The Consumer Financial Protection Bureau has withdrawn two proposed rules concerning data brokers and digital payment mechanisms, according to filings this week in the Federal Register. Both were proposed after the 2024 elections.
The first proposed rule would have redefined “consumer reports” under the Fair Credit Reporting Act, or FCRA, to include consumer identification information, such as name or Social Security number, and redefine data brokers and other entities as “consumer reporting agencies” when they assemble and furnish such information. The American Bankers Association was among the groups that criticized the proposal, saying the proposal exceeded the CFPB’s authority and would reduce banks’ ability to detect and prevent fraud and identity theft.
The CFPB said it is withdrawing the proposal because it does not align with current bureau policies and due to numerous concerns commenters raised. The proposed rule would have implemented the FCRA “in a manner not aligned with the bureau’s current interpretation of the FCRA, which it is in the process of revising, and its changed policy objectives,” the CFPB said. It added that, due to “questions as to the Bureau’s statutory authority to issue many of the proposals” and other concerns that require careful consideration, “it would be inappropriate to proceed to a final rule.”
The second proposal would have expanded Electronic Fund Transfer Act protections to digital payment mechanisms, such as those involving stablecoins or certain credit card rewards points. ABA urged the CFPB to withdraw the proposal in a March letter, noting the CFPB did not use “the proper channel to pursue these changes given the expansion that would result.”
In withdrawing the proposal, the bureau again said the proposal does not align with its current priorities. “The bureau is continuing to evaluate the need for guidance related to the legal requirements associated with [electronic fund transfers] and will take further action if deemed necessary,” it said.
