Firm News

In a recent blog post, the Consumer Financial Protection Bureau (“CFPB”) returned to the topic of Buy Now, Pay Later (“BNPL”) to encourage standardized credit reporting of BNPL lines. BNPL programs typically involve short-term, no-interest consumer credit offered at the point of sale, online and occasionally in brick-and-mortar stores. In December 2021, the CFPB announced an inquiry into BNPL, issuing orders to five major BNPL companies requesting information regarding the risks and benefits of their programs. See our ALERT of Dec. 17, 2021. The inquiry named the accumulation of debt as an area of focus, targeting a concern that lack of credit reporting heightens the potential for people to accumulate debt by making multiple BNPL purchases with multiple companies. Read More

The California Department of Financial Protection and Innovation (“DFPI”) released the final regulations implementing the Commercial Financing Disclosure Act. The regulations are a culmination of a long regulatory process. See our prior ALERTS dated Apr. 8, 2021, Oct. 14, 2021 and Nov. 16, 2021. These regulations set forth the precise formatting and calculation methods to make the required commercial disclosures. While similar to the most recent iteration of the regulations, the finalized regulations have been substantially revised from the initial proposed regulations.. Read More

On May 10, 2022, Connecticut joined several other states in enacting a consumer privacy law, the Connecticut Personal Data Privacy and Online Monitoring Act (“Act”). The Act creates rights for consumer’s to correct, access, delete and obtain personal data. The Act also gives consumers the right to opt-out of personal data processing related to (i) targeted advertising, (ii) certain sales of personal data or (iii) certain profiling.

Furthermore, the Act requires controllers, defined as those who determine the purpose and means of processing personal data, to limit the collection of data to what is relevant and adequate and provide consumer’s a reasonably accessible and clear privacy notice, among other requirements. Read More

Within a month, Virginia and Utah both enacted legislation aimed at controlling merchant cash advance transactions through registration and disclosure requirements. The Virginia statute becomes effective July 1, 2022, with a registration deadline of November 1, 2022. The Utah statute becomes effective January 1, 2023.

The Virginia Act adds a new chapter to the Financial Institutions title of the Virginia Code governing Sales-Based Financing Providers. See Va. Code Ann §§ 6.2-2228 et seq. “Sales-based financing” is defined as a transaction that is repaid by the recipient to the provider, over time, as a percentage of sales or revenue, in which the payment amount may increase or decrease according to the volume of sales made or revenue received by the recipient and includes a mechanism where the financing is repaid as a fixed payment but provides for a reconciliation process that adjusts the payment to an amount that is a percentage of sales or revenue. Read More

Digital currencies were once only accepted as payment by outlier businesses in the U.S. With the global rise in popularity of use of digital currency as payment for goods and services, common usage of digital currency for payments is becoming a reality. Uncertain economic times and global turmoil are moving businesses and consumers to use digital currency over fiat currencies because of its flexibility, security and resistance to inflation.

Stripe, Inc. (“Stripe”), a global payment processing platform, is leading the way in integrating digital currency as a common form of payment. Stripe now provides point of sale software for businesses to accept digital currencies as payment for goods and services that is converted into fiat currency. Digital currency accepted using Stripe’s software is immediately converted into fiat currency before being provided to a business. Read More

On March 7, 2022, Opportunity Financial, LLC (“OppFi”) sued Clothilde Hewlett in her official capacity as Commissioner of the California Department of Financial Protection and Innovation (“DFPI”) seeking declaratory judgement and injunctive relief for threatened enforcement of California’s Fair Access to Credit Act (“AB 539”). Complaint, Opportunity Financial, LLC, v. Hewlett, No. 22STCV08163 (Cal. Super. Ct., March 7, 2022). AB 539 became effective on January 1, 2020, amending the California Financing Law (“CFL”) and imposing an interest rate cap of 36% for covered loans between $2,500 and $10,000 made by “finance lenders” subject to the CFL.

The complaint alleges that the Enforcement Division of the DFPI indicated to OppFi that the loan program, a partnership with FinWise Bank, was in violation of the CFL because OppFi was the “true
lender” and was charging interest rates in excess of those permitted under the CFL. OppFi further alleges in its complaint that the DFPI has threatened to and is using AB 539 as a weapon to wage war against OppFi and other FinTechs operating similar bank partnership programs. Read More

Equifax, Experian and TransUnion have announced that they will change how they approach medical debt on consumer credit reports. Effective July 1, 2022, Equifax, Experian and TransUnion will no longer consider paid medical collection debt on consumer credit reports.

These joint measures are expected to remove nearly 70% of medical debt in collections from consumer credit reports. New unpaid medical debts will not be added to consumer credit reports until a full year after being sent to collections. Reportedly, the three credit bureaus are planning to remove any unpaid medical debt of less than $500 in 2023, with the potential for that threshold to rise. Read More

In a recent complaint, the FTC alleged that Residual Pumpkin Entity, LLC, (formerly doing business as CafePress) and PlanetArt, LLC, failed to take proper security measures to protect consumer’s data. FTC Complaint, File No. 1923209, https://www.ftc.gov/system/files/ftc_gov/pdf/CafePressComplaint_0.pdf. TThe FTC alleged that Residual Pumpkin and PlanetArt stored social security numbers and security answers in clear readable text and created unnecessary risks to personal information by storing it indefinitely on its network without a business need. In February of 2019, hackers exploited security weaknesses and obtained passwords, security questions and social security numbers, among other items of personal information. The FTC further alleged in the complaint that appropriate steps were not taken to secure access to consumer accounts following security breach incidents. Read More

On March 4, 2022, the Utah legislature joined several other states in passing a consumer privacy law, the Utah Consumer Privacy Act (“Act”). Once signed by the governor, as is expected, the Act will become effective December 31, 2023. The Act creates a right for consumers to access and delete personal data maintained by certain businesses and to opt out of the collection and use of personal data for certain purposes. The Act also requires businesses that control and process consumer’s personal data to provide information regarding how a consumer’s data is used and to accept and comply with a consumer’s request to exercise rights under the Act.

The Act does not create a private right of action for consumers, only the Utah Attorney General may enforce the Act. The Act applies to controllers and processors. A controller is defined as a person doing business in Utah who determines the purposes for which and the means by which personal data is processed, regardless of whether the person makes the determination alone or with others. Processor is defined as a person who processes personal data on behalf of a controller. Read More

The California Department of Financial Protection and Innovation 2021 Annual Report for licensees under the California Financing Law (CFL) is due March 15, 2022. Every CFL licensee as of December 31, 2021 must file the report, even if no business was conducted under the license in 2021. Failure to file the report may result in revocation of the CFL license and monetary penalties. Licensees must submit the form online at https://docqnet.dfpi.ca.gov.
Please contact us with any questions.
Michael Tomkies and Mercedes Ramsey