Last week, the CFPB issued a series of orders to collect information on the business practices of six large technology companies operating payments systems. The Bureau claims that the information will help better understand how these firms use personal payments data and manage data access to users so the Bureau can ensure adequate consumer protection. The orders were issued pursuant to Section 1022(c)(4) of the CFPA, which authorizes the CFPB to order participants in the payments market to turn over information to help the Bureau monitor for risks to consumers and to publish aggregated findings that are in the public interest. The CFPB notes that the development of new products and business models to meet consumer demands for online commerce and electronic payments during the pandemic “present new risks to consumers and to a fair, transparent, and competitive marketplace.”
The Bureau made available an example order that contains 55 requests that will compel information on:
Putting It Into Practice: The CFPB announcement, including Director Chopra’s separate statement, clarifies that the CFPB will be keeping a watchful eye on large technology companies in order to protect consumers. Here, the CFPB’s jurisdiction over non-bank technology firms that offer or facilitate payments functionality and other financial services or products provides the Bureau’s hook for enforcement and supervision of such companies. While the CFPB has taken enforcement actions against smaller fintech companies, these orders reflect the CFPB’s challenge to large technology companies and the potential consumer protection issues raised by their operations. Finally, the orders reflect the CFPB’s increased scrutiny over fintech companies based on the rapid evolution of financial marketplaces driven by fintechs and other non-banks performing more and more functions that have been historically left to banks.