On April 22, 2026, the Consumer Financial Protection Bureau (CFPB) published in the Federal Register a final rule amending Regulation B, the regulation implementing the Equal Credit Opportunity Act (ECOA). The final rule is largely unchanged from the CFPB’s notice of proposed rulemaking issued in November 2025. Effective July 21, 2026, the final rule: Expressly eliminates the “effects test,” commonly referred to as disparate impact. …
Latest Articles
Fannie Mae Issues AI/ML Governance Framework for Sellers and Servicers
Fannie Mae recently issued Lender Letter LL-2026-04 (Fannie Mae letter), which sets forth a governance framework for Fannie Mae single-family sellers and servicers using artificial intelligence and machine learning (AI/ML) in their origination and servicing practices. The requirements will take effect on August 6, 2026. The Fannie Mae letter builds upon prior Freddie Mac updates to its Seller/Servicer Guide on the same topic (Freddie Mac …
FDIC Rescinds Supervisory Guidance on Multiple NSF Fees
The Federal Deposit Insurance Corporation (FDIC) has rescinded its Biden-era supervisory guidance that cautioned banks against charging multiple non-sufficient funds (NSF) fees on a declined transaction. In announcing the rescission, the FDIC stated that its prior guidance, called Supervisory Guidance on Multiple Re-Presentment NSF Fees, was “overly broad in scope” and “raised uncertainty” about when disclosures concerning multiple attempts to initiate a payment after a …
Agencies and FinCEN Propose Coordinated Changes to AML/CFT Program Requirements
Two separate – but closely coordinated – notices of proposed rulemaking (NPRMs) were published to amend the anti-money laundering and countering the financing of terrorism (AML/CFT) requirements for certain financial institutions. The Financial Crimes Enforcement Network (FinCEN) published a proposed rule emphasizing effectiveness and outcomes over technical compliance, along with a risk-based approach directing more attention and resources toward higher-risk customers and activities. The same …
Part 3: Looking Ahead – Novel Cybersecurity Issues and Department Priorities
In prior posts, we discussed the amendments to 23 NYCRR Part 500 (Part 500) ahead of the April 15 deadline to certify compliance with Part 500 and the increasing focus on multifactor authentication (MFA) as a key cybersecurity control. While Part 500 sets out formal cybersecurity requirements, the New York State Department of Financial Services (NYDFS) regularly uses industry letters and guidance to signal how …
CSBS Interpretive Guidance Clarifies Some Stablecoins May Be Included in Tangible Net Worth Calculations for Money Transmitters
The Conference of State Bank Supervisors (CSBS) recently issued interpretive guidance addressing the accounting treatment of stablecoins in the tangible net worth (TNW) calculation under its Model Money Transmission Modernization Act (MTMA). The guidance clarifies that CSBS intends for the definition of TNW under the MTMA to include, as “tangible financial assets,” stablecoins that meet certain criteria. The guidance is nonbinding, and it is uncertain …
Part 2: NYDFS Sharpens Its Focus on Multifactor Authentication
Financial institutions covered by 23 NYCRR Part 500 (Part 500) (covered entities) must annually certify their compliance with these cybersecurity regulations. As the April 15 date for certifying compliance approaches, the New York Department of Financial Services (NYDFS) has been reinforcing its focus on one particular element of the updated requirements – multifactor authentication (MFA). On February 26, 2026, NYDFS hosted a public cybersecurity presentation …
FDIC Issues 2026 Consumer Compliance Supervisory Highlights
The FDIC recently published its annual Consumer Compliance Supervisory Highlights, covering examination results and consumer complaint trends for FDIC-supervised state-chartered banks and thrifts that are not members of the Federal Reserve System (supervised institutions). The report, summarized below, describes the FDIC’s findings from approximately 825 consumer compliance examinations of supervised institutions and from a review of approximately 32,000 consumer complaints. Most frequently cited violations identified …
NYDFS Refresher Series – Part 1: What Companies Need to Know Ahead of Annual Certifications of Compliance
Upcoming compliance certification Every year by April 15, financial entities subject to the New York Department of Financial Services (NYDFS) oversight (covered entities) are required to certify their compliance with the NYDFS’ cybersecurity regulations, 23 NYCRR Part 500 (Part 500). This year’s deadline will be the first time covered entities must certify compliance with all of the amendments to Part 500 that were phased in …
FTC Issues New Advance Notice of Proposed Rulemaking on Negative Option Marketing
On March 11, 2026, the Federal Trade Commission (FTC) issued a request for public comment on an advance notice of proposed rulemaking (ANPRM) regarding its “Rule Concerning the Use of Prenotification Negative Option Plans,” more commonly known as the “Negative Option Rule.” The FTC is inviting consumers and industry members to share their experiences with negative option marketing to help it decide whether and how …