Like most industries today, Consumer Finance Services businesses continue to be significantly impacted by COVID-19. To help you keep abreast of relevant activities, below find a breakdown of some of the biggest legislative and regulatory events at the federal and state levels to impact the Consumer Finance Services industry this past week:

Federal Activities

State Activities

Privacy and Cybersecurity Activities

Federal Activities:

  • On July 7, the Consumer Financial Protection Bureau (CFPB) issued a legal interpretation to ensure that companies that use and share credit and background reports have a permissible purpose under the Fair Credit Reporting Act. The CFPB’s new advisory opinion reiterates that credit reporting companies and users of credit reports have specific obligations to protect the public’s data privacy. The advisory also reminds covered entities of potential criminal liability for certain misconduct. For more information, click here.
  • On July 5, the U.S. Office of Government Ethics issued a new legal advisory titled, “Application of the Securities and Mutual Fund Exemptions to Cryptocurrency, Stablecoins, and Relating Investments,” prohibiting any federal government employee who owns cryptocurrency from working on federal regulations and policies involving cryptocurrencies and stablecoins. For more information, click here.
  • On July 1, the Federal Reserve Board and the Federal Deposit Insurance Corporation announced that they extended the period for issuing feedback for the U.S. global systemically important banks’ 2021 resolution plans to allow the agencies additional time to analyze them. For more information, click here.
  • On July 1, the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, and Office of the Comptroller of the Currency released the 2022 list of distressed or underserved nonmetropolitan middle-income geographies. These are geographic areas where revitalization or stabilization activities are eligible to receive Community Reinvestment Act consideration per the “community development” definition under the agencies’ regulations. For more information, click here.
  • On June 29, the CFPB issued an advisory opinion focused on consumer debt collectors and the convenience fees they charge for some payments, such as online or by phone. For more information, click here.
  • On June 28, the CFPB issued an interpretive rule, encouraging states to enact more laws regulating consumer reporting, arguing that the Fair Credit Reporting Act only constrain states’ powers in limited ways. For more information, click here.

State Activities:

  • On July 8, Rhode Island Governor Daniel McKee signed SB 2794/HB 7781 into law, which requires a $50,000 bond for licensed debt collectors in Rhode Island. The bond amount for debt collectors is similar to bond amounts for other businesses in Rhode Island. For more information, click here.
  • On July 7, New York Attorney General Letitia James announced that she has reached a settlement with a residential renting company for failing to return security deposits to New Yorkers, following new changes to security deposit laws. The company purportedly failed to comply with the 2019 changes to the state’s rental laws and did not return security deposits to tenants within 14 days of the tenant vacating the apartment or provide a written itemized list of their reasons for keeping the deposit. Attorney General James stated, “Tenants deserve transparency and accountability from their landlords, and New Yorkers should trust that their security deposit will be returned to them as required by their leases and the law.” For more information, click here.
  • On July 1, North Carolina Attorney General Josh Stein announced a settlement with a company that owns and operates skilled nursing facilities in several states. The settlement with North Carolina and 22 other states resolves allegations that the company billed Medicaid for medically unnecessary rehabilitation therapy services and offered grossly substandard skilled nursing services. “Health care providers have a responsibility to provide quality care for their patients and be responsible stewards of taxpayer resources,” said Attorney General Josh Stein. “When they fail to do so, I will hold them accountable on behalf of North Carolinians.” For more information, click here.
  • On June 24, the Connecticut Department of Banking levied a $10,000 fine against a company for operating as a consumer collection agency in the state without obtaining the proper license. The company voluntarily agreed to the sanctions imposed “solely for the purpose of obviating the need for formal administrative proceedings,” according to the consent order. The company indicated that it was no longer operating as a consumer collection agency in Connecticut without a license. For more information, click here.
  • The Louisiana Office for Financial Institutions (OFI) recently proposed rules governing virtual currency businesses in Louisiana, which follow the mandate set by the Virtual Currency Business Act (VCBA), effective August 1, 2020, requiring virtual currency businesses to hold a license in Louisiana and granting administrative and enforcement authority to OFI. According to OFI, the newly issued rules provide “clear and concise guidance that will allow for the implementation and enforcement of the provisions of the VCBA.” For more information, click here.

Privacy and Cybersecurity Activities:

  • On July 8, the California Privacy Protection Agency (CPPA) announced the commencement of the formal rulemaking process for the California Privacy Rights Act (CPRA). During this rulemaking process, interested parties will have an opportunity to provide feedback on the CPRA’s implementing regulations, a first draft of which was released on June 8. The written comment period for these regulations will close on August 23, and live hearings will be held from August 24-25 in Oakland, CA. For more information, click here.
  • On July 8, President Biden signed an executive order, protecting access to reproductive health care services. Under the order, the Federal Trade Commission (FTC) chair is “encouraged to consider actions … to protect consumers’ privacy when seeking information about and provision of reproductive healthcare services.” The order also directs the Health and Human Services (HHS) secretary to consider possible actions, including new guidance under the Health Insurance Portability and Accountability Act (HIPAA), to “strengthen the protection of sensitive information related to reproductive healthcare services and bolster patient-provider confidentiality.” For more information, click here.
Photo of Alan D. Wingfield Alan D. Wingfield

Alan Wingfield helps consumer-facing clients navigate compliance, litigation and regulatory risks posed by the complex web of state and federal consumer protection laws. He is a trusted advisor and tireless advocate, helping clients develop practical compliance and dispute-resolution strategies.

Photo of Ethan G. Ostroff Ethan G. Ostroff

Ethan Ostroff’s practice focuses on financial services litigation and consumer law compliance counseling. Ethan is part of the firm’s national practice representing consumer-facing companies of all types in defense of individual and class action claims and counseling them on compliance with federal and

Ethan Ostroff’s practice focuses on financial services litigation and consumer law compliance counseling. Ethan is part of the firm’s national practice representing consumer-facing companies of all types in defense of individual and class action claims and counseling them on compliance with federal and state laws.

Photo of Ronald I. Raether, Jr. Ronald I. Raether, Jr.

Ron leads the firm’s Privacy + Cyber team. Drawing from nearly 30 years of experience, he provides comprehensive services to companies in all aspects of privacy, security, data use, and risk mitigation. Clients rely on his in-depth understanding of technology and its application

Ron leads the firm’s Privacy + Cyber team. Drawing from nearly 30 years of experience, he provides comprehensive services to companies in all aspects of privacy, security, data use, and risk mitigation. Clients rely on his in-depth understanding of technology and its application to their business to solve their most important challenges — from implementation and strategy to litigation and incident response. Ron and his team have redefined the boundaries of typical law firm privacy and cyber services in offering a 360 degree approach to tackling information governance issues. Their holistic services include drafting and implementing bespoke privacy programs, program implementation, licensing, financing and M&A transactions, incident response, privacy and cyber litigation, regulatory investigations, and enforcement experience.

Photo of Jed Komisin Jed Komisin

Jed defends clients engaged in civil litigation. He has significant courtroom experience and works with his clients to find comprehensive solutions to their legal issues.

Photo of Elizabeth Briones Elizabeth Briones

Elizabeth is an associate in the Consumer Financial Services practice who represents businesses large and small – from corporations to local partnerships. She is an experienced litigator with a background in complex matters ranging from corporate contract disputes, premises liability, negligence, fraud, and…

Elizabeth is an associate in the Consumer Financial Services practice who represents businesses large and small – from corporations to local partnerships. She is an experienced litigator with a background in complex matters ranging from corporate contract disputes, premises liability, negligence, fraud, and other business torts. She has appeared in state, federal, and multidistrict litigation.

Photo of Edgar Vargas Edgar Vargas

Edgar is a Certified Information Privacy Professional (CIPP/US). He assists clients on compliance and litigation issues, including issues regarding privacy and cybersecurity laws. He is fluent in Spanish, allowing him to effectively communicate with and serve Spanish speaking clients.

Photo of Robyn Lin Robyn Lin

Robyn is a privacy and data security attorney who focuses on helping clients understand and maintain data compliance.