Showing 9 posts in Regulatory.

A World Without Chevron? U.S. Supreme Court Hears Oral Arguments in Cases that Could Overturn 40-Year-Old Doctrine of Statutory Interpretation

On January 18, 2024, the United States Supreme Court heard oral arguments in two cases challenging the Chevron doctrine of statutory interpretation, Loper Bright Enterprises, et al., v. Gina Raimondo, Secretary of Commerce (Loper-Bright) and Relentless, Inc. v. Department of Commerce (Relentless). Under the Chevron doctrine, courts are supposed to grant deference to an agency's reasonable interpretation of an ambiguous statute. More ›

Cybersecurity Compliance Emphasized at MBA's Legal Issues and Regulatory Compliance Conference

In a Privacy & Cyber Bytes Alert, we review takeaways from the recently concluded Mortgage Bankers Association's Conference on Legal Issues and Regulatory Compliance. Lenders and servicers with consumer-facing platforms that collect personal information need to initiate cybersecurity compliance efforts immediately.

Read the full alert which includes our list of best practices.

Proposed California Debt Collection Licensing Regulations Raise Scope Concerns

Last month, the Department of Financial Protection and Innovation (DFPI) published proposed regulations under the Debt Collection Licensing Act (DCLA). The regulations largely address procedural matters related to obtaining a license. However, the DFPI's proposed regulations also appear to implicitly address the scope of the license requirement, potentially expanding the category of licensees beyond what the statutory text contemplates. More ›

Validating Cyber Compliance in Light of the First DFS Enforcement Action

We recently reported on the New York State Department of Financial Services' (DFS) first enforcement action under its 2017 cybersecurity regulation ("Part 500"), which prescribes how financial services companies licensed to operate in New York should construct their cybersecurity programs. DFS' statement of charges provides important insight into the agency's priorities and expectations when assessing how a company has addressed and mitigated a data exposure, and offers a roadmap for how other regulators might interpret similar data security laws being implemented across the country. Given increasing regulatory scrutiny and the fact that inappropriate cybersecurity procedures and practices could result in significant financial liabilities, companies should proactively re-assess where they stand in relation to applicable cyber mandates.

We highlight here some key takeaways from the recent DFS enforcement action that entities subject to Part 500 should carefully consider when validating their current state of compliance. More ›

Another Cybersecurity Wake Up Call: Connecticut Insurance Department Issues Guidance on Cyber Law Set to go Into Effect

Covered entities received two cybersecurity wake up calls from insurance regulators this month. As we have reported, the New York State Department of Financial Services (DFS) issued its long-awaited first cyber enforcement action pursuant to its groundbreaking and first-in-nation cybersecurity regulation. In addition, the Connecticut Insurance Department issued a Bulletin to all licensees, providing guidance for compliance with the Connecticut Insurance Data Security Law (the Act), which goes into effect on October 1, 2020. The Act was modeled after the National Association of Insurance Commissioners Model Cybersecurity Law, which itself was modeled after the DFS cybersecurity regulation. More ›

Long-Awaited DFS Cyber Enforcement Action Sees Charges Filed Against Title Insurer For Exposing Millions of Documents Containing Consumer Personal Information

After several years of anticipation, the New York State Department of Financial Services (DFS) has filed its first enforcement action under the agency's groundbreaking and first-in-the-nation 2017 cybersecurity regulation (Part 500 of Title 23 of the New York Codes, Rules, and Regulations), which prescribes how financial services companies licensed to operate in New York should construct their cybersecurity programs. This action is a wakeup call to covered entities to fully implement the directives of Part 500. More ›

CFPB Issues New Mortgage Servicer Guidelines for Transferring Loans to a New Servicer

The Consumer Financial Protection Bureau (CFPB) recently published compliance guidanceeffective immediately—on the handling of information and documents during the transfer of a mortgage loan to a new servicer. Following related guidance issued in 2014 on these mortgage servicer transfers, CFPB supervisory examiners have continued to document weaknesses in servicer compliance management systems and violations of Regulation X, including inadequate policies and procedures for transferring loan information and documents in a timely and accurate manner that ensures uninterrupted continuation of required servicing functions. More ›

Interactive COVID-19 Regulatory Map for Consumer Financial Institutions

To assist consumer financial services lenders, servicers and investors, Hinshaw has developed an interactive tracker of state regulations related to the COVID-19 pandemic. The tracker documents actions by various state regulators, along with the limits imposed by states on foreclosures, evictions, and debt collections, and allows users to click on any state to view applicable provisions.  More ›

Consumer Law Regulatory Insights: CFPB Symposia Series Discusses How Behavioral Economics Can Inform Regulatory Action

On September 19, 2019, the Consumer Financial Protection Bureau (Bureau) hosted the second in a series of scheduled symposia. After the first symposium, we evaluated the panel discussions that focused on the term "abusive" and whether the Bureau should disclose parameters surrounding its interpretation of the term. The September 19 symposium addressed how behavioral law and economics can inform regulatory action. The discussion consisted of two panels: first, an academic discussion of behavioral economics, while a second panel discussed how behavioral economics can inform regulatory action, or lack thereof, in the consumer financial services field. More ›