The Fintech Legal Outlook for 2020: Top 3 Insights from Todd Hamblet
We recently sat down with Todd Hamblet, Fundbox’s new Chief Legal Officer, and asked his thoughts about what legislative or legal issues would be shaping the fintech industry this year. Between presidents and precedents, decisions are coming down within the next 12 months that will have a significant effect on the way Fundbox and other fintechs do business. Here’s what Todd had to say:
Q: What key issues or predictions do you see when it comes to legal compliance in the fintech industry in 2020?
A: My basic view is that I expect to see continued efforts to regulate the financial services industry and fintech. These regulations are likely to focus on protection of consumer and commercial borrowers, privacy, or data protection. That said, I don’t think that innovation and regulation are incompatible. I think that there is sensible regulation that can achieve the goals of protecting consumers of financial services without completely stifling fintech innovation.
I think the outcome of the election will have a significant bearing on how active regulators are in the fintech space. In the absence of leadership from Washington, I’m concerned that we’re going to continue to see state-by-state legislation instead of a federal overlay. California and New York are two states actively working to fill this void. State versus federal regulation creates the challenge of needing to comply with 50 state requirements, which sometimes might be at odds with each other, as opposed to a more unified regulatory regime. You just have to spend a lot of resources in researching, staying up to date, and modifying what in many cases is a fairly streamlined product offering to comply with different state laws.
I worry that too disparate of a regulatory regime can, in fact, stifle innovation. It won’t stop innovation, but it can make it more challenging. I am certainly not opposed to sensible regulation, but sometimes the best intentions can lead to anomalous outcomes. You always have good actors and bad actors, and in our space, for example, we’re trying to disrupt a very traditional way of underwriting and lending in a commercial space that just hasn’t been compatible with or user friendly for small businesses.
The small business community is under-served, in part because you’re talking about smaller dollars than your traditional banks are even willing to underwrite. You’ve started to see community banks and credit unions step in a bit, but even in those cases, the lending model is still paper-heavy. It’s not optimized for all the data that’s out there, the ability to use technology, or alternative data sources. I think that fintech companies like Fundbox are serving and filling a niche that is really valuable for small businesses. Think about a mom-and-pop shop. They need to be able to run their business. They don’t need to spend all their time going back and forth with their bank, trying to get a loan. They need quick access to capital that may be just to solve a short-term problem. It may be to meet payroll during a slow month. That’s the problem we’re trying to solve, and also doing it in a way that is bringing it into the 21st century. This means using alternative data sources and machine learning, not relying exclusively on credit reports or FICO scores, and using other metrics to look at the credit worthiness of an enterprise.
I find it really exciting. It’s really satisfying to know that we’ve helped a lot of small businesses at the heart of our economy. So I think additional regulation is inevitable, but I hope it’s reasonable and sensible, and that it serves the purpose of protecting the borrower but doesn’t impose so many requirements or obligations that it makes it impractical for a fintech company to try to serve that population.
Q: Is there anything else you see happening in the realm of compliance?
A: I think we’re going to continue to face additional regulation in the areas of privacy and data protection. In California, we have the California Consumer Privacy Act (CCPA) that came online on January 1st. This is a good example of how, in the absence of federal action, states are going to take up their own legislation. California is the first to have enacted a comprehensive privacy act that companies are now trying to deal with. It impacts not just California companies but any companies dealing with California residents.
We’re tracking legislative developments in other states who are looking to implement their own privacy acts. Absent some sort of harmonized federal overlay (such as the GDPR in Europe), if you have 50 states with disparate privacy regulations, it just becomes very challenging. Of course, we will do everything we can to be compliant, but we have limited resources—we’d love to dedicate our resources to developing and improving products for our customers, instead of worrying about whether we’re tripping up a novel requirement of a particular state’s privacy law. So a federal framework would be really helpful. I already mentioned regulation in the context of the next election, and I think whether there is interest in Washington with a federal privacy law will depend on that outcome.
Q: Aside from the 2020 election, what other issues is the fintech industry keeping an eye on?
A: There have been some interesting cases out there in the fintech space. There’s one case in particular that has created some uncertainty and confusion: the Madden case. Although the case was decided a few years ago, it looks like federal regulators are trying to take steps to clarify the ruling. I hope that 2020 brings better visibility into what’s going to happen there, since the uncertainty is impacting the financial services industry and fintechs.
Generally, Madden is a case that dealt with the “valid when made” concept. When a bank makes a loan, there are various usury laws that can be applicable, depending on the state in which the loan was originated. Under federal law, an FDIC-insured state chartered bank can originate a loan using the maximum rate of interest permitted in the home state of the bank and then “export” that rate into another state, regardless of the state where the borrower is located. Some states have higher usury rates than others, so the maximum rate can vary. It is well settled that when that loan was initially made by the bank, it was “valid when made.” But what happens if that bank decides to sell off that loan to a third party in another state? The Madden case (read broadly) calls into question the “valid when made” doctrine. It said that if the loan had an X percent interest rate when it was originated, but it was sold to a third party in a state that had a usury rate lower than X, that original interest rate may not be valid anymore because of the transfer. Studies have shown that this ruling has led to a decrease in the availability of credit in the states affected by the decision.
Banks have to rely on being able to originate and sell loans—this is a well-settled concept. The question is whether the Madden case is distinguishable enough from the traditional practice that it applies only to a particular scenario (a sale of debt) or whether it is calling into question the broader concept. The reason this impacts fintechs is because a lot of us rely on bank partnerships in order to serve customers in all 50 states. Through these partnerships, fintechs may acquire the receivables on loans originated by partner banks. The question for fintechs in the context of Madden is: when the fintech acquires a receivable, does the interest rate originally offered by the bank partner continue to be valid…or because the fintech is a third party, does some other interest rate cap apply depending on where the borrower is located?
Congress and some other federal regulators are working to clarify that the Madden case should be limited to a narrow set of facts, and that it should not serve as a precedent for disrupting the traditional understanding of “valid when made”. This would be welcome relief to the entire financial services industry, including fintechs. We hope to have this clarification in 2020.Last modified: February 18, 2020