On October 22, 2024, the Consumer Financial Protection Bureau (CFPB) marked a significant milestone in the shift towards open banking in the United States with the finalization of its rulemaking on Personal Financial Data Rights. As we discussed in our Legal Update on the October 2023 proposed rule, the final rule provides the long-awaited implementation of Section 1033 of the Dodd-Frank Act, enacted in 2010, and establishes a comprehensive regulatory framework to provide consumers—and their authorized third parties—with rights to receive structured, consistent and timely access to consumers’ personal financial data held by financial institutions and other financial services providers.

The 594-page final rule is intended to allow consumers to access and share data held by banks, credit unions, credit card issuers, digital wallets, payment apps and other financial service providers, with the goal of improving customer choice and increasing competition, while strengthening consumer protections by imposing limitations on authorized third parties’ collection, use and retention of consumers’ data. Financial institutions subject to the final rule could face a variety of compliance, operational and technical challenges as they build out the infrastructure necessary to comply with the final rule. For the largest financial institutions, which include depository institutions with total assets in excess of $250 billion and non-depository institutions that generated at least $10 billion in total receipts in either calendar year 2023 or calendar year 2024, compliance is required by April 1, 2026, with compliance by smaller covered institutions required in phases beginning April 1, 2027, through April 1, 2030.Continue Reading CFPB Issues Long-Awaited Open Banking Rule; Lawsuit Immediately Filed

On March 29, 2024, the United States District Court for the Northern District of Texas issued a preliminary injunction prohibiting enforcement of the new Community Reinvestment Act (“CRA”) regulations against the plaintiffs in the case.

The CRA, passed in 1977, generally requires insured depository institutions to participate in investment, lending, and service activities that help

On February 7, 2024, the US Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) issued a Notice of Proposed Rulemaking on certain US residential real estate transactions (“2024 NPRM”). The 2024 NPRM would require certain professionals involved in real estate closings and settlements to report information to FinCEN about non-financed transfers of residential real

The New York Department of Financial Services finalized guidance on how banks and mortgage institutions should manage climate-related financial and operational risks. The agency’s guidance creates extensive obligations for New York institutions, particularly mortgage lenders and servicers for which those risk management expectations may be new. Also, the NYDFS emphasizes that those institutions must still

On June 28, 2023, the New York Department of Financial Services (“NYDFS”) published updated proposed amendments to its cybersecurity regulation (the “2023 Proposal”) applicable to “covered entities.” These updated amendments come after comments from industry groups and other stakeholders to the NYDFS’s proposed revisions that were published on November 9, 2022. In Mayer Brown’s Legal

Banking organizations looking to reduce the amount of risk-based regulatory capital required to support residential mortgage loan portfolios can use synthetic securitization to convert the capital treatment of their exposures from wholesale or retail exposures to securitization exposures. In this Legal Update, we discuss how regulatory capital requirements impact banking organizations that hold portfolios of

Mayer Brown has established a web page through which interested persons can access resources and content related to the recent collapses of Silicon Valley Bank (SVB) and Signature Bank, and the impacts on depositors, borrowers and the market. The main page is here, and direct access to recent webinars is available under the “Events”

On Monday, a federal district court judge in the District of Columbia issued an order dismissing a lawsuit brought by the Conference of State Bank Supervisors (CSBS) regarding a proposal of the Office of the Comptroller of the Currency (OCC) to issue federal charters to certain Fintech firms. In dismissing the case, US District Court Judge Dabney L. Friedrich held the CSBS did not have standing to sue because the OCC had not yet officially decided to issue charters to Fintech companies. Judge Friedrich explained that the CSBS lacks standing to bring the suit because the harms it alleges are “contingent on whether the OCC charters” a Fintech company, and “[s]everal contingent and speculative events must occur before the OCC” issues such a charter.
Continue Reading Federal Court Dismisses “Speculative” and “Attenuated” Lawsuit By the Conference of State Bank Supervisors Over Proposed OCC Fintech Charter

The ABA Business Law Section is holding its 2018 Spring Meeting in Orlando next week and will offer nearly 90 CLE programs and many more committee meetings and events.

Mayer Brown’s Matthew Bisanz will co-moderate, and Anjali Garg will participate on, a panel on April 13th discussing current developments in UDAP/UDAAP enforcement involving financial institutions,

The Consumer Financial Protection Bureau (“CFPB”) has issued its first No-Action Letter (“No-Action Letter” or “Letter”) in response to a request from Upstart Network, Inc. (“Upstart”). The No-Action Letter means that CFPB staff currently has no intention of recommending enforcement or supervisory action against Upstart. This decision is limited to the application of the Equal Credit Opportunity Act (“ECOA”) and its implementing regulation, Regulation B, to Upstart’s automated model for underwriting applicants for unsecured, non-revolving credit (“automated model”).

Upstart is an online lending platform that, working with a bank partner, uses alternative data to facilitate credit and pricing decisions for consumers with limited credit or work history. In addition to relying on traditional credit information, Upstart uses non-traditional sources of information to evaluate a consumer’s creditworthiness. For instance, Upstart might look at an applicant’s educational information, such as school attended and degree obtained, and the applicant’s employment to determine financial capacity and ability to repay. Upstart submitted a Request for No-Action Letter (“Request”) in relation to its automated model to the CFPB pursuant to the agency’s no-action letter policy.

According to the CFPB, the no-action letter policy is intended to facilitate consumer-friendly innovations where regulatory uncertainty may exist for certain emerging products or services. In practice, however, the process has presented significant challenges for companies that might seek to benefit from it.
Continue Reading CFPB Issues No-Action Letter to Alternative Credit Lending Platform