CFPB moves forward with ‘disclosure sandbox’ for companies

The Consumer Financial Protection Bureau’s Office of Innovation is gearing up for the next phase for its proposal to create a “disclosure sandbox” intended to encourage trial disclosure programs.

The initial plan was proposed late last year with an accompanying public comment period that closed Monday.

On Feb. 7, perhaps reacting to those comments, the CFPB corrected some initial confusion in suggestions that its disclosure sandbox would be open to just FinTech firms. In fact, it said in a statement, any entity overseen by the CFPB—regardless of its categorization as FinTech, bank, credit union, or otherwise—can apply to test a trial disclosure with the sandbox.

The existing policy regarding trial disclosure programs was established in 2013. It was abandoned without granting a single application. The revised, proposed policy is based, in part, on that previous effort, which sought to allow the Bureau “to deem a covered person conducting a trial disclosure program to be in compliance with or exempt from a requirement of a Bureau rule or certain federal laws.”

The new policy proposal includes a number of revisions “designed to more effectively encourage companies to test new disclosures,” the CFPB says. These include: 

• Streamlining the application and review process to focus on the quality and persuasiveness of the application;
• Granting or denying applications within 60 days of submission;
• Establishing an expected two-year timeframe for the testing of disclosures;
• Specifying procedures for permitting companies to continue to use disclosures that test successfully;
• Coordinating with state regulators so that entities within state “regulatory sandboxes” can participate in the CFPB’s disclosure sandbox without applying separately to the Bureau; and
• Granting the additional authority to offer product- and industry-wide exemptions from CFPB-administered statutes and regulations.

The proposed review would focus on the quality and persuasiveness of the application, especially the extent that the trial disclosures are “likely to be an improvement over existing disclosures” and “the extent to which the testing program mitigates consumer risk.” The policy reiterates the CFPB may grant waivers for disclosures “that improve upon existing requirements based upon cost-effectiveness, delivery mechanism, or consumer understanding.”

The Bureau’s expectation is that a two-year testing period will be appropriate in most cases, although it left open the potential of extensions to successful trial disclosure programs.

The plan, although controversial, is not an entirely novel one. The Dodd-Frank Act, which created the CFPB, also authorized it to create legal protections for companies seeking to conduct trial disclosure programs, limited in time and scope, and designed to improve upon existing disclosures.

Nevertheless, the comment process has uncovered a variety of polarized viewpoints.

“Instead of dreaming up unnecessary programs that are aimed at providing corporate wrongdoers with immunity from the law, the CFPB should focus on its primary responsibility of protecting consumers from predatory behavior and corporate wrongdoing.”

Remington Gregg, Counsel for Civil Justice and Consumer Rights, Public Citizen

Among the submissions, a coalition of 80 consumer, civil rights, legal services, labor, environmental, and community groups expressed their strong opposition to proposed changes to the CFPB’s no-action letter policy and its proposed product sandbox.

In a letter to the CFPB, the groups wrote:

“It may be easy for a company making a one-sided presentation to draw sympathy with calls for relief from ‘burdensome’ regulations or uncertainty that the company argues could hinder its ‘new’ approaches. But just because an approach is ‘innovative’ does not mean that it will be a positive experience for the consumer or that older regulations and the critical protections they contain should not apply. Handing out relief or exemptions to companies without the opportunity for public input will expose consumers to the very risks and harms that the CFPB is charged with preventing.”

“The CFPB cannot simply deputize an employee to hand out letters or approvals that exempt companies offering risky new products from complying with consumer protection laws,” Lauren Saunders, associate director at the National Consumer Law Center, one of the signatories, said in a statement.

“The CFPB is proposing a dramatic new program that would give companies permission to violate the law, based on inadequate reasoning and without following necessary procedures,” says Remington Gregg, counsel for civil justice and consumer rights at Public Citizen. “Instead of dreaming up unnecessary programs that are aimed at providing corporate wrongdoers with immunity from the law, the CFPB should focus on its primary responsibility of protecting consumers from predatory behavior and corporate wrongdoing.”

A coalition of “blue state” attorneys general also voiced their concerns.

“By offering companies a free pass to evade the law, CFPB Director Kathy Kraninger puts American consumers and the entire U.S. financial system at significant risk with this proposal,” says California Attorney General Xavier Becerra. “We urge the CFPB to withdraw this irresponsible proposal and do its job to protect consumers and ensure the fairness of markets.”

Becerra elaborated his concerns about changing the Bureau’s traditional “no-action letter” process.

Since 2016, entities regulated by the CFPB, “after meeting specific criteria and on rare occasion, could apply for a non-binding no-action letter stating that the CFPB did not intend to bring an enforcement action,” he explained in a statement. In its proposal, the CFPB would “revise its policy by expanding its discretion and broadening the scope and process for entities applying for immunity from CFPB enforcement.”

In their comment letter, 22 attorneys general (all Democrats) argue that the new policies, if enacted, would “result in a binding and indefinite pass from CFPB oversight, with limited authority for modification.”

Also, they wrote, the proposal’s so-called “sandbox” would be a safe harbor for a particular entity or industry from enforcement actions by any state and federal authorities. The AGs argue that the CFPB lacks authority to grant such broad exemption. 

Joining Becerra as signatories to the comment letter are the attorneys general of Connecticut, Delaware, Illinois, Iowa, Maine, Maryland, Massachusetts, Michigan, Minnesota, Nevada, New Jersey, New York, North Carolina, Oregon, Pennsylvania, Rhode Island, Vermont, Virginia, Washington, and Wisconsin, and the District of Columbia.

“As the chief consumer protection officers of our states, we understand the importance of encouraging responsible innovation in the consumer financial marketplace,” they wrote. “Developments in technology have the potential to provide consumers with more choices, convenience, and lower costs, and to expand access to credit. … But our experience has taught us that not all innovation is created equal, and many risks posed by emerging technologies can be difficult, if not impossible, to foresee.”

Although they urged “a cautious and deliberative regulatory approach to new consumer financial products and services,” the proposed policies “do not reflect such an approach.”

“Instead, they would permit the CFPB to exempt—in some cases indefinitely—companies and even entire industries from certain consumer protection laws and regulations through a process designed to value speed over careful decision making,” the AGs added. “We reject the notion—embodied in the proposed policies—that innovation can only be fostered by permitting companies to evade the law.”

A much different, supportive view arrived from comments submitted by the free market advocates at the Competitive Enterprise Institute.

“The proposed ‘regulatory sandbox’ and ‘no-action letter’ policies are a critical part of the Bureau’s attempt to reinvent itself as a more balanced regulator, moving away from a ‘zero-sum’ mindset that the only way to protect consumers is through the heavy hand of government,” wrote policy analyst Daniel Press. “The regulatory or ‘product’ sandbox is a set of regulatory tools that enable innovative firms to test their business models for a set period of time without having to comply with the whole swath of financial regulations.”

“These are commonsense solutions to regulatory problems for financial technology firms,” he added. “FinTech companies are often faced with ambiguity as to which laws, regulations, and agencies govern them. Companies trying to do the right thing may find themselves on the wrong side of the law—or rather, dated interpretations of the law—as a result. Having ‘flexible’ regulatory tools such as no-action letters and regulatory sandboxes can mitigate some of these problems.”

Industry groups jointly giving the CFPB an affirmative nudge are the American Bankers Association, U. S. Chamber of Commerce, Consumer Bankers Association, and Housing Policy Council.

In a Feb. 11 letter to the CFPB, they supported proposed changes to its 2016 no-action letter policy and the proposal to establish a ‘sandbox’ where banks and non-bank FinTech firms can test new products, services, and delivery mechanisms.

“The proposed changes to the 2016 NAL policy and the sandbox demonstrate the Bureau’s commitment to encouraging responsible, consumer-friendly innovation that will promote financial inclusion, expand access to credit, and improve consumer access to information—all of which should give consumers greater control over their financial future and well-being,” they wrote.

The associations encouraged the CFPB to align its final policy with the programs of other federal regulators, including the Securities and Exchange Commission and the Commodity Futures Trading Commission. To achieve that outcome, the groups urged stronger liability protections for companies that comply in good faith with the terms of an NAL or sandbox approval; proactive coordination with other regulators; confidentiality of data and information; and the amending of relevant regulations when program experience demonstrates it is warranted.

“We urge the Bureau to revise the proposal to include a firmer commitment to coordinate with other federal and state regulators and to lead the efforts to create regulatory consensus around the product or service that is the subject of the NAL,” the letter says. “The Bureau should ensure that other regulators understand the NAL program and request that other regulators defer to the Bureau’s determination of whether an innovative product or service complies with Federal consumer protection law, recognizing that the Dodd-Frank Act granted the Bureau supervisory and enforcement authority for the enumerated consumer protection laws.”

The groups, however, did issue a warning: “The Bureau must protect the confidentiality of data and information.”

“Disclosure of information by the Bureau about the product or service and the legal analysis required by the proposal—whether the request is granted or denied—could enable competitors to exploit the idea or otherwise add compliance or litigation risks,” the letter says. “To encourage program use and promote innovation, we recommend that the final policy provide greater assurances that information provided to the Bureau as part of the process of applying for a NAL or Sandbox trial will be protected from public disclosure under exemptions to the Freedom of Information of Act.”

They urged the CFPB to revise its proposal to be even more explicit in its commitment to securing confidential data.