December 27, 2024

Jack Solowey

When you use a product that’s closely supervised by the government, you might be tempted to assume the bureaucratic babysitting is somehow necessary for the product or its industry to run smoothly. Yet when regulators first propose special supervision years after you’ve already seen the product work as intended, you may be tempted to ask, “What gives?”

When it comes to the Consumer Financial Protection Bureau’s (CFPB) proposal to bring popular payment apps (like Apple Pay, Google Pay, PayPal, Venmo, and Cash App) under a supervisory regime, the answer is that the agency sees the apps have become quite popular, and the CFPB treats success alone as a reason for more invasive oversight.

The digital payment app market is hardly crying out for a regulator to ride to consumers’ rescue, and the CFPB’s proposed rule provides a real‐​time demonstration of how regulators won’t hesitate to “fix” something even when—and perhaps, especially when—“it ain’t broken,” as the old saw goes.

This month, the CFPB proposed subjecting major digital consumer payment applications to agency supervision by designating the apps as “larger participants” in a market for consumer financial services. The Dodd‐​Frank Act gives the CFPB the authority to supervise these larger participants, meaning that in addition to the ability to conduct enforcement actions for violations of consumer financial protection law, the CFPB also may proactively monitor and examine these specially designated businesses.

Under the proposed rule, covered digital payment apps would find themselves facing a host of potential CFPB supervisory activities, including on‐​site exams involving requests for records, regulatory meetings, record reviews, as well as compliance evaluations, reports, and ratings. The Bureau estimates such exams would take approximately eight to ten weeks on average.

All this mucking about while a business is trying to get work done conjures images of Homer Simpson’s brief stint supervising a team of engineers:

Homer: “Are you guys working?”

Team: “Yes, sir, Mr. Simpson.”

Homer: “Could you, um, work any harder than this?”

Who exactly would become subject to CFPB supervision under the proposal? The proposed rule would cover providers of “general‐​use digital consumer payment” apps—including both fund transfer and digital wallet apps—that meet requirements around transaction volume (five million transactions annually) and firm size (not being a small business as defined by law). The proposal contains some notable exclusions, including exemptions for apps that only facilitate payments for specific goods or services (i.e., are not general use), as well as for transactions with marketplaces through those marketplaces’ own platforms.

One question raised by the proposal, particularly its reference to digital wallets, is whether cryptocurrency transfers and wallets are in scope. The answer, in short, is sometimes.

According to the CFPB, covered fund transfers include crypto transfers, so the rule likely would cover hosted crypto wallets (where an intermediary controls the private keys for accessing users’ funds) used for those purposes. However, the proposed rule does not cover purchasing or trading cryptocurrencies, as it excludes exchanges of one form of funds for another, as well as purchases of securities and commodities regulated by the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC). (Add this to the list of ways in which lingering questions about SEC and CFTC jurisdiction over crypto create unhelpful regulatory ambiguity.)

The proposed rule’s application to self‐​hosted crypto wallets (where users control their own private keys) likely will hinge on interpretive questions (including those related to the definition of “wallet functionality”), and these could leave the agency room to find some self‐​hosted wallets in‐​scope. (If the CFPB were to go this route, it would be yet another example of subjecting a core crypto technology to poorly conceived regulation.)

When it comes to the CFPB’s reasons for the proposal, perversely, the very data indicating that the market for digital payment applications is anything but broken is the data the CFPB cites as the basis for subjecting the market to special supervision. According to the agency, “The CFPB is proposing to establish supervisory authority over nonbank covered persons who are larger participants in this market because this market has large and increasing significance to the everyday financial lives of consumers.” Another way to put this is that fulfilling consumer demand alone calls for greater scrutiny.

How popular have these apps become? According to the CFBP itself, 76 percent of Americans have used one of four major payment apps; 61 percent of low‐​income consumers report using payment apps; merchant acceptance of payment apps “has rapidly expanded as businesses seek to make it as easy as possible for consumers to make purchases through whatever is their preferred payment method;” and adoption by younger users may drive even further growth.

Separate survey data tend to support the idea that consumers’ positive assessments of these apps line up with their revealed preferences. According to survey data compiled by Morning Consult in 2017, a sizable majority of American adults were either very satisfied or somewhat satisfied with a variety of digital payment apps, including Venmo (71 percent), Apple Pay (82 percent), Google Wallet (79 percent), and PayPal (91 percent). Recently, some even tried to frame Apple Pay as making payments “too easy” for consumers’ own good.

The CFPB’s proposal is not an example of a regulator seeking to impose sorely needed order in a broken and lawless sector, but rather an agency ratcheting up compliance requirements in an already regulated space. For instance, consumer financial products and services—which include consumer payment services via any technology—already are subject to the CFPB’s authority to enforce prohibitions against unfair, deceptive, or abusive acts or practices. Moreover, the CFPB already has the power to supervise relevant financial service providers where it issues orders determining, with reasonable cause, that the providers pose risks to consumers, something that the agency fails to do in any convincing manner in the proposal.

That the CFPB is seeking to assert supervisory authority over the digital payment app market without having to identify specific risks to consumers is emblematic of a fundamentally flawed approach to regulation.

In the case of digital payment apps, the proposed supervisory regime is not targeting a consumer financial service market failure but rather a market success. Witnessing this, it’s reasonable to ask what other supervisory regimes that consumers take for granted began as solutions in search of problems.