act of 1933, and the SEC is seeking permanent injunctions, disgorgement with prejudgment interest, civil penalties, and conduct-based injunctions against each defendant. For more information, click here.

• On August 16, the Federal Reserve issued a letter to all banking organizations it supervises on the risks related to safety and soundness, consumer protection, and financial stability when engaging in crypto asset-related activities. For more information, click here.

• On August 11, the CFPB published a circular, answering the question “Can entities violate the prohibition on unfair acts or practices in the Consumer Financial Protection Act when they have insufficient data protection or information security?” with a resounding “yes.” Specifically, the CFPB pointed to three practices — inadequate authorization, poor password management, and lax software update policies — as examples of data security practices that would likely cause substantial unavoidable injury to consumers without a countervailing benefit and that could trigger liability for financial institutions and/or their service providers. For more information, click here.

State Activities:

• On August 24, California Attorney General Rob Bonta announced a settlement with a retailer alleged to have violated the California Consumer Privacy Act (CCPA) by failing to disclose its practice of selling their personal information to consumers. Additionally, the retailer allegedly failed to process consumers’ requests to opt out of having their personal information sold by the company. Enacted two years ago, the CCPA provides consumers with critical rights to combat commercial surveillance. In the wake of this settlement, Bonta warned noncompliant businesses that “[his] office is watching, and we will hold you accountable.” For more information, click here.

• On August 24, the Arizona Supreme Court validated petition signatures to sustain three ballot measures, despite violations by petition circulators. One measure, coined the Predatory Debt Collection Protection Act, would, if approved by voters, make several changes to enhance asset-shielding protections for debtors. The most notable changes include: (1) a 3% cap on the interest charged on medical debt; (2) an increase in the debtor’s home equity threshold from $250,000 to $400,000, which also features a mandate requiring an annual cost-of-living adjustment to this figure — a change that would limit the number of homes seized in bankruptcy; and (3) a cap on the amount of a debtor’s wages subject to attachment. For more information, click here.

• On August 22, Texas Attorney General Ken Paxton joined a multistate investigation led by Missouri Attorney General Eric Schmitt that targeted an environmental, social, and governance (ESG) investment ratings company and its subsidiary for alleged consumer fraud or unfair trade practices. The first of its kind, this investigation began when Schmitt served civil investigative demands, containing 43 combined interrogatories and requests for production of documents on the two businesses. ESG ratings companies establish standards used to measure the ethical impact and sustainability of investment in a particular company, and increasing concerns about the underlying motivations of such companies has led to additional scrutiny. For more information, click here.

• On August 19, the Colorado Attorney General Consumer Credit Unit published new guidance related to the enactment of a law governing remote work for licensed lenders, while also noting that the guidance originally enacted when the pandemic began in 2020 remains in effect for entities not covered by the new law, including collection agencies, debt management providers, and student loan servicers. For more information, click here.

• On August 8, the District of Columbia Department of Insurance, Securities, and Banking issued a bulletin on money transmission to provide information to industry participants engaged in or planning to engage in money transmission with bitcoin or other virtual currency used as a medium of exchange, method of payment, or store of value in the District. For more information, click here.