A Financial System That Creates Economic Opportunities Nonbank

A Financial System

That Creates Economic Opportunities

Nonbank Financials, Fintech,

and Innovation

A Financial System That Creates Economic Opportunities Nonbank Financials, Fintech, and Innovation

U.S. DEPARTMENT OF THE TREASURY

JULY 2018

TREASURY

2018-04417 (Rev. 1) • Department of the Treasury • Departmental Ofces • www.treasury.gov

A Financial System

That Creates Economic Opportunities

Nonbank Financials, Fintech,

and Innovation

U.S. DEPARTMENT OF THE TREASURY

Report to President Donald J. Trump

Executive Order 13772 on Core Principles

for Regulating the United States Financial System

Steven T. Mnuchin

Secretary

Craig S. Phillips

Counselor to the Secretary

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Staff Acknowledgments

Secretary Mnuchin and Counselor Phillips would like to thank Treasury staff members for

their contributions to this report. The staff’s work on the report was led by Jessica Renier

and W. Moses Kim, and included contributions from Chloe Cabot, Dan Dorman, Alexan-

dra Friedman, Eric Froman, Dan Greenland, Gerry Hughes, Alexander Jackson, Danielle

Johnson-Kutch, Ben Lachmann, Natalia Li, Daniel McCarty, John McGrail, Amyn Moolji,

Brian Morgenstern, Daren Small-Moyers, Mark Nelson, Peter Nickoloff, Bimal Patel,

Brian Peretti, Scott Rembrandt, Ed Roback, Ranya Rotolo, Jared Sawyer, Steven Seitz,

Brian Smith, Mark Uyeda, Anne Wallwork, and Christopher Weaver.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

iii

Table of Contents

Executive Summary 1

Nonbank Financials, Fintech, and Innovation 4

Emerging Trends in Financial Intermediation 6

Summary of Issues and Recommendations 9

Embracing Digitization, Data, and Technology 15

Digitization 17

Consumer Financial Data 22

e Potential of Scale 44

Aligning the Regulatory Framework to Promote Innovation 61

Challenges with State and Federal Regulatory Frameworks 63

Modernizing Regulatory Frameworks for National Activities 66

Updating Activity-Specic Regulations 81

Lending and Servicing 83

Payments 144

Wealth Management and Digital Financial Planning 159

Enabling the Policy Environment 165

Agile and Eﬀective Regulation for a 21st Century Economy 167

International Approaches and Considerations 177

Appendices

Appendix A: Participants in the Executive Order Engagement Process 187

Appendix B: Table of Recommendations 195

Appendix C: Additional Background 213

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Acronyms and Abbreviations

Acronym/Abbreviation Term

ABA American Bankers Association

ACH Automated Clearing House

AI Articial Intelligence

AMC Appraisal Management Company

AML Anti-Money Laundering

API Application Programming Interface

APR Annual Percentage Rate

AQB Appraiser Qualications Board

ASB Appraisal Standards Board

ATM Automated Teller Machine

AVM Automated Valuation Model

BHC Bank Holding Company

BHC Act Bank Holding Company Act

BSA Bank Secrecy Act

Bureau Bureau of Consumer Financial Protection

CEG Cybersecurity Expert Group

C.F.R. Code of Federal Regulations

CFT Countering the Financing of Terrorism

CFTC U.S. Commodity Futures Trading Commission

CHAPS Clearing House Automated Payment System

CHIPS Clearing House Interbank Payments System

CMA Competition and Markets Authority (U.K.)

CRA Community Reinvestment Act

CROA Credit Repair Organizations Act

CSBS Conference of State Bank Supervisors

Cyber Apex Next Generation Cyber Infrastructure Apex Program

DARPA Defense Advanced Research Projects Agency

DHS U.S. Department of Homeland Security

DIUx Defense Innovation Unit Experimental

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

DLT Distributed Ledger Technology

DOD U.S. Department of Defense

Dodd-Frank Dodd-Frank Wall Street Reform and Consumer Protection Act

DOJ U.S. Department of Justice

DOL U.S. Department of Labor

Education U.S. Department of Education

EMV Europay, Mastercard, and Visa

ESIGN Electronic Signatures in Global and National Commerce Act

E.U. European Union

FATF Financial Action Task Force

FBIIC Financial and Banking Information Infrastructure Committee

FCA False Claims Act

FCA U.K. Financial Conduct Authority

FCC Federal Communications Commission

FCRA Fair Credit Reporting Act

FDCPA Fair Debt Collection Practices Act

FDIC Federal Deposit Insurance Corporation

FedACH Federal Reserve Banks’ Automated Clearing House

FFIEC Federal Financial Institutions Examination Council

FHA Federal Housing Administration

FHA-HAMP FHA Home Aordable Modication Program

FHFA Federal Housing Finance Agency

FHLB Federal Home Loan Bank

FICO Fair Isaac Corporation

FIL Financial Institutions Letter

FinCEN Financial Crimes Enforcement Network

FINRA Financial Industry Regulatory Authority

Fintech Financial Technology

FIRREA Financial Institutions Reform, Recovery, and Enforcement Act

FlexMod GSE Flex Modication

FPS Faster Payments Service (U.K.)

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

FRB Board of Governors of the Federal Reserve System

FRBNY Federal Reserve Bank of New York

FSB Financial Stability Board

FS-ISAC Financial Services Information Sharing and Analysis Center

FTC Federal Trade Commission

G-7 Group of 7

G20 Group of 20

GAO U.S. Government Accountability Oce

GDP Gross Domestic Product

GDPR General Data Protection Regulation (E.U.)

GLBA Gramm-Leach-Bliley Act

GRC Governance, Risk and Compliance

GSE Government-Sponsored Enterprise

HUD U.S. Department of Housing and Urban Development

IaaS Infrastructure as a Service

IRS Internal Revenue Service

ISO International Organization for Standardization

IT Information Technology

LOA Levels of Assurance

MAS Monetary Authority of Singapore

MBA Mortgage Bankers Association

MBS Mortgage-Backed Securities

MCSBA Maryland Credit Services Business Act

MERS Mortgage Electronic Registration System

MMIF Mutual Mortgage Insurance Fund

MPL Marketplace Lender

MSB Money Services Business

MTRA Money Transmitter Regulators Association

NACHA National Automated Clearinghouse Association

NAIC National Association of Insurance Commissioners

NBA National Bank Act

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

vii

NCUA National Credit Union Administration

NFC Near Field Communication

NIST National Institute of Standards and Technology

NMLS Nationwide Mortgage Licensing System or Nationwide Multistate

Licensing System

NSF National Science Foundation

NSS National Settlement Service

OBIE Open Banking Implementation Entity (U.K.)

OCC Oce of the Comptroller of the Currency

OFX Open Financial Exchange

P2P Person-to-Person or Peer-to-Peer

PaaS Platform as a Service

PCI-DSS Payment Card Industry Data Security Standard

PII Personally Identiable Information

PIN Personal Identication Number

PLS Private-Label Securities

PSD2 Revised Payment Services Directive (E.U.)

PSP Payment Service Provider

RTP Real Time Payments

SaaS Software as a Service

SAFE Act Secure and Fair Enforcement for Mortgage Licensing Act

SEC U.S. Securities and Exchange Commission

SIFMA Securities Industry and Financial Markets Association

SRO Self-Regulatory Organization

SWIFT Society for Worldwide Interbank Financial Telecommunication

SWIFT GPI Society for Worldwide Interbank Financial Telecommunication Global

Payments Innovation

TCH e Clearing House

TCPA Telephone Consumer Protection Act

TFFT Basel Committee on Banking Supervision’s Task Force on Financial

Technology

Treasury U.S. Department of the Treasury

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

viii

U.K. United Kingdom

U.S. United States

UDAAP Unfair, Deceptive, or Abusive Acts or Practices

UDAP Unfair or Deceptive Acts or Practices

UETA Uniform Electronic Transactions Act

URPERA Uniform Real Property Electronic Recording Act

U.S.C. United States Code

USDA U.S. Department of Agriculture

USPAP Uniform Standards of Professional Appraisal Practice

VA U.S. Department of Veterans Aairs

ZB Zettabyte

Executive Summary

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Executive Summary • Introduction

Introduction

President Donald J. Trump established the policy of his Administration to regulate the U.S. nan-

cial system in a manner consistent with a set of Core Principles. ese principles were set forth in

Executive Order 13772 on February 3, 2017. e U.S. Department of the Treasury (Treasury),

under the direction of Secretary Steven T. Mnuchin, prepared this report in response to that

Executive Order. e reports issued pursuant to the Executive Order identify laws, treaties, regula-

tions, guidance, reporting, and record keeping requirements, and other Government policies that

promote or inhibit federal regulation of the U.S. nancial system in a manner consistent with the

Core Principles.

e Core Principles are:

A. Empower Americans to make independent nancial decisions and informed choices in the

marketplace, save for retirement, and build individual wealth;

B. Prevent taxpayer-funded bailouts;

C. Foster economic growth and vibrant nancial markets through more rigorous regulatory

impact analysis that addresses systemic risk and market failures, such as moral hazard and

information asymmetry;

D. Enable American companies to be competitive with foreign rms in domestic and foreign

markets;

E. Advance American interests in international nancial regulatory negotiations and meetings;

F. Make regulation ecient, eective, and appropriately tailored; and

G. Restore public accountability within federal nancial regulatory agencies and rationalize the

federal nancial regulatory framework.

Scope of This Report

e nancial system encompasses a wide variety of institutions and services, and accordingly,

Treasury has delivered a series of four reports related to the Executive Order covering:

• e depository system, covering banks, savings associations, and credit unions of all sizes,

types, and regulatory charters (the Banking Report,

which was publicly released on June

12, 2017);

• Capital markets: debt, equity, commodities and derivatives markets, central clearing, and

other operational functions (the Capital Markets Report,

which was publicly released on

October 6, 2017);

1. U.S. Department of the Treasury, A Financial System That Creates Economic Opportunities: Banks and Credit

Unions (June 2017).

2. U.S. Department of the Treasury, A Financial System That Creates Economic Opportunities: Capital Markets

(Oct. 2017).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Executive Summary • Review of the Process for This Report

• e asset management and insurance industries, and retail and institutional investment

products and vehicles (the Asset Management and Insurance Report,

which was publicly

released on October 26, 2017); and

• Nonbank nancial institutions, nancial technology, and nancial innovation (this report).

Review of the Process for This Report

For this report, Treasury incorporated insights from the engagement process for the previous three

reports issued under the Executive Order and also engaged with additional stakeholders focused on

data aggregation, nonbank credit lending and servicing, payments networks, nancial technology,

and innovation. Over the course of this outreach, Treasury consulted extensively with a wide range

of stakeholders, including trade groups, nancial services rms, federal and state regulators, con-

sumer and other advocacy groups, academics, experts, investors, investment strategists, and others

with relevant knowledge. Treasury also reviewed a wide range of data, research, and published

material from both public and private sector sources.

Treasury incorporated the widest possible range of perspectives in evaluating approaches to regula-

tion of the U.S. nancial system according to the Core Principles. A list of organizations and

individuals who provided input to Treasury in connection with the preparation of this report is set

forth as Appendix A.

Nonbank Financials, Fintech, and Innovation

Nonbank nancial rms play important roles in providing nancial services to U.S. consumers

and businesses by providing credit to the economy across a wide range of retail and commercial

asset classes. Nonbanks are well integrated into the U.S. payments system and play key roles such

as facilitating back-end check processing; enabling card issuance, processing, and network activi-

ties; and providing customer-facing digital payments software. Nonbank nancial rms also play

important roles in capital markets and in providing nancial advice and execution services to retail

investors, among a range of other services.

e nancial crisis altered the environment in which banks and nonbanks compete to pro-

vide nancial services. Specically, many traditional nancial companies such as banks, credit

unions, and insurance companies experienced signicant distress during the crisis. is distress

caused the insolvency or restructuring of many existing nancial companies, particularly those

with volatile funding sources and concentrated balance sheets. e government responded to

this distress, and the unprecedented magnitude of taxpayer support it triggered, by writing far-

reaching laws that mandated the adoption of hundreds of new regulations. In some cases, these

policy changes made certain product segments unprotable for banks, thereby driving activity

3. U.S. Department of the Treasury, A Financial System That Creates Economic Opportunities: Asset

Management and Insurance (Oct. 2017).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Executive Summary • Nonbank Financials, Fintech, and Innovation

outside of the banking sector and creating opportunities for emerging nonbank nancial rms

to address unmet market demands.

At the same time, and as part of a longer-term trend, the rapid development of nancial technolo-

gies has enabled nancial services rms to improve operational eciencies and lower regulatory

compliance costs that increased as a result of the expansion of regulations following the nancial

crisis. Since the nancial crisis, there has been a proliferation in technological capabilities and

processes at increasing levels of cost eectiveness and speed. e use of data, the speed of commu-

nication, the proliferation of mobile devices and applications, and the expansion of information

ow all have broken down barriers to entry for a wide range of startups and other technology-based

rms that are now competing or partnering with traditional providers in nearly every aspect of the

nancial services industry.

e landscape for nancial services has changed substantially. From 2010 to the third quarter of

2017, more than 3,330 new technology-based rms serving the nancial services industry have

been founded, 40% of which are focused on banking and capital markets.

In the aggregate, the

nancing of such rms has been growing rapidly, reaching $22 billion globally in 2017, a thirteen-

fold increase since 2010.

Signicantly, lending by such rms now makes up more than 36% of all

U.S. personal loans, up from less than 1% in 2010.

Additionally, some digital nancial services

reach up to some 80 million members,

while consumer data aggregators can serve more than 21

million customers.

Important trends have arisen as a consequence of these factors, including:

• e nonbank sector has responded opportunistically to the pullback in services and

increased regulatory challenges placed on traditional nancial institutions, including the

launch of numerous startup platforms;

• Many of these platforms have rapidly grown beyond the startup phase, employing

technology-enabled approaches to customer acquisition and process support for

their services;

• Innovative new platforms in the nonbank nancial sector are, in some cases, standalone

providers, while others have focused on providing support for or interconnectivity with

traditional nancial institutions through partnerships, joint ventures, or other means;

4. Deloitte, Fintech by the Numbers: Incumbents, Startups, Investors Adapt to Maturing Ecosystem (2017), at 3

and 7, available at: https://www2.deloitte.com/content/dam/Deloitte/us/Documents/ﬁnancial-services/us-dcfs-

ﬁntech-by-the-numbers-web.pdf.

5. Id.

6. Hannah Levitt, Personal Loans Surge to a Record High, Bloomberg (July 3, 2018), available at: https://www.

bloomberg.com/news/articles/2018-07-03/personal-loans-surge-to-a-record-as-ﬁntech-ﬁrms-lead-the-way

(analyzing data from TransUnion).

7. Credit Karma, Press Release – Credit Karma and Silver Lake Announce $500 Million Strategic Secondary

Investment (Mar. 28, 2018), available at: https://www.creditkarma.com/pressreleases.

8. Envestnet, 2017 Annual Report, at 8, available at: http://www.envestnet.com/report/2017/download/EN-2017-

AnnualReport-Final.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Executive Summary • Emerging Trends in Financial Intermediation

• Large technology companies with access to vast stores of consumer data have simultane-

ously entered the nancial services industry, primarily in payments and credit provision;

and

• e increasing scale of technology-enabled competitors and the corresponding threat of

disruption has raised the stakes for existing rms to innovate more rapidly and pursue

dynamic and adaptive strategies. As a result, mature rms have launched platforms aimed

at reclaiming market share through alternative delivery systems and at lower costs than

they were previously able to provide.

Consumers increasingly prefer fast, convenient, and ecient delivery of services. New technologies

allow rms with limited scale to access computing power on levels comparable to much larger

organizations. e relative ubiquity of online access in the United States, combined with these new

technologies, allows newer rms to more easily expand their business operations.

In this report, we explore the characteristics of, and regulatory landscape for, nonbank nancial

rms with traditional “brick and mortar” footprints not covered in the previous Core Principles

reports, as well as newer business models employed by technology-based rms. We also address

the ability of banks to innovate internally, as well as partner with such technology-based rms.

Foundational to the report’s ndings, we explore the implications of digitization and its impact on

access to clients and their data, focusing on several thematic areas, including:

• e collection, storage, and use of nancial data;

• Cloud services and “big data” analytics;

• Articial intelligence and machine learning; and

• Digital legal identity and data security.

is report includes a limited treatment of blockchain and distributed ledger technologies. ese

technologies, as well as digital assets, are being explored separately in an interagency eort led by

a working group of the Financial Stability Oversight Council. e working group is a convening

mechanism to promote coordination among regulators as these technologies evolve.

Emerging Trends in Financial Intermediation

Financial services are being signicantly reshaped by several important trends, including (1) rapid

advances in technology; (2) increased eciencies from the rapid digitization of the economy; and

(3) the abundance of capital available to propel innovation.

Technological Advances in Financial Services

In addition to other benets, innovations in nancial technology expand access to services for

underserved individuals or small businesses and improve the ease of use, speed, and cost of such

services. Businesses providing nancial services benet from opportunities to improve their prod-

uct oerings to win market share and reduce per-customer operational costs.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Executive Summary • Emerging Trends in Financial Intermediation

Expanded access to credit and nancial services. Digital advice platforms are making nancial plan-

ning tools and wealth management capabilities previously limited to higher net worth households

available to a much broader segment of households. New platforms for lending are developing

business models that take advantage of new types of data and credit analysis, potentially serving

consumer and small business borrower segments that may not otherwise have access to credit

through traditional underwriting approaches. Unbanked or underbanked populations can gain

improved access to banking services through new mobile device-based banking applications.

Expanded speed, convenience, and security. Consumer and business demand for increased

convenience and speed have driven the digitization of nancial services. For example, increased

digitization of the mortgage process has improved the online experience of nancing a home,

but additional innovations could dramatically help to further shorten the time it takes to close

a mortgage, which still took an average of 52 days in 2016.

Borrowers seeking to renance or

consolidate higher-rate student loans or other consumer debts can obtain accelerated credit deci-

sions from some lenders, as can small business entrepreneurs looking to expand their business or

manage their seasonality.

Payment systems also benet from innovations that are delivering greater speed and security. e

proliferation of mobile and person-to-person payments allows end-users a way to quickly transfer

money using identiers such as an e-mail address or phone number. Contactless payment methods

that store and tokenize payment information are also increasingly being used and could provide

a more convenient and secure way to pay. ese innovations are helping small businesses to lower

the barriers to receive payments.

Reduced cost of services and operational eciencies. Online marketplace lenders generally oer

unsecured consumer loans that are designed to renance existing higher-rate debts into lower-

rate debt, reducing borrowing costs for consumers. Digital nancial advice providers are able to

leverage technology to scale their services to larger numbers of investors and to provide such services

at more aordable prices than traditional providers. e increasing digitization of payments is

expected to reduce signicant costs in the current payment processes for businesses and rms by,

for example, replacing physical paper checks with electronic payments and reducing ineciencies

in cross-border payments.

Digitization of Finance and the Economy

Changes in the hardware industry, as reected in advances in core computing and data storage

capacity, represent a sea change in capabilities and expand the potential for nancial services to be

provided on a more cost-eective basis. When considered alongside the ubiquity of mobile devices

and the growth in the volume and facility of applications and exibility of mobile communication,

the implications for nancial services are signicant. e collection and storage of data and the

application of advanced computational techniques allow for a new generation of approaches in the

9. Andreas Fuster et al., The Role of Technology in Mortgage Lending, Federal Reserve Bank of New York Staff

Report No. 836 (Feb. 2018), at 12, available at: https://www.newyorkfed.org/medialibrary/media/research/

staff_reports/sr836.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Executive Summary • Emerging Trends in Financial Intermediation

design, marketing, and delivery of nancial services. At the same time, these new approaches may

raise new concerns about data privacy and theft or misuse.

Consider the recent proliferation of digital data available for analysis. By 2020, digitized data is

forecasted to be generated at a level that is more than 40 times the level produced in 2009.

2012, it was estimated that 90% of the digitized data in the world had been generated in just

the prior two years.

Since 2012, more than one billion more people have gained access to the

internet, with 2.5 billion people connected to the internet in 2012 and 3.7 billion people in

2017.

Globally, there are an estimated 27 billion devices connected to the internet, including

smartphones, tablets, and computers, with expectations for 125 billion connected devices by the

year 2030.

Parallel to these growing improvements in data and connectivity are expanding complementary

technologies, such as cloud computing and machine learning. ese technologies enable rms

to store vast amounts of data and eciently increase computing resources. Unsurprisingly, for

nancial services rms, data analytics and machine learning (or articial intelligence) are two

of the top three areas of tech investment.

Other technology developments that are poised to

impact innovation in nancial services include advances in cryptography and distributed ledger

technologies, giving rise to blockchain-based networks.

Investment Capital

e ow of capital into investments in nancial technology is very large. U.S. rms accounted for

nearly half of the $117 billion in cumulative global investments from 2010 to 2017.

Unfolding

alongside these investments, many large, well-established rms involved in data, software, cloud

computing, internet search, mobile devices, retail e-commerce, payments, and telecommunications

have begun to engage in activities directly or indirectly related to nancial services. Many of

these rms are based in the United States, including rms having some of the largest market

capitalizations in the world.

e availability of capital, the large size of the nancial services market, and continued advance-

ments in technology make accelerating innovation nearly inevitable. is includes investments

in innovation by traditional nancial institutions, such as banks, asset managers and insurers, to

10. A.T. Kearney, Big Data and the Creative Destruction of Today’s Business Models (2013), at 2, available at:

https://www.atkearney.com/documents/10192/698536/Big+Data+and+the+Creative+Destruction+of+Today

s+Business+Models.pdf/f05aed38-6c26-431d-8500-d75a2c384919 (discussing Oracle forecast).

11. Id.

12. Id.

13. IHS Markit, The Internet of Things: A Movement, Not a Market (Oct. 2017), at 2, available at: https://cdn.ihs.

com/www/pdf/IoT_ebook.pdf. For projections that do not consider computers and phones, see Gartner, Inc.,

Press Release – Gartner Says 8.4 Billion Connected “Things” Will be in Use in 2017, up 31 Percent from

2016 (Feb. 7, 2017), available at: https://www.gartner.com/newsroom/id/3598917.

14.

PricewaterhouseCoopers, Redrawing the Lines: FinTech’s Growing Inﬂuence on Financial Services (2017), at

9, available at: https://www.pwc.com/gx/en/industries/ﬁnancial-services/assets/

pwc-global-ﬁntech-report-2017.pdf.

15. Treasury analysis of FT Partners data.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Executive Summary • Summary of Issues and Recommendations

provide higher quality, more secure, and more ecient services while meeting consumer demand

for speed and convenience.

Summary of Issues and Recommendations

Treasury’s review of the regulatory framework for nonbank nancial institutions and innovation

more broadly has identied signicant opportunities to accelerate innovation in the United States

consistent with the Core Principles. is review has identied a wide range of measures that could

promote economic growth, while maintaining strong consumer and investor protections and safe-

guarding the nancial system.

Treasury believes that innovation is critical to the success of the U.S. economy, particularly in the

nancial sector. roughout Treasury’s ndings, opportunities have been identied to modernize

regulation to embrace the use of data, encourage the adoption of advanced data processing and

other techniques to improve business processes, and support the launch of alternative product and

service delivery systems. Support of innovation is critical across the regulatory system — both at

the federal and state levels. Treasury supports encouraging the launch of new business models as

well as enabling traditional nancial institutions, such as banks, asset managers, and insurance

companies, to pursue innovative technologies to lower costs, improve customer outcomes, and

improve access to credit and other services.

Treasury’s recommendations in this report can be summarized in the following four categories:

• Adapting regulatory approaches to changes in the aggregation, sharing, and use of con-

sumer nancial data, and to support the development of key competitive technologies;

• Aligning the regulatory framework to combat unnecessary regulatory fragmentation, and

account for new business models enabled by nancial technologies;

• Updating activity-specic regulations across a range of products and services oered by

nonbank nancial institutions, many of which have become outdated in light of techno-

logical advances; and

• Advocating an approach to regulation that enables responsible experimentation in the

nancial sector, improves regulatory agility, and advances American interests abroad.

A list of all of Treasury’s recommendations in this report is set forth as Appendix B, including the

recommended action, method of implementation (Congressional and/or regulatory action), and

which Core Principles are addressed.

Key themes of Treasury’s recommendations are as follows.

Embracing Digitization, Data, and Competitive Technologies

is report catalogues key elements in the evolution of digitization, data, and scalable technologies

and highlights areas of relevance to many aspects of nancial services, including lending, nancial

advice, and payments. Treasury recommends that key provisions of the Telephone Consumer

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Executive Summary • Summary of Issues and Recommendations

Protection Act be updated, and believes closing the digital divide to enable the entire U.S. popula-

tion to benet from modern information and communication ow is a priority.

Treasury makes numerous recommendations that would improve consumers’ access to data and

its use by third parties that would support better delivery of services in a responsible manner.

Treasury has identied the need to remove legal and regulatory uncertainties currently holding

back nancial services companies and data aggregators from establishing data-sharing agreements

that would eectively move rms away from screen-scraping to more secure and ecient methods

of data access. e U.S. market would be well served by a solution developed in concert with

the private sector that addresses data sharing, standardization, security, and liability issues. It is

important to explore eorts to mitigate implementation costs for community banks and smaller

nancial services companies with more limited resources to invest in technology. Additionally,

Treasury recommends that Congress enact a federal data security and breach notication law to

protect consumer nancial data and ensure that consumers are notied of breaches in a timely and

consistent manner.

Removing regulatory barriers to foundational technologies, including the development of digital

legal identity, is important to improving nancial inclusion and enabling the use of scalable,

competitive technologies. Similarly, facilitating the further development and incorporation

of cloud technologies, machine learning, and articial intelligence into nancial services is

important to realizing the potential these technologies can provide for nancial services and the

broader economy.

Aligning the Regulatory Framework to Promote Innovation

Many statutes and regulations addressing the nancial sector date back decades. As a result, the

nancial regulatory framework is not always optimally suited to address new business models and

products that continue to evolve in nancial services. is has the potential negative consequence

of limiting innovation that might benet consumers and small businesses. Financial regulation

should be modernized to more appropriately address the evolving characteristics of nancial ser-

vices of today and in the future.

It is important that state regulators strive to achieve greater harmonization, including considering

drafting of model laws that could be uniformly adopted for nancial services companies cur-

rently challenged by varying licensing requirements of each state. Treasury encourages eorts to

streamline and coordinate examinations and to encourage, where possible, regulators to conduct

joint examinations of individual rms. Treasury supports Vision 2020, an eort by the Conference

of State Bank Supervisors that includes establishing a Fintech Industry Advisory Panel to help

improve state regulation, harmonizing multi-state supervisory processes, and redesigning the suc-

cessful Nationwide Multistate Licensing System.

At the federal level, Treasury encourages the Oce of the Comptroller of the Currency to further

develop its special purpose national bank charter, previously announced in December 2016. A

forward-looking approach to federal charters could be eective in reducing regulatory fragmenta-

tion and growing markets by supporting benecial business models.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Executive Summary • Summary of Issues and Recommendations

Finally, Treasury encourages banking regulators to better tailor and clarify guidance regarding

bank partnerships with nonbank nancial rms, particularly smaller, less-mature companies with

innovative technologies that do not present a material risk to the bank. Treasury believes it is

important to encourage the partnership model to promote innovation. Further, Treasury makes

recommendations regarding changes to permissible activities, including bank activities related to

acquiring or investing in nonbank platforms.

Updating Activity-Speciﬁc Regulations

is report surveys a wide range of activities where specic recommendations for regulatory reform

are suggested. e range of nancial services includes:

Marketplace Lending

Marketplace lenders are expanding access to credit for consumers and businesses in the United

States. Treasury recognizes that partnerships between banks and marketplace lenders have been

valuable to enhance the capabilities of mature nancial rms. Treasury recommends eliminating

constraints brought about by recent court cases that would unnecessarily limit the functioning

of U.S. credit markets. Congress should codify the “valid when made” doctrine and the role of

the bank as the “true lender” of loans it makes. Federal banking regulators should also use their

available authorities to address both of these challenges.

Mortgage Lending and Servicing

Treasury recognizes that the primary residential mortgage market has experienced a fundamental

shift in composition since the nancial crisis, as traditional deposit-based lender-servicers have

ceded sizable market share to nonbank nancial rms, with the latter now accounting for approxi-

mately half of new originations. Some of this shift has been driven by the post-crisis regulatory

environment, including enforcement actions brought under the False Claims Act for violations

related to government loan insurance programs. Additionally, many nonbank lenders have ben-

etted from early adoption of nancial technology innovations that speed up and simplify loan

application and approval at the front-end of the mortgage origination process. Policymakers should

address regulatory challenges that discourage broad primary market participation and inhibit the

adoption of technological developments with the potential to improve the customer experience,

shorten origination timelines, facilitate ecient loss mitigation, and generally deliver a more reli-

able, lower cost mortgage product.

Student Lending and Servicing

e federal student loan program represents more than 90% of outstanding student loan volume

and is managed by an extensive network of nonbanks for servicing and debt collection. e pro-

gram is complex due to a variety of loan types, repayment plans, and product features that make

the program dicult for borrowers to navigate and increase the diculty and cost of servicing.

Treasury recommends that the U.S. Department of Education establish and publish minimum

eective servicing standards to provide servicers clear guidelines for servicing and help set expecta-

tions about how the servicing of federal loans is regulated. Treasury provides recommendations

related to the greater use of technology in communications with borrowers, enhanced portfolio

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Executive Summary • Summary of Issues and Recommendations

performance monitoring and management by Education, and greater institutional accountability

for schools participating in the federal nancial aid programs.

Short-Term, Small-Dollar Lending

While the demand for short-term, small-dollar loans is high, lenders have been constrained by

unnecessary regulatory guidance at the federal level. Treasury recommends that the Bureau of

Consumer Financial Protection (Bureau) rescind its Payday Rule, which applies to nonbank short-

term, small-dollar lenders, as the states already maintain the necessary regulatory authorities and

the rule would further restrict consumer access to credit. Treasury also recommends that both

federal and state banking regulators take steps to encourage prudent and sustainable short-term,

small-dollar installment lending by banks.

Debt Collection

Debt collectors and debt buyers play an important role in minimizing losses in consumer credit

markets, thereby allowing for increased availability of and lower priced credit to consumers. A

variety of stakeholders have expressed concerns about the adequacy of loan information provided

when a loan is sold or transferred for collection. When debt collectors and buyers do not receive

adequate information, they are unable to demonstrate to the consumer that the debt is valid and

owed. Treasury recommends the Bureau establish minimum eective federal standards for third-

party debt collectors, including standards for the information that must be transferred with the

debt for purposes of third-party collection or sale.

New Credit Models and Data

A growing number of rms have begun to use or explore a wide range of newer data sets or

advanced algorithms, including machine learning-based methods, to support credit underwriting

decisions. Treasury recognizes that these new credit models and data sources have the potential to

meaningfully expand access to credit and the quality of nancial services, and therefore recom-

mends that nancial regulators further enable their testing. In particular, regulators should provide

regulatory clarity for the use of new data and modeling approaches that are generally recognized as

providing predictive value consistent with applicable law for use in credit decisions.

Credit Bureaus

e consumer credit bureaus collect sensitive information on millions of Americans, and thus are

required to protect the information they collect. While the credit bureaus are subject to state and

federal regulation for consumer protection purposes, and have been subject to state and federal

enforcement actions related to data security, they are not routinely supervised for compliance with

the federal data security requirements of the Gramm-Leach-Bliley Act. Treasury recommends that

the relevant agencies use appropriate authorities to coordinate regulatory actions to protect con-

sumer data held by credit reporting agencies and that Congress continue to assess whether further

authority is needed in this area. Treasury also recommends that Congress amend the Credit Repair

Organizations Act to exclude national credit bureaus and national credit scorers in order to allow

these entities to provide credit education and counseling services to consumers to prospectively

improve their credit scores.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Executive Summary • Summary of Issues and Recommendations

IRS Income Verication

e Internal Revenue Service (IRS) system that lenders and vendors use to obtain borrower tax

transcripts is outdated and should be modernized in order to minimize delays in accessing tax

information, which would facilitate the consumer and small business credit origination process.

In other data aggregation situations, such as gathering borrower bank balances, lenders generally

are able to obtain the needed borrower nancial information through an application program-

ming interface (API) to instantaneously and safely transfer data. e IRS’s current technology

should be updated to accommodate lender access of borrower information to instantaneously

and safely transfer data, comparable to similar private sector solutions. While the IRS is working

to update its technology more broadly, these eorts would benet from additional funding,

which would facilitate upgrades to support more ecient income verication, bringing a critical

component of the credit process up to speed with broader innovations in nancial technology.

Payments

Treasury recommends that the states work to harmonize money transmitter requirements for

licensing and supervisory examinations, and urges the Bureau to provide more exibility regarding

the issuance of remittance disclosures. Treasury encourages the Federal Reserve to move quickly

in facilitating a faster retail payments system, such as through the development of a real-time

settlement service that would allow for more ecient and widespread access to innovative payment

capabilities. Such a system should take into account the ability of smaller nancial institutions, such

as community banks and credit unions, to access innovative technologies and payment services.

Wealth Management and Digital Financial Planning

Digital nancial planning tools can expand access to advice for Americans to accumulate suf-

cient wealth, particularly as individuals have become more responsible for their own retirement

planning. Under the current regulatory structure, nancial planners may be regulated at both

the federal and state levels. Although many nancial planners are regulated by the Securities and

Exchange Commission or state securities regulators, they may also be subject to regulation by the

Department of Labor, the Bureau, federal or state banking regulators, state insurance commission-

ers, state boards of accountancy, and state bars. is patchwork of regulatory authority increases

costs and potentially presents unnecessary barriers to the development of digital nancial planning

services. Treasury recommends that an appropriate existing regulator of a nancial planner be

tasked with primary oversight of that nancial planner and other regulators defer to that regulator.

Regulating a 21st Century Economy

Treasury advocates an agile approach to regulation that can evolve with innovation. It is critical

not to allow fragmentation in the nancial regulatory system, at both the federal and state level,

to interfere with innovation. Financial regulators must consider new approaches to eectively

promote innovation, including permitting meaningful experimentation by nancial services rms

to create innovative products, services, and processes.

Internationally, many countries have established “innovation facilitators” and various regulatory

“sandboxes” — testing grounds for innovation. ese sandboxes have each generally supported

common principles, such as promoting the adoption and growth of innovation in nancial services,

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Executive Summary • Summary of Issues and Recommendations

providing access to companies in various stages of the business lifecycle, providing varying degrees

of regulatory relief while maintaining consumer protections, and improving the timeliness of regu-

lator feedback oered throughout the development lifecycle. While replicating this approach in

the United States is complicated by the fragmentation of our nancial regulatory system, Treasury

is committed to working with federal and state nancial regulators to establish a unied solution

that accomplishes these objectives — in essence, a regulatory sandbox.

e ability of regulators to engage with the private sector to test and understand new technolo-

gies and innovations as they arise is equally important. Treasury recommends that Congress pass

legislation authorizing nancial regulators to use other transaction authority for research and

development and proof of concept technology projects. Treasury encourages nancial regulators to

pursue robust engagement eorts with industry and establish clear points of contact for outreach

to enable the symbiotic relationship necessary to maintaining U.S. global competitiveness.

Treasury will work to ensure actions taken by international organizations align with U.S. national

interests and the domestic priorities of U.S. regulatory authorities. is should include a focus on

the needs of U.S. companies that operate on a global basis. Participation by the relevant experts

in international forums and standard-setting bodies is important to share experiences regarding

respective regulatory approaches and to benet from lessons learned.

A Bright Future for Innovation

e United States is the global leader in technological innovation. e pace of technological devel-

opment in nancial services has increased exponentially, oering potential benets to the U.S.

economy. Treasury encourages all nancial regulators to stay abreast of developments in technology

and to properly tailor regulations in a manner that does not constrain innovation. Regulators must

be more agile than in the past in order to fulll their statutory responsibilities without creating

unnecessary barriers to innovation. Ensuring a bright future for nancial innovation, regulators

should take meaningful steps to facilitate and enhance the nation’s strength in technology and

work toward the common goals of fostering vibrant nancial markets and promoting growth

through responsible innovation.

Embracing Digitization,

Data, and Technology

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Overview

Overview

e cost of collecting, transmitting, and storing vast amounts of data has sharply declined over the

last 20 years, which has driven a technological revolution in many industries. Related technologies

built on top of this increased ability to collect and manage data, like machine learning and articial

intelligence, have enabled a wide range of practical applications, many of which are relevant to the

nancial services industry. e combination of digitization, data, and technology can promote

economic growth, increase consumer satisfaction, and improve choice, opportunity, and economic

inclusion for all Americans. ese factors also stimulate innovation, increase competition, and

enhance the global competitiveness of the United States.

Key upgrades to the regulatory system are needed to enable the nancial system to realize the ben-

ets of economy-wide advances in these new technologies, including updating rules for nancial

services in the digital economy, assuring the existence of secure and open access to nancial data,

and aligning requirements for core infrastructure and competitive technologies. In each instance,

there is a signicant role for both the public and private sector — in fact, collaboration between

the two is essential. Likewise, many regulations were adopted in and for a very dierent era, requir-

ing a focus on modernization and appropriate tailoring that is consistent with the Core Principles.

Digitization

e transformation of business into the digital era has had a profound impact on innovation

and economic growth. Converting information into digital form made it possible for data to

be electronically stored, transmitted, and analyzed. As the costs of storing and processing data

have decreased, the amounts of data collected and retained have correspondingly increased. When

combined with developments in communication and networking, the modern economy exists in

a digital environment that allows near-instantaneous access to signicant volumes of information.

Ensuring this data is used in a manner that safely creates new products and services with positive

eects on the economy and society is an important national objective.

e key driver of this digital business environment is the increasingly widespread use of digital

devices by Americans. Consider that nearly 90% of U.S. adults are online.

Moreover, 77% own a

mobile phone with advanced digital capabilities, 53% own a tablet, and 46% have used digital voice

assistants.

Most Americans use a combination of phone calls, text messages, and e-mails to manage

their business and personal relationships. As a result, Americans’ digital addresses (e.g., e-mail, device,

chat ID) have increasingly become the equivalent of what a physical mailing address or telephone

landline was in the past — the most eective way to reach a person for a business purpose.

16. Pew Research Center, Internet/Broadband Fact Sheet (Feb. 5, 2018), available at: http://www.pewinternet.org/

fact-sheet/internet-broadband/.

17.

Kenneth Olmstead, Pew Research Center, Nearly Half of Americans Use Digital Voice Assistants, Mostly on

their Smartphones (Dec. 12, 2017), available at: http://www.pewresearch.org/fact-tank/2017/12/12/nearly-

half-of-americans-use-digital-voice-assistants-mostly-on-their-smartphones/; Pew Research Center, Mobile

Fact Sheet (Feb. 5, 2018), available at: http://www.pewinternet.org/fact-sheet/mobile/.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Digitization

100

Social Media

Tablet

Broadband*

Internet

Smartphone

Figure 1: Technology Adoption and Usage

51%

38%

Mobile

banking**

33%

17%

2015

2017

Fintech

services***

Percent of U.S. adults who own

2000 2002 2004 2006 2008 2010 2012 2014 2016

* used at home.

** as a percentage of survey respondents that have a bank account.

*** as a percentage of survey respondents that are active online.

Source (left): Chart and data recreated from Pew Research Center analysis.

Sources (right): For mobile banking data, Federal Reserve analysis of Survey of Household Economics and

Decisionmaking and Survey of Consumers’ Use of Mobile Financial Services.

For fintech services growth, see Ernst and Young, EY FinTech Adoption Index 2017, at 13.

Financial institutions and technology-focused rms have recognized this shift in where consum-

ers “reside” and have consequently been transforming their business activities to meet customers’

demand for digital interaction where possible. Consumers are rapidly adopting services provided

by new ntech companies. Survey data indicate that up to one-third of online U.S. consumers

use at least two ntech services — including nancial planning, savings and investment, online

borrowing, or some form of money transfer and payment.

Banking is also increasingly digital. Today, 50% of people with bank accounts use mobile devices

to access their information, up from 20% in 2011,

while the number of physical bank branches

18. Ernst & Young Global Limited, EY FinTech Adoption Index 2017: The Rapid Emergency of FinTech (2017),

available at: https://www.ey.com/Publication/vwLUAssets/ey-ﬁntech-adoption-index-2017/%24FILE/ey-ﬁn-

tech-adoption-index-2017.pdf.

19.

Ellen A. Merry, Board of Governors of the Federal Reserve System, Mobile Banking: A Closer Look at Survey

Measures, FEDS Notes (Mar. 27, 2018), available at: https://doi.org/10.17016/2380-7172.2163.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Digitization

has been declining since 2009.

U.S. banks of all sizes are enabling digital engagement with their

customers and are increasingly oering mobile phone applications that provide for a full suite of

banking services, among other eorts.

is digital transformation of the economy and nancial services requires wide-ranging changes

to the U.S. regulatory system. For example, there is a need to modernize regulations for digitally

communicating with consumers. Other regulations that should be implemented are discussed

throughout this report and include: updating regulations to better facilitate secure access to digi-

tized data, authentication of digital identity, and support for core nancial service activities such as

lending, payments, and investment advice.

Digital Communications

Telephone Consumer Protection Act

In 1991, Congress passed the Telephone Consumer Protection Act (TCPA) to restrict telemarket-

ing calls and the use of automatic telephone dialing systems (autodialers) and prerecorded voice

messages.

e Federal Communications Commission (FCC) is responsible for rules implement-

ing the TCPA. Among the restrictions, the TCPA forbids telemarketers from calling a cell phone

using an autodialer without rst obtaining prior express consent of the called party.

However,

current implementation of the TCPA constrains the ability of nancial services rms to use digital

communication channels to communicate with their customers despite consumers’ increasing reli-

ance on text messaging and e-mail communications through their mobile devices.

In 2015, the FCC issued an order responding to 21 requests for clarication or amendment to

the FCC’s TCPA rules and orders.

Financial services rms raised three primary concerns with

the FCC’s 2015 order. First, the denition of autodialer was overly broad because it included the

capacity to make an autodialed call, as opposed to the actual use of the equipment as an autodialer.

Second, by only providing a one-call safe harbor, which permitted a caller only a single call to

determine whether a phone number was reassigned, the FCC order exposed rms to signicant

liability — up to a $500-per-call penalty — for dialing reassigned numbers, even when one call

was insucient to permit the rm to learn that the number was reassigned. ird, the order per-

mitted consumers to revoke consent “using any reasonable method,” and prohibited callers from

“infring[ing] on that ability by designating an exclusive means to revoke.”

Regarding revocation,

rms asked for clear guidance detailing reasonable methods of revocation given the TCPA’s penal-

ties for noncompliance.

20. Julie Stackhouse, Federal Reserve Bank of St. Louis, Why Are Banks Shuttering Branches?, On the

Economy Blog (Feb. 26, 2018), available at: https://www.stlouisfed.org/on-the-economy/2018/february/

why-banks-shuttering-branches.

21. Public Law No. 102-243 [codiﬁed at 47 U.S.C. § 227].

22. 47 U.S.C. § 227(b)(1)(A).

23. See Federal Communications Commission, In the Matter Rules and Regulations Implementing the Telephone

Consumer Protection Act of 1991 et al., Declaratory Rule and Order, CG Docket No. 02-278 (June 18, 2015),

available at: https://apps.fcc.gov/edocs_public/attachmatch/FCC-15-72A1_Rcd.pdf (“FCC 2015 Order”).

24.

Id. at 7996.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Digitization

On March 16, 2018, the U.S. Court of Appeals for the D.C. Circuit ruled on these three issues in

a case brought against the FCC by ACA International, a trade group representing debt collectors.

First, the D.C. Circuit held that the FCC’s denition of autodialer was arbitrary and capricious

because, under the FCC’s denition, “all smartphones qualify as autodialers because they have

the inherent ‘capacity’ to gain [autodialer] functionality by downloading an app.”

Second, the

Court held that the one-call safe harbor was arbitrary and capricious because the FCC failed to

explain why a “caller’s reasonable reliance on a previous subscriber’s consent necessarily cease[s] to

be reasonable once there has been a single, post-reassignment call.”

ird, the Court upheld the

FCC’s use of a “reasonable means” standard for revocation of consent but left open the possibility

of dierent “revocation rules mutually adopted by contracting parties.”

After the D.C. Circuit’s decision, the FCC reconsidered how the TCPA applies to reassigned

numbers, issuing a proposed rule on preventing unwanted calls to reassigned numbers and seeking

comment on methods to establish a reassigned numbers database.

A reassigned numbers database

— long supported by market participants and consumer advocates — could reduce unwanted

calls to consumers and reduce caller liability by permitting callers to conduct due diligence to

learn whether a number has been recently reassigned and, if it has, remove that number from their

autodialed calls.

Fair Debt Collection Practices Act

Congress enacted the Fair Debt Collection Practices Act (FDCPA), in part, to “eliminate abu-

sive debt collection practices by debt collectors.”

e responsibility of enforcement is shared by

the Bureau of Consumer Financial Protection (the Bureau) and the Federal Trade Commission

(FTC).

However, current implementation of the FDCPA may inadvertently make interactions

between debt collectors and consumers needlessly cumbersome. e FDCPA prohibits debt col-

lectors from disclosing information about a consumer’s debt to unauthorized third parties and

allows consumers to terminate communication about the debt.

While using e-mail or voicemail

to communicate with a consumer about his or her debt is permissible under FDCPA, potential

litigation risk can arise if the debt collector inadvertently discloses information regarding the debt

to an unauthorized third party while using contact information provided by the borrower. As a

result, even if consumers increasingly prefer to communicate digitally, such as via text messages and

e-mail, litigation risk can discourage debt collectors from doing so.

25. ACA International v. FCC, 885 F.3d 687 (D.C. Cir. 2018).

26.

Id. at 700.

27. Id. at 707.

28. Id. at 709-10.

29. Advanced Methods to Target and Eliminate Unlawful Robocalls (Apr. 20, 2018) [83 Fed. Reg. 17631 (Apr. 23,

2018)].

30.

Id.

31. 15 U.S.C. § 1692(e).

32. Id. § 1692l; see also Bureau of Consumer Financial Protection, Fair Debt Collection Practices Act: Annual

Report 2018 (Mar. 2018), at 7, available at: https://s3.amazonaws.com/ﬁles.consumerﬁnance.gov/f/documents/

cfpb_fdcpa_annual-report-congress_03-2018.pdf.

33. 15 U.S.C. § 1692c(b).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Digitization

Recommendations

Treasury recognizes that the increasingly digitized nature of the economy and nancial system

requires revisiting of customer communication and disclosure rules that were designed primarily

for an era of physical mail and telephone calls. Treasury has identied some opportunities for

reform of the TCPA and FDCPA regulatory regimes but recommends that regulators proactively

identify other rules in need of revision.

Treasury recommends that the FCC continue its eorts to address the issue of unwanted calls

through the creation of a reassigned numbers database. Treasury recommends that the FCC create

a safe harbor for calls to reassigned numbers that provides callers a sucient opportunity to learn

that the number has been reassigned.

In addition, Treasury recommends that the FCC provide clear guidance on reasonable methods for

consumers to revoke consent under the TCPA.

Additionally, Congress should consider statutory changes to the TCPA to mitigate unwanted calls

to consumers and provide for a revocation standard similar to that provided under the FDCPA.

Treasury also recommends that the Bureau promulgate regulations under the FDCPA to codify that

reasonable digital communications, especially when they reect a consumer’s preferred method,

are appropriate for use in debt collection.

Closing the Digital Divide

“Digital divide” describes the gap between populations that have access to modern information

and communication technology and those that have no or limited access. e FCC estimates

30% of people living in rural America lack access to broadband compared to 2.1% of people

in urban areas, which means that nearly 24 million rural Americans cannot fully access the

benets of the digital economy.

Access to the digital economy allows Americans to benet

from the rapid growth of technology and innovation.

Broadband access has become increasingly important for economic opportunity, job creation,

education, and civic engagement. Rural communities have made large gains in adopting

technology, but substantial segments of rural America still lack the infrastructure needed for

high-speed internet, and any access that rural areas have is often slower than that of non-

rural areas.

In February 2017, the FCC took action designed to expand and preserve mobile

coverage across rural America and in tribal lands.

e FCC stated that the next stages of the

34. Federal Communications Commission, 2018 Broadband Deployment Report (Feb. 2, 2018), available at:

https://apps.fcc.gov/edocs_public/attachmatch/FCC-18-10A1.pdf.

35.

Andrew Perrin, Pew Research Center, Digital Gap Between Rural and Nonrural America Persists,

blog post (May 19, 2017), available at: http://www.pewresearch.org/fact-tank/2017/05/19/

digital-gap-between-rural-and-nonrural-america-persists/.

36. Federal Communications Commission, In the Matter of Connect America Fund Universal Service Reform –

Mobility Fund, Report and Order and Further Notice of Proposed Rulemaking (Feb. 23, 2017), available at:

https://apps.fcc.gov/edocs_public/attachmatch/FCC-17-11A1_Rcd.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

Connect America Fund

will be implemented and will provide additional funding for rural

xed broadband over the next decade.

Additional support for these eorts is reected in Executive Order 13821, which states that

“it shall therefore be the policy of the executive branch to use all viable tools to accelerate the

deployment and adoption of aordable, reliable, modern, high-speed broadband connectivity

in rural America.”

Concurrently, the President instructed the Secretary of the Interior to

develop a plan to increase access to tower facilities and other infrastructure managed by the

Department of the Interior in rural America for broadband deployment.

Deployment of more infrastructure to support broadband in rural areas will help to close the

digital divide and assist more Americans in underserved communities to participate in the

digital economy and overcome geographic isolation.

Consumer Financial Data

As a result of digitization, vast amounts of data now exist in forms that can be readily aggregated

and analyzed with computing power. Online and mobile applications that draw on these data

make it possible for consumers to view banking and other nancial account information, often

held at dierent nancial institutions, on a single platform, monitor the performance of their

investments in real-time, compare nancial and investment products, and even make payments

or execute transactions. Applications can also assist with automatic savings, budget advice, credit

decisions, and fraud and identity theft detection in real-time.

In short, digitized record-keeping and these applications have exponentially improved a consumer’s

ability to make nancial decisions. It has given rise to a new sector of nonbank nancial institu-

tions focused on products and services utilizing data aggregation, based on data obtained with the

consumer’s consent. e rise of such nancial institutions presents questions regarding the way in

which they operate and are currently regulated.

37. The Connect America Fund, also known as the Universal Service High-Cost Fund, is the FCC’s program to

expand voice and broadband services for areas where they are unavailable.

38.

Federal Communications Commission, Connect America Fund Phase II Auction Scheduled for July 24, 2018 -

Notice and Filing Requirements and Other Procedures for Auction 903 (Feb. 1, 2018), available at: https://apps.

fcc.gov/edocs_public/attachmatch/FCC-18-6A1.pdf.

39. Executive Order 13821, Streamlining and Expediting Requests to Locate Broadband Facilities in Rural

America (Jan. 8, 2018) [83 Fed. Reg. 1507 (Jan. 11, 2018)].

40.

Executive Ofﬁce of the President, Supporting Broadband Tower Facilities in Rural America on Federal

Properties Managed by the Department of the Interior (Jan. 8, 2018) [83 Fed. Reg. 1511 (Jan. 12, 2018)].

41.

See Letter from the Center for Financial Services Innovation to the Bureau of Consumer Financial Protection,

CFPB-2016-0048 Request for Information Regarding Consumer Access to Financial Records (Feb. 21,

2017), available at: https://www.regulations.gov/document?D=CFPB-2016-0048-0047.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

Data Aggregation

Data aggregation generally refers to any process in which information from one or more sources is

compiled and standardized into a summary form.

Often data are aggregated for specic business

or research purposes such as statistical analysis, performance tracking, or recordkeeping. As of the

end of June 2018, ve of the largest publicly-traded U.S. companies by market capitalization are

integral drivers of the digital economy and use data aggregation for telecommunications, logistics,

marketing, social media, and other purposes.

How Data Aggregation Works

At the most basic level, data aggregation in the nancial services sector necessarily involves consum-

ers, nancial services rms, data aggregators, and consumer nancial technology (ntech) application

providers. “Consumers” are the individuals who are users of nancial services and the principal pro-

viders of the information collected by nancial service companies. In the consumer nancial services

data aggregation framework, consumers decide which applications to use in order to access their data,

give consent for that access, and provide necessary authentication (i.e., login) information.

“Financial services companies” or “nancial services rms” include banks, mutual funds, insurance

companies, broker-dealers, wealth management rms, and other nancial institutions that provide

traditional retail banking, depository, credit, brokerage, investment, and other account manage-

ment services to consumers. ese companies are the sources of consumer nancial account and

transaction data.

“Data aggregators” are the rms that access, aggregate, share, and store consumer nancial account

and transaction data they acquire through connections to nancial services companies. Aggregators

are intermediaries between the ntech applications that consumers use to access their data, on the

one hand, and the sources of data at nancial services companies on the other. An aggregator may

be a generic provider of data to consumer ntech application providers and other third parties, or

it may be part of a company providing branded and direct services to consumers.

Finally, “consumer ntech application providers” are the rms that access consumer nancial

account and transaction data, either from data aggregators or nancial services companies, in

order to provide value-added products and services to consumers. Consumers access these services

through “ntech applications” — i.e., the websites or mobile apps — created by these rms.

Consumer ntech application providers may also have direct links to nancial services companies

in order to, for example, provide direct services to a bank’s customers, access payments systems, or

facilitate credit origination.

Operationally, the key data aggregation processes involve acquiring, compiling, standardizing, and

disseminating consumer nancial data. Data aggregators may dier in the breadth and sophistica-

tion of the aggregation services they oer, and may specialize in dierent types of data or target a

42. See also Request for Information Regarding Consumer Access to Financial Records (Nov. 14, 2016) [81 Fed.

Reg. 83806, 83808-09 (Nov. 22, 2016)] (“Data Aggregation RFI”).

43.

These companies are Apple, Amazon, Alphabet [Google], Microsoft, and Facebook, based on Treasury analysis

of Bloomberg data.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

specic developer base.

Some data aggregators may focus on aggregating nancial account bal-

ances, transactions data, or credit card activity, for example, or they may primarily support con-

sumer ntech application providers geared toward oering specic products (such as auto loans or

mortgages) or services (such as peer-to-peer payments or budget tracking).

44. For an account of the evolution of data aggregation services, see Michael Kitces, The Six Levels of Account

Aggregation #FinTech and PFM Portals for Financial Advisors, blog post (Oct. 9, 2017), available at: https://

www.kitces.com/blog/six-levels-account-aggregation-pfm-ﬁntech-solutions-accounts-advice-automation/.

Figure 2: Participants in the Consumer Financial Services Data Aggregation Framework

Participant Description Role

Consumers • Individuals • Choose which ﬁntech applications serve needs

• Accept terms and conditions

• Give consent for data sharing

• Provide login credentials or other information for

authentication

Data

aggregators

• Firms that aggregate consumer

ﬁnancial data to share with other

third-parties, e.g. consumer ﬁntech

application providers

• Firms that aggregate consumer

ﬁnancial data to provide branded

and direct services to consumers

• Compile consumer ﬁnancial account and

transaction data obtained (1) through consumer-

provided credentials (e.g., screen-scraping)

and/or (2) through authorized connections with

ﬁnancial services companies (e.g., APIs)

• Provide data to consumer ﬁntech application

providers and other third-parties

• May develop own ﬁntech applications

• Often invisible to consumers

Consumer

ﬁntech

application

providers

• Third-party ﬁrms offering value-

added ﬁnancial products and

services to consumers

• Create and market ﬁntech applications for

consumers

• Frequently rely on data from aggregators to run

applications

• Applications enable consumers to monitor

accounts, track budget and ﬁnancial goals, pay

bills, make peer-to-peer payments, take out loans,

receive investment advice, etc.

Financial

services

companies

• Retail banks and other depository

institutions

• Retail broker-dealers

• Mutual fund companies

• Wealth management ﬁrms

• Insurance companies

• Other traditional ﬁnancial

institutions

• Provide traditional banking, investment, insurance

and other ﬁnancial services to consumers

• Sources of consumer ﬁnancial account and

transaction data

• Data may be accessed directly (e.g., APIs) or

indirectly (e.g., screen-scraping)

Source: Treasury staff analysis.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

In general, data aggregators make data available by providing a platform on or through which con-

sumer ntech application providers can build and run their applications and provide an interface

with consumers. Because data aggregators are few in number compared to nancial services com-

panies — a relative handful versus thousands — and because they have generally sunk the costs of

connecting to nancial services companies, consumer ntech application providers only have to

“build” to the data aggregators’ specications and not to hundreds or thousands of platforms run

by individual nancial institutions.

Before these processes and interfaces can commence, however, a data aggregator requires access to

consumers’ data housed at nancial services companies. At present, there are two primary methods

through which data aggregators gain access to consumer nancial data: “screen-scraping” and

application programming interfaces (APIs).

Screen-Scraping

When data aggregators and consumer ntech application providers lack a direct connection to run

ntech applications using data housed at nancial services companies, they often rely on screen-

scraping. In screen-scraping, consumers provide their account login credentials — usernames and

passwords — in order to use the ntech application.

Consumers may or may not appreciate that

they are providing their credentials to a third-party, and not logging in directly to their nan-

cial services company. Using these login credentials, data aggregators access consumers’ nancial

45. By one data aggregator’s account, there are eight major aggregators of consumer-authorized data in the United

States. See MX Technologies Inc., A List of Financial Data Aggregators in the United States, blog post (Mar. 5,

2018), available at: https://www.mx.com/moneysummit/a-list-of-ﬁnancial-data-aggregators-in-the-united-states.

The listed data aggregators were Intuit, Quovo, Plaid, Envestnet/Yodlee, Morningstar/ByAllAccounts, Fiserv/

CashEdge, Finicity, and MX.

46.

Screen-scraping is not a recent development. As far back as 2001, regulators identiﬁed the practice of shar-

ing consumer login credentials for data aggregation services as raising additional risks. See Ofﬁce of the

Comptroller of the Currency, Bank-Provided Account Aggregation Services, OCC Bulletin 2001-12 (Feb.

28. 2001), available at: https://www.occ.gov/news-issuances/bulletins/2001/bulletin-2001-12.html; Federal

Financial Institutions Examination Council, E-Banking

, IT Examination Handbook (Aug. 2003), at App. D, avail-

able at: https://ithandbook.fﬁec.gov/media/274777/fﬁec_itbooklet_e-banking.pdf.

Fintech

application

Consumer

fintech

provider

Consumer

credentials

Consumer

credentials

Data

aggregator

Consumer data

Consumer

credentials

Bank 1

Bank 2

Bank 3

Figure 3: Screen-Scraping

Consumers

Source: Treasury staff analysis.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

accounts, and then, either manually or through specialized software, acquire the nancial account

and transaction data and even process data requests or execute transactions. Equally concerning,

nancial services companies are not always aware when screen-scraping methods are being used to

access their customers’ data.

Although screen-scraping can be an eective method of obtaining data, it is generally considered

to have certain vulnerabilities and drawbacks. Many of the risks and concerns associated with

data aggregation described in this report — whether for consumers, nancial services companies,

consumer ntech application providers, or data aggregators themselves — stem from the practice

of screen-scraping.

Application Programming Interfaces

e second method of accessing consumer nancial account and transaction data is through an

API or similar form of direct feed. For purposes of this report, an API can be loosely described

as a clearly specied program that links two or more systems and that enables a well-dened

communication and data exchange between them in order to run applications and other software.

An API is not a specic technology, but rather a technology-enabled agreement or protocol that

enables a computer system or source of data to interact with or be used by other software.

Unlike

in the case of screen-scraping, data aggregation through an API generally means that nancial

services companies are knowingly participating in the sharing of data. As such, nancial services

companies can potentially deploy APIs that allow for the inclusion of robust security features,

greater transparency and access controls for consumers, improved data accuracy, and more pre-

dictable and manageable information technology costs. APIs, however, cost money to develop,

which could raise particular hurdles for smaller nancial institutions with fewer information

technology resources.

APIs may be designed to be open or they may be restricted to selected partners. In an open API,

any third-party data aggregator or consumer ntech application provider that meets certain prede-

termined and published standards (e.g., security, licensing, etc.) can gain access to consumer data

and build consumer-facing applications. In contrast, partnered APIs entail bilateral and exclusive

agreements between nancial services companies and data aggregators or consumer ntech appli-

cation providers. In either case, the API method of access is generally enabled through consumer

consent provided to the nancial services company or at the API access point rather than through

giving consumer login credentials to third-parties.

47. To illustrate how this works, think for example of nearly any app or website — for example, for ride-sharing ser-

vices, retail stores, special events, etc. — that includes a map or the ability to provide point-to-point (or turn-

by-turn) directions. These apps and websites generally do not create their own maps and navigation software.

Instead, they would incorporate the maps and navigation software of an internet-based provider that specializes

in aggregating mapping and navigation data. This provider makes its mapping and navigation products available

for use by third-parties by establishing an API that includes instructions, tools, and other resources that enable

software developers to incorporate such products into their own apps and websites.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

Fintech app Data aggregator

Data flow

Bank

Fintech app 1

Fintech app 2

Fintech app 3

Data aggregator 1

Data aggregator 2

Open

API

Bilateral/

partnered

API

Bank 1

Bank 2

Bank 3

Figure 4: Application Programming Interfaces (AP

A. Bilateral/Partnered API

B. Open API

Consumers

Source: Treasury staff analysis.

Efforts to Improve Data Aggregation

Data aggregators, consumer ntech application providers, and nancial services companies gener-

ally agree that consumers should have secure and reliable access to their nancial account and

transaction data, and that, in principle, consumers, if they opt-in, should be able to utilize ntech

applications and other innovations that make use of their data. However, there is a lack of consen-

sus on what secure and reliable access entails. As described by one observer, “the U.S. debate seems

stuck at the yet-to-be resolved issue of migrating account aggregators from screen scraping-based

to more secure and ecient API-based data-sharing methodologies.”

As long as this impasse

remains unresolved, consumers will be caught in the middle.

Consequently, data aggregators, consumer ntech application providers, and nancial services compa-

nies in the United States are looking for better approaches to data aggregation. Despite the recognized

advantages of using APIs as opposed to screen-scraping methods for data aggregation, current APIs have

their limitations. Some data aggregators have entered into bilateral agreements to obtain data through

an API, but this approach can be dicult to scale given the large number of U.S. nancial services

companies. In addition, data aggregators told Treasury that access through APIs was frequently and

48. Bob Hedges, The Clearing House, Banking Perspectives: Consumer Data in an API-Enabled World

(4th Qtr. 2017), available at: https://www.theclearinghouse.org/banking-perspectives/2017/2017-q4-banking-

perspectives/articles/open-banking.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

unilaterally restricted, interrupted, or terminated by nancial services companies.

Hence, Treasury’s

understanding is that a signicant amount of data is still obtained through screen-scraping.

Much of the focus is on improving API methods to resolve issues such as standardizing data

elements and fair and proportional allocation of liability and accountability in the event of a data

breach. In some cases, participants from across the data aggregation framework are collaborating to

develop robust open APIs that serve the needs of all stakeholders.

Further, trade groups are also

starting to solidify views and have developed principles with respect to data aggregation.

Open Banking in the United Kingdom

In considering regulatory approaches for data aggregation, the eorts in other countries

that have created their own regulatory regimes for consumer access to nancial account

and transaction data can provide a useful comparison point. In August 2016, the United

Kingdom’s Competition and Markets Authority (CMA) issued a report, which concluded

that the market for retail banking was not suciently competitive and was dominated

by large banks. e CMA outlined a package of remedies called Open Banking, which

required the nine largest U.K. banks to adopt “open API banking standards… [and] to

make data available using these standards.”

Other banks can opt-in on a voluntary basis.

49. See also Robin Sidel, Big Banks Lock Horns with Personal-Finance Web Portals, The Wall Street Journal

(Nov. 4, 2015).

50.

One such effort is being carried out through the OFX Consortium, the origins of which date back to 1997.

The OFX speciﬁcation is one of original standards for the exchange of ﬁnancial information between consum-

ers and ﬁnancial services providers. In April 2016, the OFX Consortium released OFX 2.2, which introduced

new standards including data tags and tokenized authentication solutions for sharing consumer ﬁnancial data.

See OFX Consortium, OFX 2.2 Released with OAuth-Token based Authentication¸ Business Wire (Apr. 7,

2016), available at: https://www.businesswire.com/news/home/20160407006078/en/OFX-2.2-Released-

OAuth-Token-based-Authentication. A more recent effort is that of the Aggregation Services Working Group

of the FS-ISAC. The Working Group, which consists of representatives from ﬁnancial services companies,

data aggregators, and ﬁntech developers, recently issued the second version of its API for secure, tokenized

data transfer. See Financial Services Information Sharing and Analysis Center, Press Release – FS-ISAC

Enables Safer Financial Data Sharing with API (Feb. 13, 2018), available at: https://www.fsisac.com/article/

fs-isac-enables-safer-ﬁnancial-data-sharing-api.

51.

See, e.g., Securities Industry and Financial Markets Association, SIFMA Data Aggregation Principles (Apr.

2018), available at: https://www.sifma.org/wp-content/uploads/2018/04/sifma-Data-Aggregation-Principles.

pdf. The SIFMA principles afﬁrm that consumers “may use third-parties to access their ﬁnancial account data”

and “such access should be safe and secure.” See also Renee Hobbs, Envestnet|Yodlee, Envestnet|Yodlee,

Quovo and Morningstar ByAllAccounts: Statement of Joint Principles for Ensuring Consumer Access to

Financial Data, blog post (May 11, 2018), available at: https://www.yodlee.com/blog/envestnet-yodlee-quovo-

and-morningstar-byallaccounts-statement-of-joint-principles-for-ensuring-consumer-access-to-ﬁnancial-data/.

These three data aggregators proposed a “Secure Open Data Access” framework, which includes the follow-

ing four components: (1) consumers must be able to access their ﬁnancial account data for purposes of using

any legitimate application; (2) consumers must provide afﬁrmative consent on the basis of clear and conspicu-

ous disclosure regarding the use of their data; (3) all entities who handle consumer account information must

adhere to best practices for security standards and implement traceability/transparency; and (4) the entity

responsible for a consumer’s ﬁnancial loss must make the consumer whole.

52.

See Competition and Markets Authority, Retail Banking Market Investigation: Final Report (Aug. 9, 2016), at

441-461, available at: https://assets.publishing.service.gov.uk/media/57ac9667e5274a0f6c00007a/retail-

banking-market-investigation-full-ﬁnal-report.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

ese remedies are aimed at increasing competition, including lowering costs for consumers

switching between nancial institutions.

e rst stage of Open Banking went live in March 2017, when the covered banks were required

to make certain “open data” — i.e., public information such as the location of branches and

automated teller machines as well as the terms of certain banking products — widely available

online. e full Open Banking standard came into eect in January 2018. e CMA estab-

lished the nonprot Open Banking Implementation Entity (OBIE) to work with banks and

third-party ntech developers to help integrate with Open Banking and to test their products

and services based on the data. Fintech developers enrolled in Open Banking must be regulated

by the U.K. Financial Conduct Authority.

Open Banking uses “read/write” APIs with standards and specications dened by OBIE.

To securely access and share data, the participating banks develop API “endpoints” on which

ntech developers can build applications. e use of APIs permits consumers to retain full

control over their account information. Consumers must give explicit consent before using

any ntech applications and are redirected to their bank’s login screen to enter their login

credentials. Consumers determine which information can be accessed, for how long and for

what purpose, and can revoke their consent at any time. Shared data is encrypted and its usage

is tracked, and only regulated persons can access it.

ere are signicant dierences between the United States and the United Kingdom with

respect to the size, nature, and diversity of the nancial services sector and regulatory mandates.

Given those dierences, an equivalent Open Banking regime for the U.S. market is not readily

applicable. Nonetheless, as Open Banking matures in the United Kingdom, U.S. nancial

regulators should observe developments and learn from the British experience.

Issues and Recommendations

Consumers’ ability to realize the benets of data aggregation is limited, in part due to the lack

of agreement between data aggregators and nancial services companies over access to consumer

nancial account and transaction data. However, Treasury recognizes that signicant strides have

been made in recent years to bridge these disagreements. As information and data technology

advances, and with sustained commitment to the principle that consumers should be able to

freely access and use their nancial account and transaction data, Treasury believes that improved

approaches to data aggregation that will benet consumers and nancial institutions alike are

surely attainable.

Consumer Access to Financial Account and Transaction Data

e only express statutory provision regarding access to a consumer’s own nancial account and

transaction data is Section 1033 of the Dodd-Frank Wall Street Reform and Consumer Protection

Act (Dodd-Frank).

It states that, subject to rules prescribed by the Bureau, nancial services

53. As of July 2018, there were 33 regulated third-party providers enrolled in Open Banking. See https://www.

openbanking.org.uk/regulated-providers/.

54.

Codiﬁed at 12 U.S.C. § 5533.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

companies subject to the Bureau’s jurisdiction as covered persons

are required to make available

to a consumer, upon request, certain nancial account and transaction data concerning any prod-

uct or service obtained by the consumer from that nancial services company.

is data must be

made available in an electronic form usable by the consumer.

In November 2016, the Bureau issued a request for information to better understand the benets

and risks associated with market developments that rely upon data aggregation.

Subsequently, the

Bureau published nonbinding principles in October 2017 expressing a vision for a “robust, safe,

and workable data aggregation market,”

although it noted that “few, if any, individual stakehold-

ers” enumerated all of the consumer protection concerns presented in the principles.

As described by the Bureau, nancial data subject to consumer and consumer-authorized access

may include any transaction, series of transactions, or other aspect of consumer usage, the terms of

any account, such as a fee schedule, realized consumer costs, such as fees or interest paid, and real-

ized consumer benets, such as interest earned or rewards.

e principles underscore the role of

companies that access consumers’ nancial data, with their permission, in order to provide services

that hold the promise of “improved and innovative consumer nancial products and services.”

In addition to the Bureau, other groups have developed their own principles for data aggregation,

including the Securities Industry and Financial Markets Association, the Consumer Financial

Data Rights Coalition, and the Center for Financial Services Innovation.

While Treasury is not

endorsing any particular set of principles, they contain common themes on topics such as security,

access, and consumer consent, which can form the basis for consensus on consumer-authorized

data aggregation.

55. Under Section 1002(6) of Dodd-Frank [12 U.S.C. § 5481(6)], a “covered person” is deﬁned as “any person

that engages in offering or providing a consumer ﬁnancial product or service,” and any afﬁliate of such a person,

if the afﬁliate acts as a service provider to that person. Notwithstanding the broad deﬁnition of “covered person,”

other provisions place limits on the Bureau’s jurisdiction for certain entities. See, e.g., 12 U.S.C. § 5517.

56. 12 U.S.C. § 5533(a). Section 1033, however, applies only to information that the covered person can retrieve

in the ordinary course of its business with respect to that information. 12 U.S.C. § 5533(b)(4).

57.

12 U.S.C. § 5533(a).

58. Data Aggregation RFI.

59. Bureau of Consumer Financial Protection, Consumer Protection Principles: Consumer-Authorized Financial

Data Sharing and Aggregation (Oct. 18, 2017), available at: https://s3.amazonaws.com/ﬁles.consumerﬁnance.

gov/f/documents/cfpb_consumer-protection-principles_data-aggregation.pdf (“Bureau Data Principles”).

60. Bureau of Consumer Financial Protection, Consumer-Authorized Financial Data Sharing and Aggregation:

Stakeholder Insights that Inform the Consumer Protection Principles (Oct. 18, 2017), at 2, available at: https://

ﬁles.consumerﬁnance.gov/f/documents/cfpb_consumer-protection-principles_data-aggregation_stakeholder-

insights.pdf (“Bureau Stakeholder Insights”).

61.

Bureau Data Principles, at 3.

62. Id. at 1.

63. See footnote 51. See also Center for Financial Services Innovation, CFSI’s Consumer Data Sharing Principles:

A Framework for Industry-Wide Collaboration (Oct. 2016), available at: https://s3.amazonaws.com/cfsi-innova-

tion-ﬁles-2018/wp-content/uploads/2016/10/27001530/2016-Consumer-Data-Sharing-CDAWG-One-pager-

Final-1.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

Direct Consumer Access Versus Consumer-Authorized Access

In response to the Bureau’s request for information, conicting views were expressed on whether

data aggregators are covered by Section 1033.

Some nancial services companies argued that

access rights apply only to direct consumer access to their data but not to consumer-authorized

access through a data aggregator or a ntech application. In contrast, consumer groups, data aggre-

gators, and consumer ntech application providers asserted that consumers are entitled to access

their nancial account and transaction data via ntech applications.

e denition of “consumer” in Title X of Dodd-Frank includes not only an individual, but

“an agent, trustee, or representative acting on behalf of an individual.”

is denition is best

interpreted to cover circumstances in which consumers armatively authorize, with adequate

disclosure, third parties such as data aggregators and consumer ntech application providers to

access their nancial account and transaction data from nancial services companies. Otherwise,

narrowly interpreting Section 1033 as applying only to direct consumer access would do little to

advance consumer interests by eliminating many of the benets they derive from data aggregation

and the innovations that ow through from ntech applications.

Recommendation

Treasury recommends that the Bureau arm that for purposes of Section 1033, third parties

properly authorized by consumers, including data aggregators and consumer ntech application

providers, fall within the denition of “consumer” under Section 1002(4) of Dodd-Frank for the

purpose of obtaining access to nancial account and transaction data.

Entities Covered by Data Access Requirements

Section 1033 applies only to “covered persons” under Dodd-Frank, which includes a subset of

nancial services companies. Furthermore, the Bureau’s jurisdiction is subject to limitations for

some nancial services companies subject to regulation by other federal or state regulators, includ-

ing: persons regulated by a state securities commission, to the extent that such persons act in a

regulated capacity, or by the Securities and Exchange Commission (SEC);

persons regulated by

the Department of Labor (DOL) that are oering 401(k) plans or employee benet plans;

and

persons regulated by state insurance regulators that are oering insurance products.

Financial services companies primarily regulated by regulators other than the Bureau play impor-

tant roles in the retirement savings plans of many Americans. While one approach is to expand the

scope of Section 1033 to expressly include these companies, Treasury does not believe that step is

necessary. Treasury has not identied evidence of market failure with respect to electronic access

to data held by nancial services companies not subject to Section1033. In outreach meetings,

nancial planners and investment advisers advised Treasury that many broker-dealers and their

64. See Bureau Stakeholder Insights, at 4-5.

65. 12 U.S.C. § 5481(4).

66. See 12 U.S.C. § 5517(h)-(i).

67. See 12 U.S.C. § 5517(g).

68. See 12 U.S.C. § 5517(f).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

custodians have been providing nancial account and transaction data in a usable electronic format

for a long time.

Such data, for instance, is needed to produce performance reports and monitor

asset allocations. However, in outreach meetings with Treasury, nancial planners and investment

advisers indicated that the current data feeds from broker-dealers were generally reliable.

Recommendations

Treasury recommends that regulators such as the SEC, Financial Industry Regulatory Authority,

DOL, and state insurance regulators recognize the benets of consumer access to nancial account

and transaction data in electronic form and consider what measures, if any, may be needed to

facilitate such access for entities under their jurisdiction.

However, Treasury recommends against

further legislative action to expand the scope of Section 1033 at this time.

Consumer Disclosure, Consent, and Termination

e products and services discussed in this section require consumer authorization as the legal basis

for accessing the nancial account and transaction data. But consumers cannot make informed

choices without transparent, comprehensible, and readily accessible disclosure. Without adequate

disclosure, consumers will be unable to clearly understand and weigh the risks and benets of using

ntech applications and letting third-parties access and use their personal and nancial data.

Some ntech applications and data aggregators make hard-to-follow disclosures as to which nan-

cial account and transaction data will be obtained and how that data will be utilized and stored.

In other cases, the disclosures, terms, and conditions may be hard to nd or they may be written

in dense legalistic language that induces the consumer to head straight to the “accept” button, or

else forgo usage of the service.

Disclosures may not be fully eective to the extent that consumers remain unaware of the data

relationships underlying the services they are using. For example, for ntech applications that

rely on a data aggregator to obtain or process the consumer’s nancial account and transaction

data, the role of the data aggregator may be opaque to the consumer. As consumers increasingly

access ntech applications through their mobile devices, the likelihood that they will read and

understand long and meticulous disclosures diminishes.

While complex disclosures designed to protect service providers rather than inform consumers

are a problem, consumers should make every eort to read disclosures so that they understand

their rights and obligations. It is not enough to assert that measures are needed to ensure that

consumers understand what they are agreeing to when they use third-party applications. As one

observer wrote, “[d]isclosures written in plain language might increase consumer awareness, but

69. A number of the ﬁnancial planners and investment advisers indicated that it was more difﬁcult to obtain data

from 401(k) plans, particularly the smaller ones, than from traditional broker-dealers.

70.

See, e.g., General Instruction C.(3).g of Form N-1A under the Securities Act and Investment Company Act

(requiring electronic machine-readable information about mutual funds).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

that only works if consumers actually read the ‘Terms and Conditions’ before downloading the

latest nancial app.”

While consumers have to some extent become conditioned to opt for convenience over security,

they nevertheless continue to look to their primary nancial institutions for protection of their

personal and nancial data.

is raises issues of importance for these nancial institutions,

including how to verify that their customers have in fact authorized a third party to access their

account or initiate a transaction. Further, data aggregators may obtain signicantly more consumer

nancial data than necessary to provide the service that the customer requested, often unknown

to the customer. e implications of these features give rise to a potentially wide cascade of issues

regarding downstream use of the data, including broader issues related to data privacy that are

beyond the scope of this report.

Finally, consumers should have an easy way to revoke their consent to data aggregator access to

their nancial account and transaction data. Otherwise, data aggregators may retain and continue

to use the data and, in some circumstances, may even be able to acquire additional data. It is

important that requirements regarding customer authorization be improved to allow customers to

exercise control over the scope and duration of data being obtained, how the data is used, and to

whom it may be provided.

Recommendations

Treasury recommends that the Bureau work with the private sector to develop best practices on

disclosures and terms and conditions regarding consumers’ use of products and services powered

by consumer nancial account and transaction data provided by data aggregators and nancial

services companies. e goal should be to provide disclosures and terms and conditions that are

written in plain language, readily accessible, readable through the preferred device used by consum-

ers to access services, and presented in a reasonably simple and intuitive format so that consumers

can give informed and armative consent regarding to whom they are granting access, what data is

being accessed and shared, and for what purposes. If necessary, the Bureau should consider issuing

principles-based disclosure rules pursuant to its authority under Section 1032 of Dodd-Frank.

Treasury also believes that consumers should have the ability to revoke their prior authorization

that permits data aggregators and ntech applications to access their nancial account and transac-

tion data. Data aggregators and ntech applications should provide adequate means for consumers

71. Amber Goodrich, Computer Services, Inc., 5 Challenges of Sharing Consumer Data,

blog post (Nov. 8, 2017), available at: https://www.csiweb.com/resources/blog/

post/2017/11/08/5-challenges-of-sharing-consumer-data.

72. According to one survey, 91% of U.S. consumers willingly accept the terms and conditions of various mobile

applications and services without reading them; for ages 18 to 34 the acceptance rate of terms and condi-

tions, without reading them, is 97%. See Deloitte, 2017 Global Mobile Consumer Survey: US Edition (2017),

at 12, available at: https://www2.deloitte.com/content/dam/Deloitte/us/Documents/technology-media-tele-

communications/us-tmt-2017-global-mobile-consumer-survey-executive-summary.pdf. See also A.T. Kearney,

Key Findings from the Consumer Digital Behavior Study (Apr. 2018), available at: https://www.atkearney.com/

ﬁnancial-services/the-consumer-data-privacy-marketplace/the-consumer-digital-behavior-study (“Consumers

view banks as their best agent in protecting consumer data privacy and security”).

73.

See 12 U.S.C. § 5532.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

to readily revoke the prior authorization. If necessary, banking regulators and the SEC should

consider issuing rules that require nancial services companies to comply with a consumer request

to limit, suspend, or terminate access to the consumer’s nancial account and transaction data by

data aggregators and ntech applications.

Moving Away from Screen-Scraping to More Secure Access Methods

e practice of using login credentials for screen-scraping poses signicant security risks, which

have been recognized for nearly two decades.

Screen-scraping increases cybersecurity and fraud

risks as consumers provide their login credentials to access ntech applications. During outreach

meetings with Treasury, there was universal agreement among nancial services companies, data

aggregators, consumer ntech application providers, consumer advocates, and regulators that the

sharing of login credentials constitutes a highly risky practice.

APIs are a potentially more secure method of accessing nancial account and transaction data than

screen-scraping. A number of foreign jurisdictions have opted to promote access through APIs,

in part due to security concerns. e United Kingdom, through its open banking initiative, has

specied regulatory standards for data sharing through APIs.

e European Union has adopted

the Revised Payment Service Directive (PSD2), which requires banks to grant licensed third-party

payment service providers access to bank infrastructure and account data. PSD2 also contemplates

the standardization of APIs.

Singapore has encouraged the use of bank APIs but has not made it

a regulatory mandate.

Data aggregators and consumer ntech application providers have expressed reservations with an

API approach. ey claim, for example, that their eorts to work with nancial services companies

to do away with screen-scraping have for the most part been met with resistance, and that nancial

services companies have largely refused to enable direct access to their data or to set up open APIs.

ere are concerns that without some sort of industry standard or regulatory guidance, API access

could be restricted to certain types of data dictated by the nancial services company, as opposed to

the consumer, susceptible to unexpected interruptions and terminations, and subject to unreason-

able and disproportionate liability.

Recommendations

Treasury sees a need to remove legal and regulatory uncertainties currently holding back nancial

services companies and data aggregators from establishing data sharing agreements that eectively

74. See footnote 46.

75. Open Banking Ltd., Guidelines for Read/Write Participants (ver. 3.2, May 2018), available at: https://www.openbanking.

org.uk/wpcore/wp-content/uploads/Guidelines-for-Read-Write-Participants.pdf.

76.

Directive (EU) 2015/2366 of the European Parliament and of the Council (Nov. 25, 2015), available at: http://

eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32015L2366&from=EN.

77.

Ong Chong Tee, Monetary Authority of Singapore, The Future of Banking – Evolution, Revolution or a Big

Bang? (Apr. 16, 2018), available at: http://www.mas.gov.sg/News-and-Publications/Speeches-and-Monetary-

Policy-Statements/Speeches/2018/The-Future-of-Banking.aspx.

78. See, e.g., Daniel Castro and Michael Steinberg, Center for Data Innovation, Blocked: Why Some Companies

Restrict Data Access to Reduce Competition and How Open APIs Can Help (Nov. 6, 2017), available at:

http://www2.datainnovation.org/2017-open-apis.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

move rms away from screen-scraping to more secure and ecient methods of data access. Treasury

believes that the U.S. market would be best served by a solution developed by the private sector,

with appropriate involvement of federal and state nancial regulators.

A potential solution should address data sharing, security, and liability. Any solution should explore

eorts to mitigate implementation costs for community banks and smaller nancial services com-

panies with more limited resources to invest in technology.

Liability for Unauthorized Access

Screen-scraping also appears tied to the issue of liability. Financial services companies have expressed

concerns that they may bear the burden of any losses arising from a breach at the data aggregator

or a downstream ntech application. Even if the consumer’s losses are not limited by Regulation

such as when a consumer authorized a person other than the consumer to initiate an electronic

funds transfer by providing login credentials to such third party, the consumer may nonetheless

expect the bank or other nancial institution to make him or her whole for any losses.

Providing login credentials to a data aggregator creates opportunities for bad actors to illicitly

obtain such highly sensitive credentials and allow assets to be transferred out of the account.

Screen-scraping also can allow a data aggregator to obtain signicantly more data than needed by

the underlying ntech application, including sensitive personally identiable information, which

could be subsequently stolen.

Moving away from screen-scraping can facilitate resolution of the

liability issue by eliminating the need for login credentials, reducing the amount and sensitivity of

unnecessary data being acquired by data aggregators and decreasing the possibility of an unauthor-

ized transaction.

Some data aggregators have entered into agreements with nancial services companies to access

the nancial account and transaction data through an API but conditioned on contractual liability

and indemnication of the nancial services company. Other data aggregators have been unable

or unwilling to reach agreement on such terms. In such circumstances, data aggregators usually

continue to obtain data through screen-scraping.

As the U.S. Government Accountability Oce (GAO) has observed, the issue of nancial respon-

sibility for consumer losses and access to consumer nancial transaction data has been discussed at

meetings of federal banking regulators and the Bureau under the auspices of the Federal Financial

Institutions Examination Council (FFIEC). However, these discussions have not resulted in any

specic policy outcomes to guide market participants.

Without resolution of liability and other

79. 12 C.F.R. Part 205. Regulation E implements the Electronic Fund Transfer Act, which establishes a framework

of the rights, liabilities, and responsibilities of participants in the electronic fund and remittance transfer systems.

80.

The sensitivity of consumer ﬁnancial transaction data can vary. For example, data indicating that a bank account

is a checking account may be less sensitive than the associated ABA routing and account numbers. If a ﬁntech

application only needs to know the account type, then it would be unnecessary to obtain the more sensitive

ABA routing and account numbers.

81. U.S. Government Accountability Ofﬁce, Financial Technology: Additional Steps by Regulators Could Better

Protect Consumers and Aid Regulatory Oversight (Mar. 2018) at 54-57, available at: https://www.gao.gov/

assets/700/690803.pdf (“GAO Fintech Report”). GAO reported that some regulators indicated that they had

not taken more steps to resolve the disagreements surrounding ﬁnancial account aggregation because they are

concerned over acting too quickly. Id. at 56.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

issues, “consumers could have to choose between facing potential losses or not using what they

may nd to be an otherwise valuable nancial service, and ntech rms providing useful services

to consumers will face barriers to providing their oerings more broadly.”

Recommendations

Treasury recommends that any potential solution discussed in the prior recommendation also

address resolution of liability for data access. If necessary, Congress and nancial regulators should

evaluate whether federal standards are appropriate to address these issues.

Standardization of Data Elements

ere are other areas in which collaboration among market participants could improve consumers’

ability to use their data. Collaborative attempts have been made among nancial services compa-

nies, data aggregators, and consumer ntech application providers to create standardized data ele-

ments, including eorts by Open Financial Exchange (OFX) and Financial Services Information

Sharing and Analysis Center (FS-ISAC).

However, these eorts have not achieved full consensus

to date. A standardized set of data elements and formats would help to foster innovation in services

and products that use nancial account and transaction data, because it may be more ecient to

develop a single agreed-upon taxonomy. Data elements would need to be developed for a broad

range of products and services related to banking, investments, retirement, loans, insurance, and

taxes. Standardization could improve the market eciency for nancial products and services by

making it easier to engage in comparative analysis.

Data currently obtained by aggregators from separate nancial services companies can be incom-

patible and must be cleaned and standardized before it can be used. Financial services companies

often use “disparate and customized formats to send and share information, employing dierent

nomenclature for [otherwise] common terms.”

Recommendations

Treasury recommends that any potential solution discussed in the prior recommendation address

the standardization of data elements as part of improving consumers’ access to their data. Any

solution should draw upon existing eorts that have made progress on this issue to date. If neces-

sary, Congress and nancial regulators should evaluate whether federal standards are appropriate

to address these issues.

Clarifying When Data Aggregators Are Subject to Third-Party Guidance

Some banks have raised concerns over whether third-party guidance may apply if a bank enters

into an API agreement with a data aggregator that establishes terms of access, because the bank has

82. Id. at 57.

83. See footnote 50.

84. Conrad Sheehan, Accenture, To Capitalize on Open Banking, the Industry Needs Standards,

American Banker (Apr. 10, 2018), available at: https://www.americanbanker.com/opinion/

to-capitalize-on-open-banking-the-industry-needs-standards.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

entered into a contract.

ird party guidance clearly applies when a bank itself is providing data

aggregation as a service to its customers and has hired a data aggregator to collect the data with

its customer’s authorization because the data aggregator becomes a service provider to the bank.

But when the data aggregator has entered into an API agreement with the bank where it is not

providing a service to the bank, it is unclear whether third party guidance may still apply.

Data aggregators would not consider themselves service providers to banks when, for example, they

rely on screen-scraping to access nancial account and transaction data that has been authorized

by a consumer.

However, if data aggregators were to instead enter into an API agreement with a

bank, it may become subject to third-party guidance because of the contractual relationship, which

can increase compliance costs.

is regulatory uncertainty over the application of third-party guidance may, therefore, be inad-

vertently discouraging more API agreements between banks and data aggregators.

Recommendation

Treasury recommends that the banking regulators remove ambiguity stemming from the third-

party guidance that discourages banks from moving to more secure methods of data access such as

APIs. Further discussion of bank regulatory oversight of third-party relationships is addressed in

the following chapter on Aligning the Regulatory Framework to Promote Innovation.

Current Regulation of Data Aggregators

e greater the amount of consumer nancial account and transaction data that is retained by data

aggregators, the greater is the possible harm to consumers that could result from a data breach.

Although data aggregators do not have a specic regulatory scheme similar to banks or other

depository institutions, they are currently subject to regulation under the federal consumer protec-

tion laws administered by the FTC as well as state consumer protection laws.

Some nancial

services companies have suggested that the absence of the same level of regulatory oversight of

data aggregators and downstream consumer ntech application providers raises signicant risks

for consumers.

In particular, they have argued that the security practices of data aggregators are

not comparable to the standards applied at banks and the security practices of consumer ntech

application providers are even weaker.

85. Banking regulators have issued guidance for assessing and managing risks in third-party relationships. The

guidance views a third-party relationship as “any business arrangement between a bank and another entity, by

contract or otherwise.”

86.

Treasury is aware that some data aggregators have entered into agreements with banks, sometimes on an infor-

mal basis, while engaging in screen-scraping. For example, a data aggregator may agree to pull the data during

the night in order to minimize disruption to the bank’s computer systems.

87. In outreach meetings with Treasury, data aggregators have asserted that they mitigate data breach risk by only

retaining aggregated and anonymized data that is not associated with any personally identiﬁable information of

the consumer.

88.

To the extent that a data aggregator or consumer ﬁntech application provider is providing services to a bank, the

services provided are subject to the third-party oversight framework imposed by banking regulators under the

Bank Services Company Act.

89.

American Bankers Association, Fintech – Promoting Responsible Innovation (May 2018), at 3-4, available at:

https://www.aba.com/Advocacy/Documents/ﬁntech-treasury-report.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

Data aggregators and consumer ntech application providers are subject to the Gramm-Leach-

Bliley Act (GLBA),

which is a federal law specifying the ways that nancial institutions, including

some nonbank nancial institutions, protect the security and condentiality of nonpublic personal

information of individuals.

e provisions in GLBA govern how nancial institutions, as dened

under the statute,

implement administrative, technical, and physical safeguards to insure the

security and condentiality of customer records, protect against any anticipated threats or haz-

ards, and protect against unauthorized access.

Financial institutions must explain their policies

to their customers that are designed to safeguard sensitive data.

ese provisions of GLBA are

enforced by the FTC, the federal banking agencies, the SEC, and the Commodity Futures Trading

Commission (CFTC). To be compliant with GLBA, nancial institutions must apply specic

protections to customers’ private data in accordance with the institution’s data security plan.

To implement GLBA, the FTC set forth the primary information security provisions in its

Safeguards Rule.

e FTC’s Safeguards Rule requires nancial institutions to assess and develop a

documented security plan that describes the company’s program to protect customer information,

including the following areas particularly important to information security: employee manage-

ment and training, information systems, and detecting and managing system failures.

e intent

of the GLBA information security requirements in the Safeguards Rule is to protect consumers and

reduce reputational damage caused by unauthorized sharing or loss of private customer data. e

FTC has indicated that data aggregators and consumer ntech application providers signicantly

engaged in nancial services and products are nancial institutions under GLBA and therefore

subject to the Safeguards Rule.

In addition, there are eorts underway to regulate consumer-authorized data aggregation, includ-

ing potential legislation, at the state level. However, Treasury believes that state-by-state regulation,

which would be more cumbersome and costly to comply with as compared with regulation by a

single federal regulator, would not be workable given the complexity of data issues at hand.

Recommendation

Moving away from screen-scraping and eliminating the sharing of login credentials will address

the most signicant concerns raised about the need to increase regulation of data aggregators and

90. Public Law No. 106-102 [codiﬁed at 15 U.S.C. Ch. 94]. Also known as the Financial Services Modernization

Act of 1999.

91.

15 U.S.C. § 6801(a).

92. Financial institutions include companies that offer consumer ﬁnancial products or services like loans, ﬁnancial or

investment advice, or insurance.

93.

15 U.S.C. § 6801(b).

94. Id. § 6803(c)(3).

95. 15 U.S.C. §§ 6801, 6805(b); 16 C.F.R. Part 314.

96. 16 C.F.R. §§ 314.3 and 314.4.

97. Federal Trade Commission, Financial Institutions and Customer Information: Complying with the Safeguards

Rule (Apr. 2006), available at: https://www.ftc.gov/tips-advice/business-center/guidance/ﬁnancial-institutions-

customer-information-complying (stating that the Safeguards Rule applies to companies that receive informa-

tion about the customers of other ﬁnancial institutions).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

consumer ntech application providers. While data security concerns will remain an important

issue, the Safeguards Rule appropriately addresses such concerns.

To the extent that any additional regulation of data aggregation is necessary, Treasury recommends

that it occur at the federal level by regulators that have signicant experience in data security and

privacy, and that will have, through legislation if necessary, broad jurisdiction to ensure equivalent

treatment in the nonnancial sector.

Data Security and Breach Notiﬁcation

Data Security Standards

e data security provisions of GLBA are enforced by the federal banking agencies for depository

institutions,

the SEC and the CFTC for entities under their jurisdiction, and the FTC for all

other nancial institutions.

100

With the exception of the FTC, these federal agencies are authorized

to routinely supervise and examine for compliance with these provisions of GLBA and their imple-

menting regulations. ese agencies all maintain authority to implement regulations for GLBA.

Data security standards are signicantly dierent between nonnancial companies, such as retail-

ers and manufacturers, and nancial institutions. Vast amounts of consumer payment credentials

and nancial data are routinely stored on a nonnancial company’s internal or third-party systems,

used for marketing purposes, or simply used to complete transactions instantly. Yet, nonnancial

companies are not subject to comprehensive federal data security standards under GLBA and are

not subject to routine examination for compliance with data security standards. e only height-

ened obligation to protect data comes from the exercise of the FTC’s authority under Section5 of

the Federal Trade Commission Act

101

to bring enforcement actions against nonnancial companies

for unfair or deceptive practices. e FTC has exercised this authority more than 60 times since

2002; however, this authority is limited to enforcement action and does not give the FTC supervi-

sion and examination rights over these nonnancial companies.

102

In addition to federal standards, nonnancial companies and nancial institutions subject to the

FTC’s jurisdiction under GLBA must comply with applicable state laws that impose heightened

or specic data security standards. To date, only 13 states have imposed data security standards for

protection of consumer nancial data, which have dierent requirements. For instance, Florida

requires a business to take “reasonable measures” to protect and secure personal information data

98. In addition to the information security requirements, GLBA also contains privacy requirements as to how ﬁnan-

cial institutions collect, use, and maintain nonpublic personal information and under what circumstances

that information can be shared. These provisions are applicable to ﬁnancial institutions under the Bureau’s

Regulation P [12 C.F.R. Part 1016].

99.

See Interagency Guidelines Establishing Information Security Standards, as codiﬁed at 12 C.F.R. Part 30, App.

B (OCC); 12 C.F.R. Part 208, App. D-2 and Part 225, App. F (Federal Reserve); and 12 C.F.R. Part 364, App.

B (FDIC).

100.

Insurance data security was examined in the Asset Management and Insurance Report.

101. 15 U.S.C. § 45(a)(1).

102. Federal Trade Commission, Privacy & Data Security Update: 2017, available at: https://www.ftc.gov/system/

ﬁles/documents/reports/privacy-data-security-update-2017-overview-commissions-enforcement-policy-initia-

tives-consumer/privacy_and_data_security_update_2017.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

that is stored in “electronic form,” but Utah does not dierentiate between personal information

stored electronically or on paper.

103

Over the last several years, many nonnancial companies have been subject to signicant data

breaches of consumer nancial data. For example, in 2013, Target announced that payment card

information of 41 million consumers was compromised.

104

In 2014, Home Depot announced that

the payment card information of more than 50 million customers was stolen in a data breach.

105

More recently, the retailer Hudson’s Bay Co. advised roughly 5 million customers of its subsidiary

stores Lord & Taylor and Saks Fifth Avenue that their payment credentials had been compro-

mised.

106

Data breaches are not unique to nonnancial companies and have aected nancial

institutions as well.

107

Data Breach Notiﬁcation

e United States does not have a national law establishing uniform national standards for notify-

ing consumers of data breaches, or for providing them a clear and straightforward mechanism for

resolving disputes.

108

In the absence of uniform national standards, states have been aggressive in

developing their own data breach notication laws. Each state law may apply to any company

located in that state or that does business with residents of that state. In practice, this means that

in the event of a data breach companies could be subject to the data breach notication laws of 50

states as well as of the District of Columbia, Puerto Rico, Guam, and the U.S. Virgin Islands.

109

State laws for data breach notication often include specic provisions regarding the number of

aected individuals that will trigger notication requirements, the timing of notication, and form

of notication, among other requirements. Unsurprisingly, state data breach notication laws are

far from uniform. Indeed, they vary in a number of signicant ways, including with respect to

the most fundamental aspect, namely the scope of data covered under the denition of personal

103. Compare Fla. Stat. § 501.171(2) with Utah Code § 13-44-201.

104. Target Brands, Inc., Press Release – Target Conﬁrms Unauthorized Access to Payment Card Data

in U.S. Stores (Dec. 19, 2013), available at: https://corporate.target.com/press/releases/2013/12/

target-conﬁrms-unauthorized-access-to-payment-car.

105. The Home Depot, News Release – The Home Depot Reports Finding in Payment Data Breach Investigation

(Nov. 6, 2014), available at: http://ir.homedepot.com/news-releases/2014/11-06-2014-014517315.

106.

Mike Murphy, Saks, Lord & Taylor Data Breach May Affect 5 Million Customers,

MarketWatch (Apr. 1, 2018), available at: https://www.marketwatch.com/story/

saks-lord-taylor-data-breach-may-affect-5-million-customers-2018-04-01.

1 07. For example, JPMorgan Chase was subject to a data breach in 2014 and Equifax suffered a data breach in

2017.

108.

Federal banking regulators have adopted guidance for depository institutions in the event of unauthorized

access to customer information. See Interagency Guidance on Response Programs for Unauthorized Access to

Customer information and Customer Notice [70 Fed. Reg. 15736 (Mar. 29, 2005)].

109.

National Conference of State Legislatures, Security Breach Notiﬁcation Laws (Mar. 29, 2018), available at:

http://www.ncsl.org/research/telecommunications-and-information-technology/security-breach-notiﬁcation-

laws.aspx.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

information.

110

Other inconsistencies among states’ breach notication laws can make compli-

ance dicult for rms and entail disparate treatment for consumers. e lack of uniformity and

eciency aects both nonnancial companies and nancial institutions.

Recommendation

Congress has considered establishing a federal data security standard and breach notication

standard on several occasions. For example, during the 114

Congress, two separate bills, sharing

many common principles, successfully passed their respective committees.

111

During this Congress,

legislation has again been considered to establish these federal standards.

Treasury recommends that Congress enact a federal data security and breach notication law to

protect consumer nancial data and notify consumers of a breach in a timely manner. Such a law

should be based on the following principles:

• Protect consumer nancial data

• Ensure technology-neutral and scalable standards based on the size of an entity and type

of activity in which the entity engages

• Recognize existing federal data security requirements for nancial institutions

• Employ uniform national standards that preempt state laws

Digital Legal Identity

Digital identity products and services hold promise for improving the trustworthiness, secu-

rity, privacy, and convenience of identifying individuals and entities, thereby strengthening

the processes critical to the movement of funds, goods, and data as the global economy races

deeper into the digital age. Digital identity systems also have the potential to generate cost

savings and eciencies for nancial services rms. For instance, trustworthy digital identity

systems could improve customer identication and verication for onboarding and authoriz-

ing account access, general risk management, and antifraud measures.

Legal Identity

Legal identity is distinct from broader concepts of personal and social identity. Legal identity

is the specication of a unique natural or legal person that (1) is based on certain pre-specied

characteristics or attributes of the person that are intended to establish the person’s uniqueness,

(2)is recognized by the state under national law, and (3) ascribes legal rights and duties to

that person. Proof of legal identity is required to open a bank, brokerage, or other account at

a regulated nancial institution. Digital legal identity uses electronic means to unambiguously

assert and authenticate a real person’s unique legal identity.

110. For example, Maryland speciﬁcally includes biometric data of an individual such as a ﬁngerprint, voice print,

genetic print, retina or iris image, or other unique biological characteristics, while other states do not. Compare

Md. Code Com. Law § 14-3501(d) [as amended by House Bill 974 (May 4, 2017)] with Nevada Rev. Stat.

§ 603A.040.

111. Data Security Act of 2015, H.R. 2205, 114th Cong.; Data Security and Breach Notiﬁcation Act of 2015, H.R.

1770, 114th Cong.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

Portability

Digital identity systems potentially allow legal identity to be portable. Portable legal identity

means the individual’s veried identity credentials can be used to establish legal identity for new

customer relationships at unrelated nancial institutions or government entities, without each

nancial institution’s having to obtain and verify personally identiable information (PII) to

meet regulatory requirements. Portability requires developing interoperable digital identica-

tion products, systems, and processes. While not permitted in the private sector under current

regulations, trustworthy portable third-party digital identity services could potentially save

relying parties time and resources in identifying, verifying, and managing customer identities,

including for account opening and access. Portability could also potentially save customers

the inconvenience of having to prove and authenticate identity for each unrelated nancial

institution or government service, and reduce the risk of identity-theft stemming from the

repeated exposure of PII.

Components of a Digital Identity System

Digital identity systems may rely on various types of technology and use digital technology in

several ways,

112

but generally involve two essential components: (1) identity proong, enroll-

ment, and credentialing; and (2) authentication. ey may also involve a third component,

federation, which is optional, but allows identity to be portable. Identity proong and enroll-

ment may be digital or documentary, remote, or in-person. Credentialing, authentication, and

federation are always digital. Dierent identity service providers can provide some or all of the

components of a digital identity system.

Identity proong establishes that a subject is who they claim to be. It involves obtaining and

verifying that attribute evidence is genuine and accurate, and issuing a digital credential to

bind the veried identity to a real-life person. Identity proong depends on ocial govern-

ment registration and documentation/certication, or at least on governmentally recognized

registration and certication, for verication.

113

Authentication establishes that the person asserting identity is who he or she claims to be.

It involves conrming, through a secure digital authentication protocol, that the individual

asserting identity is in control of the technologies and credentials that bind the validated iden-

tity to a real person. Successful authentication provides reasonable, risk-based assurances to

the relying party that the subject asserting identity today is the same person who previously

112. For example, digital identity systems may use electronic databases to obtain and conﬁrm attribute information

and/or store and manage records; digital credentials to authenticate identity for accessing mobile, online, and

ofﬂine ﬁnancial activities; and digital biometrics to provide attributes to identify and/or a credential to authenti-

cate individuals.

113. National Institute of Standards and Technology, Digital Identity Guidelines – Enrollment and Identity Prooﬁng

Requirements, NIST Special Publication 800-63A (June 2017), available at: https://pages.nist.gov/800-63-3/

sp800-63a.html (“NIST 800-63A”).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • Consumer Financial Data

asserted identity and accessed a nancial service, and is in fact a given identied customer.

Trustworthy authentication is key for combating account-access identity fraud.

114

Federation involves the use of federated identity architecture and assertions to convey the

results of an authentication process and, if requested or required, attribute information to

relying parties across a set of networked systems.

115

e National Institutes of Standards and Technology (NIST) of the U.S. Department of

Commerce has recently established risk-based technical standards for each of the component

processes of a digital identity system (enrollment and identity proong; authentication and

lifecycle management; and federation),

116

which are mandatory for the federal government,

but only voluntary for the private sector.

Public-Private Roles

Both the government and the private sector have important roles in establishing a trustwor-

thy U.S. digital identity ecosystem. In the United States, the private sector is generally relied

upon to develop innovative identity products, services, and business models, while the federal

government is ultimately responsible for establishing the minimum substantive requirements

for proving legal identity, including core attributes and acceptable attribute evidence. Federal

and state government authorities also provide the ocial government registration and the

related ocial root identity evidence (e.g., birth certicates, passports) on which legal identity

currently depends.

Public and private sector stakeholders need to work together to develop trustworthy digital

legal identity products and services for use in the nancial sector and elsewhere. To facilitate

this objective, stakeholders should address a number of issues, including:

• How to leverage the NIST guidelines to establish exible, risk-based standards for digital

customer identication and verication, keyed to the risk levels associated with specic

customers and/or types of nancial products and services

• How to ensure the trustworthiness, privacy, and cybersecurity of identity service providers,

such as government or industry certication and supervision

• Business models and liability allocation appropriate for establishing portable legal identity

• Ways the public and private sectors can eectively work together to reduce regulatory

burden and catalyze the market for trustworthy digital identity products and services

114. National Institute of Standards and Technology, Digital Identity Guidelines – Authentication and Lifecycle

Management, NIST Special Publication 800-63B (June 2017), available at: https://pages.nist.gov/800-63-3/

sp800-63b.html (“NIST 800-63B”).

115. National Institute of Standards and Technology, Digital Identity Guidelines, NIST Special Publication 800-63-3

(June 2017), at 14-15, available at: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63-3.

pdf (“NIST 800-63-3”).

116. See NIST 800-63A, 800-63B, and NIST 800-63-3. The NIST digital identity guidelines set requirements for

three different levels of trustworthiness, called levels of assurance (LOAs), for each of these component pro-

cesses, based on the LOA’s degree of trustworthiness.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

Treasury recommends that nancial regulators work with Treasury to enhance public-private

partnerships to identify ways government can eliminate unintended or unnecessary regulatory

and other barriers and facilitate the adoption of trustworthy digital legal identity products

and services in the nancial services sector. is would include engaging the private sector to

help the nancial regulators adopt regulation in the legal identity space that is exible, risk-,

principles-, and performance-based, future-proofed, and technology-neutral. Treasury also

recognizes that the development of digital legal identity products and services in the nancial

services sector should be implemented in a manner that is compatible with solutions developed

across other sectors of the U.S. economy and government.

Treasury also supports the eorts of the Oce of Management and Budget to fully implement

the long-delayed U.S. government federated digital identity system. Treasury recommends

policies that would restore a public-private partnership model to create an interoperable digital

identity infrastructure and identity solutions that comply with NIST guidelines and would

reinvigorate the role of U.S. government-certied private sector identity providers, promoting

consumer choice and supporting a competitive digital identity marketplace. Treasury also seeks

to leverage the U.S. government federated identity system — in particular, its certication

and auditing regime for digital identity providers — to permit nancial institutions to use

digital identity services provided by certied providers to conduct customer identication and

verication for onboarding.

Finally, Treasury encourages public and private stakeholders to explore ways to leverage the

REAL ID Act

117

driver’s license regime — particularly, robust state REAL ID license identity-

proong processes — to provide trustworthy digital identity products and services for the

nancial sector.

The Potential of Scale

e ongoing digital transformation of the nancial services system is being driven not only by

developments in computing power, the expanding ubiquity and interconnection of computers and

mobile devices, and the exponential growth in digitized nancial data, but also by technologies

that can benet from advances in data and computing capacity at greater scale and with greater

eciency. Scalable technologies such as cloud computing enable nancial services companies to

store and process vast amounts of data and to quickly add new computing capacity to meet chang-

ing needs. At the same time, advances in big data analytics, machine learning, and articial intel-

ligence are expanding the frontiers of nancial services rms’ abilities to glean new and valuable

business insights from vast datasets.

Cloud Technology and Financial Services

Cloud technology is enabling organizations across the economy to more rapidly innovate by reduc-

ing barriers to entry to acquire high quality computing resources. Cloud computing, more speci-

cally, enables more convenient, on-demand access to computing resources (e.g., networks, servers,

1 17. Public Law No. 109-13.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

storage, applications, and services).

118

Cloud computing can be deployed through several models:

a public cloud, which refers to when these computing resources are available in a shared environ-

ment, accessible by multiple customers of the cloud service provider; a private cloud, which refers

to when these computing resources are dedicated for use by a single rm, but provided generally

in the same type of convenient, rapid, on-demand manner; or a hybrid cloud, which refers to an

arrangement consisting of a mix of cloud deployment models.

Figure 5: Cloud Adoption (percent of respondents)

Source: RightScale 2018 State of the Cloud Report.

Total Cloud Use = 96%

(percent of respondents)

Private cloud

75%

Public cloud

92%

Public and

Private

71%

Public

only

21%

Private

only

Before the broad availability of a public cloud, only large organizations with ample budgets were

able to cover the costs involved with building out large-scale internal information technology (IT)

infrastructures. Firms would have to make large capital expenditures on computing and network-

ing hardware as well as maintain ongoing operating expenses for multiple layers of software and

large IT stas. With public cloud services, however, rms of all sizes can essentially lease a range of

computing resources and expertise from cloud service providers, potentially at lower cost.

Several large technology-focused rms have been central to the development of cloud computing,

and the growth of the public cloud market in particular. To achieve the scale necessary to maxi-

mize the potential of this technology requires substantial resources. For this reason, these rms

continue to dominate the market though competition has increased. e adoption of public cloud

is occurring throughout the economy with, for example, survey data suggesting that some 92% of

118. National Institute of Standards and Technology, The NIST Deﬁnition of Cloud Computing, Special Publication

800-145 (Sept. 2011), at 2-3, available at: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublica-

tion800-145.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

businesses adopting at least some form of public cloud services.

119

Other sources forecast robust

growth in public cloud revenues

120

and data usage.

121

Types of Cloud Services

While traditional IT often requires rms to manage computing resources internally, cloud com-

puting is generally provided under three service models that provide varying degrees of outsourcing

and customization. Infrastructure-as-a-service (IaaS) gives clients the greatest overall control of

function and scale by allowing them to expand processing, storage, networks, and other essential

119. RightScale, Inc., RightScale 2018 State of the Cloud Report (2018).

120.

One market observer forecasts global public cloud revenue growing from $153.5 billion in 2017 to $186.4 bil-

lion in 2018, a 21.4% increase. See Gartner, Inc., Press Release – Gartner Forecast Worldwide Public Cloud

Revenue to Grow 21.4 Percent in 2018 (Apr. 12, 2018), available at: https://www.gartner.com/newsroom/

id/3871416.

121.

Cisco estimates, by 2021, 95% of global data center trafﬁc will come from cloud services and applications.

Annual global cloud trafﬁc will reach 19.5 zettabytes (ZB) by the end of 2021, up from 6.0 ZB in 2016. One

ZB is equal to sextillion bytes, or one trillion gigabytes. See Cisco, Cisco Global Cloud Index: Forecast and

Methodology 2016-2021 (2018), available at: https://www.cisco.com/c/en/us/solutions/collateral/service-pro-

vider/global-cloud-index-gci/white-paper-c11-738085.pdf.

Figure 6: T

raditional IT Compared to Cloud Computing

Source: Adapted from U.S. Department of Transportation, Uses of Cloud Technology for Geospatial Applications

Cloud Computing Service Models

Customer managed

Provider managed

Easier to

deploy

Easier to

customize

Enterprise IT

Infrastructure

as a service

Platform

as a service

Software

as a service

Data

Software

Runtime

Operating Systems

Network

Storage

Processors

Data

Software

Runtime

Operating Systems

Network

Storage

Processors

Data

Software

Runtime

Operating Systems

Network

Storage

Processors

Data

Software

Runtime

Operating Systems

Network

Storage

Processors

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

computing resources on-demand as needed.

122

In contrast, software-as-a-service (SaaS) allows cli-

ents to easily use a cloud provider’s software that runs on the cloud infrastructure,

123

but tends to

provide users the least exibility or customization. Platform-as-a-service (PaaS) models, which

122. Other service models are sometimes described by industry participants — for example, business-process-as-a-

service and data-as-a-service — but generally these can be seen as variants of SaaS, PaaS, or IaaS models.

123.

NIST further describes “cloud infrastructure” as consisting of the physical systems (for example, server, storage

and network components) and software applications that enable the essential cloud characteristics.

Figure 7: NIST Deﬁnition of Cloud Computing

Essential

characteristics

On-Demand Self-

Service

User can unilaterally provision server time, network storage, etc. as

needed without involving service provider.

Broad Network

Access

Capabilities are available over the network and accessed through

common mechanisms (e.g. a Web browser) and devices.

Resource Pooling Physical and virtual resources are shared across a large pool of users,

allowing for dynamic assignment according to users’ demands.

Rapid Elasticity Computing capabilities can be scaled rapidly up or down according

to users’ demands, such that any given user’s demand is met without

interruption.

Measured Service Users access capabilities as a service and pay only for resources

used.

Service

models

Software-as-a-Service

(SaaS)

End-user applications provided as a service only. User cannot manage

or control any underlying cloud infrastructure.*

Platform-as-a-Service

(PaaS)

Application platforms or middleware provided as a service on which

users can build and deploy custom applications using programming

languages, libraries and other tools supported by service provider.

Infrastructure-as-a-

Service (IaaS)

Broad and scalable computing capabilities provided as a service,

including processing, storage, networks, and operating systems,

enabling more control over deployed applications.

Deployment

models

Public Cloud The cloud infrastructure is available for open use by the general

public. It generally is owned by and exists on the premises of the

cloud service provider.

Private Cloud The cloud infrastructure is available for exclusive use by a single

organization. It may exist on or off premises and may be owned by the

organization, a third party, or both.

Community Cloud The cloud infrastructure is available for use only by a speciﬁc

community of users that have shared needs or concerns. It may be

owned by one or more of the community users, by a third party, or

some combination.

Hybrid Cloud The cloud exists as a conﬁguration of two or more distinct cloud

infrastructures (public, private, or community) that enables data and

application portability among the separate infrastructures.

* Cloud infrastructure includes network, servers, data, middleware, operating systems, storage, etc.

Source: National Institute of Standards and Technology.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

includes elements of IaaS, provides clients control over the deployment and conguration of soft-

ware applications, but without any control over the underlying cloud hardware/infrastructure.

Adoption in Financial Services

Financial institutions have been adopting cloud computing in part because of the benets it pro-

vides in eectively managing a rm’s IT and computing resources.

124

Many rms have chosen to

deploy private cloud or hybrid cloud structures to gain the benets of cloud while also retaining

greater control of their IT in order to satisfy regulatory or other requirements.

125

For certain uses,

however, nancial institutions are also adopting public cloud, including for tasks and processes

that are susceptible to surges in required computing power. is can include volatile workloads

associated with periodic stress testing, risk modelling and simulations, or other requirements where

computing resources may need to rapidly scale (e.g., payments).

All three types of cloud service models are also being deployed within nancial services. SaaS,

because it tends to be the easiest to deploy, has the most widespread uptake across nancial

institutions.

126

SaaS platforms can easily handle, for example, customer relationship management

and commercial lending software, as well as noncore services such as e-mail, payroll, billing, and

human resources that are amenable to outsourcing. Financial institutions are generally more likely

to utilize IaaS and PaaS service models to run more complex or enterprise-specic core services and

applications — including treasury, payments, retail banking, and regulatory functions.

Overall, the nancial services sector has reportedly been slower to adopt cloud computing than

other industries, though this appears to be changing. Industry research suggests that a signicant

proportion of nancial organizations still support much of their IT infrastructure in-house rather

than through a cloud service provider.

127

Banks, for example, have been slow to migrate core

activities for a number of reasons, including the criticality of such functions and the diculty

of transitioning away from legacy IT systems. However, expectations are for cloud adoption to

increase for the nancial services sector, just as with other sectors of the economy. Some analysts

124. In a May 2017 whitepaper, the Depository Trust & Clearing Corporation noted that the many relative bene-

ﬁts of cloud contributed to its decision to “strategically expand” the range of services and applications it runs

using cloud technology, asserting that cloud computing “has reached the tipping point as the capabilities, resil-

iency and security of services provided by cloud vendors now exceed those of many on-premises data centers.”

See Depository Trust & Clearing Corporation, Moving Financial Market Infrastructure to the Cloud (May 2017),

available at: http://perspectives.dtcc.com/media/pdfs/13161-Cloud-WhitePaper-05-11-17.pdf.

125.

Filip Blazheski, BBVA Research, Cloud Banking or Banking in the Clouds? (Apr. 29, 2016), available at:

https://www.bbvaresearch.com/wp-content/uploads/2016/04/Cloud_Banking_or_Banking_in_the_Clouds1.

pdf.

126. Id.

1 27. In a 2016 study, Peak 10, an IT consultancy (reorganized as Flexential in January 2018), found that 75%

of ﬁnancial services ﬁrms still support technology infrastructure in-house. See Peak 10, Financial Services

and IT Study: Tackling the Digital Transformation (2016), available at: http://www.peak10.com/2016-

ﬁnancial-services-and-it-study/; Flexential, Financial Services Cloud Adoption: Top Concerns for Making

the Move, blog post (May 2018), available at: https://www.ﬂexential.com/knowledge-center/blog/

ﬁnancial-services-cloud-adoption-top-concerns-making-move.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

expect large U.S. banks to process the vast majority of their computing needs on cloud platforms

within the next 5-10 years.

128

Issues and Recommendations

Overall Beneﬁts and Potential Risks

Cloud computing has helped increase the speed of innovation by allowing rms to more eciently

and rapidly deploy computing resources to meet business demands and extract usable insights

from large datasets.

Scalability, Speed, and Cost

Cloud computing, by enabling nancial institutions to rapidly scale up or down their use of

cloud applications and infrastructure, provides an ecient way to meet changing demands for

computing power and enhances rms’ abilities to bring new products and capabilities to market.

In a traditional enterprise IT environment, procuring a single new server, for example, could take

months to obtain necessary approvals and cost thousands of dollars. In contrast, cloud computing

can enable rms to acquire the same computing resources in minutes and potentially at a fraction

of the cost.

For new and smaller rms, the economies of scale and aordable cost structure of cloud are key fac-

tors in allowing rms to provide products at a scale, quality, and speed that they might otherwise

be unable to achieve. Large rms, too, benet from using cloud because of the sheer volume or

resources and magnitude of the economies of scale available through large cloud service providers.

Security and Resilience

Large cloud service providers typically have the resources and expertise to invest in and main-

tain state-of-the-art and comprehensive IT security and deploy it on a global basis across their

platforms. Financial institutions, especially small and mid-sized rms, could nd it economically

infeasible to achieve similar levels of security on their own. Moreover, because cloud service provid-

ers can rapidly re-distribute data across geographically diverse storage and processing centers, cloud

environments can potentially enhance rms’ strategies for business continuity and operational

resilience. Nevertheless, to maintain these advantages in terms of security and resilience, cloud

service providers must constantly guard against the risks of being targeted by bad actors.

Enabling Large-Scale Data Storage and Management

Critically, cloud enables the computing resources that are increasingly required by rms that must

manage or utilize vast volumes of data, whether for regulatory purposes or in order to build and

maintain competitive advantages. Firms in the nancial services industry can leverage powerful

machine learning and other data analytics tools to analyze large data sets with greater agility and

eectiveness in line with rms’ business models and strategies. ese tools can potentially be used

to comb through mountains of text-based documents, generate know-your-customer identity

128. Keith Horowitz et al., Citi Research, U.S. Banks: Transformational Changes Unfolding in Journey to the Cloud

(Jan. 10, 2018).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

maps by conducting pattern of life analytics, and convert voice-based input into text and insights

about sentiment and intent.

e growth of cloud services also presents certain challenges, including potentially high transition-

ing costs, security and data privacy considerations, regulatory compliance standards, unrealized

or over-sold cost savings compared to in-house IT management, and connectivity speed. Further,

rms may face high switching costs if they seek to change cloud service providers and may nd

themselves with little pricing power relative to the large providers. However, many of these chal-

lenges can be addressed through appropriate adaptation of cloud computing services, such as

deployment of a private or hybrid cloud, choice of service model, provision of data availability and

resilience measures, and other appropriate risk management of outsourcing contracts.

Regulatory Challenges in Adoption

Regulatory compliance issues continue to present challenges to the broader adoption of and

migration to cloud technology by nancial services rms. Cloud Security Alliance, an industry

group, reported in March 2015, for example, that 71% of respondents to a survey on cloud

adoption by nancial services rms cited “regulatory restrictions” as a key reason, second only

to “data security concerns” that was cited by 100% of respondents, for why they had not yet

adopted cloud technology.

129

Financial services rms face several regulatory challenges related to the adoption of cloud, driven

in large part by a regulatory regime that has yet to be suciently modernized to accommodate

cloud and other innovative technologies. e large number of regulators involved with allowing

the use of cloud in nancial services can present administrative burdens, as well as challenges with

inconsistent requirements. Inconsistencies in regulators’ experience with cloud computing and in

the knowledge base at the examiner level may also be a contributing factor.

130

Regulatory Outsourcing Guidelines

Financial institutions continue to seek certainty from regulators with regard to permissible uses of

public cloud services, and some have indicated that they are hesitant to adopt or migrate to cloud

services due in part to regulatory guidance that is either inconsistent or unclear or not well adapted

for cloud services. For example, rms have expressed uncertainty over whether regulators’ third-

party service provider guidance applies to all or only some cloud deployment models (IaaS, PaaS,

and SaaS). Firms are also uncertain as to whether regulators would accept a broader migration to

129. Cloud Security Alliance, How Cloud is Being Used in the Financial Sector: Survey Report (Mar. 2015), at 10,

available at: https://downloads.cloudsecurityalliance.org/initiatives/surveys/ﬁnancial-services/Cloud_Adoption_

In_The_Financial_Services_Sector_Survey_March2015_FINAL.pdf.

130. See Securities Industry and Financial Markets Association, Promoting Innovation in Financial Services (Apr. 6,

2018), at 37-38 (submission to Treasury).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

the cloud for core activities, because nancial services rms manage highly sensitive and important

customer data and perform critical functions for the economy.

131

Some of the regulatory guidance may also not be well adapted to cloud. Compliance with regu-

latory guidance that requires nancial institutions to maintain physical access audit rights, for

example, can present challenges, including the ability of nancial institutions to negotiate on-site

access, given a cloud service provider potentially has hundreds or thousands of clients. In the case

of vendor audit requirements, industry and market participants have suggested that U.S. nancial

regulators seek to incorporate independent U.S. audit and certication standards for cloud service

providers, which may provide more ecient, consistent and useful means of assessing such services.

Further, these regulatory issues may have implications for a bank’s relationship with a third party

that itself uses a cloud service provider (i.e., a fourth party). ese “chain outsourcing” issues can

present challenges to banks looking to partner with third parties that use cloud services.

Data Localization

Data stored on the cloud can easily be moved and stored anywhere. Cloud computing is not

naturally geo-centric; rather, data can be compartmentalized, moved, and processed wherever

there is available storage and processing capacity. ese capabilities, however, do not necessarily

impede the ability of U.S. nancial regulators to maintain access to regulated entities’ electronic

books and records for monitoring, surveillance, and other regulatory purposes, including during

a nancial crisis. Nevertheless, some jurisdictions have imposed requirements that mandate that

data be stored or processed within national borders — so-called localization requirements – or

considered such requirements.

132

Data localization can have unintended and harmful eects on

competition, innovation, and economic growth. Concerns about data security and access can be

better addressed through technology, enhanced security controls, contractual arrangements, and

bilateral or multi-jurisdictional agreements.

Outdated Record Keeping Rules

Certain rules prescribe technology requirements that may be out of date or that unnecessarily

hinder adoption of new technologies such as cloud computing. Rule 17a-4 under the Securities

Exchange Act of 1934,

133

for example, requires any electronic media used by broker-dealers to be

131. Ongoing work by industry groups and other public-private sector partnerships can perhaps be instructive in

helping regulators achieve harmonization, within and across jurisdictions, of standards and requirements to pro-

vide greater regulatory certainty. The work of the NIST Cloud Computing Standards Roadmap Working Group,

an industry-academia-regulatory collaboration, is one such effort. See National Institute of Standards and

Technology, NIST Cloud Computing Standards Roadmap, Special Publication 500-291, Version 2 (July 2013),

available at: https://www.nist.gov/sites/default/ﬁles/documents/itl/cloud/NIST_SP-500-291_Version-2_2013_

June18_FINAL.pdf.

132.

There are limited examples of such restrictions today in the United States. Section 9.3.15.7 of Internal Revenue

Service Publication 1075 requires that any agency using external information system services to process, store,

or transmit federal tax information “restrict the location of [such systems] to areas within the United States ter-

ritories, embassies, or military installations.” See Internal Revenue Service, Publication 1075 — Tax Information

Security Guidelines for Federal, State and Local Agencies: Safeguards for Protecting Federal Tax Returns and

Return Information (Sept. 2016), at 95, available at: https://www.irs.gov/pub/irs-pdf/p1075.pdf.

133.

17 C.F.R. § 240.17a-4

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

stored under the “Write Once, Read Many” or “WORM” format. In eect, the rule compels rms

to record and store static snapshots of data, which can be more costly and potentially less secure

than employing more dynamic data storage capabilities.

Recommendations

Treasury recognizes that cloud computing is a key technology with the potential to allow nancial

institutions to signicantly enhance their ability to innovate, better serve businesses and consum-

ers, and compete both domestically and abroad.

Treasury recommends that federal nancial regulators modernize their requirements and guidance

(e.g., vendor oversight) to better provide for appropriate adoption of new technologies such as cloud

computing, with the aim of reducing unnecessary barriers to the prudent and informed migration

of activities to the cloud. Specic actions U.S. regulators should take include: formally recogniz-

ing independent U.S. audit and security standards that suciently meet regulatory expectations;

addressing outdated record keeping rules like SEC Rule 17a-4; clarifying how audit requirements

may be met; setting clear and appropriately tailored expectations for chain outsourcing; and pro-

viding sta examiners appropriate training to implement agency policy on cloud services.

Treasury further recommends that a cloud and nancial services working group be established

among nancial regulators so that cloud policies can benet from deep and sustained understand-

ing by regulatory authorities. Financial regulators should support potential policies by engaging

key industry stakeholders, including providers, users, and others impacted by cloud services.

Separately, Treasury encourages private industry cloud services providers to proactively formulate

standards appropriate for the United States that might address the potential risks presented by the

growing use of cloud technology.

Financial regulators in the United States should seek to promote the use of cloud technology

within the existing U.S. regulatory framework to help nancial services companies reduce the risks

of noncompliance as well as the costs associated with meeting multiple and sometimes conicting

regulations.

134

Regulators should be wary of imposing data localization requirements and should

instead seek other supervisory or appropriate technological solutions to potential data security,

privacy, availability, and access issues.

134. This should also include development of information and communications technology standards to improve

the interoperability and portability of the cloud. In cloud computing, interoperability refers to the abil-

ity of different systems or components, such as those of a ﬁnancial services company and a cloud ser-

vices provider, to exchange and use information or to otherwise work together successfully, while portabil-

ity refers to the ability to move and adapt applications and data between systems, including the different

cloud deployment models or the systems of other cloud services providers. Recent E.U. action has sought

to make progress in this area. See European Commission, FinTech Action Plan: For a More Competitive

and Innovative European Financial Sector (Mar. 8, 2018), available at: http://eur-lex.europa.eu/resource.

html?uri=cellar:6793c578-22e6-11e8-ac73-01aa75ed71a1.0001.02/DOC_1&format=PDF.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

Big Data, Machine Learning, and Artiﬁcial Intelligence in Financial Services

e application of articial intelligence (AI) to a wide array of uses across the economy,

135

includ-

ing nancial services, has greatly increased over the past few years. e concept of AI can vary

meaningfully, but generally is associated with eorts to enable machines or computers to imitate

aspects of human cognitive intelligence, such as vision, hearing, thinking, and decision making.

AI and machine learning algorithms have powered many innovations across the broader economy,

spanning the power of internet search engines, facial-recognition software, and the potential for

autonomous cars.

One of the primary sub-branches of AI development is known as machine learning. Machine learn-

ing generally refers to the ability of software to learn from applicable data sets to “self-improve”

without being explicitly programmed by human programmers. e nature of “improvement” in

the software would depend on the specic machine learning use-case, but could include the quality

of image-recognition, the ability to more accurately and eciently identify money laundering, or

the ability to accurately predict fraud, borrower default, or the most useful web links in response

to a set of search terms. In general, the more data available for the machine learning models, the

better such models will perform because of their ability to learn from the examples in an iterative

process referred to as “training the model.”

Machine learning has been around in some form since at least the 1940s and advanced rapidly

in recent years.

136

It can span several categories: classical machine learning, which would include

supervised learning (focusing on advanced regressions and categorization of data that can be used

to improve predictions) and unsupervised learning (processing input data to understand the dis-

tribution of data to develop, for example, automated customer segments); and deep and reinforce-

ment learning (which is based on neural networks, and may be applied to unstructured data like

images or voice).

137

Several interrelated developments in technology have enabled this environment:

• Dramatic improvements in the availability and aordability of computing capacity

through, for example, cloud computing and the general improvements in computer

hardware.

• An explosion in the abundance of digitized data and its analysis, sometimes referred to as

“big data.” Consider that by 2020, digitized data is forecasted to be generated at a level

that is more than 40 times the level produced in 2009.

138

In 2012, it was estimated that

90% of the digitized data in the world had been generated in just the prior two years.

139

135. Ananad Rao, A Strategist’s Guide to Artiﬁcial Intelligence, Strategy + Business (Summer 2017), available at:

https://www.strategy-business.com/article/A-Strategists-Guide-to-Artiﬁcial-Intelligence.

136.

See id.

1 37. Marko Kolanovic and Krishnamachari Rajesh, J.P. Morgan Securities LLC, Big Data and AI Strategies: Machine

Learning and Alternative Data Approach to Investing (May 2017).

138.

A.T. Kearney, Big Data and the Creative Destruction of Today’s Business Models (2013), at 2, available at:

https://www.atkearney.com/documents/10192/698536/Big+Data+and+the+Creative+Destruction+of+Today

s+Business+Models.pdf/f05aed38-6c26-431d-8500-d75a2c384919 (discussing Oracle forecast).

139. Id.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

Since 2012, more than a billion more people have been added to the internet (2.5 billion

people connected to the internet in 2012 compared to 3.7 billion people in 2017).

140

• e proliferation of mobile devices and other internet connected devices (e.g., wear-

able devices, household appliances, components in industrial production), sometimes

referred to as the “internet of things.” Globally, there are an estimated 27 billion devices

(including smartphones, tablets, and computers) currently connected to the internet,

with expectations for 125 billion connected devices by the year 2030.

141

ese devices

are enabling new streams of data that are being used by businesses to eectively digitize

many dimensions of interaction in our physical world. Information from cars, phones,

cameras, watches, manufacturing plants, are all being collected and available for analysis.

ese factors are highly interwoven. e sheer magnitude of data that is now available demands

analytical tools, like AI, to capably process and make use of the vast amounts of information, which

is only expected to accelerate in volume, velocity, and variety. In some use-cases, for example,

manual processes are simply unusable given the amount of data that exists. Cloud service provid-

ers, recognizing that many cloud-service users are also in need of adequate analytical tools, are

providing various services designed to enable users to deploy an array of AI capabilities.

142

Figure 8: Global Investment T

rends in

Artificial Intelligence

Source: CBInsights, Top AI Trends to Watch in 2018, at 25.

$15.2

$6.3

$4.6

$3.5

$1.7

1,349

310

482

635

888

Disclosed funding

($ billions)

Disclosed deals

2013 20152014 20172016

Deployment in Financial Services

Investment in AI and machine learning has been

accelerating over the past several years with a

large share of such investment focused on rms

looking to deploy AI and machine learning in

nancial services. Adoption of AI within nancial

services is driven by a number of factors such as

the large and growing availability of data within

nancial services, including through third-party

consumer nancial data aggregators discussed

elsewhere in this report, and the expectation that

the use of machine learning and AI will increas-

ingly be a driver of competitive advantage for

rms through both improving rm’s eciency

by reducing costs and enhancing the quality

of nancial services products demanded by

140. Id.

141. IHS Markit, The Internet of Things: A Movement, Not a Market (Oct. 2017), at 2, available at: https://cdn.ihs.

com/www/pdf/IoT_ebook.pdf. For projections that do not consider computers and phones at: Gartner, Inc.,

Press Release – Gartner Says 8.4 Billion Connected “Things” Will be in Use in 2017, up 31 Percent from

2016 (Feb. 7, 2017), available at: https://www.gartner.com/newsroom/id/3598917.

142.

See, e.g., Amazon Web Services¸ Amazon Machine Learning Documentation, available at: https://aws.amazon.

com/documentation/machine-learning/; Microsoft Azure, Azure AI: Artiﬁcial Intelligence Productivity for Virtually

Every Developer and Scenario, available at: https://azure.microsoft.com/en-us/overview/ai-platform/; Google

Cloud¸ Cloud Machine Learning Engine, available at: https://cloud.google.com/ml-engine/; and IBM, AI, Machine

Learning and Cognitive Computing Services, available at: https://www.ibm.com/services/artiﬁcial-intelligence.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

customers.

143

Global banks, for example, report they expect application of these tools to deliver

long-term cost eciencies, risk management benets, and revenue expansion opportunities.

144

An extensive array of AI and machine learning use-cases are being considered and deployed within

nancial services, spanning the front-end (customer-facing) to back-oce operations of a broad-

set of nancial services activities. ese use-cases include:

145

Risk mitigation and surveillance: Financial institutions and regulators, for example, are using

machine learning-enabled software to help conduct surveillance of trader behavior by combining

transaction data and unstructured text (e.g., e-mail, messaging) and voice data to help identify sus-

picious trading activities.

146

Machine learning may additionally be used to help reduce fraud and

conduct surveillance for money-laundering and other illicit nancing risks. Financial regulators are

also beginning to employ machine learning to enhance their own analysis and understanding of

economic and nancial markets.

147

Enhancing investment analysis, trading strategies, and operations: Machine learning-based soft-

ware can also be used to augment human investment analysis in a variety of ways. One rm’s

product allows users to ask simple text questions (like an internet search engine) to generate instant

correlation analyses between a broad span of potential market-moving data and nancial asset

prices, which could be used to greatly accelerate investment analyses.

148

Other use-cases include

optimizing trade execution

149

and portfolio management and trading strategies at quantitative-

oriented asset managers and hedge funds.

150

143. PricewaterhouseCoopers, Top Financial Services Issues of 2018 (Dec. 2017), available at: https://www.pwc.

se/sv/pdf-reports/ﬁnansiell-sektor/top-ﬁnancial-services-issues-of-2018.pdf (discussion of artiﬁcial intelligence

and digital labor).

144. Laura Noonan, AI in Banking: The Reality Behind the Hype, Financial Times (April 12, 2018) (“Noonan AI in

Banking”).

145.

For further examples, see Lex Sokolin, Autonomous NEXT, #Machine Intelligence & Augmented Finance:

How Artiﬁcial Intelligence Creates $1 Trillion of Change in the Front, Middle and Back Ofﬁce of the Financial

Services Industry (Apr. 2018); Michael Chui et al., McKinsey Global Institute, Notes from the AI Frontier:

Applications and Value of Deep Learning (Apr. 2018), available at: https://www.mckinsey.com/featured-

insights/artiﬁcial-intelligence/notes-from-the-ai-frontier-applications-and-value-of-deep-learning; Darrell West

and John R. Allen, Brookings Institution, How Artiﬁcial Intelligence is Transforming the World (Apr. 2018), avail-

able at: https://www.brookings.edu/research/how-artiﬁcial-intelligence-is-transforming-the-world/.

146.

Tony Sio, Nasdaq, Changing the Game: Artiﬁcial Intelligence in Market Surveillance, blog post (Apr. 2017),

available at: http://business.nasdaq.com/marketinsite/2017/Changing-The-Game-Artiﬁcial-Intelligence-In-

Market-Surveillance.html.

1 47. See, e.g., Andrew Haldane, Bank of England, Will Big Data Keep Its Promise? (Apr. 2018), available at: https://

www.bankofengland.co.uk/-/media/boe/ﬁles/speech/2018/will-big-data-keep-its-promise-speech-by-andy-hal-

dane.pdf.

148. See Antoin Gara, Wall Street Tech Spree: With Kensho Acquisition S&P Global Makes Largest A.I. Deal

In History, Forbes (Mar. 6, 2018), available at: https://www.forbes.com/sites/antoinegara/2018/03/06/

wall-street-tech-spree-with-kensho-acquisition-sp-global-makes-largest-a-i-deal-in-history/.

149. See Laura Noonan, JPMorgan Develops Robot to Execute Trades, Financial Times (July 31, 2017)

150.

See Financial Stability Board, Artiﬁcial Intelligence and Machine Learning in Financial Services: Market

Developments and Financial Stability Implications (Nov. 1, 2017), at 18, available at: http://www.fsb.org/wp-

content/uploads/P011117.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

Customer-interface: Many nancial services rms are employing chat-bots, which are digital

customer-facing assistants that are powered by machine learning software that takes advantage

of advancements in natural-language processing. For example, customers can text message with a

bank through a messaging platform (and voice as well) in a conversational style to engage in certain

account services. While current services are fairly limited in U.S. applications, expectations are that

these systems will evolve to enable a much richer set of customer-facing services.

151

Underwriting decisions: Firms have begun to employ machine learning based models to assist

in underwriting decisions for purposes of extending credit to consumers and small businesses.

Insurance rms are also using these techniques to price and market insurance products.

While many of these eorts remain in the early stages of testing and deployment, several use-cases

appear poised for more wide-spread adoption. Within the banking industry, for example, large

percentages of U.S. banks report either current or planned AI deployment within the next 18

months across the following use-cases: more than 60% in biometrics, about 60% in fraud &

security detection, about 55% in chatbots or robo-advisers; and about 35% in voice assistants.

152

Issues and Recommendations

e expected rapid adoption of AI and machine learning within the nancial services industry, and

the economy more broadly, raises a number of important policy considerations.

Beneﬁts and Risks from Competition in AI and Big Data

Firms expect that the eective use of AI, machine learning and big data analysis will be a key source

of competitive advantage, which is spurring investment and competition.

153

Smaller rms may now

be able to compete providing new algorithms, in part because barriers to develop such software

have declined with the availability of aordable data processing capacity. Traditional nancial ser-

vices players may be able to leverage their product expertise while technology rms may be able to

leverage their experience and deployment in AI in other contexts. Investment managers may look

to employ new data sources or tools to deliver improved relative investment performance.

154

is

multi-faceted competition can provide benets to end-users and consumers of nancial services

through more aordable and higher-quality products that are more personalized and provided

with greater overall convenience. e development of AI is expected to yield substantial benets

151. Brian Patrick Eha, This is How Financial Services Chatbots are Going to Evolve,

American Banker (May 26, 2017), available at: https://www.americanbanker.com/news/

this-is-how-ﬁnancial-services-chatbots-are-going-to-evolve.

152. See Citigroup Global Markets Inc., Bank of the Future: The ABCs of Digital Disruption in Finance (Mar. 2018)

(citing Business Insider Intelligence, AI in Banking and Payments (Feb. 2018)).

153.

PricewaterhouseCoopers, Artiﬁcial Intelligence and Digital Labor in Financial Services, available at: https://

www.pwc.com/us/en/industries/ﬁnancial-services/research-institute/top-issues/artiﬁcial-intelligence.html (last

accessed June 1, 2018) (noting that about half (52%) of those in the ﬁnancial services industry said they are

currently making “substantial investments” in AI and that almost three out of four (72%) business decision mak-

ers expect that AI will be the business advantage of the future).

154.

Tammer Kamel, Quandl, Alternative Data – The Trend in Financial Data, blog post (Apr. 12, 2016), available

at: https://blog.quandl.com/alternative-data (discussing why alternative data can provide a source of potential

‘alpha’ for investment professionals).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

to the broader economy and nancial services.

155

PricewaterhouseCoopers estimated that by 2030,

AI technologies could increase North American gross domestic product (GDP) by $3.7 trillion

and global GDP in $15.7 trillion.

156

Within the nancial services sector, large banks report that AI

could help cut costs and boost returns.

157

e strength and nature of the competitive advantages created by advances in AI could also

harm the operations of ecient and competitive markets if consumers’ ability to make informed

decisions is constrained by high concentrations amongst market providers. Some analysts cau-

tion that the path of AI-based nancial services technology may be similar to the path of other

technology-based platforms that have trended toward high-levels of market concentration (e.g., in

internet search and messaging).

158

An AI/machine learning model’s performance improves through

an abundance of data. Models that have a large market presence, therefore, have a built-in self-

reinforcing advantage as their gains in market share improve the model’s performance, which could

in turn further their gain in market share.

Legal and Employment Challenges

As the implications of the wide-spread adoption of AI become clearer, responsible parties are

sounding alarms on potential complex downside risks.

Detecting versus promoting fraud: Even as AI and machine learning tools are being used to

help detect fraud through risk models and image-recognition software, other applications of this

technology could be used to circumvent fraud detection capabilities. For example, the digital

rendering of fraudulent videos and audios may become indistinguishable from actual video and

audio, which would raise signicant challenges to authentication and verication functions

within nancial services.

159

Compatibility of legal and algorithmic decision-making: One advantage of machine learning and

AI methods is that they can potentially help avoid discrimination based on human interactions

by ceding aspects of such decision making to an algorithm. However, these methods may also risk

discrimination through the potential to compound existing biases, through training models with

biased data and the identication of spurious correlations.

160

One consideration will be to ensure

that decisions based upon an algorithm do not rely on incorrect, or perhaps even fraudulent, data,

155. McKinsey Global Institute, Artiﬁcial Intelligence: The Next Digital Frontier (June 2017), available at: https://

www.mckinsey.com/business-functions/mckinsey-analytics/our-insights/how-artiﬁcial-intelligence-can-

deliver-real-value-to-companies (discussing the potential value of AI in other sectors of the economy).

156. PricewaterhouseCoopers, Sizing the Prize: What’s the Real Value of AI for Your Business and How Can You

Capitalise? (2017), available at: https://www.pwc.com/gx/en/issues/analytics/assets/pwc-ai-analysis-sizing-

the-prize-report.pdf.

1 57. See Noonan AI in Banking.

158. See, e.g., Sokolin.

159. Penny Crosman, Bank of America, Harvard Form Group to Promote Responsible AI,

American Banker (Apr. 10, 2018), available at: https://www.americanbanker.com/news/

bank-of-america-harvard-form-group-to-promote-responsible-ai.

160. See, e.g., Cathy O’Neil, Weapons of Math Destruction: How Big Data Increases Inequality and Threatens

Democracy (2016); Mikella Hurley and Julius Adebayo, Credit Scoring in the Era of Big Data, 18 Yale J. L. &

Tech. 148 (2016).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

or alternatively base decisions on proxies for illegal discrimination. Another key consideration is

the appropriate role of humans in a decision-making process informed by algorithms that may be

unable to provide an adequate explanation of its decision-making process nor self-correct for biases

built into the data or model design.

161

Employment risks and opportunities: Financial services rms expect the widespread adoption of

AI and robotic automation processes to create signicant demand for employees with applicable

skills in AI methods, advanced mathematics, software engineering, and data science. However,

executives also expect the application of these technologies to result in potentially signicant job

losses across the industry.

162

Data Privacy

e deployment of AI and machine learning models could result in a higher overall quality of nan-

cial services products being delivered to consumers. At the same time, the ubiquity and continuous

owing nature of data required to train AI and machine learning models can raise various data

protection and privacy concerns. As data becomes ubiquitous, consumer’s nancial and nonnancial

data may be increasingly shared without their understanding and informed consent. Moreover, the

power of AI and machine learning tools may expand the universe of data that may be considered

sensitive as such models can become highly procient in identifying users individually.

163

Regulatory Challenges Related to Transparency, Auditability, and Accountability

In the lending context and many other nancial services use-cases, the underlying complexity of

AI and machine learning-based models (often referred to as “black boxes”) raises challenges in the

transparency and auditing of these models. Many U.S. laws or regulations have been designed

around a baseline expectation of auditability and transparency that may not be easily met by

these models. As these types of models are deployed in increasingly high-value decision-making

use-cases, such as determining who gets access to credit or how to manage an investment portfolio,

questions regarding how to maintain accountability become fundamental.

With respect to lending, for example, U.S. rules require that a creditor provide a notication when

a borrower has been denied credit.

164

In light of the increasing complexity of machine learning, it

can be challenging to express the underpinnings of these analytical insights to rms, borrowers,

and regulators.

165

161. See Nick Bostrom and Yudkowsky Eliezer, The Ethics of Artiﬁcial Intelligence, The Cambridge Handbook of

Artiﬁcial Intelligence (Keith Frankish and William M. Ramsey, eds., 2014).

162.

See Noonan AI in Banking.

163. The Future: The Sunny and Dark Side of AI, The Economist (Mar. 31, 2018).

164.

Federal Trade Commission, Big Data: A Tool for Inclusion or Exclusion? (Jan. 2016), at 14, available at:

https://www.ftc.gov/system/ﬁles/documents/reports/big-data-tool-inclusion-or-exclusion-understanding-

issues/160106big-data-rpt.pdf.

165. Eva Wolkowitz and Sarah Parker, Center for Financial Services Innovation, Big Data, Big Potential: Harnessing

Data Technology for the Underserved Market (2015), available at: https://s3.amazonaws.com/cfsi-innovation-

ﬁles/wp-content/uploads/2017/02/13062352/Big-Data-Big-Potential-Harnessing-Data-Technology-for-the-

Underserved-Market.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Embracing Digitization, Data, and Technology • The Potential of Scale

In the investment management context, for example, machine learning-based algorithms and

alternative data sources are currently being deployed in nancial markets by a subset of quanti-

tative-oriented funds, with the expectation of increased adoption by other such funds. While the

application of these tools could yield valuable investment insights for some investment portfolios

and activities, the opacity of the models may raise challenges for supervisors and users of these

models to monitor risk and understand how they may interact with one another, particularly in

times of broad market stress.

166

Recommendations

Treasury recognizes that the increased application of developing AI and machine learning technolo-

gies can provide signicant benets by improving the quality of nancial services for households

and businesses and supplying a source of competitive strength for U.S. rms. Regulators, therefore,

should not impose unnecessary burdens or obstacles to the use of AI and machine learning and

should provide greater regulatory clarity that would enable further testing and responsible deploy-

ment of these technologies by regulated nancial services companies as the technologies develop.

e Administration has made harnessing AI and high-performance computing, including machine

learning and autonomous systems, a federal research and development priority.

167

In May 2018, the

White House hosted a summit of more than 100 senior government ocials, technical experts, and

business leaders to discuss policies to support continued American innovation in AI across industrial

sectors.

168

Participants at the summit, including Treasury, recognized the importance of enabling

high-impact, research and development eorts to advance AI. Treasury recommends that nancial

regulators engage with the Select Committee on Articial Intelligence,

169

in addition to pursuing

other strategic interagency AI eorts. Engagement in such eorts should emphasize use-cases and

applications in the nancial services industry, including removing regulatory barriers to deployment

of AI-powered technologies. Other potential issues to consider as part of that engagement include:

an appropriate emphasis on human primacy in decision making for higher-value use-cases relative to

lower-value use-cases, the importance of cost-benet assessments for regulatory actions, preparation

of the work force for the trend toward digital labor, transparency of model use for consumers, robust-

ness against manipulation (e.g., in market contexts), and accountability of human beings.

166. See Financial Stability Board, Artiﬁcial Intelligence and Machine Learning in Financial Services: Market

Developments and Financial Stability Implications (Nov. 1, 2017), at 18 and 33-34, available at: http://www.

fsb.org/wp-content/uploads/P011117.pdf.

1 67. Ofﬁce of Management and Budget, Fiscal Year 2019 Analytical Perspectives, at 236, available at: https://www.

whitehouse.gov/wp-content/uploads/2018/02/spec-fy2019.pdf.

168.

The White House Ofﬁce of Science and Technology Policy, Summary of the 2018 White House Summit on

Artiﬁcial Intelligence for American Industry (May 10, 2018), available at: https://www.whitehouse.gov/wp-con-

tent/uploads/2018/05/Summary-Report-of-White-House-AI-Summit.pdf.

169. The Select Committee is chaired by the White House Ofﬁce of Science and Technology Policy, the National

Science Foundation (NSF), and the Defense Advanced Research Projects Agency (DARPA). Senior fed-

eral ofﬁcials participating on the Select Committee include the Undersecretary of Commerce for Standards

and Technology, the Undersecretary of Defense for Research and Engineering, the Undersecretary of Energy

for Science, the Director of NSF, and the Directors of DARPA and the Intelligence Advanced Research

Projects Activity as well as representatives from the National Security Council, the Ofﬁce of the Federal Chief

Information Ofﬁcer, and the Ofﬁce of Management and Budget.

Aligning the Regulatory Framework

to Promote Innovation

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Overview

Technological innovation in the provision of nancial services is creating opportunities to serve

customers and markets more eciently. However, the regulatory framework, for banks and

nonbanks alike, must evolve to enable innovation on an orderly and sustainable basis. Nonbank

nancial service providers generally operate within a largely state-based regulatory regime requir-

ing compliance with a disparate set of standards across individual states and territories that can be

cumbersome and produce conicting guidance for entities operating on a national basis.

170

Innovation will best ourish if the current federal and state regulatory models evolve to keep pace

with technological change. is evolution could include eorts by the states to harmonize their

regulatory and supervision regimes; the Oce of the Comptroller of the Currency’s (OCC) special

purpose national bank charter; and encouragement of the bank partnership model with ntech rms.

As nancial services continue to be shaped by new technologies and business models, the tradi-

tional distinctions between permitted banking activities and other information-intensive digital

activities are being tested, which will require exible and eective regulatory approaches. Existing

bank regulations and supervision of a broad spectrum of third-party technology service providers

and relationships require additional attention to enable innovative partnerships and provide for

more streamlined and tailored oversight.

Challenges with State and Federal Regulatory

Frameworks

State Oversight and Harmonization Challenges

State laws and regulations currently provide the primary regulatory framework for many types of

nonbank nancial services rms, including rms deploying new and innovative technologies and

products. State banking departments and nancial regulatory agencies oversee various types of

nonbank rms and activities, including: consumer nance companies, money services businesses

(MSBs), debt collection businesses, and mortgage loan originators. State nancial regulators’

authorities over these nonbank rms can include rm licensing requirements; safety and soundness

regulation, including permissible investments and required reserves; product limitations; interest

rate limits; examinations; and enforcement authority for violation of state and federal laws.

Lending and Servicing

State nancial regulators regulate nonbank consumer lenders primarily for purposes of consumer

protection. Nonbank lenders that operate in multiple states must acquire lending or credit licenses

for each applicable state. As a result, geographic expansion can only generally be accomplished

through repeated licensing eorts, each with a state-specic regulatory regime. States’ lending

170. With the passage of Dodd-Frank, the Bureau of Consumer Financial Protection was granted expansive federal

regulatory powers over nonbank ﬁnancial services companies, but Dodd-Frank did not preempt state laws that

provided greater consumer protection. See 12 U.S.C. § 5551(a).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Challenges with State and Federal Regulatory Frameworks

license applications often require submission of a business plan and nancial statements, credit

reports and ngerprints from the rm’s ocers, and a surety bond. State regulators oversee lend-

ers active across a broad set of consumer lending segments, including short-term, small dollar,

mortgage, auto, and other unsecured credit.

State-specic requirements would benet from additional harmonization. For example, some states

may require a physical oce presence,

171

some require broker licenses or licenses for commercial

loans,

172

and others set dierent maximum loan interest rate requirements.

173

Dierences in usury

limits imposed by states also materially impact which products are available to consumers.

Payments and Money Transmission

Money transmitters are generally nonbank rms that transfer or receive funds on behalf of indi-

viduals. As with nonbank credit providers, individual states each license and supervise money

transmitters with the general goals of maintaining the safety and soundness of these businesses,

ensuring nancial integrity, protecting consumers, and preventing ownership of money transmit-

ters for illicit purposes (e.g., money laundering or fraud). e denition of money transmission

can vary signicantly by state (as can exceptions from the denition), posing operational challenges

and potentially chilling economically benecial money transmission activity –— particularly

innovative, technology-based money transmission. If a statutory exception does not apply, money

transmitter licenses are required for numerous activities oered by nonbanking rms beyond just

remittance services, to rms that could include online payment, digital wallet services, and bill

payment services.

174

As a general matter, any rm with a nationwide footprint (and especially those that have only a

digital presence) will require a license in, and be subject to examination by, every state in which it

operates. ere are currently 49 states plus the District of Columbia and Puerto Rico that impose

some sort of licensing requirement in order to engage in the business of money transmission or

money services. As with lending and credit, money transmitter licensing requirements often vary

by state, but generally include requirements to submit credit reports, business plans, and nancial

statements; and a requirement to maintain a surety bond to cover losses that might occur. Some

states may also ask for information regarding policies, procedures, and internal controls. ese

171. Arizona, Hawaii, Missouri, North Carolina, Nevada, South Carolina, and Texas require a physical ofﬁce to obtain

a license as a mortgage lender or broker.

172

. California, New York, and Vermont require a license for commercial lenders, while most states only require a

license for consumer loans.

173.

See Loanback.com, Usury Laws by State (Mar. 2, 2011), available at: http://www.loanback.com/category/

usury-laws-by-state.

174

. Money transmitters are deﬁned for federal purposes by FinCEN for purposes of the Bank Secrecy Act, 31

U.S.C. § 5311 et seq. Money transmitters generally include any person that provides money transmission ser-

vices or is engaged in the transfer of funds. The term money transmission services means the acceptance of

currency, funds, or other value that substitutes for currency and transmission to another location or person by

any means. Money transmitters are considered to be a type of “money services business” (MSB). MSBs are

certain nonbank ﬁnancial institutions that do business in any of the following capacities: money transmitter;

currency dealer or exchange, check casher, provider or seller of prepaid access, issuer or seller of traveler’s

checks, or money orders; U.S. postal service. See 31 C.F.R. § 1010.100(ff).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Challenges with State and Federal Regulatory Frameworks

requirements do not apply to banks because state money transmitter statutes generally expressly

carve them out.

175

Focus Areas for Improvement in the Regulatory Framework

Nonbank rms have raised concerns with the lack of regulatory harmonization among the current

state-based regimes, particularly with respect to the provision of credit and money transmission

activities. As innovation allows rms to more easily serve customers across a broad national mar-

ket, these concerns are becoming more acute. e lack of harmonization could also perpetuate a

disparate regulatory regime between nonbanks and banks otherwise competing in similar product

and geographic markets.

176

State licensing processes can create ineciencies, including requirements for ngerprinting in

multiple states (although this has been improved through coordination) and requests from states

for the nancial statements of the multinational parent company’s individual board members. e

applications for licenses require similar but suciently distinct information that forces rms to

materially revise each application for each state.

Compliance across this fragmented state-regulatory landscape can be costly for rms (some rms

report that all-in licensing costs range from $1 million to $30 million), separate and beyond the

time lost from such eorts, which can result in forgone business opportunities.

177

In addition to

these up-front costs, nonbank rms must actively monitor regulatory requirements across all the

states in which they operate, pay fees to the applicable state regulators, and deploy signicant

resources to accommodate multiple state examinations, which can result in as many as 30 dierent

state regulators per year examining a rm.

178

ese cumulative challenges of operating in the state-

based regulatory regime result not only in excessive regulatory costs, but also constrain the ability

of nonbank rms, including start-ups, to innovate and to scale nationally.

Banks and credit unions also face regulatory challenges that may impede innovation. In contrast to

the largely state-based regime facing nonbank nancial services providers, banks and credit unions

operate within a largely federal regulatory regime, which provides for greater levels of uniformity,

and accordingly eciency, on some dimensions. Yet banks face a substantially dierent regula-

tory regime, which is heavily focused on bank-specic activities. ese regulations are structured

to ensure the safety and soundness of the bank or credit union, and may include capital and

liquidity standards, deposit insurance requirements, and limitations on permissible activities. is

regulatory framework exists for multiple reasons, including the need to protect taxpayers because

of banks’ access to Federal Deposit Insurance Corporation (FDIC) insurance and the Federal

Reserve’s discount window. Additionally, banks and credit unions serve as the back-up source of

175. Each state may have different statutory language. See, e.g., National Conference of Commissioners on Uniform

State Laws, Uniform Money Services Act (Feb. 25, 2005), at § 103(4), available at: http://www.uniformlaws.

org/shared/docs/money%20services/umsa_ﬁnal04.pdf.

176.

For a discussion of how state-based regulation can result in inefﬁciency, unlevel competition, and differences

in the availability of ﬁnancial services across states, see Brian Knight, Federalism and Federalization on the

Fintech Frontier, 20 Vanderbilt J. of Ent. & Tech. Law 129 (2017), at 185-198.

177

. GAO Fintech Report, at 45.

178

. Id.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

liquidity for other nancial rms, act as critical (though not exclusive) transmission vehicles for

monetary policy, and have exclusive access to Fedwire and other payment systems.

e cumulative impact of these regulations, while critical for achieving public policy goals such

as safety and soundness, can impede innovation at banking organizations. ese limitations may

impede the ability of banks and credit unions to partner with nonbank nancial institutions,

develop new platforms within the organization, or oer new and innovative services to customers.

Modernizing Regulatory Frameworks for National

Activities

Improving the Clarity and Efﬁciency of Our Regulatory Operating Models

Treasury has identied several principles for updating the regulatory operating models available for

rms in our nancial services ecosystem. First, modernization needs to focus on producing ecient

regulation to enable dynamic innovation. Second, any solution must provide sucient exibility

to recognize the diversity of the scale, maturity, and activities of rms. Finally, any solution should

recognize the benets of both federal and state based-approaches to nancial services oversight.

e diversity of U.S. nancial services rms requires that any regulatory solution allow for recogni-

tion of a broad spectrum of business models. Some rms may be ready to absorb the costs of regu-

lation that attach to a federally insured depository institution, whether through federally chartered

banks or state-chartered banks, including traditional banks and industrial loan companies. Other

rms may prefer having a primary federal regulatory regime but without the acceptance of feder-

ally insured deposits, such as through the OCC’s proposed special purpose national bank charter.

Still other rms may desire to partner with an existing bank, rather than pursue a banking charter

themselves. Finally, rms may have business models that do not require national approaches and

may prefer therefore to maintain a predominantly state-based system of regulation. Primary drivers

of these decisions may include the type of activity engaged in, the maturity of the rm, and busi-

ness strategies and objectives.

e United States has a long and complex history of state and federal regulation in nancial ser-

vices. e U.S. banking system began through state charters. In many ways, the state-based system

acts as a laboratory of innovation for rms, which should be preserved. In fact, the state model has

allowed for numerous nonbank rms to build a local product in a state, and then subsequently

expand as the product gained broader market appeal. State regulators also have greater proximity

to their constituents and can be more responsive to the needs and preferences of local consumers

than regulators who do not have a local presence. Some of these advantages of local geographic

experimentation and local government responsiveness should be preserved, particularly for rms

that prefer the state-based approach.

Federal oversight would likely play a more prominent role in the regulation of ntech rms if

these rms elect to pursue a banking charter. Federal banking regulations should be appropriately

tailored to allow rms to provide nancial services to drive economic growth while ensuring appro-

priate oversight. ought should also be given to the appropriate regulatory structure taking into

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

consideration organizational structure, services provided, risk prole, and the need to promote fair

competition between dierent types of organizations providing similar services.

A Tailored Regulatory Solution

Treasury supports several specic regulatory approaches that would provide greater clarity and

exibility in the regulatory operating model for rms looking to provide nancial services. Taken

together, these approaches balance the key requirements for modernizing the regulatory operating

model for U.S. rms. ese approaches include:

• State Harmonization. An acceleration in state regulators’ and legislatures’ eorts to

harmonize the existing patchwork of state licensing and oversight of nonbank nancial

services companies,

• Bank Charters. e OCC should move forward with thoughtful consideration of appli-

cations for special purpose national bank charters,

• Partnerships. Enabling further partnerships between banking organizations and ntech

companies, and

• Bank Innovation. Updating existing bank regulations to enable innovations com-

mensurate with the rapid changes in how banks are partnering with and investing in

ntech and technology rms and how banks are themselves becoming increasingly like

technology rms.

Issues and Recommendations

State Harmonization Efforts

State regulators have enhanced the regulatory eciency of state regulation over the years. In the

early 1980s, state regulators participated in a nationwide licensing system for the securities industry,

known as the Central Registration Depository.

179

In the years leading up to nationwide banking,

states were already working to move toward a more harmonized system. By 1991, for example, 33

states permitted nationwide banking and 13 permitted regional banking.

180

Past and current eorts to promote greater state harmonization have spanned eorts to address

dierences across state laws, for example with regard to licensing and supervision.

Model Law Adoption

One approach for state harmonization involves the drafting of a model law that state legislatures

would then enact and implement in each respective state. is would ensure that each state has

similar laws and requirements for each type of rm or activity. For example, in July 2017, the

Uniform Law Commission approved and recommended for adoption by all states a Uniform

179. Conference of State Bank Supervisors, Letter to Treasury on NonBank and Innovation Report (Apr. 9, 2018),

available at: https://www.csbs.org/letter-treasury-non-bank-and-innovation-report (“CSBS Letter”).

180.

See U.S. Department of the Treasury, Modernizing the Financial System: Recommendations for Safer, More

Competitive Banks (Feb. 5, 1991) at 7, available at: http://3197d6d14b5f19f2f440-5e13d29c4c016cf-

96cbbfd197c579b45.r81.cf1.rackcdn.com/collection/papers/1990/1991_0205_TreasuryBanks.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

Regulation of Virtual Currency Businesses Act.

181

e eectiveness of the model law approach

turns on widespread adoption by the states. Previous eorts have met with mixed results. For

example, the Commission’s Money Services Act of 2000 has to date been enacted by only 10 states

(plus Puerto Rico and the U.S. Virgin Islands).

182

Nationwide Multistate Licensing System

In more recent years, state regulators have been focused on developing greater cooperative

approaches for the supervision of nonbank nancial services companies. One of the primary eorts

of state regulators to achieve such enhanced cooperation has been the Nationwide Multistate

Licensing System (NMLS), which is a technology platform that functions as a system of record

for the licensing activities (application, renew, and surrender) of 62 state or territorial government

agencies.

183

e NMLS is used by state regulators to reduce duplicative regulatory requirements,

promote greater information sharing and coordination, and maintain consumer protections and

the strength and resilience of regulated rms.

e NMLS began with a focus on the mortgage industry. e NMLS began operations in January

2008 and was formed by the Conference of State Bank Supervisors (CSBS) and the American

Association of Residential Mortgage Regulators. At that time, the NMLS was originally the

Nationwide Mortgage Licensing System and was primarily designed for the mortgage industry.

e NMLS began in 2005 as a voluntary system used by seven state agencies and then expanded to

50 when it went live in 2008. Congress subsequently enacted the Secure and Fair Enforcement for

Mortgage Licensing Act (SAFE Act), which established a registration requirement and minimum

licensing requirements for mortgage loan originators and mortgage reporting.

184

e CSBS and state regulators further built out the NMLS framework beyond the mortgage

industry. For example, the CSBS and state regulators have expanded the scope of industries cov-

ered within the NMLS framework beyond even money transmitters, to also include consumer

nance and debt collection. Some success has also been found using NMLS to manage licensing.

As of year-end 2017, 38 states were using NMLS to manage their MSB licenses.

185

However, fewer

state regulators participate in these other licensed activities than for the mortgage sector.

186

Beyond

the scope of industries, NMLS has also enabled greater access to its data through the launch of a

publicly available consumer access website in 2010 and through the sale of NMLS data to busi-

nesses that, in turn, sell data and loan origination products to mortgage market participants.

181. National Conference of Commissioners on Uniform State Laws, Uniform Regulation of Virtual Currency

Businesses Act (July 2017), available at: http://www.uniformlaws.org/shared/docs/regulation%20of%20vir-

tual%20currencies/2017AM_URVCBA_AsApproved.pdf.

182. See http://uniformlaws.org/Act.aspx?title=Money%20Services%20Act (website of the National Conference of

Commissioners on Uniform State Laws tracking the status of enactment as of June 1, 2018).

183.

State Regulatory Registry LLC, 2017 Annual Report, available at: https://nationwidelicensingsystem.org/

NMLS%20Document%20Library/2017%20SRR%20Annual%20Report.pdf (“NMLS 2017 Annual Report”).

184

. The SAFE Act was enacted as Title V of the Housing and Economic Recovery Act of 2008, Pub. L. No. 110-

289, and codiﬁed at 12 U.S.C. §§ 5101-5116.

185.

National Multistate Licensing System, Money Services Businesses Fact Sheet (Dec. 31, 2017), available at:

https://nationwidelicensingsystem.org/about/Reports/2017Q4%20MSB%20Fact%20Sheet.pdf.

186.

NMLS 2017 Annual Report.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

Eorts to Streamline Examinations

One example of how states have sought to harmonize examinations has been their approach to money

transmitters and MSBs. Multi-state examinations started in earnest after the Money Transmitters

Regulators Association (an association of state money transmitter regulators) executed a cooperative

agreement in 2002 and an examination protocol in 2010

187

and FinCEN issued an MSB examination

manual for the Bank Secrecy Act in 2008. As of March 2018, 48 states; Washington, D.C.; Puerto

Rico; Guam; and the Virgin Islands have signed the Money Transmitter Regulators Association

agreements.

188

e agreements provide for a taskforce that helps to coordinate the joint exams and

determine which state will lead a joint exam. Joint exams generally include fewer than 10 states, and

states that are not part of a joint exam will come in to do individual exams (or be a part of a dier-

ent joint exam). State examiners generally jointly examine for common components such as Bank

Secrecy Act/anti-money laundering, information technology, and corporate governance; there is a

separate section of the exam for specic state law issues.

Vision 2020 Commitment and Passporting

State regulators have launched a multi-step eort to develop a 50-state licensing and supervisory

system by 2020, known as “Vision 2020.” Vision 2020 is largely a response to the various state

regulatory harmonization challenges raised by rms regarding the current state-based regulatory

regime for nonbank nancial companies. e core components of this eort include:

189

• Establishing a Fintech Industry Advisory Panel that would be a vehicle to provide state

regulators important insight on the Vision 2020 and related eorts to improve state

regulation.

• Re-designing the existing NMLS platform through further automation and enhanced

data and analytical tools.

• Harmonizing multistate supervision processes through adoption of best practices and,

critically, the development of a comprehensive state examination system that will allow

state regulators to share various pieces of information including: exam schedules, ratings,

supervisory concerns, and reports of examination. is system is tentatively scheduled to

go live in the spring or summer of 2019.

190

For money-transmission oversight, according

to the CSBS, “If one state reviews key elements of state licensing for a money transmitter

— IT, cybersecurity, business plan, or background check

191

— then other participating

1 87. Conference of State Bank Supervisors and Money Transmitters Regulators Association, The State of

State Money Service Businesses Regulation and Supervision (May 2016), at 11, available at: https://

www.csbs.org/sites/default/ﬁles/2017-11/State%20of%20State%20MSB%20Regulation%20and%20

Supervision%202.pdf.

188.

CSBS Letter, at 15.

189.

Conference of State Bank Supervisors, Vision 2020 for Fintech and Non-Bank Regulation (Jan. 7, 2018), avail-

able at: https://www.csbs.org/vision2020.

190

. See NMLS 2017 Annual Report, at 15.

191

. This effort would also include examinations for compliance with the federal Bank Secrecy Act.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

states agree to accept the ndings.”

192

Seven states have initially signed on to this agree-

ment as an initial pilot program.

193

• Other eorts to, for example, assist state banking departments and promote greater

industry awareness.

One solution that could be accomplished through the Vision 2020 process is the idea of “pass-

porting” and reciprocity of state licenses. Such a solution would involve the states harmonizing

licensure and supervision laws and regulations, creating a system whereby a licensee in one state

could have their home state’s license accepted, or passported, to other states within the reciprocity

pact.

194

Passporting represents a path through which states could eectuate a system of licensing

that is conducive to a national business model while still retaining oversight at the state level.

Recommendations

State regulators play an important and valuable role in the oversight of nonbank nancial services

rms. Treasury supports state regulators’ eorts to build a more unied licensing regime and super-

visory process across the states. Such eorts might include adoption of a passporting regime for

licensure. However, critical to this eort are much more accelerated actions by state legislatures

and regulators to eectively reduce unnecessary inconsistencies across state laws and regulations

to achieve much greater levels of harmonization. Treasury recommends that if states are unable

to achieve meaningful harmonization across their licensing and supervisory regimes within three

years, Congress should act to encourage greater uniformity in rules governing lending and money

transmission to be adopted, supervised, and enforced by state regulators. Congress has used a

similar model previously, such as the establishment of minimum mortgage licensing requirements

under the SAFE Act.

195

OCC Special Purpose National Bank Charter

e OCC’s special purpose national bank charter, proposed in 2016, presents an attractive option

for rms interested in the benets of having a single primary federal regulator. is type of banking

charter may provide a more ecient, and at least a more standardized, regulatory regime, than the

current state-based regime in which they operate. e OCC special purpose national bank charter,

however, does present key policy and regulatory considerations, discussed below.

192. Conference of State Bank Supervisors, Press Release – State Regulators Take First Step to Standardize

Licensing Practices for Fintech Payments (Feb. 6, 2018), available at: https://www.csbs.org/

state-regulators-take-ﬁrst-step-standardize-licensing-practices-ﬁntech-payments.

193. Georgia, Illinois, Kansas, Massachusetts, Tennessee, Texas, and Washington.

194.

Brian Knight, Mercatus Center, Modernizing Financial Technology Regulations to Facilitate a National Market,

Mercatus Center (July 2017), at 5, available at: https://www.mercatus.org/system/ﬁles/knight_-_mop_-_mod-

ernizing_ﬁntech_regulations_-_v2_1.pdf.

195. 12 U.S.C. §§ 5104-08

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

Overview

e OCC released a proposal for a special purpose national bank charter for nancial technology

companies and solicited comments on that proposal in December 2016. As proposed,

196

the OCC

special purpose national bank charter would allow charter applicants that make loans or engage in

payments activities to:

• Adhere to a uniform set of national banking rules, rather than seeking state-by-state

lending or money transmission licenses, with frequently conicting requirements,

or partnering with a bank to access bank charter benets (e.g., the ability to export

interest rates);

• Operate without FDIC deposit insurance, to the extent applicants would not take

deposits; and

• Be subject to the same standards and level of supervision as similarly situated national

banks, including capital, liquidity, consumer protection and nancial inclusion require-

ments based on the business model and risk prole of the chartered company.

Marketplace lenders (MPLs) and payment companies are examples of ntech rms that may be

interested in applying for the OCC special purpose national bank charter. MPLs may be attracted

to an OCC special purpose national bank charter because it would reduce licensing and regulatory

cost by consolidating supervision under one primary national regulatory structure, which would

allow them to eciently provide credit to consumers and businesses across the country. Payments

companies might look to the charter to obviate the need to obtain money transmission licenses

in all 50 states. e charter might also allow them to acquire potentially more ecient access to

payment systems, reduce operating costs and provide national scalability.

Chartering Authority

Under the National Bank Act (NBA), the OCC has authority to grant charters for national banks

to engage in the “business of banking,” which the OCC has interpreted to include at least one of

three “core banking functions” — taking deposits, paying checks, or lending money.

197

e OCC

196. The OCC special purpose national bank charter was proposed through a series of OCC announcements.

See Ofﬁce of the Comptroller of the Currency, Exploring Special Purpose National Bank Charters for Fintech

Companies (Dec. 2016), available at: https://www.occ.gov/topics/responsible-innovation/comments/special-

purpose-national-bank-charters-for-ﬁntech.pdf; (“OCC Fintech Paper”); Supporting Responsible Innovation

in the Federal Banking System: An OCC Perspective (Mar. 2016), available at: https://www.occ.gov/publi-

cations/publications-by-type/other-publications-reports/pub-responsible-innovation-banking-system-occ-per-

spective.pdf; Summary of Comments and Explanatory Statement: Special Purpose National Bank Charters

for Financial Technology Companies (Mar. 2017), available at: https://www.occ.gov/topics/responsible-innova-

tion/summary-explanatory-statement-ﬁntech-charters.pdf (“OCC Comment Summary”); Draft Licensing Manual

Supplement (Mar. 2017), available at: https://www.occ.gov/publications/publications-by-type/licensing-manu-

als/ﬁle-pub-lm-ﬁntech-licensing-manual-supplement.pdf.

197

. See OCC Comment Summary, at 14. See also 12 U.S.C. § 24 (enumerating the powers of a national bank as

“all such incidental powers as shall be necessary to carry on the business of banking”); 12 C.F.R. § 5.20(e)(1)

(“A special purpose bank that conducts activities other than ﬁduciary activities must conduct at least one of the

following three core banking functions: Receiving deposits; paying checks; or lending money.”).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

has also exercised its authority to reach technology-based extensions of core-banking functions,

such as facilitating programs electronically.

198

Key Regulatory Features

e OCC special purpose national bank charter could, as proposed, allow for the preemption of

certain state laws and trigger baseline supervisory expectations that apply to any national bank

including, for example: a business plan that must assess risks comprehensively; capital adequacy;

liquidity; compliance risk management; consumer protection and fair lending compliance; nan-

cial inclusion; recovery and resolution planning; governance; and Bank Secrecy Act/anti-money

laundering requirements.

e OCC could tailor compliance requirements under a special purpose national bank charter

to better suit the safety and soundness risks posed by these institutions in light of the absence of

FDIC insurance and potential business model dierences.

• Insured Deposit Related Dierences (CRA, Resolution). An OCC special purpose national

bank chartered rm that does not obtain FDIC insurance (an uninsured national bank)

would not present a direct risk to taxpayers through the FDIC’s Deposit Insurance Fund.

Moreover, under the terms of the CRA, such rms would not be subject to CRA require-

ments, nor be subject to resolution by the FDIC under the Federal Deposit Insurance

Act. However, in its policy statement, the OCC noted that it would encourage special

purpose national bank charter applicants to meet an ongoing nancial inclusion standard

of “provid[ing] fair access to nancial services by helping to meet the credit needs of its

entire community” through setting supervisory expectations and making such a commit-

ment a condition for charter approval.

199

As to resolution, the OCC would, as provided for

under the NBA, resolve such an uninsured national bank. e OCC issued a nal rule in

December 2016 that claries the framework for such a resolution.

200

• Potential Tailoring of Safety and Soundness Rules (Capital, Liquidity). e OCC

noted that it would consider adapting capital requirements for an applicant as neces-

sary to adequately reect the risks of the planned business model as it does with all

national banks.

• State Laws and Consumer Concerns. e NBA preempts state usury laws for federally

chartered national banks. However, certain other consumer protections and state contract

law may apply, including state laws regarding foreclosure.

201

Other key features of the OCC proposal that would require some clarications are:

198. OCC’s authority on these issues has been challenged in two lawsuits that have been dismissed on ripe-

ness grounds. See Conference of State Bank Supervisors v. Ofﬁce of the Comptroller of the Currency, No.

17-0763, 2018 WL 2023507 (D.D.C. Apr. 30, 2018); Vullo v. Ofﬁce of the Comptroller of the Currency, No.

17-cv-3574, 2017 WL 6512245 (S.D.N.Y. Dec. 12, 2017).

199

. See OCC Fintech Paper, at 12; see also 12 C.F.R. § 5.20(f)(1)(ii).

200

. The OCC’s resolution framework would apply to any type of uninsured national bank that the OCC charters.

See Receiverships for Uninsured National Banks (Dec. 15, 2016) [81 Fed. Reg. 92594 (Dec. 20, 2016)].

201

. See for example 12 U.S.C. § 7.4008 (non-real estate lending).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

• Regulatory Coordination. National banks, including special purpose national banks, are

required (with limited exceptions) to become members of the Federal Reserve System.

e Federal Reserve would have to assess whether an OCC special purpose national bank

would be given access to the Federal Reserve payment systems.

202

• Activities Incidental to the Business of Banking. e OCC has authority to dene what

activities are part of the business of banking or incidental to the business of banking.

203

e OCC indicated it would consider the permissibility of new activities for a special

purpose national bank charter on a case-by-case basis.

204

Recommendations

Treasury recommends that the OCC move forward with prudent and carefully considered applica-

tions for special purpose national bank charters.

OCC special purpose national banks should not be

permitted to accept FDIC-insured deposits, to reduce risks to taxpayers. e OCC should consider

whether it is appropriate to apply nancial inclusion requirements to special purpose national banks.

e Federal Reserve should assess whether OCC special purpose national banks should receive access

to federal payment services. It is important that a charter not provide an undue advantage to newly

chartered rms relative to the banks that have operated within the existing regulatory system for

years. Striking the right balance to appropriately enable a tailored regulatory framework is important.

Bank Regulatory Oversight of Third-Party Relationships

Banking regulators’ oversight of banking organizations’ relationships with third-parties stems from

(1) their general safety and soundness authority over the banking organization and (2) the Bank

Service Company Act, which grants federal banking regulators authority to examine and regulate

the provision of certain services that a third-party service provider, which may include ntech

partners, performs for regulated institutions.

205

is supervisory regime is generally designed to be comprehensive in overseeing how banking

organizations interrelate with third-party vendors and service providers.

Banking regulators administer this oversight through:

• Regulation and supervision of banking organizations. is guidance directs banks to have

a comprehensive, enterprise risk management process that addresses such third-party

relationships (for example ensuring compliance with applicable laws and regulation); and

• Direct supervision of a subset of service providers (signicant service providers and

regional service providers).

206

202. Governor Lael Brainard, Where Do Banks Fit in the Fintech Stack (Apr. 28, 2017), available at: https://www.

federalreserve.gov/newsevents/speech/brainard20170428a.htm.

203

. 12 U.S.C. § 24.

204

. OCC Fintech Paper, at 4.

205

. 12 U.S.C. § 1867(c).

206.

Federal Financial Institutions Examination Council, Supervision of Technology Service Providers (Oct. 2012), at

1, available at: https://ithandbook.fﬁec.gov/media/274876/fﬁec_itbooklet_supervisionoftechnologyservicepro-

viders.pdf (“FFIEC TSP Handbook”).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

Critically, a banking organization’s use of a third-party service provider does not diminish the

responsibility of the bank to ensure that the activities are conducted in a safe and sound manner

and in compliance with applicable laws and regulations, just as if the institution were to perform

the activities in-house.

Drivers of ird-Party Risk

Technological innovation, specialization, cost, and today’s competitiveness all contribute to

nancial institutions’ increased outsourcing to third parties. Some of this outsourcing includes

specic functions (e.g., human resources, taxes, law, and information technology), customer

related activities, and lines of business. is has led to new forms of risk as nancial institutions

become more reliant on others to perform business functions, support services, and technology

provisioning. For example, as technology providers increase, cyber risks may increase because of

the introduction of new vulnerabilities that may be exploited as vectors for intrusions. In recent

years, regulators’ and rms’ attention to third-party risks and relationships have increased for a

variety of reasons, including the following:

• Consumer-Related Concerns. Banks have increasingly been held responsible for the sales

practices of third parties that marketed products on their behalf.

207

ese incidents have

heightened the importance of managing third-party risks related to consumer compliance

and protecting a rm’s reputation.

• Information Security Concerns. Several high prole data breaches have increased atten-

tion to cyber risks. In 2014, Target acknowledged that the payment information of 40

million customers, along with up to 70 million customers’ personal information, had

been breached as the result of a third-party vendor’s systems being compromised.

208

In 2013, regulators notied banking customers of a serious data breach that occurred

in 2011 at one of the largest payments information processors used by banks, Fidelity

National Information Services.

209

• Other Operational Risks. Dependence on third parties also raises concerns regarding

concentration risk, the reliance on a few vendors to enable the execution of critical

functions and services, and highlights the need for contingency planning for both the

2 07. See, for example, Bureau of Consumer Financial Protection, Press Release – Consumer Financial Protection

Bureau Orders Santander Bank to Pay $10 Million Fine for Illegal Overdraft Practices (Jul. 14, 2016), avail-

able at: https://www.consumerﬁnance.gov/about-us/newsroom/consumer-ﬁnancial-protection-bureau-orders-

santander-bank-pay-10-million-ﬁne-illegal-overdraft-practices/; Bureau of Consumer Financial Protection,

Press Release – CFPB Orders American Express to Pay $59.5 Million for Illegal Credit Card Practices

(Dec. 23, 2013), available at: https://www.consumerﬁnance.gov/about-us/newsroom/cfpb-orders-ameri-

can-express-to-pay-59-5-million-for-illegal-credit-card-practices/; Bureau of Consumer Financial Protection,

Press Release – CFPB Orders Chase and JPMorgan Chase to Pay $309 Million Refund for Illegal Credit

Card Practices (Sept. 19, 2013), available at: https://www.consumerﬁnance.gov/about-us/newsroom/

cfpb-orders-chase-and-jpmorgan-chase-to-pay-309-million-refund-for-illegal-credit-card-practices/.

208

. Testimony of John Mulligan, Executive Vice President and Chief Financial Ofﬁcer of Target Corporation, before

the Senate Judiciary Committee (Feb. 4, 2014), available at: https://corporate.target.com/_media/TargetCorp/

global/PDF/Target-SJC-020414.pdf.

209. Tracy Kitten, OCC: More Third-Party Risk Guidance, Bank Info Security (Aug. 26, 2014), available at: https://

www.bankinfosecurity.com/occ-more-third-party-risk-guidance-a-7233.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

nancial rm and the vendor. A range of high-prole risk events, including large storms,

have heightened the need to have up-to-date and well tested contingency plans in the

event of an IT failure within the technology infrastructure. Such planning is critical to

mitigate the consequences of power outages, ooding, and data redundancies. In addi-

tion to these risks, rms expressed concerns regarding resourcing, including facilities and

workforce, and ensuring the availability of the requisite supporting services.

• Financial Technology Partnerships. Banking organizations have increasingly partnered

with technology providers and other vendors to drive down costs (e.g., the adoption

of cloud services or other IT outsourcing) or promote increased tech-enabled nancial

services (e.g., the growing partnership with digital lenders).

Regulatory Responses

Regulators have also been responding to these developments. Since 2008, each of the prudential

banking regulators have separately issued updated guidance with respect to third-party vendor risk

management. e OCC and the Federal Reserve separately issued specic guidance on third-party

risk in 2013, while the FDIC issued guidance in 2008 (and proposed guidance on third-party

lending in 2016 that it never nalized).

210

e Federal Financial Institutions Examination Council,

an interagency group, and other agencies have also taken relevant action.

211

Challenges Identied with the Current Approach

A number of challenges have been identied with the banking regulators’ current approach to

third-party vendors and service providers.

210. Ofﬁce of the Comptroller of the Currency, Risk Management Guidance for Third Party Relationships, OCC

Bulletin 2013-29 (Oct. 2013), available at: https://www.occ.gov/news-issuances/bulletins/2013/bulle-

tin-2013-29.html; Ofﬁce of the Comptroller of the Currency, Supplemental Exam Procedures for Third Party

Relationships, OCC Bulletin 2017-7 (Jan. 2017), available at: https://www.occ.gov/news-issuances/bul-

letins/2017/bulletin-2017-7.html; Ofﬁce of the Comptroller of the Currency, Frequently Asked Questions to

Supplement OCC Bulletin 2013-29, OCC Bulletin 2017-21 (Jun. 2017), available at: https://www.occ.gov/

news-issuances/bulletins/2017/bulletin-2017-21.html; Federal Reserve Board of Governors, Guidance on

Managing Outsourcing Risk (Dec. 5, 2013), available at: https://www.federalreserve.gov/supervisionreg/srlet-

ters/sr1319a1.pdf; Federal Deposit Insurance Corporation, Examination Guidance for Third-Party Lending

(July 29, 2016), available at: https://www.fdic.gov/news/news/ﬁnancial/2016/ﬁl16050a.pdf; Federal Deposit

Insurance Corporation, Third-Party Risk – Guidance for Managing Third-Party Risk, FIL-44-2008 (June 6,

2008), available at: https://www.fdic.gov/news/news/ﬁnancial/2008/ﬁl08044.html.

211.

Karen Ross and Doug Posey, Davis Wright Tremaine LLP, FFIEC Releases New Booklet for the Supervision of

Technology Service Providers (Nov. 19, 2012), available at: https://www.paymentlawadvisor.com/2012/11/19/

fﬁec-releases-new-booklet-for-the-supervision-of-technology-service-providers/; Brian J. Hurh, Davis Wright

Tremaine LLP, FTC Order Against Fraudulent Payment Processor Joins Growing List of Regulatory Actions

Involving Third Party Service Providers (Mar. 19, 2013), available at: https://www.paymentlawadvisor.

com/2013/03/19/ftc-order-against-fraudulent-payment-processor-joins-growing-list-of-regulatory-actions-

involving-third-party-service-providers/; Bureau of Consumer Financial Protection, Service Providers, Bulletin

2012-03 (April 13, 2012), available at: https://ﬁles.consumerﬁnance.gov/f/201204_cfpb_bulletin_service-pro-

viders.pdf (Dodd-Frank grants the Bureau supervisory and enforcement authority over supervised service pro-

viders); Compliance Bulletin and Policy Guidance; 2016-02, Service Providers (Oct. 19, 2016) [81 Fed. Reg.

74410 (Oct. 26, 2016)].

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

Regulatory Eciency and Uncertainties

Both banks and service providers have raised concerns about the growing compliance costs related

to third-party oversight. Signicant service providers

212

have raised concerns about ineciencies

in oversight because they are overseen by both federal banking regulators and each bank to which

they provide a service. Banks of all sizes have raised concerns about the cost of compliance because

multiple banks subject the same vendors to similar third-party oversight, related due diligence, and

other requirements.

Banking agencies’ third-party guidance, while broadly similar, is also not entirely consistent. e

inconsistencies can be compounded by the inconsistent application of standards by individual

examination teams within agencies. Some areas of existing guidance that rms struggle to apply

uniformly may include the scope of vendors or third-parties covered, the categorization of which

partners should be subject to heighted risk-based attention, and the terms and conditions that

banks are expected to require of these partners. Banks have also said there is some lack of clarity

in how this regulatory framework applies to data aggregators (see the discussion on clarifying

when data aggregators are subject to third-party guidance in the preceding chapter on Embracing

Digitization, Data, and Technology).

Related to these inconsistencies in third-party oversight, banking organizations have raised con-

cerns about the strict implementation of such guidance through the “trickle-down” of best practices

(i.e., where the most stringent due diligence standards available are expected for many vendors).

While the written guidance for third-party risk generally allows for risk-based or more tailored

approaches, a number of factors contribute to more stringent de facto regulation. For example,

banks looking to avoid criticism from their examiners might adopt a more uniformly stringent

vendor oversight approach rather than trying to convince their examiners to permit a more tailored

approach to vendor oversight.

Technology Partnerships

Smaller, nonbank ntech rms and banks have raised concerns that the overall burden of the

third-party supervisory regime sties the ability of new rms to partner with banks. For example,

smaller and less mature nonbank start-up rms face requirements that are inappropriately tai-

lored, such as having to complete the same due diligence information requests required of rms

with signicantly greater scale or complexity. Similarly, community banks have expressed concern

about their capacity to undertake the requisite due diligence and ongoing vendor management

(especially with larger vendors). At the same time, ntechs and banks have said that the third-party

oversight framework is critical to overseeing risks in certain bank-ntech partnership activities,

such as lending.

Cloud-related service relationships also appear to face some challenges. Some banking organiza-

tions have expressed diculties in the deployment of cloud services because of the administrative

burdens of getting multiple regulators on board or unclear recognition of independent audit and

certication standards. Banks have noted that ntech partnerships may also be hindered by a lack

of clarity about whether a third-party vendor’s sub-contractors, such as a cloud-service provider

212. FFIEC TSP Handbook, at 1.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

(i.e., a fourth party), must also meet due diligence requirements. Small ntech rms often lack a

realistic ability to impose any such requirements upon such fourth-party vendors.

Recommendations

Federal banking regulators should, in coordination, review current third-party guidance through

a notice and comment process. U.S. banking regulators should further harmonize their guidance

with a greater emphasis on (1) improving the current tailoring and scope of application of guid-

ance upon third-party vendors to improve the eciency of oversight and (2) enabling innovations

in a safe and prudent manner. Such a review should specically consider how to:

• Further develop the framework to regulate bank partnerships with ntech lenders to

apply strong and tailored regulatory oversight while also supporting eorts by banks,

particularly smaller community banks, to partner with ntechs.

• Provide greater clarity around the vendor oversight requirements for cloud service provid-

ers, including clarifying how third-party guidance should apply to a third-party’s sub-

contractors, like cloud service providers (i.e., fourth party vendors). Further discussion of

cloud services oversight is addressed in the preceding chapter on Embracing Digitization,

Data, and Technology.

• Support more secure methods for consumers to access their nancial data, such as

through API agreements between banks and data aggregators.

• Identify common tools banks can leverage as part of due diligence eorts, such as robust

independent audits, recognized certications, and collaboration among institutions in an

eort to enhance eciencies and reduce costs.

• Maintain ongoing eorts with other federal and state regulators to identify opportunities

for harmonization as appropriate.

Looking ahead and recognizing the dynamic nature of nancial technology developments, the

banking regulators should be prepared to exibly adapt their third-party risk relationships frame-

work to emerging technology developments in nancial services. Moreover, banking regulators

should consider how to make examiners’ application of interagency guidance on third-party rela-

tionships more consistent across and within the agencies.

Banks’ Innovation Investments and the Scope of Permitted Activities

e scope of permitted activities for banking organizations is generally very limited. Banks and

their holding companies may only engage in activities specically permitted by law and by their

regulators. Federal banking laws that govern permissible activities, including investments in inno-

vative nancial technology partnerships, are varied and implemented through various federal and

state regulators.

Banks and Savings Associations

In general, the National Bank Act establishes the scope of permissible activities for national banks,

the Home Owners’ Loan Act establishes the scope of permissible activities for federal savings

associations, and the OCC can authorize additional permissible activities for both, in accordance

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

with applicable statutes.

213

e National Bank Act, in particular, allows national banks to engage

in (1) the “business of banking” and (2) activities that are “incidental” to the conduct of such

business.

214

e OCC has generally dened the statutory term “business of banking” dynamically

over time, authorizing activities to allow national banks to keep pace with developments in the

nancial services marketplace and the needs of customers.

215

e OCC, for example, recognized various nancial market developments over time, including the

authorization of various derivatives activities (e.g., advising, structuring and executing transactions in

interest rate, equity swaps, currency, and commodity derivatives products), which enabled national

banks to act as key intermediaries in the development of national and global derivatives markets to

facilitate the hedging and transfer of risks. e OCC similarly recognized technology developments as it

authorized various electronic, data storage and software-related activities (e.g., electronic bill payments).

e OCC has also indirectly aected the scope of permissible activities for state-chartered banks

because state “wild card” laws, designed to maintain competitive parity between state banks and

national banks, often grant state banks the same scope of permissible activities as has been made

available to nationally chartered banks and savings associations.

216

e Federal Deposit Insurance Act also augments permissible activities of state-chartered banks. It

permits state-chartered banks to engage in certain activities permissible under state law but that are

not permissible for national banks as long as the FDIC determines that “the activity would pose no

signicant risk” to the Deposit Insurance Fund and that the state bank meets “applicable capital

standards prescribed by the appropriate Federal banking agency.”

217

Holding Companies

e Bank Holding Company Act (BHC Act) provides the statutory framework for the oversight of

companies that control a bank with the aim of “protecting the safety and soundness of corporately

controlled banks” and maintaining the general separation of banking and commerce.

218

As a result,

the BHC Act authorizes a limited set of permissible activities for bank holding companies (BHC)

and their aliates, including (1) owning, managing, and controlling banks

219

and (2) engaging in

activities that are “so closely related to banking as to be a proper incident thereto” (i.e., Section

4(c)(8) authorities).

220

BHCs that apply to become and qualify as a nancial holding company

213. Ofﬁce of the Comptroller of the Currency, Activities Permissible for National Banks and Federal Savings

Associations, Cumulative (Oct. 2017), at 1, available at: https://www.occ.gov/publications/publications-by-

type/other-publications-reports/pub-other-activities-permissible-october-2017.pdf (“OCC Cumulative”).

214. 12 U.S.C. § 24 (Seventh).

215

. OCC Cumulative, at 1 (“[t]he business of banking is an evolving concept and the permissible activities of

national banks similarly evolve over time”).

216.

Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, and Ofﬁce of the

Comptroller of the Currency, Report to the Congress and the Financial Stability Oversight Council Pursuant to

Section 620 of the Dodd-Frank Act (Sept. 2016), at 51, available at: https://www.federalreserve.gov/newsev-

ents/pressreleases/ﬁles/bcreg20160908a1.pdf (“Section 620 Report”).

217. 12 U.S.C. § 1831a(a)(1).

218

. Section 620 Report, at 3.

219

. 12 U.S.C. § 1843(a).

220.

See 12 U.S.C. § 1843(c)(8).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

benet from a greater range of permissible activity under amendments made by the GLBA. e

BHC Act, as amended by the GLBA, authorizes nancial holding companies to engage in any

activity that (i) the Federal Reserve, in consultation with the Secretary of the Treasury, determines

is “nancial in nature or incidental to such nancial activity,” or (2) the Federal Reserve determines

is “complementary to a nancial activity and does not pose a substantial risk to the safety and

soundness of depository institutions or the nancial system generally.”

221

e BHC Act’s denition

of “control” is critical to determining how the statute is applied and to which rms its activity

restrictions apply. e BHC Act denes “bank holding company” as any company that controls a

BHC or bank (not including Industrial Loan Companies).

222

A company generally controls a BHC

or bank if the company: (1) owns more than 25% of any class of voting securities; (2) controls

in any manner the election of a majority of the directors of the BHC or bank; or (3) exercises

“a controlling inuence” over the management or policies of the BHC or bank.

223

e Federal

Reserve is responsible for determining what constitutes a “controlling inuence.”

Figure 9: Overview of Authorities for Permitted Activities for Banking Organizations

Authorizing

Federal Statute

Types of Permitted Activities Interpreted by Banking

Organizations Subject

to These Authorities

National Bank

Act

Business of Banking OCC National Banks

Incidental to the Business of Banking OCC National Banks

Federal Deposit

Insurance Act

State-authorized activities that do not

present risks to the Deposit Insurance

Fund

State Regulators;

FDIC

State-chartered Banks

Bank Holding

Company Act

(as amended by

GLBA)

Managing and controlling an insured

depository

Fed All Bank Holding and

Financial Holding

Companies

Closely related to banking or an incident

thereto

Fed All Bank Holding and

Financial Holding

Companies

Financial in nature or incidental to a

ﬁnancial activity (e.g., securities and

insurance)

Fed;

Treasury

Financial Holding

Companies

Complementary to a ﬁnancial activity and

that does not present risks to inst. safety

or the ﬁnancial system generally

Fed Financial Holding

Companies

Source: National Bank Act, 12 U.S.C. §§ 24 and 24a; Federal Deposit Insurance Act, 12 U.S.C. § 1831a; Bank Holding Company

Act, 12 U.S.C. § 1843. The permissible activities available to state-chartered banks is also determined by National Bank Act authori-

ties because states have adopted laws that generally maintain parity with national banks’ scope of permitted activities.

221. 12 U.S.C. § 1843(k)(1); see also Section 620 Report, at 4-5.

222

. 12 U.S.C. § 1841(a)(1).

223

. 12 U.S.C. § 1841(a)(2).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Aligning the Regulatory Framework to Promote Innovation • Modernizing Regulatory Frameworks for National Activities

Challenges with the Current Approach

e restrictions on BHCs’ permissible activities and investments present several interrelated chal-

lenges to innovation eorts by these rms.

Responding to market developments, BHCs have sought to invest in various nancial technology-

related rms to facilitate innovation. However, the current application of the BHC denition of

“control” can discourage banks from such investments, because (1) ntech rms receiving BHC

investments would like to avoid being considered a BHC aliate because they would become sub-

ject to BHC-related regulations, including becoming subject to the applicable activities restrictions

(discussed above); and (2) “control” can be dicult to determine because it relies upon Federal

Reserve discretion under a process that is not suciently transparent. One of the considerations

for dening “control” is the nature of the business relationship between the BHC and the rm

receiving the equity investment. A BHC may seek to expand its business relationship with a suc-

cessful ntech in which it has invested, yet doing so could then trigger “control” and the attendant

BHC Act regulatory requirements.

More generally, banking organizations are increasingly required to deploy new technologies to

serve customer needs and may do so through acquisitions, partnerships, or internal development.

In particular, the highly dynamic nature of nancial technologies today could result in banking

regulators considering certain technology-based business activities impermissible or disagreeing on

whether such an activity is permitted under each regulator’s respective statutory authority.

Recommendations

To support the ability of rms to exibly adapt to new technology and market developments,

Treasury recommends that the Federal Reserve consider how to reassess the denition of BHC

control to provide rms a simpler and more transparent standard to facilitate innovation-related

investments. is recommendation is consistent with public comments by Federal Reserve ocials

who have called for reassessing this issue. In addition, the banking regulators should interpret

banking organizations’ permitted scope of activities in a harmonized manner as permitted by law

wherever possible and in a manner that recognizes the positive impact that changes in technology

and data can have in the delivery of nancial services.

Updating Activity-Speciﬁc

Regulations

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Overview

e U.S. regulatory framework for key nancial service activities — lending, payments, and

nancial planning — requires meaningful reform to better enable the delivery of both digital and

nondigital nancial services to consumers and businesses. is chapter discusses these regulatory

challenges and also identies a number of specic recommendations aimed at improving the U.S.

regulatory approach to lending, payments, and nancial planning.

Lending and Servicing

Household and Small Business Lending

U.S. households and small businesses derive credit from a highly diverse mix of banks and nonbank

rms. ese rms provide secured and unsecured nancing to their clients and perform a range of

activities fullling that mission, including loan sourcing and origination, credit underwriting, and

loan servicing. Although banks and nonbanks access securitization markets to monetize, through

sale, pools of loans that they originate, the two sectors are generally dierentiated by the ability to

retain loans in portfolio. Banks are able to use deposit funding to reliably retain loans over their life

in portfolio. By comparison, nonbanks generally have relatively limited balance sheet capacity that

is provided by their equity capital and a combination of long-term debt and short-term secured

borrowing. As such, they often take an approach that is typically referred to as an “originate to

distribute” business model.

4,000

8,000

12,000

16,000

Other

Small Business

Auto

Card

Student

Mortgage

Figure 10: Mortgage, Consumer, and Small Business

Credit Outstanding ($ billions)

Source: Federal Reserve Financial Accounts of the United States and Keith Horowitz and

Jill Shea, Citi Research, U.S. Banks and Credit Cards (May 2018).

Data as of Q4 2017. “Bank” denotes holdings by U.S.-chartered financial institutions.

20082006 20122010 20162014

Financing of Mortgage

Financing of Nonmortgage

Consumer Credit

BankNonbank

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

Outstanding credit to households and small businesses exceeded $15 trillion in 2017, of which

residential mortgages accounted for $10.6 trillion, cards and revolving credit accounted for $1

trillion, student credit accounted for $1.5 trillion, auto lending $1.1 trillion, and small business

lending $700 billion. As shown in Figure 10, nonbank rms constitute a signicant share of the

overall funding provided across these lending segments. For example, nonbank companies account

for 58% of the outstanding non-mortgage consumer loan market and 58% of the total residential

mortgage market as of the rst quarter of 2018.

224

e share of nonbank lending in the U.S. residential mortgage market has been signicant in

recent decades due in part to the availability of warehouse nancing and access to federally sup-

ported securitization programs for both private and government-supported loan programs, as

conducted by Fannie Mae and Freddie Mac (the government-sponsored enterprises, or GSEs)

and Ginnie Mae.

225

Of the $1.8 trillion of mortgage originations in 2017, approximately 30%

were retained in portfolio (generally by the originator).

226

Except for a relatively limited amount of

issuance through private-label securities (PLS), most of the remaining 70% of 2017 volume was

securitized by the GSEs or Ginnie Mae.

227

Nonbanks enjoy access to these securitization channels

on largely equal footing to banks, which supports their ability to accommodate a large share of the

origination market.

As discussed later in this chapter, the value proposition of marketplace lenders has resulted in

their expansion, though these rms account for just a small fraction

228

of the much larger, multi-

trillion dollar consumer credit market. Installment and payday lending activity have consistently

been dominated by nonbanks, though banks and credit unions have historically provided some

products that served similar short-term, small-dollar nancing needs.

e U.S. capital markets are the largest, deepest, and most vibrant in the world. e nation’s

economy successfully derives a larger portion of business and consumer nancing from its capital

markets, rather than the banking system, than most other advanced economies. is includes reli-

able access to capital through securitization, a capital market evolution that has consistently been

enabled by advances in information technology and the increased scope and cost-eectiveness of

data storage and data management.

224. Keith Horowitz and Jill Shea, Citi Research: U.S. Banks and Credit Cards (May 2018).

225.

For a discussion of how the rise of the secondary mortgage market and new federal regulation were contribu-

tors to a more unbundled housing ﬁnance system, see James R. Follain and Peter M. Zorn, The Unbundling of

Residential Mortgage Finance, 1 J. of Housing Res. 63 (1990), available at: https://www.innovations.harvard.

edu/sites/default/ﬁles/jhr_0101_follain.pdf.

226.

Treasury analysis based on data from Fannie Mae, Freddie Mac, the U.S. Department of Housing and Urban

Development (HUD), and the U.S. Department of Veterans Affairs (VA).

2 27.

Id.

228. Hannah Levitt, Personal Loans Surge to a Record High, Bloomberg (July 3, 2018), available at: https://www.

bloomberg.com/news/articles/2018-07-03/personal-loans-surge-to-a-record-as-ﬁntech-ﬁrms-lead-the-way

(analyzing data from TransUnion).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

Emerging Digitization of Lending

Technological changes, including digitization, help drive changes to the lending landscape. Digital

lending is increasingly prevalent throughout the household and small business lending market.

Nonbank digital lenders have gained outsized attention in recent years, driven in part by their

rapid rate of growth and employment of new technology-intensive approaches to lending. ese

rms, such as marketplace lenders active in consumer and small business lending, have digitized

the customer acquisition, origination, underwriting, and servicing processes. Moreover, these lend-

ers are designing these digital services to provide customer experiences that are seamless and more

timely than the techniques generally employed by traditional lenders. ese changes also appear to

reduce expenses, which lowers the cost of credit as well as providing greater access to credit.

In contrast, many nancial institutions have yet to digitize their lending at a similar level.

229

For

example, many banks have yet to fully digitize their origination processes. Banks report that less

than half have digitized some aspects of their loan origination channels.

230

Moreover, the degree

of digitization is much less comprehensive than new digital lenders. Even for banks that oer a

digital origination channel, one industry survey found that the online features may vary, as 90%

or more have digitized the application processes, but less than half provide for electronic signatures

and document uploads, only a third provide online customer service, and less than 20% provide

instant credit decisions.

231

Key elements of digitization employed by new digital lenders are rapidly expanding across the

wider banking and nancial institution landscape and are expected to permeate all major lending

segments over time. Within the mortgage industry, for example, Federal Reserve Bank of New

York research sta estimates that stand-alone nonbank mortgage originators that oer a mortgage

application process entirely online have expanded from 2% of the market in 2010 to 8% of the

market in 2016.

232

Moreover, the partnerships between banks and new digital lenders have been

expanding and are poised to increase over time, potentially serving to narrow the gap in practices

between those two sectors for the benet of both consumer and business segments.

Regulatory Landscape

Lending is a highly regulated activity that is overseen by a large number of federal and state authori-

ties in the United States.

Federal laws and regulations are extensive and cover fair credit reporting, fair debt collection, fair

lending, credit practices, fair credit billing, consumer privacy, electronic signature, and electronic

229. See American Bankers Association, The State of Digital Lending (Jan. 2018), at 4-7, available at: https://www.

aba.com/Products/Endorsed/Documents/ABADigitalLending-Report.pdf (“Traditional banks, particularly smaller

ones, have typically lagged in technology adoption for lending, especially compared to up-and-coming ﬁntech

players”). Factors such as regulatory complexity and burdens, technology budgets, or third-party service pro-

vider reliance may contribute to the slow adoption of digitized lending by these institutions.

230.

Id.

231. Id. at 9.

232. Andreas Fuster et al., The Role of Technology in Mortgage Lending, Federal Reserve Bank of New York Staff

Report No. 836 (Feb. 2018), available at: https://www.newyorkfed.org/medialibrary/media/research/staff_

reports/sr836.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

transfer of funds, among others. Appropriately, there is a wide range of rules, such as consumer

laws governing credit card issuers, mortgage lending and servicing, and automobile nancing.

At the federal level, the Bureau of Consumer Financial Protection (the Bureau) has authority to

implement many federal statutes aecting consumers, in addition to requirements imposed by

prudential regulators, namely the Board of Governors of the Federal Reserve System, OCC, FDIC,

and National Credit Union Administration (NCUA). is multiplicity of regulatory authority

is itself an outcome of a fragmented regulatory environment that at times can lead to overlap,

duplication, and uncertainty.

233

At the state level, there are licensing or registration requirements to operate within a state, state-

specic maximum rates of interest on debt, state-specic loan value caps, and other consumer

protections. State requirements are largely enforced by state nancial regulatory authorities and

state attorneys general.

Both federal and state regulators also have enforcement authorities that generally include authori-

ties to prevent consumer nancial service providers from engaging in unfair, deceptive, or abusive

acts or practices.

234

Marketplace Lending

Overview

A number of digitally focused lenders, often referred to as marketplace lenders or “ntech lend-

ers,” have recently emerged and grown rapidly. Fintech lenders represented 36% of the unsecured

consumer loan market in 2017

235

and around 2% of the small business market in 2014,

236

but in

both instances are experiencing rapid rates of growth and market penetration. Marketplace lenders

have generated signicant attention due to many of the underlying features of these new lending

models. Notable characteristics of the sector include newly branded rm and product launches;

lack of reliance on brick-and-mortar branches for delivery of services; leverage of innovative tech-

nological approaches in marketing, sourcing, and fullling loan demand; and extensive use of data

and data management techniques in credit underwriting processes.

Marketplace lenders operate with a diversity of business models that can generally be characterized

by the asset classes and customer segments that they serve, the manner in which they access the

national market, and their funding and risk-management strategies.

233. The FTC maintains some residual consumer protection authority over nonbank entities.

234. Dodd-Frank granted authority for the Bureau to bring enforcement actions against certain consumer ﬁnancial

service providers for “unfair, deceptive, or abusive” acts. See Dodd-Frank § 1031(a) [12 U.S.C.§ 5531(a)];

see also Richard E. Gottlieb, Arthur B. Axelson, and Thomas M. Hanson, Consumer Financial Services Answer

Book, Practising Law Institute (2016); American Bankers Association, Consumer Lending, Seventh Edition

(2013) (discussing consumer laws impacting banking organizations).

235.

Hannah Levitt, Personal Loans Surge to a Record High, Bloomberg (July 3, 2018), available at: https://www.

bloomberg.com/news/articles/2018-07-03/personal-loans-surge-to-a-record-as-ﬁntech-ﬁrms-lead-the-way

(analyzing data from TransUnion).

236. Karen Gordon Mills and Brayden McCarthy, The State of Small Business Lending: Innovation and Technology

and the Implications for Regulation, Harvard Business School Working Paper 17-042 (2016), at 48, available at:

https://www.hbs.edu/faculty/Publication%20Files/17-042_30393d52-3c61-41cb-a78a-ebbe3e040e55.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

Target Product Segments

e focus of marketplace lenders has primarily been the provision of unsecured credit to individuals

(primarily utilized for the purpose of debt consolidation) and working capital to small businesses.

However, business models are constantly evolving, and rms are beginning to expand into other

product segments.

• Unsecured Consumer. Consumers access unsecured credit to pay down credit card or

other debt, nance an online purchase, or manage variable expenses. A typical unsecured

consumer loan in this market has a balance of $14,000, an annual interest rate of 14.7%,

and a 4-year term.

237

• Small-Dollar Consumer Lending. A subset of unsecured consumer lenders focus on

loans with shorter terms and higher interest rates that typically exceed a 36% annual

percentage rate (APR), which is a widely used rate cap.

238

ese loans typically have lower

balances, below-average credit characteristics, and can be viewed as an alternative to

other forms of lending, such as payday lending. ese products serve a unique niche of

consumers that may not have many alternatives to high-priced credit.

• Student. Student lenders primarily focus on renancing traditional federal and private

student loan debt with unsecured installment debt, generally focused on borrowers with

prime FICO scores and several years of employment history who can qualify for lower

rates (generally ranging from 3-7%).

• Small Business. Small business loans are typically less than $500,000, with APRs that

may average 7-48% and terms that range from six months to three years.

239

• Auto Finance. is segment focuses on the $1.1 trillion auto loan industry, which

accounts for approximately 30% of nonmortgage consumer debt, and has been facili-

tated by the trend of migration of nancing away from captive nance subsidiaries of

manufacturers.

240

National Lending Business Model Strategies

Marketplace lenders currently lend to customers across the country through two primary models:

(a) a bank partnership model in which a bank originates the loan, which is generally sourced and

serviced by the marketplace lender and funded in a variety of manners; and (b) a direct lender

model in which the marketplace lender acquires the applicable regulatory licenses in each U.S.

2 37. Testimony of Nathaniel L. Hoopes, Marketplace Lending Association, before the House Financial Services

Committee (Jan. 30, 2018), at 3-4, available at: https://ﬁnancialservices.house.gov/uploadedﬁles/hhrg-115-

ba15-wstate-nhoopes-20180130.pdf.

238.

The 36% rate cap for low-balance consumer lending emerged in the ﬁrst half of the twentieth century in the

United States and still exists today as a statutory maximum in many states. For additional information, see

Lauren K. Saunders, National Consumer Law Center, Why 36%? The History, Use, and Purpose of the 36%

Rate Cap (Apr. 2013), available at: https://www.nclc.org/images/pdf/pr-reports/why36pct.pdf.

239. S&P Global Market Intelligence, 2017 U.S. Digital Lending Landscape, at 5-6 and company disclosures from

Credibly, Kabbage, and OnDeck.

240.

Financial Technology Partners, Auto Fintech – The Emerging Fintech Ecosystem Surrounding the Auto

Industry (Dec. 2017), available at https://www.ftpartners.com/ﬁntech-research/auto-ﬁntech.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

state in which it intends to do business. Under the bank partnership model, where, for example,

a bank originates a loan and contracts with a marketplace lender to service the loan for the bank,

federal law allows the bank, and federal jurisprudence allows the marketplace lender servicing the

loan, to charge interest at the rate allowed by the laws of the state where the bank is located, even if

the rate is higher than the rate allowed under the laws of the state where the loan is made.

241

Firms

whose target loan products are at less of a risk of exceeding state usury limits, such as high-quality

unsecured consumer installment loans, may nd the direct licensing model relatively attractive.

Other Business Model Features

Firms are dierentiating themselves along other key dimensions from those cited earlier, including:

• Credit Risk. e predominant business model for marketplace lenders is an “originate

to distribute” approach where there is limited long-term balance sheet retention of loans

that they originate. is is similar to the business model of many traditional nonbank

nance companies, such as independent mortgage bankers, that have consistently relied

on securitization to fund their loan production. Most lenders, however, will retain servic-

ing obligations on the outstanding loans — collecting payments from borrowers, remit-

ting payments to creditors, and handling loss mitigation. Some rms may participate in

the ongoing credit risk exposure by retaining a share of loans (or some proportional share

of credit risk). is can arise from Dodd-Frank risk-retention requirements

242

or to better

align interests with investing partners through a “skin-in-the-game” approach.

• Funding Strategy. Initially, marketplace lenders adopted a “peer-to-peer” funding model

where individual loans were funded on digital platforms with individual investors, or

“peers,” providing the majority of the capital. However, these distribution methods have

evolved and now include a wide variety of both retail and institutional sources. While

some rms have publicly traded equity, many are privately held. Marketplace lenders

have a range of funding structures with a diverse set of investors such as banks, tradi-

tional asset managers, hedge funds, family oces, and high net worth individuals.

• Credit Underwriting Models. Nearly all marketplace lenders are built around online

digital platforms designed to deliver rapid credit decisions. Some rms report the use

of advanced analytical tools, such as machine learning, and various data sources such as

bank transaction data, which includes real-time data linked from borrower accounts,

model-based income estimates, and social media. An important element of underwriting

for marketplace lenders is their use of aggregated data from third-party rms. Finally,

many of the rms have departed from the strict use of credit ratings in favor of more

data-driven techniques to drive their credit decision-making.

Industry Growth

e growth of marketplace lending volumes and the corresponding securitization market has been

on a strong upward trajectory since at least 2013. Estimates for cumulative loans originated since

241. See 12 U.S.C. § 85; Madden v. Midland Funding, LLC, 786 F.3d 246, 250-253 (2d Cir. 2015), cert. denied,

136 S. Ct. 2505 (2016).

242.

See 15 U.S.C. § 78o-11.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

2014 total almost $100 billion, according to industry data sources.

243

Of this amount, unsecured

consumer lending is the largest category, amounting to about 50% of the total.

244

e securiti-

zation market for loans originated by marketplace lenders has similarly remained robust since

securitization of this type of credit began to scale up in 2013.

In the rst half of 2016, questions about the fragility of the funding model and the potential for

conicts of interest between investors and marketplace lenders led to a brief downturn in industry

volumes. Since then, rms within the industry have worked to improve standards for their business

models. In addition, better relationships with investors have allowed for concerns related to how

loan characteristics are disclosed and how loans are allocated to investors to be addressed.

Figure 11: Market Growth of Marketplace Lending ($ billions

)

Source: S&P Global Market Intelligence for originations and PeerIQ for securitisation volumes. Each methodology is based on a

different subset of marketplace lenders.

20152014 20172016

201520142013 20172016

Annual originations Annual securitization volumes

Small business

Student

Unsecured

consumer

Access to Credit

Early evidence indicates that these new lending channels have provided opportunities to expand

credit to underserved segments. For example, a July 2017 study

245

found that new marketplace

lenders have tended to expand credit in areas where bank branches have been on the decline.

Moreover, this same study found that borrowers with similar credit risk proles could obtain more

favorably priced credit than alternatives such as credit cards. e study also found some evidence

that the use of alternative credit data in this space allowed consumers with weaker traditional credit

proles to access credit. is study used data from the largest marketplace lender, Lending Club,

and covered loans originated between 2007 and 2016.

243. S&P Global Market Intelligence, 2017 U.S. Digital Lending Landscape.

244.

Id.

245. Julapa Jagtiani and Catharine Lemieux, Fintech Lending: Financial Inclusion, Risk Pricing, and Alternative

Information, Federal Reserve Bank of Philadelphia Working Paper 17-17 (2017), at 9-12, available at: https://

www.philadelphiafed.org/-/media/research-and-data/publications/working-papers/2017/wp17-17.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

e conclusions of this study, while preliminary, are not entirely unexpected given that the primary

purpose of many marketplace loans is to renance higher rate debt into less expensive debt. A

number of marketplace lenders are specically aiming to build underwriting models designed to

achieve better results through providing lower priced credit for a given traditional FICO score.

However, with only a few years of credit performance, these credit models have yet to be tested in

various macroeconomic environments that would include either higher interest rates or a general

economic downturn. Traditional nancial institutions, including banks, have also begun sourcing

deposits and extending credit through technology-enabled web platforms instead of utilizing their

traditional brick-and-mortar footprint.

Regulation and Supervision of Marketplace Lenders

Marketplace lenders may be supervised or overseen by federal and state agencies, directly or indirectly,

depending on whether they utilize the bank partnership model or the direct lending model. Under

the direct lending model, marketplace lenders must have licenses in most states where they do busi-

ness and are subject to oversight in those states. Marketplace lenders that partner with banks may be

subject to regulation and examination by federal banking regulators because they may be considered

third-party service providers to a regulated banking entity

246

and by virtue of guidance pertaining to

vendor management. Marketplace lenders that use the bank partnership model may remain subject

to various state requirements, depending on the approaches used by state regulators.

All lenders, including banks and marketplace lenders, are subject to federal regulation in areas such

as consumer protection, anti-money laundering, and securitization.

• Consumer Protections: For consumer lenders, a number of federal and state consumer

protection requirements may apply, including the Truth in Lending Act, anti-discrimi-

nation requirements under the Equal Credit Opportunity Act, and provisions governing

electronic transfers under the Electronic Funds Transfer Act. Marketplace lenders

may also be subject to regulation under the Fair Credit Reporting Act, the Fair Debt

Collection Practices Act, and other laws.

• Anti-Money Laundering: Marketplace lenders may have legal obligations to comply with

the Bank Secrecy Act (BSA).

• Securitization: To the extent that marketplace lenders engage in securitization and oer

those securities to the public, they may be subject to requirements under the Securities

Act of 1933. ese marketplace lenders must register the securities with the SEC, unless

an exemption applies, and may be subject to risk-retention requirements.

Marketplace lenders, however, are not subject to numerous regulations that apply to banks,

ranging from Community Reinvestment Act (CRA) requirements to prudential standards

such as capital and liquidity requirements, deposit insurance requirements and assessments,

resolution-planning requirements, and prompt corrective action requirements. ese dierences

in regulation illustrate the challenge in determining an appropriate regulatory environment

across providers of nancial services.

246. See 12 U.S.C. § 1867(c)(1).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

Issues and Recommendations

Key Considerations for the Bank Partnership Model

Some state regulators and consumer groups have expressed concern that the bank partnership

model can harm consumers by allowing partnering rms to bypass state-based usury limits and

other state requirements. Advocates note that some lenders operate with high-APR business mod-

els and oer loans whose APRs can exceed 100%, when fees are included.

247

Beyond enabling

high-APR products, advocates note that in the past, such third-party partnerships have enabled

some deceptive practices.

248

Today’s marketplace lenders, however, generally compete on the basis of providing a more aordable

cost of credit (e.g., renancing credit card and other debts) and an enhanced consumer experience.

Many of these consumer-facing lenders generally operate below a 36% APR threshold and have

stated that they would welcome a 36% APR cap for consumer lending, including loans originated

through bank partnership arrangements.

249

Federal banking regulators are also paying closer atten-

tion to third-party service provider relationships, specically lending arrangements, which should

reduce the risk of potential abuse witnessed in past partnership arrangements.

Concerns about potentially harmful consumer lending practices also need to be considered

against the possible benets that such bank partnership relationships can provide to underserved

borrower segments. Traditional lenders often provide lending experiences that are slower (e.g.,

because of extended wait times for credit decisions) and dicult due to cumbersome application

and fullling processes. Many lenders may also not adequately serve certain lending segments,

like smaller-balance, small business, or unsecured consumer borrowers with less-established

credit histories.

Appropriately designed lending partnerships can leverage advantages from both banks and ntechs

to improve upon the currently provided products. A recent study stated that 71% of banks were

interested in partnering with a third-party digital platform for consumer loan origination and

nearly 80% of banks were interested in using technology to support their small business lending.

250

For example, in the small-dollar lending segment, there appears to be market demand for banks to

engage further in these markets

251

, as their cost of capital could be used to deliver products that are

very competitive with rates charged by nonbank payday lenders.

2 47. Letter from the National Consumer Law Center et al. to the Federal Deposit Insurance Corporation, Re:

Comments on Proposed Financial Institutions Letter (FIL) 50-2106: Third-Party Lending (May 2017), available

at: https://www.nclc.org/images/pdf/rulemaking/comments-fdic-3rdparty-lending.pdf.

248. For example, the OCC took action in 2003 to address deceptive credit card programs marketed through a

third-party vendor. Ofﬁce of the Comptroller of the Currency, News Release – OCC Concludes Case Against

First National Bank in Brookings Involving Payday Lending, Unsafe Merchant Processing, and Deceptive

Marketing of Credit Cards (Jan. 21, 2003), available at: https://www.occ.treas.gov/news-issuances/news-

releases/2003/nr-occ-2003-3.html.

249.

Marketplace Lending Association, Submission to the U.S. Department of the Treasury (May 2018).

250.

American Bankers Association, The State of Digital Lending (Jan. 2018), available at: https://www.aba.com/

Products/Endorsed/Documents/ABADigitalLending-Report.pdf.

251.

Pew Charitable Trusts, Americans Want Payday Loan Reform, Support Lower-Cost Bank Loans

(Apr. 2017), available at: http://www.pewtrusts.org/en/research-and-analysis/issue-briefs/2017/04/

americans-want-payday-loan-reform-support-lower-cost-bank-loans.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

Treasury recognizes that these existing bank partnership arrangements have generally enhanced

the provision of credit to consumers and small businesses. Treasury makes the following specic

recommendations to address constraints that would unnecessarily limit the prudent operation of

partnerships between banks and marketplace lenders.

Valid-When-Made/Madden v. Midland

Several legal issues have presented risks to the bank partnership model used by marketplace lend-

ers. Specically, in Madden v. Midland Funding, LLC, the Second Circuit held, in part, that the

National Bank Act (NBA), which preempts state usury laws with respect to the interest a national

bank may charge on a loan, did not preempt state-law usury claims against a third-party debt col-

lector that had purchased the loan.

252

In its ruling, the court did not refer to the “valid when made”

common law doctrine, which provides that a loan contract that is valid when it was made cannot

be invalidated by any subsequent transfer to a third party. In an amicus brief at the certiorari

stage, the United States took the view that the court of appeals “erred in holding that state usury

laws may validly prohibit a national bank’s assignee from enforcing the interest-rate term of a

debt agreement that was valid” when made under the applicable state law.

253

e Supreme Court

declined to hear the case.

Because of Madden, the ability of nondepository third parties (e.g., marketplace lenders) to collect

debts originated by depository institutions in reliance upon federal preemption of state usury law

limits could be limited in the Second Circuit, ultimately restricting access to credit. In particular,

unsecured consumer credit could be diminished because nonbank rms such as marketplace lend-

ers may be discouraged from purchasing and attempting to collect on, sell, or securitize loans made

in these states because of the risk of litigation asserting violations of state usury laws. One study

of the impact of the Madden decision showed an observable relative decline in the growth of such

loans in two states within the jurisdiction of the Second Circuit (New York and Connecticut),

254

compared to loans originated outside the Second Circuit.

255

If adopted more broadly, the rule

announced in Madden could have broader implications well beyond marketplace lenders. Other

credit markets that could be aected include bank/loan intermediary partnerships, debt collection

activities, loan securitization activities, and simple loan transfers.

256

In response to Madden, some

lenders are changing their lending and securitization activities by, for example, excluding loans

from Second Circuit states in their pools altogether.

257

252. See Madden, 786 F.3d at 249-53.

253.

Am. Brief of the United States, Midland Funding, LLC, No. 15-610 (2016) (opposing certiorari). Although the

United States argued that the Second Circuit erred, the government recommended that the petition for certio-

rari should be denied due to lack of a circuit split.

254. The Second Circuit encompasses New York, Vermont, and Connecticut.

255. Colleen Honigsberg, Robert J. Jackson, Jr., and Richard Squire, How Does Legal Enforceability Affect

Consumer Lending? Evidence from a Natural Experiment, 60 J. L. & Econ. 673 (Nov. 2017).

256.

The Curious Case of Madden v. Midland Funding and the Survival of the Valid-When-Made Doctrine, The Free

Library. 21 N.C. Banking Inst. 1 (2017).

2 57.

Honigsberg, Jackson, and Squire.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

Recommendations

Treasuryrecommends that Congress codify the “valid when made” doctrine to preserve the func-

tioning of U.S. credit markets and thelongstandingability of banks and other nancial institu-

tions, including marketplace lenders, to buy and sell validly made loans without the risk of coming

into conict with state interest-rate limits.Additionally, the federal banking regulators should use

their available authorities to address challenges posed by Madden.

True Lender

Recent court decisions have exposed bank partnership models to uncertainty regarding whether

the bank or nonbank partner is the “true lender” in providing credit.

258

Some of these decisions

have deemed the nonbank partner as the true lender,

259

which subjects the nonbank partner to a

range of state-based requirements including interest rate limits and licensing requirements.

e result of these decisions is a variety of standards for determining which entity is the true lender,

leading to market uncertainties that harm the viability of the bank partnership model. For example,

one court applied a “predominant economic interest” standard, under which the court analyzed

the “totality of the circumstances to determine which entity had the predominant economic inter-

est” in the loan.

260

However, compliance with such a standard on an ex-ante basis could be dicult

because of nuances in how a court might determine the predominant economic interest. Firms

enter into partnership arrangements in which they negotiate a range of terms and conditions based

upon a variety of market, economic, and other considerations. e uncertainties created by these

court cases create pressure to alter these partnership arrangements based upon nonmarket factors.

Some marketplace lenders, for example, have already restructured their economic relationships

with partnering banks to better account for the risks presented by these court cases. A fragmented

legal structure creates an inecient regulatory framework and signicant compliance challenges

for the bank partnership model.

FDIC’s Proposed Third-Party Lending Guidance

e FDIC published a letter on July 29, 2016, seeking comment on proposed guidance on

third-party lending,

261

which was generally regarded as a response to the rise of online market-

place lenders establishing “bank partnership” funding models.

e proposed guidance would supplement and expand upon the principles outlined in the

FDIC’s existing guidance for managing third-party risk by establishing specic expectations

258. See, e.g., CashCall, Inc. v. Morrisey, No. 12-1274, 2014 W. Va. LEXIS 587, at *39-44 (W. Va. May 30, 2014).

259.

See id.

260. See id.

261. Federal Deposit Insurance Corporation, FDIC Seeking Comment on Proposed Guidance for Third-Party

Lending, FIL-50-2016 (July 29, 2016), available at: https://www.fdic.gov/news/news/ﬁnancial/2016/

ﬁl16050.html. Financial Institution Letter 50-2016 is an unﬁnished proposal on third party lending from the

FDIC.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

for third-party lending arrangements.

262

For FDIC-supervised institutions that engage in

signicant lending activities through third parties, the proposal suggested increased super-

visory attention, including a 12-month examination cycle, concurrent risk management and

consumer protection examinations, osite monitoring, and possible review of third parties on

an ongoing basis.

Many marketplace lenders welcomed the FDIC’s proposed guidance, as it would help arm

the validity of such bank partnerships by providing some federal supervision. Smaller banks

note that such third-party lending guidance could also improve their ability to partner with

ntech lenders. Banks more generally have raised concerns with the proposed guidance, such

as with (1) the breadth of the proposed denitions of third-party lending, and (2) the potential

for inconsistencies between banks where FDIC is the primary federal regulator and other types

of banks because the FDIC would be the only regulator issuing such guidance.

263

Recommendations

Treasury recommends that Congress codify that the existence of a service or economic relationship

between a bank and a third party (including nancial technology companies) does not aect the

role of the bank as the true lender of loans it makes. Further, federal banking regulators should also

rearm (through additional clarication of applicable compliance and risk-management require-

ments, for example) that the bank remains the true lender under such partnership arrangements.

Credit Services

An area of growing legal complexity for the bank partnership model is the provision of additional

credit services. Some states apply licensing obligations to parties that are oering to arrange bank

loans. In CashCall, Inc. v. Maryland Commissioner of Financial Regulation, the Maryland Court of

Appeals ruled that CashCall, a payday loan broker, could not oer to arrange loans for Maryland

residents for a fee without obtaining a license under the Maryland Credit Services Business Act

(MCSBA).

264

In addition to requiring a license, the MCSBA prohibits a credit service business from

assisting a consumer in obtaining a loan that exceeds the state’s usury rate.

265

e MCSBA denes

a “credit services business” to include any entity that obtains or assists a consumer in obtaining an

extension of credit “in return for the payment of money or other valuable consideration,”

266

which the

court interpreted to apply to the nonbank

267

In a similar case in West Virginia, an online marketplace

262. The proposed guidance deﬁnes third-party lending as “a lending arrangement that relies on a third party to per-

form a signiﬁcant aspect of the lending process.” This is likely to include relationships with many online market-

place lenders. Further, the proposed guidance deﬁnes “signiﬁcant” third-party lending arrangements as those,

for example, that have a material impact on revenues, expenses, or capital; involve large lending volumes in rela-

tion to the bank’s balance sheet; involve multiple third parties; or present material risk of consumer harm.

263.

American Bankers Association, Comment Letter Re: FIL-50-2016: FDIC Seeking Comment on Proposed

Guidance for Third-Party Lending (Oct. 26, 2016), available at: https://www.aba.com/Advocacy/commentlet-

ters/Documents/ABACommentLetterFDICProposedThirdPartyLendingGuidance.pdf.

264. CashCall, Inc. v. Maryland Commissioner of Financial Regulation, 139 A.3d 990, 1004-06 (Md. 2016).

265.

Md. Code Com. Law § 14-1902(9).

266. Md. Code Com. Law § 14-1901(e).

2 67. CashCall, 139 A.3d at 1000.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

lender entered into a settlement agreement with the West Virginia Attorney General for failing to

obtain a credit service license and charging rates higher than permitted under state law.

268

Since more than three-quarters of the states have a credit services organization law, these cases

create legal uncertainty for the bank partnership model.

269

Instead of focusing on whether the

nonbank is the true lender or whether the loan was valid when made by the bank, these cases

inhibit the ability of the nonbank to partner with a bank.

Recommendations

Treasury recognizes the role of state laws and oversight in protecting consumers, but such state

regulation should not occur in a manner that hinders bank partnership models already operating

in a safe and sound manner with appropriate consumer protections. Treasury recommends that

states revise credit services laws to exclude businesses that solicit, market, or originate loans on

behalf of a federal depository institution pursuant to a partnership agreement.

Mortgage Lending and Servicing

Overview

In the Banking Report, Treasury highlighted the steep increases in the cost to originate and service

a mortgage loan as evidence of the burden of post-crisis mortgage regulation.

270

Treasury found

that new regulations, combined with the use of enforcement actions, were eectively imposing

a regulatory tax on the mortgage marketplace by requiring lenders to hold additional liability

reserves and add compliance personnel, if not exit certain markets altogether. In response, Treasury

oered recommendations to recalibrate and clarify rules where they were unnecessarily raising the

cost and restricting access to mortgage credit.

271

Concurrent with, and partially driven by, the introduction of the post-crisis regulatory regime,

the primary mortgage market experienced a fundamental shift in composition and concentration.

Traditional, deposit-based lender-servicers have ceded signicant market share to specialty, nonde-

pository mortgage lender-servicers, often referred to as nonbanks or independent mortgage banks,

that are licensed and regulated for safety and soundness at the state level. In 2007, these mortgage

banks originated just over 20% of all new single-family, rst-lien mortgages and comprised 4 of

the top 20 lenders.

272

By 2016, nondepository lenders accounted for just under half of new loans

and 12 of the top 20 lenders.

273

268. Chris Dickerson, Morrisey’s Ofﬁce Reaches $336K Settlement with Avant

Online Lender, W.V. Record (June 6, 2016), available at: https://wvrecord.com/

stories/510785558-morrisey-s-ofﬁce-reaches-336k-settlement-with-avant-online-lender.

269. Mike Whalen, Goodwin Procter LLP, Bank Partnership Or Go It Alone? (Aug. 23, 2016), available at: https://

www.goodwinlaw.com/publications/2016/08/08_23_16-bank-partnership-or-go-it-alone.

270.

The Banking Report, at 92-102.

271. Id.

272. SNL and Home Mortgage Disclosure Act (HMDA) data.

273. Id.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

e growth of nonbank mortgage lenders and servicers has been facilitated by and is dependent on

reliable access to the secondary mortgage market, mainly through federally supported securitization

programs operated by the GSEs and Ginnie Mae. e increased market presence of nonbanks is

evident in the share of originations delivered through these federally supported secondary market

channels, with the nonbank share more than tripling between 2007 and 2016 to approximately

50% and 70% at the GSEs and Ginnie Mae, respectively.

274

100

Figure 12: Depository v. Nondepository

Share of All Mortgage Originations

(percent)

Source: Home Mortgage Disclosure Act and Office of

Financial Research analysis.

Nondepository

Depository

2012 2014 20162008 2010

100

Figure 13: Nondepository Share of

Mortgage Volume (percent)

Ginnie Mae

GSEs

2012 2014 20162008 2010

Many of these nonbank lenders have also been early adopters of nancial technology innovations

that speed up and simplify loan application and approval at the front end of the mortgage origina-

tion process.

275

Metrics associated with the loan origination process highlight the degree to which

speed and cost-saving enhancements are possible, with average closing timelines stretching well

beyond a month and requiring hours of costly, labor-intensive processes even as digitized, auto-

mated technology exists to mitigate these challenges. Research examining the impact of nancial

technology on mortgage origination is limited given the nascent state of adoption; however, early

evidence suggests positive impacts from the use of automated, digital processes, with a recent study

274. HMDA and Ofﬁce of Financial Research analysis.

275. Marshall Lux and Robert Greene, What’s Behind the Non-Bank Mortgage Boom?, Harvard Kennedy School

M-RCBG Associate Working Paper Series No. 42 (June 2015), available at: https://www.hks.harvard.edu/sites/

default/ﬁles/centers/mrcbg/working.papers/42_Nonbank_Boom_Lux_Greene.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

nding that a digital front-end loan application shortened closing timelines by ten days or 20% of

processing time without increasing default risk.

276

While the growth of nondepository mortgage lenders and servicers has been supported by their

early adoption of nancial technology relative to their depository peers and access to the second-

ary mortgage market, nondepositories have also benetted from the outright departure of many

large depositories from certain segments of the mortgage market. is departure is concentrated

in one of the key post-crisis channels to mortgage credit — the government-insured mortgage.

Depositories have exited this market due to multiple factors that have unnecessarily raised the cost

of engaging in this line of business, including substantial liability associated with the False Claims

Act (FCA) and costly default servicing.

277

Policymakers have an important role to play in the evolution of the mortgage lending and servic-

ing marketplace by addressing regulatory challenges that discourage broad market participation

and inhibit the adoption of benecial technological developments. In its review of the impact of

nancial technology, innovation, and nonbanks on the mortgage market, Treasury has made the

following ndings:

• e adoption of nancial technology and digital mortgage capabilities has the potential

to improve the customer experience, shorten origination timelines, and deliver a more

reliable, lower cost mortgage product;

• Current limitations on the acceptance of electronic mortgage promissory notes by key

market participants limits the wider use and adoption of this technology, along with its

attendant benets for consumers and the marketplace;

• e mortgage production process is unnecessarily time intensive, with certain com-

ponents prone to delays, which potentially could be relieved through policy changes

conducive to further adoption of time- and cost-saving technology;

• State-level policy and regulatory dierences across key components of the mortgage

lifecycle create compliance uncertainty for lenders and servicers, increase costs, and

inhibit the wider adoption of experience- and process-enhancing innovations;

• e use of the FCA to impose civil liability for violations of mortgage origination and

servicing requirements has likely contributed to the exit of traditional commercial lenders

from federal mortgage programs, raising the cost and limiting borrower access to mort-

gage credit for federally insured or guaranteed loans;

• Dierences across loss mitigation programs and processes for federally supported

mortgages, including those guaranteed or insured by the GSEs, Federal Housing

Administration (FHA), U.S. Department of Veterans Aairs (VA), and U.S. Department

of Agriculture (USDA), have the potential to negatively impact borrowers during periods

276. See Fuster et al., at 2.

277. See Neil Bhutta, Steven Laufer, and Daniel R. Ringo, Board of Governors of the Federal Reserve System, The

Decline in Lending to Lower-Income Borrowers by the Biggest Banks, FEDS Notes (Sept. 28, 2017), available

at: https://www.federalreserve.gov/econres/notes/feds-notes/the-decline-in-lending-to-lower-income-borrow-

ers-by-the-biggest-banks-20170928.htm.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

of nancial hardship and could slow loss-mitigation responses during a subsequent

period of sustained nancial stress; and

• Federally supported mortgage programs exposed to nonbank counterparty credit risk could

benet from increased transparency into these counterparties’ nancial condition through

greater standardization and reporting of key enterprise business and nancial metrics.

Mortgage Lending and the Digital Mortgage

Originating a mortgage loan requires a multitude of interactions across counterparties, vendors,

intermediaries, investors, settlement agents, service and data providers, and, most importantly, the

borrower. Navigating this process can be frustrating for the housing nance industry as well as for

borrowers at the point of origination and over the life of the loan.

Lenders typically manage mortgage loan production through a proprietary or third-party loan

origination system, which acts as a system of record for the origination process, helps sequence

workow, and integrates with vendor services. In some instances, services are required by law —

such as property appraisals for depository institutions.

278

In other cases, the requirements of federal

insurance and guaranty programs, federally supported secondary market securitization programs,

and the Federal Home Loan Banks (FHLBs) set de facto industry standards. ese standards are

particularly important for originators dependent on the liquidity and reliable access to the second-

ary market provided through these programs.

Across credit markets, technological advances — including the development of machine learning,

database capabilities, and the implementation of more automated processes — are changing the

manner, speed, and security of transactions. e use of information technology in the mortgage

market has existed for decades; however, the industry has been slow to adopt innovations common

in other consumer credit markets. While there is growing use of digital platforms for borrowers to

shop and apply for a mortgage online, further digitization of the origination process beyond this

rst step, including through the use of electronic notes, closings, and recordings, remains limited.

Where the use of electronic les has occurred, it has often been by incorporating scanned images

of paper documents as opposed to developing fully digital les.

279

However, the application of

nancial technology in the mortgage market is accelerating, challenging existing norms as the

industry transitions toward automated, digital practices and processes that appeal to customer

demands in today’s digital age.

Both depository and nondepository lenders are increasingly moving toward a digital front-end,

either through proprietary platforms or commercially available products, as evidenced by increased

borrower use in recent years. According to a 2017 survey conducted by J.D. Power, the num-

ber of borrowers utilizing the initial component of a digital front-end by submitting a mortgage

278. See e.g., 12 C.F.R. § 323.3.

279. See Margo H.K. Tank and R. David Whitaker, DLA Piper LLP, Enabled by Lenders, Embraced by Borrowers,

Enforced by the Courts: What You Need to Know About eNotes (updated as of May 1, 2018), at 1, available

at: https://www.mersinc.org/media-room-docman/1419-enote-white-paper-ﬁnal-09062017/ﬁle.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

application online increased from 28% in 2016 to 43% in 2017.

280

Fewer lenders at present have

the capability to complete the digital front-end, instead using a digital application to trigger refer-

ral to a loan ocer to continue the process in a more traditional paper-based, as opposed to fully

digital, fashion.

281

e capabilities to support a digital back-end mortgage process are even less developed. is stage

comprises the more time- and labor-intensive portion of the production timeline and encompasses

originator-driven activities from processing through loan closing, vendor services such as property

appraisal and title insurance, and, ultimately, funding and sale into the secondary market. Further

development of, and integration with, digital capabilities across the back-end of the process is

integral to the ability for lenders to oer an end-to-end digital mortgage product. At present, this

integration is challenged by disparate rules and non-uniform recognition of electronic and remote

online notarizations, reticence by some county land-recording oces to accept digital property

and security records, and still-developing industry capabilities to accommodate new technologies.

Challenges with Default Servicing, Loss Mitigation, and Foreclosure Practices

Post-crisis servicing rules administered by the Bureau have introduced a national standard for how

delinquent loans are serviced; however, there remains signicant dierences in the loss mitigation

products – such as loan modications, short sales, and deeds-in-lieu of foreclosure – that are

oered to delinquent borrowers. Generally, loss mitigation options made available to borrowers are

established by the party most at risk for credit losses should the loan ultimately fail. In addition,

loss mitigation options are inuenced by other factors such as whether or not the loan is securitized

and the requirements of the securitization program. Borrower and loan characteristics, as well as

the level of market interest rates in relation to the borrower’s current mortgage rate may also factor

into the choice of an appropriate loss mitigation option. e fundamental dierences between

private investors, GSE guarantees, and government mortgage insurance programs result in a lack

of standardization, which poses additional challenges for servicers when pursuing troubled loan

workouts across servicing portfolios.

282

is inconsistency both directly impacts borrowers, who

lack control over which entities purchase or service their loan, and ultimately dictates whether, and

what type of, workout option is available in the event of nancial hardship.

Servicers are additionally challenged by a lack of standardization in state-level foreclosure pro-

cesses. Mortgage foreclosure processes are largely dictated by state law, which varies across the

country. While some states have established statutory processes that permit a trustee to foreclose

outside of court review, many other states require mediation and subject a foreclosure judgment to

court review and approval, sometimes delaying the foreclosure process by years without improving

borrower outcomes.

280. See J.D. Power, Press Release – Despite a Rise in Use of Digital, Mortgage Customer Satisfaction

Declines, J.D. Power Finds (Nov. 9, 2017), available at: http://www.jdpower.com/press-releases/

jd-power-2017-us-primary-mortgage-origination-satisfaction-study.

281. See Fuster et al., at 9.

282. See Laurie Goodman et al., Government Loan Modiﬁcations: What Happens When Interest Rates Rise (Jan.

2018), available at: https://www.urban.org/sites/default/ﬁles/publication/95671/government-loan-modiﬁca-

tions_2.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

100

For national mortgage servicers, managing to these unique requirements creates added costs when

an aligned standard could deliver equally eective, or improved, outcomes for participants. In the

face of these challenges, servicers may allocate resources to compliance as opposed to developing

more eective mortgage-servicing platforms and deploying technology that would improve the

borrower experience, particularly for those borrowers in default.

Issues and Recommendations

Electronic Mortgage Notes

e negotiable promissory note between lender and borrower is central to the mortgage origination

process and establishes the borrower’s obligation to repay the lender for funds lent to purchase or

renance a home. At present, the vast majority of promissory notes are paper-based, “wet signed”

by lender and borrower, and subsequently physically stored and transmitted. A fully electronic

mortgage note, often referred to as an eNote, is an electronic version of the negotiable promissory

note that is digitally signed and electronically transmitted and stored. e eNote forms the main

digital component of an electronic mortgage, or eMortgage, which comprises a full end-to-end

mortgage transaction that can be completed entirely through digital means.

Digital mortgage notes have a clear statutory basis in the Electronic Signatures in Global and

National Commerce Act of 2000 (ESIGN), which recognized the legal validity of signatures

and records executed with an electronic stamp as opposed to a wet signature on paper,

283

and

in the 1999 Uniform Electronic Transactions Act (UETA), by which the National Conference

of Commissioners on Uniform State Laws proposed uniform rules for state adoption of laws

283. 15 U.S.C. §§ 7001-7031.

Pre-closing eClosing

Prepare

eDocuments

Review and

prepare

eDocuments

at close

Review

eDocuments

before close

eSign

eDocuments

eRecording

Manage

eClosing

Receive

eClosed

package

Lender eVault

MERS

eNote

eNotary

Figure 14: Illustrative eNote Process

Lender

Settlement

agent

Borrower

Loan approved

Source: Fannie Mae and Treasury.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

101

recognizing electronic records on an equal basis with paper ones.

284

Case law in the years since the

passage of these eCommerce laws has upheld the legal enforceability of digital mortgage notes.

285

eNotes require a digital promissory note to be electronically created, signed, secured, and registered,

with maintenance in an electronic registry, or eRegistry, of the party in control of the note and the

location of the authoritative copy of the registered note. Parties to an eNote, or their designated

document custodian, store their versions of the eNote in a secure digital vault referred to as an

eVault, with the location of the copy of record designated and maintained by the electronic registry

itself. e MERS® eRegistry is utilized as the industry standard registry service for complying with

the provisions of the eCommerce laws as a system of record for identifying the controller and loca-

tion of the authoritative copy of the eNote and is recognized as such in the text of the Note itself.

e framework, practices, and basis for eNotes is well established, even as adoption is limited.

Secondary market investors Fannie Mae and Freddie Mac have had guidelines in place for

approving a lender for and purchasing eNotes since the early 2000s. Primary market develop-

ment of eNote capabilities was likely sidelined by the nancial crisis and the subsequent wave

of post-crisis regulations, which required capital resources and process updates. Today, there

are 26 seller-servicers approved to deliver eNotes to the GSEs.

286

eNote deliveries represented

less than 1% of 2017 GSE acquisition volumes.

287

However, as illustrated by Figures 15 and

16, both the number of companies integrated with the MERS® eRegistry and the number of

eNotes registered on it has grown in recent years, consistent with the burgeoning interest in

and development of this capability.

284. See National Conference of Commissioners on Uniform State Laws, Uniform Electronic Transactions Act

(1999), available at: http://www.uniformlaws.org/shared/docs/electronic%20transactions/ueta_ﬁnal_99.pdf

285.

See Tank and Whitaker, at 9.

286. Data provided by the Federal Housing Finance Agency (FHFA).

2 87. Id.

Figure 15: Number of Companies

Active on the

MERS® eRegistry

Source: MERSCORP Holdings, Inc. Source: MERSCORP Holdings, Inc.

In MERS® eRegistry Pipeline

Integrated into MERS® eRegistry

2012 20142013 2016 2017 20182015

Figure 16: Cumulative Number of eNotes

Registered on the MERS® eRegistry

(thousands)

2012 20142013 2016 2017 20182015

100

150

200

250

300

350

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

102

Electronic promissory notes oer advantages over their analog versions that accrue to both the

mortgage industry and borrowers. e ability to digitally execute this component of the origina-

tion process aligns with broader industry migration to digital capabilities and oers convenience,

more ecient quality control, and, when integrated with a broader eMortgage solution, faster

origination timelines. More specically, eNotes are more readily transferred between holders as

they are bought and sold in the secondary market, they cost less to store and transmit than paper

notes, and they oer greater protection against unauthorized tampering, alteration, or loss.

Primary market development of the capability to originate eNotes represents one barrier to their

wider adoption. An additional reason for their limited use is their lack of acceptance by other key

secondary market participants. For federally insured mortgages from the FHA and VA, lenders

generally prefer to securitize and issue Ginnie Mae mortgage securities. However, Ginnie Mae

stated in an All Participant Memorandum in February 2014 that it was concerned with maintaining

the liquidity and negotiability of its pools and would not allow electronic signatures or electronic

documents on promissory notes, security instruments, or loan modication agreements.

288

recently, Ginnie Mae has stated its commitment to developing its digital capabilities, including the

eventual acceptance of digital promissory notes into its pools.

289

Both FHA and VA have accepted digital signatures on notes since 2014 and 2013, respective-

ly.

290

However, FHA in particular is challenged by an aging technology infrastructure that limits

its ability to process and store digital loan les, mitigating the use of eNotes or broader digital

mortgage les, and inhibiting lenders from oering this capability for government-supported

loans.

291

As loans insured or guaranteed by FHA and VA comprise nearly a quarter of new

originations, any limited functionality with regard to digital mortgage les acts as a barrier on

wider industry adoption.

e FHLBs’ lack of acceptance of eNotes represents an additional barrier to their further use.

e FHLBs’ primary business is providing secured advances to member institutions that support

mortgage lending activity. e FHLBs currently do not accept eNotes as eligible, pledged col-

lateral from their members for securing an advance.

292

While the FHLBs have expressed interest

moving toward the acceptance of eNotes, they have identied two primary issues to address: (1)

the current limited depth of a secondary market for eNotes; and (2) the appropriate representation

for the FHLBs in the MERS® eRegistry where they have an interest in, but are not the owner of,

eNotes as pledged collateral. In response to this concern, MERSCORP Holdings, Inc., is pursuing

288. Ginnie Mae, All Participant Memorandum 14-01: Electronic Notes and Mortgages (Feb. 27, 2014), available at:

https://www.ginniemae.gov/issuers/program_guidelines/Pages/mbsguideapmslibdisppage.aspx?ParamID=24.

289.

Ginnie Mae, Ginnie Mae 2020 (June 2018), available at: https://www.ginniemae.gov/newsroom/publications/

Documents/ginniemae_2020.pdf.

290.

U.S. Department of Housing and Urban Development, Electronic Signatures, Mortgagee Letter 2014-03 (Jan.

30, 2014), available at: https://www.hud.gov/sites/documents/14-03ML.PDF; Veterans Beneﬁts Administration,

Use of Electronic Signatures in Conjunction with Department of Veterans Affairs (VA) Guaranteed Home

Loans, Circular 26-13-13 (Aug. 22, 2013), available at: https://www.beneﬁts.va.gov/homeloans/documents/cir-

culars/26_13_13.pdf.

291.

See FHA Annual Management Report: Fiscal Year 2017 (Nov. 27, 2017), available at: https://www.hud.gov/

sites/documents/FHAFY2017ANNUALMGMNTRPT.PDF.

292.

See Federal Home Loan Bank of Des Moines, Collateral Quarterly (Aug. 24, 2017), available at: https://mem-

bers.fhlbdm.com/media/cms/pages_fhlbdm_com_rs_171_ZQM_109_ima_09B7E4A798CA0.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

103

the addition of a new Secured Party eld to its eRegistry, which will enable certain parties, such

as FHLBs and warehouse lenders, to be more appropriately represented in alignment with their

position in the mortgage process today.

293

Recommendations

Treasury recommends that Ginnie Mae pursue acceptance of eNotes and supports the measures

outlined in its Ginnie Mae 2020 roadmap to more broadly develop its digital capabilities.

FHA is limited by its congressionally-appropriated budget but is in need of technology over-

hauls beyond the narrower discussion of digital mortgage capabilities. Treasury recommends

that Congress appropriate for FHA the funding it has requested for technology upgrades in the

President’s Fiscal Year 2019 Budget — a portion of which FHA would use to improve the digitiza-

tion of loan les.

294

In addition, FHA, VA, and USDA should explore the development of shared

technology platforms, including for certain origination and servicing activities.

Finally, Treasury recommends the FHLBs explore ways to address their concerns regarding eNotes

with the goal of accepting eNotes on collateral pledged to secure advances.

Appraisals

Property appraisal practices, including a perceived lack of appraiser independence from loan origi-

nators and insuciently stringent qualication requirements, were criticized in connection with

the housing bubble and subsequent collapse in home prices. In response, lawmakers and regulators

enacted changes to appraisal requirements that have fundamentally aected the appraisal industry.

In recent years, lenders and homebuyers have pointed to the appraisal component of the origina-

tion process as a frequent source of delays and a driver of extended closing timelines.

295

Concurrently, advances in nancial technology, particularly with regard to automated valuation

models (AVMs), have pushed appraisals in a new and innovative direction. e application of this

technology has already begun to disintermediate the traditional appraisal process and, notably,

has been adopted by both GSEs. e digitization of this component of the origination process,

facilitated through electronic property records, development of large databases capable of holding

millions of individual property records, and improvement of advanced valuation algorithms, holds

promise to lower cost and expedite closing timelines.

Property appraisal standards for federally related real-estate transactions are governed by Title

XI of the Financial Institutions Reform, Recovery, and Enforcement Act of 1989 (FIRREA).

296

In order to protect deposit insurance funds and to promote prudent lending, FIRREA assigned

to the Appraisal Subcommittee of the Federal Financial Institutions Examination Council the

293. This new ﬁeld, as described by MERSCORP Holdings, Inc., would represent the entity that has been assigned

or granted an interest in the eNote by the Controller.

294.

See U.S. Department of Housing and Urban Development, FY 2019 Congressional Justiﬁcation, at 26-1 to

26-7, available at: https://www.hud.gov/program_ofﬁces/cfo/reports/fy19_CJ.

295.

See National Association of Realtors, Realtors Conﬁdence Index Survey (Apr. 2018), at 7, available at: https://

www.nar.realtor/research-and-statistics/research-reports/realtors-conﬁdence-index.

296.

Public Law No. 101-73, Title XI [codiﬁed at 12 U.S.C. §§ 3331-3355].

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

104

responsibilities to monitor state-level appraiser standards and credentialing, maintain a national

registry of certied and licensed appraisers, and oversee the practices, procedures, and activities of

the Appraisal Foundation, among other duties.

297

FIRREA delegated to the Appraisal Foundation — a nonprot industry organization — author-

ity to set property valuation standards and minimum appraiser qualication requirements.

298

e Appraisal Foundation fullls this mandate through two independent boards – the Appraisal

Standards Board (ASB), which sets appraisal practices, and the Appraiser Qualications Board

(AQB), which establishes minimum state-level credentialing requirements.

299

ese standards are

binding for transactions by lenders subject to FIRREA, but are also used broadly throughout the

housing nance system, including by the FHA and the GSEs.

e ASB maintains the Uniform Standards of Professional Appraisal Practice (USPAP), which

sets ethical and professional standards for appraisers operating in the United States.

300

e AQB

dictates minimum qualication criteria, with credentials tiered into classications, with most real-

estate transactions requiring appraisal by either a state-licensed residential real property appraiser

or a state-certied real property appraiser, with each classication becoming progressively more

selective.

301

Until May 2018, to become a certied residential appraiser, an individual would need

to have completed a minimum four-year bachelor’s degree, while licensed appraisers were subject to

lesser college-level education requirements.

302

e AQB has recently implemented changes to ease

the education requirements by removing the college education requirement for licensed appraisers

and reducing the bachelor’s level requirement for certied appraisers.

303

e prudential banking regulators have, in the years since FIRREA’s enactment, established numer-

ous exemptions from the statutory appraisal requirement.

304

rough these Interagency Appraisal

and Evaluation Guidelines, nancial institutions subject to FIRREA may undertake a property

evaluation in lieu of an appraisal for prescribed transactions, including single-family residential

transactions where the market value is less than $250,000, commercial real estate transactions less

than $500,000, certain renancings, and where the transaction is guaranteed by or eligible for

guarantee by a U.S. government agency or government-sponsored agency.

305

2 97. 12 U.S.C. § 3332.

298. 12 U.S.C. §§ 3339, 3345.

299. See The Appraisal Foundation, available at: https://www.appraisalfoundation.org/imis/TAF/About_Us/TAF/

About_Us.aspx?hkey=52dedd0a-de2f-4e2d-9efb-51ec94884a91.

300.

See Appraisal Standards Board, 2018-2019 Uniform Standards of Professional Appraisal Practice (USPAP),

available at: http://www.uspap.org/ﬁles/assets/basic-html/page-1.html#.

301.

See The Appraisal Foundation, The Real Property Appraiser Qualiﬁcation Criteria (May 1, 2018), available at:

https://appraisalfoundation.shareﬁle.com/share/view/scbea7640298440aa.

302.

See Appraiser Qualiﬁcations Board, Summary of Changes to the Real Property Appraiser Qualiﬁcation Criteria

(May 1, 2018), available at: https://appraisalfoundation.shareﬁle.com/share/view/s40e607fb0d64915a.

303.

Id.

304. See Ofﬁce of the Comptroller of the Currency, Board of Governors of the Federal Reserve System, Federal

Deposit Insurance Corporation, Ofﬁce of Thrift Supervision, and National Credit Union Administration,

Interagency Appraisal and Evaluation Guidelines (Dec. 2, 2010), available at: https://www.fdic.gov/news/

news/ﬁnancial/2010/ﬁl10082a.pdf; see also 12 C.F.R. § 323.3.

305. Id.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

105

e GSEs and federal housing programs, administered, for example, by FHA, act as de facto

standard setters for mortgage appraisal requirements performed by both depositories, through

the FIRREA exemption, and the large segment of nondepository lenders not subject to FIRREA.

Lenders originating government mortgage loans, such as those insured by FHA or guaranteed

by the VA or USDA, are required to comply with the appraisal policies established by these

programs.

306

Fannie Mae’s and Freddie Mac’s seller-servicer guides similarly establish minimum

eligibility standards for appraisals to qualify for purchase by the respective GSE. Both FHA and the

GSEs require a USPAP-compliant appraisal for nearly all purchase and renance loans.

307

In 2017, Fannie Mae and Freddie Mac began oering originators appraisal waivers on a limited

population of purchase and renance loans.

308

e GSEs oer these waivers by leveraging their

proprietary appraisal models and databases aggregating public records, multiple listing services,

and millions of appraisal reports delivered electronically to the GSEs since 2012. For loans that

qualify for the waiver, the originator may forego the appraisal component of the loan production

process, potentially shortening timelines by as much as 10 days, and reducing origination costs by

up to $700.

309

Independent appraisers highlight post-crisis changes as exacerbating a mismatch between lender

demand for appraisal servicers and the number of independent appraisers qualied and willing

to meet this demand. Post-crisis appraiser independence standards enacted under Dodd-Frank

have resulted in lenders channeling appraisal requests through appraisal management companies

(AMCs) to subcontract with a state-licensed or state-certied appraiser.

310

Partly as a result of more

widespread use of AMCs as a market intermediary, independent appraisers report being paid rela-

tively less than they earned prior to the introduction of the appraisal independence standard that

gave rise to increased use of AMCs. Appraisers in some areas may be reticent to accept appraisal

requests due to the compensation passed through to them. Delays in completing an origination or

upcharges for rush appraisals to meet closing timelines may result and are ultimately borne by the

borrower through higher origination costs.

Against this backdrop, the development of new appraisal technology oers the potential, when

used responsibly, to relieve some of the pressures in the appraisal market and reduce the time

and cost necessary to complete a property appraisal. is technology ranges from approaches

that supplement traditional appraisals with remote evaluation technology to the deployment

of AVMs to remotely estimate property value without recourse to in-person appraisers. AVMs

306. See U.S. Department of Housing and Urban Development, FHA Single Family Housing Policy Handbook

4000.1 (Dec. 30, 2016), at Section II.D, available at: https://www.hud.gov/sites/documents/40001HSGH.PDF

(“FHA Single Family Handbook”).

3 07. See Fannie Mae, Selling Guide (June 5, 2018), at Part B4-1, available at: https://www.fanniemae.com/con-

tent/guide/selling/b/index.html; see Freddie Mac, Single-Family Seller/Servicer Guide (June 13, 2018), at Ch.

5601, available at: http://www.freddiemac.com/singlefamily/pdf/guide.pdf.

308. See Fannie Mae, Property Inspection Waiver, available at: https://www.fanniemae.com/singlefamily/property-

inspection-waiver; Freddie Mac, Automated Collateral Evaluation Now Available for Purchase Transactions,

available at: http://www.freddiemac.com/singlefamily/news/2017/0818_ace_purchases.html.

309. See Freddie Mac, Automated Collateral Evaluation (ACE), available at: http://www.freddiemac.com/singlefam-

ily/loanadvisorsuite/pdf/ACEMatrixDoc.pdf.

310.

15 U.S.C. § 1639e.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

106

have existed for several decades but their use and accuracy has improved in recent years due

to advances in machine learning, database technologies, and the proliferation of large datasets

composed of proprietary and public records with detailed property-specic information. At

present, AVMs are not permitted in place of traditional in-person appraisals for most loans sold

to the GSEs, endorsed by FHA or insured by other government loan programs, or for real-estate

transactions subject to FIRREA.

Critics of traditional appraisals argue that they represent an outdated and costly approach relative

to new digital tools. Critics of AVMs argue that they are dependent on detailed data provided by

an appraiser in order to maintain AVM accuracy, and that the disintermediation of traditional

appraisals will degrade AVMs as a result. Another form of property appraisal exists between these

two approaches to combine aspects of traditional appraisals with the automation and database

capabilities of AVMs. So-called hybrid or desktop appraisals leverage property history data, com-

parable sales data, photographs or video of the interior and exterior of a property, and a licensed

or certied appraiser. As the name would imply, desktop appraisals are able to be executed from

a single remote location, and oer the potential to save appraisers considerable time that would

otherwise be spent in transit to and from properties.

Recommendations

Treasury recommends that Congress revisit Title XI FIRREA appraisal requirements to update

them for developments that have occurred in the market during the past thirty years. Recent

data has illustrated that approximately 90% of residential mortgage originations are eligible for

appraisal exceptions established since the enactment of FIRREA by the designated federal regula-

tory agencies.

311

An updated appraisal statute should account for the development of automated

and hybrid appraisal practices and sanction their use where the characteristics of the transaction

and market conditions indicate it is prudent to do so.

Treasury supports the GSEs’ eorts to implement standardized appraisal reporting, the GSEs’ and

FHA’s adoption of proprietary electronic portals to submit appraisal forms, and the GSEs’ limited

adoption of appraisal waivers. While Treasury acknowledges that automated valuation engines and

appraisal waivers should apply to a dened and limited subset of loans, and that they may compete

with traditional appraisers, these innovations oer borrowers upside through lower cost origina-

tions and faster closings, without sacricing accuracy. However, further application of digital,

automated property valuations must be carefully monitored and integrated with rigorous market

standards where they are used in lieu of traditional appraisals.

Treasury recommends FHA and other government loan programs develop enhanced automated

appraisal capabilities to improve origination quality and mitigate the credit risk of overvaluation.

ese programs may also wish to consider providing targeted appraisal waivers where a high degree

of property standardization and information about credit risk exists to support automated valu-

ation, and where the overall risks of the mortgage transaction make such a waiver appropriate.

Treasury supports legislative action where statutory changes are required to authorize granting

311. See Federal Financial Institutions Examination Council, Joint Report to Congress: Economic Growth and

Regulatory Paperwork Reduction Act (Mar. 2017), available at: https://www.occ.gov/news-issuances/news-

releases/2017/nr-ia-2017-33a.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

107

limited appraisal waivers for government programs. Treasury further recommends that government

loan programs explore opportunities to leverage industry-leading technology capabilities to reduce

costs to taxpayers and accelerate adoption of new technology in the government-insured sector.

Finally, Treasury supports the AQB’s recently updated appraisal certication guidelines that ease

the education requirements to obtain that credential, with the understanding that providing o-

ramps for the education requirement in favor of on-the-job training or other education credits

can attract qualied appraisers to this industry and relieve appraiser supply challenges without

jeopardizing valuation credibility.

Electronic Closing and Recording

Mortgage closing, or settlement, represents the last step for a borrower in nancing a home, and

comprises the execution of the nancial and title documents that form the basis for the mortgage

loan and transfer of claim to the property. A key component of the closing process is the notariza-

tion of real estate transfer documents, such as the deed, which are subsequently led, or publicly

recorded, with local county land records. Traditionally, the loan closing is completed in one sitting,

with the borrower and parties to the transaction physically present in the same location.

Notarization methods have expanded along with the rest of electronic commerce in recent decades

and can now be accomplished either in-person through a digital document and notary seal or

remotely through online interaction via webcam and using knowledge-based identication to

conrm the borrower’s identity. According to the Bureau’s 2015 eClosing pilot, the ability to

electronically complete the mortgage process through digital notarization represents one of the

key remaining impediments to the digital process and oers additional borrower convenience and

satisfaction if executed seamlessly versus a paper-based closing.

312

While the UETA and ESIGN eCommerce laws establish the validity of electronic signatures on

consumer credit transactions, additional legal clarity is needed to ensure compliance with state

notary laws for use of electronic notarizations, specically the sanctioning of digital notarizations

in lieu of a physical signature and notarization. To date, 39 states have enacted laws establishing the

legality of such eNotarization.

313

In 2010, in part to account for the development of eNotarization

capabilities, the National Conference of Commissioners on Uniform State Laws (also known as

the Uniform Law Commission, or ULC) promulgated a revised model statutory framework for

notarial acts, updating its original 1982 model act and aimed at facilitating interstate recogni-

tion of various types of notarizations.

314

To date, 11 states have enacted the revised Uniform Law

Commission framework.

315

312. See Bureau of Consumer Financial Protection, Leveraging Technology to Empower Mortgage Consumers at

Closing (Aug. 2015), available at: https://ﬁles.consumerﬁnance.gov/f/201508_cfpb_leveraging-technology-to-

empower-mortgage-consumers-at-closing.pdf.

313. Based on information provided by the American Land Title Association to Treasury.

314. See Uniform Law Commission, Revised Uniform Law on Notarial Acts (2010), available at: http://www.uniform-

laws.org/Act.aspx?title=Law%20on%20Notarial%20Acts,%20Revised.

315.

Id.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

108

ese electronic notarization statutes, enabling digital notary signature for in-person notarizations,

provide insucient legal certainty for the use of remote notarization conducted electronically via

webcam, with the latter permitting both signatory and notary to be in dierent locations. Virginia

became the rst state to ocially sanction remote online notarization when it passed legislation

to that end in 2012. Seven other states have followed suit, while an additional four states have

remote online notarization bills pending, with the potential for passage in 2018.

316

In 2017, the

American Land Title Association and the Mortgage Bankers Association (MBA), in an eort to

address legal uncertainty and to facilitate further development of eMortgage capabilities, published

model legislation providing a framework for states to use in adopting remote online notarization

for real-estate transactions.

317

Electronic notarization

Figure 1

7: Electronic and Remote Notarization by State

Both Electronic and Remote Notarization

Source: American Land Title Association and Treasury staff analysis.

316. See Mortgage Bankers Association, Remote Online Notarization, available at: https://www.mba.org/audience/

state-legislative-and-regulatory-resource-center/remote-online-notarization (last accessed June 14, 2018).

3 17.

See American Land Title Association, ALTA, MBA Develop Model Legislation for Remote

Online Notarization (Dec. 19, 2017), available at: https://www.alta.org/news/news.

cfm?20171219-ALTA-MBA-Develop-Model-Legislation-for-Remote-Online-Notarization.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

109

Despite state-level progress toward wider recognition of electronic notarization, the absence of

a broad statutory acceptance across the country and uneven standards for remote and electronic

notarization implementation has created confusion for market participants, slowing adoption

of digital advances in mortgage technology by limiting the ability for lenders to complete a

digital mortgage with an eClosing. Non-uniform state rules create a cost barrier for electronic

notarization system vendors developing their platforms and creates uncertainty for investors

considering purchasing digital mortgages. In 2006, the National Association of the Secretaries

of State adopted standards for state use in implementing in-person, electronic notarizations.

Amendments to these standards, accounting for the advance of remote notarizations, were

recently adopted in February 2018 to support secure and technology-neutral implementation of

remote notarization capabilities.

318

County-level acceptance of digital security instruments is a key determinant of whether a lender will

pursue an electronic closing, as lack of acceptance of these documents renders such critical eMort-

gage components, such as electronic notarization, moot. In 2004, the Uniform Law Commission

promulgated the Uniform Real Property Electronic Recording Act (URPERA), representing a

model statutory framework to provide county clerks and recorders the authority to accept elec-

tronic recording of real property instruments. Today, 33 states and U.S. territories have enacted

URPERA; however, implementation remains a county-level exercise.

319

As of May 31, 2018, just

over half of the 3,600 recording jurisdictions—primarily, but not exclusively counties—in the

United States oer electronic recording.

320

Greater digitization of property records at the county

level may, in the future, facilitate further advances in mortgage technology, including the potential

application of distributed ledger technology to more expeditiously perform property record checks

and expedite title review services.

Recommendations

Treasury recommends that states yet to authorize electronic and remote online notarization pursue

legislation to explicitly permit the application of this technology and the interstate recognition

of remotely notarized documents. Treasury recommends that states align laws and regulations to

further standardize notarization practices.

Treasury further recommends that Congress consider legislation to provide a minimum uniform

national standard for electronic and remote online notarizations. Such legislation would facilitate,

but not require, this component of a fully digital mortgage process and would provide a greater

degree of legal certainty across the country. Federal legislation is not mutually exclusive with con-

tinued eorts at the state level to enact a framework governing the use of electronic methods for

nancial documents requiring notarization.

318. See National Association of Secretaries of State, NASS Support for the Revised National Electronic

Notarization Standards (amended and readopted on Feb. 19, 2018), available at: https://www.nass.org/

node/1327.

319. See Uniform Law Commission, Real Property Electronic Recording Act, available at: http://www.uniformlaws.

org/Act.aspx?title=Real%20Property%20Electronic%20Recording%20Act.

320.

See Property Records Industry Association, available at: https://www.pria.us/i4a/pages/index.cfm?pageid=1

(last accessed on June 14, 2018).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

110

Treasury recommends that recording jurisdictions yet to recognize and accept electronic records

implement the necessary technology updates to process and record these documents and to pursue

digitization of existing property records.

False Claims Act

Civil actions brought under the authority of the False Claims Act (FCA) — a Civil War-era statute

— have been closely associated with the mortgage industry since the nancial crisis. Beginning in

2011, the U.S. Department of Justice (DOJ), often based on a referral from the Inspector General

for the U.S. Department of Housing and Urban Development (HUD), has pursued numerous

claims under the FCA against lenders of government mortgages where it was determined that

the lenders knowingly submitted for government insurance mortgages that did not meet federal

eligibility standards.

DOJ has recovered approximately $7 billion related to FCA housing fraud settlements and judg-

ments to date.

321

e cost of FCA liability for lenders and servicers, and the ongoing fear of future

action by the government is often cited as a factor in the shift away from depositories and toward

nondepository mortgage banks in the government mortgage loan market.

322

e departure of

depositories from federally insured mortgages has likely had negative impacts on borrower access

to credit by reducing the available lending universe and encouraging remaining lenders to add

credit and risk overlays to their underwriting to mitigate lower credit quality, but nonetheless

creditworthy, borrowers.

Figure 18: F

HA Share of Originations

(percent)

Source: Federal Reserve (see Bhutta et al.) using HMDA data.

201220112010 20142013

2016

2015

Largest 3 banks

Other banks

An entity that violates the FCA by knowingly

submitting false claims to the government is

subject to substantial civil remedies: penalties

between $11,181 and $22,363 per false claim

as well as triple the amount of damages to the

government — known as treble damages.

323

Furthermore, it has been standard practice

for DOJ to determine the percentage inci-

dence of errors on a sample size of loans that

have gone to claim and then extrapolate the

incidence of violations to a broader popula-

tion of loans that went to claim to capture

what DOJ alleges to be the full extent of the

false claims submitted by lenders and ser-

vicers. Because the FCA only allows a recov-

ery when a loan defaults and results in a claim

for mortgage insurance, the samples selected

in FCA actions are only drawn from the

321. See U.S. Department of Justice, Fact Sheet: Signiﬁcant False Claims Act Settlements & Judgments, Fiscal

Years 2009–2016, available at: https://www.justice.gov/opa/press-release/ﬁle/918366/download.

322.

See Bhutta, Laufer, and Ringo.

323. 31 U.S.C. § 3729(a)(1).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

111

universe of loans that went to claim. us, the samples are not intended, and cannot be inter-

preted, to be representative of a lender’s overall portfolio.

Before liability or damages may be imposed under the FCA, the FCA requires that any false claim

be both knowing and material.

324

Consistent with this latter requirement, DOJ and HUD have

a practice of reaching mutual agreement on resolving claims, even though the process by which

agreement is reached has been characterized as lacking clarity. DOJ’s FCA settlements have often

been accompanied by admitted statements of facts by the settling lenders, and these statements

have conrmed the lenders’ knowledge of the materiality of the defects that were the subject of the

settlements.

325

Nevertheless, HUD and DOJ have been criticized for not suciently dierentiat-

ing knowing and material errors from those that would not have aected approval of the loan for

a federal program or servicer actions during the foreclosure process.

326

Distinguishing knowing

and material errors from clerical defects is particularly important to lenders and servicers. Even if

lenders and servicers strive to ensure the information they collect and submit to FHA is complete

and accurate, minor errors are to be expected. Industry concerns about being held liable under

the FCA for these types of defects may aect the decision to participate, and at what price, in

government loan programs.

HUD has taken steps in recent years to provide additional clarity around the severity across viola-

tions and to provide lenders greater certainty that loans they originate and service are insurable by

the FHA. Administrative changes to loan-level certications and implementation of a loan quality

review taxonomy were executed in an attempt to encourage lenders to re-enter the FHA market by

clarifying a materiality threshold for errors.

FHA lenders are required to certify annually that they meet established HUD-FHA approval stan-

dards. Additionally, lenders must certify at the loan-level that loans meet FHA eligibility require-

ments. In 2016, HUD updated its loan-level certication, which attempted to apply a materiality

threshold to instances where violations would trigger the rescission of FHA insurance by dening

liability as errors that would have altered the decision to approve a loan.

327

More signicantly, in

2017, FHA announced the implementation of its Loan Review System, incorporating the Loan

Quality Assessment Methodology (Defect Taxonomy).

328

e Defect Taxonomy classies nine

defect areas by category, identies the source and cause of the defect, and classies them into

four severity tiers based on the nature of the error, with errors moving from most severe in tier

324. Id.; Universal Health Services v. United States ex rel. Escobar, 136 S. Ct. 1989 (2016).

325.

See The False Claims Act & Federal Housing Administration Lending (March 15, 2016), available at https://

www.justice.gov/archives/opa/blog/false-claims-act-federal-housing-administration-lending.

326.

See Paul Compton, Jr., U.S. Department of Housing and Urban Development, New Era of Cooperation

and Coordination (Apr. 30, 2018), available at: https://www.hud.gov/press/speeches_remarks_statements/

Speech_043018.

3 27. See U.S. Department of Housing and Urban Development, Revised HUD 92900-A HUD/VA Addendum to

Uniform Residential Loan Application, Mortgagee Letter 2016-06 (Mar. 15, 2016), available at: https://www.

hud.gov/sites/documents/16-06ML.PDF.

328. See U.S. Department of Housing and Urban Development, Federal Housing Administration (FHA) Loan

Review System – Implementation and Process Changes, Mortgagee Letter 2017-03 (Jan. 11, 2017), available

at: https://www.hud.gov/sites/documents/17-03ML.PDF.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

112

one to the least severe in tier four.

329

With this taxonomy, FHA intended to clarify the severity

of loan-level violations — distinguishing material defects from errors that would not impact the

insurability of the loan.

While industry participants have been supportive of providing additional clarity around what

constitutes a manufacturing defect and the nature of the defect, stakeholders have called for HUD

and FHA to take the further administrative step of providing a prescribed remedy for each viola-

tion in the taxonomy and a safe harbor for violations at the lower tiers of the taxonomy and for

those at the higher tiers that have been cured. Furthermore, many market participants feel that

action by FHA alone is insucient to relieve lender concerns about liability tail risk. For example,

the Defect Taxonomy has not altered the eligibility rules for HUD loans, which means it does not

govern when DOJ can or should bring appropriate FCA claims. To market participants seeking to

mitigate risk of FCA liability, the fact that FHA may dierentiate violations based on materiality

in its own administrative proceedings oers no guarantee that DOJ, or a whistleblower litigating a

qui tam action in place of the government, will adopt the same posture. Since the Supreme Court’s

decision in Universal Health Services v. United States ex rel. Escobar, the views of the agency mak-

ing payment decisions signicantly aect determinations of materiality (or lack thereof).

330

Even

following the Escobar ruling, the industry would benet from additional clarity on the common

standards applied by HUD and DOJ.

Material errors in manufacturing and servicing government loans should continue to be subject to

enforcement by FHA and DOJ and bad actors who knowingly defraud the government should face

signicant nes and penalties. But when industry is reluctant to originate or service government

loans in light of the FCA enforcement risk, this serves the counterproductive end of increasing the

cost of credit and potentially limiting borrower access to federal loan programs.

Recommendations

Enforcement of the FCA is critical to ensuring the integrity of any federal program and protecting

it against knowing violations. At the same time, FCA enforcement actions can impose signi-

cant costs on a defendant both in terms of nancial and reputational damages. Accordingly, it is

important that an appropriate balance be struck between what program requirements an agency

considers to be material – and therefore subject to potential FCA enforcement when knowing

violations of these requirements occur – and what requirements are not material, and are appropri-

ately addressed through actions outside of the FCA.

To address the perception associated with the use of the FCA on mortgage loans insured by the

federal government, Treasury recommends that HUD establish more transparent standards in

determining which program requirements and violations it considers to be material to assist DOJ

in determining which knowing defects to pursue. In doing so, Treasury recommends that FHA

clarify the remedies and liability lenders and servicers face, which could include, where appropriate,

remedies such as indemnication and/or premium adjustments. Remedies should be correlated to

329. See FHA’s Single Family Housing Loan Quality Assessment Methodology, available at: https://www.hud.gov/

sites/documents/SFH_LQA_METHODOLOGY.PDF.

330.

See Escobar, 136 S. Ct. at 1989.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

113

the Defect Taxonomy. FHA should continue to review and rene its lender and loan certications

and its loan review system, including the Defect Taxonomy. Lenders that make errors deemed

immaterial to loan approval should receive a safe harbor from a denial of claim and forfeiture of

premiums. Lenders should receive a similar safe harbor for material violations that are cured based

on remedies prescribed by FHA absent patterns which indicate a systemic issue. In determining

the appropriate remedies for violations of its program requirements, HUD should consider the

systemic nature of the problem, involvement or knowledge of the lender’s senior management,

overall quality of the originations of a specic lender, and whether or to what extent the loan defect

may have impacted the incidence or severity of the loan default.

Treasury recommends DOJ ensure that materiality for purposes of the FCA is linked to the stan-

dards in place at the agency administering the program to which the claim has been led, and that

DOJ and HUD work together to clarify the process by which mutual agreement is reached on the

resolution of claims. Where a relator pursues qui tam action against a lender for a nonmaterial error

or omission, DOJ, in consultation with HUD and FHA, should consider exercising its statutory

authority to seek dismissal.

331

Distinguishing materiality, providing clear remedies to cure discovered defects, and linking the

Defect Taxonomy to the FCA could provide a measure of certainty that could attract lenders

back into this market and reduce costly overlays without constraining the government’s ability

to punish bad actors and prosecute knowingly fraudulent activity. However, if the recommended

administrative actions are unsuccessful at achieving the desired result of increasing lender and

servicer participation in federal mortgage programs, Congress should consider appropriate

remedial legislation.

Aligned Federal Mortgage Loss Mitigation Standards

e Bureau has implemented multiple servicing rules and rule revisions during the past ve years,

requiring numerous changes to servicer procedures, particularly concerning procedures for how to

engage delinquent borrowers when evaluating them for loan modications or other loss mitigation

options. e federal government has not promulgated rules to prescribe a national loss mitigation

standard. Crisis-era loss mitigation programs oered a degree of standardization and transparency

for servicers, borrowers, and mortgage investors around loss mitigation options. In the absence of

such a de facto federal loss mitigation standard, some market participants have cited concerns with

the variance in options across dierent federal mortgage programs.

In recent years, market participants, including the GSEs, FHA, and the MBA, which represents

certain market participants, have established loss mitigation standards to memorialize success-

ful components of crisis-era programs or to encourage a degree of standardization for servicers

across the private, federally supported, and federally insured mortgage markets. e GSEs’ Flex

Modication (FlexMod), implemented in 2017, closely aligns with MBA’s One Modication

331. 31 U.S.C. § 3730(c)(2). Pursuant to a January 10, 2018 memorandum from Michael Granston, Director, Frauds

Section of the Commercial Litigation Branch, DOJ attorneys have assessed whether declined qui tam cases are

appropriate for dismissal.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

114

proposal published in 2016.

332

Both the FlexMod and the MBA proposal reect many of the lessons

learned and standards adopted following the nancial crisis. For example, both evaluate borrower

hardship (short-term versus longer-term), oer solutions appropriate to that hardship that include

retention and nonretention options, and aim to oer the most sustainable longer-term solution

through the use of a waterfall of steps to achieve a modication that provides payment relief to the

borrower and positive economic outcomes for the investor. Finally, FHA’s loss mitigation program,

which includes FHA-Home Aordable Modication Program (FHA-HAMP), shares many of the

same features of the GSEs’ present modication program, but utilizes dierent steps to achieve

payment reduction.

333

Despite agreement by most participants on the guiding themes for successful loss mitigation, the

GSEs, FHA, VA, USDA, bank portfolio servicers, and private-label securities servicers continue

to oer dierent loss mitigation programs. ese dierences are rooted in a number of underly-

ing factors, including fundamental dierences in the business models, regulatory and statutory

mandates, and the borrower segments served by the range of private and federally-backed sources

of mortgage nancing. e main area in recent years where standardization and transparency has

been achieved is across Fannie Mae and Freddie Mac with the implementation of their FlexMod

– alignment facilitated by the GSEs’ fundamentally similar business models and conservatorship

under FHFA. FHA has a statutory mandate to hold capital and act as a duciary for the Mutual

Mortgage Insurance Fund (MMIF).

334

Undertaking this duciary responsibility to the MMIF

requires prompt liquidation of any assets assigned to it as a result of insurance claim payments (i.e.,

unlike the GSEs, FHA generally does not hold mortgage assets) — a program restriction that may

constrain certain loss mitigation options.

Mortgage servicers cite the dierences in loss mitigation programs as a particular challenge.

Servicers, particularly specialty servicers who focus on delinquent and defaulted loans, will seldom

service just one type of loan (e.g., all conventional or all government mortgages). Managing mul-

tiple standards limits eciency and the ability to automate certain processes, restricts a servicer’s

ability to assess risk, and adds additional costs.

Furthermore, except for federal mortgage programs administered by FHA, VA, and USDA, a

borrower does not necessarily know at origination whether his or her mortgage will be sold to a

private credit investor or securitized through the GSEs — yet that same borrower faces two dier-

ent experiences in the event of nancial hardship that requires a loan workout solution. Borrowers,

particularly during periods of hardship, benet from clarity, and servicers benet from certainty

and scalability in terms of what assistance to oer a borrower who has experienced a hardship.

332. See Federal Housing Finance Agency, Statement of FHFA Deputy Director Sandra Thompson on

New Loan Modiﬁcation Offering for Delinquent Borrowers (Dec. 14, 2016), available at: https://www.

fhfa.gov/Media/PublicAffairs/Pages/Statement-of-FHFA-Deputy-Director-Sandra-Thompson-on-

New-Loan-Mod-Offering-for-Delinquent-Borrowers.aspx; see Mortgage Bankers Association, Press

Release – MBA Task Force Proposes Loan Modiﬁcation Program to Provide At-Risk Homeowners

Payment Relief (Sept. 2016), available at: https://www.mba.org/2016-press-releases/september/

mba-task-force-proposes-loan-modiﬁcation-program-to-provide-at-risk-homeowners-payment-relief.

333.

See HUD Mortgagee Letter 2009-23 and HUD Mortgagee Letter 2016-14.

334. 12 U.S.C. § 1708.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

115

As such, mortgage loss mitigation is one part of the market that would benet from a degree of

alignment that does not presently exist.

Having a greater degree of standardization and transparency in place across the federal housing

footprint would also accelerate the ability to respond in a future period of sustained market stress,

as servicer, borrower, and mortgage investors would have procedures in place and an understand-

ing of the exposures to more quickly administer loss mitigation solutions to struggling borrowers.

Given the tendency of the housing market to exacerbate weakness during an economic downturn,

having such a coordinated response in place could help mitigate the impact of housing market

weakness on the broader economy.

In addition to potential benets of greater alignment around loss mitigation programs, servicers

have suggested a number of opportunities to increase eciencies and reduce costs in FHA default

servicing. Mortgage servicers believe that FHA servicing rules are complex and, in some cases,

conicting or outdated when compared to current industry practice reected in GSE and PLS

servicing and other regulatory requirements. Areas of potential enhancement include simplica-

tion of foreclosure timelines, restructuring of penalties associated with the failure to meet required

timelines, and streamlining the foreclosed property conveyance process. ese issues have been

identied by HUD in its eorts to review and address needlessly burdensome and costly regulations.

Recommendations

Treasury recommends that federally supported mortgage programs explore standardizing the most

eective features of a successful loss mitigation program across the federal footprint. Such stan-

dardization should broadly align a loss mitigation approach that facilitates eective and ecient

loan modications when in the nancial interest of the borrower and investor, promotes transpar-

ency, reduces costs, and mitigates the impact of defaults on housing valuations during down-

turns. It should also establish parameters such as a standardized application package, aordability

standards (e.g., suggested housing-expense-to-income ratios and minimum payment reductions),

modication waterfall standards that specify suggested acceptable loss mitigation steps, and referral

of delinquent borrowers to nancial counseling. At the same time, these standards should not

prescribe a specic modication product.

Additionally, Treasury recommends HUD continue to review FHA servicing practices with the

intention to increase certainty and reduce needlessly costly and burdensome regulatory require-

ments, while fullling FHA’s statutory obligation to the MMIF. In particular, Treasury recommends

that FHA consider administrative changes to how penalties are assessed across FHA’s multi-part

foreclosure timeline to allow for greater exibility for servicers to miss intermediate deadlines while

adhering to the broader resolution timeline, as well as to better align with federal loss mitigation

requirements now in place through the Bureau. Additionally, Treasury recommends FHA explore

changes to its property conveyance framework to reduce costs and increase eciencies by addressing

frequent and costly delays associated with the current process. As an additional measure, Treasury

recommends that FHA continue to make appropriate use of, and consider expanding, programs

which reduce the need for foreclosed properties to be conveyed to HUD, such as Note Sales and

FHA’s Claim Without Conveyance of Title.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

116

State Foreclosure Practices

Foreclosure practices are one of the most divergent state-level policies across the mortgage industry,

and one for which certain housing markets have paid a high price in the decade since the housing

market collapse. Foreclosure processes vary for each state but largely adhere to some combination

of two formats: judicial and nonjudicial.

In a state with a requirement for a judicial review process, the owner of a mortgage note, typically

the lender, is required to le a lawsuit in local court to foreclose on a defaulted borrower. Other

states permit the lender to foreclose without going through the court system when a power of sale

clause is present in the mortgage or deed of trust — a process referred to as a nonjudicial review.

Some states allow both judicial and nonjudicial foreclosures but favor one or the other depending

on the type of security instrument — mortgage or deed-of-trust — with judicial foreclosures more

common with mortgages, and nonjudicial foreclosures with deeds-of-trust.

In states requiring judicial review, typically once the lender les a foreclosure lawsuit in court, the

homeowner receives a summons and a copy of the foreclosure complaint. e homeowner can let

the foreclosure proceed or contest it in court. If the homeowner chooses to contest, the court holds

a hearing and a judge decides whether to let the foreclosure sale proceed and, if approved, sets an

auction date. In states without a required judicial process, existing statutes establish the process

required for a trustee to foreclose on a defaulted property. State law, and not the courts, deter-

mine the timeline and milestones in the foreclosure process. Some states have imposed additional

required steps and remediation requirements regardless of judicial or nonjudicial review designed

to aord additional protections to defaulted borrowers.

Since the nancial crisis, foreclosure timelines have increased regardless of state foreclosure

practices, with the national average timeline to complete a foreclosure climbing from approxi-

mately 6 months in 2007 to approximately 33 months by the end of 2017.

335

ese timelines

are generally considerably longer for those states that require judicial review.

336

While the

national share of loans in the foreclosure process has returned to pre-crisis levels, the foreclo-

sure rate in judicial review states remains elevated relative to both nonjudicial review states

and the pre-crisis level,

337

with timelines in some judicial review states such as Florida and

New Jersey exceeding 3 years on average.

338

In certain documented cases, borrowers in judicial

review states have been able to remain in a property for over 5 years without making payments

before a foreclosure is completed.

339

335. ATTOM Data Solutions, US Foreclosure Activity (Apr. 2018), available at: https://www.attomdata.com/news/

market-trends/foreclosures/q1-2018-u-s-foreclosure-market-report/.

336.

See Hamilton Fout et al., Foreclosure Timelines and Housing Prices, working paper (July 2017), available at:

http://www.fanniemae.com/resources/ﬁle/research/datanotes/pdf/foreclosure-timelines-and-house-prices-

working-paper.pdf.

3 37.

Molly Boesel, CoreLogic, Foreclosure Report Highlights: November 2016, blog post (Jan. 10, 2017), available

at: https://www.corelogic.com/blog/2017/01/foreclosure-report-highlights-november-2016.aspx.

338.

See ATTOM Data Solutions.

339. Michael Corkery, Homeowners Facing Foreclosure May Instead be Home Free, Boston Globe (Mar. 30, 2015).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

117

Mostly or exclusively

judicial process

Both

Mostly or exclusively

nonjudicial process

Average Price Change

Judicial

process

Nonjudicial

process

Source: FHFA All Transactions Price Index, ATTOM Data Solutions Foreclosure Processes by State, and Treasury staff analysis.

Figure 19: F

oreclosure Process and Home Price Change Peak-to-Current by State

(percent c

hange)

-2

-15

-10

-15

-12

-10

-8

-4

-10

-3

Due to the high-cost of servicing nonperforming loans, borrowers in states with protracted fore-

closure timelines will likely bear a portion of the cost of delays through a risk premium embedded

in interest rates for loans made in that state.

340

Additionally, prolonged foreclosure timelines create

a negative externality on home prices, which may harm nearby property values and dampen home

price appreciation.

341

Since their pre-crisis peak, housing prices in states with a primarily nonju-

dicial review foreclosure process have appreciated twice as much as prices in states with a judicial

review process.

342

ere is evidence that the judicial review foreclosure process leads to higher rates of persistent

delinquency than nonjudicial review foreclosures, without measurably improving foreclosure

340. See Laurie Goodman, Urban Institute, Servicing Costs and the Rise of the Squeaky-Clean Loan (Feb. 2016),

available at: https://www.urban.org/sites/default/ﬁles/publication/77626/2000607-Servicing-Costs-and-the-

Rise-of-the-Squeaky-Clean-Loan.pdf.

341.

See Eliot Anenberg and Edward Kung, Estimates of the Size and Source of Price Declines due to Nearby

Foreclosures, 104 American Economic Review 2527–2551 (2014).

342.

Treasury calculations based upon ATTOM Data Solutions foreclosure processes by state and FHFA Quarterly

All-Transactions Home Price Index.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

118

outcomes for borrowers.

343

Standardizing and moving away from a judicial review foreclosure pro-

cess could reduce the time and resources involved in foreclosures and support home prices, without

compromising borrower protections provided by federal and state regulation.

For federally supported housing programs that impose a degree of national pricing, such as the

GSEs and FHA, some of the added cost from long foreclosure timelines is borne by borrowers in

states with shorter timelines—eectively imposing a cross-subsidy from faster foreclosure states

to slower ones. In response to state level dierences in mortgage loss severities attributable to

foreclosure process dierences, the Federal Housing Finance Agency (FHFA) considered requiring

the GSEs to impose an up-front fee in specic states where foreclosure costs exceeded the national

average.

344

While FHFA elected not to pursue these charges, it did direct the GSEs in 2013 to

maintain a quarter-point guaranty fee surcharge for four states — Connecticut, Florida, New

Jersey, New York — where the foreclosure costs were more than two standard deviations above

the national average.

345

All four states require judicial review foreclosure processes.

346

However, in

January 2014, under a new director, FHFA reversed this decision and suspended any surcharge

based on state foreclosure costs.

347

Recommendations

Treasury recommends that states pursue the establishment of a model foreclosure law, or make

any modications they deem appropriate to an existing model law,

348

and amend their foreclosure

statutes based on that model law. Treasury recommends federally supported housing programs,

including those administered by FHA, USDA, VA, and the GSEs, explore imposing guaranty

fee and insurance fee surcharges to account for added costs in states where foreclosure timelines

signicantly exceed the national average.

Nondepository Counterparty Transparency

Ginnie Mae guarantees the timely payment of principal and interest to investors in its securities,

which are issued by lenders approved by Ginnie Mae and backed by government-guaranteed or

insured mortgages. With the departure of credit investors in the wake of the housing collapse,

Ginnie Mae experienced a surge in volume, as lenders and borrowers moved to access mortgage

credit through government loan programs. Issuance of Ginnie Mae mortgage-backed securities

(MBS) jumped from $97 billion in 2007 to $454 billion two years later, and has averaged over

343. See Kristopher Gerardi, Lauren Lambie-Hanson, and Paul S. Willen, Do Borrower Rights Improve Borrower

Outcomes? Evidence from the Foreclosure Process, 73 J. of Urban Econ. 1 (2013).

344.

See State-Level Guarantee Fee Pricing (Sept. 19, 2012) [77 Fed. Reg. 58991 (Sept. 25, 2012)].

345. See Federal Housing Finance Agency, Press Release – FHFA Takes Further Steps to Advance

Conservatorship Strategic Plan by Announcing an Increase in Guarantee Fees (Dec. 9, 2013), available at:

https://www.fhfa.gov/Media/PublicAffairs/Pages/FHFA-Takes-Further-Steps-to-Advance-Conservatorship-

Strategic-Plan-by-Announcing-an-Increase-in-Guarantee-Fees.aspx#.

346.

See ATTOM Data Solutions, Foreclosure Laws and Procedures by State, available at: https://www.realtytrac.

com/real-estate-guides/foreclosure-laws/ (last accessed June 15, 2018).

3 47.

See FHFA Guarantee Fees History, available at: https://www.fhfa.gov/PolicyProgramsResearch/Policy/Pages/

Guarantee-Fees-History.aspx.

348.

See Uniform Law Commission, Home Foreclosure Procedures Act (2015), available at: http://www.uniform-

laws.org/Act.aspx?title=Home%20Foreclosure%20Procedures%20Act.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

119

$400 billion in the years since.

349

Between 2007 and 2017, the remaining principal balance of

pools guaranteed by Ginnie Mae increased fourfold to $1.96 trillion.

350

Ginnie Mae’s issuer base has changed dramatically in both type and concentration, with nondeposi-

tory issuers stepping into the market vacated by depositories exiting government loan programs.

By the beginning of 2018, dedicated mortgage banks accounted for over 80% of Ginnie Mae

issuance.

351

e GSEs, too, have seen their seller-servicer counterparty mix shift toward nondeposi-

tories, with nondepository lenders accounting for approximately half of the origination volume

in 2017.

352

Market observers and participants, including Ginnie Mae, have asserted that the rapid

increase in nondepository origination and servicing activity, combined with a less standardized

approach to safety and soundness regulation, poses heightened counterparty risk. e disparity in

banks and nonbanks prudential regulatory regimes has caused some market observers to question

nonbank durability through the economic cycle and posit that nondepositories pose a systemic

risk in general and a taxpayer risk in particular through the high share of nondepositories servicing

Ginnie Mae pools.

353

Nonbank servicers, like their bank competitors, are subject to a range of federal nancial oversight.

e Bureau, for example, supervises adherence to mortgage lending and servicing rules in addi-

tion to broader compliance with federal consumer nancial laws. In addition, nondepositories are

subject to oversight through counterparty minimum net worth, capital, and liquidity requirements

imposed by the GSEs and Ginnie Mae.

354

As nonbanks are more dependent on execution through

securitization, which at present is dominated by the GSEs and Ginnie Mae, compliance with GSE

and Ginnie Mae counterparty requirements functions as an additional industry standard.

However, bank and nonbank lender-servicers face dierent safety and soundness regulatory stan-

dards. Insured depository institutions must abide by federal prudential regulation which includes

standardized capital and liquidity regimes. Nondepositories are chartered and regulated at the

state level and similarly face safety and soundness regulation, albeit by individual state banking

examiners, despite the fact that these nondepositories may have a national footprint. While state

regulators, facilitated by the Conference of State Bank Supervisors, have made progress in recent

years toward developing more aligned standards for nonbank supervision, concerns about diering

standards persist and have prompted calls for additional alignment.

349. See Ginnie Mae, Monthly Issuance Reports – March 2018 Issuance Summary (Apr. 13, 2018), available at:

https://www.ginniemae.gov/data_and_reports/reporting/Pages/monthly_issuance_reports.aspx

350.

See Ginnie Mae, Monthly UPB Reports – March 2018 (Apr. 13, 2018), available at: https://www.ginniemae.

gov/data_and_reports/reporting/Pages/monthly_rpb_reports.aspx.

351.

See Urban Institute, Housing Finance at a Glance (May 2018), available at: https://www.urban.org/research/

publication/housing-ﬁnance-glance-monthly-chartbook-may-2018/view/full_report.

352.

Id.

353. See U.S. Government Accountability Ofﬁce, Nonbank Mortgage Services: Existing Regulatory Oversight

Could Be Strengthened (Mar. 2016), available at: https://www.gao.gov/assets/680/675747.pdf; Ofﬁce of

Inspector General, U.S. Department of Housing and Urban Development, Ginnie Mae Did Not Adequately

Respond to Changes in its Issuer Base (Sept. 21, 2017), available at: https://www.hudoig.gov/sites/default/

ﬁles/documents/2017-KC-0008.pdf.

354.

See Fannie Mae, Seller Guide (June 5, 2018), at Part A4-1; Freddie Mac, Seller/Servicer Guide (June 13,

2018), at Chapter 2101; Ginnie Mae, MBS Guide (Jan. 25, 2018), at Chapter Three.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

120

Furthermore, during periods of sustained nancial stress, traditional depository lenders have access

to sources of liquidity that nonbanks lack, such as insured customer deposits and FHLBs advances.

Nondepositories are instead funded mainly through lines of credit and repurchase agreements,

which, due to their short-term nature are subject to roll-over risk and margin requirements in the

event of a deteriorating credit environment.

355

High among concerns about nondepositories is the durability of these funding structures for

nonbank servicers. When borrowers stop making mortgage payments, servicers of those loans

continue to advance scheduled payments to investors and other parties until the delinquency has

been resolved or the loan has been purchased out of its securitized pool. While servicers may be

able to seek reimbursement for these advances depending upon the federal insurance or guaranty

program, they must make them out of their own funds in the interim. Servicers of both GSE and

Ginnie Mae securities face this risk; however, the higher delinquency rates and longer foreclosure

timeline for FHA-insured loans underlying Ginnie Mae pools, as well as dierences in delinquent

loan buyout practices, may subject Ginnie Mae servicers to extended periods of liquidity strain

exactly when nancing may be most challenging. As counterparty risk represents Ginnie Mae’s

main nancial exposure, its leadership is reasonably concerned with potential challenges from a

sustained period of economic stress that tests the nancial capacity of these nonbanks to continue

to make servicing advances.

Ginnie Mae has multiple counterparty risk-management tools in use today, including on-site

reviews, assignment of proprietary risk grades, and performance proles. Additionally, Ginnie

Mae, as well as the GSEs, have quarterly visibility into nonbank counterparty nancial informa-

tion, including debt facilities, through required submission of information through the Mortgage

Bankers Financial Reporting Form.

356

However, data quality and the present elds required for

reporting may be insucient to provide the level of transparency needed to assess counterparty

nancial health. Ginnie Mae continues to pursue improvements to its counterparty risk manage-

ment framework, including subjecting its servicers to a liquidity stress test to gauge the durability

of their access to capital during a period of sustained nancial stress.

357

While the size of Ginnie Mae’s portfolio and the nature of its counterparty risk has changed

dramatically in recent years, Ginnie Mae lacks exibility to adjust its MBS fees and hire additional

sta to manage this risk. Under Ginnie Mae’s charter, the maximum fee it can charge for its MBS

guaranty is set at 6 basis points,

358

and is not permitted to be adjusted based on risks arising

from changes in the housing market or from Ginnie Mae’s counterparty exposure specically.

Additionally, Ginnie Mae’s permanent stang resources remain constrained, with approximately

150 permanent employees overseeing a $2 trillion portfolio. At present, Ginnie Mae depends on

annual congressional appropriations to pay permanent sta. While Ginnie Mae is able to utilize

its revenues to contract with outside rms for support services, stakeholders, including Ginnie

355. See Ofﬁce of Financial Research, Monitoring GNMA/GSE Pipeline Liquidity, slide deck presentation (July

28, 2016), available at: https://www.ﬁnancialresearch.gov/frac/ﬁles/FRAC-meeting_GSE-Working-Group-

Presentation_07-28-2016.pdf.

356. See Fannie Mae Seller Guide, Freddie Mac Seller/Servicer Guide, and Ginnie Mae MBS Guide.

3 57. See Ginnie Mae 2020.

358. 12 U.S.C. § 1721(g)(3)(A).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

121

Mae leadership, have highlighted the need for exibility to hire permanent sta with the requisite

experience, and compensated at competitive rates, to complement existing resources in providing

risk management appropriate to oversee Ginnie Mae’s considerable taxpayer exposure.

359

Recommendations

Treasury recommends that Ginnie Mae collaborate with FHFA, the GSEs, and the Conference

of State Bank Supervisors to expand and align standard, detailed reporting requirements on

nonbank counterparty nancial health, including terms and covenants associated with funding

structures, to provide condence that taxpayers are protected during a period of severe market

stress. Additionally, Treasury supports Ginnie Mae’s consideration of enhancing its counterparty

risk mitigation approach, including through the imposition of stress testing requirements that can

provide information on the nancial health of servicer counterparties across an economic cycle.

Furthermore, in order to protect taxpayers, Treasury recommends Ginnie Mae have sucient ex-

ibility to charge guaranty fees appropriate to cover additional risk arising from changes in the

overall market or at the program level.

Treasury recommends a comprehensive assessment of Ginnie Mae’s current stang and contract-

ing policies, including the costs and benets of alternative pay and/or contracting structures.

Ginnie Mae would be better equipped to manage its program and monitor counterparty risk if it

were able to more readily attract personnel with requisite expertise by paying salaries comparable

to those at other nancial agencies with premium pay authority. Additionally, being able to adopt

similar contracting procedures as other agencies that are outside of federal acquisition statutes and

regulations would enable Ginnie Mae to more eectively monitor and respond to changing market

conditions and needs. However, any change to Ginnie Mae’s personnel or contracting policies

should be informed by a comprehensive assessment of current challenges. e potential benets of

alternative pay and/or contracting structures should be weighed against the additional federal costs

that would be incurred.

For nondepositories, providing greater transparency about their nancial health should be a wel-

come step toward addressing concerns about their sustainability throughout the cycle and the risk

they pose to taxpayers relative to their participation in federally supported loan and securitization

programs. Furthermore, greater standardization of requirements and reporting could benet non-

depositories by reducing disparate state-level and principal counterparty requirements.

Student Lenders and Servicers

Overview

e majority of student loans are originated by the federal government through the U.S.

Department of Education’s (Education) Direct Loan Program. In 2010, Education fully moved to

the Direct Loan Program, under which Education originates loans to students. At the same time,

Congress ended a legacy guaranteed-loan program where private lenders were compensated by the

359. See HUD Ofﬁce of Inspector General Monitoring of Nonbank Issuers Presents Challenges for

Ginnie Mae (Mar. 13, 2017), available at: https://www.hudoig.gov/reports-publications/topic-briefs/

monitoring-of-nonbank-issuers-presents-challenges-ginnie-mae.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

122

federal government to originate and service federal student loans with guarantees of 97%. Today,

the federal loan portfolio has nearly $1.4 trillion in outstanding student loans to nearly 43 million

borrowers.

360

Federal student loan interest rates are set at a spread to the last 10-year Treasury note

auction prior to June 1, with statutory caps by loan program. Federal student loans are originated

at xed rates. However, since interest rates uctuate based on the interest rate on the relevant

10-year Treasury note, a student who has multiple loan types from multiple school years will have

loans that carry dierent interest rates.

Figure 20: Federal Student Loan Interest Rates and Origination Fees

Loan Type 2017-18 Interest

Rate

2018-19 Interest

Rate

Statutory Interest

Rate Cap

2017-18

Origination Fee

Subsidized Undergrad 4.45%* 5.05% 8.25% 1.066%

Unsubsidized

Undergrad

4.45% 5.05% 8.25% 1.066%

Unsubsidized Graduate 6% 6.6% 9.5% 1.066%

Graduate PLUS 7% 7.6% 10.5% 4.264%

Parent PLUS 7% 7.6% 10.5% 4.264%

*Subsidized loans do not accrue interest while the borrower is in school and during a six-month grace period when the borrower

leaves school.

Source: U.S. Department of Education and Treasury staff analysis.

Education provides both subsidized and unsubsidized loans to undergraduate borrowers, unsub-

sidized loans to graduate students, and higher interest loans with higher origination fees to both

graduate and parent borrowers who do not have an adverse credit history. Undergraduate borrow-

ers must comply with strict loan limits of $31,000 for dependent students and must demonstrate

nancial need. To manage repayment for the loans it has originated, Education hires and manages

contractors who perform servicing and collections on the Direct Loan portfolio.

e private student loan market is small relative to the size of the federal portfolio at an estimated

$113 billion, or about 8% of all outstanding student loans originated by banks, credit unions,

and nonbanks.

361

e private student loan market also oers loans to undergraduates, graduate

students, and parents but diers from the federal portfolio in that these loans are underwritten.

e majority of private student loans are cosigned, with nearly all undergraduate loans in recent

years requiring a cosigner; 92% in the 2017-18 award year, and 62% of graduate students requir-

ing a cosigner in the same award year.

362

In the past ve years, more nonbanks have entered the student lending market with a focus on

renancing both private and federal loans into lower interest rate loans. While interest rates on

360. Ofﬁce of Federal Student Aid, U.S. Department of Education, Federal Student Aid Portfolio Summary, available

at: https://studentaid.ed.gov/sa/about/data-center/student/portfolio (as of the end of ﬁrst quarter 2018) (last

accessed June 15, 2018).

361.

MeasureOne, Private Student Loan Report – Q3 2017, available at: https://www.measureone.com/psl.php.

362.

Id. at 24.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

123

these products may be lower than those on some federal student loans, the federal student loan

program continues to provide borrower protections that are unmatched by private loan products.

Federal student loan borrowers considering renancing into private loans should carefully consider

whether they will potentially utilize these federal benets including: a variety of repayment plans

including plans based on income, forbearances available for borrowers facing economic hardship,

loan forgiveness programs after 20 or 25 years of income-driven repayments, Public Service Loan

Forgiveness, and loan discharges for borrowers who become totally and permanently disabled.

Figure 21: Features of Federal Student Loans

Description Feature of Private

Student Loans?

Feature of Other

Consumer Credit

Products?

Need based

program

Federal student loans are not underwritten and

instead are based on demonstrated ﬁnancial

need and in some cases cost of attendance.

No No

Loan limits Loan limits for undergraduate borrowers are

based on whether borrower is considered

“dependent” or “independent” not based on tax

ﬁling status but rather the borrowers age, marital

status, military status, and children and other

dependents.

No No

Delayed

repayment

Payment is not required while a borrower is in

school or during a 6-month grace period after

the borrower leaves school or drops below half-

time enrollment.

Yes No

Credit

reporting

Delinquency on Direct Loans is not reported

to the consumer credit bureaus until day 90 of

delinquency.

No, delinquency

reported begins as

early as day 30.

No, all others report

delinquency as early as

day 30.

Late fees Direct loans have no late fees No No

Interest

capitalization

Interest capitalizes with every change in

status on a federal student loan, including:

entering repayment, leaving the grace period,

switching repayment plans, use of deferments or

forbearances, default, rehabilitating a defaulted

loan, or consolidating existing loans. Interest

capitalization increases the borrower’s principal

balance and interest expense paid over the life

of the loan.

No No

Interest

accrual

Interest accrues on a daily basis, meaning the

interest balance changes each day.

Yes Daily interest accrual

generally used in credit

cards; monthly accrual

is used in mortgages.

Repayment

plans

Direct loans are eligible for up to eight

repayment plans, some of which are dependent

on eligibility requirements related to loan balance

and date of loan origination. Some repayment

plans cause negative amortization.

Generally only

one amortizing

repayment plan is

offered.

Source: Treasury staff analysis.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

124

Program Complexity and Impact

e federal student loan program is immensely complex due to: (1) the variety of loan types oered

and outstanding legacy loan types that continue to require servicing; (2) eight repayment plans

each with dierent eligibility requirements, repayment structures, and features; and (3) product

features that dier from nearly all other consumer nance products. e natural consequence of

this complexity is that it is dicult for borrowers, even those who are sophisticated, to navigate the

program and eectively manage their repayment responsibilities. Because the program is dicult

to understand, borrowers rely on servicers to answer questions about repayment, enroll borrowers

in an appropriate and sustainable repayment plan, and assist borrowers when they struggle to

make their payments. Federal student loan servicers have indicated to Treasury that the program’s

complexity not only makes loans more dicult to service, but also increases the cost of servic-

ing. For example, call center sta at each federal student loan servicer must be well versed on all

of the current and legacy loan types and repayment plans, as each have features with nancial

consequences and tradeos for borrowers.

Issues and Recommendations

Student Loan Servicing Standards

Due to the federal student loan program’s complexity and Education’s limited guidance on servic-

ing standards, servicers have largely relied on internal business practices to determine how to

eectively service federal student loans. While this was intended to promote innovation, it has

caused diculty for servicers in that (1) borrowers may be treated dierently by dierent servicers,

causing nancial disparities, (2) Education’s website provides generic information but each servicer

must maintain its own website, (3) federal and state regulators have raised concerns with servicing

practices, and (4) both the cost of servicing and diculty of oversight have increased.

Borrowers in the same nancial situation who contact two dierent servicers in the federal student

loan program to enroll in a more aordable repayment plan may end up with dierent results and

advice, which may result in a nancial impact on the borrowers. Federal student loan servicers are

instructed to enroll borrowers looking to reduce their payments into the plan that will cost the

borrower the least over time. is sounds simple, but the servicer’s call center agent may have only

limited information from a borrower and may make decisions about tradeos between two similar

repayment plans (e.g., Pay As You Earn and Revised Pay As You Earn) that confer slightly dierent

benets. Federal borrowers have also faced nancial harm in even more straightforward circum-

stances, such as the application of over- and underpayments. Some servicers have not provided

borrowers the ability to direct payments to a specic loan or have not fully implemented guidance

from Education on how to process over- and underpayments.

Each servicer uses a proprietary format for its monthly statements and certain correspondence.

Because of these disparities, Education’s website lacks basic nancial literacy information about

how to read a monthly statement or plain language explanations of dierent letters sent by ser-

vicers with action steps on how to address the correspondence. To address this issue, servicers

have created extensive proprietary websites aimed at serving their customers. Borrowers searching

online for advice may get dierent information depending on their search results from Education’s

website and the servicer’s website.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

125

Federal student loan servicing currently lacks eective minimum servicing standards. is has

created diculties for federal student loan servicers when they communicate with regulators

about their servicing practices. For example, a servicer may discuss a specic servicing practice

with Education and gain approval for that practice but run into consumer protection concerns

about the same practice in examinations or discussions with the Bureau. If Education prescribed

minimum servicing standards, Education could vet these standards with other relevant agencies

so servicers do not face conicting guidance from multiple federal agencies. Further, a public,

common servicing manual, like the servicing manual used in the federal guaranteed student loan

program, would be helpful for state legislators and regulators considering additional regulation.

With eective minimum servicing standards in place, states may decline to regulate federal student

loan servicers further.

Finally, servicing standards could reduce the expense of servicing for taxpayers, as Education would

not need to rely so heavily on contract change orders. In the current Direct Loan servicing con-

tract, change orders are used to require servicers to take specic actions, for example to require

servicers to conduct outreach to borrowers who must provide updated income information to

remain in an income-driven repayment plan, but at a cost to the taxpayer. Servicing standards

would reduce the need for these ad hoc contract changes, which are more expensive and dicult

for servicers to implement than if built into the contract requirements up front. With common

servicing standards, contract oversight would be easier for Education to conduct because both the

servicer and Education would have clear, written guidance describing expectations.

Recommendations

Education should establish guidance on minimum standards specifying how servicers should

handle decisions with signicant nancial implications (e.g., payment application across loans,

prioritizing repayment plans, and use of deferment and forbearance options), minimum contact

requirements, standard monthly statements, and timeframes for completing certain activities

(e.g., processing forms or correcting specic account issues). Treasury applauds the required use

of Education branding on servicing materials in the new Direct Loan servicing procurement to

reduce borrower confusion.

Student Loan Borrower Communication

In the federal student loan program, servicers under contract with Education begin contacting

borrowers directly following the disbursement of the borrower’s rst loan and will continue to

contact the borrower at minimum on a quarterly basis while the borrower is in school and on a

monthly basis while the borrower is in repayment. Federal student loan servicers rely heavily on

U.S. mail, phone calls, and email to communicate with borrowers.

When loans enter repayment, borrowers generally create an online account with their student

loan servicer. At this point, the servicer may receive the borrowers’ email address for the rst time

as borrowers are not required to provide this information while applying for federal nancial aid.

Federal student loan servicers employ emails that many borrowers and consumer advocates feel are

of limited utility as they often contain messages similar to, “A new message is available on your

online account,” rather than more substantive emails.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

126

Federal student loan servicing also lacks e-signature capability, creating unnecessary cost and inef-

ciency for federal student loan servicers. Without e-signature, borrowers must access computers,

nd forms online, print physical copies of documents, sign those documents, then send those

documents by mail, for processing and scanning in a servicer mail facility. is adds several steps

for borrowers. To more successfully receive forms back from borrowers, some student loan servicers

have mailed borrowers prepopulated forms and included an addressed and stamped envelope.

e expense that servicers incur in using the U.S. mail for is signicant relative to the monthly

compensation federal student loan servicers receive per borrower. E-signature technology could

expedite the process of completing forms and help borrowers more responsibly manage their stu-

dent loan accounts, while reducing servicer costs. A reduction in servicer costs could also yield

savings to the U.S. taxpayer in the form of lower servicer contract costs.

Recommendations

In Education’s new Direct Loan servicing contract, Education should require student loan servicers

to make greater use of emails and provide guidance to servicers on how to use email appropriately

to balance privacy and security concerns with the need for eective and timely communication.

All emails sent to federal student loan borrowers should provide enough information for borrow-

ers to easily discern whether action must be taken on their account. Education should contract

with providers of secure e-signature software and cloud technology for use by federal student loan

servicers on all forms.

Data Quality

With a $1.4 trillion federal student loan portfolio, it is critical that Education monitor and manage

the taxpayer investment in higher education carefully. Under the existing Direct Loan servicing

contract, servicers maintain the majority of loan level data about the portfolio. Because data about

the student loan portfolio comes from many dierent sources (e.g., borrowers, schools, legacy

lenders and servicers, and nine current servicers), the data is often in incompatible formats and

housed in separate, antiquated systems. is limits Education’s ability to appropriately monitor

trends in performance that should be addressed through servicing changes and manage the federal

student loan portfolio. Further, Education releases very limited data about the performance of the

portfolio. Taxpayers deserve greater insight into how this large investment is performing.

Recommendations

Education must improve its data quality and portfolio management. Education’s Oce of

Federal Student Aid, which operationalizes the $1.4 trillion federal student loan portfolio,

should include in its management team individuals with signicant expertise in managing large

consumer loan portfolios.

Education should take steps to address existing data quality issues to better monitor and

manage portfolio performance. Education should increase transparency by publishing greater

portfolio performance data, servicer performance data, and cost estimation analysis on its

website to give stakeholders greater insight into Education’s management of the taxpayer

investment in higher education.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

127

Institutional Accountability

Treasury remains concerned about the lack of institutional accountability in student lending.

Colleges and universities have very few accountability requirements related to the performance of

the loans their students receive through the federal student loan program. e existing metric used

by Education, the cohort default rate, does not capture other problematic loan statuses that show

the borrower may be struggling to repay (e.g., signicant delinquencies and extended forbearances)

and the metric is easily gamed by institutions. Treasury analysis of Education data indicates that

principal repayment after ve years is highly predictive of future loan performance. Treasury is

concerned about schools that do not provide student loan borrowers good value, often leading to

indebtedness the borrower cannot repay in a reasonable time period.

Recommendations

Treasury supports legislative eorts to implement a risk-sharing program for institutions partici-

pating in the federal student loan program based on the amount of principal repaid following ve

years of payments. Schools whose students have systematically low loan repayment rates should be

required to repay small amounts of federal dollars to protect taxpayers’ growing investment in the

federal student loan program. Congress should consider how to address schools with systematically

low repayment rates but large populations of disadvantaged students.

Short-Term, Small-Dollar Installment Lending

Overview

Short-term, small-dollar loans, which typically range from $300 to $5,000, account for nearly

$90 billion in annual lending.

363

ese products, oered by nonbank lenders and some depository

institutions, include lump-sum loans, with terms of 1 month or less, as well as installment loans

with terms of up to 2 years. e demand for short-term, small-dollar products is high because

many households struggle with income volatility, thin or no credit les or a subprime score, or

lack of access to mainstream nancial products that meet their needs. According to the FRB, 40%

of Americans say they could not easily cover an emergency expense of $400.

364

FDIC data also

indicates that almost 20% of U.S. households are considered underbanked because of their use of

alternative nancial services.

365

363. See Center for Financial Services Innovation, 2017 Financially Underserved Market Size Study (Dec.

2017), at 44–47, available at: https://s3.amazonaws.com/cfsi-innovation-ﬁles-2018/wp-content/

uploads/2017/04/27001546/2017-Market-Size-Report_FINAL_4.pdf (for revenue and volume data on pawn

loans, online payday loans, storefront payday loans, installment loans, title loans, and marketplace personal

loans).

364.

Board of Governors of the Federal Reserve System, Report on the Economic Well-Being of U.S. Households

in 2017 (May 2018), at 21-22, available at: https://www.federalreserve.gov/publications/ﬁles/2017-report-eco-

nomic-well-being-us-households-201805.pdf.

Board of Governors of the Federal Reserve System, Report on the Economic Well-Being of U.S. Households

in 2016 (May 2017), at 26-27, available at: https://www.federalreserve.gov/publications/ﬁles/2016-report-eco-

nomic-well-being-us-households-201705.pdf.

365.

Federal Deposit Insurance Corporation, 2015 FDIC National Survey of Unbanked and Underbanked

Households (Oct. 20, 2016), available at: https://www.fdic.gov/householdsurvey/.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

128

Regulatory Framework Regulatory Framework

Nonbank, short-term, small-dollar lenders are regulated at both the federal and state levels. At

the federal level, Dodd-Frank authorized the Bureau to supervise nondepository covered persons

oering or providing payday loans to consumers for compliance with federal consumer protection

laws.

366

As noted previously, the Bureau also has authority to prohibit certain acts or practices that

are unfair, deceptive, or abusive.

State laws set product feature limitations and may require licensing of nonbank lenders to make

loans in the state. Based on the product (e.g., payday or installment), product feature restrictions

may include loan size caps, interest rate limits, repetitive use restrictions, and even outright prohi-

bitions. ese restrictions are often enforced by state banking agencies or state attorneys general.

According to the National Conference of State Legislatures, 37 states have laws allowing payday

lending in some form. irteen states have prohibited payday lending outright.

Banks providing short-term, small-dollar loans may be regulated by state or federal law, depending

on the type of bank. Prudential regulators and the Bureau have authority to evaluate these product

oerings for compliance with federal consumer protection laws. Additionally, as depository insti-

tutions, banks oering these products must meet safety and soundness requirements.

Issues and Recommendations

In November 2017, the Bureau issued a nal rule entitled “Payday, Vehicle Title, and Certain

High Cost Loans” (Payday Rule) that applies to lenders that extend credit with terms of 45 days

or less as well as longer-term credit with balloon payments (Covered Loans).

367

Lenders making

Covered Loans are required to determine that the borrower has the ability to repay the loan. is

ability to repay is based on a determination that the consumer can make payments on the loan and

still meet major nancial obligations and basic living expenses without needing to re-borrow over

the next 30 days. When underwriting a Covered Loan, the lender is required to obtain and verify

the consumer’s net income and nancial obligations and ensure that the loan will not result in

the consumer having a sequence of more than three Covered Loans within 30 days of each other.

A failure to comply with the ability to repay underwriting standard is an unfair and/or abusive

practice. In January 2018, the Bureau announced its intention to engage in further rulemaking to

reconsider the Payday Rule.

e Bureau’s rule raises two primary concerns. First, states maintain authority to regulate short-

term, small-dollar lending, which raises questions regarding the need for additional federal regula-

tion. In 2016, the House Financial Services Committee held a hearing to evaluate the Bureau’s

proposed Payday Rule and its interaction with state authority. Testimony highlighted the extensive

action taken by states to pass laws authorizing, restricting or prohibiting payday lending. Similarly,

in 2016, a bipartisan group of 16 state attorneys general sent a letter to then Bureau Director

Cordray cautioning him against restricting state authorities by moving forward with the Payday

Rule. Specically, these attorneys general highlighted how states were best positioned to regulate

366. 12 U.S.C. § 5514(a)(1)(E).

3 67. Payday, Vehicle Title, and Certain High-Cost Installment Loans (Oct. 5, 2017) [82 Fed. Reg. 54472 (Nov. 17,

2017)].

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

129

these sometimes high-priced products, and to understand the credit and consumer protection

needs of the consumers in their states.

Second, the Payday Rule would further restrict consumer access to credit and decrease product

choices. According to the Bureau’s estimates, the Payday Rule would reduce overall payday loan

volume by as much as two-thirds.

368

is reduction in access to regulated, short-term, small-dollar

loans may leave these consumers vulnerable to dangerous alternatives such as unscrupulous, unli-

censed, oshore or otherwise illegal lenders.

369

is is especially true as short-term, small-dollar

lending activity has been largely pushed out of the traditional banking system.

Banks can operate as additional sources of credit for consumers who otherwise may be unbanked or

underbanked and lead to “a path to more mainstream nancial products.”

370

However, in 2013, the

OCC and FDIC issued guidance on direct deposit advance products, which identied supervisory

risks with the oering of these products.

371

Following the release of the guidance, banks withdrew

these products from the market. Stakeholder feedback highlighted that the low margin and height-

ened maintenance of these products did not oset the increased regulatory scrutiny. is outcome

further restricted short-term, small-dollar lending from the traditional banking system.

Last year, the OCC recognized the consumer demand for these products. In October 2017, the

OCC rescinded its guidance because “consumers who would prefer to rely on banks and thrifts

for these products may be forced to rely on less regulated lenders and be exposed to the risk of

consumer harm and expense.”

372

e OCC has also issued a bulletin providing guidance to OCC-

supervised banks on core lending principles for short-term, small-dollar installment lending.

373

e FDIC has yet to rescind its previous guidance.

Recommendations

Treasury recognizes and supports the broad authority of states that have established comprehensive

product restrictions and licensing requirements on nonbank short-term, small-dollar installment

lenders and their products. As a result, Treasury believes additional federal regulation is unneces-

sary and recommends the Bureau rescind its Payday Rule.

Additionally, Treasury recommends that federal and state nancial regulators take steps to encour-

age sustainable and responsible short-term, small-dollar installment lending by banks. Specically,

368. Id. at 54817.

369. Sudhir Venkatesh, Off the Books: The Underground Economy of the Urban Poor (2006); Todd J. Zywicki,

Mercatus Center, The Case Against New Restrictions on Payday Lending, working paper (July 2009), available

at: https://www.mercatus.org/system/ﬁles/WP0928_Payday-Lending.pdf.

370.

Ofﬁce of the Comptroller of the Currency, Core Lending Principles for Short-Term, Small-Dollar Installment

Lending

, OCC Bulletin 2018-14 (May 23, 2018), available at: https://www.occ.treas.gov/news-issuances/bul-

letins/2018/bulletin-2018-14.html (“OCC Core Lending Principles”).

371.

Direct Deposit Advance products, offered by banks, are a “small-dollar, short-term loan or line of credit that a

bank makes available to a customer whose deposit account reﬂects recurring direct deposits.” Rescission of

Guidance on Supervisory Concerns and Expectations Regarding Deposit Advance Products (Oct. 5, 2017) [82

Fed. Reg. 47602 (Oct. 12, 2017)].

372. Id.

373. OCC Core Lending Principles.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

130

Treasury recommends that the FDIC reconsider its guidance on direct deposit advance services

and issue new guidance similar to the OCC’s core lending principles for short-term, small-dollar

installment lending.

Debt Collection

Debt collectors and debt buyers are important market participants for the continued functioning

of the consumer credit markets and other industries that rely on the recoveries from debt collec-

tion or the sale of delinquent debt to minimize losses.

374

Debt collectors can be segmented into

two categories: rst-party debt collectors and third-party debt collectors. By reducing losses from

unpaid balances, debt collectors and debt buyers increase eciency in the consumer credit markets

through the reduced cost of credit, which can yield greater access to credit.

Issues and Recommendations

e Fair Debt Collection Practices Act (FDCPA), was enacted in 1977 to eliminate abusive,

deceptive, and unfair conduct by third-party debt collectors working to collect consumer debt

incurred primarily for personal, family, or household purposes, thereby excluding business,

corporate, or agricultural debt.

375

Dodd-Frank provided the Bureau rulemaking authority for

the FDCPA, as well as supervision and enforcement authority for the entities under the Bureau’s

jurisdiction.

376

e Bureau’s supervision manual for the FDCPA makes clear that an institution

is not considered a debt collector under the FDCPA, “when it collects: another’s debts in isolated

instances; its own debts it originated under its own name; debts it originated and then sold, but

continues to service (e.g., mortgage and student loans); debts that were not in default when they

were obtained; and debts that were obtained as security for a commercial credit transaction.”

377

ese exclusions from the FDCPA allow creditors who have originated the debt (rst-party

debt collectors) to attempt recovery on that debt without the restrictions and potential liability

associated with the FDCPA.

Debt collectors and debt buyers are of continued interest to policymakers, as they are frequently

the source of consumer complaints and yielded one of the most frequent types of consumer com-

plaints of any industry to both the Federal Trade Commission (FTC)

378

and the Bureau

379

in the

374. The majority of debt collected is related to healthcare, student loans, and debt owed to state, local, and fed-

eral governments. See Ernst & Young, The Impact of Third-Party Debt Collection on the US National and State

Economies in 2016 (Nov. 2017), at 5, available at: https://www.acainternational.org/assets/ernst-young/ey-

2017-aca-state-of-the-industry-report-ﬁnal-5.pdf.

375.

Bureau of Consumer Financial Protection, Fair Debt Collection Practices Act Supervision Manual (Oct. 2012),

available at: https://s3.amazonaws.com/ﬁles.consumerﬁnance.gov/f/documents/102012_cfpb_fair-debt-collec-

tions-practices-act-fdcpa_procedures.pdf (“FDCPA Supervision Manual”).

376.

Dodd-Frank §§ 1002(12)(H), 1024(b)-(c), and 1025(b)-(c) [12 U.S.C.§§ 5481(12)(H), 5514(c), and 5515(c)].

377. FDCPA Supervision Manual, at 1.

378. Federal Trade Commission, Consumer Sentinel Network Data Book 2017 (Mar. 2018), at 4, available at:

https://www.ftc.gov/system/ﬁles/documents/reports/consumer-sentinel-network-data-book-2017/consumer_

sentinel_data_book_2017.pdf.

379.

Bureau data from Consumer Complaint Database, available at: https://www.consumerﬁnance.gov/data-

research/consumer-complaints/ (ﬁltered for complaints received during 2017).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

131

last year. Stakeholders representing a variety of interests, including consumer advocates, lenders,

debt collectors and debt buyers, and the FTC, have expressed concerns about the adequacy of

information transferred with the sale of debt to third-party debt collectors. Data provided by

industry indicates there is an ineciency in this market as well. According to a survey of debt

collectors and buyers, consumers request verication on nearly one in ve accounts referred to

debt collectors, with approximately 10% of consumers ling a formal dispute.

380

While FTC

data shows fewer disputes, the FTC reports that debt buyers indicate they are only able to verify

about half of the debts that consumers dispute, demonstrating that debt buyers are not receiving

sucient information about the debt to prove to the consumer that the debt they are attempting

to collect is valid.

381

In 2013, the Bureau published an advance notice of proposed rulemaking on debt collection

practices.

382

In the proposal, the Bureau indicated concern about the amount of information

that is transferred with a debt when it is sold to a third-party collector, and requested comment

on what type of information should be provided in three critical areas and the adequacy of that

information: (1) the correct person; (2) the correct amount owed; and (3) the correct docu-

mentation provided with the debt.

383

To date, the Bureau has not issued a notice of proposed

rulemaking following the 2013 proposal. In the absence of minimum federal standards for the

information creditors must provide to debt collectors and buyers, certain companies and trade

groups have committed to higher standards for this information prior to debt collection or sale.

Additionally, some states have enacted laws concerning data quality standards for debt buyers

and required disclosures. For example, California law prohibits debt buyers from contacting

consumers about a debt unless it possesses information about the debt balance, date of default,

and original creditor. Illinois, Texas, and New York statutes require disclosure of specic infor-

mation to consumers by debt collectors.

Recommendation

Treasury recommends the Bureau establish minimum eective federal standards governing the

collection of debt by third-party debt collectors. Specically, these standards should address the

information that is transferred with a debt for purposes of debt collection or in a sale of the debt.

Further, the Bureau should determine whether the existing FDCPA standards for validation letters

to consumers should be expanded to help the consumer assess whether the debt is owed and

determine an appropriate response to collection attempts.

Treasury does not support broad expansion of the FDCPA to rst-party debt collectors absent

further Congressional consideration of such action.

380. Ernst and Young, at 5.

381. Federal Trade Commission, The Structure and Practices of the Debt Buying Industry (Jan. 2013), at iv, avail-

able at: https://www.ftc.gov/sites/default/ﬁles/documents/reports/structure-and-practices-debt-buying-industry/

debtbuyingreport.pdf.

382.

Debt Collection (Regulation F) (Nov. 5, 2013) [78 Fed. Reg. 67848 (Nov. 12, 2013)].

383. Id.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

132

IRS Income Veriﬁcation

Overview

e federal government plays a role not only supporting policies that advance the prudent applica-

tion of nancial technology in credit markets, but also, at times, by furnishing information integral

to the consumer and small business underwriting process itself. In this capacity, the government

needs to take care that it is not inhibiting innovation in practice that it supports in policy. One

commonly cited credit industry challenge is the interaction with IRS’s income verication system,

including the lack of an interface, such as an Application Programming Interface (API), to perform

this function in an automated fashion.

As part of assessing a loan applicant’s nancial capacity for assuming a credit obligation, lenders

for consumer and small business credit often request that a loan applicant provide tax return

information to verify income information submitted by the applicant. For some credit decisions,

such as mortgages, lenders perform income verication to adhere to regulatory requirements to

assess a borrower’s ability to repay the debt. For other classes of credit, particularly those served

by marketplace lenders, income verication is an important credit risk assessment tool as it helps

develop a more complete picture of a borrower’s overall risk assessment and the likelihood for that

borrower to be able to fulll the terms of the loan.

384

Lenders assess nancial capacity using a range of information and tools. Some information is

provided directly by the borrower. Other information is provided by third parties, some of which

requires the consent of the borrower before such information can be provided to the lender. For

credit decisions, loan terms are largely determined by applicant-submitted information and data

purchased from private credit bureaus that document the credit histories of millions of Americans.

Ocial tax return documentation obtained pursuant to authorization provided by the borrower

is a critical source of information and is used by lenders to verify that loans comply with existing

regulations (e.g., the Ability to Repay/Qualied Mortgage rule) and to conrm information pro-

vided by the borrower during the underwriting process. Lenders generally determine a borrower’s

creditworthiness before utilizing ocial income data, due in part to challenges with quickly and

securely obtaining tax return information from the IRS once the borrower authorizes the IRS to

disclose such information to the lender.

Issues and Recommendations

In the present system, a credit applicant facilitates income verication by completing a request for

a copy of his or her tax transcripts through IRS Forms 4506, 4506-T, 4506T-EZ, or 8821 through

the IRS.

385

rough these forms, a borrower gives consent for the IRS to disclose his or her sum-

marized tax transcript to a third party.

386

Lenders often utilize third-party vendors to process these

384. See Marketplace Lending Association, Update the IRS 4506-T API, available at: http://marketplacelendingas-

sociation.org/wp-content/uploads/2017/08/Build-an-API-for-the-IRS-4506-T-.pdf.

385.

See IRS Income Veriﬁcation Express Service at https://www.irs.gov/individuals/international-taxpayers/

income-veriﬁcation-express-service.

386.

Federal law prohibits disclosure or use of federal tax return information except as authorized by that title. See

26 U.S.C. § 6103. Violations are subject to criminal penalty. Federal law [26 U.S.C. §6103(c)] permits the IRS

to disclose tax return information to third parties with consent of the taxpayer.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

133

transcript requests. To protect the condentiality of federal tax return information, third-party

vendors must meet strict security and technology requirements set by the IRS.

e IRS typically processes transcript requests submitted through its Income Verication Express

Service and provides borrower tax summary data to the authorized third party within two to

three days, although lenders report it can take considerably longer during periods of high volume.

Credit decisions can be delayed pending receipt. Given the millions of credit transactions that

depend on IRS verication, delays in this process may impose added costs on borrowers and the

economy from the collective delays in completing these transactions. In a nancial system increas-

ingly adopting real-time information transfer and access to borrower bank and asset proles, the

delay in receiving IRS income verication can be particularly frustrating for lenders and borrowers.

e IRS currently fullls 4506-T requests by transmitting borrower tax summary data to an

authorized third party’s secure mailbox. In other data aggregation situations, such as gathering

borrower bank balances, lenders are able to obtain the needed borrower nancial information

through an API to instantaneously and safely transfer data. However, for lenders to gather federal

tax data, they must rely on slower IRS verication technology that lacks the key type of digital

interface enabled by an API. Given existing IRS priorities and funding levels, developing such a

digital interface capability at the IRS would require multiple levels of front-end as well as back-end

enhancements, including development of an e-signature capability and an authorization solution.

Enabling faster, more reliable income verication could facilitate lenders’ ability to better incor-

porate historical income data earlier into credit pricing, as opposed to using it for verication

purposes at the back-end of the underwriting process. Further, this data could potentially expand

access to credit by providing lenders a broader view into a credit applicant’s creditworthiness,

where an otherwise incomplete credit picture, or on-the-border credit score, could lead a lender to

decline an applicant. is is particularly true for small businesses, as it could improve the ability to

consolidate debts incurred on personal credit cards into a consolidated business loan, as a lender

would be able to more immediately analyze income history and observe patterns of growth that

indicate creditworthiness.

Recommendation

It is important that the IRS update its income verication system to leverage a modern, technology-

driven interface that protects taxpayer information and enables automated and secure data sharing

with lenders or designated third parties. Such an interface would bring a critical component of

the credit process up to speed with broader innovations in nancial technology. Borrowers, and

the broader economy, stand to benet through lower operational costs for lenders, elimination

of paperwork and delays, incorporation of important credit information into credit pricing, and

potentially expanded access to credit as tax information can be more easily incorporated into deter-

minations of creditworthiness. Any changes must balance faster access with security controls that

ensure that only information that borrowers choose to share with lenders is shared, that lenders

and vendors have security controls in place to protect taxpayer data, and that signicant security

protections are put into place to protect sensitive taxpayer information.

While the IRS is working to update its technology, including technology used by lenders for income

verication, these eorts are dependent on funding in light of other IRS mission-critical priorities.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

134

Treasury recommends Congress fund IRS modernization, which would include upgrades that will

support more ecient income verication.

New Credit Models and Data

Overview

U.S. nancial institutions have traditionally relied upon a common set of credit information for

purposes of extending consumer credit. is generally standardized credit data, which consists

primarily of consumer debt and payment history, is consolidated by national credit bureaus and

is fed into a common set of credit models which generate consumer credit scores that are widely

used across U.S. nancial institutions. One of the most dominant existing credit score models is

the one used by FICO to generate the widely used FICO score, which is reportedly used by some

90% of top lenders.

387

With the explosion in available data and advances in modeling methods, a growing number of

rms — existing and new entrants — have begun to use or explore a wide range of newer data

sets or advanced algorithms (including those based upon machine-learning practices) to support

credit underwriting decisions. is interest in newer data and models has taken place across the

unsecured consumer, small business lending, and mortgage lending segments.

e types of data being considered may dier signicantly in their apparent relationship to

traditional credit criteria. Some data are considered more proximate because they provide more

meaningful information on the credit prole of borrowers (e.g., utility and rental payments), while

3 87. See Mercator Advisory Group, Press Release – FICO

Scores Used in over 90% of Lending

Decisions According to New Study (Feb. 27, 2018), available at: http://paymentsjournal.com/

ﬁco-scores-used-90-lending-decisions-according-new-study/.

Potential to enable greater access to credit

Traditional credit models

Alternative credit models

Commonly used alternative data

Rent history

Utility and cell phone bills

Employment history

Property ownership

Phone number and address stability

Nontraditional alternative data

Social media

Browsing history

Behavioral data

Shopping patterns

Data about consumers’ friends

and associates

Figure 22: T

ypes of Credit Data

Traditional credit data

Lines of credit

Utilizations rate

Length of credit history

Loan payment history

Credit mix

Note: Represents select examples from comment letters to CFPB regarding use of alternative data and modeling technologies in

credit process by Equifax, TransUnion, American Bankers Association, Consumer Bankers Association, FICO, Independent

Community Bankers Association, and California Nevada Credit Union League.

Source: CFPB public comment file. See Robinson + Yu, Knowing the Score: New Data, Underwriting, and Marketing in the

Consumer Credit Marketplace (Oct. 29, 2014), at 15.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

135

other data sources’ relationship to credit risk may be less apparent (e.g., technology usage patterns,

social networking information and website tracking).

e types of credit models also vary meaningfully, for example, by the degree to which rms

employ machine learning based algorithms. Some of the new credit models are largely based upon

existing modeling approaches but with new forms of data that closely approximate other credit

data, while other rms may employ both new modeling approaches (i.e., machine learning) and

some of the newest forms of data (e.g., technology use patterns). ese newer credit models could

be used by rms on a proprietary basis to underwrite borrowers for their own businesses, or could

also be used by rms to generate a credit score product that could be sold to other rms for their

loan underwriting processes.

Nonbank nancial rms, such as marketplace lenders, generally report greater use of less-traditional

data sources and newer modeling approaches, including ones based upon machine learning. Such

lenders may rely upon new data sources to support the underwriting of loans through authenticating

borrowers’ identity online, assessing borrower default risk, and reducing instances of fraud. e pro-

vision of such scoring information also allows such lenders to often extend credit to borrowers below

traditional FICO score thresholds or with little FICO score information.

388

Various new credit scor-

ing companies have also formed that are generally more active in leveraging these new data sources,

though the degree to which some might employ machine-learning models can vary substantially.

389

Issues and Recommendations

ese approaches have the potential to enable greater access to credit and improve the quality

of nancial products. However, the applications of these more novel approaches raise important

policy considerations.

Opportunities to Expand and Improve Access to Credit

ere are potential opportunities to expand access to credit for borrowers: (1) consumers who

have thin credit les or no credit les (up to 45 million U.S. adults)

390

with the consumer credit

bureaus, and (2) small businesses, which are important engines of the economy and job creation.

For example, a 2017 study found some evidence that the use of “alternative” credit data has allowed

consumers with more limited traditional credit proles (i.e., based on FICO scores) to access cred-

it.

391

Additional information on credit card usage, such as whether consumers are carrying balances

388. See Letter from the Online Lenders Alliance to the Bureau of Consumer Financial Protection, Response to

Request for Information Regarding Use of Alternative Data Modeling Techniques in the Credit Process;

Records Docket No.: CFPB-2017-0005 (May 19, 2017), available at: https://www.regulations.gov/document?

D=CFPB-2017-0005-0071.

389.

Mikella Hurly and Julius Adebayo, Credit Scoring in the Era of Big Data, 18 Yale J. L. & Tech. 148 (2016) (table

1).

390.

See Ofﬁce of Research, Bureau of Consumer Financial Protection, Data Point: Credit Invisibles (May 2015),

at 12, available at: http://ﬁles.consumerﬁnance.gov/f/201505_cfpb_data-point-credit-invisibles.pdf (“Credit

Invisibles Report”).

391.

Julapa Jagtiani and Catharine Lemieux, Fintech Lending: Financial Inclusion, Risk Pricing, and Alternative

Information, Federal Reserve Bank of Philadelphia working paper (July 6, 2017), at 9-12, available at: https://

www.philadelphiafed.org/-/media/research-and-data/publications/working-papers/2017/wp17-17.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

136

month over month on their credit cards or paying in full, can also improve credit risk analysis. At

the same time, some groups have raised the concern that expanding the use of certain data (e.g.,

rent, utility, telecom payments) for persons that already have a FICO score could result in reduced

credit availability.

392

e use of alternative credit data can provide consumers an on-ramp into the

nancial services landscape. For example, FICO recently launched another credit score product

designed to provide credit applicants a “second chance” score, to be used where the applicant has

no traditional FICO score. e new score provides a means to assess consumers with thin credit

reports who could not be scored without additional information. FICO found that using its “sec-

ond chance” score, more than a third of such applicants had FICO scores above 620. Moreover,

for applicants with scores above 620 and that access credit, more than two-thirds reported FICO

scores of 660 or higher two years later.

393

Several rms that are actively deploying these approaches in consumer and small business lending

report signicant improvements in loss rates, which suggests some improvements in modeling

approaches. For example, rms anecdotally report: (1) double-digit improvements in approval

rates and declines in loss rates from using machine learning techniques on existing available data

sources for lenders (that is, their own data, but with improved analysis); and (2) that some of the

nontraditional data sources provide predictive value that is comparable to the traditional credit-

data, which can indicate either strong proxy relationships with traditional credit-data or other

important information not available to existing credit data sets. It should be noted, however, that

the timeframe of these favorable results is limited and does not reect performance through a

credit cycle.

e Bureau has also highlighted the potential benets in these approaches to data and model-

ing. e Bureau launched a no-action letter program as part of its Project Catalyst, launched in

November 2012, to facilitate consumer-friendly innovations. Specically, the Bureau was looking

to explore how “alternative data” and the use of emerging technologies like machine learning,

could improve credit decisions.

394

Consumer Protections and Compliance

Firms looking to use alternative data and more advanced algorithms must navigate compliance

with several areas of consumer protection law, including: (1) the Fair Credit Reporting Act

(FCRA) of 1970, which is designed to make sure that credit reporting agencies that sell data

for certain decision-making purposes maintain accurate data, provide consumers access to and

the ability to correct their data, and that such data is used only for permissible activities; (2) fair

lending laws, including the Equal Credit Opportunity Act and the Fair Housing Act, which are

392. Letter from National Consumer Law Center et al., Comments in Response to Request for Information

Regarding Use of Alternative Data and Modeling Techniques in the Credit Process, Docket No. CFPB-2017-

0005 (May 19, 2017), at 3-4, available at: https://www.regulations.gov/document?D=CFPB-2017-0005-0097.

393.

Letter from Fair Isaac Corporation, Request for Information Regarding the Use of Alternative Data and

Modeling Techniques in the Credit Process – Docket No. CFPB-2017-0005 (May 19, 2017), at 9, available at:

https://www.regulations.gov/document?D=CFPB-2017-0005-0080.

394.

Bureau of Consumer Financial Protection, CFPB Announces First No-Action Letter to Upstart

Network (Sept. 14, 2017), available at: https://www.consumerﬁnance.gov/about-us/newsroom/

cfpb-announces-ﬁrst-no-action-letter-upstart-network/.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

137

designed to prohibit discrimination on the basis of various protected categories; (3) the Federal

Trade Commission (FTC) Act, which prohibits unfair or deceptive acts or practices (UDAP) in or

aecting commerce; and (4) the Bureau’s authority with respect to unfair, deceptive or abusive acts

and practices (UDAAP).

e FCRA requires that consumers be provided adverse action notices if they are denied credit

or charged more as the result of their consumer report information. is requirement, among

other factors, may represent challenges for market participants that are seeking to innovate by

incorporating additional data sources into the credit underwriting process.

New models and data may also unintentionally run the risk of producing results that arguably risk

violating fair-lending laws if they result in a “disparate impact” on a protected class

395

or because

the FTC or the Bureau might nd the use of such models and data to be a violation of UDAP or

UDAAP, respectively.

Model Validation and Reliability

Existing regulatory guidance on credit models

396

may need to be tailored to incorporate issues

raised by alternative data or machine learning based models. As an example, applying tradition-

ally accepted practices of model validation and back-testing may be challenging when models are

constantly “learning” and producing potentially new results on a continual basis.

e data available today signicantly exceeds the data available during past credit cycles. Machine

learning based models that require signicant amounts of data would generally suer from the

absence of past credit-cycle data to “train” the model.

Data Quality and Privacy

Alternative data sources may not be as reliable as traditional sources. Banks active in consumer

lending, for example, report that vendors of “alternative data” may not always know the source

of their own data, which would present material compliance risks if such data were to be used for

395. Carol Evans, Board of Governors of the Federal Reserve System, Keeping Fintech Fair: Thinking about Fair

Lending and UDAP Risks, Consumer Compliance Outlook (2017), available at: https://consumercomplian-

ceoutlook.org/assets/2017/second-issue/ccoi22017.pdf?la=en.

396.

See Board of Governors of the Federal Reserve System, Guidance on Model Risk Management, SR Letter

11-7 (Apr. 4, 2011), available at: https://www.federalreserve.gov/supervisionreg/srletters/sr1107.htm; Ofﬁce

of the Comptroller of the Currency, Credit Scoring Models, OCC Bulletin 1997-24 (May 20, 1997), available

at: https://www.occ.treas.gov/news-issuances/bulletins/1997/bulletin-1997-24.html; Ofﬁce of the Comptroller

of the Currency, Sound Practices for Model Risk Management, OCC Bulletin 2011-12 (Apr. 4, 2011), avail-

able at: https://www.occ.gov/news-issuances/bulletins/2011/bulletin-2011-12.html; Federal Deposit Insurance

Corporation, Supervisory Insights – Model Governance (last updated Dec. 5, 2005, available at: https://www.

fdic.gov/regulations/examinations/supervisory/insights/siwin05/article01_model_governance.html; Federal

Deposit Insurance Corporation, Supervisory Insights – Fair Lending Implications of Credit Scoring Systems

(last updated Apr. 11, 2013), available at: https://www.fdic.gov/regulations/examinations/supervisory/insights/

sisum05/article03_fair_lending.html.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

138

eligibility and credit decisions.

397

e prevalence of errors from such data is not currently known,

though even traditional credit bureau information may have meaningful rates of errors.

398

Recommendations

Treasury recognizes that these new credit models and data sources have the potential to meaning-

fully expand access to credit and the quality of nancial services. Treasury therefore recommends

that federal and state nancial regulators further enable the testing of these newer credit models

and data sources by both banks and nonbank nancial companies.

Regulators, through interagency coordination wherever possible, should tailor regulation and

guidance to enable the increased use of these models and data sources by reducing uncertainties.

In particular, regulators should provide regulatory clarity for the use of new data and modeling

approaches that are generally recognized as providing predictive value consistent with applicable

law for use in credit decisions.

Regulators should in general be willing to recognize and value innovation in credit modelling

approaches. Such approaches can create more robust risk management environments and improve

both the cost and access to credit. Regulators should enable prudent experimentation with the aim

of working through various issues raised, which may in turn require new approaches to supervision

and oversight.

Given that consumers without credit scores tend to make regular monthly payments to telecom,

utility, or rental companies and may benet from the reporting of these elds, Treasury supports

continued industry eorts to capture this type of additional consumer credit data through regular

reporting to the consumer credit bureaus. Similarly, Treasury supports eorts to report monthly

credit card payment amounts to the consumer credit bureaus to provide an additional level of

granularity into consumer credit utilization.

Credit Bureaus

Overview

e consumer credit bureaus are essential to the functioning of consumer credit markets in the

United States. Credit bureaus have not only become a vital resource for nancial market par-

ticipants such as lenders and servicers, but are also increasingly relied upon by property manage-

ment companies and employers. Credit bureaus collect, store, and analyze consumer nancial

data including repayment history, outstanding debt, and other factors to produce a prole of a

consumer’s credit history. Today, about 189 million American consumers have credit reports with

3 97. Letter from Consumer Bankers Association, Response of the Consumer Bankers Association to the Request

for Information Regarding Use of Alternative Data and Modeling Techniques in the Credit Process (Docket

No. CFPB-2017-0005) (May 19, 2017), at 9, available at: https://www.regulations.gov/document?D=C

FPB-2017-0005-0073.

398.

See, e.g., Bureau of Consumer Financial Protection, Supervisory Highlights Consumer Reporting Special

Edition (Winter 2017), available at: https://ﬁles.consumerﬁnance.gov/f/documents/201703_cfpb_Supervisory-

Highlights-Consumer-Reporting-Special-Edition.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

139

sucient information for the calculation of a credit score.

399

Credit bureaus also maintain les on

another 19 million Americans who are considered “unscorable” due to insucient information.

400

In total, nearly 210 million Americans rely on the three major consumer credit bureaus to accu-

rately reect their credit histories so that this history can be used by credit scorers and nancial

institutions to model credit risk, determine eligibility for credit, and establish the price of that

credit. ese entities collect signicant amounts of personal and nancial data about consumers,

and, as a result, have a statutory requirement to protect consumer information in their possession.

Regulatory Treatment

Credit bureaus are subject to federal and state regulation for consumer protection purposes. At

the federal level, credit bureaus are subject to the FCRA, which governs how credit bureaus col-

lect information regarding consumers, use the information, and share the information with third

parties.

401

In 2012, the Bureau, using its “larger participants” authority, began supervising the

largest credit bureaus for compliance with federal consumer nancial protection laws.

402

Prior to

2012, credit bureaus were not routinely supervised at the federal level.

Credit bureaus must safeguard personal nancial information and are subject to statutory data

security standards. e FTC has actively used its authority to enforce data security provisions

under Section 5 of the FTC Act

403

and pursuant to the FTC’s “Safeguards Rule,”

404

which the

FTC implemented under authority granted to it by section 501(b) of the Gramm-Leach-Bliley

Act (GLBA).

405

While GLBA granted FTC rulemaking and enforcement authority regarding the

security and condentiality of customer information, GLBA did not grant FTC authority to con-

duct supervision of credit bureaus for compliance with GLBA data security standards and privacy

requirements. A similar limitation exists with respect to the Bureau. Dodd-Frank granted the

Bureau supervisory authority with respect to certain requirements of GLBA, including provisions

regarding consumer privacy,

406

but did not grant authority with respect to section 501 of GLBA,

399. Credit Invisibles Report.

400. Id.

401. The FTC website provides a summary of consumer rights under the FCRA, available at https://www.consumer.

ftc.gov/articles/pdf-0096-fair-credit-reporting-act.pdf.

402.

In its ﬁnal rule [12 C.F.R. part 1090], the Bureau deﬁned the consumer reporting market to include companies

that collect, analyze, maintain, or provide consumer report or other account information used in a decision by

another person for offering of any consumer ﬁnancial product or service. At the time, the Bureau’s larger partici-

pants rulemaking for credit reporting covered nearly 30 companies accounting for 94% of annual receipts in the

market. See Deﬁning Larger Participants in Certain Consumer Financial Product and Service Markets (Feb. 8,

2012) [77 Fed. Reg. 9592 (Feb. 17, 2012)].

403.

15 U.S.C. § 45(a); see also Federal Trade Commission, Enforcing Privacy Promises, available at https://www.

ftc.gov/news-events/media-resources/protecting-consumer-privacy/enforcing-privacy-promises (last accessed

June 27, 2018) (listing press releases for FTC enforcement actions relating to privacy).

404.

16 C.F.R. Part 314; see also Standards for Safeguarding Customer Information (May 22, 2002) [67 Fed. Reg.

36484 (May 23, 2002)].

405.

In addition to enforcement actions to stop practices that are harmful to consumers, the FTC engages with

industry participants through reports and educational tools and also conducts policy and legislative work.

406.

See Bureau of Consumer Financial Protection, Privacy of Consumer Financial Information - Gramm-Leach-

Bliley Act (GLBA) Examination Procedures (Oct. 2016), at 1, available at: https://s3.amazonaws.com/ﬁles.

consumerﬁnance.gov/f/documents/102016_cfpb_GLBAExamManualUpdate.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

140

which requires regulators to establish standards for the protection of nonpublic personal informa-

tion.

407

As a result, neither the FTC nor the Bureau supervises credit bureaus for compliance with

these GLBA section 501 data security requirements.

Issues and Recommendations

Data Security — Supervision and Enforcement

In July 2017, Equifax noticed suspicious activity on the portal they provide consumers for dispute

resolution and engaged a cybersecurity rm to investigate the suspicious activity.

408

e rm found

that consumers’ personal information was disclosed to unauthorized parties from May 13 to July

30, 2017.

409

In total, almost 150 million consumers’ names, social security numbers, dates of birth,

addresses, gender, phone numbers, driver’s license numbers, and email addresses were breached.

410

Hundreds of thousands of consumers’ credit or debit card information and documents provided

to Equifax by 182,000 customers related to dispute resolutions were breached.

411

is incident has

highlighted the need for greater supervision of the consumer credit bureaus, especially relating to

the protection of nonpublic personal information.

e FTC has deep expertise on privacy and data security for nonbank nancial companies. e

FTC exercises enforcement authority under GLBA with respect to some types of nonbank nancial

companies, including credit bureaus.

412

However, as noted earlier, credit bureaus are not subject to

routine supervision by either the FTC or the Bureau with respect to the requirements implemented

under section 501 of the GLBA for the protection of nonpublic personal information. Given the

sensitive nature of the information credit bureaus collect, the bureaus have a heightened duty to

protect the information they collect.

Recommendations

e FTC should retain its rulemaking and enforcement authority for nonbank nancial companies

under the GLBA. Additionally, Treasury recommends that the relevant agencies use appropriate

authorities to coordinate regulatory actions to protect consumer data held by credit reporting

agencies and that Congress continue to assess whether further authority is needed in this area.

Credit Education and Counseling

In 1996, Congress passed the Credit Repair Organizations Act (CROA) to help protect consumers

against unfair or deceptive advertising and business practices by credit repair organizations. In

4 07. Dodd-Frank § 1002(12)(J).

408. Equifax Inc., Press Release – Equifax Releases Details on Cybersecurity Incident, Announces

Personnel Changes (Sept. 15, 2017), available at: https://www.equifaxsecurity2017.com/2017/09/15/

equifax-releases-details-cybersecurity-incident-announces-personnel-changes/.

409.

Id.

410. Equifax Inc., Form 8-K Current Report (May 4, 2018), available at: https://otp.tools.investis.com/clients/us/equi-

fax/SEC/sec-show.aspx?Type=html&FilingId=12735591&CIK=0000033185&Index=10000.

411.

Id.

412. In recent years, the Bureau has also undertaken enforcement actions in the area of data security, pursuant to its

unfair, deceptive or abusive acts or practices (UDAAP) authority. At present, detailed guidance for compliance

with UDAAP, akin to the FTC’s Safeguards Rule, is not available.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

141

CROA’s passage, Congress found that credit repair companies were creating economic hardships

for some consumers who had engaged their services and that consumers should be provided with

information to help make an informed decision about the purchase of credit repair services. CROA

denes a credit repair organization as “any person who uses any instrumentality of interstate com-

merce or the mails to sell, provide, or perform (or represent that such person can or will sell, pro-

vide, or perform) any service, in return for the payment of money or other valuable consideration,

for the express or implied purpose of (i) improving any consumer’s credit record, credit history, or

credit rating; or (ii) providing advice or assistance to any consumer with regard to any activity or

service described in clause (i),” with certain exceptions.

413

Under CROA, any entity deemed to be a

credit repair organization is subject to requirements regarding how it may engage with a consumer

and actions it must take before accepting payment for services. e FTC and private plaintis may

bring actions for violations of CROA under a strict liability theory.

Credit repair organizations claim to help consumers improve their credit report and credit score,

often by indicating they can assist in removing negative, unfair, or inaccurate credit information

from consumer credit reports, with some companies falsely claiming that their years of expertise or

relationship with the consumer credit bureaus will result in a more favorable outcome than if the

consumer pursued removing inaccurate information on their own. Generally, these credit repair

services are oered at a signicant cost to the consumer. It is important to note that under existing

law, consumers can receive a free credit report from each of the three national credit bureaus on

an annual basis and can work directly with each of the credit bureaus to dispute any inaccurate

information found in their credit report. Regardless of whether a consumer engages with the credit

bureau or a credit repair company, accurate, negative credit information cannot be removed from

the consumer’s credit report.

Recently, credit bureaus, including the three largest bureaus, have expanded their oerings of credit

and nancial education services directly to consumers. ese services generally do not involve specic

action taken by the credit bureau to repair or change a credit report or score, but instead provide

advice and education on how to address behavior or issues that inuence consumers’ credit proles.

In Stout v. Freescore, LLC, the U.S. Court of Appeals for the Ninth Circuit held that Freescore,

an online provider of credit scores, reports, and consumer credit information, was a “credit repair

organization” under CROA.

414

e court reasoned that, in order to fall within the denition of

“credit repair organization” under CROA, a person need not actually provide a service aimed

at improving a consumer’s credit record, history, or rating, as long as it represents that it can or

will provide such a service. Consequently, since Freescore “armatively represents that its services

can or will improve, or help to improve, a consumer’s credit record, history, or rating,” the court

held that it fell within CROA’s denition of a credit repair organization.

415

e decision in Stout

v. Freescore troubled credit bureaus and credit scorers oering credit counseling services because

those services aim to help consumers prospectively improve their credit scores, potentially exposing

these rms to legal liability under CROA. e court’s interpretation of CROA’s scope creates a risk

413. 15 U.S.C. § 1679a.

414. Stout v. Freescore, L.L.C., 743 F.3d 680, 681-85 (9th Cir. 2014).

415.

Id. at 685-86.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

142

that these companies, which have valuable insight to provide consumers, will limit their credit

counseling oerings.

While the credit bureaus and credit scoring companies can and do oer limited consumer credit

counseling services, CROA inhibits innovation by unduly restricting legitimate product oerings.

For example, CROA requires a three-day waiting period from the time a consumer signs up for

credit counseling services with a credit repair organization to the time the consumer receives the

service, and prohibits credit repair organizations from collecting payment for the performance of

any service until the entirety of that service is completed. Further, CROA includes strict liability

and private right of action provisions that have discouraged legitimate entities like consumer credit

bureaus and credit scorers from providing greater credit counseling oerings due to concerns about

potential liability under CROA.

Innovation and modernization of credit education and counseling are important developments to

ensure consumers become sophisticated and responsible borrowers. While the proper application of

CROA provides valuable consumer protections, CROA’s expansive denition of “credit repair orga-

nization” has unnecessarily restricted entities with signicant expertise in consumer credit (such as

credit bureaus and credit scorers) from oering consumer credit education and counseling products.

Recommendations

Treasury recommends that Congress amend CROA to exclude the national credit bureaus and

national credit scorers (i.e., credit scoring companies utilized by nancial institutions when mak-

ing credit decisions) from the denition of “credit repair organization” in CROA.

InsurTech

As the broader nancial services sector invests heavily in technology, digitally enabled advances

across the insurance industry have come to be known as “InsurTech.” InsurTech is a broad

term used to describe new technologies with the potential to bring innovation to the insurance

sector and these advances may impact regulatory practices for insurance markets.

416

Industry

stakeholders — including existing or “traditional” insurers, startups, intermediaries, regula-

tors, and consumers — are all exploring how technological advancements can be leveraged to

increase eciency, oer better-tailored products to consumers, increase consumer choice, and

provide more eective and ecient regulation. Technological innovation reportedly has now

overtaken insurance regulation as the issue about which property and casualty insurer senior

executives are most concerned.

417

416. Organization for Economic Co-operation Development, Technology and Innovation in the Insurance Sector

(2017), available at: https://www.oecd.org/ﬁnance/Technology-and-innovation-in-the-insurance-sector.pdf.

Treasury, through the Federal Insurance Ofﬁce, highlighted a number of examples where InsurTech is chang-

ing the business of insurance in its 2017 Annual Report, available at: https://www.treasury.gov/initiatives/ﬁo/

reports-and-notices/Documents/2017_FIO_Annual_Report.pdf.

4 17.

See, e.g., KPMG, A New World of Opportunity: The Insurance Innovation Imperative (Oct. 2015), at 7, avail-

able at: https://assets.kpmg.com/content/dam/kpmg/pdf/2016/01/the-insurance-innovation-imperative.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Lending and Servicing

143

Recent InsurTech developments have aected a wide variety of operations, from back-oce

operations — including data collection techniques and pricing algorithms — to digital plat-

forms, claims-handling processes, and product oerings. Technological tools now used by insur-

ance stakeholders include the Internet of ings, telematics, big data, robo-advisors, machine

learning/articial intelligence (AI), and blockchain. Business models and product oerings

have also evolved to include peer-to-peer (P2P), usage-based, and on-demand insurance.

InsurTech startup funding is substantial, with $2.3 billion invested in 2017 alone.

418

Traditional

insurers have helped drive this growth by investing in InsurTech startups, and many have

established business units devoted exclusively to strategic investment in InsurTech ventures, the

exploration of their own InsurTech initiatives, and/or partnerships with InsurTech “hubs” that

bring together entrepreneurs, investors, and industry experts.

419

Entrepreneurs and investors

from outside of the insurance industry have also taken note of the potential to use InsurTech to

make the insurance supply-chain more ecient. InsurTech thus continues to attract consider-

able interest for both its potential to complement existing processes and its potential to disrupt.

Stakeholders have also observed that the United States’ regulatory environment could limit

innovation in the U.S. insurance sector, which could inhibit economic growth. Factors that

potentially could restrict insurance innovation include: (1) high regulatory barriers to entry; (2)

little exibility for regulators to accommodate new products or technologies; (3) inconsistent

laws and regulations (or the possibility of inconsistent application of laws and regulations) across

the 50 states; and (4) lengthy product approval processes. As a result, in some cases, insurers and

startups prefer the regulatory practices of foreign jurisdictions, such as the United Kingdom or

Singapore, over the United States when testing or introducing a new product or practice.

In response to InsurTech developments, insurance regulators are examining technological

innovation and its potential regulatory impact. In the United States, state insurance regulators

and the National Association of Insurance Commissioners (NAIC) have taken preliminary

steps to better understand emerging technologies and their regulation.

420

e NAIC, for

example, has formed an Innovation and Technology Task Force, which will, among other

things, “[p]rovide a forum for the discussion of innovation and technology developments in

the insurance sector, including the collection and use of data by insurers and state insurance

regulators — as well as new products, services and distribution platforms — in order to educate

418. See, e.g., Deloitte, Fintech by the Numbers: Incumbents, Startups, Investors Adapt to Maturing Ecosystem

(2017), available at: https://www2.deloitte.com/content/dam/Deloitte/us/Documents/ﬁnancial-services/us-dcfs-

ﬁntech-by-the-numbers-web.pdf; Willis Towers Watson, Quarterly InsurTech Brieﬁng Q4 2017 (Jan. 2018),

available at: https://www.willistowerswatson.com/-/media/WTW/PDF/Insights/2018/01/quarterly-insurtech-

brieﬁng-q4-2017.pdf.

419.

See, e.g., Oliver Suess, InsurTech Startups Attract Growing List of Traditional Insurer Partners, Ins. J. (Nov.

28, 2016), available at: https://www.insurancejournal.com/news/international/2016/11/28/433226.htm; Sam

Boyer, Traditional Insurance City Set to Become Disrupting Insurance City, Insurance Business America (Dec.

13, 2017), available at: https://www.insurancebusinessmag.com/us/news/technology/traditional-insurance-city-

set-to-become-disrupting-insurance-city-87629.aspx.

420.

State regulation of the insurance industry is coordinated through the NAIC, a voluntary organization whose

membership consists of the chief insurance regulatory ofﬁcials of the 50 states, the District of Columbia, and

the ﬁve U.S. territories.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

144

state insurance regulators on how these developments impact consumer protection, privacy,

insurer and producer oversight, marketplace dynamics and the state-based insurance regula-

tory framework.”

421

e International Association of Insurance Supervisors (IAIS)

422

has also

taken an interest in innovation and recently published a report titled “Fintech Developments

in the Insurance Industry.”

423

Lawmakers, policymakers, and regulators should also take coordinated steps to encourage the

development of innovative insurance products and practices in the United States. Domestically,

this includes consideration of improving product speed to market, creating increased regula-

tory exibility, and harmonizing inconsistent laws and regulations. Treasury’s Federal Insurance

Oce, which provides insurance expertise in the federal government, should work closely with

state insurance regulators, the NAIC, and federal agencies on InsurTech issues.

Payments

Overview of the U.S. Payments System

e United States is the leader in facilitating consumer and business payment transactions. In

2016, interbank payments systems in the United States handled over $1 quadrillion in transaction

value, with payment systems involving nonbanks handling nearly $190 trillion of that transaction

value.

424

Payments are essential to commerce and the payments infrastructure that has been built

over decades empowers consumer choice in payments. is system has proven, over time, to be

stable, secure, and eective.

In the United States, four primary core payment systems transfer value between nancial insti-

tutions: credit card networks, debit card networks, automated clearing house (ACH) transfers,

and wire transfer services. In addition to these core components, nonbank payment processors,

payment service providers, money transmitters, and others help drive payment speed, security,

eciency and global penetration for businesses and consumers alike.

Recently, new technologies, especially in commerce, have changed the way that people live, con-

sume, and pay for goods and services. New technological abilities have led to higher consumer

expectations as to the speed and convenience of systems such as payments. Financial systems have

421. See http://www.naic.org/cmte_ex_ittf.htm.

422.

Established in 1994, the IAIS is the international standard-setting body responsible for developing and assist-

ing in the implementation of principles, standards, and other supporting material for the supervision of the insur-

ance sector. The IAIS’s objectives are as follows: to promote effective and globally consistent supervision of the

insurance industry; to develop and maintain fair, safe, and stable insurance markets; and to contribute to global

ﬁnancial stability. IAIS members include insurance supervisors and regulators from more than 200 jurisdictions

in approximately 140 countries.

423.

International Association of Insurance Supervisors, FinTech Developments in the

Insurance Industry (Feb. 21, 2017), available at: https://www.iaisweb.org/ﬁle/65440/

report-on-ﬁntech-developments-in-the-insurance-industry.

424.

Bank for International Settlements Committee on Payments and Market Infrastructures, Statistics on Payment,

Clearing and Settlement Systems in the CPMI Countries (Dec. 2017), at 406 and 408, available at: https://

www.bis.org/cpmi/publ/d172.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

145

and will continue to evolve to meet market demand, and payments is an area where innovation

and disruption by nonbank and technology rms has been increasingly visible. Over the past few

years, many rms have either launched a payments solution, or have publicly expressed interest

in entering the payments ecosystem. Firms see a need and a demand for services that are faster,

more convenient, and more integrated. As such, the breadth of available options coupled with the

competition in payments has led to increased functionality, innovative solutions, and newer ways

to ease transactions in order to promote economic activity and growth.

However, barriers to entry and innovation do exist in payments. First, a business case must be

made before a rm even begins to build and implement a payment solution — scale of consumer

adoption, ubiquity of acceptance, and security of the mechanism, among other challenges — must

be taken into account for any new and innovative payment scheme to be successful.

Second, the payments system in the United States is operationally complex — while the payments

landscape continues to undergo rapid innovation, there has been very little relative change to

the back-end processes that actually move value throughout the nancial system. Innovation in

payments has largely been happening on the front-end, consumer-facing side of a transaction. e

user experience, products, and innovative solutions that have been introduced in recent years with

the advent of mobile technology, in essence, layer on top of the existing core payment systems.

ird, regulation of payments is fragmented; further, the core payment systems exist to move

money between nancial institutions and their customer accounts and as such, only regulated

nancial institutions have direct access to the infrastructure. To ensure the security of the payments

system, those rms that directly connect to it must be safe and sound institutions that are ade-

quately supervised; nancial institutions as direct participants, therefore, are subject to prudential

bank regulation and supervision. Firms that layer on top of this bank-centric system and provide

consumer-facing solutions are regulated in a variety of ways, and governance of payments is as

fragmented as the payment systems themselves. Payments rms are generally overseen through the

banking agencies’ third-party oversight guidance, through state money transmitter statutes, and/or

by private payment network association operating rules and contracts. is fragmented approach

to payments governance has perhaps in some ways entrenched legacy systems and slowed down

innovations in areas like faster payments, but on the other hand, such a system has allowed for

innovations over a wide range of niches that allow for multiple solutions to emerge and be tested

by a wider audience. is can ensure innovation with fewer risks to payment safety.

Innovation has progressed through solutions built on top of the legacy payments infrastructure.

ere are benets and challenges in employing such an approach; while the infrastructure, legal,

and regulatory hurdles are very complex, this method has also allowed for more expediency than a

built-from-scratch system and has allowed private rms to innovate on their own without extensive

government mandates. See Appendix C for additional background on the U.S. payments systems.

Money Transmitters

Money transmitters are generally nonbank rms that transfer funds or value between individu-

als. ese rms are important because they allow for payments to be made through a variety of

channels and can be oered by various nonbank rms. In most cases, a nonbank that is moving

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

146

monetary value, whether it be by remittance (domestic or international), stored value/prepaid

cards, check cashing, or person-to-person payments, will be licensed as a money transmitter.

Licensing and Supervision

Money transmitter licensing is governed primarily by state law. Dierences in state statutes

mean that there is no unied denition of a money transmitter; as a result, states have dierent

variations that could bring in a number of rms that do not necessarily engage in the traditional

form of funds transfer. If a rm engages in money transmission, or even if it may potentially fall

under the denition of a money transmitter in a certain state, then it must apply for a money

transmitter license in that state, in many cases without even having a physical presence in the

state. e eect is that for any rm with a nationwide footprint, a license in every state is neces-

sary. Licensing requirements vary by state, but generally include requirements to submit credit

reports, business plans, and nancial statements; and a requirement to maintain a surety bond

to cover losses that might occur. States have engaged in several eorts to streamline the licensing

process, but overall adoption of these initiatives has been mixed. (Further discussion of state

licensing of money transmitters is addressed in the previous chapter on Aligning the Regulatory

Framework to Promote Innovation.)

Money transmitters are considered money services businesses (MSBs) and are therefore subject to

the requirements of the Bank Secrecy Act. ey must register at the federal level with FinCEN.

Banks, foreign banks, or rms that are registered with the U.S. Securities and Exchange Commission

(SEC) or U.S. Commodity Futures Trading Commission (CFTC) are not considered MSBs and

do not have to register as such.

Money transmitters are supervised and examined by each state where they hold a license. For

money transmitters with nationwide state licenses, this means duplicative examinations by a num-

ber of dierent state regulators, and has emerged as a common theme for reform among rms.

e most recent data available from state regulators shows that over half of all consolidated money

transmitter rms operate and have licenses in multiple states.

425

State regulators note that while states have dierent frequency of exams, most money transmit-

ters are examined annually, either by individual states and/or through joint exams organized

among several states. States examine for safety and soundness as well as compliance with both

state law and BSA/AML requirements.

426

Firms have raised concerns regarding the frequency

and quantity of examinations and the sometimes-diering standards and idiosyncratic require-

ments from state to state.

Regulation E Remittance Rule Disclosures

For money transmitters that provide international remittances, a particular regulatory ineciency

has emerged after nancial reform. Section 1073 of Dodd-Frank requires disclosures to be provided

425. Conference of State Bank Supervisors and Money Transmitters Regulators Association, The State of State

Money Service Businesses Regulation and Supervision (May 2010), at 6, available at: https://www.csbs.org/

state-state-money-service-businesses-regulation-and-supervision.

426.

Id. at 9-10.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

147

to senders of remittance transfers.

427

e Bureau implemented section 1073 through amendments

to Regulation E to require that:

• Companies give disclosures to consumers before the consumers pay for the transfer.

ese disclosures must include: the exchange rate, fees and taxes collected, fees charged

by agents and intermediaries, the amount of money delivered not including fees and

taxes charged to the recipient, and a disclaimer that other fees may apply.

• Companies also provide a post-transaction receipt that repeats all the information from

the rst disclosure, plus dates of payment availability, and error resolution and cancella-

tion rights notices.

• Companies generally give customers 30 minutes to cancel a transfer in exchange for a

full refund.

428

e rule applies to any electronic transfer of funds from a U.S.-based customer to a person in a

foreign country; this includes both money transmitters and banking organizations and applies even

if done through a wire transfer or ACH. ere is, however, a de minimis exemption for transfers

of $15 or less and companies that performed 100 or fewer remittance transfers in the current and

previous calendar year.

429

Firms have noted concerns with the lack of exibility in the disclosure

rules. For example, electronic disclosures, like an email or mobile disclosure, may only be given if

the transaction is done electronically. For in-person transactions, paper receipts must be provided.

Recommendations

Treasury supports the Bureau’s ongoing eorts to reassess Regulation E. Treasury recommends that

the Bureau provide more exibility regarding the issuance of Regulation E disclosures and raise the

current 100 transfer per annum threshold for applicability of the de minimis exemption.

Fintech and Payments

Technology has advanced the payments market, increased competition, and increased innovation

as new payment services have been introduced and further layered upon the existing payments

system. Many new rms and technologies are now competing for a greater share of consumer

transactions and the corresponding data. us far, few dominant players have yet emerged, and

ntech payments solutions have largely remained conned to niche uses within the market.

Person-to-Person (P2P) Payments

P2P payments that move money directly between bank accounts have been relatively slow to develop

in the United States, in large part due to challenges within the existing payments infrastructure. Two

core payment systems used to transfer funds between bank accounts — wire transfers and ACH —

each have challenges for P2P. For example, wire transfers are far more expensive than ACH. On the

other hand, ACH does not transfer in real time like wire transfers. Both methods require that the

receiver provide the sender with their bank account information — routing and account numbers

4 27. 12 U.S.C. § 5601.

428. 12 C.F.R. §§ 1005.30-1005.36.

429. Id. § 1005.30.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

148

— which may be cumbersome to nd and may raise security concerns. More recently, technology

and innovation have provided a way for a competitive market for P2P payments to emerge.

Like many other innovations in the payments system, these new P2P technologies layer on top

of the existing payment systems. ese new products are lling a demand for better account-to-

account transfer mechanisms and consumer experience, and are beginning to build scale. According

to a consumer payments survey, P2P payments are gaining ground, but mostly among young

consumers. e survey found that the breakdown of P2P payment adopters fell largely along lines

of age demographics, as people under the age of 35 were far more likely to already use or be ready

to adopt P2P payment platforms than consumers over the age of 55.

430

However, there is room for

growth, as only 29% of those surveyed have completed a P2P payment, with slightly less than half

of the under-35 demographic having already used such a service. Among respondents who had not

used a P2P payment service in 2017, more than half of those between 18 and 55 said that they

were likely or somewhat likely to use such a service in the future. Security concerns are more likely

to hold back older users from using P2P payments than other types of concerns.

431

Innovative solutions to these problems have begun to emerge in the market and additional innova-

tion in this space is to be expected. While multiple options exist in the market, two well-known

examples are discussed.

Bank Account-to-Bank Account Transfers

A consortium of some of the largest U.S. banks

432

has been working on a mechanism to transfer

funds quickly and directly between bank accounts. e system works by leveraging the debit card

infrastructure to move money, and generally functions through the online and mobile banking

portals of each member bank. Previously, account-to-account transfers have needed to use either

the wire transfer or ACH networks to complete the transaction. But now, the new transactions

are cleared and posted in near real time and settlement occurs bilaterally between the applicable

banks at the end of the day via ACH; in essence, the new network serves as a special standardized

messaging system between banks for specic account-to-account transfers.

Nonbank P2P Transfers

A number of MSBs have also emerged in the P2P space. ese nonbank rms usually have obtained

money transmitter licenses in every state, and only allow users to transfer money to other users

of the same service. ese sorts of services work by rst using the balance that is held in a user’s

account; if the account does not have enough funds, an ACH transfer from a bank account or

funding with a debit card or a credit card, can be used as a funding option.

433

430. Total System Services, Inc., 2017 TSYS U.S. Consumer Payment Study (Mar. 27, 2017), at 13-14, available

at: https://www.tsys.com/Assets/TSYS/downloads/rs_2017-us-consumer-payment-study.pdf (“TSYS Payment

Study”).

431.

Id.

432. Bank of America, BB&T, Capital One, JPMorgan Chase, PNC Bank, U.S. Bank, and Wells Fargo Bank. See

Early Warning Services, LLC, Early Warning Corporate Overview (2017), available at: https://www.earlywarn-

ing.com/pdf/early-warning-corporate-overview.pdf.

433.

See, e.g., PayPal, Inc., Venmo User Agreement (last updated Dec. 18, 2017), available at: https://venmo.com/

legal/us-user-agreement.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

149

Digital Wallets

Digital and mobile wallets have increased in popularity and have continued to evolve within

the last few years. Researchers at the Federal Reserve Bank of Boston have categorized mobile

wallets into four distinct models: (1) near eld communication (NFC) wallets; (2) cloud-based,

card-on-le wallets; (3) cloud-based, card-on-le card network wallets; and (4) merchant or

nancial institution QR code-based wallets.

434

Each of these methods uses tokenization to secure

payment information.

• NFC wallets are contactless payment mechanisms. Payments are made when a smart-

phone is held near a payment terminal, and authentication takes place (ngerprint or

PIN number) before the information is sent from the phone to the terminal. NFC

wallets have a number of common features, although the hardware and software vary.

NFC wallets can only accept eligible and wallet-accepted credit and debit cards, are

available for use where a retailer has an NFC-enabled payment terminal, and can only be

used with the corresponding smartphone operating system.

435

• Cloud-based, card-on-le wallets are primarily used for online e-commerce payments.

ese services allow a consumer to utilize multiple funding methods — credit/debit/pre-

paid cards, ACH, and so on — for input into the mobile wallet. e consumer may then

check out at various merchants online using the funding method of their choice within the

wallet. Generally, any payment card may be input – there is not a need for the issuing bank

to provide for eligibility. Merchants utilize APIs to enable payment using these services.

436

• Cloud based, card-on-le card network wallets function similar to the card-on-le

systems previously noted, removing the need for merchants to store and collect payment

data. e card networks work with merchants to allow for the digital wallets to be

enabled on their own website or mobile app.

437

• QR code-based wallets use QR codes as a way to complete payment, with payment

information that is stored in the app. ese services, however, can only be used in their

own environments. For bank-based wallets, a QR code provided by the app must be

scanned by the cashier, and can only be used in conjunction with the nancial institu-

tion’s products. A store-based payment app requires the consumer to scan the QR code

provided by the store’s payment terminal to complete the payment.

438

Like P2P payments, digital wallets are also seeing increased adoption among younger consumers,

albeit very gradually. Age is a signicant factor in the likelihood that a particular consumer has

loaded or plans to load card information into a digital wallet. As for funding choice, consumers are

434. Susan M. Pandy and Marianne Crowe, Federal Reserve Bank of Boston, Adapting to Mobile Wallets: The

Consumer Experience (revised June 16, 2017), available at: https://www.bostonfed.org/publications/payment-

strategies/choosing-a-mobile-wallet-the-consumer-perspective.aspx.

435.

Id. at 5.

436. Id. at 13.

4 37. Id. at 16.

438. Id. at 18-20.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

150

more likely to load a credit card into a digital wallet than a debit card, and far more likely to use a

credit card to make an online payment.

439

For mobile wallet usage (especially NFC wallets) to increase, the cards that are issued by banks

must be eligible for enrollment. In 2017, the Federal Reserve Bank of Boston released a survey that

asked banks from across the United States about their plans for mobile payments, among other

things. e survey found that a relatively small percentage of banks oered mobile wallet services,

and those that did were predominantly larger banks.

439. TSYS Payment Study, at 13-14.

020406080 100

$0-100M

Offer

now

Offer within

2 years

No plan

to offer

$100-250

$250-500M

$500-1000M

$1000M+

Source: Marianne Crowe et al.,

Mobile Banking and Payment Practices of U.S. Financial Institutions 2016 Mobile Financial Services

Survey Results from FIs in Seven Federal Reserve Districts,

Federal Reserve Bank of Boston (Dec. 2017), at 50.

Figure 23: U.S. Financial Institutions Mobile Payment Services Plan (percent of

respondents by asset size)

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

151

Also, as shown in Figure 24 below, the survey found that at banks that oer mobile payment

services and track customer usage data, a small percentage of customers (vertical axis) account for

a large proportion of mobile wallet usage (horizontal axis).

440

Despite the fragmented regulatory framework and layered nature of the overall system, payments

have been an area of high innovation and competition, which thus far has been benecial to

consumers and the market. is competition has led to a number of private actors emerging that

are capable of providing innovative services in new and dierent ways. Given the structure of

the payments system in general, a wait-and-see approach to innovative payments may be most

benecial. e next steps in payments will likely center around the pursuit of more speed and

security in payments.

Payments Modernization

Technology continues to evolve and transform the way that consumers in the United States and

abroad do business. e increase in technological capacity and delivery systems has sped up the

nature of even routine transactions. Today, one can shop, compare, transact, and receive delivery

faster than ever before — and the underlying technology will continue to advance in order to make

this process even quicker and more ecient. However, as noncash transactions have increased, the

back-end payments system underlying these transactions remains largely the same. As innovation

allows for faster transactions, consumers are going to demand payments systems that likewise

function with more speed.

440. Marianne Crowe, Elisa Tavilla, and Breffni McGuire, Mobile Banking and Payment Practices of U.S. Financial

Institutions: 2016 Mobile Financial Services Survey Results from FIs in Seven Federal Reserve Districts

(Dec. 2017), at 60, available at: https://www.bostonfed.org/publications/mobile-banking-and-payment-surveys/

mobile-banking-and-payment-practices-of-us-ﬁnancial-institutions.aspx.

Figure 24: Customer Enrollment in Mobile Payment Services (percent of respondents

that trac

k data)

50 10025 75

50%+

35-50%

20-35%

5-20%

0-5%

Source: Marianne Crowe et al., Mobile Banking and Payment Practices of U.S. Financial Institutions 2016 Mobile Financial Services

Survey Results from FIs in Seven Federal Reserve Districts, Federal Reserve Bank of Boston (Dec. 2017), at 60.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

152

Recognizing this, the Federal Reserve set out to lead a discussion on how best to modernize the U.S.

payments system. e process started with the Federal Reserve releasing a consultation paper

441

for

public comment in 2013. Following the comment period, the Federal Reserve issued a strategy

document

442

that outlined desired outcomes and next steps for improving the payments system.

In order to advance solutions for the ve desired outcomes of speed, security, eciency, ease of

international payments, and collaboration, the Federal Reserve set up two task forces: one for

faster payments and one for secure payments. While the Federal Reserve served as the leader and

convener of these task forces, they were inclusive of a wide variety of stakeholders and perspectives

so that they would result in collective agreement on a path forward.

Faster Payments Task Force

e Faster Payments Task Force was initially convened in May 2015 with the charge of identify-

ing and evaluating approaches for implementing safe and ubiquitous faster payments capabilities.

e task force consisted of over 300 stakeholders, and was initially given a deadline of 2016 for

completing this work. eir nal report was released in two parts in 2017: part one

443

discussed

the task force’s approach, and part two

444

outlined the task force’s recommendations. e task force

asked industry participants to submit proposals for faster payments solutions that rms had under

consideration. e goal was not to select proposals as winners, but merely to identify ideas for

solutions that private-sector participants were envisioning.

Industry Efforts on Faster Payments

e Clearing House’s Real-Time Payments (RTP) System

In November 2017, e Clearing House’s (TCH) RTP system — one of the private-sector, faster

payments solutions proposed to the task force — went live as an entirely new payment system.

ough RTP is open to all U.S. depository institutions, it currently connects six U.S. banks, and

TCH has partnered with servicing rm FIS in order to expand the reach of RTP past TCH’s mem-

bership base. RTP allows participants to send credit (push) payments through the system at any

time with clearance, settlement, and availability/posting to the receiver in real time. RTP does not

include a consumer-facing payment application; it is the back-end plumbing that moves payments

between banks resulting from the banks’ own customer-facing applications and services. One of

the key components of RTP is the secure messaging system that allows banks to communicate with

441. Federal Reserve Banks, Payment System Improvement — Public Consultation Paper (Sept. 10, 2013), avail-

able at: https://fedpaymentsimprovement.org/wp-content/uploads/2013/09/Payment_System_Improvement-

Public_Consultation_Paper.pdf.

442.

Federal Reserve System, Strategies for Improving the U.S. Payment System (Jan. 26, 2015), available at:

https://fedpaymentsimprovement.org/wp-content/uploads/strategies-improving-us-payment-system.pdf.

443.

Faster Payments Task Force, The U.S. Path to Faster Payments Final Report Part One: The Faster Payments

Task Force Approach (Jan. 2017), available at: https://fasterpaymentstaskforce.org/wp-content/uploads/faster-

payments-ﬁnal-report-part1.pdf.

444.

Faster Payments Task Force, The U.S. Path to Faster Payments Final Report Part Two: A Call to Action (July

2017), available at: https://fasterpaymentstaskforce.org/wp-content/uploads/faster-payments-task-force-ﬁnal-

report-part-two.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

153

payment messages. e messages are exible, compliant with global messaging standards,

445

and

allow for immediate conrmation.

TCH is the rule writer for the RTP system.

446

System participants must be depository institutions

with branches or oces located in the United States. While nonbank rms cannot be direct par-

ticipants in RTP, TCH does have a process for allowing third-party processors to be used for trans-

mitting and receiving messages through the system on behalf of their banking clients. Currently,

payment values through the system are capped at $25,000 per transaction.

Banks are required to prefund a Federal Reserve account and participants must have Federal

Reserve clearing accounts to use RTP (or have a relationship with a correspondent bank that can

act as a funding agent). TCH uses a single pooled account at the Federal Reserve which is jointly

owned by all participating banks (and/or funding agents), with TCH acting as the sole custodian.

While all the banks have an ownership stake in the account, only TCH can approve or push money

out to a bank. e account is pre-funded by the banks via Fedwire payment. e size of each bank’s

prefunding obligation is determined by TCH rules, and while it is envisioned that most banks

will prefund once per day, provisions allow for multiple rounds of prefunding or top-up funding

throughout the day.

Same Day ACH

447

Over the past several years, the rule-writing organization for all ACH networks, NACHA, and the

ACH operators have been working to bring more speed to ACH payments by introducing a same-

day ACH service. In 2017, its rst full year of availability, same-day ACH payments amounted to

75.1 million separate transactions with an aggregate value of $87.1 billion.

448

Same-day ACH was implemented in three phases. e rst phase (September 2016)

449

set up two

new daily payment submission windows: a morning submission deadline at 10:30 a.m. ET, with

settlement occurring at 1 p.m.; and an afternoon submission deadline at 2:45 p.m. ET, with settle-

ment occurring at 5 p.m. e rst phase was limited to credit (push) transactions, and mandated

that every receiving nancial institution be able to accept same-day ACH transfers and make the

funds available to customers at the end of its processing day. e second phase (September 2017)

450

445. Speciﬁcally, the messages are compliant with ISO 20022, which is a universal ﬁnancial industry messaging

scheme that enables ﬁnancial systems around the world to communicate through a common messaging protocol.

446.

The Clearing House, Real-Time Payments Operating Rules (Oct. 30, 2017), available at: https://www.theclear-

inghouse.org/payment-systems/-/media/6de51d50713841539e7b38b91fe262d1.ashx; The Clearing House,

Real-Time Payments Participation Rules (Oct. 30, 2017), available at: https://www.theclearinghouse.org/pay-

ment-systems/-/media/d0314d2612ab4619b3c09745b54cf96f.ashx.

4 47.

See Appendix C for more background on the ACH system.

448.

NACHA, Same Day ACH Volume 2017 (Jan. 11, 2018), available at: https://web.nacha.org/resource/

same-day-ach/same-day-ach-volume-2017.

449.

NACHA, Same Day ACH: Moving Payments Faster (Phase 1) (Sept. 23, 2016), available at: https://www.

nacha.org/rules/same-day-ach-moving-payments-faster.

450.

NACHA, Same Day ACH: Moving Payments Faster (Phase 2) (Sept. 15, 2017), available at: https://www.

nacha.org/rules/same-day-ach-moving-payments-faster-phase-2.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

154

allowed debit (pull) entries to be originated. e third and nal phase (March 2018)

451

mandated

that all same-day ACH funds be made available to customers by 5 p.m. local time for each receiving

nancial institution. Currently, international transactions and single transfers exceeding $25,000

are not eligible for same-day ACH.

Although the same-day ACH project has been completed, NACHA continues its focus on increas-

ing the speed of payments. In early 2018, NACHA asked for member comment on a proposed

new rule that would: (1) add a third same-day ACH submission window with a deadline at 5:15

p.m. ET and settlement occurring at 6:30 p.m.; (2) mandate 1 p.m. local time funds availability

for the rst ACH settlement window; and (3) increase the eligible transaction cap to $100,000.

Challenges for Faster Payments in the United States

Adoption and Acceptance

In any payment system, one of the key challenges is the level of consumer adoption of the system.

If a payment system does not have broad adoption by consumers, then merchants have less incen-

tive to expend resources to accept it. Likewise, consumers are less likely to use a payment method

if it is not widely accepted. One factor that can mitigate this problem is if there is interoperability

between systems, and providers can at least receive payments on behalf of customers. Without a

mandate, either from the government or a large share of private sector operators, change can be

much slower. For example, same-day ACH had a very low adoption level until NACHA amended

its rules to require receipt.

452

Similarly, it was the private credit card networks that initiated the

liability shift for EMV cards over the last few years. U.S. government entities have opted not to

create mandates, instead preferring a collective approach.

453

Use Cases

Another challenge to faster payments is the lack of clear business and use cases for faster pay-

ments, aside from emergency payments. As a part of its payments improvement work, the Federal

Reserve commissioned consultants to study the question of use cases. First, the consultants

noted that among countries that have established faster payments, the decision was more strate-

gic than based on use cases and that premium pricing was likely to aect adoption, among other

factors.

454

When discussing business cases, the consultants found that they were net neutral or

even net negative given the conservative assumptions used, but that business cases could be

net positive if the time horizon were expanded.

455

ey did note however, that latent demand

could be a challenge in the analysis — that demand could emerge in the market after the new

451. NACHA, Same Day ACH: Moving Payments Faster (Phase 3) (Mar. 16, 2018), available at: https://www.

nacha.org/rules/same-day-ach-moving-payments-faster-phase-3.

452.

Faster Payments Task Force Final Report Part Two, at 17-18.

453. Federal Reserve System, Strategies for Improving the U.S. Payment System: Federal Reserve Next Steps in

the Payments Improvement Journey (Sept. 6, 2017), available at: https://fedpaymentsimprovement.org/wp-con-

tent/uploads/next-step-payments-journey.pdf.

454.

Federal Reserve System, Strategies for Improving the U.S. Payment System (Jan. 26, 2015), at 37-38, avail-

able at: https://fedpaymentsimprovement.org/wp-content/uploads/strategies-improving-us-payment-system.pdf

(“Federal Reserve 2015 Strategies”).

455.

Id. at 43-44.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

155

technology and infrastructure is introduced, similar to the U.K.’s experience where payments

technology allowed for a shift to a “just-in-time” product delivery model that lessened the need

for excess small business working capital.

456

Cost

Today, faster payments services are more expensive to use. Taking the ACH system as an example,

next-day batched ACH through the Federal Reserve’s FedACH system costs $0.0035 per transaction

(although there is tiered pricing, and discounts are available for higher volumes),

457

whereas the same-

day ACH service costs $0.052 per transaction.

458

is dierence in cost is why the majority of ACH

payments made by Treasury, for example, through FedACH may not be suitable for same-day servicing.

Settlement

Post-transaction settlement refers to the payment of obligations between parties. is can be done

in one of two ways — between private banks or through a country’s central bank, with the latter

seen as less risky. When it comes to faster payments, the United States, unlike some other jurisdic-

tions, does not currently have a 24x7x365 real-time settlement system. Real-time settlement can

reduce credit risk that institutions otherwise have to take once payments are cleared and posted to

the receiver’s account in real time.

e Federal Reserve Banks own and operate the National Settlement Service (NSS), which provides

multilateral settlement for private-sector clearing arrangements, including private ACH networks.

Unlike Fedwire, which settles immediately upon payment under a Real-Time Gross Settlement

framework, the NSS is a deferred net settlement system, which means that payments are accumu-

lated and netted throughout the day (or period if more frequently than daily), until net settlement

occurs.

459

e NSS is open for use Monday-Friday from 7:30 a.m.-5:30 p.m., ET.

460

In the Federal Reserve’s payments strategy document, they note that the NSS expanded its

daily opening times by a half hour at open and close during 2015, and that the Fed would

look into weekend and 24x7x365 service in the future.

461

To date, available hours have not

been expanded further.

e European Central Bank is developing an instant payments settlement system that is sched-

uled to go live in November 2018. e TARGET Instant Payment Settlement service will be

available 24x7x365.

462

456. Id. at 44-45.

4 57. FedACH, Services 2018 Fee Schedule, accessible at: https://www.frbservices.org/resources/fees/ach-2018.html.

458.

NACHA, 2016, Same Day ACH: FAQ, at 3, accessible at: https://web.nacha.org/system/ﬁles/

resource/2017-08/Same-Day-ACH-FAQ-2016_0.pdf.

459.

Bank for International Settlements Committee on Payment and Settlement Systems, Principles for Financial

Market Infrastructures (Apr. 2012), at 149-150, accessible at: https://www.bis.org/cpmi/publ/d101a.pdf.

460.

Board of Governors of the Federal Reserve System, National Settlement Service (last updated Jan. 15, 2015),

available at: https://www.federalreserve.gov/paymentsystems/natl_about.htm.

461.

Federal Reserve 2015 Strategies, at 50-52.

462. European Central Bank, The New TARGET Instant Payment Settlement (TIPS) Service (June 2017), available

at: https://www.ecb.europa.eu/paym/intro/news/articles_2017/html/201706_article_tips.en.html.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

156

Recommendations

Treasury agrees with the approach taken by the Faster Payments Task Force and notes that collec-

tive action and agreement can be a very powerful tool in creating a faster payments system that

works for all stakeholders. However, now that the foundational work has been completed, Treasury

recommends that the Federal Reserve set public goals and corresponding deadlines consistent with

the overall conclusions of the Faster Payments Task Force’s nal report.

Treasury recommends that the Federal Reserve move quickly to facilitate a faster retail payments

system, such as through the development of a real-time settlement service, that would also allow

for more ecient and ubiquitous access to innovative payment capabilities. In particular, smaller

nancial institutions, like community banks and credit unions, should also have the ability to

access the most-innovative technologies and payment services.

While Treasury believes that a payment system led by the private sector has the potential to be

at the forefront of innovation and allow for the most advanced payments system in the world,

back-end Federal Reserve payment services must also be appropriately enhanced to enable innova-

tions. Treasury agrees with the Federal Reserve’s policy criteria for introducing a new payment

service – namely, that the Federal Reserve must: (1) expect to achieve full cost recovery in the long

run; (2) expect the service to provide a clear public benet, including improving the eectiveness

of markets, reducing the risk in payments, or improving eciency of the payments system; and

(3)conclude that the service should be one that other providers alone cannot expect to provide

with reasonable eectiveness, scope, and equity.

463

Faster Payments Abroad

Many jurisdictions around the world have embarked on initiatives to increase the speed of

payments. In many cases, the progress towards faster payments abroad has outpaced progress

in the United States. As of mid-year 2017, it is estimated that there were 25 countries that

had some sort of live faster payments system. Features of these faster payment systems vary,

but most systems are operational 24/7 and post transactions to accounts in real time, near real

time, or within a few minutes.

464

At the same time, it is estimated that there were 10 additional

countries that had faster payments systems under development, including the United States.

465

e United Kingdom’s Transition to Faster Payments

One such system, the U.K. Faster Payments Scheme, is worth looking at in more detail as its

transition could provide an interesting comparison to the current U.S. payments system. e

U.K. Faster Payments Service (FPS) was created as an entirely new infrastructure on a directive

463. Board of Governors of the Federal Reserve System, Federal Reserve in the Payments System, Policy

Statement (1990), available at: https://www.federalreserve.gov/paymentsystems/pfs_frpaysys.htm.

464.

FIS, Flavors of Fast: A Trip Around the World of Immediate Payments (2017), at 29-55.

465.

Id. at 66-71. This estimate was made prior to TCH’s RTP system going live, although RTP is still currently lim-

ited to a small number of member banks.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

157

from the government, and went live in 2008.

466

Prior to the implementation of FPS, the U.K.

had a payment rail network that was very similar to the current U.S. system. e U.K. large value

Real-Time Gross Settlement system, CHAPS, is very similar to Fedwire and CHIPS. e U.K.

batched electronic payment transfer network, Bacs, is very similar to the U.S. ACH networks.

467

e process to build and implement FPS took about three years, from directive to an opera-

tional system.

468

e United Kingdom rst considered options to speed up account to account

payments through systems that were already operational. While they considered speeding up

Bacs to same-day service, or promoting more usage of CHAPS for lower value payments, prob-

lems of ultimate speed and cost to the consumer, respectively, pushed them to choose the path

of creating a brand new infrastructure.

469

e FPS system authorizes and clears transactions in

real time, but settlement is still deferred and done through the Bank of England’s three daily

settlement cycles, as was done prior to FPS. e most recent annual data from FPS shows that

the service is growing the fastest of any form of electronic payment in the United Kingdom,

having logged 16% growth between 2016 and 2017.

470

One notable dierence between the U.K. FPS and a potential U.S. faster payments system is

the ability for widespread adoption. Since the U.K. banking system is more concentrated than

the U.S. banking system, a U.S. system would need to be reachable by a larger number of bank-

ing institutions to benet all consumers, and the cost to operate the system would have to be

borne by a greater number of institutions which could lead to higher costs of implementation

and maintenance.

471

While the United Kingdom provides an example for implementation of a

faster payments network, many of these issues may have dierent outcomes in a U.S. system.

Cross Border Faster Payments

Most payments systems work within the borders of a single country and transfer units of a

single currency. However, there are systems that are in development and beginning to come

online that will allow for faster transfer of funds across borders and currencies. One example

is the SWIFT GPI enhanced messaging system, which went live in January 2017. SWIFT

currently has over 150 banks worldwide that are committed to the service, and 45 banks that

are live. e SWIFT GPI systems allows for faster crediting of funds (50% credited within 30

minutes), unaltered remittance information, complete directories of members, and tracking of

payments through the entire process.

472

466. Claire Greene et al., Costs and Beneﬁts of Building Faster Payments Systems: The U.K. Experience and

Implications for the United States, Federal Reserve Bank of Boston Current Policy Perspectives No. 14-5 (Feb.

24, 2015), at 2, available at: https://www.bostonfed.org/publications/current-policy-perspectives/2014/costs-

and-beneﬁts-of-building-faster-payment-systems-the-uk-experience-and-implications-for-the-united-states.aspx.

4 67.

Id. at 10-11.

468. Id. at 28.

469. Id. at 30-31.

470. For additional statistics for FPS growth and volumes, see http://www.fasterpayments.org.uk/statistics.

471.

Greene et al., at 44-46.

472. See SWIFT, SWIFT gpi: Cross-Border Payments, Transformed (Mar. 2018), available at: https://www.swift.

com/resource/swift-gpi-brochure.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Payments

158

Secure Payments Task Force

e Secure Payments Task Force was initially convened in June 2016 and focused on three pri-

orities: (1) identifying payment security priorities; (2) advising the Federal Reserve on payment

security; and (3) coordinating with the Faster Payments Task Force.

473

e group included stake-

holders from both government and the private sector. e Federal Reserve acted as a facilitator

and convener. e Secure Payments Task Force issued its nal deliverable in March 2018 — an

educational report on the payment lifecycle and security proles of various payment methods

including legal and regulatory references for each category of payment, and a short, high-level

list of challenges and improvement opportunity within each payment bucket.

474

After issuing the

report, the task force disbanded.

In March 2018, the Federal Reserve announced a 4-6 month study to measure and assess payments

fraud and its costs, which is expected to provide insights into the vulnerability points within

payment security.

475

e Federal Reserve also plans to establish collaborative industry workgroups

on topics yet to be discussed. Other eorts to enhance payment security, such as EMV migration,

have been accomplished through private sector channels.

Recommendations

Treasury recognizes the utility of a working group that is focused on the continued high level

of security in the U.S. payments system. To this end, Treasury looks forward to specic next

steps and actionable deadlines for continued work from members of the Secure Payments Task

Force and similar groups. e Federal Reserve should work as the convener, coordinator, and

driver of the work product produced by members that worked on the Secure Payments Task

Force, which could include work streams identied by the Faster Payments Task Force as areas

for future work. Specically, the Federal Reserve should engage stakeholders to identify pay-

ment systems resiliency as new payment systems come online, and to help counsel the Federal

Reserve as it works to potentially develop its own operating faster payments system. e Federal

Reserve should continue to engage stakeholders to promote and develop mechanisms to improve

information sharing within the payments ecosystem, and especially between members of the

improved payments task forces. Treasury recommends that continued work in the area of pay-

ment security include an actionable plan for future work, and ensure that solutions, especially

in security, do not include specic tech mandates.

473. Federal Reserve System, Strategies for Improving the U.S. Payment System: Federal Reserve Next Steps in

the Payments Improvement Journey (Sept. 6, 2017), at 7, available at: https://www.federalreserve.gov/newsev-

ents/pressreleases/ﬁles/other20170906a1.pdf.

474.

Secure Payments Task Force, Payment Lifecycles and Security Proﬁles (Mar. 2018), available at: https://

securepaymentstaskforce.org/wp-content/uploads/sptf-proﬁles-all.pdf.

475.

Board of Governors of the Federal Reserve System, Press Release - Federal Reserve to Study Payments

Fraud and Security Vulnerabilities (Mar. 29, 2018), available at: https://www.federalreserve.gov/newsevents/

pressreleases/other20180329a.htm.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Wealth Management and Digital Financial Planning

159

Wealth Management and Digital Financial Planning

Overview

One of the Core Principles outlined in Executive Order 13772 is to “empower Americans to make

independent nancial decisions and informed choices in the marketplace, save for retirement, and

build individual wealth.” Despite eorts at improving nancial literacy, including through the

Financial Literacy and Education Commission chaired by the Secretary of the Treasury,

476

many

Americans struggle with making nancial decisions that have a profound eect on their own well-

being and the well-being of their dependents. Too often, individuals make nancial decisions that

are sub-optimal or based on immediate gratication rather than their long-term nancial welfare.

477

For decades, wealthier Americans have hired advisors to develop, implement, and monitor nancial

plans. Financial planning can involve a broad range of services, including recommendations for

budgeting and goal setting, spending oversight, debt management, asset allocation for investment

portfolios, selection of insurance products, and tax and estate planning; however, there is no universal

denition as to what should be included in a nancial plan.

478

ere are also no legal requirements

regarding the qualications to be a nancial planner. Some nancial advisors may describe themselves

as nancial planners, but only recommend investments in a narrow range of products.

479

In the past, the costs of retaining a nancial planner may not have made economic sense for

Americans with modest means. is lack of nancial planning advice can often make it more

dicult for these Americans to achieve sucient wealth accumulation to sustain their livelihoods

in retirement. To the extent that Americans do not adequately plan and save for their nancial

needs, additional stresses can be placed on the taxpayer-supported safety net. Disparities in access

to nancial expertise can lead to increased wealth inequality in the United States.

Trends in Retirement Savings

e benets provided by Social Security were never intended to be the sole source for retirement

income needs.

480

While Americans are responsible for covering the remainder of their retirement

needs, a signicant number are inadequately prepared.

481

476. See generally https://www.treasury.gov/resource-center/ﬁnancial-education/Pages/commission-index.aspx.

477.

See Justine S. Hastings and Olivia S. Mitchell, How Financial Literacy and Impatience Shape Retirement

Wealth and Investment Behaviors, NBER Working Paper (Jan. 2011), available at: http://www.nber.org/papers/

w16740.pdf.

478.

See U.S. Government Accountability Ofﬁce, Consumer Finance: Regulatory Coverage Generally Exists for

Financial Planners, but Consumer Protection Issues Remain (Jan. 2011), at 1, available at: https://www.gao.

gov/new.items/d11235.pdf.

479.

Ofﬁce of Investor Education and Advocacy, U.S. Securities and Exchange Commission, Investment Advisers:

What You Need to Know Before Choosing One (Aug. 7, 2012), available at: https://www.sec.gov/reportspubs/

investor-publications/investorpubsinvadvisershtm.html.

480.

Social Security Administration, Understanding the Beneﬁts (2018), at 1, available at: https://www.ssa.gov/

pubs/EN-05-10024.pdf.

481.

YiLi Chien and Paul Morris, Federal Reserve Bank of St. Louis, Many Americans Still Lack Retirement Savings,

Regional Economist (1st Qtr. 2018), available at: https://www.stlouisfed.org/publications/regional-economist/

ﬁrst-quarter-2018/many-americans-still-lack-retirement-savings?print=true#1.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Wealth Management and Digital Financial Planning

160

Recent trends since the 1980s have given American workers more individual responsibility and

control in retirement planning. During this period, companies shifted their worker retirement

arrangements from dened benets plans to dened contribution plans, such as 401(k) plans.

482

Dened contribution plans may be potentially better suited to an environment in which workers

frequently change jobs,

483

while giving individuals greater responsibility for prudent investment of

their retirement savings.

With respect to dened contribution and other self-directed retirement plans, individuals must

decide when to start saving, how much to invest, which investments to select for an asset alloca-

tion that matches their risk tolerances, and what to do when transitioning between employers.

Individuals may be ill-equipped to make these complex decisions, which can have signicant

consequences for their nancial security in retirement.

484

According to one survey of individuals

who had self-directed retirement savings, 53% were either not comfortable or were “only slightly

comfortable making these decisions.

485

For 59% of workers, the survey found that it was their lack

of interest or capacity for saving in a 401(k) plan that limited their participation, rather than their

employer not providing a plan to invest in.

486

Although providing 401(k) plan participants with advice would help them manage their accounts,

a recent industry survey found that only a minority of plan sponsors were oering investment

advice to plan participants.

487

In 2016, GAO reported that plan sponsors might be reluctant to

provide this investment advice due to the costs and concerns of potential legal liability.

488

Digital Tools

Digital nancial planning brings the possibility of expanded access to advice for a larger number

of Americans. Although personal nance software has been available since the early 1990s, these

digital tools have become more sophisticated when combined with data aggregation. rough

the use of data analytics, machine learning, and other computing advances, the costs of providing

digital nancial planning have declined signicantly. Compared to human nancial planners,

digital nancial planning services are often available to individuals with minimal balances.

489

482. GAO Fintech Report, at 9.

483. Employee Beneﬁts Research Institute, Employee Tenure Trends, 1983-2016 (Sept. 17, 2017), at 3, available at:

https://www.ebri.org/pdf/notespdf/EBRI_Notes_v38no9_Tenure.20Sept17.pdf (indicating that employee tenure

data from the U.S. Census Bureau shows that the notion of a worker staying with the same employer for most

of his or her career has never existed for most works and will continue not to exist).

484.

U.S. Government Accountability Ofﬁce, The Nation’s Retirement System: A Comprehensive Re-evaluation is

Needed to Better Promote Future Retirement Security (Oct. 2017), at 22, available at: https://www.gao.gov/

assets/690/687797.pdf.

485.

Board of Governors of the Federal Reserve System, Report on the Economic Well-Being of U.S. Households

in 2016 (May 2017), at 59, available at: https://www.federalreserve.gov/publications/ﬁles/2016-report-eco-

nomic-well-being-us-households-201705.pdf.

486.

Id. at 60.

4 87. Plan Sponsor Council of America, 60th Annual Survey of Proﬁt Sharing and 401(k) Plans (Feb. 2018) (ﬁnding

that about one-third of plan sponsor respondents offer investment advice to participants).

488.

U.S. Government Accountability Ofﬁce, 401(k) Plans: DOL Could Take Steps to Improve Retirement Income

Options for Plan Participants (Aug. 2016), at 47, available at: https://www.gao.gov/assets/680/678924.pdf.

489.

GAO Fintech Report, at 13-14.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Wealth Management and Digital Financial Planning

161

Investment assets managed by digital advisers are projected to grow from $100 billion in 2017

to $385 billion by 2021.

490

More importantly, digital nancial planning is available to younger individuals who are entering

the work force, a stage at which their wealth is typically quite small. Establishing a pattern of

saving and investing during the early period of an individual’s career can signicantly increase the

probability of long-term success in accumulating wealth and building retirement savings.

491

Digital nancial planning is currently oered directly to consumers via the Internet, and some

services require little, if any, interaction with a human advisor. Other methods for providing digital

nancial advice may emerge in the future, such as through the use of chatbots.

492

ese technologi-

cal developments have resulted in certain market participants seeking to signicantly undercut the

pricing of human nancial planners in an eort to attract clients and their assets.

At the same time, digital tools have altered the way traditional nancial planners provide services to

their clients. Data aggregators, for example, reduce the need of nancial planners to engage in the

menial task of compiling information from multiple client accounts, thereby freeing up time for

more value-added activities.

493

For nancial planners that are registered as brokers or investment

advisers, data aggregation can be used to provide a more complete picture of a client’s nancial

situation for purposes of suitability assessments or providing advice under a duciary standard.

494

Firms that employ human nancial planners have reported that digital tools also improved the

consistency of advice provided to clients.

Another model for providing nancial planning services has also emerged. Referred to as the

“hybrid” model, this model utilizes an internet or mobile-based interface for primary interaction

with clients but also allows for contact with a human nancial planner. Typically, ntech nancial

planning entities provide access to a human nancial planner for an additional fee or with a higher-

level service package.

Digital nancial planning oers a wide range of services, some of which are more comprehensive

than others. is is similar to how traditional rms market nancial planning services, but may

490. Liz Skinner, 5 Robo-Advisers with the Most Client Assets, Investment News (June 6, 2017), available at: http://

www.investmentnews.com/article/20170606/FREE/170539987/5-robo-advisers-with-the-most-client-assets

(citing a report from Cerulli Associates).

491.

Employee Beneﬁts Security Administration, U.S. Department of Labor, New Employee Savings Tips – Time Is

on Your Side, available at: https://www.dol.gov/sites/default/ﬁles/ebsa/about-ebsa/our-activities/resource-cen-

ter/publications/new-employee-savings-tips-time-is-on-your-side.pdf (last accessed July 10, 2018).

492.

See, e.g., Sharon Adarlo, Will Small Clients be Claimed by Chatbots?, Financial

Planning (Apr. 18, 2018), available at: https://www.ﬁnancial-planning.com/news/

whats-the-word-on-chatbots-in-wealth-management?brief=00000153-6773-d15a-abd7-efff45d10000.

493.

See, e.g., Heidrick & Struggles, Future of Digital Financial Advice (Dec. 2016), at 19-20, available at: https://

centerforﬁnancialplanning.org/wp-content/uploads/2016/12/Future-of-Digital-Financial-Advice.pdf (summariz-

ing the work of the Certiﬁed Financial Planner Board of Standards Digital Advice Working Group).

494.

Lowell Putnam, Quovo, FINRA Standards Depend on Account Aggregation, Despite Alert’s

Caution, blog post (Apr. 13, 2018), available at: https://www.quovo.com/ﬁntech-blog/the-ecosystem/

ﬁnra-standards-depend-on-account-aggregation-despite-alerts-caution/.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Wealth Management and Digital Financial Planning

162

only oer limited advice.

495

Digital nancial planning is oered by ntech applications, banks and

brokerage rms, and technology companies. ey often use the services of a data aggregator to

centralize information about a consumer’s accounts from multiple nancial institutions.

e scope and nature of digital nancial planning continue to evolve.

496

Digital nancial plan-

ning services oer the ability to aggregate all accounts in one location and to produce balance

sheet type information, such as net worth and investment portfolio summaries. Other services

include budgeting, goal setting, and bill payment functions. Some tools compare a consumer’s

expenses and savings to peer groups in order to change the consumer’s behavior, while others

analyze spending patterns based on nancial transaction data. Using computer algorithms, the

service will make recommendations, such as to reduce expenses in particular areas or to consider

re-nancing outstanding debt. Some services automatically send funds to investment accounts,

such as by rounding up spending transactions or diverting anticipated savings.

Digital nancial planning can oer advice with respect to securities, loan products, or insurance

products. Computer algorithms can provide advice that recommends an asset allocation and

portfolio investments based on the consumer’s responses to questions regarding risk tolerance,

time horizons, and other factors. Some services provide exposure to recommended asset classes

through investment vehicles like low-cost, exchange-traded funds. Investment portfolios may be

automatically rebalanced to remain within recommended allocations and receive advice on tax loss

harvesting strategies.

Some digital nancial planning services directly charge consumers, through either a xed-fee or

a percentage of assets under management. Other programs oer a limited set of services for free

and allow the consumer to “buy up” for additional services. Some services do not impose any fee

directly on the consumer, but instead have relationships with nancial partners that pay a fee for

inclusion in the range of products that the service may recommend.

Issues and Recommendations

Financial planning has not been directly regulated by the federal or state governments through

licensing or registration requirements.

497

Instead, regulatory oversight is triggered either by engag-

ing in certain activities as part of oering nancial planning services or by oering these services

by an individual who is regulated under another regime.

495. Financial Planning Coalition, Consumers Are Confused and Harmed: The Case for Regulation of Financial

Planners, White Paper (Oct. 2014), at 16-19, available at: http://ﬁnancialplanningcoalition.com/wp-content/

uploads/2014/06/Financial-Planning-Coalition-Regulatory-Standards-White-Paper-Final.pdf (“FPC White Paper”).

496.

Cf. Michael Kitces, The Six Levels of Account Aggregation #FinTech and PFM Portals for

Financial Advisors, blog post (Oct. 9, 2017), available at: https://www.kitces.com/blog/

six-levels-account-aggregation-pfm-ﬁntech-solutions-accounts-advice-automation/.

4 97.

Some states have adopted laws regulating the conduct of ﬁnancial planners, but they do not require licens-

ing or registration as a ﬁnancial planner. The deﬁnition of a ﬁnancial planner under state law can vary. For exam-

ple, Nevada’s law applies only to persons offering advice for compensation “upon the investment of money or

upon provision for income to be needed in the future” but Minnesota’s law applies to any person “engaged in

the business of ﬁnancial planning.” See Nev. Rev. Stat. § 628A; Minn. Stat. § 45.026. Both the Minnesota and

Nevada laws impose a ﬁduciary duty upon ﬁnancial planners, but, for example, Connecticut only requires disclo-

sure of whether a ﬁnancial planner has a ﬁduciary duty. See Conn. Pub. Act No. 17-120 (July 5, 2017).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Wealth Management and Digital Financial Planning

163

Many nancial planners provide investment advice and are therefore regulated by the SEC or state

securities regulators.

498

Securities regulators have responded to the recent rise in digital investment

advice by providing guidance related to compliance obligations under existing laws and regula-

tions.

499

Securities regulators also have antifraud authority for nonsecurities advice that stems from

the advisory relationship.

500

Financial planning services provided by agents in connection with the sale of insurance products

are regulated by state insurance regulators. Financial planners providing advice to plan participants

in 401(k) plans are also subject to the obligations and prohibitions under Employee Retirement

Income Security Act of 1974 and DOL rules. Although the Bureau has the authority to regulate

consumer nancial products or services, including nancial advisory services (other than services

relating to securities provided by a person regulated by the SEC or a state securities regulator, and

who is acting in a regulated capacity) provided to consumers for individual nancial matters or

relating to proprietary nancial products or services,

501

the Bureau generally does not have author-

ity over accountants, tax preparers, and attorneys.

502

Financial planning activities conducted by banks and its employees are subject to supervision by

bank regulators and the Bureau. Accountants and attorneys oer nancial planning services that

are subject to oversight by state boards of accountancy and state bars, which may include regula-

tion for conicts of interest.

Under the current regulatory structure, nancial planners could be subject to regulation by multiple

regulators at the federal and state levels, with each regulator responsible for the specic activities

falling within that regulator’s purview. Treasury has concerns as to whether the current regulatory

structure is ecient and appropriately rationalized. For example, a number of digital nancial

planning tools do not provide advice on 401(k) accounts, and some participants in outreach

discussions indicated that regulatory compliance concerns were a factor in such decisions. Given

that 401(k) account balances may account for a signicant portion of an individual’s investment

portfolio, the lack of advice on such accounts will not advance Americans’ ability to save for retire-

ment and accumulate wealth.

498. Applicability of the Investment Advisers Act to Financial Planners, Pension Consultants, and Other Persons

Who Provide Investment Advisory Services as a Component of Other Financial Services (Oct. 8, 1987) [52

Fed. Reg. 38400 (Oct. 16, 1987)].

499.

See Division of Investment Management, U.S. Securities and Exchange Commission, IM Guidance Update

2017-12: Robo-Advisers (Feb. 2017), available at: https://www.sec.gov/investment/im-guidance-2017-02.pdf;

Financial Industry Regulatory Authority, Report on Digital Investment Advice (Mar. 2016), available at: https://

www.ﬁnra.org/sites/default/ﬁles/digital-investment-advice-report.pdf.

500.

Under the antifraud provisions of the Investment Advisers Act, there is no requirement that fraudulent behav-

ior by an investment adviser be in connection with the purchase or sale of securities. See 15 U.S.C. § 80b-6(1)

and (2).

501.

12 U.S.C. §§ 5481(15)(A)(viii) and 5491(a). A ﬁnancial product or service does not include activities relating

to the writing of insurance. See 12 U.S.C. § 5481(15)(C).

502.

12 U.S.C. § 5517.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Updating Activity-Specific Regulations • Wealth Management and Digital Financial Planning

164

Recommendations

Numerous approaches could be undertaken to rationalize the regulatory framework for nancial

planning. For instance, one could focus regulatory responsibility exclusively within a single federal

regulator, either new or existing. Another could be to create a self-regulatory organization (SRO)

that would be subject to oversight by one or more federal regulators. e SRO could be responsible

for promulgating rules, conducting inspections, and undertaking enforcement, as there are cur-

rently no widely applicable regulatory standards for those oering, or claiming to oer, nancial

planning advice that include competency standards and standards of conduct.

503

Alternatively,

the SRO could only promulgate rules, and rely on a regulator to carry out examination and

enforcement.

Treasury believes that appropriate protection for clients of nancial planners, digital and oth-

erwise, can be achieved without imposing either a fragmented regulatory structure or creating

new regulatory entities. Treasury has concerns that the current regulatory structure discourages

the provision of integrated investment advice for assets held in retirement and nonretirement

accounts. A patchwork of regulatory authority makes it more costly for nancial planners — costs

that will be passed on to consumers in the form of higher costs or reduced services. e fragmented

regulatory structure also potentially presents unnecessary barriers to the development of digital

nancial planning services.

Treasury recommends that an appropriate existing regulator of a nancial planner, whether federal

or state, be tasked as the primary regulator with oversight of that nancial planner and other

regulators should exercise regulatory and enforcement deference to the primary regulator. To the

extent that the nancial planner is providing investment advice, the relevant regulator will likely

be the SEC or a state securities regulator.

503. FPC White Paper, at 12-15.

Enabling the Policy Environment

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • Agile and Effective Regulation for a 21st Century Economy

167

Agile and Effective Regulation for a

21st Century Economy

Introduction

While the nancial services industry has been a frequent adopter of new technology, the cur-

rent scale and pace of technological change has left many regulators re-examining their regulatory

frameworks for shortcomings from a perspective of both regulatory eciency and eectiveness.

e United States has historically led the world in innovation in nancial services. Innovation has

played a factor in making the U.S. capital markets the largest, deepest, and most vibrant in the

world and has been of critical importance in supporting the U.S. economy. But the United States

cannot take its leading position in innovation for granted. As the rest of the world takes measures

to improve its ability to create, develop, and deploy innovative new products and services in the

nancial sector, the United States risks losing out by failing to provide appropriate regulatory

clarity and assurances, and remove unnecessary barriers to innovation.

The drive to develop new technologies is relentless,

expanding to more actors with lower barriers of entry,

and moving at accelerating speed. New technologies

include advanced computing, “big data” analytics,

artiﬁcial intelligence, autonomy, robotics, directed

energy, hypersonics, and biotechnology — the very

technologies that ensure we will be able to ﬁght and

win the wars of the future.

The Honorable James N. Mattis,

Secretary of Defense

504

Regulatory Sandboxes

Competitive and free markets help foster economic growth. New ideas can facilitate market e-

ciency, spurring improvements to services and products. Not all innovations will succeed; some

might even cause harm. Regulation should address and potentially mitigate negative externalities.

A regulatory environment with largely binary outcomes — either approval or disapproval — may

lack appropriate exibility for dealing with innovations and often results in extensive delays, after

which the innovation has become obsolete.

e regulatory environment should instead be exible so that rms can experiment without the

threat of enforcement actions that would imperil the existence of a rm. Innovating is an iterative

process, and regulator feedback can play a helpful role while upholding safeguards and standards.

504. Secretary Jim Mattis, Summary of the 2018 National Defense Strategy of the United States of America, available

at: https://www.defense.gov/Portals/1/Documents/pubs/2018-National-Defense-Strategy-Summary.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • Agile and Effective Regulation for a 21st Century Economy

168

Treasury recognizes that U.S. regulators already employ a number of methods in support of inno-

vation and encourages them to build on their eorts. Some examples include:

• Outreach eorts conducted throughout the United States to meet with innovators

• Creation of an agency innovation oce so that innovators have a central point of contact

• Issuance of guidance, exemptive orders, or no-action letters, which may have conditions

or be time-limited, to permit experimentation in the marketplace

• Agency-wide working groups that span multiple divisions and oces to address new

technology trends

• Publication of white papers, speeches, and other materials discussing innovations and

technology

• Engagement with foreign regulators on new developments, including cross-border

collaboration agreements

During outreach discussions with Treasury, however, many stakeholders expressed frustration with the

sheer number of agencies at the federal and state levels that need to be consulted when bringing a new

product or service to market. Frequently, rms nd that it is not even clear which agencies — or which

units within those agencies — need to be engaged. e result is that innovators, particularly smaller

rms, face signicant and unnecessary burdens in terms of time, money, and opportunity costs.

e fragmented nature of the U.S. nancial regulatory system undercuts eorts by regulators to

support innovation. For example, a no-action letter or exemptive relief from one agency may be

of limited use without assurance that other agencies with jurisdiction will provide comparable

relief. Fragmentation also raises the likelihood of inconsistency among regulators. To be eective,

a coordinated eort is needed to obtain appropriate relief across the marketplace.

New technologies, like predictive data analytics, articial intelligence, and blockchain or distrib-

uted ledger technology, are examples of promising innovations that could be used by nancial

services rms. ey are also technologies for which regulatory treatment may be uncertain, if for

no other reason than that innovative technology requires time to mature. From the perspective of

regulators, these technologies may pose unknown benets and risks. In such situations, it would

be benecial for regulators to permit meaningful experimentation in the real world, subject to

appropriate limitations.

Recommendations

Treasury recommends that federal and state nancial regulators establish a unied solution that

coordinates and expedites regulatory relief under applicable laws and regulations to permit mean-

ingful experimentation for innovative products, services, and processes. Such eorts would form,

in essence, a “regulatory sandbox” that can enhance and promote innovation. e solution should

be based on the following principles:

• Promote the adoption and growth of innovation and technological transformation in

nancial services

• Provide equal access to companies in various stages of the business lifecycle (e.g., start-

ups and incumbents)

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • Agile and Effective Regulation for a 21st Century Economy

169

• Delineate clear and public processes and procedures, including a process by which rms

enter and exit

• Provide targeted relief across multiple regulatory frameworks

• Oer the ability to achieve international regulatory cooperation or appropriate deference

where applicable

• Maintain nancial integrity, consumer protections, and investor protections commensu-

rate with the scope of the project

• Increase the timeliness of regulator feedback oered throughout the product or service

development lifecycle

Treasury will work with federal and state nancial regulators to design such a solution in a timely

manner. e alternative of establishing a formal sandbox overseen by a single regulator would

require preemption of a rm’s other regulators, and in some cases may even subject a rm to a

new regulator that is unfamiliar with its operations; it is also very unclear who that single regu-

lator would be. If nancial regulators are unable to address these objectives, however, Treasury

recommends that Congress consider legislation to provide for a single process consistent with the

principles set forth above, including preemption of state laws if necessary.

e parameters of any regulatory sandbox should be designed with the participation of the private

sector and contain appropriate metrics for testing, including sample size and development periods

appropriate to these endeavors, to ensure the eectiveness of product and service development.

International Efforts in Financial Technology

e ongoing attempt to balance innovation and regulation has spawned new regulatory

initiatives, public-private partnerships, and investment schemes across both developed and

emerging economies. In an eort to drive innovation, domestic investment, and eective new

regulatory approaches, nancial authorities abroad have endeavored to establish various “inno-

vation facilitators.” In a recent survey by the Financial Stability Board and Basel Committee

on Banking Supervision, authorities provided information about their respective domestic

approaches toward innovation facilitators in three distinct categories: innovation hubs, accel-

erators, and regulatory sandboxes.

505

Innovation hubs such as LabCFTC provide access points

to regulators for ntech rms, which has the dual benet of providing rms more regulatory

clarity and facilitating information sharing with regulators. Accelerators, such as the various

grants and schemes in Singapore’s Startup SG ecosystem, oer rms incentives to innovate and

start businesses. Regulatory sandboxes like Hong Kong’s Fintech Supervisory Sandbox provide

an environment for rms to conduct pilot trials of nancial innovations under lower regula-

tory burdens than might traditionally be required for the same service provided in a dierent

way, while oering the authorities insights and feedback on new approaches.

505. Basel Committee on Banking Supervision, Sound Practices: Implications of Fintech Developments for Banks

and Bank Supervisors (Feb. 2018), available at: https://www.bis.org/bcbs/publ/d431.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • Agile and Effective Regulation for a 21st Century Economy

170

Sandbox Case Studies

Monetary Authority of Singapore

e Monetary Authority of Singapore (MAS) has introduced a regulatory sandbox — a policy

framework that relaxes specic legal and regulatory requirements for a xed time period for

ntech and nancial institutions experimenting with innovative products and services. Firms

apply for entry into the sandbox, and if approved, MAS will determine what specic regulations

it is prepared to relax for participating rms. In its guidelines for the regulatory sandbox, MAS

notes that the sandbox is not meant to help rms circumvent legal and regulatory require-

ments, but is instead meant to help encourage eciency and manage risks in the nancial

sector.

506

e sandbox may not be appropriate, for instance, if the proposed innovation is

similar to a service already being oered in Singapore or if the applicant has not demonstrated

an adequate level of due diligence. e guidelines are also clear that the nancial service should

have a clear plan to deploy in Singapore or be able to provide some benet for Singapore’s

market and consumers. If a rm is successful in its experimentation, then upon exiting the

sandbox, it must fully comply with Singapore’s legal and regulatory requirements. e MAS

sandbox accepts applications at any time and, if needed, MAS will permit rms to extend their

time in the sandbox on a case-by-case basis.

United Kingdom Financial Conduct Authority

e U.K. Financial Conduct Authority (FCA) launched a regulatory sandbox in June 2016 as

part of the FCA’s Project Innovate, an initiative started in 2014 to encourage innovation with

an explicit mandate to promote competition in U.K. nancial services.

507

e FCA selects

rms in cohorts regardless of a rm’s size or maturity, and allows these rms to test within the

sandbox on a small scale while providing a degree of regulatory clarity and guidance. Firms in

the sandbox are assigned a dedicated case ocer and may be provided with targeted regulatory

assistance, such as waivers or no-action letters, to facilitate a customized regulatory environ-

ment for each test. Before testing in the sandbox, however, rms must meet authorization

requirements relevant for the proposed activity and must meet sucient, bespoke safeguards to

mitigate consumer harm. Upon transitioning out of the sandbox, rms are required to submit

a nal report highlighting the outcomes of the test. e FCA has also indicated an interest

in establishing a global sandbox, where rms could potentially participate and conduct tests

spanning more than one jurisdiction.

Agile Regulation

e pace of technological development and its applications to nancial services have increased

dramatically. It is critical that nancial regulators stay abreast of developments and establish mech-

anisms for adopting appropriate regulation and guidance accordingly without stiing innovations

506. Monetary Authority of Singapore, Fintech Regulatory Sandbox Guidelines (Nov. 2016), available at: http://www.

mas.gov.sg/~/media/Smart%20Financial%20Centre/Sandbox/FinTech%20Regulatory%20Sandbox%20

Guidelines%2019Feb2018.pdf.

5 07.

Financial Conduct Authority, Regulatory Sandbox Lessons Learned Report (Oct. 2017), available at: https://

www.fca.org.uk/publication/research-and-data/regulatory-sandbox-lessons-learned-report.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • Agile and Effective Regulation for a 21st Century Economy

171

that require time to mature. Regulators must be more agile than in the past in order to suc-

cessfully uphold their missions without creating unnecessary barriers to innovation. is requires

principles- and performance-based regulation that enables the private sector to adopt innovative,

technology-based compliance solutions.

In addition, regulators need to understand technology on the same timeline as business. To do this,

nancial regulators need to engage with the private sector to test and understand new technologies

and innovations as they arise. Agile regulation requires regulators to acquire and understand exist-

ing and emerging technologies, to engage with developers and rst-movers, and to hire and retain

sta with the appropriate technical expertise. To this end, Treasury believes that regulators should

increase eorts to proactively engage in collaborative dialogue with the private sector as innovations

arise. Regulators should be looking to facilitate U.S. strengths in technology and work toward the

common goals of fostering markets and promoting growth through responsible innovation.

Procurement

As new technologies are introduced in the nancial services sector, nancial regulators require

the ability to work interactively with them in order to understand them, determine potential

regulatory or operational implications, and evaluate them for potential use by the regulator

itself. Regulators’ hands, however, are frequently tied when it comes to obtaining such technol-

ogy. Although innovators and other participants are often willing to provide the technology or

proofs of concept to the regulator to help improve their understanding, statutory and regulatory

requirements can either expressly prohibit, or eectively prohibit, the acquisition of the technol-

ogy as either a gift or a purchase.

Under principles of federal appropriations law, federal agencies may not augment their appropria-

tions from outside sources absent specic statutory authority.

508

Whether an agency may accept

goods and services often depends on whether the agency has statutory authority to accept gifts.

Because of the longstanding principle against augmenting appropriations, federal agencies may

not accept for their own use gifts of money or other property in the absence of specic statutory

authority.

509

us, even though many ntech companies are willing to provide regulators with new

technology at no cost in order to demonstrate viability or to help expedite the regulatory process,

federal regulators may be precluded from accepting such oers.

If a federal nancial regulator wants to purchase a particular technology and has appropriated

funds, federal acquisition regulations can make it dicult to do so in a timely enough man-

ner to justify the purchase. For example, procurement regulations generally require an agency to

rst establish a dened need for the acquisition, describe the requirements to satisfy the agency

need, and then either engage in sealed bidding or competitive negotiation, which can take many

months. In outreach meetings with Treasury, some regulators indicated that it can be dicult to

identify a specic agency need or describe exact requirements for a potential technological solution

requiring incubation, and that, even if they could, the time to complete the acquisition would

508. U.S. Government Accountability Ofﬁce, Principles of Federal Appropriations Law, Volume II (3rd ed. Feb

2006), at 6-162, available at: https://www.gao.gov/assets/210/202819.pdf.

509.

Id. at 6-222.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • Agile and Effective Regulation for a 21st Century Economy

172

be too lengthy to be eective. e nature of innovative new technologies — not yet widespread,

often without direct substitutes, and materially advancing in technology in matters of weeks not

months — does not t the traditional competitive bidding and procurement processes set out by

federal acquisition regulations. Even the process a rm must undergo to be considered an eligible

bidder for a government contract often dissuades rms from entering the bidder pool, particularly

younger companies with less resources and newer technologies that are bound to change before

the process is completed. ese challenges signicantly limit some nancial regulators’ ability to

better understand, test, and procure new technologies, potentially constraining the eectiveness

and eciency of federal regulation.

Federal acquisition law establishes “other transaction authority,” which allows select government

agencies to develop agreements that do not need to adhere to a standard format or include terms

and conditions required in traditional approaches to acquisition.

510

Other transaction authority has

been authorized for the U.S. Department of Defense (DOD), U.S. Department of Energy, U.S.

Department of Health and Human Services, U.S. Department of Homeland Security (DHS), U.S.

Department of Transportation, National Aeronautics and Space Administration, Federal Aviation

Administration, Transportation Security Administration, Domestic Nuclear Detection Oce,

Advanced Research Projects Agency-Energy, and certain programs at the National Institutes of

Health. Other transaction authority can be granted on a permanent or temporary basis.

Other transaction authority has been used by these agencies to facilitate critical understanding

and application of new technology by the government. DOD launched the Defense Innovation

Unit (Experimental) (DIUx) in order to accelerate the development, procurement, and integration

of commercially derived disruptive capabilities.

511

As DIUx has noted, the state of innovation is

“dramatically dierent from past decades when key technologies were developed in government

labs,” with many new technological developments originating from the commercial sector.

512

Since

June 2016, DIUx has initiated 61 prototype projects with an average time of only 90 days from

rst contact to contract award.

513

Similarly, using other transaction authority, DHS established its

Next Generation Cyber Infrastructure Apex program (“Cyber Apex”), which seeks out solutions

to ll cybersecurity gaps and protection of critical systems and networks.

514

Cyber Apex is work-

ing with a consortium, which includes private companies in the nancial services sector, to test

existing marketplace solutions, while simultaneously working with a DHS innovation program in

Silicon Valley in search of early-stage solutions.

515

510. U.S. Government Accountability Ofﬁce, Federal Acquisitions: Use of “Other Transaction” Agreements Limited

and Mostly for Research and Development (Jan. 2016), available at: https://www.gao.gov/assets/680/674534.

pdf.

511.

Defense Innovation Unit (Experimental), U.S. Department of Defense, Commercial Solutions Opening (CSO),

at 1, available at: https://www.diux.mil/download/datasets/736/DIUx-Commercial-Solutions-Opening-White-

Paper.pdf (last accessed June 29, 2018).

512.

Defense Innovation Unit (Experimental), U.S. Department of Defense, Annual Report 2017, at 2, available at:

https://www.diux.mil/download/datasets/1774/DIUx%20Annual%20Report%202017.pdf.

513.

Id. at 4.

514. Cyber Security Division, U.S. Department of Homeland Security, Technology Guide 2018, at 6, available at:

https://www.hsdl.org/?view&did=808790.

515.

Id.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • Agile and Effective Regulation for a 21st Century Economy

173

Recommendations

Treasury recommends that Congress enact legislation authorizing nancial regulators to use other

transaction authority for research and development and proof-of-concept technology projects.

Regulators should use this authority to engage with the private sector to better understand new

technologies and innovations and their implications for market participants, and to carry out their

regulatory responsibilities more eectively and eciently. Using the expertise of the private sector

in developing regulatory tools will generally produce more optimal solutions than restricting input

to be entirely in-house.

Regtech

In the aftermath of the nancial crisis, nancial services companies have incurred increased

compliance costs in an environment of enhanced regulatory scrutiny. is dynamic has led to

the rise of rms specically focused on delivering products and services that assist regulated

entities in meeting compliance requirements. ese rms have been labeled by some as “reg-

tech” companies.

Regtech within nancial services has grown rapidly as advances in technology have made it

possible to deliver automated solutions for compliance tasks that are otherwise performed

manually. Estimates suggest there are some 80-250 rms currently operating that primarily

serve the nancial services industry’s compliance and regulatory needs. e range of services

is broad and includes activities such as customer identication/verication and transaction

monitoring for Bank Secrecy Act anti-money laundering/countering the nancing of terrorism;

antifraud surveillance; risk assessment and management; market conduct services; origination

processes; and regulatory requirement monitoring.

516

Financial services companies may benet from partnering with regtech rms that have

proprietary technologies or processes such companies may not be able to build in-house,

particularly smaller entities, such as community banks, that may not have the nancial

resources to develop internally the technologies necessary to achieve marginal reductions in

risk and compliance costs. One report on regtech rms estimates that “governance, risk and

compliance (GRC) costs account for 15% to 20% of the total ‘run the bank’ cost base of

most major banks. GRC demand drives roughly 40% of costs for ‘change the bank’ projects

under way.”

517

Regulators at both the federal and state levels can have a signicant impact on the regtech

industry through not only the compliance requirements they set, but also the means by which

examination for compliance is executed. Some emerging regtech solutions aim to facilitate

more ecient communication between regulated nancial institutions and regulators by

providing APIs or distributed ledger technology-based channels to share information, such

516. See Bain and Company, Banking Regtechs to the Rescue? (2016), available at: http://www.bain.com/Images/

BAIN_BRIEF_Banking_Regtechs_to_the_Rescue.pdf; and PricewaterhouseCoopers, Regtech in Financial

Services (2018), available at: https://www.pwc.com/us/en/industries/ﬁnancial-services/research-institute/top-

issues/regtech.html.

5 17.

See Bain and Company, at 3.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • Agile and Effective Regulation for a 21st Century Economy

174

as suspicious transaction reports and supporting information, or other mandatory reports,

with central banks and regulators, and by providing digital channels for further inquiries

and responses.

Treasury encourages regulators to appropriately tailor regulations to ensure innovative technol-

ogy companies providing tools to regulated nancial services companies can continue to drive

technological eciencies and cost reductions. Additionally, Treasury encourages regulators to

seek out and explore innovative partnerships with nancial services companies and regtech

rms alike to better understand new technologies that have the potential to improve the execu-

tion of their own regulatory responsibilities more eectively and eciently.

Engagement

Beyond experimentation, broad regulatory engagement with nancial services companies on mul-

tiple levels is essential. Treasury commends the eorts by nancial regulators to create labs, work-

ing groups, innovation oces, and other channels for industry participants to engage directly with

regulators. ese discussions provide regulators with visibility into technology developments and

provide an opportunity to receive real-time feedback from regulators on their ideas. Additionally,

they encourage an ongoing dialogue, lessening the likelihood that nancial services rms are oper-

ating based on erroneous information or misinterpretation of regulations.

However, a number of reasons have been provided for why some in the private sector may be

reluctant to communicate openly with regulators. A few participants in Treasury outreach meet-

ings raised concerns that conversations with regulators could be used as a reason to initiate an

enforcement investigation.

518

Participants argued that if regulators are not in a position during

engagement sessions to provide either assurances or helpful advice on how innovations can comply

with the rules, then there is little for the market participant to gain from a one-way engagement and

signicant risk of being delayed and losing the chance to be the rst to market. Some rms faulted

nancial regulators for having an “enforcement rst” perspective, not being timely in providing

useful guidance, and not having a sucient appreciation of how delay and regulatory uncertainty

can result in a new product or service being overtaken by a competitor.

Recommendations

Treasury recommends that nancial regulators pursue robust engagement eorts with industry and

establish clear points of contact for industry and consumer outreach. e outcome of engagement

should be to create an environment where growth can occur with appropriate protections while

reducing compliance costs. Both regulators and the private sector must recognize that they have a sym-

biotic relationship that is needed to support the U.S. economy and maintain global competitiveness.

Treasury recommends that nancial regulators increase their eorts to bridge the gap between

regulators and start-ups, including eorts to engage in dierent parts of the country rather than

518. On the other hand, Treasury acknowledges that some ﬁrms may have had reason to believe that their activi-

ties might be subject to regulation and chose not to bring their activities to the attention of regulators. See, e.g.,

Peter Van Valkenburgh, Coin Center, Framework for Securities Regulation of Cryptocurrencies (Jan. 2016),

available at: https://coincenter.org/wp-content/uploads/2016/01/SECFramework2.5.pdf (noting that some

cryptocurrencies may “functionally resemble securities” when sold to investors).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • Agile and Effective Regulation for a 21st Century Economy

175

requiring entities to come to Washington, D.C. Unlike incumbent nancial institutions with

well-established government relations oces, start-ups may be less familiar with how to engage

with federal regulators but equally critical for regulators to engage with. While start-ups must

comply with existing laws and regulations, regulators should seek to understand the business

models of these entities that may be subject to their authorities. Further, Treasury recommends

that nancial regulators periodically review existing regulations as innovations occur and new

technology is developed and determine whether their regulations fulll their original purpose in

the least costly manner.

Treasury recommends that nancial regulators engage at both the domestic and international lev-

els, as nancial technology in many cases is borderless. Treasury encourages international initiatives

by nancial regulators to increase their knowledge of ntech developments in other nations, such

as the recent agreement between the CFTC and the U.K. Financial Conduct Authority.

519

Education

More eorts need to be taken to close the knowledge gap, both between private industry and

regulators, and among and within nancial regulators themselves. In outreach meetings with

Treasury, many industry participants from both the nancial services industry and the technology

industry indicated that regulators and examiners often lack basic knowledge about the technologies

employed by rms. Participants also indicated that technical sophistication often varied among

regulators, adding to diculties in navigating an already fragmented regulatory system.

Treasury acknowledges that it is challenging for the U.S. government to attract and retain talented

human capital, as it lacks the ability to compete for such talent with incentives such as higher

salaries and equity compensation. While the attraction of highly qualied technical personnel to

the private sector may disadvantage the government, it is surely a benet for U.S. rms leading the

world in innovation.

Because innovation in technology occurs at such a rapid pace, Treasury recognizes that it may be

impractical for individuals to leave the private sector temporarily and commit to public service

for an extended period of time without being at signicant risk of not being able to re-enter the

technology sector at a competitive level. us, the nature of the technology industry creates a

structural close hold on its workforce. Despite these dierences, Treasury believes that a number of

steps can be taken to improve the technology-savviness of the regulatory workforce.

Currently, some universities have programs that bring policymakers and the technology industry

together through practical simulations and experiential learning, requiring each to walk in the

shoes of the other. ese activities, for instance when applied to topics like cybersecurity, help

policymakers to understand and appreciate the demands of managing a corporation and a rm’s

duties that may cause the rm to take various actions in response to regulatory guidance. ese

types of experiential learning opportunities are critical to bridging the knowledge gap between

regulators and the entities they regulate.

519. U.S. Commodity Futures Trading Commission, Press Release No. 7698-18 (Feb. 19, 2018), available at:

https://www.cftc.gov/PressRoom/PressReleases/pr7698-18.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • Agile and Effective Regulation for a 21st Century Economy

176

Another approach to bridging this gap is to bring experts into a regulatory agency on temporary

assignment. Some agencies, like the SEC, already have existing professional fellowship programs

in which outside industry veterans join the agency on a non-permanent basis and are subject to

extensive requirements to manage any conicts of interest that arise from their temporary hiatus

from the private sector. Regulators benet from exposure to the fellow’s knowledge, and the fellow

benets from exposure to the regulator’s mission and operations. e experience and understand-

ing of regulatory processes acquired during these fellowships is then shared by the participating

fellows upon returning to industry.

Since 2012, the U.S. Government has recruited Presidential Innovation Fellows to leverage outside

industry expertise to work with the government. e Presidential Innovation Fellows serve for a

12-month program, which can be extended for up to a total of four years. To date, none of the

nancial regulators have participated in the program. Recently, the OCC considered creating new

positions for Innovation Fellows as part of its eorts to better understand innovation. Treasury

encourages nancial regulators to consider establishing similar fellowship opportunities that would

focus on nancial technology, recognizing the likely shorter duration required to make such a

fellowship successful in attracting the right talent.

Critical Infrastructure

e transformational technologies and service oerings examined by this report in key areas

of nancial services have generated even further innovation leading to the re-architecting of

current technologies, applications, networks, and back-oce infrastructures. Cybersecurity,

resilience, and operational risk considerations are inseparable from any examination of these

technologies. Particularly when applied to nancial services, these developments directly

impact the nation’s critical infrastructure.

Increased reliance on emerging technologies yields benets as well as new risks, requiring devel-

opers to build for security, resiliency, and agility from the start, not as afterthoughts. Treasury

recommends that nancial regulators thoroughly consider cybersecurity and other operational

risks as new technologies are implemented, rms become increasingly interconnected, and

consumer data are shared among a growing number of rms, including third parties. e

task of ensuring that the country’s critical infrastructure — systems, networks, functions, and

data — remain available and reliable is increasingly complex as risks may reside throughout the

supply chain, not solely with the owner or operator. Furthermore, the supply chain includes a

mix of rms, operating under a range of cybersecurity risk proles — some may lack common

baseline cybersecurity protections and standards, and others, even regulated rms subject to

cybersecurity regulations, suer from diering interpretations and implementations of regula-

tory guidance. A rm with a more mature cybersecurity posture may additionally be exposed

to cybersecurity risks because its vendors or suppliers have not developed a similarly robust

cybersecurity posture.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • International Approaches and Considerations

177

e Banking Report provided two recommendations regarding cybersecurity that Treasury

continues to endorse: (1) developing a common lexicon, and (2) harmonizing regula-

tions.

520

In addition to the work taking place within the Financial and Banking Information

Infrastructure Committee (FBIIC) to implement those recommendations, the FBIIC agen-

cies should neither stie innovation, nor mandate specic technology solutions; the FBIIC

agencies should remain technology neutral. Treasury additionally recommends that the

FBIIC consider establishing a technology working group charged with better understanding

the technologies that rms are increasingly relying upon, and staying well-informed regard-

ing innovation taking place within the sector.

Policy approaches to protect the nation’s critical infrastructure cannot focus solely on regula-

tion and the nancial regulators. Treasury will continue to partner with federal agencies to

better understand supply chain and third-party risks, and work directly with nancial services

rms, and across the critical infrastructure community, to address these challenges.

Treasury also encourages the sector to migrate away from the historical focus on threat, and

balance that with a focus on vulnerability identication and remediation. Broadly speaking,

the nancial services industry works very hard now to identify threats that exploit vulner-

abilities to create risk. Reducing vulnerabilities is as important, if not more so, as reducing

risk. When a vulnerability is found and closed, no one can exploit it. Alternatively, nding

one threat (such as a criminal enterprise) and shutting it down will still leave the vulnerability

available in a system for exploitation by other threats.

To this end, Treasury commits to leading a multiyear program with the nancial services

industry to identify, properly protect, and remediate vulnerabilities. Finally, Treasury supports

the industry’s continued eorts to promote and support the adoption of the National Institute

of Standards and Technology Cybersecurity Framework to reduce risks to the nation’s nancial

critical infrastructure.

International Approaches and Considerations

Overview

Across the world, many economies are shifting toward enabling more open and faster banking

services by enabling greater competition from nonbanks like ntechs and technology companies.

Primarily, open banking has entailed enabling greater access to nancial data or payment clearing

and settlement systems that were previously maintained by or provided to banks and unavailable

to nonbanks. Often, this enhanced access is provided through APIs. ese eorts are largely in

the preliminary stages of being implemented but are expected to signicantly shape how nancial

services are delivered in these economies.

520. The Banking Report, at 31.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • International Approaches and Considerations

178

• India: India introduced the Unied Payments Interface (UPI) in August 2016, which allows

for open API interfaces for real-time payments.

521

e UPI, combined with other policy

eorts to minimize the use of cash, promote digital identity, and leverage mobile devices, has

created an environment where many new payment players are expected to emerge.

• Europe and the United Kingdom: e Revised Payment Services Directive (PSD2)

and the United Kingdom’s Open Banking initiative were intended to encourage greater

competition within these jurisdictions’ banking systems by allowing nonbank rms to

connect to banking payments and data systems through licensing regimes tailored for

these activities.

522

• Australia: Australia commissioned an open banking study, with the nal report published in

late 2017.

523

e government is now consulting on a nal decision and implementation.

• Hong Kong: Hong Kong is embarking on an initiative to launch a “new era of smart

banking.” is initiative was announced in September 2017,

524

and includes areas of

focus such as faster payments, ntech sandboxes, and open-banking APIs. To implement

the API aspect of the strategy, the Hong Kong Monetary Authority published an open

API framework in July 2018.

525

• Singapore: e Monetary Authority of Singapore has taken a more organic approach to

open banking. While the idea is being encouraged by the government, Singapore believes

that open banking will ultimately be more successful if it is led by the industry and not

done through government mandates.

526

Financial services companies have been working

toward APIs as the Association of Banks in Singapore released a voluntary API playbook

for banks in 2016.

527

521. National Payments Corporation of India, Press Release – NPCI’s Uniﬁed Payments Interface (UPI) Set to Go

Live (Aug. 25, 2016), available at: https://www.npci.org.in/sites/default/ﬁles/NPCIsUniﬁedPaymentsInterface%

28UPI%29settogoliveAugust252018.pdf.

522.

Competition and Markets Authority, Retail Banking Market Investigation: Final Report (Aug. 9, 2016), at 441-

461, available at: https://assets.publishing.service.gov.uk/media/57ac9667e5274a0f6c00007a/retail-bank-

ing-market-investigation-full-ﬁnal-report.pdf; Directive (EU) 2015/2366 of the European Parliament and of the

Council (Nov. 25, 2015), available at: http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32015

L2366&from=EN (preamble).

523.

The Treasury (Australia), Review into Open Banking: Give Customers Choice, Convenience and Conﬁdence (Dec.

2017), available at: https://static.treasury.gov.au/uploads/sites/1/2018/02/Review-into-Open-Banking-_For-web-1.pdf.

524.

Hong Kong Monetary Authority, Press Release – A New Era of Smart Banking, Press Release (Sept. 29,

2017), available at: http://www.hkma.gov.hk/eng/key-information/press-releases/2017/20170929-3.shtml.

525.

Hong Kong Monetary Authority, Press Release – Open API Framework for the Banking Sector and the Launch

of Open API on HKMA’s Website, Press Release (July 18, 2018), available at: http://www.hkma.gov.hk/eng/

key-information/press-releases/2018/20180718-5.shtml.

526.

Chanyaporn Chanjaroen and Haslinda Amin, Singapore Favors ‘Organic’ Policy in Move Toward Open

Banking, Bloomberg (Apr. 11, 2018), available at: https://www.bloomberg.com/news/articles/2018-04-12/

singapore-favors-organic-policy-in-move-toward-open-banking.

5 27.

The Association of Banks in Singapore, Media Release – The Association of Banks in Singapore Issues

Finance-as-a-Service: API Playbook, Media Release (Nov. 16, 2016), available at: https://abs.org.sg/docs/

library/mediarelease_20161116.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • International Approaches and Considerations

179

Within banking systems, there are also signicant eorts to modernize and increase core capa-

bilities, such as in the area of payments. Many jurisdictions around the world have embarked

on initiatives to increase the speed of wholesale payments through implementation of real-time

payment systems. As of mid-year 2017, it was estimated that there were 25 countries (primarily

large advanced economies) that had some type of live faster-payments system.

528

Impacting the provision of credit, nonbank digital lenders have emerged in many jurisdictions

that deploy automated lending platforms, provide rapid credit decisions, and are funded through

investment capital or peer-to-peer nancing.

529

Some of the most sizable activity and fastest growth

has occurred in U.S., Chinese, and U.K. markets. e U.S. market has grown rapidly to about $35

billion in 2016, or roughly three times 2014 levels. e U.K. market, while materially smaller, has

also roughly tripled since 2014 to £4.6 billion. Meanwhile, the Chinese market has grown to $246

billion in 2016, up by a factor of 10 from $24.3 billion in 2014.

530

Common across these markets

is an emphasis on providing credit to consumer and small business segments.

Data Regulation

e expanded access to nancial and nonnancial data enabled by movement toward more open

banking across multiple jurisdictions has raised critical issues with respect to protecting the con-

dentiality of consumers’ nancial and personal data. Multiple jurisdictions have adopted laws to

address some of these growing concerns with respect to their personal data. For example, Europe

recently introduced its General Data Protection Regulation (GDPR), which attempts to create

a fundamental right to privacy that includes the right for people to have their data deleted and

transferred, among other provisions. e GDPR, however, has raised a number of questions about

implementation for companies, regardless of their country of domicile, that hold the personal

data of E.U. and U.K. citizens.

531

Uncertainties in the implementation of GDPR may also create

unnecessary barriers to trade and damage cross-border regulatory cooperation due to this lack

of regulatory clarity. Some other examples of eorts to add personal data protection regulations

528. FIS, Flavors of Fast: A Trip Around the World of Immediate Payments (4

ed. June 2017), at 29-55, available

at: https://www.ﬁsglobal.com/ﬂavors-of-fast-2017.

529.

See, e.g., World Economic Forum, The Future of FinTech: A Paradigm Shift in Small Business Finance (Oct.

2015), available at: http://www3.weforum.org/docs/IP/2015/FS/GAC15_The_Future_of_FinTech_Paradigm_

Shift_Small_Business_Finance_report_2015.pdf (discussing small business lending via marketplace lenders).

530.

Tania Ziegler et al., The 2017 Americas Alternative Finance Industry Report, University of Cambridge Judge

Business School Centre for Alternative Finance (May 2017), available at: https://www.jbs.cam.ac.uk/ﬁlead-

min/user_upload/research/centres/alternative-ﬁnance/downloads/2017-06-americas-alternative-ﬁnance-indus-

try-report.pdf (U.S. market); Kieran Garvey et al., Cultivating Growth: The 2nd Asia Paciﬁc Region Alternative

Finance Industry Report, University of Cambridge Judge Business School Centre for Alternative Finance (Sept.

2017), available at: https://www.jbs.cam.ac.uk/ﬁleadmin/user_upload/research/centres/alternative-ﬁnance/

downloads/2017-12-cultivating-growth.pdf (Chinese market); Bryan Zhang et al., Entrenching Innovation:

The 4th UK Alternative Finance Industry Report, University of Cambridge Judge Business School Centre for

Alternative Finance (Dec. 2017), available at: https://www.jbs.cam.ac.uk/ﬁleadmin/user_upload/research/cen-

tres/alternative-ﬁnance/downloads/2017-12-21-ccaf-entrenching-innov.pdf (U.K. market).

531.

See, e.g., Secretary Wilbur Ross, E.U. Data Privacy Laws are Likely to Create Barriers to Trade, Financial

Times (May 30, 2018).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • International Approaches and Considerations

180

include Hong Kong’s Personal Data Ordinance on Privacy in 2012,

532

Australia’s Consumer Data

Right,

533

and Singapore’s Personal Data Protection Act.

534

Business Models

Nonbanks and technology-focused companies have played active roles in developing payments

and credit-scoring systems to improve the access to and functionality of nancial services, and

to reduce costs. While access to payment clearing and settlement services is generally limited to

depositary institutions in the United States, some countries have provided mechanisms that allow

nonbanks to access those services. Notable examples include China and regions of Africa, where

the payments market is heavily reliant on nonbank-operated chat or mobile phone text message

systems.

In China, authorities have allowed nonbank ntechs to access payment systems to clear and

settle retail payment transactions. Large nonbank rms, like Ant Financial (AliPay) and Tencent

(WeChat) have established dominant positions in the Chinese mobile payments market, with

54.3% and 38.2% shares of the market, respectively, in 2017.

535

e mobile wallets and payments

mechanisms allow consumers to make payments while shopping online or through a messaging

app, and provide access to other nancial services oered within the ecosystem of the company

that owns the mobile wallet.

536

M-PESA, which began in Kenya, is another example of a nonbank payments company that oper-

ates outside a bank-centric payments ecosystem. It is operated by a telecommunications company

and allows customers to make and receive payments using a mobile phone, without the need for

a bank account. As of year-end 2016, M-PESA was live in 10 countries, had 29.5 million active

customers, and processed about 6 billion transactions.

537

Given the success of these nonbank models in some jurisdictions, it is not surprising that many

analysts are estimating that a signicant share of nancial institutions’ volumes and prots around

532. Privacy Commissioner for Personal Data (Hong Kong), The Ordinance at a Glance, available at: https://www.

pcpd.org.hk/english/data_privacy_law/ordinance_at_a_Glance/ordinance.html (last accessed June 29, 2018).

533.

As announced on November 26, 2017, the Consumer Data Right (CDR) is intended as an economy-wide

right, to be applied sector-by-sector on the designation of the Australian Treasurer. The Treasurer will be lead-

ing the development of the CDR, with the design of the broader CDR informed by the government’s response

to the recommendations of its open banking review. See The Treasury (Australia), Consumer Data Right – Fact

Sheet, available at: http://static.treasury.gov.au/uploads/sites/1/2018/02/180208-CDR-Fact-Sheet-1.pdf (last

accessed June 29, 2018).

534.

Personal Data Protection Commission (Singapore), Legislation and Guidelines Overview, available at: https://

www.pdpc.gov.sg/Legislation-and-Guidelines/Personal-Data-Protection-Act-Overview (last accessed June 29,

2018).

535.

Don Weinland, Tencent Closes in on Alipay Crown, Financial Times (Apr. 3, 2018).

536.

Mancy Sun et al., Goldman Sachs Equity Research, The Rise of China Fintech (Aug. 7, 2017); Wei Wang and

David Dollar, Brookings Institution, What’s Happening with China’s FinTech Industry (Feb. 2018), available at:

https://www.brookings.edu/blog/order-from-chaos/2018/02/08/whats-happening-with-chinas-ﬁntech-industry/.

5 37.

Vodafone Group Plc., Press Release – Vodafone Marks 10 Years of the World’s Leading Mobile Money

Service, M-Pesa (Feb. 21, 2017), available at: http://www.vodafone.com/content/index/media/vodafone-group-

releases/2017/m-pesa-10.html#.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • International Approaches and Considerations

181

the world are at risk of disruption from technology-driven business models.

538

In particular, tech-

nology rms are expected to take advantage of new open-banking paradigms, such as Europe’s

PSD2 or India’s UPI, for instance, by using messaging platforms to access the country’s real-time

payment system.

New Technologies

In this changing international landscape, the intersection of technological advancement, data pri-

vacy, and industrial policy has put pressure on globally active rms. As they confront technological

innovation, some foreign governments have attempted to restrict access to U.S. rms by, for example,

requiring data to be stored and processed locally, putting caps on foreign ownership, forcing joint

ventures, and enforcing discriminatory licensing requirements. ese restrictions have a range of

commercial consequences for those rms and may conict with regulatory objectives, both in the

United States and abroad.

Interest in crypto-assets from a range of nancial authorities has increased substantially over the

past year, as evidenced in the March 2018 G20 Finance Ministers and Central Bank Governors

Communiqué. For the rst time, the G20 explicitly addressed crypto-assets, and assigned the

Financial Stability Board (FSB) “in consultation with other standard-setting bodies, including

the Committee on Payments and Market Infrastructures and the International Organization of

Securities Commissions, and Financial Action Task Force (FATF) to report in July 2018 on their

work on crypto-assets.” e resulting report sets out the metrics that the FSB will use to monitor

crypto-asset markets as part of its ongoing assessment of vulnerabilities in the nancial system.

539

e G20 authorities are cognizant of the inherent risks these new assets currently pose for investor

protection and anti-money laundering and illicit nance regimes.

538. Miklós Dietz et al., McKinsey & Company, Remaking the Bank for an Ecosystem World (Oct. 2017), available

at: https://www.mckinsey.com/industries/ﬁnancial-services/our-insights/remaking-the-bank-for-an-ecosystem-

world (estimating that 65% of bank proﬁts are under threat from nonbank players, like large technology platform

companies); Aaron Fine and Rick Chavez, Oliver Wyman, The Customer Value Gap: Re-Calculating the Route

(2018), available at: http://www.oliverwyman.com/content/dam/oliver-wyman/v2/publications/2018/January/

state-of-the-ﬁnancial-industry-2018-web.pdf.

539.

Financial Stability Board, Crypto-Assets: Report to the G20 on Work by the FSB and Standard-Setting

Bodies (July 16, 2018), available at: http://www.fsb.org/wp-content/uploads/P160718-1.pdf.

March 2018 G20 Communiqué

We acknowledge that technological innovation, including that underlying crypto-assets, has the potential to improve

the efﬁciency and inclusiveness of the ﬁnancial system and the economy more broadly. Crypto-assets do, however,

raise issues with respect to consumer and investor protection, market integrity, tax evasion, money laundering and

terrorist ﬁnancing. Crypto-assets lack the key attributes of sovereign currencies. At some point they could have

ﬁnancial stability implications. We commit to implement the FATF standards as they apply to crypto-assets, look

forward to the FATF review of those standards, and call on the FATF to advance global implementation. We call on

international standard-setting bodies to continue their monitoring of crypto-assets and their risks, according to their

mandates, and assess multilateral responses as needed.

Source: Communique of the G20 Finance Minsters & Central Bank Governors, Buenos Aires, Argentina (March 19-20, 2018).

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • International Approaches and Considerations

182

Related to these issues, but separate from the focus on crypto-assets, is continuing international inter-

est in the underlying technology. e nancial services industry is already developing applications

for distributed ledger technology (DLT), including in commodities trading and securities settle-

ment, property registries, and secure, trusted identity products and services, among other use-cases.

Some central banks have contemplated the potential for central bank-backed digital currencies, or a

tokenized form of a at currency that utilizes DLT, asserting that they could potentially help reduce

fees, processing times, and operational risk for market participants. Whether such potential benets

could materialize is still highly uncertain. Some central bankers are also considering how to use DLT

to conduct interbank payments or employ DLT as a basis for other nancial infrastructure, including

through Project Ubin at the Monetary Authority of Singapore and Project Jasper at the Bank of

Canada. Private consortiums are also experimenting with permissioned distributed ledgers, which

operate by allowing only a known set of participants to validate transactions.

International Engagement

e United States engages with international counterparts on a bilateral and multilateral basis

to advance U.S. interests abroad. Given the cross-border implications of nancial technology,

international bodies have established various groups focused on nancial innovation. Financial

authorities from the United States participate in international forums such as G20, the FSB, and

International Monetary Fund to identify and manage global challenges, mitigate nancial stabil-

ity risks, and strengthen the external environment for U.S. growth. Additionally, U.S. authori-

ties monitor developments and gather information to inform U.S. regulatory and supervisory

approaches and priorities.

e United States strives to advance a coordinated policy approach at relevant international

forums and standard-setting bodies. As nancial technologies evolve, the emerging regulatory

issues stemming from nancial innovation often mean that U.S. authorities are in the process of

developing a domestic regulatory approach at the same time that international organizations and

standard-setting bodies are determining an international agenda. It is important that the United

States remain engaged in these international discussions to ensure that any outcomes are consistent

with domestic priorities.

International organizations have ramped up work on nancial innovation in response to mem-

bers’ demand. However, U.S. authorities should guard against international standards being

prematurely adopted before domestic policy is suciently advanced. International forums oer

important opportunities for U.S. regulatory authorities to share experiences and gather informa-

tion about the implications of nancial innovation for policy objectives such as nancial stability,

investor protection, and illicit nance regimes. Financial innovations can pose fresh questions

and challenges for regulatory authorities, and there is a tension between taking time to develop

competency and experience relevant to a new technology and adopting a regulatory framework

for that technology in a timely manner. For this reason, international regulatory approaches and

standards should be developed in coordination with market participants to ensure the regulatory

regime is appropriately calibrated.

Given the nature of innovations in nancial technology, cybersecurity is of critical importance, and

the United States remains committed to building cyber resilience in the nancial sector domestically

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • International Approaches and Considerations

183

and internationally. Internationally, the United States is engaging with foreign counterparts on

cybersecurity in the nancial sector through several key multilateral and bilateral partnerships. At

the G-7, Treasury co-chairs the Cybersecurity Expert Group (CEG) with the Bank of England. e

CEG discusses approaches to nancial sector cybersecurity, with the objective of fostering com-

mon understandings and collaboration on areas of interest. e G-7, through the CEG, continues

to work toward building cyber resilience internationally in the nancial services sector.

Figure 25 illustrates the various initiatives related to nancial innovation underway in a number

of prominent international bodies. Treasury continues to engage closely with other U.S. agen-

cies, including those representing the United States at the Committee on Payments and Market

Infrastructures, the International Organization of Securities Commissions, FATF, and other inter-

national bodies, to maintain a unied message — namely that we support responsible innovation

in the marketplace, while maintaining the integrity and accessibility of the nancial system. It is

important that we stay vigilant to the international discussions on nancial innovation, particu-

larly any which may result in the potential development of standards or best practices, to ensure

that any outcomes are balanced and consistent with the U.S. approach.

Recommendations

Treasury should continue to leverage international bodies to support our domestic agenda, with

domestic nancial and regulatory priorities guiding the positions we take in international forums.

Treasury will work to ensure actions taken by international organizations align with U.S. national

interests and the domestic priorities of U.S. regulatory authorities. Treasury believes in avoiding

regulatory fragmentation where possible, and promoting international approaches that facilitate

cross-border capital and investment ows. It would be premature, however, to develop international

regulatory standards for many applications of nancial technology currently under discussion. In

these cases, Treasury recommends continued participation by relevant experts in international forums

and standard-setting bodies to share experiences regarding respective regulatory approaches and to

benet from lessons learned. Market participants require regulatory clarity to operate, but that clarity

must start from domestic authorities determining the right approach within their own jurisdictions.

Treasury and U.S. nancial regulators should engage with the private sector with respect to ongo-

ing work programs at international bodies to ensure regulatory approaches are appropriately cali-

brated. Discussions on nancial innovation occurring in international organizations sometimes do

not include relevant experts. Additionally, central banks, ministries of nance, and capital markets

regulators must continue building relevant in-house expertise regarding nancial innovations such

as cloud services, APIs, and articial intelligence.

Finally, Treasury and U.S. nancial regulators should proactively engage with international orga-

nizations to ensure that they are adhering to their core mandates. Standard-setting bodies should

closely align their work and recommendations with the core competencies of each institution,

including when they are addressing issues related to applications of nancial technology.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • International Approaches and Considerations

184

Figure 25: International Interagency Fintech Collaboration Efforts

Group Name

Participating agencies Mission / Goals Correlation to Fintech

The Bank for International Settlements, Committee on Payments and Markets Infrastructure and Committee on

the Global Financial System

Federal Reserve (committee chair)

and the Federal Reserve Bank of

New York represent the United

States. Other members include other

central banks.

Identify and assess potential sources

of stress in global ﬁnancial markets,

further the understanding of the

structural underpinnings of ﬁnancial

markets, and promote improvements

to the functioning and stability of

these markets.

Fintech Payments and Lending.

From 2014 to February 2017,

the Committee on Payments and

Markets Infrastructure has published

papers on a variety of ﬁntech

payments topics including DLT in

payments, virtual currencies, faster

payments, and nonbanks in retail

payments papers.

Basel Committee on Banking Supervision’s Task Force on Financial Technology (TFFT)

OCC co-chairs, and FDIC and

Federal Reserve also represent the

United States. Other participants

include central banks and authorities

with formal responsibility for the

supervision of banking business.

TFFT assesses the risks and

supervisory challenges associated

with innovation and technological

changes affecting banking.

General Fintech. TFFT’s work is

currently focused on the effect

that ﬁntech has on banks and

banks’ business models, and the

implications this has for supervision.

Financial Action Task Force (FATF) Fintech & Regtech Forums

Treasury (lead), Federal Reserve and

OCC represent the United States.

Other members include agencies

from other jurisdictions and two

regional organizations, and associate

members include other international

and regional organizations.

Conduct industry outreach and

provide a platform for a constructive

dialogue and support innovation in

ﬁnancial services while addressing

the regulatory and supervisory

challenges posed by emerging

technologies.

General Fintech. In 2017, FATF

held three ﬁntech-related events

on ﬁntech, regtech, and AML/

countering the ﬁnancing of terrorism

(CFT) covering topics including:

relevance of emerging ﬁntech

trends to ﬁnancial institutions; AML/

CFT standards in ﬁntech; how

different jurisdictions approach the

regulation and supervision of ﬁntech;

ﬁntech’s effect on AML/CFT-related

information availability and exchange;

and risk management and mitigation

for ﬁntech.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Enabling the Policy Environment • International Approaches and Considerations

185

Group Name

Participating agencies Mission / Goals Correlation to Fintech

Financial Stability Board Financial Innovation Network

Treasury, FRB, SEC, OCC, FDIC,

FRBNY, and the Ofﬁce of Financial

Research represent the United

States. Other members include

central banks and authorities

with formal responsibility for the

supervision of banking business.

The Financial Stability Board

promotes international ﬁnancial

stability by coordinating national

ﬁnancial authorities and international

standard-setting bodies as they

work toward developing ﬁnancial

sector policies. The Financial

Innovation Network is responsible

for understanding emerging trends

in ﬁnancial services and the potential

effect on ﬁnancial stability.

General Fintech. In 2017, published

white papers and a report on the

ﬁnancial stability implications of

ﬁntech credit (in collaboration

with the Committee on the Global

Financial System), the use of artiﬁcial

intelligence (AI) and machine

learning in ﬁnancial services, and

ﬁntech supervisory and regulatory

issues that merit authorities’

attention.

International Credit Union Regulators Network (ICURN)

NCUA represents the United States.

Other members include national and

other supervisors of credit unions

and ﬁnancial cooperatives.

ICURN provides training to

supervisors of credit unions and

ﬁnancial cooperatives on a variety

of topics.

General Fintech. ICURN’s July 2017

conference included a panel on

understanding ﬁntech and regulation.

Discussion covered sectors

including payments, lending, digital

wealth management, and DLT.

International Organization of Securities Commissions (IOSCO), Committee on Emerging Risks

SEC and CFTC represent the United

States. Other members include

national and provincial securities

regulators.

IOSCO brings together the world’s

securities regulators and works

with the G20 and the Financial

Stability Board (FSB) on the global

regulatory reform agenda. The

Committee on Emerging Risks

provides a platform for securities

regulators and economists to

discuss emerging risks and market

developments and to develop and

assess tools to assist regulators in

reviewing the regulatory environment

and identifying, monitoring, and

managing systemic risk.

General Fintech. In February 2017,

the Committee on Emerging Risks

published a research report on

ﬁntech, which included sections on

ﬁntech lending, digital investment

advice, DLT, ﬁntech in emerging

markets, and other regulatory

considerations. IOSCO also

established an Initial Coin Offering

Consultation Network, through

which members can discuss their

experiences and concerns regarding

token sales, and has issued

related statements to members and

the public.

Source: U.S. Government Accountability Ofﬁce, Financial Technology: Additional Steps by Regulators Could Better Protect Con-

sumers and Aid Regulatory Oversight (March 2018).

Appendix A

Participants in the Executive Order

Engagement Process

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

189

Participants in the Executive

Order Engagement Process

GOVERNMENT AND INTERNATIONAL

U.S. Federal and State

Appraisal Subcommittee of the

Federal Financial Institutions

Examination Council

Arizona Attorney General’s Office

Board of Governors of the Federal

Reserve System

Bureau of Consumer

Financial Protection

Bureau of the Fiscal Service — U.S.

Department of the Treasury

Conference of State Bank

Supervisors

Defense Innovation Unit

Experimental (DIUx)

Federal Communications

Commission

Federal Deposit Insurance

Corporation

Federal Housing Administration

Federal Housing Finance Agency

Federal Trade Commission

Financial Crimes

Enforcement Network

Financial Industry Regulatory

Authority

Government National Mortgage

Association (Ginnie Mae)

National Association of Consumer

Credit Administrators

National Credit Union

Administration

North American Securities

Administrators Association

Office of the Comptroller of the

Currency

U.S. Department of Homeland

Security

U.S. Department of Housing and

Urban Development

U.S. Commodity Futures Trading

Commission

U.S. Securities and Exchange

Commission

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix A • Participants in the Executive Order Engagement Process

190

Non-United States

Bank of Canada

Dutch National Bank

European Commission

International Monetary Fund

Monetary Authority of Singapore

U.K. Financial Conduct Authority

EXPERTS AND ADVOCATES

Americans for Financial Reform

Autonomous NEXT

Bandman Advisors

CB Insights

Center for Financial Services

Innovation

Center for Responsible Lending

David Yermack, New York University

Stern School of Business

Davis Polk & Wardwell LLP

Delta Strategy Group

Marco Santori, Blockchain.com

Michael Kitces, CFP

Mercatus Center at George Mason

University

National Community Reinvestment

Coalition

National Consumer Law Center

Paul Hastings LLP

Thomas W. Miller Jr., Mississippi

State University College of

Business

U.S. Public Interest Research

Group

Urban Institute

Willkie Farr & Gallagher LLP

World Economic Forum

TRADE ASSOCIATIONS

American Bankers Association

American Financial Services

Association

American Institute of Certified

Public Accountants

American Land Title Association

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix A • Participants in the Executive Order Engagement Process

191

American Transaction Processors

Coalition

CFA Institute

Community Financial Services

Association of America

Consumer Bankers Association

Consumer Financial Data Rights

Electronic Transactions Association

Financial Innovation Now

Financial Planning Association

Financial Services Centers of

America

Financial Services Information

Sharing and Analysis Center

Financial Services Roundtable

Futures Industry Association

Global Financial Markets

Association

Independent Community Bankers

of America

International Swaps and Derivatives

Association

Investment Adviser Association

Investment Company Institute

MarketPlace Lending Association

Money Service Business

Association

Mortgage Bankers Association

National Association of Auto

Dealers

National Association of Personal

Financial Advisors

National Association of Realtors

National Money Transmitters

Association

Network Branded Prepaid Card

Association

Online Lenders Alliance

Real Estate Valuation Advocacy

Association

Receivables Management

Association

Securities Industry and Financial

Markets Association

Small Business Finance

Association

Structured Finance Industry Group

The Appraisal Foundation

The Data Coalition

U.S. Chamber of Commerce

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix A • Participants in the Executive Order Engagement Process

192

FIRMS

Ace Cash Express

Advance America

Affirm

Ally

Amazon

American Education Services/

PHEAA

American Express

American Honda Finance

Corporation

Andreesen Horowitz

Apple Pay

Avant

Bank of America

Bayview Loan Servicing

BBVA

Better Mortgage

Betterment

Black Knight, Inc.

BlackRock/FutureAdvisor

Blend

Blooom

Bloq

BNP Paribas

Capital One

Charles Schwab & Co.

Chase Mortgage Servicing

Citigroup

CLS Bank

Coinbase

CommonBond

Compass Point Research

and Trading

ConsenSys

CoreLogic

Credit Karma

Credit Suisse

Cross River Bank

Depository Trust and

Clearing Corporation

DRW Venture Capital

DV01

E*TRADE

Early Warning

Ellie Mae

Encore Capital

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix A • Participants in the Executive Order Engagement Process

193

Envestnet | Yodlee

Experian North America

Facebook

Fair Isaac Corporation (FICO)

Fannie Mae

Fay Servicing

Fidelity Investments

Financial Engines

First Data

FIS

Folio Investing

Freddie Mac

FT Partners

Funding Circle

Goldman Sachs

Google

Great Lakes

Intercontinental Exchange

Intercontinental Exchange/

MERSCORP

Intuit

Invesco

JPMorgan Chase

Kabbage

Keefe, Bruyette & Woods

Lightspeed Venture Partners

LeadsMarket

LedgerX

Legal & General Investment

Management America

Lend360

Lending Club

LoanCare

LoanDepot

Mastercard

Microsoft Azure

Mid America Mortgage

MOHELA

MoneyGram

Moneytree

Moody’s

Morgan Stanley

Morningstar

Mortgage Investors Group

Mr. Cooper

NASDAQ

Navient

Nelnet

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix A • Participants in the Executive Order Engagement Process

194

NextCapital Group

NOIC/Concord

Ocwen Financial

One Main Financial

Orchard Platform

PayPal

PeerIQ

PennyMac Financial Services

Plaid

PNC Financial

Primary Residential Mortgage

Prosper

Quicken Loans

Ripple

S&P Global

Select Portfolio Servicing

Sequoia Capital

Silicon Valley Bank

SoFi

Square

Stripe

T. Rowe Price

TD Ameritrade

The Clearing House Payments

Company

Toyota Financial Services

TransUnion

Tricadia Capital

TSYS

Two Sigma Investments

U.S. Bancorp

United Income

Upstart

Vanguard

Veritec Solutions

Veros

Viamericas

Visa

Wealthfront

WebBank

Wells Fargo Mortgage Servicing

Western Asset Management

Western Union

WorldPay (Vantiv)

ZestFinance

Appendix B

Table of Recommendations

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

197

Table of Recommendations

Embracing Digitization, Data, and Technology

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

Digitization

Telephone Consumer Protection Act (TCPA) and Fair Debt Collection Practices Act (FDCPA)

Treasury recommends that the FCC continue its efforts to address

the issue of unwanted calls through the creation of a reassigned num-

bers database. Treasury recommends that the FCC create a safe har-

bor for calls to reassigned numbers that provides callers a sufﬁcient

opportunity to learn the number has been reassigned.

FCC F, G

Treasury recommends that the FCC provide clear guidance on rea-

sonable methods for consumers to revoke consent under the TCPA.

Congress should consider statutory changes to the TCPA to mitigate

unwanted calls to consumers and provide for a revocation standard

similar to that provided under the FDCPA.

Congress FCC A, F

Treasury recommends that the Bureau promulgate regulations under

the FDCPA to codify that reasonable digital communications, espe-

cially when they reﬂect a consumer’s preferred method, are appropri-

ate for use in debt collection.

Bureau A, F

Consumer Financial Data

Consumer Access to Financial Account and Transaction Data

Treasury recommends that the Bureau afﬁrm that for purposes of

Section 1033, third parties properly authorized by consumers, includ-

ing data aggregators and consumer ﬁntech application providers, fall

within the deﬁnition of “consumer” under Section 1002(4) of Dodd-

Frank for the purpose of obtaining access to ﬁnancial account and

transaction data.

Bureau A, F

Treasury recommends that regulators such as the SEC, Financial

Industry Regulatory Authority, DOL, and state insurance regulators

recognize the beneﬁts of consumer access to ﬁnancial account and

transaction data in electronic form and consider what measures, if

any, may be needed to facilitate such access for entities under their

jurisdiction. However, Treasury recommends against further legislative

action to expand the scope of Section 1033 at this time.

Congress

SEC,

FINRA,

DOL,

State

Insurance

Regulators

Treasury recommends that the Bureau work with the private sector

to develop best practices on disclosures and terms and conditions

regarding consumers’ use of products and services powered by con-

sumer ﬁnancial account and transaction data provided by data aggre-

gators and ﬁnancial services companies. If necessary, the Bureau

should consider issuing principles-based disclosure rules pursuant to

its authority under Section 1032 of Dodd-Frank.

Bureau A, F

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

198

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

Treasury believes that consumers should have the ability to revoke

their prior authorization that permits data aggregators and ﬁntech

applications to access their ﬁnancial account and transaction data.

Data aggregators and ﬁntech applications should provide adequate

means for consumers to readily revoke the prior authorization. If nec-

essary, banking regulators and the SEC should consider issuing

rules that require ﬁnancial services companies to comply with a con-

sumer request to limit, suspend, or terminate access to the consum-

er’s ﬁnancial account and transaction data by data aggregators and

ﬁntech applications.

FRB,

FDIC,

OCC,

SEC

A, F

Treasury sees a need to remove legal and regulatory uncertainties cur-

rently holding back ﬁnancial services companies and data aggrega-

tors from establishing data sharing agreements that effectively move

ﬁrms away from screen-scraping to more secure and efﬁcient meth-

ods of data access. Treasury believes that the U.S. market would be

best served by a solution developed by the private sector, with appro-

priate involvement of federal and state ﬁnancial regulators. A potential

solution should address data sharing, security, and liability. Any solu-

tion should explore efforts to mitigate implementation costs for com-

munity banks and smaller ﬁnancial services companies with more lim-

ited resources to invest in technology.

FRB,

FDIC,

OCC,

SEC,

FINRA,

State

Regulators

Treasury recommends that any potential solution discussed in the prior

recommendation also address resolution of liability for data access. If

necessary, Congress and ﬁnancial regulators should evaluate whether

federal standards are appropriate to address these issues.

Congress

FRB, FDIC,

OCC, SEC,

FINRA,

State

Regulators

A, F

Treasury recommends that any potential solution discussed in the prior

recommendation address the standardization of data elements as part

of improving consumers’ access to their data. Any solution should draw

upon existing efforts that have made progress on this issue to date. If

necessary, Congress and ﬁnancial regulators should evaluate whether

federal standards are appropriate to address these issues.

Congress

FRB,

FDIC,

OCC,

SEC,

FINRA,

State

Regulators

A, F

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

199

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

Treasury recommends that the banking regulators remove ambiguity

stemming from the third-party guidance that discourages banks from

moving to more secure methods of data access such as APIs.

FRB,

FDIC,

OCC,

Bureau

A, F

To the extent that any additional regulation of data aggregation is nec-

essary, Treasury recommends that it occur at the federal level by reg-

ulators that have signiﬁcant experience in data security and privacy,

and that will have, through legislation if necessary, broad jurisdiction

to ensure equivalent treatment in the nonﬁnancial sector.

Congress F, G

Data Security and Breach Notiﬁcation

Treasury recommends that Congress enact a federal data security

and breach notiﬁcation law to protect consumer ﬁnancial data and

notify consumers of a breach in a timely manner. Such a law should

be based on the following principles: protect consumer ﬁnancial data;

ensure technology-neutral and scalable standards based on the size

of an entity and type of activity in which the entity engages; recognize

existing federal data security requirements for ﬁnancial institutions;

and employ uniform national standards that preempt state laws.

Congress F, G

Digital Legal Identity

Treasury recommends that ﬁnancial regulators work with Treasury to

enhance public-private partnerships to identify ways government can

eliminate unintended or unnecessary regulatory and other barriers and

facilitate the adoption of trustworthy digital legal identity products and

services in the ﬁnancial services sector. Treasury also recognizes that

the development of digital legal identity products and services in the

ﬁnancial services sector should be implemented in a manner that is

compatible with solutions developed across other sectors of the U.S.

economy and government.

Treasury,

FinCEN,

FRB,

FDIC,

OCC,

SEC,

State

Regulators

Treasury supports the efforts of OMB to fully implement the long-

delayed U.S. government federated digital identity system. Treasury

recommends policies that would restore a public-private partnership

model to create an interoperable digital identity infrastructure and

identity solutions that comply with NIST guidelines and would reinvig-

orate the role of U.S. government-certiﬁed private sector identity pro-

viders, promoting consumer choice and supporting a competitive digi-

tal identity marketplace.

OMB,

GSA,

Commerce

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

200

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

The Potential of Scale

Cloud Technologies and Financial Services

Treasury recommends that federal ﬁnancial regulators modernize their

requirements and guidance (e.g., vendor oversight) to better provide

for appropriate adoption of new technologies such as cloud comput-

ing, with the aim of reducing unnecessary barriers to the prudent and

informed migration of activities to the cloud. Speciﬁc actions U.S. reg-

ulators should take include: formally recognizing independent U.S.

audit and security standards that sufﬁciently meet regulatory expecta-

tions; addressing outdated record keeping rules like SEC Rule 17a-

4; clarifying how audit requirements may be met; setting clear and

appropriately tailored chain outsourcing expectations; and providing

staff examiners appropriate training to implement agency policy on

cloud services.

FRB,

FDIC,

OCC,

SEC,

CFTC,

SROs

D, F

Treasury recommends that a cloud and ﬁnancial services working

group be established among ﬁnancial regulators so that cloud poli-

cies can beneﬁt from deep and sustained understanding by regula-

tory authorities. Financial regulators should support potential policies

by engaging key industry stakeholders, including providers, users, and

others impacted by cloud services. U.S. ﬁnancial regulators should

seek to promote the use of cloud technology within the existing U.S.

regulatory framework to help ﬁnancial services companies reduce the

risks of noncompliance as well as the costs associated with meeting

multiple and sometimes conﬂicting regulations. Regulators should be

wary of imposing data localization requirements and should instead

seek other supervisory or appropriate technological solutions to

potential data security, privacy, availability, and access issues.

Treasury,

FRB,

FDIC,

OCC,

SEC,

CFTC,

SROs

D, F

Big Data, Machine Learning, and Artiﬁcial Intelligence in Financial Services

Regulators should not impose unnecessary burdens or obstacles to

the use of AI and machine learning and should provide greater regu-

latory clarity that would enable further testing and responsible deploy-

ment of these technologies by regulated ﬁnancial services companies

as the technologies develop.

Federal

and State

Financial

Regulators

D, F

Treasury recommends that ﬁnancial regulators engage with the

Select Committee on Artiﬁcial Intelligence, in addition to pursuing

other strategic interagency AI efforts. Engagement in such efforts

should emphasize use-cases and applications in the ﬁnancial ser-

vices industry, including removing regulatory barriers to deployment of

AI-powered technologies.

Federal

Financial

Regulators

D, F

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

201

Aligning the Regulatory Framework to Promote Innovation

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

Modernizing Regulatory Frameworks for National Activities

Improving the Clarity and Efﬁciency of Our Regulatory Frameworks

Treasury supports state regulators’ efforts to build a more uniﬁed licens-

ing regime and supervisory process across the states. Such efforts

might include adoption of a passporting regime for licensure. However,

critical to this effort are much more accelerated actions by state legisla-

tures and regulators to effectively reduce unnecessary inconsistencies

across state laws and regulations to achieve much greater levels of har-

monization. Treasury recommends that if states are unable to achieve

meaningful harmonization across their licensing and supervisory regimes

within three years, Congress should act to encourage greater unifor-

mity in rules governing lending and money transmission to be adopted,

supervised, and enforced by state regulators.

Congress

State

Regulators

A, D, F

Treasury recommends that the OCC move forward with prudent and

carefully considered applications for special purpose national bank char-

ters. OCC special purpose national banks should not be permitted to

accept FDIC-insured deposits, to reduce risks to taxpayers. The OCC

should consider whether it is appropriate to apply ﬁnancial inclusion

requirements to special purpose national banks. The Federal Reserve

should assess whether OCC special purpose national banks should

receive access to federal payment services.

FRB,

OCC

A, B, D, F

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

202

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

Federal banking regulators should, in coordination, review current third-

party guidance through a notice and comment process. U.S. bank-

ing regulators should further harmonize their guidance with a greater

emphasis on (1) improving the current tailoring and scope of application

of guidance upon third-party vendors to improve the efﬁciency of over-

sight and (2) enabling innovations in a safe and prudent manner. Such a

review should speciﬁcally consider how to:

• Further develop the framework to regulate bank partnerships with

ﬁntech lenders to apply strong and tailored regulatory oversight

while also supporting efforts by banks, particularly smaller commu-

nity banks, to partner with ﬁntechs.

• Provide greater clarity around the vendor oversight requirements for

cloud service providers, including clarifying how third-party guid-

ance should apply to a third-party’s sub-contractors, like cloud ser-

vice providers (i.e., fourth party vendors).

• Support more secure methods for consumers to access their ﬁnan-

cial data, such as through API agreements between banks and

data aggregators.

• Identify common tools banks can leverage as part of due diligence

efforts, such as robust independent audits, recognized certiﬁca-

tions, and collaboration among institutions in an effort to enhance

efﬁciencies and reduce costs.

• Maintain ongoing efforts with other federal and state regulators to

identify opportunities for harmonization as appropriate.

Looking ahead and recognizing the dynamic nature of ﬁnancial technol-

ogy developments, the banking regulators should be prepared to ﬂexi-

bly adapt their third-party risk relationships framework to emerging tech-

nology developments in ﬁnancial services. Moreover, banking regulators

should consider how to make examiners’ application of interagency

guidance on third-party relationships more consistent across and within

the agencies.

FRB,

FDIC,

OCC

A, D, F, G

Treasury recommends that the Federal Reserve consider how to reas-

sess the deﬁnition of BHC control to provide ﬁrms a simpler and more

transparent standard to facilitate innovation-related investments. This

recommendation is consistent with public comments by Federal Reserve

ofﬁcials who have called for reassessing this issue. In addition, the bank-

ing regulators should interpret banking organizations’ permitted scope

of activities in a harmonized manner as permitted by law wherever possi-

ble and in a manner that recognizes the positive impact that changes in

technology and data can have in the delivery of ﬁnancial services.

FRB,

FDIC,

OCC

A, D, F, G

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

203

Updating Activity-Speciﬁc Regulations

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

Lending and Servicing

Marketplace Lending

Treasury recommends that Congress codify the “valid when made” doc-

trine to preserve the functioning of U.S. credit markets and the long-

standing ability of banks and other ﬁnancial institutions, including mar-

ketplace lenders, to buy and sell validly made loans without the risk of

coming into conﬂict with state interest rate limits. Additionally, the federal

banking regulators should use their available authorities to address chal-

lenges posed by Madden.

Congress

FRB,

FDIC,

OCC

A, F

Treasury recommends that Congress codify that the existence of a ser-

vice or economic relationship between a bank and a third party (includ-

ing ﬁnancial technology companies) does not affect the role of the bank

as the true lender of loans it makes. Further, federal banking regulators

should also reafﬁrm (through additional clariﬁcation of applicable com-

pliance and risk-management requirements, for example) that the bank

remains the true lender under such partnership arrangements.

Congress

FRB,

FDIC,

OCC

A, F

Treasury recognizes the role of state laws and oversight in protecting

consumers, but such state regulation should not occur in a manner that

hinders bank partnership models already operating in a safe and sound

manner with appropriate consumer protections. Treasury recommends

that states revise credit services laws to exclude businesses that solicit,

market, or originate loans on behalf of a federal depository institution pur-

suant to a partnership agreement.

States A, F

Mortgage Lending and Servicing

Treasury recommends that Ginnie Mae pursue acceptance of eNotes

and supports the measures outlined in its Ginnie Mae 2020 roadmap to

more broadly develop its digital capabilities.

HUD /

Ginnie

Mae

A, F

Treasury recommends Congress appropriate for FHA the funding it has

requested for technology upgrades in the President’s Fiscal Year 2019

Budget — a portion of which FHA would use to improve the digitization

of loan ﬁles. In addition, FHA, VA, and USDA should explore the develop-

ment of shared technology platforms, including for certain origination and

servicing activities.

Congress

HUD /

FHA,

VA /

USDA

A, F

Treasury recommends the FHLBs explore ways to address their con-

cerns regarding eNotes with the goal of accepting eNotes on collateral

pledged to secure advances.

FHLBs A, F

Treasury recommends that Congress revisit Title XI FIRREA appraisal

requirements to update them for developments that have occurred in the

market during the past thirty years. An updated appraisal statute should

account for the development of automated and hybrid appraisal prac-

tices and sanction their use where the characteristics of the transaction

and market conditions indicate it is prudent to do so.

Congress A, F

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

204

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

Treasury recommends FHA and other government loan programs

develop enhanced automated appraisal capabilities to improve origina-

tion quality and mitigate the credit risk of overvaluation. These programs

may also wish to consider providing targeted appraisal waivers where

a high degree of property standardization and information about credit

risk exists to support automated valuation, and where the overall risks of

the mortgage transaction make such a waiver appropriate. Treasury sup-

ports legislative action where statutory changes are required to authorize

granting limited appraisal waivers for government programs.

Congress

HUD /

FHA, VA,

USDA

A, F

Treasury further recommends that government loan programs explore

opportunities to leverage industry-leading technology capabilities to

reduce costs to taxpayers and accelerate adoption of new technology in

the government-insured sector.

HUD /

FHA, VA,

USDA

A, F

Treasury recommends that states yet to authorize electronic and remote

online notarization pursue legislation to explicitly permit the application of

this technology and the interstate recognition of remotely notarized docu-

ments. Treasury recommends states align laws and regulations to further

standardize notarization practices.

States A, F

Treasury recommends Congress consider legislation to provide a mini-

mum uniform standard for electronic and remote online notarizations.

Congress A, F

Treasury recommends that recording jurisdictions yet to recognize and

accept electronic records implement the necessary technology updates

to process and record these documents and to pursue digitization of

existing property records.

States A, F

To address the perception associated with the use of the FCA on mort-

gage loans insured by the federal government, Treasury recommends that

HUD establish more transparent standards in determining which program

requirements and violations it considers to be material to assist DOJ in

determining which knowing defects to pursue. In doing so, Treasury rec-

ommends that:

• FHA clarify the remedies and liabilities lenders and servicers face,

which could include, where appropriate, remedies such as indemniﬁ-

cation and/or premium adjustments. Remedies should be correlated

to the Defect Taxonomy.

• FHA should continue to review and reﬁne its lender and loan certiﬁ-

cations and its loan review system, including the Defect Taxonomy.

Lenders that make errors deemed immaterial to loan approval should

receive safe harbor from a denial of claim and forfeiture of premi-

ums. Lenders should receive a similar safe harbor for material viola-

tions that are cured based on remedies prescribed by FHA absent

patterns which indicate a systemic issue.

• HUD, in determining the appropriate remedies for violations of its

program requirements, should consider the systemic nature of the

problem, involvement or knowledge of the lender’s senior manage-

ment, overall quality of the originations of a speciﬁc lender, and

whether or to what extent the loan defect may have impacted the

incidence or severity of the loan default.

HUD /

FHA

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

205

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

Treasury recommends that DOJ ensure that materiality for purposes of

the FCA is linked to the standards in place at the agency administer-

ing the program to which the claim has been ﬁled, and that DOJ and

HUD work together to clarify the process by which mutual agreement

is reached on the resolution of claims. Where a relator pursues qui tam

action against a lender for a nonmaterial error or omission, DOJ, in con-

sultation with HUD and FHA, should exercise its statutory authority to

seek dismissal.

DOJ,

HUD

Treasury recommends Congress consider appropriate remedial legis-

lation if the recommended administrative actions are unsuccessful at

achieving the desired result of increasing lender and servicer participa-

tion in federal mortgage programs.

Congress F

Treasury recommends that federally supported mortgage programs

explore standardizing the most effective features of a successful loss mit-

igation program across the federal footprint. Such standardization should

broadly align a loss mitigation approach that facilitates effective and efﬁ-

cient loan modiﬁcations when in the ﬁnancial interest of the borrower and

investor, promotes transparency, reduces costs, and mitigates the impact

of defaults on housing valuations during downturns.

FHFA /

GSEs,

HUD /

FHA, VA,

USDA

Treasury recommends HUD continue to review FHA servicing practices

with the intention to increase certainty and reduce needlessly costly and

burdensome regulatory requirements, while fulﬁlling FHA’s statutory obliga-

tion to the Mutual Mortgage Insurance Fund (MMIF). In particular, Treasury

recommends that FHA consider administrative changes to how penal-

ties are assessed across FHA’s multi-part foreclosure timeline to allow for

greater ﬂexibility for servicers to miss intermediate deadlines while adher-

ing to the broader resolution timeline, as well as to better align with federal

loss mitigation requirements now in place through the Bureau.

HUD /

FHA

A, F

Treasury recommends FHA explore changes to its property conveyance

framework to reduce costs and increase efﬁciencies by addressing the

frequent and costly delays associated with the current process. As an

additional measure, Treasury recommends that FHA continue to make

appropriate use of, and consider expanding, programs which reduce the

need for foreclosed properties to be conveyed to HUD, such as Note

Sales and FHA’s Claim Without Conveyance of Title.

HUD /

FHA

A, F

Treasury recommends that states pursue the establishment of a

model foreclosure law, or make any modiﬁcations they deem appropri-

ate to an existing law, and amend their foreclosure statutes based on

that model law.

States A, F

Treasury recommends federally supported housing programs, includ-

ing those administered by FHA, USDA, and VA, and the GSEs, explore

imposing guaranty fee and insurance fee surcharges to account for

added costs in states where foreclosure timelines signiﬁcantly exceed

the national average.

FHFA /

GSEs,

HUD /

FHA, VA,

USDA

A, F

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

206

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

Treasury recommends that Ginnie Mae collaborate with FHFA, the

GSEs, and the Conference of State Bank Supervisors to expand and

align standard, detailed reporting requirements on nonbank counterparty

ﬁnancial health, including terms and covenants associated with funding

structures, to provide conﬁdence that taxpayers are protected during a

period of severe market stress.

HUD /

Ginnie

Mae,

FHFA /

GSEs,

CSBS

Treasury supports Ginnie Mae’s consideration of enhancing its counter-

party risk mitigation approach, including through the imposition of stress

testing requirements that can provide information on the ﬁnancial health

of servicer counterparties across an economic cycle.

HUD /

Ginnie

Mae

Treasury recommends Ginnie Mae have sufﬁcient ﬂexibility to charge

guaranty fees appropriate to cover additional risk arising from changes in

the overall market or at the program level.

Congress B

Treasury recommends a comprehensive assessment of Ginnie Mae’s

current stafﬁng and contracting policies, including the costs and bene-

ﬁts of alternative pay and/or contracting structures. Ginnie Mae would be

better equipped to manage its program and monitor counterparty risk if

it were able to more readily attract personnel with requisite expertise by

paying salaries comparable to those at other ﬁnancial agencies with pre-

mium pay authority. Additionally, being able to adopt similar contracting

procedures as other agencies that are outside of federal acquisition stat-

utes and regulations would enable Ginnie Mae to more effectively mon-

itor and respond to changing market conditions and needs. However,

any change to Ginnie Mae’s personnel or contracting policies should

be informed by a comprehensive assessment of current challenges. The

potential beneﬁts of alternative pay and/or contracting structures should

be weighed against the additional federal costs that would be incurred.

Congress

HUD /

Ginnie

Mae

Student Lenders and Servicers

Education should establish guidance on minimum standards specify-

ing how servicers should handle decisions with signiﬁcant ﬁnancial impli-

cations (e.g., payment application across loans, prioritizing repayment

plans, and use of deferment and forbearance options), minimum contact

requirements, standard monthly statements, and timeframes for com-

pleting certain activities (e.g., processing forms or correcting speciﬁc

account issues). Treasury applauds the required use of Education brand-

ing on servicing materials in the new Direct Loan servicing procurement

to reduce borrower confusion.

ED F

In Education’s new Direct Loan Servicing contract, Education should

require student loan servicers to make greater use of emails and provide

guidance to servicers on how to use email appropriately to balance pri-

vacy and security concerns with the need for effective and timely com-

munication. All emails sent to federal student loan borrowers should pro-

vide enough information for borrowers to easily discern whether action

must be taken on their account.

ED A, F

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

207

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

Education should contract with providers of secure e-signature soft-

ware and cloud technology for use by federal student loan servicers on

all forms.

ED F

Education’s Ofﬁce of Federal Student Aid should include in its manage-

ment team individuals with signiﬁcant expertise in managing large con-

sumer loan portfolios.

ED B, F

Education should take steps to address existing data quality issues to

better monitor and manage portfolio performance. Education should

increase transparency by publishing greater portfolio performance data,

servicer performance data, and cost estimation analysis on its website

to give stakeholders greater insight into Education’s management of the

taxpayer investment in higher education.

ED B, F

Treasury supports legislative efforts to implement a risk-sharing program

for institutions participating in the federal student loan program based on

the amount of principal repaid following ﬁve years of payments. Schools

whose students have systematically low loan repayment rates should

be required to repay small amounts of federal dollars in order to pro-

tect taxpayers’ growing investment in the federal student loan program.

Congress should consider how to address schools with systematically

low repayment rates but large populations of disadvantaged students.

Congress ED F

Short-Term, Small-Dollar Installment Lending

Treasury recognizes and supports the broad authority of states that have

established comprehensive product restrictions and licensing require-

ments on nonbank short-term, small-dollar installment lenders and their

products. As a result, Treasury believes additional federal regulation is

unnecessary and recommends the Bureau rescind its Payday Rule.

Bureau F, G

Treasury recommends the federal and state ﬁnancial regulators take

steps to encourage sustainable and responsible short-term, small-dol-

lar installment lending by banks. Speciﬁcally, Treasury recommends that

the FDIC reconsider its guidance on direct deposit advance services

and issue new guidance similar to the OCC’s core lending principles for

short-term, small-dollar installment lending.

FRB,

FDIC,

OCC,

Bureau,

State

Financial

Regulators

A, D, F

Debt Collection

Treasury recommends the Bureau establish minimum effective federal

standards governing the collection of debt by third-party debt collec-

tors. Speciﬁcally, these standards should address the information that is

transferred with a debt for purposes of debt collection or in a sale of the

debt. Further, the Bureau should determine whether the existing FDCPA

standards for validation letters to consumers should be expanded to

help the consumer assess whether the debt is owed and determine an

appropriate response to collection attempts. Treasury does not support

broad expansion of the FDCPA to ﬁrst-party debt collectors absent further

Congressional consideration of such action.

Bureau F, G

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

208

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

IRS Income Veriﬁcation

It is important that IRS update its income veriﬁcation system to lever-

age a modern, technology-driven interface that protects taxpayer infor-

mation and enables automated and secure data sharing with lenders or

designated third parties. Treasury recommends Congress fund IRS mod-

ernization, which would include upgrades that will support more efﬁcient

income veriﬁcation.

Congress Treasury D, F, G

New Credit Models and Data

Treasury recognizes that these new credit models and data sources have

the potential to meaningfully expand access to credit and the quality of

ﬁnancial services. Treasury, therefore, recommends that federal and state

ﬁnancial regulators further enable the testing of these newer credit mod-

els and data sources by both banks and nonbank ﬁnancial companies.

Federal

and State

Financial

Regulators

A, D

Regulators, through interagency coordination wherever possible, should

tailor regulation and guidance to enable the increased use of these mod-

els and data sources by reducing uncertainties. In particular, regulators

should provide regulatory clarity for the use of new data and modeling

approaches that are generally recognized as providing predictive value

consistent with applicable law for use in credit decisions.

Federal

and State

Financial

Regulators

D, F, G

Regulators should in general be willing to recognize and value innovation

in credit modelling approaches. Regulators should enable prudent exper-

imentation with the aim of working through various issues raised, which

may in turn require new approaches to supervision and oversight.

Federal

and State

Financial

Regulators

D, F, G

Credit Bureaus

The FTC should retain its rulemaking and enforcement authority for non-

bank ﬁnancial companies under the GLBA. Additionally, Treasury recom-

mends that the relevant agencies use appropriate authorities to coordi-

nate regulatory actions to protect consumer data held by credit reporting

agencies and that Congress continue to assess whether further authority

is needed in this area.

Congress

FTC,

Bureau

F, G

Treasury recommends that Congress amend CROA to exclude the

national credit bureaus and national credit scorers (i.e., credit scoring

companies utilized by ﬁnancial institutions when making credit decisions)

from the deﬁnition of “credit repair organization” in CROA.

Congress F, G

InsurTech

Lawmakers, policymakers, and regulators should take coordinated steps

to encourage the development of innovative insurance products and

practices in the United States. Domestically, this includes consideration

of improving product speed to market, creating increased regulatory ﬂexi-

bility, and harmonizing inconsistent laws and regulations.

Congress

Federal

and State

Financial

Regulators

F, G

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

209

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

Treasury’s Federal Insurance Ofﬁce, which provides insurance expertise

in the federal government, should work closely with state insurance regu-

lators, the NAIC, and federal agencies on InsurTech issues.

Treasury,

Insurance

Regulators,

NAIC

F, G

Payments

Money Transmitters

Treasury supports the Bureau’s ongoing efforts to reassess Regulation E.

Treasury recommends that the Bureau provide more ﬂexibility regarding

the issuance of Regulation E disclosures and raise the current 100 trans-

fer per annum threshold for applicability of the de minimis exemption.

Bureau A, C, F, G

Faster Payments

Treasury recommends that the Federal Reserve set public goals and

corresponding deadlines consistent with the overall conclusions of the

Faster Payments Task Force’s ﬁnal report.

FRB C, D, F

Treasury recommends that the Federal Reserve move quickly to facili-

tate a faster retail payments system, such as through the development

of a real-time settlement service, that would also allow for more efﬁcient

and ubiquitous access to innovative payment capabilities. In particu-

lar, smaller ﬁnancial institutions, like community banks and credit unions,

should also have the ability to access the most-innovative technologies

and payment services.

FRB C, D

Secure Payments

Treasury recommends that continued work in the area of payment secu-

rity include an actionable plan for future work, and ensure that solutions,

especially in security, do not include speciﬁc tech mandates.

FRB,

Treasury,

Federal

Financial

Regulators

D, F

Wealth Management and Digital Financial Planning

Treasury believes that appropriate protection for clients of ﬁnancial plan-

ners, digital and otherwise, can be achieved without imposing either

a fragmented regulatory structure or creating new regulatory entities.

Treasury recommends that an appropriate existing regulator of a ﬁnancial

planner, whether federal or state, be tasked as the primary regulator with

oversight of that ﬁnancial planner and other regulators should exercise

regulatory and enforcement deference to the primary regulator. To the

extent that the ﬁnancial planner is providing investment advice, the rele-

vant regulator will likely be the SEC or a state securities regulator.

SEC,

FINRA,

DOL,

Bureau,

FRB,

OCC,

FDIC,

State

Regulators

A, F, G

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

210

Enabling the Policy Environment

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

Agile and Effective Regulation for a 21st Century Economy

Regulatory Sandboxes

Treasury recommends that federal and state ﬁnancial regulators establish

a uniﬁed solution that coordinates and expedites regulatory relief under

applicable laws and regulations to permit meaningful experimentation for

innovative products, services, and processes. Such efforts would form,

in essence, a “regulatory sandbox” that can enhance and promote inno-

vation. If ﬁnancial regulators are unable to fulﬁll those objectives, how-

ever, Treasury recommends that Congress consider legislation to provide

for a single process consistent with the principles detailed in the report,

including preemption of state laws if necessary.

Congress

Federal

and State

Financial

Regulators,

SROs

D, F, G

Agile Regulation

Treasury recommends that Congress enact legislation authorizing ﬁnan-

cial regulators to use other transaction authority for research and devel-

opment and proof-of-concept technology projects. Regulators should

use this authority to engage with the private sector to better understand

new technologies and innovations and their implications for market par-

ticipants, and to carry out their regulatory responsibilities more effectively

and efﬁciently.

Congress

Federal

Financial

Regulators

D, F

Treasury encourages regulators to appropriately tailor regulations to

ensure innovative technology companies providing tools to regulated

ﬁnancial services companies can continue to drive technological efﬁcien-

cies and cost reductions. Treasury encourages regulators to seek out

and explore innovative partnerships with ﬁnancial services companies

and regtech ﬁrms alike to better understand new technologies that have

the potential to improve the execution of their own regulatory responsibil-

ities more effectively and efﬁciently.

Federal

and State

Financial

Regulators

D, F

Treasury recommends that ﬁnancial regulators pursue robust engage-

ment efforts with industry and establish clear points of contact for indus-

try and consumer outreach. Treasury recommends that ﬁnancial regu-

lators increase their efforts to bridge the gap between regulators and

start-ups, including efforts to engage in different parts of the country

rather than requiring entities to come to Washington, D.C.

Federal

and State

Financial

Regulators,

SROs

D, F, G

Treasury recommends that ﬁnancial regulators periodically review exist-

ing regulations as innovations occur and new technology is developed

and determine whether such regulations fulﬁll their original purpose in

the least costly manner.

Federal

and State

Financial

Regulators,

SROs

D, F, G

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix B • Table of Recommendations

211

Recommendation

Policy Responsibility

Core

Principle

Congress Regulator

Treasury recommends that ﬁnancial regulators engage at both the

domestic and international levels, as ﬁnancial technology in many cases

is borderless. Treasury encourages international initiatives by ﬁnancial

regulators to increase their knowledge of ﬁntech developments in other

nations.

Federal

Financial

Regulators

D, E, F

Critical Infrastructure

Treasury recommends that ﬁnancial regulators thoroughly consider

cybersecurity and other operational risks as new technologies are imple-

mented, ﬁrms become increasingly interconnected, and consumer data

are shared among a growing number of ﬁrms, including third parties.

Federal

and State

Financial

Regulators,

SROs

B, C, D, F

Treasury recommends that the FBIIC consider establishing a technology

working group charged with better understanding the technologies that

ﬁrms are increasingly relying upon, and staying well-informed regarding

innovation taking place within the sector.

FBIIC F, G

Treasury commits to leading a multiyear program with the ﬁnancial ser-

vices industry to identify, properly protect, and remediate vulnerabilities.

Treasury F, G

International Approaches and Consideration

International Engagement

Treasury recommends continued participation by relevant experts in

international forums and standard-setting bodies to share experiences

regarding respective regulatory approaches and to beneﬁt from lessons

learned. Treasury will work to ensure actions taken by international orga-

nizations align with U.S. national interests and the domestic priorities of

U.S. regulatory authorities.

Federal

Financial

Regulators,

Treasury

D, E

Treasury and U.S. ﬁnancial regulators should engage with the private

sector with respect to ongoing work programs at international bodies to

ensure regulatory approaches are appropriately calibrated.

Federal

Financial

Regulators,

Treasury

D, E

Treasury and U.S. ﬁnancial regulators should proactively engage with

international organizations to ensure that they are adhering to their core

mandates.

Federal

Financial

Regulators,

Treasury

D, E

Appendix C

Additional Background

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

215

Additional Background

Payments

Credit Card Networks

ere are four predominant credit card networks in the United States that function through two

dierent business models. ese networks and business models were started, built, and remain

as private-sector solutions that continue to be largely governed by private agreements instead of

government mandates. e rst model, a decentralized “open-loop” model of networks (e.g., Visa

and Mastercard), began as associations that were jointly owned by banking institutions, but today

are public companies. In this model, banks control the relationships with customers by issuing

credit cards to consumers and signing up merchants for acquirer relationships. In this sense, the

network is essentially a clearinghouse that facilitates acceptance and transaction routing for a fee;

the banks generally set terms with their individual and business customers through contract.

Open-loop networks maintain their own rulebooks and limit their membership to licensed and

regulated nancial institutions. For example, in the United States, a member is required to be

a depository institution or a chartered limited purpose national bank; in Europe, a member is

required to be either a depository institution or a Payment Service Provider licensed under the

Payment Services Directive.

540

e dierence in licensing and chartering of various types of nan-

cial rms between the United States and other jurisdictions is a factor in the breadth of direct

access to payment networks. Other jurisdictions such as the United Kingdom and India allow for a

specialty kind of payment rm to be licensed and regulated by the Financial Conduct Authority

541

or Reserve Bank of India,

542

respectively. Such a licensing regime creates a regulatory framework for

nondepository institutions that sets eligibility requirements for potential card network access.

543

However, these are baseline institutional eligibility criteria, and membership is not guaranteed just

because such criteria are met — the card networks also have additional requirements and standards

that must be met, such as having an eective AML regime.

e second model is a more centralized “closed-loop” structure (e.g., American Express and

Discover). ese rms, which also maintain their own rulebooks, are bank holding companies that

run the payment network and control customer relationships by issuing cards and contracting with

540. See Visa, Visa Europe Membership (2015), at 4, available at: https://www.visaeurope.com/media/

images/44959_visa_membership_access_a4_pdf-73-25878.pdf.

541.

See Financial Conduct Authority, Authorisation and Registration: E-money and Payment

Institutions (last updated Mar. 23, 2018), available at: https://www.fca.org.uk/ﬁrms/

authorisation-registration-emoney-payment-institutions.

542.

Reserve Bank of India, Press Release—RBI Releases Guidelines for Licensing of Payments Banks (Nov. 27,

2014), available at: https://rbi.org.in/scripts/BS_PressReleaseDisplay.aspx?prid=32615.

543.

U.S. law allows the OCC to charter a special purpose credit card national bank, including a version that is exempt

from requirements of the Bank Holding Company Act. This charter is only for banks whose predominant business

is credit cards. See Ofﬁce of the Comptroller of the Currency, Comptroller’s Licensing Manual: Charters (Sept.

2016), at 51–54, available at: https://www.occ.treas.gov/publications/publications-by-type/licensing-manuals/

charters.pdf. This charter is not common. As of March 31, 2018, only nine such bank charters were active. Ofﬁce

of the Comptroller of the Currency, Credit Card Banks Active As of 3/31/2018, available at: https://www.occ.

treas.gov/topics/licensing/national-banks-fed-savings-assoc-lists/credit-card-by-name-pdf.pdf.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix C • Additional Background

216

merchants themselves.

544

e open-loop networks authorize and clear the majority of credit card

transactions. e open-loop, four-party credit card network model is illustrated below.

American Express and Discover, as bank holding companies, are subject to supervision and over-

sight by the Federal Reserve (and the banking regulator with jurisdiction over their banking sub-

sidiaries) and the full suite of banking regulations. Visa and Mastercard are subject to regulation

through the Bank Service Company Act as third-party service providers to banking organizations.

544. American Express and Discover now license their brands for issuance by other banking institutions in certain

cases.

Payment

network

(like Mastercard

and Visa)

Acquiring

bank

Issuing

bank

Figure C1: Credit Card Networks

Consumers Merchant

7 8

The consumer pays a merchant with a credit card

The merchant then electronically transmits the data through the applicable Association’s electronic network

to the issuing bank for authorization

If approved, the merchant receives authorization to capture the transaction, and the cardholder accepts

liability, usually by signing the sales slip

The merchant receives payment, net of fees, by submitting the captured credit card transactions to its bank

(the acquiring bank) in batches or at the end of the day

The acquiring bank forwards the sales draft data to the applicable Association, which in turn forwards the

data to the issuing bank.

The Association determines each bank’s net debit position. The Association’s settlement ﬁnancial institution

coordinates issuing and acquiring settlement positions. Members with net debit positions (normally the

issuing banks) send funds to the Association’s settlement ﬁnancial institution, which transmits owed funds

to the receiving bank (generally the acquiring banks).

The settlement process takes place using a separate payment network such as Fedwire

The issuing bank presents the transaction on the cardholder’s next billing statement

The cardholder pays the bank, either in full or via monthly payments

Source: Federal Deposit Insurance Corporation, Risk Management Examination Manual for Credit Card Activities (2007), at 165.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix C • Additional Background

217

Debit Card Networks

Debit card networks are similar to credit card networks in that they are all private entities that

maintain their own rules, regulations, and fee structures through private agreements and industry

standards. Debit card networks are distinct in that they process a dierent type of transaction.

Credit cards underlie a loan account with a bank — in authorizing the transaction, the card

network is asking if the bank wants to approve addition to an open line of credit. Debit cards are

attached to a pre-funded bank account — in authorizing the transaction, the card network is, in

essence, asking the bank if sucient funds are available for payment.

545

ere are two dierent types of debit networks in the United States: signature debit

546

and PIN

debit.

547

Whereas all debit networks generally function as four-party systems (like the credit card

networks) the infrastructure diers slightly between signature and PIN networks. Signature debit

uses the credit card network infrastructure, and thus requires a “dual-message” — one message for

authentication and one message for clearing. PIN debit, which evolved from ATM networks, uses

a “single-message” authentication and clearing method whereby all the information is transmitted

in one message.

548

is aects the speed of clearance and settlement between the two types of

networks. Dual-message transactions are stored and then combined in a batch that is sent all at

one time to the network providers. is is typically done once a day, but depending on merchant

volume could be done more or less frequently. Single-message transactions have all the informa-

tion necessary to clear the transaction at the time of authentication, with no need for batching or

separate clearance. For both network types, there is only one settlement cuto time, which is when

funds are moved and interchange fees are determined. e speed at which this process is completed

varies from same day for single-message, and upward of two days for dual-message.

549

Signature debit networks generally charge higher interchange fees than PIN debit networks.

According to the Federal Reserve, for all transactions for year-end 2016, the average interchange

fees per transaction were for signature debit $0.33 (0.89% of average transaction value), and for

PIN debit $0.24 (0.64% of average transaction value).

550

Signature debit networks are owned by

the branded credit card networks whose logo is shown on the front of a debit card. PIN debit

networks are owned both by credit card networks as well as merchant processors that provide

back-end service; they are listed on the reverse side of a debit card.

545. This represents the basic structure of the transactions. Nuances may exist, for instance, banks may allow cus-

tomers to overdraw, or let the balance go below zero on their bank accounts.

546.

Signature debit networks: Visa, Mastercard, and Discover.

5 47. PIN debit networks (parent company): ACCEL (Fiserv), AFFN (FIS), ATH (Evertec), Credit Union 24 (Credit

Union co-op), Interlink (Visa), Jeanie (Vantiv), Maestro (Mastercard), NetWorks, NYCE (FIS), PULSE (Discover),

SHAZAM (member owned), STAR (First Data), and China UnionPay.

548.

Debit Card Interchange Fees and Routing (June 30, 2011) [76 Fed. Reg. 43394, 43395 (July 20, 2011)].

549. Susan Herbst-Murphy, Clearing and Settlement of Interbank Card Transactions: A MasterCard Tutorial for

Federal Reserve Payments Analysts, Federal Reserve Bank of Philadelphia Discussion Paper (2013), at 7-13,

22, available at: https://www.philadelphiafed.org/-/media/consumer-ﬁnance-institute/payment-cards-center/

publications/discussion-papers/2013/D-2013-October-Clearing-Settlement.pdf.

550.

Board of Governors of the Federal Reserve System, Average Debit Card Interchange Fee by Payment Card

Network (last updated July 14, 2017), available at: https://www.federalreserve.gov/paymentsystems/regii-aver-

age-interchange-fee.htm.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix C • Additional Background

218

Regulation of debit cards and credit cards is dierent. While both types of card transaction are

regulated for consumer protection purposes, the rules derive from dierent statutes

551

and the

implementing regulations

552

are codied separately. In some cases, these two regulations may have

similar requirements that are implemented dierently due to the nature of the product, such as con-

sumer disclosures. Other requirements may be completely distinct, like the Durbin Amendment’s

application solely for debit cards.

553

And yet other requirements may be superseded by stricter

contractual requirements imposed by the card networks, such as the card networks’ requirement

that all unauthorized card transactions carry zero liability for the cardholder.

554

As for usage, debit cards see higher transaction volumes and values than credit cards. is disparity

has been true for more than a decade and the popularity of debit cards in relation to credit cards

continues to grow.

551. Credit cards: Truth in Lending Act, 15 U.S.C. § 1601 et seq.; Debit cards: Electronic Fund Transfer Act, 15

U.S.C. § 1693 et seq.

552.

Credit cards: Regulation Z, 12 C.F.R. § 1026 et seq.; Debit cards: Regulation E, 12 C.F.R. § 1005 et seq.

553.

15 U.S.C. § 1693o-2.

554. See Visa, Visa Core Rules and Visa Product and Service Rules, Rule 1.4.6.1 (updated Oct. 2017), available at:

https://usa.visa.com/dam/VCOM/download/about-visa/visa-rules-public.pdf.

Figure C2: Total Number of Card Payments (billions) and Value ($ trillions)

2015 2016

Number Value Number Value

Total card payments 103.5 5.65 111.1 5.98

Debit cards 69.6 2.56 73.8 2.7

Non-prepaid 59 2.27 63 2.41

In person 49.5 1.58 52.1 1.66

Chip 0.4 0.02 8.4 0.37

No chip 49.1 1.56 43.7 1.29

Remote 9.5 0.69 10.9 0.75

Prepaid 10.6 0.3 10.7 0.29

General purpose 4.3 0.15 4.4 0.15

In person 3.6 0.1 3.6 0.1

Chip 0 0 0.1 0.01

No chip 3.6 0.1 3.5 0.1

Remote 0.8 0.05 0.8 0.05

Private label 3.6 0.07 3.8 0.07

Electronic beneﬁts transfers (EBT) 2.6 0.08 2.5 0.07

Credit cards 33.9 3.08 37. 3 3.27

General purpose 31 2.8 34.3 3

In person 21.7 1.3 23.4 1.36

Chip 1 0.08 6.6 0.47

No chip 20.7 1.22 16.8 0.89

Remote 9.3 1.5 10.9 1.64

Private label 2.8 0.28 3.1 0.27

Source: Federal Reserve System, The Federal Reserve Payments Study - 2017 Annual Supplement.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix C • Additional Background

219

Access to card networks in the United States is largely set by private agreement and the system

includes controls that ensure that each rm with direct access has a comprehensive and robust

regulatory framework in place. Treasury believes that this system is working well and has supported

innovative new solutions in the payments space. Treasury supports the private card networks’

continual evaluation of their rulebooks in light of new entrants and innovations to the payments

infrastructure to ensure that the systems continue to work well for all involved players.

Automated Clearing House (ACH)

e ACH network

555

is at the core of the payments system as one of the chief payment systems in

the United States. It is a system that processes payments and moves money between nancial

institutions. ere are currently two network operators, Electronic Payments Network and

FedACH (owned by the Federal Reserve Banks). e ACH system is used for payments such as:

direct deposit, government benets delivery, bill pay, and transfers between consumers and busi-

nesses, among others. e rules for ACH networks are set by NACHA — a private, not-for-prot,

industry association. Importantly, by rule, only insured depository institutions are allowed access

to the ACH networks.

According to NACHA, in 2017 ACH networks processed approximately 21.5 billion transac-

tions with a total value of about $46.8 trillion.

556

An originator — which could be an individual

or an entity — rst provides payment instructions that then enter the banking system. ACH

555. See generally NACHA, ACH Network: How It Works, available at: https://www.nacha.org/ach-network.

556.

NACHA, 2017 ACH Network Volume & Value, available at: https://www.nacha.org/system/ﬁles/resources/

ACH-Network-Volume-and-Value-2017_2.pdf.

Number (billions)

Value ($ trillions)

Figure C3: Distribution of Core Noncash Payments by Type for 2015

Bank

Debit

cards

69.5

Debit cards

$2.6

Credit cards

$3.2

Credit

cards

33.8

Checks

17.3

Checks

$26.8

ACH

credit

transfers

$90.5

ACH credit transfers

13.6

ACH debit transfers

9.9

ACH

debit

transfers

$54.8

Note: Debit card includes non-prepaid debit, general-purpose prepaid, private-label prepaid, and electronic benefit transfers. Credit

card includes general purpose and private label. Check, automated clearinghouse (ACH) credit transfers, and ACH debit transfers

include interbank and on-us.

Source: Federal Reserve System, The Federal Reserve Payments Study 2016, at 3.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix C • Additional Background

220

payments are processed in batches by banks — the originating nancial institution aggregates

payment information into batches before sending to the two network operators who then net

and route payments to receiving nancial institutions. ACH payments can be either debit

(pull)

557

or credit (push)

558

payments. Debit payments settle in one day while credit payments

settle in one to two days. In 2015, ACH transferred the highest value of payments among

retail payment options.

Wire Transfer Services

Wire transfer services are systems that are primarily used for large value, wholesale payments

between banks and businesses. In the United States, there are two primary wire service networks

that operate domestically — Fedwire and CHIPS. Fedwire is owned and operated by the Federal

Reserve Banks; CHIPS is a competing private sector network with 50 direct bank participants.

559

Unlike the ACH networks, the wire networks’ operating rules are set by the operators themselves.

Fedwire is a real time gross settlement service that clears and settles transactions immediately. In

2017, Fedwire processed over 150 million transactions with a total value of over $740 trillion;

the average Fedwire transaction value was $4.85 million.

560

In comparison, CHIPS is a real-time

nal settlement system that matches, nets, and settles payments. In order to function in real time,

member banks must prefund (using Fedwire) a joint CHIPS account at the New York Federal

Reserve Bank. In 2017, CHIPS processed over 112 million transactions with a total value of over

$393 trillion; the average CHIPS transaction value was $3.49 million.

561

Checks and Cash

Checks and cash are two other ways to make payments. Checks are cleared in one of ve ways:

562

(1) clearing “on-us” checks internally on a bank’s own books; (2) presenting checks directly to the

paying bank; (3) forwarding checks to a correspondent bank; (4) exchanging checks through a

private clearinghouse; (5) forwarding checks to the Federal Reserve for processing. Today, nearly all

of the checks that the Federal Reserve processes are electronic images of the paper checks.

5 57. For example, when a consumer pays a utility bill by authorizing the utility company to pull the payment from his

or her bank account. This could be done by visiting the company’s website to input payment information, for

instance.

558.

For example, when a consumer logs on to his or her bank’s online banking portal and schedules an online bill

pay transaction that the bank will then push to the payee.

559.

See Fedwire at https://www.frbservices.org/ﬁnancial-services/wires/index.html and CHIPS at https://www.the-

clearinghouse.org/payment-systems/chips.

560.

Board of Governors of the Federal Reserve System, Fedwire Funds Service — Annual (2018), available at:

https://www.federalreserve.gov/paymentsystems/ﬁles/fedfunds_ann.pdf.

561.

The Clearing House, Annual Statistics from 1970 to 2018 (2018), available at: https://www.theclearinghouse.

org/-/media/tch/pay%20co/chips/reports%20and%20guides/chips%20volume%20through%20jan%202018.

pdf.

562.

Federal Reserve Bank of New York, Check Processing (Mar. 2013), available at: https://www.newyorkfed.org/

aboutthefed/fedpoint/fed03.html.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix C • Additional Background

221

Check usage has been declining since the 1990s and continues to decline.

Cash is still the most frequently used payment method, however, its share of total payments is

declining.

Other Payments Players

In addition to the core payment systems that connect nancial institutions with other nancial

institutions, there are a number of nonbank rms that serve as intermediaries and layer between

the banking system and the ultimate end user. In some cases, other intermediaries may also layer

on top or beside these intermediate rms to provide a specic or supplementary specialty service

(such as tokenization, for example), which adds to the complexity of the payments system. is

Figure C4: Changes in the Number of Consumer Noncash Payments P

er Household,

Per Month, 2000-2015

-15

Debit cards

Credit cards

Checks written

ACH transfers

0153

Note: ACH is automated clearinghouse. Debit card includes non-prepaid debit, general-purpose prepaid, and private-label prepaid

(including electronic benefits transfers). Credit card includes general purpose and private label.

Source: Federal Reserve System, The Federal Reserve Payments Study 2016, at 4.

38.4

6.9

5.1

-12.2

2012 2017

Figure C5: T

ransactions by Each Payment Instrument (percent)

Cash

40%

Cash

27%

Credit

17%

Credit

25%

Checks

Electronic

Other

Debit

25%

Debit

32%

Source: Surveys of Consumer Payment Choice, 2012 and 2017, Federal Reserve Bank of Boston.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix C • Additional Background

222

section provides only a brief, high-level overview of the general categories of players in this space.

While not always the most well-known, these rms provide crucial services to connect end users.

Nonbank Payment Processors

Payment processors are generally nonbank technology companies that provide vendor services to

bank clients by processing electronic payments. ese rms specialize in processing card payments

on both sides of a transaction — as merchant acquirer and/or issuer processor. Some banks process

their own payments in-house; some banks enter into a co-owned joint venture with a payment

processor, whereby the processor supplies the technology to process payments and the bank main-

tains the merchant relationships; many banks wholly outsource the processing function to a third-

party processor.

563

e role of processors in the payments ecosystem is best understood through the

outsourcing model. Here, the processor in essence stands in the shoes of the acquiring bank and/or

the issuing bank during the authorization, routing, and clearing of card transactions.

564

Since payment processors are nonbank institutions, they must have a bank sponsor in order to

access the card networks. Processors must follow the rules of the card networks, and are exam-

ined regularly by the networks. Processors are also examined by the banking agencies through

uniform FFIEC guidance under the bank regulators’ Bank Service Company Act authorities;

however as these authorities regulate the third-party and vendor services that are provided to the

bank, the bank sponsors are generally responsible for the processors’ conduct when processing

on the card networks.

Payment processing is a very competitive business that is largely driven by the rm that can charge

the lowest fees. Processors themselves have diversied and tried to gain a competitive advantage

by engaging in related businesses that include products and services such as: prepaid cards, PIN

debit network ownership, providing hardware (such as payment terminals), and providing software

solutions for small businesses (such as for accounts and inventory management, etc.).

Payment Service Providers (PSPs)

Technology has allowed new entrants to enter the business of accepting and processing merchant’s

and consumer’s point of sale or online/mobile payments. In many cases, these rms are serving

small businesses who may not have merchant relationships with banks, or compete with bank

services through the quality of the software and user experience. PSPs are generally nonbank tech-

nology companies that are responding to customer demand for faster, more convenient services for

both end users and merchants.

While PSPs provide merchants, for example, with a way to accept and process payments, they do

not directly compete with traditional payment processors — instead they function as yet another

563. Ofﬁce of the Comptroller of the Currency, Merchant Processing, Comptroller’s Handbook (Aug. 2014), at 2-5,

available at: https://www.occ.treas.gov/publications/publications-by-type/comptrollers-handbook/merchant-pro-

cessing/pub-ch-merchant-processing.pdf.

564. See, e.g., First Data Corporation, Form 10-K Annual Report (Feb. 20, 2018), at 6-7, available at: https://www.

sec.gov/Archives/edgar/data/883980/000088398018000006/a12311710-k.htm.

A Financial System That Creates Economic Opportunities • Nonbank Financials, Fintech, and Innovation

Appendix C • Additional Background

223

layer.

565

As nonbank entities, PSPs also do not have direct access to the payment infrastructure and

therefore must have a business relationship with a bank. ere may also be a traditional nonbank

payment processor between these rms and their bank for payment processing purposes. Since

PSPs layer on top of the existing payments infrastructure, they are disrupters more on the front-

end consumer-facing side of user experience than on the back-end processes aecting the ultimate

movement of money.

PSPs, like payment processors, must adhere to the rules of the card networks, even if they rely on

banks and payment processors to process transactions through the system. To be a service provider

for a card network, a rm generally must register with the card network, ensure that they are PCI-

DSS compliant, and be examined annually by the card network.

566

Additionally, PSPs are generally

licensed money transmitters and are therefore subject to the applicable licensing, registration, and

oversight requirements in multiple jurisdictions.

565. See, e.g., Square, Inc., Form 10-K Annual Report (Feb. 27, 2018), at 9-11, 19, 22, available at: https://www.

sec.gov/Archives/edgar/data/1512673/000151267318000004/a10-kﬁlingsquareinc2017.htm; PayPal

Holdings, Inc., Form 10-K Annual Report (Feb. 7, 2018), at 15, available at: https://www.sec.gov/Archives/

edgar/data/1633917/000163391718000029/pypl201710-k.htm.

566.

See, e.g., Visa, The Visa Payment Facilitator Model: A Framework for Merchant Aggregation (May 2, 2014),

available at: https://usa.visa.com/dam/VCOM/download/merchants/02-MAY-2014-Visa-Payment-Facilita-

torModel.pdf, and Mastercard, What Service Providers Need to Know About PCI Compliance, available at:

https://www.mastercard.us/en-us/merchants/safety-security/security-recommendations/service-providers-need-

to-know.html.

A Financial System

That Creates Economic Opportunities

Nonbank Financials, Fintech,

and Innovation

A Financial System That Creates Economic Opportunities Nonbank Financials, Fintech, and Innovation

U.S. DEPARTMENT OF THE TREASURY

JULY 2018

TREASURY

2018-04417 (Rev. 1) • Department of the Treasury • Departmental Ofces • www.treasury.gov