As a refresher for those who have not been following the case, several trade associations representing payday lenders and credit-access businesses filed a complaint challenging CFPB regulations relating to high-interest consumer loans. The associations raised a number of statutory and constitutional arguments, including that the CFPB “takes federal government money without an appropriations act” in violation of the Appropriations Clause. Under the Dodd-Frank Wall Street Reform and Consumer Protection Act in 2010, the Bureau draws public funds from the Federal Reserve System in an amount not exceeding an inflation-adjusted cap.

As we previously discussed here, after a district court upheld the funding mechanism, a panel of the Fifth Circuit reversed and found it to be unconstitutional on the grounds that its funding structure ​“goes a significant step further than that enjoyed by other agencies” based on its insulation from regular congressional control and oversight.

Today’s decision reverses the Fifth Circuit ruling and holds that “an identified source and purpose are all that is required for a valid appropriation.” Tracing pre-founding history and British parliament’s inability to direct how the Crown’s revenues were spent, the Court concludes that the Appropriations Clause required Congress to “designate particular revenues for identified purposes, but beyond that limit, early legislative bodies exercised a wide range of discretion.” The Court rejected a number of related arguments by the associations, including that it was problematic that the Bureau itself decided its amount of annual funding up to a specified limit without a requirement to periodically reobtain Congressional authorization.

It is difficult to overstate the impact of the decision on the Bureau and its ambitious agenda. A contrary ruling would have called into question past, current, and future regulations and enforcement. Now, the Bureau and Director Rohit Chopra will be emboldened to move forward with haste in the remaining months of President Biden’s current term.

The report was released in conjunction with a hearing co-hosted with the Department of Transportation and featuring remarks and a moderated panel discussion with CFPB Director Rohit Chopra and Secretary of Transportation Pete Buttigieg, along with panelists from consumer groups, policy advocacy organizations, financial institutions, and airlines. Both Director Chopra and Secretary Buttigieg emphasized the importance of transparency in promoting and offering rewards programs and expressed concerns around barriers to competition.

The CFPB report details four categories of common consumer complaints and potential regulatory issues with rewards programs:

• Vague or hidden conditions. The report describes complaints from consumers misled by advertising for rewards programs where important limitations were buried in dense terms or not otherwise adequately disclosed. The reports suggests that such practices may constitute deceptive “bait and switch” offers and notes that the Bureau has brought enforcement actions against companies for failure to clearly and conspicuously disclose material conditions in rewards programs upfront. The report notes that such complaints were particularly prevalent for bonus or introductory offers and so-called “churning” prohibitions intended to protect companies from consumers manipulating rewards programs by serially signing up for and canceling accounts.
• Devaluing earned rewards or changing program benefits. According to the report, consumers regularly complained about issuers or partners devaluing rewards or otherwise eliminating certain benefits associated with membership or status tiers. In remarks at the hearing, Director Chopra noted that, while the Credit Card Responsibility and Disclosure Act of 2009 (CARD Act) prohibits credit card companies from unilaterally changing certain terms in credit card agreements, issuers and partners regularly change terms to rewards and loyalty programs because the CARD Act does not apply. Director Chopra suggested that such changes are problematic and may violate the law if they deprive consumers of promised benefits, particularly where they occur without notice.
• Customer service issues and technical glitches. The report details complaints from consumers who were unable to redeem rewards due to technical glitches, customer service issues, or so-called “doom loops” where consumers are unable to reach the correct entity or department.
• Revocation and expiration. Finally, the report notes complaints from consumers who report having their accounts closed and associated benefits revoked, or consumers who had their rewards expired or benefits withheld notwithstanding a current and active account.

While potentially frustrating for consumers, many practices identified in the report are not necessarily unlawful – at least depending on how they are effectuated. Companies can – and often must – preserve flexibility in how they offer benefits and related redemption terms. Similarly, expiring rewards or conditioning benefits on meeting certain requirements is not inherently unlawful: those limitations just need to be clearly and conspicuously disclosed. As for program changes that may devalue rewards or change advertised benefits, companies should have a considered and deliberate execution plan that includes consumer notice and a reasonable opportunity to use already accrued rewards.

In addition to potential enforcement by the CFPB for programs offered in connection with financial products or services, or DOT for airlines rewards programs, the FTC and state AGs also scrutinize rewards programs and related advertising. Plaintiffs’ attorneys are also active in this space, and have brought class actions under state UDAP laws that may result in significant monetary settlements (see for example AutoZone’s class action settlement in 2019 for $50 million).

Ultimately, while the Bureau’s report questions whether rewards programs are ultimately beneficial for most consumers, it also seems to acknowledge that the growing popularity of these programs reflects that they are here to stay. Companies offering such programs – or partnering with third parties to offer such programs – should take note of the renewed regulatory interest and evaluate their marketing and servicing practices to ensure that any risk is worth the reward.

Kelley Drye Advertising and Marketing Paralegal, James Firsick, assisted with this blog post.

Cooperation and Role of State AGs

Director Chopra began by complimenting the State AGs for their important consumer protection work, including by ringing the alarm bells on the foreclosure crisis. While he discussed the roles of states throughout his remarks, he emphasized that states and the CFPB need to work together. He reminded the AGs that early on, the CFPB published a procedural rule clarifying that State AGs can bring suit under the CFPB’s organic statute including a whole host of consumer credit and data laws, which several states have utilized. Director Chopra said the CFPB is looking for ways to collaborate with more states, noting they have been able to collect billions in penalties that can be used for consumer redress even in unrelated cases to make victims whole. Director Chopra asked that consumers send complaints to both State AG offices and the CFPB, because their consumer complaint system immediately routes complaints to the financial company at issue to get a response and resolution without staff intervention. The CFPB also is able to use data visualization tools to provide states with information about hot issues in different regions. The CFPB has used complaint data in collaboration with states to work on medical debt and other collection cases. Director Chopra said the CFPB is always looking upstream to identify warning signs to avoid future crises like the one caused by subprime mortgages.

Consumer Data and Security

Director Chopra explained that President Biden’s executive order on protecting sensitive personal data highlights a broad bipartisan interest in stopping the bulk transfer of consumer data. He explained that State AGs can work alongside the CFPB to enforce the Fair Credit Reporting Act, not only against the big three reporting companies, but also against data brokers. He noted the CFPB will propose additional rules to require data brokers to adhere to accuracy standards and otherwise protect consumer data. Director Chopra described categories of data and lists that brokers can purchase about vulnerable consumers, and his concern that there be a way for these people to be able to participate in the digital world without sacrificing privacy and security. He pointed to state laws requiring additional privacy and security such as Washington’s recent My Health My Data Act, and said he supported the fight against preemption of state privacy laws.

Big Tech and AI

Director Chopra reminded the audience of big tech’s efforts to become payment processors, providing them consumer transaction data. He noted these payment methods were used as a vector for imposter fraud, specifically citing the DOJ and states’ March lawsuit against Apple. Director Chopra explained the CFPB has recruited additional technologists with knowledge of user interfaces and design, and the agency has hosted enforcer roundtables with states to discuss issues with AI and technology, including how to draft CIDs.

On AI, Director Chopra said the CFPB is looking at marketing and advertising for discriminatory or manipulative AI. They are also reviewing how loans are being written, because if AI cannot explain why it denied credit to a person, it is a violation of federal law that requires explanation for denial. Director Chopra also said chat bots are another form of AI used by banks for customer service. He alluded that it could be considered deceptive to use human names and “…” thinking signals to simulate human activity. Director Chopra said he wants to see institutions affirmatively describe these chat bots as robots and ensure the bots do not provide inaccurate information or a poor customer service experience.

Bank Relationships

Director Chopra said the CFPB’s work has shifted some from mortgage lending issues with banks into non-banks. He said they have also heard from the AG community that national chartered banks have not cooperated on investigations, claiming preemption. Director Chopra said when that happens, the CFPB will work with the states to obtain the information themselves. His expectation is that banks work with the states to ensure consumers are protected.

Junk Fees

As a former businessperson himself, Director Chopra said pricing consultants he encountered in the past left a big impression on him. He noted that industries such as air travel, event ticketing, and banking have made it difficult to compare pricing resulting in reduced competition. He described certain bank fees such as a paper statement fee (when nothing is printed and no paper is sent) as “fake fees,” and harkened back to past CFPB actions against banks reordering payments to trigger multiple overdraft fees. Director Chopra also said that some credit card issuers created a business model based on rooting for people to be late, causing late fees. The CFPB has proposed rules to close what he described as a loophole in the credit industry, stating people understand they will have to pay interest but do not understand the other layers of fees they may not be able to control. Director Chopra also pointed to potential concerns with credit card reward “bait and switch” offers as a core truth in advertising concept. Though the CFPB is using rulemaking and enforcement actions to combat junk fees, Director Chopra also gave credit to the business community for taking initiative to become more upfront and transparent.

Stay tuned as our team will be hearing more from the State AG community on AI and other tech topics in less than two weeks at the NAAG and AGA’s Southern Regional Meeting/Artificial Intelligence and Preventing Child Exploitation Seminar.

While the Bureau has always had enforcement authority over digital wallets and payment apps, the proposed rule would newly authorize the Bureau to “supervise” the providers, including by conducting periodic examinations, which can include on-site or remote inspections, review of company compliance policies and procedures, testing transactions and accounts, and evaluating management and recordkeeping systems. Examinations may result in supervisory letters, compliance ratings, or, if inspectors identify perceived legal violations, enforcement actions with fines and civil penalties.

The Bureau’s proposed rule – its sixth effort to supervise nonbank providers of financial services – comes as an increasing number of financial transactions occur outside the traditional banking system. “Payment systems are critical infrastructure for our economy,” Director Chopra said in a press release announcing the new rule. “These activities used to be conducted almost exclusively by supervised banks” and the proposed rule is intended to require fintech providers to “play by the same rules as banks and credit unions.”

The rule would open up supervision and inspection for “larger participants” offering “general-use digital consumer payment applications,” including digital wallets, payment apps, funds transfer apps, person-to-person (P2P) payment apps, or similar. The proposed rule notes that subject entities would be examined for compliance with federal consumer financial laws and their prohibition against unfair, deceptive, and abusive acts and practices, the privacy provisions of the Gramm-Leach-Bliley Act and Regulation P, and the Electronic Fund Transfer Act and Regulation E, amongst other laws.

The rule would only apply to companies that the CFPB defines as “larger participants” and proposes a threshold of companies that process five million transactions in a year (including affiliated companies) that are not considered a “small business concern” by the Small Business Administration. The Bureau estimates that 17 providers of general-use digital consumer payment applications would currently meet the proposed threshold and that those providers handle roughly 88% of known transactions in the nonbank market for general-use digital consumer payment applications. Notably though, those numbers are just estimates – and could be based on incomplete or inaccurate data. Either way, that number is likely to grow as fintech transactions continue to grow in popularity.

A few additional highlights on scope and key definitions:

• The proposed rule applies to larger participants providing a “covered payment functionality through a digital application for consumers’ general use in making consumer payment transactions.”
• A “covered payment functionality” is a “funds transfer functionality,” a “wallet functionality” or both. Wallet functionality is defined broadly to include any product or service that stores account or payment credentials, and that transmits, routes, or otherwise processes such stored account or payment credentials to facilitate a consumer payment transaction.
• “Digital applications” are defined as software programs run from a personal computing device, like a mobile phone, watch, or a tablet. The application should be available for “general use,” meaning it does not have significant limitations on its use for consumer payment transactions. According to the proposed rule, if the application can only be used to buy a specific category of products or services (i.e., transportation, lodging, food), it does not meet the definition of general use.
• The proposed rule defines “consumer payment transactions” to include paying another person for a “personal, family, or household purpose” and to exclude international money transfers or foreign exchange transfers, or a transaction conducted by a person for the sale of goods/services at that person’s store or marketplace.

The Bureau solicits comments on all aspects of the proposed rule, as well as specific definitions and limitations, and will accept comments until January 8.

Here, the Fifth Circuit panel unanimously held that, although the Bureau did not exceed its statutory authority in promulgating the Rule, it “lacked the wherewithal to exercise that power via constitutionally appropriated funds.” The panel held that Congress’s decision to cede its power of the purse to the Bureau violates the Appropriations Clause of the Constitution and the clause’s underpinning, the constitutional separation of powers. As such, the court reasoned that while most of “Plaintiffs’ claims miss their mark, . . . one arrow has found its target” and the Payday Lending Rule could not stand given the Bureau’s unconstitutional funding mechanism “deprived [it] of the lawful money necessary to fulfill those responsibilities.”

The CFPB’s funding method was established in the 2010 Dodd-Frank Act. Rather than receiving funding through annual congressional appropriations, the Bureau receives funding directly from the Federal Reserve—eliminating the periodic assessments that accompany congressional appropriations analyses. The Federal Reserve, which itself exists outside the appropriations process, must grant the CFPB’s self-directed funding requests up to a certain cap. Although other federal financial regulators also receive funding from independent sources, the panel held that its structure “goes a significant step further than that enjoyed by other agencies”—pointing to the Bureau’s double-insulation from Congress’s purse strings coupled with its singular director and expansive enforcement authority.

In the near term, the Bureau will continue to be unable to enforce the Payday Lending Rule, but its immediate practical impact on other CFPB efforts is likely to be limited. The agency is likely to seek a stay and petition the full Fifth Circuit for an en banc review, but the decision could lead to an increase in litigation challenging other Bureau actions, whether rulemaking or enforcement, that are supported of course by the same funding mechanism found to be unconstitutional.

The Fifth Circuit’s holding differs from certain other courts that have heard the issue, so the split may ultimately find its way before the Supreme Court. Regardless of ultimate impact and outcome, Wednesday’s decision is another example of recent judicial scrutiny of regulatory authority, which has impacted regulatory and enforcement activities at a number of agencies including the CFPB, FTC, and EPA.