Twenty-two Democratic state attorneys general said the Consumer Financial Protection Bureau lacks sweeping authority to create a fintech sandbox that provides immunity from state law.
The CFPB in December
But in a letter to the bureau commenting on the proposals, the state AGs said the consumer agency cannot give applicants such a blanket safe harbor protecting them from enforcement actions by state and federal authorities. The AGs also urged the bureau to rescind both proposals and reissue them as more formal rulemakings subject to a notice and comment period.
“The CFPB has no authority to issue such sweeping immunity absent formal rulemaking,” they said in the letter.
Under one draft policy, the CFPB would expand its "no-action letters" awarded to qualified fintech applicants. The letters convey that the agency will not begin a supervisory or enforcement proceeding against a firm, but the policy developed under the Obama administration has been criticized as overly restrictive. The second proposal would create a CFPB sandbox for participating firms to test products.
The state AGs — led by New York's Letitia James and California's Xavier Becerra — said the CFPB has no basis to shield companies from enforcement actions brought by other jurisdictions.
“Under the Proposed Sandbox Policy, approvals or exemptions granted by the CFPB would purportedly confer on the recipient immunity not only from a CFPB enforcement action, but also from 'enforcement actions by any Federal or State authorities, as well as from lawsuits brought by private parties,'” the letter stated.
The CFPB made no formal announcement of the fintech sandbox but circulated a draft proposal that was published in the
In its proposal, the CFPB said that it had concluded that the policy guidance "would constitute an agency general statement of policy" and "a rule of agency organization, procedure or practice," that is exempt from notice-and-comment rule-making requirements.
A CFPB spokeswoman said Kraninger is reviewing the comments.
"The Sandbox, as proposed by the Bureau for public comment, reflects a robust, effective and modern approach to regulation," the spokeswoman said.
The attorneys general said the CFPB’s statutory authority to provide relief under a fintech sandbox is "quite narrow."
They took issue with the notion that the bureau can issue a safe harbor that would provide blanket immunity to companies, including "exemptive relief" from state and federal supervisory and enforcement actions.
“Neither Dodd-Frank nor any other statute the CFPB enforces authorizes the CFPB to confer anything approximating the absolute immunity of the type proposed by the CFPB, and it is well settled that an agency may only act within the authority granted to it by statute,” the AGs said in the letter.
The state AGs said the policies should not be exempt from formal notice-and-comment rulemaking procedures required by the Administrative Procedure Act.
"Courts have consistently held that agency rules altering the substantive standards the agency applies in determining whether to take discretionary actions are subject to the APA’s rulemaking procedures," the attorneys generals' letter stated.
But it is not yet clear if any state plans to mount a legal action against the CFPB. An effort by another federal regulator to reform licensing procedures for fintech firms — the special-purpose charter developed by the Office of the Comptroller of the Currency — has attracted lawsuits by state banking regulators.
It is unclear yet if any state plans to sue the consumer bureau under the Administrative Procedure Act.
The attorneys general also cautioned CFPB Director Kathy Kraninger, who succeeded Mulvaney, against rushing to judgment in validating certain “innovative” products and services.
For example, they cited products once hailed as innovative — including “no-doc” mortgages, payment-option adjustable-rate mortgages and collateralized debt obligations — that helped set off the mortgage meltdown just over a decade ago.
"The use of sophisticated technologies in the consumer financial market is not well understood, even by the creators of such technologies," their letter said. “Unless and until these technologies — and their implications for consumers — can be better understood, it would be irresponsible to give companies employing them what may effectively be a permanent get-out-of-jail-free card.”
The CFPB’s proposal on no-action letters potentially would increase the scope of relief given to companies to include unfair, deceptive and abusive acts and practices, known as UDAAP, but the attorneys general said that would go too far.
The attorneys general also objected to the agency's proposed extension of relief to third parties such as trade associations, “which could seek blanket relief on behalf of an entire industry,” the letter said.
