Professionals Services Insights Community
About Offices Careers
Home / Insights / CFPB Proposes “Larger Participant” ...
PDF

November 2023

Ellen Traupman Berge Andrew E. Bigart Jonathan L. Pompan David A. McGee Anu Baron

CFPB Proposes “Larger Participant” Rule to Supervise General-Use Digital Consumer Payment Applications

12 min

The Consumer Financial Protection Bureau (CFPB) has proposed a rule to define a market for general-use digital consumer payment applications. Larger participants in this market would be subject to CFPB supervision and examination authority under the Consumer Financial Protection Act (CFPA). The proposed market would cover providers of funds transfer and wallet functions through consumer digital applications for consumers’ general use used to make payments to other persons for personal, family, or household purposes. Examples include many consumer financial products and services that are commonly described as “digital wallets,” “payment apps,” “person-to-person apps,” “P2P apps,” and similar applications.

The proposed rulemaking comes amid a CFPB and federal government effort to exercise greater regulatory oversight over fintechs and other nonbank providers of financial services. The proposed rulemaking comes after a preview earlier in 2023 and several years of CFPB scrutiny of the industry, including a 2021 market inquiry of large tech companies operating payments systems. The proposal also was announced just days after the federal Financial Stability Oversight Council issued new Guidance for Nonbank Financial Company Determinations, which set forth procedures for considering whether to designate a nonbank financial company for Federal Reserve supervision under Section 113 of the Dodd-Frank Act.

Comments are due before January 8, 2024, or 30 days after publication in the Federal Register, whichever is later.

Larger Participant Test

The proposed rule would set forth a two-part test to determine whether a nonbank covered person is a larger participant in the general-use digital consumer payment applications market:

Consumer Payment Transaction Volume

The nonbank covered person (together with its affiliated companies) must provide general-use digital consumer payment applications with an annual volume of at least 5 million consumer payment transactions.

  • The proposed rule would require nonbank covered persons to aggregate their consumer payment transaction volume with affiliate consumer payment transaction volume to determine if a provider of general-use digital consumer payment applications is covered under the proposed rule. In aggregating transactions across affiliated companies, an individual consumer payment transaction would only be counted once even if more than one affiliated company facilitates the transaction.

Not a Small Business Concern

The nonbank covered person must not be a small business concern based on the applicable Small Business Administration (SBA) size standard.  As prescribed by existing regulation, any nonbank covered person that qualifies as a larger participant would remain a larger participant until two years from the first day of the tax year in which the person last met the larger-participant test.

Definitions Concerning Providing a General-Use Digital Consumer Payment Application

Consumer Payment Transaction(s)

The proposed rule would define the term “consumer payment transaction” as the transfer of funds by or on behalf of a consumer physically located in a state to another person primarily for personal, family, or household purposes. Except for enumerated exclusions, the term applies to transfers of consumer funds and transfers made by extending consumer credit.

Although the proposed rule does not define “funds,” the CFPB notes that the definition of “funds” under the CFPA is not limited to fiat currency or legal tender, and includes digital assets that have monetary value and are readily usable for financial purposes, including as a medium of exchange. As such, under the proposed rule, the transfer of funds in the form of digital assets by or on behalf of a consumer physically located in a state to another person primarily for personal, family, or household purpose could qualify as a “consumer payment transaction” if it would otherwise meet the definition of a “consumer payment transaction.”

The CFPB breaks the definition of a “consumer payment transaction” into four distinct components:

  1. The first is that the payment transaction must result in a transfer of funds by or on behalf of the consumer. This component focuses on the sending of payment and not receipt. The proposed definition would encompass a consumer’s transfer of their own funds as well as a creditor’s transfer of funds to another person on behalf of the consumer as part of a consumer credit transaction.
  2. The second is that the consumer must be physically located in a state. This would be satisfied, for example, when the consumer uses a general-use digital consumer payment application on a personal computing device or at a point of sale that is physically located in a state. If a consumer is physically located outside of any state at the time of engaging in a payment transaction, then it would not be a consumer payment transaction covered by the proposed rule.
  3. The third is that the funds transfer must be made to another person besides the consumer. For example, this could be another consumer, a business, or another type of entity. This component distinguishes the proposed market from adjacent but distinct markets that include other financial products and services, including the activities of taking deposits; selling, providing, or issuing stored value; and extending consumer credit by transferring funds directly to the consumer.

    This component would exclude transfers between a consumer’s own deposit accounts, transfers between a consumer deposit account and the same consumer’s stored value account held at another financial institution, such as loading or redemptions, and a withdrawal from the consumer’s own deposit account from an ATM.

  4. The final component is that the funds transfer must be for primarily personal, family, or household purposes. For general-use digital payment applications that could also be used for commercial purposes, only consumer payment transactions for personal, family, or household purposes would fall within the scope of the proposed rule.

The proposed rule includes the following exclusions from the definition of consumer payment transaction:

  • An international money transfer as defined by 12 C.F.R. § 109.107(a).
  • A transfer of funds that is (i) linked to the consumer’s receipt of a different form of funds, such as a transaction for foreign exchange or (ii) that is excluded from the definition of “electronic fund transfer” under 12 C.F.R. § 1005.3(c)(4). This exclusion would encompass, among other transactions, the exchange of fiat currencies, a purchase of a crypto-asset using fiat currency, a sale of a crypto-asset in which the seller receives fiat currency in return, or the exchange of one type of crypto-asset for another type of crypto-asset.
  • A payment transaction conducted by a person for the sale or lease of goods or services that a consumer selected from an online or physical store or marketplace operated prominently in the name of such person or its affiliated company.

    This exclusion clarifies that, when a consumer selects goods or services in a store or website operated in the merchant’s name and the consumer pays using account or payment credentials stored by the merchant who conducts the payment transaction, such a transfer of funds is generally not a consumer payment transaction

    Furthermore, when a consumer selects goods or services in an online marketplace and pays using account or payment credentials stored by an online marketplace operator or its affiliated company, such a transfer of funds is generally not a consumer payment transaction. For the transaction to qualify for the exclusion, it must be for the sale or lease of a good or service the consumer selected from a digital platform operated prominently in the name of an online marketplace operator or their affiliated company.

    However, the exclusion does not apply when a consumer uses a payment or account credential stored by a general-use digital consumer application provided by an unaffiliated person. For example, when a consumer selects goods or services for purchase or lease on a website of a merchant, and then from within that website chooses an unaffiliated person’s general-use digital consumer payment application, then the exclusion would not apply, and the transaction would be considered a consumer payment transaction.

  • An extension of consumer credit that is made using a digital application provided by the person who is extending the credit or that person’s affiliated company.

Covered Payment Functionality

The proposed rule would apply to providing covered payment functionalities through a digital application for a consumer’s general use in making payment transactions. The proposed rule would define two types of payment functionalities as covered payment functionalities, a “funds transfer functionality” and a “wallet functionality.”

  • “Funds transfer functionality” would be defined, in connection with a consumer payment transaction, as (a) receiving funds for the purpose of transmitting them or (b) accepting and transmitting payment instructions.
  • “Wallet functionality” would include a product or service that (a) stores account or payment credentials, including in encrypted or tokenized form, and (b) transmits, routes, or otherwise processes such stored account or payment credentials to facilitate a consumer payment transaction.

Digital Application

A digital application would be defined as a software program accessible to a consumer through a personal computing device, including but not limited to a mobile phone, smart watch, tablet, laptop computer, or desktop computer.

General Use

General use would be defined as the absence of significant limits on the purpose of consumer payment transactions facilitated by a covered payment functionality provided through a digital consumer payment application. The CFPB provides that the definition would include a digital consumer payment application that would facilitate person-to-person or peer-to-peer transfers of funds, including a “closed loop” P2P system.

Excluded from this definition, among other digital consumer payment applications that are not general purpose, would be digital consumer payment applications whose functionality is used solely to purchase or lease a specific type of services, goods, or property. Additionally, accounts that are expressly excluded from the definition of

“prepaid account” in subparagraphs (A), (C), and (D) of 12 C.F.R. § 1005.2(b)(3)(ii) of Regulation E are also not considered “general use” and include certain tax-advantaged health medical spending accounts, dependent care spending accounts, transit or parking reimbursement arrangements, closed-loop accounts for spending at certain military facilities, and many types of gift certificates and gift cards. Applications to pay a specific debt or type of debt or repayment of an extension of consumer credit would also not be considered “general use.”

State

The proposed definition of “state” would mean any U.S. state, territory, or possession of the United States, the District of Columbia, the Commonwealth of Puerto Rico, or any political subdivision thereof. The CFPB notes that the proposed rule is focused on the sending of a payment and not on the recipient, and as such, the proposed rule would not apply to consumer payment transactions where the sender is not in a “State.”

Impact on Digital Asset Companies, Merchants, and Banks and Credit Unions

The CFPB’s proposed rule to define the general-use digital consumer payment applications market and place larger participants in the market under supervision and examination authority, if finalized and enacted, will have an impact on a wide variety of market participants, including digital asset companies, merchants, and service providers to banks and credit unions:

Digital Asset Companies

Although the proposed rule would include digital assets in its definition of “funds,” the proposed rule and the CFPB’s commentary indicate that many digital asset companies would not be subject to the proposed rule. According to the CFPB, the proposed rule’s second exception to the definition of “consumer payment transactions” relating to transfer of funds linked to the consumer’s receipt of a different form of funds or transactions excluded from the definition of “electronic funds transfer” under 12 C.F.R. § 1005.3(c)(4) would encompass exchanges of fiat currencies, the purchase of a crypto-asset using fiat currency, a sale of a crypto- asset in which the seller receives fiat in return, or the exchange of one type of crypto-asset for another. Thus, digital asset companies that run cryptocurrency exchanges or allow users to purchase cryptocurrencies and other digital assets would likely be excluded from the proposed rule’s coverage.

Merchants

Generally, merchants and operators of online marketplaces offering goods and services would not be within the proposed rule’s coverage when making sales through their own payment functionalities for their own sales transactions in their own name as those transactions are exempt under the proposed rule. That said, merchants and operators of online marketplaces may still have general CFPA liability for their digital applications and online marketplaces, and if a merchant works with a third party providing a general-use digital consumer payment application for payment transactions, then transactions performed using the third party’s general-use digital consumer payment application would come under the scope of the proposed rule and constitute covered market activity with respect to the third-party provider.

The definition of “consumer payment transaction” under the proposed rule is narrower than the CFPB’s general authority under the CFPA, which can extend to payment transactions conducted by merchants or online marketplaces for sales through their own platforms under certain circumstances. The CFPA defines a consumer financial product or service to include “providing payments or other financial data processing products or services to a consumer by any technological means, including processing or storing financial or banking data for any payment instrument…” Such activities are generally consumer financial products or services under the CFPA unless a narrow exclusion for financial data processing in the context of the direct sale of nonfinancial goods or services applies.

The exclusion would not apply if a merchant or online marketplace’s digital consumer application stores, transmits, or otherwise processes payments or financial data for any purpose other than initiating a payments transaction by the consumer to pay the merchant or online marketplace operator for the purchase of a nonfinancial good or service sold directly by that merchant or online marketplace operator.

Although merchants are generally excluded from the proposed rule’s coverage, they need to be aware of the scope of their payment applications and what functions the wallet performs, as it could result in liability under the CFPA and carefully vetting third parties that provide merchants with general-use digital consumer payment applications, as transactions utilizing those applications will be subject to the proposed rule and would constitute covered market activity with respect to the third-party provider.

Banks and Credit Unions

Although banks and credit unions of any size would not be subject to the proposed rule, the proposed rule may apply to nonbank covered persons that provide covered payment functionalities through a digital application of a bank or credit union. The CFPB claims that this may have some competition-related impact on depository
institutions or credit unions; for example, if the relative price of nonbanks’ general-use digital consumer payment applications were to increase because of increased costs related to supervision, then depository institutions or credit unions of any size may benefit. This is an area where banks and credit unions should examine whether the proposed rule would make an impact and, if the CFPB’s rationale is not correct, should comment to inform the CFPB of the effect of the proposed rule.

Effective Date

The CFPB proposes that, once issued, the final rule for this proposal would be effective 30 days after it is published in the Federal Register.

Related Articles

View PDF

Related Services

Practices

Industries

Related Insights

Consumer Financial Services Practice Digest
Consumer Financial Services Practice Digest

July 10, 2023

4min
CFPB Rule and Enforcement Guidance on Small Business Lending Data Collection
CFPB Rule and Enforcement Guidance on Small Business Lending Data Collection

April 28, 2023

3min
Consumer Financial Services Practice Digest
Consumer Financial Services Practice Digest

October 13, 2022

4min
View More

Events

Consumer Financial Services Legal and Regulatory Update at the FCAA 2024 Annual Conference
Consumer Financial Services Legal and Regulatory Update at the FCAA 2024 Annual Conference

May 01 - 03, 2024 New Orleans, LA - Financial Counseling Association of America (FCAA)

Smarter Faster Payments 2024
Smarter Faster Payments 2024

May 06 - 09, 2024 NACHA

Register for the Event

Recent News

Venable Pro Bono Team Achieves Prisoner Release Under DC's Incarceration Reduction Amendment Act
Venable Pro Bono Team Achieves Prisoner Release Under DC's Incarceration Reduction Amendment Act

April 23, 2024

5min
American University Washington College of Law Alumni Association to Present Claudia Lewis with the Joseph H. Hairston Award on April 20
American University Washington College of Law Alumni Association to Present Claudia Lewis with the Joseph H. Hairston Award on April 20

April 19, 2024

1min
WAVe Presents: A Supreme Court Outlook and the Legacy of Ruth Bader Ginsburg
WAVe Presents: A Supreme Court Outlook and the Legacy of Ruth Bader Ginsburg

April 19, 2024

4min
View More