The CFPB and European Commission joint statement: Tentative first steps of a transatlantic relationship
In July 2023, the US Consumer Financial Protection Bureau (CFPB) and the European Commissioner for Justice and Consumer Protection issued a joint statement announcing the start of an “informal dialogue” between the CFPB and European Commission. Arising in response to the increasing similarity between international consumer finance markets, this dialogue was intended to focus on how technology is impacting consumers of financial services across a wide range of areas, from privacy and payments to competition and customer service.
Their underlying concern? That, if left unchecked, technology could increase consumer exposure to fraud, manipulation, and data misuse, while decreasing competition, privacy, and fair pricing. We discussed this joint statement, the background of the CFPB and European Commission, and the expectations of this “informal dialogue” in our client alert of August 3, 2023.
As outlined in our August alert, the two agencies originally aimed to share “insights and experience,” exchange technical expertise, and coordinate on pressing policy issues through annual meetings, staff discussions, and roundtables with industry players.
However, on April 11, 2024, the agencies issued a new joint statement, emphasizing a two-tier approach with (1) leadership-level meetings between Consumer Financial Protection Bureau (CFPB) Director Rohit Chopra and his counterparts, Mairead McGuiness, EU Commissioner for Financial Services, Financial Stability, and the Capital Markets Union, and Didier Reynders, EU Commissioner for Justice and Consumer Protection; and (2) three sessions in which senior staff shared expertise, best practices, and lessons learned on established problems (eg, over-indebtedness), new products (eg, “buy now, pay later” products, or BNPL), and emerging trends (eg, the roles of Big Tech and AI in consumer finance).
What is the state of the discussions?
The majority of the discussions thus far appear to have been at the staff level. Across three sessions, senior staff discussed:
- Over-indebtedness and BNPL: The European Commission presented its latest study on over-indebtedness and forecasts that it would increase significantly in the next decade, as well as revisions to the Consumer Credit Directive designed to address risks. CFPB staff summarized the growth of the BNPL industry in the US and its regulation under the Fair Credit Reporting Act Framework.
- Digital payments access and fraud; Big Tech in consumer finance: European Commission staff presented on the current state of regulation of digital payments and related types of fraud, as well as proposed changes to the EU open banking framework. CFPB staff outlined the threat of fraud in US digital payments, the role of non-banks in payments, Big Tech’s growing role in consumer finance generally, and the impact of digital access on the unbanked.
- Artificial intelligence: Both sides presented on their respective regulatory frameworks relating to AI in the consumer finance sphere. For the European Commission, this consists of four pieces of legislation[1] and two judgments from the European Court of Justice.[2] CFPB summarized key pieces of federal case law which could apply to AI use cases, as well as a recent report on the use of chatbots by financial institutions.
In addition to the above sessions, in February 2024, Director Chopra and Commissioner McGuiness met in Brussels to discuss the consumer- and financial literacy-related aspects of payments and digital finance. Director Chopra also met with Commissioner Didier Reynders to discuss the topics covered in the staff discussions, and their commitment to continuing the informal dialogue.
What is the expected outcome of the CFPB and European Commission’s cooperation?
Following the first announcement of the CFPB and EU’s dialogue, it was unclear what fruit this would ultimately bear. The initial indications seemed to downplay the prospect of any immediate concrete outcomes, policy initiatives, or enforcement objectives. That seems to still be the case following the first rounds of detailed discussions, where the main emphasis appears to have been on educating their counterparts on their respective regulatory frameworks and identifying common areas of interest, trends, and risks across the US and the EU.
The joint statement does not provide significant detail regarding the content of the discussions following each side’s presentations at the above sessions or the detailed areas of shared interest. However, the discussed topics appear to be at least (1) the risks to consumers arising from BNPL products, (2) Big Tech’s role in payments, and (3) AI and automated decision-making use-cases in each jurisdiction. Although the Joint Statement refers to “future planned work” between the two agencies, it is unclear what this will specifically entail, and whether any action will arise from the discussions. This may well develop over time. However, for the time being, the emphasis on informality, the breadth of the topics involved, and the “deliberate” pace of these discussions tend to suggest that larger-scale, coordinated action at the regulatory level may still a way off.
Broader international impact
We discussed in our previous alert that the CFPB and Commission’s discussions in this area may incentivize other countries to consider these issues in greater depth.
In particular, the UK may be eager to strengthen ties on both sides of the Atlantic by engaging with similar issues. The country has continued its cooperation with (1) the EU, with the Joint EU-UK Financial Regulatory Forum, which most recently met in October 2023;[3] and (2) the US, with the US-UK Financial Regulatory Working Group, which most recently met in January 2024.[4]
Though these meetings were not devoted to consumer financial services specifically, but to discuss broader issues of financial regulation, the meetings invariably touched upon financial services issues which impact consumers. As ever, the tangible impact of these transatlantic discussions remains to be seen, but continued international dialogue may be expected.
For more information, please contact the authors or your usual DLA Piper contact.
[1] (1) The General Data Protection Regulation; (2) the Consumer Credit Directive; (3) Distance Marketing of Consumer Financial Services Directive; and (4) the Artificial Intelligence Act.
[2] Interpreting Article 22 of the General Data Protection Regulation on automated decision making as it applied to Germany’s leading credit scoring company.
[3] See: Joint EU-UK Financial Regulatory Forum - October 2023 - European Commission (europa.eu)
[4] See: Joint Statement on the U.S.-UK Financial Regulatory Working Group | U.S. Department of the Treasury