Fintech Week in Review – April | Perkins Coie
Weekly Fintech Focus
- Federal financial regulators issue an RFI to better understand financial institution usage of AI models and its implications on current regulations.
- CFPB rescinds policy statements that provided regulatory flexibility in response to pandemic challenges.
- National Futures Association issues regulatory outsourcing guidance.
- Lina Kahn announced as nominee for FTC commissioner position.
- FinCEN Director meets with a number of groups to discuss SAR filing.
- Prepared Remarks of FinCEN Director delivered at the Florida International Bankers Association AML Compliance Conference
- CFPB faced many more consumer complaints in 2020 than in the past.
- CSBS working with a number of states to develop a single fintech exam.
- An earned wage access company settled allegations of its services causing bank overdraft and insufficient fund fees.
- The UK FCA issues a feedback statement on open finance.
Federal Financial Regulators Seek Information on the Use of AI by Financial Institutions
On March 29, 2021, five federal financial regulatory agencies (the Federal Reserve, CFPB, FDIC, OCC, and NCUA) announced a request for information (RFI) to obtain input from financial institutions, trade associations, consumer groups, and other stakeholders about the use of artificial intelligence (AI) by financial institutions. The regulatory agencies intend to use the information received in the RFI to determine whether any clarifications from the agencies would be helpful for the use of AI by financial institutions in a safe and sound manner. The agencies identify laws and regulations that they understand could relate to financial institutions’ use of AI, including Section 39 of the Federal Deposit Insurance Act, the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, the Equal Credit Opportunity Act, the Fair Housing Act, and the prohibitions against UDAP/UDAAPs. The RFI also includes a list of supervisory guidance and statements and exam manuals that relate to financial institutions’ use of AI.
The RFI includes questions related to:
- Explainability – The agencies seek information on the strategies and challenges that exist for financial institutions related to explaining how AI models make decisions.
- Risks from Broader or More Intensive Data Processing Usage – The agencies seek information about how financial institutions address data quality and data processing for AI models.
- Overfitting – The agencies seek information about how financial institutions address the risks of overfitting in AI models – the risks associated with an algorithm learning from patterns in training data that are not representative of the population as a whole.
- Cybersecurity Risk – The agencies seek information related to AI vulnerabilities to cybersecurity threats.
- Dynamic Updating – The agencies seek information about how financial institutions manage risks related to dynamic updating – where the AI model is able to learn and evolve over time as it collects new training data. The risks arise when the results drift from the model’s past behavior or intended use.
- AI Use by Community Institutions – The agencies seek information about how community institutions may rely on other third-party AI service providers and the attendant risk and challenges.
- Oversight of Third Parties – The agencies seek information about the challenges and risks associated with financial institutions overseeing AI models developed or provided by third parties, and whether current agency guidance needs to be updated.
- Fair Lending – The agencies seek information about how financial institutions evaluate AI-based credit determination approaches to comply with fair lending laws, including addressing bias and complying with the Equal Credit Opportunity Act’s adverse action disclosure requirements.
CFPB Rescinds Certain COVID-19 Regulatory Flexibility Guidance
Effective April 1, 2021, the Consumer Financial Protection Bureau (CFPB) rescinded seven of its policy statements it issued in 2020 that provided regulatory flexibility to certain covered institutions affected by the pandemic. The policy statements were issued between March and June 2020 to reflect the challenges posed by changes in consumer behavior, challenges due to remote work, and other pandemic-related issues. In rescinding the policy statements, Acting Director Uejio said that “[b]ecause many financial institutions have developed more robust remote capabilities and demonstrated improved operations, it is no longer prudent to maintain these flexibilities.” Further, he said that both consumers and industry were affected by the pandemic, and any “regulatory flexibility to companies should not come at the expense of consumers.” Although the policy statements are rescinded, the CFPB “will be sensitive to good-faith efforts demonstrably designed to assist consumers.” Relevant to fintech companies, the CFPB rescinded policy statements related to information collection for credit card and prepaid account issuers, the Fair Credit Reporting Act and Regulation V, Regulation Z billing error resolution, and electronic credit card disclosure practices.
National Futures Association Issues Regulatory Outsourcing Guidance
The National Futures Association (NFA), the self-regulatory organization for the U.S. derivatives industry, adopted an Interpretive Notice effective September 30, 2021 regarding NFA member use of third-party service providers. The Interpretive Notice recognizes that NFA members, like future commission merchants, commodity trading advisors, commodity pool operators, or introducing brokers, may fulfill their regulatory obligations through a third-party service provider. The NFA explains that the member remains responsible for compliance with its regulatory obligations even when it outsources a regulatory function. To address its regulatory obligations, the member should have a written supervisory framework related to its outsourcing functions that is tailored to the member’s business needs. In general, the supervisory framework should include an initial risk assessment (addressing information security, regulatory obligations, and logistics), onboarding due diligence (tailored to the criticality of the services), risk-based ongoing monitoring, termination provisions, and recordkeeping related to the outsourcing relationship with the third-party service provider. Additionally, in the written agreement between the member and the third-party service provider, the provider should agree to comply with all applicable regulatory requirements and to notify the member of any material failures.
President Biden announces FTC Commissioner Nomination
Earlier this week, the White House officially announced President Biden’s intent to nominate Columbia Law School professor Lina Khan to serve as the FTC Commissioner. Ms. Khan is an associate professor at Columbia Law school and teaches about antitrust law, infrastructure industries law, and antimonopoly tradition. Ms. Khan has also previously served as counsel to the U.S. House Judiciary Committee’s Subcommittee on Antitrust, Commercial, and Administrative law and was a legal advisor at the FTC to Rohit Chopra, President Biden’s nominee for CFPB Director.
If confirmed by the Senate, Ms. Khan will fill the seat vacated by former FTC Chairman Joseph Simons. As a known critic of Big Tech, Ms. Khan’s nomination serves as a vital win for Democrats who believe the FTC has faltered in policing antitrust and privacy matters.
FinCEN BSA SAR Consultation
Last week, FinCEN arranged a virtual FinCEN Exchange program to converse about the Bank Secrecy Act (BSA) filing statistics for low-dollar, voluntarily-filed SARs that contain a transaction nexus between Arizona, Texas, New Mexico, Oklahoma, and Louisiana. This dialogue and information sharing through the FinCEN Exchange program supports financial institutions in filing high-quality BSA reports with FinCEN and supports law enforcement in detecting such suspicious activity and bad acts. The program also allows for industry practitioners and financial institutions to better understand how to effectively tailor their compliance efforts to support the BSA.
During last week’s event, industry practitioners and law enforcement discussed trends in such suspicious activity, which is one of FinCEN’s main priorities – to strengthen public-private partnerships to reveal and mitigate threats to safeguard our national security and protect communities and citizens from harm.
Prepared Remarks of FinCEN Director delivered at the Florida International Bankers Association AML Compliance Conference
The Financial Crimes Enforcement Network (FinCEN) Director, Kenneth Blanco, prepared remarks at the Florida International Bankers Association Anti-Money Laundering (AML) Act Compliance Conference on March 22, 2021. The AML Act is a landmark piece of legislation, that will bolster national security and help protect communities in the United States. It represents the greatest addition to the AML regime since the USA PATRIOT Act.
Director Blanco spoke about the AML Act of 2020, and how the implementation of the Act is FinCEN’s number one priority. Various provisions of the AML Act are initiatives that FinCEN has been well underway in supporting through the FinCEN Exchange Program and the Bank Secrecy Act Advisory Group (BSAAG).
As an example, in furtherance of the AML Act, FinCEN issued a Notice informing financial institutions about illicit activity related to trade in antiquities and art and provided specific instructions for filing related Suspicious Activity Reports (SARs). This type of information provided by financial institutions will help FinCEN’s rulemaking efforts in extending the AML requirements to dealers in antiquities and will also inform the study of the facilitation of money laundering and the financing of terrorism through the trade in works of art that the AML Act requires.
Director Blanco also spoke about how the information that FinCEN collects and stores will be generated using a high-quality IT database system for stakeholders and that this information will be protected by their project team of enforcement, liaison, policy, technology, information security, and legal experts.
As with FinCEN’s upcoming Advance Notice of Proposed Rulemaking, FinCEN will be soliciting public written comment at intervals on certain aspects of projects and urges financial institutions to comment fully and candidly.
Director Blanco urges the financial industry sector to include their perspectives and insight to help inform their rulemaking and its role in strengthening national security through their antimony laundering system and structure. FinCEN wants practical solutions to be effective and efficient in helping to protect our national security, family, and community.
CFPB Annual Report to Congress Reveals More Than a Half-Million Complaints Received in 2020, up by over 54% from last year
On March 24, the CFPB provided Congress with is annual Consumer Response Report. The CFPB handled approximately 542,300 complaints last year—a nearly 54% increase over the approximately 352,400 complaints handled in 2019. The CFPB Acting Director David Uejio largely attributed this increase to the impact of the COVID-19 pandemic on the consumer financial marketplace. Credit and consumer reporting complaints accounted for more than 58% of complaints received, followed by debt collection, credit card, checking or savings, and mortgage complaints.
The Bureau also received 12,800 money transfer, money service, and virtual currency (collectively referred to as “money services”) complaints in 2020. Of these 12,800 complaints, 8,500 (or 67%) were sent by the Bureau to companies for their review and response, 3,200 (or 25%) were referred to other regulatory agencies, and found 8% to be incomplete.
As of February 1, 2021, 0.4% of money services complaints were pending with the consumer and 0.03% were pending with the Bureau. 98% of money services complaints sent to companies for their review and response were responded to. As of February 1, 2021, 1% of complaints were pending review by the company. Companies did not provide a timely response for 2% of complaints. Consistent with the overall trend of increase in complaints during COVID‑19, money service complaint volume also rose significantly. Money service companies responded to more than 670 of money services complaints per month (compared to a monthly average of 410 complaints in 2019 and 450 complaints in 2018).
Domestic money transfers and mobile or digital wallets were the products reporting the highest increases in complaints (an increase in 47% and 126% from the prior two years’ monthly average, respectively).
In connection with money services, the top 4 complaints cited by consumers were as follows:
- Fraud or scams, including charitable contributions to address COVID‑19 which contributed to the greatest number of complaints.
- Consumers noted the difficulties in linking accounts to mobile applications which were in part due to increased security measures implemented by financial institutions. In response to these complaints, financial institutions reiterated their commitment to security and explained why they prohibited the use of third-party applications.
- In complaints about remittance transfer providers, consumers often described transaction problems such as delays in delivery of funds, and other service problems.
- Consumers identified debt settlement – particularly the exorbitant fees and companies not delivering on advertised benefits in other money service complaints.
This report also highlights multi-year complaint trends that pre-date the pandemic, and scrutinized companies’ response to complaints. Majority of complaints pertain to inaccurate information on credit and consumer reports, especially in connection with the three largest Nationwide Credit Reporting Agencies (NCRAs): Equifax, Experian, and TransUnion.
The CFPB noted that this year (in contrast to prior years), the NCRAs were no longer providing substantive and detailed responses—including, in connection with dispute investigations and steps addressing identity theft. Noting the above, the CFPB now plans to issue a separate report later this year regarding complaints about NCRAs scrutinizing the incomplete or inaccurate information on the consumers’ credit reports in light of the NCRAs reporting requirements under the Fair Credit Reporting Act.
Large Fintechs and Payment Companies to be Subject to a Single Exam for Nationwide Regulatory Compliance
The Conference of State Bank Supervisors (CSBS) announced on March 22 that over 13 payment firms have completed (or are in the process of completing) single comprehensive exams as part of the “One Company, One Exam Program.” The goal of this national program is to move from a siloed system of multiple state level examinations to a unified national examination.
According to CSBS, “[k]nown as MSB Networked Supervision, the initiative applies to 78 of the nation’s largest payments and cryptocurrency companies that currently meet the 40-state threshold. These companies combined move more than $1 trillion a year in customer funds.” (Emphasis added)
As indicated above, this program for MSBs aims to satisfy all state examination requirements and applies to companies that operate in 40 or more states. Each exam is led by one state overseeing a multistate group of examiners, including experts in cybersecurity and anti-money laundering. The exam will employ a fine-tuned risk-based approach to each company’s operations.
This program was initiated as part of the states’ Vision 2020 initiative and follows up on a successful pilot launched in late 2020. Companies such as Western Union had participated in the pilot. We can expect greater implementation of this program for MSBs and expansions to include mortgage companies, nonbank companies, and banks as announced by the CSBS Board of Directors’ 2021 Networked Supervision Priorities.
Earned Wage Access Company Settles Case Related to Bank Fee Charges
An earned wage access (EWA) company recently entered into a settlement to forgive up to $9.5 million in unpaid fees and set up a $3 million settlement fund for its users. The settlement stems from a complaint that alleged the EWA company’s disclosures were deceptive and incomplete because they failed to advise that users could incur overdraft or insufficient fund fees by using the EWA company’s app. The settlement class includes over 270,000 users who incurred at least one bank fee because of the EWA company’s withdrawals from the user’s bank accounts. The settlement follows the Memorandum of Understanding the company (and other earned wage access companies) entered into with the California Department of Financial Protection and Innovation earlier this year (covered in our blog here).
The case before the Northern District of California was Perks v. Activehours, Inc. d/b/a Earnin, No. 5:19-cv-05543-BLF.
The UK FCA Issues a Feedback Statement on Open Finance
The UK Financial Conduct Authority released a feedback statement (FS21/7) on open finance issues in response to its December 2019 call for input on the topic. The FCA outlines the many benefits of open finance for consumers as well as development in the industry. The FCA’s vision for open finance is that consumers and businesses have greater control of their data and can grant access to such data to trusted third-party providers, which will spur innovation and the development of new financial services. To facilitate development of open finance, the FCA is also looking at removing hurdles imposed by Europe’s Strong Customer Authentication (SCA) requirements that require SCA every 90 days. Other developments addressed in the statement include API interface requirements and FCA monitoring of API performance.