Like most industries today, Consumer Finance Services businesses continue to be significantly impacted by COVID-19. To help you keep abreast of relevant activities, below find a breakdown of some of the biggest legislative and regulatory events at the federal and state levels to impact the Consumer Finance Services industry this past week:

Federal Activities

State Activities

Privacy and Cybersecurity Activities

Federal Activities:

  • On April 29, the Consumer Financial Protection Bureau (CFPB) released Spanish language translations for certain model and sample forms included in the Prepaid Rule in Regulation E and for certain adverse action model and sample notices included in Regulation B. For more information, click here.
  • On April 28, Representatives Glenn Thompson (R-PA), Ro Khanna (D-CA), Tom Emmer (R-MN), and Darren Soto (D-FL) introduced the Digital Commodity Exchange Act of 2022, which would create a definition for “digital commodity” and allow the Commodity Futures Trading Commission to oversee companies issuing or letting people trade these types of tokens, while having the Securities and Exchange Commission continue to oversee tokens that fall under U.S. securities laws. For more information, click here.
  • On April 28, the Department of Education announced it will deliver relief to tens of thousands of borrowers harmed by pervasive and widespread misconduct at Marinello Schools of Beauty. The 28,0000 borrowers who enrolled in the schools from 2009 through its closure in February 2016 will receive loan discharges based on borrower defense findings, totaling approximately $238 million. This group discharge also includes borrowers who enrolled at Marinello during this period, but have not yet applied for a borrower defense discharge. For more information, click here.
  • On April 27, Acting Comptroller of the Currency Michael J. Hsu issued a statement, calling for unified standards for stablecoins after his appearance at the Artificial Intelligence and the Economy: Charting a Path for Responsible and Inclusive AI Symposium hosted by the U.S. Department of Commerce, National Institute of Standards and Technology (NIST), FinRegLab, and the Stanford Institute for Human-Centered Artificial Intelligence. Hsu stated that creating one set of technical and legal standards for the dollar-pegged cryptocurrencies is as “vital to keeping the dollar competitive in the blockchain-based digital economy” as setting the standards for the World Wide Web was to the development of the modern internet economy. For more information, click here.
  • On April 25, the CFPB announced that it would begin invoking a provision in Dodd-Frank, previously used only infrequently, to conduct supervisory examinations over a greater number of nonbank financial companies that may “pose risks to consumers,” in particular fintechs. For more information, click here.

State Activities:

  • On April 28, Southern District of New York Judge Vyskocil granted a preliminary injunction, preventing sheriffs from enforcing New York’s Fair Consumer Judgment Interest Act on a retroactive basis. The act, which became effective on April 30, lowers the statutory rate of interest accrued on money judgment for consumer debt to 2% per year (from 9%). The amendment applies retroactively to judgments unsatisfied at the time the law went into effect. The court enjoined the sheriff’s office “from refusing to execute an existing judgment calculated with the interest rate in effect at the time the judgment was obtained, and from enforcing reduction of the existing interest rate of the judgments entered prior to the effective date of the Amendment.” For more information, click here.
  • On April 28, the New York Department of Financial Services issued guidance on the use of blockchain analytics, emphasizing “the importance of blockchain analytics to effective policies, processes, and procedures, including, for example, those relating to customer due diligence, transaction monitoring, and sanctions screening.” For more information, click here.
  • On April 26, Washington, DC Attorney General Karl Racine issued a press release, announcing his office’s legal victories in protecting housing for D.C. residents. The announced victories included restitution secured for residents for tenants in the district and directed residents to resources and tips for how to report problems with landlords. For more information, click here.
  • On April 22, Arkansas Attorney General Leslie Rutledge joined a bipartisan coalition of attorneys general, urging “GoFundMe to better disclose policies and to provide greater clarity in terms of service for consumers who use its platform.” GoFundMe has helped organizers raise more than $5 billion since 2010 and collects fees between 2.2 to 2.9% plus $0.3 per transaction. However, according to the press release, information “related to blocking, freezing, refunding, and re-directing donations, is hard to find and unclear.” For more information, click here.
  • On April 20, Tennessee became the second state to pass legislation, recognizing and allowing the registration of decentralized autonomous organizations (DAOs) as LLCs under Tennessee’s Revised Limited Liability Company Act. For more information, click here.

Privacy and Cybersecurity Activities:

  • On April 28, the Connecticut Data Privacy Act (SB-6) cleared the penultimate legislative hurdle, passing in the House by a vote of 144-5. This legislation previously passed Connecticut’s State Senate by a vote of 35-0 on April 20, and will now head to Governor Ned Lamont for final signature. If signed, Connecticut would be the fifth state in the country to pass a data privacy law, and the majority of the substantive requirements would take effect on July 1, 2023. The final version of SB-6 shares many similarities with other recently enacted state privacy statutes, but most closely resembles the Colorado Privacy Act (CPA). Notably, this legislation does include temporary right to cure, which sunsets on December 31, 2024. For more information, click here.
  • On April 25, the Federal Trade Commission (FTC) released guidance titled, “What the Pandemic Has Taught Businesses About the Collection of Health Information.” This guidance includes several recommendations for businesses to consider regarding checking/storing information from employee’s COVID-19 vaccination cards. This includes, but is not limited to, considering the objection of the data collection, analyzing how long this sensitive health information needs to be retained, and providing secure technology to safely store this information. The guidance also makes specific recommendations for companies that provide vaccine verification “passport” applications used to store information related to vaccination status. For more information, click here.
Photo of Alan D. Wingfield Alan D. Wingfield

Alan Wingfield helps consumer-facing clients navigate compliance, litigation and regulatory risks posed by the complex web of state and federal consumer protection laws. He is a trusted advisor and tireless advocate, helping clients develop practical compliance and dispute-resolution strategies.

Read more about Alan D. WingfieldEmailAlan's Linkedin Profile
Photo of Ethan G. Ostroff Ethan G. Ostroff

Ethan Ostroff’s practice focuses on financial services litigation and consumer law compliance counseling. Ethan is part of the firm’s national practice representing consumer-facing companies of all types in defense of individual and class action claims and counseling them on compliance with federal and

Ethan Ostroff’s practice focuses on financial services litigation and consumer law compliance counseling. Ethan is part of the firm’s national practice representing consumer-facing companies of all types in defense of individual and class action claims and counseling them on compliance with federal and state laws.

Read more about Ethan G. OstroffEmailEthan G.'s Linkedin Profile
Show more Show less
Photo of Ronald I. Raether, Jr. Ronald I. Raether, Jr.

Ron leads the firm’s Privacy + Cyber team. Drawing from nearly 30 years of experience, he provides comprehensive services to companies in all aspects of privacy, security, data use, and risk mitigation. Clients rely on his in-depth understanding of technology and its application

Ron leads the firm’s Privacy + Cyber team. Drawing from nearly 30 years of experience, he provides comprehensive services to companies in all aspects of privacy, security, data use, and risk mitigation. Clients rely on his in-depth understanding of technology and its application to their business to solve their most important challenges — from implementation and strategy to litigation and incident response. Ron and his team have redefined the boundaries of typical law firm privacy and cyber services in offering a 360 degree approach to tackling information governance issues. Their holistic services include drafting and implementing bespoke privacy programs, program implementation, licensing, financing and M&A transactions, incident response, privacy and cyber litigation, regulatory investigations, and enforcement experience.

Read more about Ronald I. Raether, Jr.EmailRonald I.'s Linkedin Profile
Show more Show less
Photo of Jed Komisin Jed Komisin

Jed defends clients engaged in civil litigation. He has significant courtroom experience and works with his clients to find comprehensive solutions to their legal issues.

Read more about Jed KomisinEmailJed's Linkedin Profile
Photo of Elizabeth Briones Elizabeth Briones

Elizabeth is an associate in the Consumer Financial Services practice who represents businesses large and small – from corporations to local partnerships. She is an experienced litigator with a background in complex matters ranging from corporate contract disputes, premises liability, negligence, fraud, and…

Elizabeth is an associate in the Consumer Financial Services practice who represents businesses large and small – from corporations to local partnerships. She is an experienced litigator with a background in complex matters ranging from corporate contract disputes, premises liability, negligence, fraud, and other business torts. She has appeared in state, federal, and multidistrict litigation.

Read more about Elizabeth BrionesEmailElizabeth's Linkedin Profile
Show more Show less
Photo of Edgar Vargas Edgar Vargas

Edgar is a Certified Information Privacy Professional (CIPP/US). He assists clients on compliance and litigation issues, including issues regarding privacy and cybersecurity laws. He is fluent in Spanish, allowing him to effectively communicate with and serve Spanish speaking clients.

Read more about Edgar VargasEmailEdgar's Linkedin Profile
Photo of Dan Stillman Dan Stillman
Email
Photo of Graham Dean Graham Dean
Email
Photo of Robyn Lin Robyn Lin

Robyn is a privacy and data security attorney who focuses on helping clients understand and maintain data compliance.

Read more about Robyn LinEmailRobyn's Linkedin Profile