Monthly Fintech 5 Newsletter - May/June 2025

On May 9, the CFPB published a recission of 67 different guidance and regulatory interpretation documents. From the withdrawal of interpretative rules and advisory opinions to the retreat from policy and enforcement statements spanning over 14 years, this recission represents the largest wholesale shift in CFPB guidance since the Bureau’s inception. This month’s issue of Fintech Five covers five of the rescinded documents that caught our eye.

1) Consumer Financial Protection Circular 2024-02: Deceptive marketing practices about the speed or cost of sending a remittance transfer, 89 FR 27357

Initially published on March 27, 2024, this circular discussed what the CFPB viewed as unfair, deceptive or abusive acts or practices (“UDAAP”) with respect to cost and transfer speed representations in the marketing of remittance transfer services (i.e., cross-border funds transfers). While the guidance was specific to remittance transfers, it reflected past guidance and enforcement from CFPB and the FTC addressing the use of cost-related claims such as “free” or “no fees,” as well as temporal claims like “instant” or “within seconds.” While the rescinded guidance did not tread new ground with respect to UDAAP, it was noteworthy in its emphasis of the concept that technical compliance with applicable regulatory disclosure requirements and the literal accuracy of marketing claims are often insufficient to avoid what the CFPB has historically considered deception where the “net effect” of the representations made would still arguably be misleading. Rescinding this guidance, when combined with the other rescissions and various public statements made by the Bureau with respect to enforcement priorities, suggests that the agency will be more judicious in pursuing companies for conduct it disagrees with if the company is otherwise in compliance with applicable law. However, it remains to be seen if the states will continue to ramp up their activity in the payments space as a result.

2) Truth in Lending (Regulation Z); Earned Wage Access Programs, 85 FR 79404

The Bureau rescinded a pair of advisory opinions related to earned wage access (“EWA”) products. First, the CFPB rescinded a 2025 advisory opinion that itself rescinded the 2020 advisory opinion referenced in the heading to this paragraph. It then rescinded the 2020 advisory opinion. When combined with the Bureau’s failure to finalize its proposed 2024 interpretive rule on EWA that would have declared nearly all forms of the product credit subject to TILA and Regulation Z, the recissions effectively leave no guidance on EWA products at the federal level. This suggests a shift toward allowing state legislatures and agencies to take the lead in regulating EWA with less interference from federal regulators. Given that the CFPB originally began focusing on EWA because it was, in part, dissatisfied with the industry-friendly approach taking shape at the state level, it suggests a favorable federal regulatory environment for EWA for the next few years. However, this will likely continue to be tempered by the increase in class actions, mass arbitrations and state enforcement targeting the sector in the absence of federal enforcement.

3)  Statement of Policy Regarding Prohibition on Abusive Acts or Practices, 88 FR 21883

When it comes to evaluating UDAAP risk in marketing, there has always been tension between what many companies view as reasonable and widely accepted ways to appeal to consumer psychology and behavior and what regulators view as unfair, deceptive or abusive. Initially published on April 12, 2023, the Bureau’s policy statement on the “abusive” prong of UDAAP was notable less for how it defined an abusive practice than in how it illustrated this tension with respect to fintechs and products offered through a digital environment. Specifically, it emphasized so-called “dark patterns,” a concept tied most closely to online and mobile interfaces. While there is no single definition of the term, it generally refers to an online or mobile interface being designed in such a way as to manipulate a consumer into taking an action they did not intend to take or would not have taken absent the manipulation (such as to inadvertently make a purchase or enroll in a service they later find extremely difficult to cancel). While many practices described as dark patterns are clearly harmful to consumers and can readily be brought under long-standing theories of unfairness or deception, the now-rescinded guidance signaled that the CFPB would utilize an abusiveness theory to expand its enforcement to digital interfaces it views as harmful even in the absence of demonstrable injury or likelihood of injury. The rescission of this guidance, along with statements made by the Bureau stating it would focus on cases involving actual consumer injury, indicate that companies will have greater flexibility in how they approach digital product design and that the potential for consumer injury will once again become the relevant yardstick for evaluating UDAAP risk.

4) Consumer Financial Protection Circular 2024-03: Unlawful and unenforceable contract terms and conditions, 89 FR 51955

On June 21, 2024, the CFPB issued Circular 2024-03, which highlighted “unlawful” or “unenforceable” terms and conditions in consumer contracts. Among other things, the circular implied that broad waivers or limitations of liability and similar terms, even when limited by general language such as “except as required by law” or “subject to applicable law,” constitute a UDAAP because they could be construed by consumers as a waiver of state and federal statutory or regulatory rights that are unwaivable (or at least discourage them from looking into it). In our view, it implied that companies needed to employ specific and narrow language when seeking to limit their exposure. Such specificity is often not practical, and sometimes infeasible, particularly where the differing laws of all 50 states are at play on a particular issue. With the recission of this guidance, it may be a good time to revisit consumer contracts, terms and conditions, and other agreements and disclosures to incorporate greater protections while still giving reasonable consideration of the CFPB’s prior concerns to guard against swings that may occur under future administrations.

5) Consumer Financial Protection Circular 2022-03: Adverse action notification requirements in connection with credit decisions based on complex algorithms, 87 FR 35864

Initially published on June 14, 2022, this circular discussed how the “specific” principal reasons for the denial of a credit application must be included in adverse action notices under the Equal Credit Opportunity Act (“ECOA”), even when “complex” algorithms—in particular artificial intelligence and machine learning—are employed.  In our view, the concepts set forth in the guidance are neither novel nor misaligned with black-letter regulatory requirements.  However, we see the inclusion of this guidance for recission as part and parcel with the current administration’s desire to foster AI technology and an indication that federal regulators will approach the use of AI in credit transactions with less skepticism.  While this may be welcome from an innovation and adoption standpoint, it may also disincentivize some AI and machine learning developers from diligently incorporating regulatory compliance features into their models.  This may create an environment where it will be even more critical for lenders considering third-party AI and machine learning models to apply pressure on vendors to develop products that allow institutions to meet their own compliance obligations, perform adequate due diligence before adopting a solution, and fully understand the capabilities and limitations of the products they consider.

This article is for general information purposes and is not intended to be and should not be taken as legal advice.

Download a PDF copy of our monthly Fintech 5 Newsletter here.

Questions?

If you’d like to discuss any of these issues or have any questions, please reach out to Partner and head of the Fintech group, Chris Napier.

SIGN UP FOR UPDATES

Never miss our news, insights or events.

FEATURED NEWS