On June 27, 2025, the Consumer Financial Protection Bureau (CFPB) issued a policy statement that outlines its plan to address criminal regulatory offenses within its jurisdiction, as directed by the May 2025 Executive Order (EO) 14294. The CFPB notes that it will publish a report to include a list of “all criminal regulatory offenses enforceable by the Bureau or the Department of Justice,” along with …
Trump CFPB Asserts Narrower Role for State Enforcement of Federal Consumer Law
On May 15, 2025, the Consumer Financial Protection Bureau (CFPB) issued an interpretive rule that rescinded a Biden-era interpretive rule regarding the extent of states’ enforcement authority under Section 1042 of the Consumer Financial Protection Act (CFPA). While states may continue to bring actions to enforce provisions of the CFPA, the new interpretive rule suggests that states may not bring actions arising under any enumerated …
Rhode Island Enacts New Financial Institutions Cybersecurity Law With Immediate Effect
More states are advancing prescriptive cybersecurity standards and requirements for financial institutions, many of which align with regulations from New York’s Department of Financial Services. Rhode Island’s legislature passed Senate Bill 603, effective immediately, which requires specific cybersecurity controls and notice to the Department of Business Regulation within three business days of determining a security event has occurred. North Dakota’s new law, House Bill 1127, …
CFPB Moves to Vacate Its Own Open Banking Rule, Citing Legal Deficiencies and Overreach
On May 30, the Consumer Financial Protection Bureau (CFPB) filed a motion to vacate its own open banking rule, arguing that the rule exceeds its authority under Section 1033 of the Dodd-Frank Act. The CFPB asserts that the rule exceeds its legal authority by requiring data sharing with authorized third parties, unlawfully prohibits data providers from charging fees, inadequately addresses consumer data and security risks, …
FDIC Rules Rollback Foretells More Pro-Industry Changes
Cooley lawyers Obrea Poindexter, Jasmine Banks and Elyse Moyer co-authored an article for Law360 about the Federal Deposit Insurance Corporation (FDIC) withdrawing proposed rules that were intended to reshape regulatory obligations related to corporate governance practices. Read the article (subscription required) and see this related Cooley alert.
FDIC Withdraws Four Biden-Era Proposed Rules
The Federal Deposit Insurance Corporation (FDIC) board of directors approved the withdrawal of proposed rules relating to brokered deposits, corporate governance, the Change in Bank Control Act and incentive-based compensation arrangements. The proposals would have, among other things, expanded the definition of “brokered deposits,” augmented corporate governance responsibilities and increased oversight of certain bank investors. The withdrawal of the proposed rules signals the FDIC’s reevaluation …