network

Perspectives

Fintech’s should prepare for consumer protection examinations

State-level changes warrant attention

In January 2020, changes in consumer protection regulation resulting from action taken by the governors of the States of California (CA) and New York (NY) may warrant financial technology (fintechs) firms, and banks alike, to revisit their consumer protection programs in anticipation of more rigorous State agency examinations.

February 10, 2020 | Financial services

Governors Gavin Newsom and Andrew Cuomo of CA and NY, respectively, independently released their annual budgets, proposing to expand the stature, authority, and capacity of their states’ supervisory oversight and enforcement of consumer protection laws and regulations. Both of the proposals are in response at the state level to a believed decrease in enforcement actions and consumer restitution at the federal level by the Consumer Financial Protection Bureau (CFPB).1  The governors plan to update legislation, increase staff and expand the types of financial firms their state agencies oversee. Equipped with legislative majorities, the governors’ proposals are likely to pass.

Banking and fintech firms licensed or operating in these states should consider taking proactive steps to prepare for potential additional scrutiny. Steps to consider include assessing the adequacy of the design of and effectiveness of their compliance management programs, which should be tested for regulatory and policy adherence. More specific focus can include areas such as complaints handling, disclosures, marketing representations, privacy, and fair treatment.

New York state developments

The New York Department of Financial Services (NYDFS) is making an effort to attract seasoned talent who are well-positioned to make the changes as intended by the budget appropriations. In 2019, NYDFS hired Katie Lemiere to lead a newly created a Consumer Protection and Financial Enforcement division.2  More recently, NYDFS hired Leandra English–the former Deputy Director at the CFPB–as a Special Policy Advisor to manage and develop NYDFS’s consumer policy initiatives. The 2020 NYS budget (released January 21, 2020) goes further by proposing to overhaul of several consumer financial protection laws:

Unfair, Deceptive, and Abusive Acts and Practices (UDAAP): The Governor proposes making NYS consumer protection law consistent with federal law.3

Eliminate Exemptions for Consumer Financial Products and Services: The Governor would eliminate many exemptions applying to consumer products and services from NYDFS oversight to be consistent with Dodd-Frank, which helps extend the agency’s remit to more consumer financial services-oriented businesses like fintechs.

Closing Loopholes and Creating a Level Playing Field for Regulated Entities: The Governor would require fees for NYDFS assessments by entities licensed under the Financial Services Law (e.g. virtual currency companies and fintechs).

Fines that effectively deter illegal conduct: The Governor proposes amending the Insurance Law to increase fines beyond a cap and assess a fine that is commensurate with the violation.

Taken together, it is evident that NY is intensifying its efforts to provide regulatory oversight by overseeing fintech’s consumer products, levying exam fees, and assessing fines.

California (CA) Developments

On January 10, 2020 CA Governor Gavin Newsom released the state’s 2020 budget, which includes increasing the Department of Business Oversight’s (DBO) authority and capacity to protect consumers and foster the responsible development of new financial products.4  The governor also proposes to enact the CA Consumer Financial Protection Law, which will provide consumers with more protection against unfair and deceptive practices when accessing financial services and products. CA will accomplish this by broadening the department’s authority to oversee financial service providers who are not currently subject to regulatory oversight such as fintechs, debt collectors, and credit reporting agencies, among others.

Like NY, CA is bringing in experienced hands with former CFPB Director Richard Cordray advising the governor and assisting with the drafting of the bill. To better reflect its current and future role, DBO’s name will be changed to the Department of Financial Protection and Innovation (DFPI). The 2020 budget provides the DFPI with new personnel to conduct supervision, research, coordinate with outside agencies, and issue enforcement orders, among other tasks.5

Fintechs should be no stranger to consumer protection examinations, and their risks

Over the past several years, fintech firms have been on the receiving end of regulatory criticism from a myriad of regulators, including the CFPB, Financial Industry Regulatory Authority (FINRA), Federal Trade Commission (FTC), and state regulators. Recent legal and regulatory actions include criticism over marketing and disclosure forms, privacy, and failure to protect personally identifiable information (PII), selling unregistered securities, and refusing to provide the government with the requested data.

NY and CA’s plans to update and expand legislation may encourance fintechs to review their own internal risk and control programs to ensure that legal, compliance, and reputational risks are successfully mitigated, regarding consumer compliance programs. Strategic decisioning regarding Initial Public Offerings (IPOs), buying or becoming a bank, or engaging in existing or new partnerships with traditional financial institutions will need to be reviewed in the context of a potentially increasing state regulatory environment.

Start preparing

Fintech firms of varying business models from lending to payments, which typically offer their products and services via MSB licenses or via third-party banking partners, should pay attention to preparing for increased oversight. Steps to consider include gaining a thorough understanding of the new requirements and supervisory expectations and the implications to their current operational processes and controls, compliance risk management systems, and internal audit plans. As part of this, it is important to understand the interaction with their regulators, as the relationship with state financial services regulators may be new and/or different from prior regulatory experiences. These new insights can be leveraged to enhance, as needed, compliance governance, policies and processes, training, testing, complaints response and analysis, and board and management reporting.

Deloitte, with our deep bench of regulatory professionals and practical experience in working across the lines of defense across industries, can assist fintechs to effectively address this likely next wave of regulatory scrutiny.

Deloitte will continue to follow further developments in this area and will issue additional updates, as appropriate.

This publication contains general information only and Deloitte is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional adviser.

Deloitte shall not be responsible for any loss sustained by any person who relies on this publication.

Endnotes

1 California Department of Business Oversight, “California Consumer Financial Protection Law,” January 2020 at https://dbo.ca.gov/california-consumer-financial-protection-law/

2 New York State Department of Financial Services, “Acting DFS Superintendent Lacewell Announces Appointment Of Katherine Lemire As Executive Deputy Superintendent Of Newly Created Consumer Protection & Enforcement Division,” April 2019 at https://www.dfs.ny.gov/reports_and_publications/press_releases/pr1904291

3 New York State Department of Financial Services, “DFS Superintendent Lacewell Announces Appointment Of Former CFPB Deputy Director Leandra English To Department Of Financial Services Leadership Team,” January 2020 at https://www.dfs.ny.gov/reports_and_publications/press_releases/pr202001141

4 Governor of the State of California, “Governor’s Budget Summary 2020-2021,” January 2020 at http://www.ebudget.ca.gov/FullBudgetSummary.pdf#page=179

5 California Department of Business Oversight, “Budget Change Proposal - Cover Sheet,” January 2020 at https://aboutblaw.com/N5T

This publication contains general information only and Deloitte is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional adviser.

Deloitte shall not be responsible for any loss sustained by any person who relies on this publication.

Contact us

Irena Gecas-McCarthy
Principal

Risk & Financial Advisory
Deloitte & Touche LLP

John Graetz
Principal

Deloitte Risk & Financial Advisory
Deloitte & Touche LLP

   

Gina Primeaux
Principal

Deloitte Risk & Financial Advisory
Deloitte & Touche LLP

Peter Reynolds
Managing director

Deloitte Risk & Financial Advisory
Deloitte & Touche LLP

   

Alaina Sparks
Managing director

Deloitte Risk & Financial Advisory
Deloitte & Touche LLP

Amanda Williamson
Senior manager

Deloitte Risk & Financial Advisory
Deloitte & Touche LLP

   

Kyle Cooke
Senior consultant

Deloitte Center for Regulatory Strategy
Deloitte & Touche LLP
 

 

Fullwidth SCC. Do not delete! This box/component contains JavaScript that is needed on this page. This message will not be visible when page is activated.

Site-within-site Navigation. Do not delete! This box/component contains JavaScript that is needed on this page. This message will not be visible when page is activated.