Rapid evolution of financial technologies has made it possible to grab a latte with a tap of the phone or transfer 20 bucks to your nephew at college without opening a billfold or writing a check. Payment transfer apps have become ubiquitous thanks to their convenience and wide acceptance, a trend likely to accelerate. Yet the speed of their adoption has allowed these non-bank channels to become significant players in the modern financial infrastructure faster than the regulatory framework could adapt, potentially exposing consumers to material risks and loss of privacy.
In response to growing consumer complaints and research into the data privacy policies of the big fintech players, the Consumer Financial Protection Bureau has proposed new rules allowing the agency to exercise some of the same oversight it currently exercises over commercial banks. The rules apply to electronic payment services like digital wallet providers like Apple and Google, as well as peer-to-peer or P2P transfer apps like Venmo and CashApp, and could go into effect early next year following a 60 day comment period ending January 8.
The CFPB was created in 2010 as part of the response to the great financial crisis and consolidates consumer financial protection authorities previously dispersed among 7 different federal agencies.
A survey conducted by Forbes of American consumers with a bank account found that 53% of respondents use digital wallets more frequently than traditional payment methods like cash, checks, or credit cards, and only 14% of adults have never tried one. As might be expected, 91% of Gen Z respondents prefer digital wallets as their primary method of purchase, but adoption high across generations and over 50% say that sometimes avoid trading with merchants who did not accept digital payment.
The same survey found broad acceptance of P2P money transfer apps, with over 50% indicating they use CashApp or Venmo. According to the CFPB, consumers transferred $893 billion in 2022 through various payment facilities including wallets, P2P apps, and Zelle, a digital transfer channel run by a consortium of banks. This is likely to grow significantly, as the US is still far behind many other countries including China in widespread adoption.
The rapid development of fintech apps has complicated the distinction between banks and commercial businesses, a development hardly anticipated by the present regulatory framework. Because the growth and stability of a large economy like the US depends upon a solid and sound banking system which in turn relies on the trust of businesses and consumers, traditional banks in the US are prohibited from engaging in many non-related business activities or being part of a large commercial conglomerate and are closely regulated by federal and state entities.
Subject to these restrictions and regulations, financial institutions engage in deposit taking and lending that is the primary mechanism by which money is created. Banks and bank customers are also afforded unique protections including deposit insurance, ability to borrow from the Federal Reserve System, and access to the government’s financial backstop in times of crisis. Like it or not, banks are unique institutions upon which the healthy functioning of our economy depends and are therefore treated somewhat differently than tractor companies or sports bars.
The rapid advance of digital payments and transfers has fuzzed the boundary between banks and commercial enterprises as more and more exchanges that look a lot like banking transactions have caught the attention of regulators. Banks, for their part, have legitimately noted the encroachment on their business by competitors not subject to the same oversight. The CFPB rule is intended to address some of the growing risks in digital payments and to level the regulatory playing field.
The proposed rule subjects larger non-bank digital consumer transfer and payment apps to the same examination authority the CFPB exercises over banks and credit unions. The proposal excludes players with fewer than 5 million transactions per year, and exempts retailer-specific payment apps like Starbucks or Walmart mobile pay. The examination authority is intended to ensure that digital facilities adhere to the same funds transfer, consumer protection, and privacy laws that govern banks. The agency is also establishing a technology program to equip examiners with tools needed to conduct inspections of complex big tech financial products.
In announcing the proposed rule, CFPB Director Rohit Chopra also noted the agency’s increasing concern over data privacy and surveillance policies of fintech financial providers. Digital apps vacuum up massive amounts of customers’ personal data and often retain that data indefinitely. While most of the tech firms state that they do not sell personal information, they share it with other companies under the same ownership and do sell or share what they consider “public” information they have gathered on their customers for marketing purposes including information like GPS location of purchases.
Digital payments are only going to increase and usually make our life simpler and more convenient. But like any new technology, the convenience come with risks that, if properly disclosed and mitigated, are minimal in comparison with the benefit to society.