California and New York are taking the lead to expand consumer financial protection, in part to smooth out the ebb and flow of federal policy and enforcement at the CFPB.  Within a few days of each other, Governor Gavin Newsom of California and Governor Andrew Cuomo of New York announced proposals to expand regulatory oversight in the financial consumer protection space.

A.  California

On January 10, 2020, California Governor Newsom sent the California Legislature his 2020-21 budget, which includes a proposal to overhaul the state’s Department of Business Oversight (“DBO”), and rename it the Department of Financial Protection and Innovation (“DFPI”). The DFPI, which some observers are describing as a “mini-CFPB,” would have enhanced regulatory powers, as well as responsibility to pursue now-unsupervised financial services providers. The Governor’s Budget Summary cited the reason for the expansion as “[t]he federal government’s rollback of the CFPB,” which leaves Californians vulnerable to predatory businesses and leaves companies without the clarity they need to innovate.” Specific new activities would include, among others:

  • Licensing and examining new industries that are currently unregulated or under-regulated;
  • Protecting consumers through enforcement against unfair, deceptive, and abusive acts and practices (“UDAAPs”);
  • Establishing a new Financial Technology Innovation Office that would cultivate the responsible development of new consumer financial products.

The budget also would provide funding to administer the California Consumer Financial Protection Law. The California Legislature will now begin a detailed review of the budget, a version of which must be passed before June 15, 2020.

B. New York

On January 8, New York Governor Cuomo released his 2020 State of the State address and announced several important measures relevant to fintech and other financial services companies:

  • License requirement for debt collection companies: The Governor will propose legislation giving the New York Department of Financial Services (“NYDFS”) authority to license debt collection entities, and to examine suspected abuses via information requests and books-and-records examinations. The new oversight authority would allow the NYDFS to bring punitive actions against unscrupulous debt collectors, potentially resulting in fines or lost licenses.
  • Strengthen NY’s Consumer Protection Laws: Governor Cuomo also proposed a broad consumer protection agenda aimed at enabling New York to intervene in the absence of federal enforcement in order to protect consumers from new and predatory financial products. The agenda includes:
    • Expanded protection for NY Consumers from UDAAPs: current state law protects consumers from intentional fraud or material misrepresentations regarding financial products or services. The Governor’s proposal would enhance New York law to the level of federal law, which allows enforcement actions for a broader range of UDAAPs.
    • Elimination of exceptions: Although current NY law allows for enforcement actions, many consumer products and services are exempted. The Governor’s proposal would eliminate these exceptions.
    • Closing loopholes: Currently, entities licensed under New York’s Financial Services Law (“FSL”) are not required to pay assessments covering the cost of examinations. The Governor proposed amending the FSL to match the Insurance and Banking Law, which would require these entities to pay for examinations.
    • Fines: To deter illegal conduct, the proposal would amend the state’s law to increase fines. Instead of the current penalty of $5,000 per violation, Governor Cuomo proposed capping penalties at the greater of $5,000, or two times the damages or economic gain attributed to the violation. The FSL would also be updated to include authority for collecting restitution and damages.

*          *          *

Blending our firm’s nationally recognized financial services practice with our corporate and technology practices, McGuireWoods’ fintech practice provides practical, business-minded counsel on legal and regulatory matters relevant to financial services companies and fintech vendors alike.

FINRA’s examination program has undergone its most significant reorganization in decades. As stated in a press release, Oct. 1, 2018, FINRA’s goal for the reorganization was to “consolidate its Examination and Risk Monitoring Programs, integrating three separate programs into a single, unified program to drive more effective oversight and greater consistency, eliminate duplication and create a single point of accountability for the examination of firms.” The new look of the examination program was released, along with new management, on Dec. 12, 2019.

FINRA launches its revamped examination program with its release of its 2020 Risk Monitoring and Examination Priorities, issued on January 9th.

In 2020, FINRA is prioritizing risk monitoring, surveillance, and examination programs to further its mission of investor protection and market integrity.  The examination priorities are organized around four themes, which build on FINRA’s priorities from prior years:

  1. Sales practice and supervision;
  2. Market integrity;
  3. Financial management; and
  4. Firm operations.

One significant change in this year’s priorities letter is FINRA’s focus on providing guidance to firms – practical considerations and questions that firms should be focused on as they review their program for compliance with regulatory requirements. In the past, the letters have traditionally been a detailed description of issues and requirements. Providing practical guidance is far more valuable to firms and will aid their compliance efforts.

Sales Practice and Supervision

FINRA will continue to focus on areas it has discussed in previous annual priorities letters, including complex products, variable annuities, private placements, fixed income mark-up/mark-down disclosures, representatives acting in positions of trust or authority, and senior investors.  In addition to these areas, FINRA will evaluate firms’ compliance with obligations related to several new or emerging areas, discussed below.

Regulation Best Interest (Reg BI) and Form CRS

The SEC adopted Reg BI in June 2019, which establishes a “best interest” standard of conduct for broker-dealers.  The SEC also adopted a new form – Form CRS – which requires broker-dealers to provide a brief relationship summary to retail investors.  Firms must comply with Reg BI and Form CRS by June 30, 2020.

During the first half of 2020, FINRA plans to review firms’ preparedness for Reg BI.  After June 30, 2020, FINRA will focus on firms’ compliance with Reg BI, Form CRS, and related SEC guidance.  FINRA will work with the SEC to ensure consistency in evaluating broker-dealers and their associated persons for compliance with Reg BI and Form CRS.  FINRA’s 2020 Risk Monitoring and Examination Priorities Letter includes a list of factors FINRA may consider when reviewing firms for compliance with Reg BI.

Two of the questions posed by FINRA bear particular consideration: (1) Do your firm and your associated persons consider the express new elements of care, skill and costs when making recommendations to retail customers? (2) Do your firm and your associated persons consider reasonably available alternatives to the recommendation?  Both FINRA and the SEC have been explicit in their guidance that the Best Interest standard does not always mean the cheapest option available. That said, cost is a factor and the specific question regarding whether “reasonably available alternatives” will be an important consideration for firms. The regulators will be looking at what alternatives were available to firms to offer their customers and, if a firm chooses not to make those available, it will be important to ensure that there their review, assessment, and determinations are fully documented.

Communications with the Public

FINRA will continue to focus on firms’ compliance with obligations relating to FINRA Rule 2210 (Communications with the Public), as well as related supervisory and recordkeeping requirements.  In 2020, FINRA will expand its focus to private placement retail communications, by reviewing how firms handle retail communications regarding private placement securities via online distribution platforms, as well as traditional channels. As the SEC looks to expand retail access to private placements, firms will need to be vigilant in the manner in which these products are offered to customers.

FINRA will  also continue to focus on the challenges that the increasingly broad array of digital communications (i.e., texting, messaging, social media, or collaboration applications) pose to firms’ ability to comply with obligations related to the review and retention of such communications.

Cash Management and Bank Sweep Programs

FINRA recognizes that as commission practices change, cash management services that sweep investor cash into firms’ affiliated or partner banks or money market funds have taken on a greater significance. Bank Sweep Programs are offering more services to retail investors (such as check-writing, debit cards, and ATM withdrawals.  These added features raise concerns about firms’ compliance with a range of FINRA and SEC rules.  FINRA will therefore focus on firms’ compliance with such rules in the context of Bank Sweep Programs. Further, to the extent that firms benefit from these programs and, with commissions dropping and or going away in some instances, regulatory review of fees involved in providing services will increase, reviewing such areas as conflicts, disclosure, fairness, etc.

Sales of Initial Public Offering (IPO) Shares

In light of the growth of the IPO market over the past year, FINRA will focus on firms’ obligations under FINRA Rules 5130 (Restrictions on the Purchase and Sale of Initial Equity Public Offerings) and 5131 (New Issue Allocations and Distributions).

Trading Authorization

This year, FINRA will also focus on whether firms maintain reasonable supervisory systems relating to trading authorization, discretionary accounts, and key transaction descriptors.  It will review whether these supervisory systems are designed to detect and address registered representatives exercising discretion without written authorization from the client.

Market Integrity

FINRA will continue to review compliance with the ongoing obligations related to market manipulation, Trade Report and Compliance Engine (TRACE) reporting, short sales, and short tenders.  Certain firms will be required to begin reporting to the Consolidated Audit Trail (CAT) in April 2020, and that FINRA will work with those firms as they prepare for reporting.  The FINRA Letter reminds firms to continue devoting resources to ensure accuracy in their Order Audit Trail System (OATS) reporting, because OATS remains a critical part of the audit trail data that FINRA uses to meet its regulatory obligations.

In 2020, FINRA expects to focus on the following additional areas to promote market integrity:

  1. Direct market access controls;
  2. Best execution;
  3. Disclosure of order routing information; and
  4. Vendor display rule.

Financial Management

Firms can expect FINRA to continue its focus on compliance programs relating to Exchange Act Rule 15c3-3 (Customer Protection Rule) and Exchange Act Rule 15c3-1 (Net Capital Rule), as well as firms’ overall financial risk management programs.  FINRA has identified the following new areas of focus for 2020:

  1. Digital assets;
  2. Liquidity management;
  3. Contractual commitment arising from underwriting activities; and
  4. London Interbank Offered Rate (LIBOR) transition.

Firm Operations

As firms increasingly rely on technology for business systems and customer-facing activities, cybersecurity has become a large operational risk.  As such, FINRA will focus on cybersecurity and technology governance in 2020.  Specifically, firms should expect FINRA to assess whether their policies and procedures are designed to protect customer information and whether they are implementing controls appropriate to their business model and scale of operations.  FINRA will also ensure firms’ compliance with FINRA Rules 4370 (Business Continuity Plans and Emergency Contact Information), 3110 (Supervision), and 4511 (General Requirements), as well as Exchange Act Rules 17a-3 and 17a-4.

In terms of technology governance, it continues to be important for firms to ensure that all of the right stakeholders are at the table when new technology is being implemented or current technology modified. Often technological solutions are implemented to address an issue and there are unintended consequences creating regulatory gaps. Having compliance and risk at the table as these decisions are being made can often go a long way to mitigating that risk.


FINRA’s examination priorities for 2020 will largely follow prior focus areas, emphasizing firms’ compliance in important areas such as systems for supervision, sales practice risks, anti-money laundering and fraud, insider trading, and manipulation across markets and products.  New this year is an emphasis on Reg BI and Form CRS, as well as issues related to communications with the public, cash management and bank sweep programs, direct market access controls, best execution, disclosure of order routing information, and cybersecurity.

To support firms in their efforts to comply with federal securities laws and regulations, as well as FINRA rules, the 2020 Risk Monitoring and Examination Priorities Letter includes a list of practical considerations and questions for each topic, which may be helpful to firms in evaluating the state of their compliance, supervisory, and risk management programs.

On January 7, 2020, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) released its 2020 examination priorities.  OCIE is prioritizing practices, products, and services that it believes present heightened risks to investors or market integrity.  The examination priorities are organized around seven themes, many of which build on OCIE’s priorities from prior years:

  1. Retail investor protection, including seniors and those saving for retirement;
  2. Market infrastructure;
  3. Information security;
  4. Focus areas relating to investment advisers, investment companies, broker-dealers, and municipal advisors;
  5. Anti-money laundering programs (AML);
  6. Financial technology (Fintech) and innovation, including digital assets and electronic investment advice; and
  7. Financial Industry Regulatory Authority (FINRA) and the Municipal Securities Rulemaking Board (MSRB).

Retail Investor Protection, Including Seniors and Those Saving for Retirement

Continuing with the trend in recent years, OCIE will focus on recommendations and advice given to retail investors, with a particular focus on seniors and those saving for retirement.  The examinations will focus on intermediaries that serve retail investors—namely, registered investment advisers (RIAs), broker-dealers, and dually-registered firms—and on investments marketed to, or designed for retail investors, such as mutual funds and exchange-traded funds (ETFs), municipal securities and other fixed income securities, and microcap securities.  OCIE will also focus on higher risk products, such as those that:

  • are complex or non-transparent;
  • have high fees and expenses; or
  • where an issuer is affiliated with or related to the registered firm making the recommendation.

OCIE acknowledged the impact that Regulation Best Interest and Form CRS will have on retail investors.  In order to help broker-dealers with the June 30, 2020 compliance date for Regulation Best Interest and Form CRS, OCIE will engage with broker-dealers during the exam process to answer questions they may have concerning implementation of the new rules.

With regard to RIAs as fiduciaries, OCIE will focus on whether they have fulfilled their duties of care and loyalty by providing advice in the best interests of their clients and eliminating—or at least exposing—conflicts of interest.  Fees and expenses, as well as undisclosed—or inadequately disclosed—compensation arrangements, will likely continue as focus areas.

 Information Security

 In 2020, OCIE examiners will focus on:

  • Governance and risk management;
  • Access controls;
  • Data loss prevention;
  • Vendor management;
  • Training; and
  • Incident response and resiliency.

As in past years, these focus areas will allow OCIE to prioritize cyber and other information securities risks in each of its five examination programs.  Examinations will focus on proper configuration of network storage devices, information security governance generally, retail trading information security, and RIAs’ protection of clients’ personal financial information.  With respect to third-party and vendor risk management, OCIE will focus on oversight related to certain service providers.

 Fintech and Innovation, Including Digital Assets and Electronic Investment Advice

 Recognizing that advancements in financial technologies, methods of capital formation and market structures, and registered firms’ use of new sources of data warrant ongoing attention and review, OCIE has placed particular emphasis on Fintech and Innovation in 2020.

In the digital asset space, OCIE will continue to assess: (1) suitability; (2) portfolio management and trading practices; (3) safety of client funds and assets; (4) pricing and valuation; (5) effectiveness of compliance programs and controls; and (6) supervision of employee outside business activities.

With regard to “robo-advisers” or automated investment tools and platforms, OCIE will continue its focus on:

  • Registration;
  • Cybersecurity policies and procedures;
  • Marketing;
  • Fiduciary duty, including adequacy of disclosures; and
  • Effectiveness of compliance programs.

Additional Focus Areas Relating to Investment Advisers, Investment Companies, Broker-Dealers, and Municipal Advisors

 These registrants can expect OCIE to continue its risk-based examinations in 2020.

  • New RIAs and RIAs registered for several years that have yet to be examined should expect to become areas of focus for OCIE in 2020.
  • Investment companies can expect examinations focusing on mutual funds and ETFs, RIA activity, and oversight practices.
  • Broker-dealer examinations will focus on recent rulemaking and trading practices, and
  • Municipal advisor examinations will include registration and continuing education requirements, as well as fiduciary duty obligations.

 Anti-Money Laundering

 AML is a repeat priority for OCIE as it is for all regulators in the financial industry regulatory space.  In 2020, OCIE will examine whether broker-dealer and investment companies are complying with their AML obligations.  OCIE notes four areas of review:

  • customer identification programs and SAR filing obligations;
  • customer due diligence;
  • compliance with beneficial ownership requirements; and
  • timely and robust independent testing of AML programs.

 Market Infrastructure

 With respect to market infrastructure, OCIE will continue examinations of entities providing services critical to market infrastructure, including clearing agencies, national securities exchanges, alternative trading systems, and transfer agents.  Particular attention will be given to the security and resiliency of entities’ systems.


OCIE’s examination priorities for 2020 will largely follow prior focus areas, emphasizing the protection of retail investors with particular focus on fee disclosures, senior investors, and retirement accounts.  OCIE will also continue to examine firms’ abilities to manage risk associated with cybersecurity breaches, money laundering, and digital assets and electronic investment advice.  Finally, regulated firms are reminded that the examination priorities identified are not exhaustive and that OCIE will continue to conduct examinations determined through a risk-based approach that includes analysis of an entity’s history, operations, services, products offered, and other factors.

This blog post originally appeared on our sister site, Subject to Inquiry

The U.S. District Court for the Western District of Texas recently clarified the applicable rate for the calculation of prejudgment interest under the Texas Securities Act (TSA).  In FDIC v. Deutsche Bank Securities Inc., the FDIC, acting as receiver for Guaranty Bank, brought claims against the defendant bank under the TSA stemming from the sale of residential mortgage-backed securities prior to the financial crisis.  While discovery was ongoing, the defendant moved for partial summary judgment seeking a determination regarding the calculation of potential damages, including prejudgment interest.

In ruling on the summary judgment motion, the court noted that while the TSA states that a buyer can recover “consideration paid for the security plus interest thereon at the legal rate,” the term “legal rate” is not defined in the TSA.  Relying on other sources, including the Texas Constitution and Section 302.002 of the Texas Finance Code, the court held that the applicable legal rate of prejudgment interest was 6%.  In advance of trial, and after the case was reassigned to a different district judge, the defendant moved for reconsideration of the court’s opinion regarding the applicable prejudgment interest rate, arguing that the applicable rate was the coupon rate specified in the securities’ certificates.  The FDIC opposed, arguing that Section 302.002 of the Texas Finance Code sets the rate at 6% per year, as was initially determined by the court.

In an amended order granting the motion for reconsideration, the court held first that the coupon rate did not apply because the certificates at issue were not contracts that obligated the defendant to pay a set interest rate.  The court then rejected the FDIC’s assertion that Section 302.002 of the Texas Finance Code governed, because that Section of the Finance Code only applies to contracts that establish a debtor-creditor relationship.  Instead, the court held that where there is no relevant contract specifying an interest rate, Section 304.003 of the Texas Finance Code (which also applies to breach of contract claims where no rate is specified in the contract) supplies the proper prejudgment interest rate under the TSA.  Section 304.003 states that such interest rate is the prime rate published by the Federal Reserve on the date of computation, with a floor of 5% and a cap of 15%.

If widely adopted, and given the substantial impact that prejudgment interest can have on a final damages award, defendants facing claims under the TSA should heed trends in the Federal Reserve prime rate when analyzing their potential exposure.


On Friday, the U.S. Supreme Court agreed to consider the constitutionality of the Dodd-Frank Act law that prohibits the President from removing a CFPB Director except for “inefficiency, neglect of duty, or malfeasance” — the so-called “for cause” restriction (see 12 U.S.C. §5491(c)(c)).  The Court’s decision to address this restriction, which the CFPB announced last month it would no longer defend, is not a surprise.  We therefore focus here on three key questions raised by the decision for those affected by the CFPB’s activities:

  1. Is the Court likely to find the “for cause” restriction unconstitutional?
  2. If there is a constitutional violation, what remedy is the Court likely to impose?
    • The Court specifically directed the parties to address this second question on Friday.
  3.  What are the potential practical impacts of a Court ruling on these issues?

Likely Constitutional Ruling

Most observers appear to believe, and we agree, that at least five justices will vote to hold the restriction unconstitutional, as now-Justice Kavanaugh decided in what we believe was a persuasive opinion when the question was before him at the D.C. Circuit three years ago (see our prior posts on that case here and here).  Restricting a President’s ability to remove a single head agency of a powerful regulatory agency (as opposed to individuals on a multi-member commission) is unprecedented.  Indeed, the case that most supports the restriction, Morrison v. Olson, which upheld a similar restriction on the removal of a statutorily appointed Independent Counsel, may be ripe for reconsideration, as the Justice Department pointed out in its brief to the Court (at p. 16 n.2).  A ruling that the restriction is unconstitutional is all the more likely now that the CFPB and the Solicitor General have announced that they will not defend the statute.  In fact, it appears that the Court will have to appoint an amicus to present that defense.

What is the Remedy?

In Friday’s order, the Court also instructed the parties to address a related but not unexpected question:  If the CFPB “is found unconstitutional on the basis of the separation of powers, can 12 U.S.C. §5491(c)(3) [the for-cause removal provision] be severed from the Dodd-Frank Act?”  This question just raises the remedy issue, specifically, whether the correct remedy for the (presumed) constitutional defect is:

  • the limited remedy of striking the “for cause” restriction, thereby making the Director removable at will; or
  • some broader remedy like invalidating the agency entirely, which is the result advocated by the petitioner in the case now before the Court, a law firm defending a CFPB Civil Investigative Demand.

The first, limited remedy, which the Justice Department is advocating for, seems the most likely one to us.  As the government pointed out, it is the remedy selected by the Supreme Court in a recent case involving the Public Company Accounting Oversight board (at pp. 16-17).  Moreover, in the case now before the Court (and unlike that recent one), there is clear evidence of Congress’ intent – the severability clause in the Dodd-Frank Act – in the event the Court finds a constitutional defect.  That clause in the Dodd-Frank Act provides that if “any provision of” the Act “is held to be unconstitutional, the remainder of this Act … shall not be affected thereby.”  12 U.S.C. § 5302.

Practical Effects

As interesting as the constitutional issue is to academics, there may be little to no practical effects in the short-term if the Court decides merely to “blue-pencil” out the “for cause” restriction.  President Trump already has his preferred personnel installed at the CFPB.  Indeed, the most significant effect under a limited-remedy scenario may only come if President Trump is defeated next fall.  With the statute as it stands now, current CFPB Director Kathleen Kraninger is entitled to serve out her full five-year term, until 2023; but if the Court makes her removable at will, a new President presumably would replace her with someone more in tune with that President’s views.

In the meantime, while a few courts may be amenable to arguments by enforcement targets that cases involving them be stayed until the high Court rules, we doubt that those cases will be much impacted in the end.  As now-Justice Kavanaugh observed when the CFPB’s structure was before the D.C. Circuit, in the several recent cases where other agencies were found to be unconstitutionally structured, those agencies and the courts “[w]ithout major tumult” have “subsequently worked through the resulting issues regarding the legality of past rules and of past or current enforcement actions” (at pp. 69-70 n.19).  We would note that the parties with the best hope for some retrospective relief may be those who can show adverse effects from prior Director Richard Cordray’s “over-stay”:  the ten-month period when he continued to serve during the Trump Administration.  The Court’s forthcoming opinion in this case may shed light on the effect, if any, of a ruling that the statute is invalid on past and current CFPB actions, or potentially could leave important questions unanswered, resulting in significant uncertainty and litigation.

Finally, this case may also provide the final answer to a similar question about the for-cause restriction on removing the head of the Federal Housing Finance Agency, which oversees Fannie Mae, Freddie Mac, and the Federal Home Loan Banks.  The U.S. Court of Appeals for the Fifth Circuit already has found that restriction unconstitutional.

On Tuesday, the Consumer Financial Protection Bureau (“Bureau”) published a revised No Action Letter (“NAL”) policy aimed at offering financial innovators an avenue for obtaining more regulatory certainty before introducing new products and services. The Bureau paired its release of the revised NAL policy with an announcement of two new, related policies: one aimed at offering protection to the same innovators by allowing them to test new products in a controlled, “sandbox” environment; and one offering protection for products and services described by “trial disclosures.” Recognizing that financial companies with new offerings face regulatory risk at the state level as well, the Bureau separately announced a new partnership with State Attorneys General designed to promote innovation.

A.  Revised “No Action Letter” Policy 

The new NAL Policy is the Bureau’s second attempt to implement a workable “no action” process along the lines of the practice that has worked well for years at other regulatory agencies, such as the Securities and Exchange Commission. In general, a “no action” policy is intended to offer an industry a procedure for obtaining some certainty, in advance of introducing a new business practice, that the regulator will not challenge the practice as unlawful in supervision or enforcement proceedings. The industry applicant generally obtains that assurance by having counsel describe the practice, and why it is beneficial rather than harmful, in writing to the regulator, who can then respond that the agency will take “no action” if the practice is adopted as described.

The Bureau’s initial NAL Policy, published in 2016 when President Obama’s appointee, Richard Cordray, headed the agency, resulted in only one no action letter. Critics cited several problems with the original policy, including that: a NAL would be revocable at any moment, undermining its main benefit; the policy contemplated making many public — and therefore available to plaintiffs’ lawyers — many materials from the process, including NAL applications and denials; and the policy also permitted the Bureau to make ongoing, invasive data requests from the applicant even after issuing a positive letter.

The revised NAL Policy, according to the Bureau, offers industry “a more streamlined review process.” At 67 pages, however, the Policy is worthy of close study. The Bureau also released an initial, positive no action letter under the new Policy, responding to a request from the Department of Housing and Urban Development (and others) that the Bureau take no action under the Real Estate Settlement Procedures Act’s anti-kickback prohibition regarding certain fee-for-service arrangements between housing counselors and lenders.

B.  “Trial Disclosure Program” and “Compliance Assistance Sandbox” Policies 

In connection with the revised NAL Policy announcement, the Bureau also finalized two other policies intended to allow innovators to introduce new financial products, in consultation with the Bureau, on an initial, limited basis without fear of supervisory or enforcement action: a Trial Disclosure Program (“TDP”) Policy, and a “sandbox” initiative called the Compliance Assistance Sandbox (“CAS”) Policy.

C.  New Partnership with State Attorneys General 

On the same day that the Bureau unveiled its three new policies, the agency also announced the creation of a partnership with certain state regulators. The Bureau describes this partnership — called the “American Consumer Financial Innovation Network,” or “ACFIN” — as one that is open to all state consumer financial regulators, but to date the agency has signed up only Attorneys General elected as Republicans in seven states, none of which are generally viewed as “high risk” states in terms of regulatory risk (Alabama, Arizona, Georgia, Indiana, South Carolina, Tennessee, and Utah).

ACFIN’s purpose, according to the Bureau, is to “enhance coordination among federal and state regulators to facilitate financial innovation.” In theory, such coordination could bring more consistency and certainty to the consumer finance industry. In practice, however, state regulatory oversight and enforcement, and private plaintiff litigation, will continue to present challenges to fintech companies and others trying to chart a course in an uncertain regulatory environment. It remains to be seen whether the Bureau and state regulators can work together to agree on standards that apply to consumer financial services innovators.

On Monday, July 8th, FINRA and the SEC took the unusual step of issuing a joint statement on broker-dealer custody of digital asset securities. In doing so, the Staffs of the SEC’s Division of Trading and Markets and of FINRA’s Office of General Counsel made clear that the SEC and FINRA will continue to apply the existing regulatory framework to the rapidly evolving world of digital assets.

The joint statement notified market participants that any entity that buys, sells, or otherwise transacts in, or effects transactions in, digital asset securities, may be subject to federal regulations, including regulations that may require them to register with the SEC as a broker-dealer and become a member of FINRA.

The joint statement focuses on the Customer Protection Rule, noting that any entity that acts as a broker-dealer must comply with that rule. The Customer Protection Rule requires broker-dealers to safeguard customers’ assets and keep them separate from the firm’s assets, which makes it more likely that a customer’s assets will be returned if the broker-dealer fails. Given the potential for cyberattacks on digital assets trading platforms, and given the way digital asset securities are issued and exchanged, the Customer Protection Rule can present challenges to broker-dealers operating in the digital asset space.

FINRA has received New Membership Applications and Continuing Membership Applications from new and existing broker-dealers that wish to engage in broker-dealer activities involving digital assets. The Applications show that broker-dealers are considering two types of business models. Some broker-dealers are considering providing non-custodial services when it comes to digital assets, which means that the broker-dealer would engage in transactions without ever taking custody of the digital assets (for example, by trade-matching or providing introductions).

Other broker-dealers are pursuing a business model that involves custodying assets. The joint statement noted that broker-dealers that wish to custody assets may find it difficult to comply with the Customer Protection Rule. Fundamentally, the unique way that digital asset securities are issued, held, and transferred makes it challenging to comply with the requirements of the Rule, which requires that a good control location is established and verified. There is an increased risk to the assets from cyberattacks and resulting fraud or theft. Further, transfers to unknown or unintended addresses may leave the broker-dealer without a means to reverse the transaction or otherwise recover the assets. The statement also acknowledges that the issues of establishing the existence of the asset, or establishing that it is in a good control location, also present challenges for the firm’s independent auditor in completing the audit and evidencing their review. The staffs of the SEC and FINRA expressed their desire to engage with market participants, as market participants continue to develop technology that might provide solutions to custody issues.

While it is unusual for the SEC and FINRA to issue joint statements, this statement is similar to other SEC pronouncements in the fintech field in that it expresses a desire to engage with, and learn from, market participants, and makes clear that the existing regulatory framework applies to this rapidly evolving field.



Members of the SEC’s Strategic Hub for Innovation and Financial Technology (“FinHub”) and experts in Fintech came together on May 31st for the SEC’s public forum focusing on distributed ledger technology and digital assets.  As a whole, the panelists grappled with the challenge of regulating an emerging technology that does not fit neatly within the current regulatory regime.  The SEC’s stated goal is to regulate without inhibiting innovation. Throughout the Forum, the SEC staff encouraged industry participants to engage with the SEC Staff as partners to achieve that goal.

Setting the Stage

The SEC – in remarks by Valerie A. Szczepanik, Senior Advisor for Digital Assets and Innovation and Associate Director in the SEC’s Division of Corporation Finance and the head of FinHub, Chairman Jay Clayton, and Commissioner Hester Peirce – emphasized the importance of regulators engaging with the industry and innovators in the Fintech space. This type of substantive engagement is necessary to advance the regulator’s knowledge and understanding of the industry in order for it to be an effective regulator and to enhance – and not stifle – innovation and opportunities.

The Forum largely consisted of four panel presentations: 1) Capital Formation Considerations; 2) Trading and Markets Considerations; 3) Investment Management Considerations; and 4) Industry Trends in Distributed Ledger Technology (“DLT”).

Capital Formation Considerations

The first panel focused on the use of digital assets in capital formation. In his introduction of the panel, the Director of the Division of Corporation Finance stated that there is tremendous potential for digital assets to facilitate capital formation.  He noted, however, that the Commission Staff would benefit from issuer engagement on many important issues, including disclosure, accounting issues, and the rights of token holders.

The panel covered many issues, including whether or not tokens are securities. They noted that, given the nature of digital assets, there will be instances when digital assets constitute a security and instances when they do not.  The Staff referenced its recently released “Framework for ‘Investment Contract’ Analysis of Digital Assets,” which reviews digital assets through the lens of the Howey test. One of the more interesting observations was the concept that digital assets can evolve – that is, they can have characteristics of a security at the outset of a project, but then lose those characteristics as a project is established.

Given the SEC’s framework, many observers questioned whether a digital asset could ever be anything other than a security.  On April 3rd of this year, however, the SEC staff issued the TurnKey Jet (“TKJ”) no-action letter. In determining that the TKJ token was not a security, the SEC identified a number of factors including, among others:

  • TKJ would not use funds from token sales to develop the Platform, Network or App, which would all be operational when the tokens were sold;
  • Transfers would be restricted to TKJ Wallets;
  • Tokens would be immediately available to purchase air charter services when sold; and
  • Marketing the tokens would focus on their functionality for purchases and not their value as a potential investment opportunity.

Other issues that the discussed included:

  • The possible the tokenization of stocks, which could simplify and streamline clearance and settlement.
  • The ability to develop smart contracts to facilitate compliance with customer identification and know your customer obligations by programming AML and KYC rules into a smart contract.
  • The challenging custody issues that digital assets present and the fact that they are currently managed in different ways, including use of “wallets” (or “under the mattress”) and in a company’s Treasury operations.

Trading and Markets Considerations

This panel focused on the complexities of trying to regulate a secondary market involving digital assets.  The SEC regulates all exchanges, regardless of whether the trading platform is centralized, decentralized, or a hybrid platform.  All exchanges are required to register with the SEC.

The Director of Trading & Markets set the stage for the panel. He referenced the “Statement on Digital Asset Securities Issuance and Trading” issued on Nov. 16, 2018, by the Divisions of Corporation Finance, Investment Management, and Trading and Markets after a series of enforcement actions involving offers and sales of digital asset securities, investment vehicles investing in digital asset securities, and secondary trading of digital asset securities. The Director noted that technology does not define the regulatory obligations, but rather the activity in which the actor is engaging defines the obligations.  Lastly, the Director noted the need for regulators to balance innovation with investor protection.

The panel addressed several issues facing the secondary markets, including finality of transactions, custody, and the presence of numerous state and federal regulators with different regulatory requirements. Some of the panel’s observations included:

  • There is a challenge to finality in the secondary market. While the financial markets want a clear idea of finality, the concept is less clear in the realm of digital assets. The panel pointed out that finality in the cryptocurrency space will need to be defined.
  • DLT has tremendous potential to reduce the settlement cycle. As the settlement cycle decreases, the volume of securities available to be loaned out decreases. This would likely impact securities financing and collateral management.
  • Custody can be particularly challenging in the digital asset space. The type of controls will evolve. For example, if one agent has a key but needs two other keys to access the asset, the first agent would not have custody of the asset. The panel noted the phenomenon of Air Drops, where someone who holds a particular digital asset might be gifted another asset simply by virtue of holding the initial asset. The panel also noted the challenges with “forks” in various digital assets.

Investment Management Considerations

Many funds have an increased interest in holding digital assets.  Funds wishing to do so face numerous challenges, including custody, valuation, transparency, liquidity, and potential manipulation of digital asserts.

Where innovation is important, so are protections.  The panel discussed principals-based regulation as the most rational way to apply regulations to ever-changing technology. Points made by the panel included:

  • Custody is an issue for any fund wishing to hold digital assets because investment companies and investment advisers have custody requirements and holdings must be custodied with a “qualified custodian.” How does a custodian hold a digital asset without transferring ownership to the custodian? The panel discussed options to answer this question. There was consensus that the custody issue should ultimately be solvable.
  • A more challenging issue is meeting AML and KYC requirements. The encryption and anonymity of distributed ledger technology conflict with the central requirements of AML/KYC.
  • The panel also discussed issues arising from independent audit requirements. How can an auditor prove the existence of digital assets? Proving ownership of digital assets may require transferring them. Transferring the assets, however, entails some risk, because there is risk every time an asset is moved.
  • On January 18, 2018, the SEC’s Division of Investment Management staff published an open letter to the ICI and SIFMA seeking to engage the industry on fund innovation and cryptocurrency. The Staff sought input on several issues facing investment companies and investment advisors seeking to integrate digital assets into their holdings. In its request, the SEC staff sought industry input on the following issues: valuation, liquidity, custody, arbitrage (for ETFs), and potential manipulation and other risks.

Distributed Ledger Technology Innovations: Industry Trends and Specific Use Cases for Financial Markets

The Director of the Office of Compliance Inspections & Examinations (“OCIE”) noted that OCIE reviews technology in examinations by assessing (1) what is the technology designed to do, (2) how is it implemented, and (3) how do the firm’s compliance systems and written supervisory procedures address technology.  He noted that OCIE strives to stay ahead of technology issues by: (1) achieving transparency through outreach, (2) using forums to listen to firms, and (3) tracking new technology through examinations.  Finally, he noted that advisers are treading carefully in the digital assets space, with only 650 advisers indicating an intent to trade in digital assets.

The panel kicked off with a discussion of the challenges of regulating in this space. In a sense, the panel noted that there has been an attempt to build regulatory controls onto a permission-less system, in effect, tethering back or controlling a system that was not designed to operate in that way. Critical areas impacted are privacy, AML, and dispute resolution.

  • Privacy and identity management. The panel explored the privacy and data security aspects of using “zero knowledge proof” and how the ability to provide certain information without handing over the personal confidential information could meet verification goals and actually be more secure and protect privacy interests than current practices do.
  • The panel noted that FinCEN had recently reaffirmed the application of its requirements to virtual currency transactions when they issued guidance on May 9, 2019. The panel acknowledged that there was a need to know who one is transacting business with and what they are doing – “regulating the on and off ramps.” But they noted that these are all solvable issues.
  • Dispute resolution. While noting that smart contracts are not designed to have a dispute resolution backstop, the panelists noted that there could be a way to build such a mechanism into smart contracts. One example mentioned was to have a third key that goes to an arbitrator. This would enable a code that would tie back to the requirements in the legal world.

The panel also noted the different ways that blockchain and distributed ledger technology come into play regarding assets. The panel discussed: (1) native tokens, where the token is the value (e.g., Bitcoin), (2) asset backed tokens, where the asset is held elsewhere, including in a regulated entity as custodian, and (3) high quality liquid assets (e.g., basket of securities where ownership may change where the technology, custodian arrangement and legal concepts provide nimble transfers and reduce balance sheet drag).


The SEC’s staff’s Fintech conference was a good demonstration of the critical importance that regulator, business, and technology engagement. The potential for this new technology to innovate and revolutionize capital formation and value exchange is undeniable. The success of the technology and the platforms and ultimately reaching their full potential will depend on the participants and the stakeholders ensuring that it works.  The business, counter parties, investors, the general public acceptance build off of trust, avoiding systemic breakdowns, and having non-intrusive guardrails. Accomplishing this with engagement by the innovators in this space with the regulators that are responsible for those guardrails – investor and market protection – makes sense.

The full webcast can be found here.


This post follows up on our earlier “primer” and flash alert on the Consumer Financial Protection Bureau’s proposed rule (the proposal) to implement the Fair Debt Collection Practices Act, which the CFPB released with a Fact Sheet and a Table of Contents to the proposal. Below, we describe key details of the proposal, and provide further information from stakeholders and the CFPB that has become available since the proposal’s publication.

McGuireWoods also will host a free webinar on the proposal in the coming weeks; a date will be announced soon.

Comments on all aspects of the proposal are due 90 days after it appears in the Federal Register, which should be any day now.

I. Summary of Key Points

  • The proposal would apply only to “debt collectors” as defined by the FDCPA. Importantly, owners of debt — even debt in default when purchased — would continue to fall outside the branch of the “debt collector” definition that covers those who regularly collect debts “owed or due, to another.” As a practical matter, this means that the only “first-party” collectors (i.e., collectors who own the debt) who would generally be regulated as “debt collectors” would continue to be those who operate a “business the principal purpose of which is the collection of debts.”
  • Nonetheless, many of the proposal’s requirements regarding what is unfair, deceptive or abusive under the FDCPA likely would be viewed as informing the UDAAP/UDAP analysis that applies to every person collecting consumer debts.
  • The proposal would regulate communications by debt collectors in several key ways. In particular, it would:
    • cap at seven the number of telephone calls that debt collectors may place to consumers within a seven-day window about a particular debt;
    • impose a waiting period of seven days after a debt collector has a telephone conversation with a person about a particular debt;
    • permit unlimited electronic communications about a debt, but require a debt collector to include in any e-mail, text message or other electronic communication a clear and conspicuous statement describing a way for the consumer to “opt out” from receiving any further messages through that particular medium;
    • prohibit communications about a debt via a workplace email addresses (with exceptions) and through public-facing social media platforms; and
    • create an exception to communications limits and requirements for messages satisfying the definition of a new term, “limited content message.”
  • The proposal would standardize the “debt-validation” disclosures to consumers long required by § 809 of the FDCPA.

Continue Reading The CFPB’s Debt-Collection Proposal: Key Details and Webinar

A federal district court recently refused to dismiss a complaint alleging that a real estate marketing company operated its “co-marketing program” among real-estate agents and mortgage lenders in a manner that violated the anti-kickback provision of the Real Estate Settlement Procedures Act (“RESPA”). In particular, the court concluded that plaintiffs in the case had plausibly alleged that:

  • lenders paid into the co-marketing program more, and sometimes much more, than the reasonable market value of their share (versus their partner agents’ share) of joint costs for leads and advertising services actually provided; and
  • the excess amount paid was in fact a benefit to the real estate agents in exchange for the agents’ agreement to refer customers to the lenders.

2019 WL 1755293 (W.D. Wa. Apr. 19, 2019).

The court reached the first conclusion, regarding whether lenders paid more than reasonable market value, in part by relying on allegations about what lenders paid the real estate marketing company for similar services that did not involve participating real estate agents. More generally, the court relied on confidential witness statements from former employees of the company put forward by plaintiffs, including allegations in those statements and in separate employment-discrimination lawsuits against the company, that the company ignored or retaliated against employee whistle-blowers who reported that illegal referral payments were being made through the co-marketing program.

The court does appear to have made one legal error, though it likely did not affect the holding that plaintiffs had plausibly alleged payments by the lenders in exchange for referrals by the agents. The court viewed as RESPA “referrals” not only alleged attempts by the real estate agents to influence customers to select the participating lender, but also instances in which agents only passed to lenders the name and contact information of customers that had chosen to have such information go only to the agent. 2019 WL 1755293, at *4-5. While providing a lender with a lead in spite of the customer’s wishes may be problematic for other reasons, doing so is not a “referral” under RESPA, which instead requires that the referring party either (i) affirmatively influence the selection by the customer of a provider, or (ii) require the customer to use that provider. (12 C.F.R. § 1024.14(f).) The mere purchase of leads, or prospects, that the purchaser may then contact on its own has long been viewed as permissible under RESPA, at least where the seller of the leads does not endorse the purchaser or its product or services.

Key Takeaways

  • Lenders and other companies involved in real estate transactions should regularly review and monitor their provision and receipt of fees and other benefits in connection with the transactions, to ensure that those benefits are not being provided in exchange for referrals of customers.
  • Review and monitoring should include periodic determinations that even where benefits are provided in exchange for advertising, lead generation or other goods or services, those benefits approximate the reasonable market value for the goods or services. Providers of settlement services must assess in particular whether more than market value is provided, in which case the excess may be a disguised payment for referrals. This value standard sometimes also is described as whether payments are reasonably related to the value of the goods or services.
  • Determining fair market value can be challenging, but some good faith attempt must be made. In this case, there was an allegedly very easy comparison to be made, between the lenders’ co-marketing payments and lenders’ payments for services not involving real-estate agents.
  • Charges that a company received but ignored whistle-blower reports about illegal activity have a profound influence on courts. Companies must continue to take such reports seriously, to conduct a reasonable review or investigation, and to document the results.
  • Employees must be properly trained to understand RESPA’s anti-kickback, including the reasonable market value standard.

See below for more details on this case.

The Lawsuit

Although RESPA is at the core of the case, the case is in fact a typical securities class action. Plaintiffs allege that the company’s representatives made materially misleading public statements (with scienter), which in turn caused plaintiffs to purchase stock at a price that was artificially inflated by the statements. When the truth of the statements were called into question, plaintiffs allege, the resulting drop in the stock price caused them losses. RESPA’s anti-kickback provision is at issue because the allegedly false statements were that the real estate marketing company operated its co-marketing program in compliance with RESPA, when in fact the company allegedly operated it in a manner that violated RESPA. The company’s statements about RESPA compliance were called into question as a result of disclosures about a CFPB investigation of the company.

The threshold issue in the lawsuit, therefore, is whether the defendants’ statements of RESPA compliance were true; that is, whether the real estate marketing company’s operation of its co-marketing program did, in fact, comply with RESPA. In an earlier opinion, the court found that plaintiffs had not adequately alleged a RESPA violation, but gave them leave to re-plead with more particular allegations. Plaintiffs then did so, setting up the court’s decision in the later decision.

The Co-Marketing Program

The real estate marketing company launched a co-marketing program in 2013 that allowed a participating lender to pay a portion of a participating real estate agent’s advertising costs directly to the company in exchange for appearing on the agent’s listings on the company’s website and receiving from the company at least a portion of the leads it would send to the agent. How many of the agent’s leads would also go to the lender would depend on whether the user “opted out” from her information going to both parties.

 CFBP Investigation and This Lawsuit

Beginning in 2015, the real estate marketing company received inquiries from the CFPB regarding its co-marketing program. In February 2017, the company received a Notice and Opportunity to Respond and Advise letter from the CFPB, stating the CFPB was considering whether to recommend legal action against the company for violation of RESPA’s anti-kickback provision. In May 2017, the company publicly disclosed the CFPB’s investigation, but executives allegedly stated to investors that the co-marketing program complied with RESPA.

In August 2017, the company publicly disclosed that the CFPB had concluded its investigation, but wanted to discuss settlement or pursue further action. The company’s stock price fell as a result of that last disclosure. Shortly thereafter, investors filed a class action suit against the company and two executives, alleging that the investors purchased shares before the last disclosure at a price that was inflated by the executives materially misleading statements about RESPA compliance. Ultimately, in June 2018, the company reported that the CFPB determined not to take any enforcement action.

This Opinion Denying the Motion to Dismiss

In denying defendants’ motion to dismiss the complaint that plaintiffs had amended, the Court concluded that:

  • The new complaint pled facts sufficient to allow the Court to infer that the real estate marketing company designed its co-marketing program to allow agents to provide referrals to lenders in violation of RESPA, and that such referrals were occurring. The pertinent facts contained in the complaint included:
    • Two anonymous-witnesses statements, made by prior employees of the company. In essence, the statements reported that there was an understanding and practice among the company, the agents, and the lenders that lenders were paying for agents’ referrals of customers.
  • The allegations were sufficient to infer that the company designed the co-marketing program to allow lenders to pay more than fair market value for their share of marketing services. The pertinent alleged facts included:
    • Several indications that the co-marketing program’s prices were more expensive for lenders than comparable programs with the company not involving real-estate agents.
    • An anonymous witness statement by a former employee of the company describing how in practice lenders were able to make payments of up to 90% of co-marketing costs, which was corroborated by allegations in a wrongful termination suit filed in 2015.