Fast & Furious: FDIC, CFPB Reverse Course In Numerous Cases
Exclusive: Knot Announces SKU-Level Data Portability With New TransactionLink API
Hey all, Jason here.
I’m wrapping up this week’s newsletter from Puerto Escondido, Mexico — I’m here for work, I swear!
Next week, I’ll be out in the Salt Lake area for LoanPro’s customer advisory board and popping over to Vegas after that for Fintech Meetup. My New Year’s resolution to travel less is clearly going well…
Last but certainly not least, if you didn’t see the news during the week, Taktile announced its $54 million Series B — see additional thoughts from cofounder and CEO Maik Taro Wehmeyer on how AI adoption is transforming risk decisioning in regulated industries like financial services.
If you enjoy reading this newsletter each Sunday and find value in it, please consider supporting me (and finhealth non-profits!) by signing up for a paid subscription. It wouldn’t be possible to do what I do without the support of readers like you!Where Are AI & Financial Services Heading in 2025?
Artificial intelligence, even as we quibble about the exact definition of the term, seems increasingly likely to impact nearly every aspect of work and day to day life, equalling or exceeding the impact of the widespread adoption of touchscreen smartphones beginning nearly 20 years ago.
But, like with any technological revolution, it can be difficult to parse hype and bluster vs. real, economically impactful use cases.
In this upcoming edition of Taktile’s Expert Talks series, I’ll be joined by industry experts Francisco Javier Arceo (Red Hat), Max Eber (Taktile), John Sun (Spring Labs), and Todd Phillips (Georgie State University) to discuss where AI and financial services are heading in 2025.
Exclusive: Knot Announces SKU-Level Data Portability With New TransactionLink™ API
The idea of “open banking,” or the ability for consumers to access and share their banking data, represented a paradigm shift in how industry thinks about ownership of data. In the United States, the concept of a data access right was codified in law nearly 15 years ago with the passage of Dodd-Frank, though, in practice, the growth and development of open banking has been market-driven, rather than regulation-driven.
While the evolution of open banking hasn’t been without its share of controversy, particularly from large incumbents who, the conventional wisdom goes, stand to be net losers from data sharing, consumers, without question, have benefitted substantially from a range of products and services enabled by open banking: from cashflow-based underwriting to streamlined account linking and enhanced personal financial management tools.
But, as the name suggests, open banking covers a limited set of data; namely, consumer data tied to accounts covered by Reg Z and Reg E, such as deposit accounts, prepaid cards, credit cards, and digital wallets.
There’s an entire world of other financial and non-financial data that belongs to consumers but lives in silos, making it difficult if not impossible for consumers to easily benefit from voluntarily sharing that information.
Enter Knot’s newly announced TransactionLink capability. (Full disclosure: I’m an investor in Knot.)
Knot, backed by marquee investors that include Nava Ventures, Amex Ventures, and Plaid, launched its first product, CardSwitcher™, in 2022.
Now, with TransactionLink, Knot enables users to share consumer-permissioned item-level (SKU level) data with third parties they select, including digital wallets and payment card issuers, as well as non-financial apps and services.
Knot co-founder and CEO Rory O’Reilly, who dropped out of Harvard to start his journey as a founder—one that ultimately led to Knot—spoke about the launch, saying, “We think TransactionLink is a win-win-win: it’s good for merchants, by helping them deepen customer relationships and drive brand loyalty through better personalization and incentives, it’s good for card issuers, by enabling them to build a host of features and capabilities, and, most importantly, it’s good for consumers, by empowering them to share their data with whom they want to.”
Fundamentally, it’s the automated, digital equivalent of sharing a receipt: what the user bought, from what merchant, at what price, and when. The potential use cases are endless.
In the financial services world, card issuers can:
intelligently leverage SKU-level data to recommend targeted promotions and incentives to users based on their purchasing history;
better manage dispute and chargebacks;
offer better informed predictive financial analytics, that go beyond merchant level spend to understand what a user is actually buying;
suggest credit cards and rewards programs based on a user’s purchasing patterns;
enhance credit risk assessment for thin- and no-file users;
benefit from powerful fraud detection, as item level data provides additional granularity to identify cases of identity theft, fraudulent purchases, or other suspicious activity.
But TransactionLink is use case agnostic; one could also imagine a health and fitness app or recipe site incorporating a user’s grocery purchase history in order to seamlessly analyze nutrition information or make food prep recommendations, for instance.
Benny, which offers lower-income households cashback on their SNAP purchases (Supplemental Nutrition Assistance Program, colloquially known as “food stamps”), has already deployed Knot’s TransactionLink capability, enabling Benny to process rewards “faster than ever.” (Full disclosure: I’m an investor in Benny.)
Prior to deploying TransactionLink, Benny users would need to link their EBT (electronic benefits transfer) card, make a purchase with it, and then upload an image of the receipt to get cashback on qualifying items.
But with TransactionLink, once users opt in to sharing data from the merchants they shop at, this last step happens automatically, with no additional action needed from end users.
Benny cofounder and CEO Rishi Ahuja explained, “Knot’s TransactionLink has dramatically improved the accuracy and consistency of our transaction data, enabling us to process rewards faster than ever. It’s the most efficient way to scale rewards based on actual purchases, ensuring a seamless experience for our customers. In fact, we heavily push our customers to link with Knot when available — it's that much better!”
Like with open banking, the technology isn’t without potential risks and justified concerns, particularly when it comes to data privacy.
Asked how it ensures users’ privacy is protected, O’Reilly, the Knot CEO, emphasized the consumer-permissioned nature of the service, saying, “Ultimately, this is data that belongs to the consumer. No one would argue that a paper receipt and the information on it doesn’t belong to the person holding it. This is just the digital equivalent of that. Services that integrate TransactionLink provide clear terms and conditions that explain what data they’re accessing, why, and how they use that information.”
O’Reilly added that Knot merely serves as a pipe to move data from a merchant, at a user’s request, to a third party.
As the open banking journey in the US has demonstrated, market participants typically lead regulation. It has taken 15 years to go from Dodd-Frank’s mandate that consumers have access to banking data to regulation that actually implements this requirement — and, given legal challenges and uncertainty around the future of the CFPB, the fate of that regulation is unclear.
What is certain is the demand for and value generated by data portability, whether that is bank account data, other financial information, or the type of item-level information made possible by TransactionLink.
Fast & Furious: FDIC, CFPB Reverse Course In Numerous Cases
Despite neither the FDIC nor the CFPB having confirmed leadership in place, both regulators are charging ahead with abrupt and, in some cases, unprecedented policy changes and reversals of previous positions.
The CFPB has been at the eye of the storm, functionally shut down since Russ Vought took the reins as acting Director. While personnel matters, including legal challenges to employee terminations and Vought’s appointment, have driven the headlines, the Bureau has been systemically abandoning lawsuits filed under Director Chopra’s tenure at the agency (an outcome I reported was likely more than a week ago here.)
Following the unilateral withdrawal of the CFPB’s suit against unlicensed peer-to-peer payday lender SoLo Funds, acting Director Vought claimed in a post on X that the Bureau had “tried to destroy” SoLo Funds, which he described as an “innovative solution” for “working class Americans with limited means.”
Vought echoed the company’s misleading talking points that the loans have no interest, but merely the option to leave a “tip” for lenders and a “donation” to SoLo Funds. The CFPB’s analysis of SoLo Funds’ loans found 99.5% carried a “tip” to the lender, and a state enforcement action in Connecticut found equivalent APRs could exceed 4,000%.
Posts on the Bureau’s site about the company have been deleted, though Spanish language versions remain accessible for now.
CFPB Offers No Rationale For Dropping Case Against Heights Finance
SoLo Funds isn’t the only problematic subprime lender the CFPB has granted a reprieve.
The CFPB dismissed its case against Heights Finance, part of subprime lending juggernaut CURO Group, I was the first to report last week.
At the time the CFPB filed the suit, in August 2023, then-Director Chopra said:
The CFPB is suing the Southern lending conglomerate for illegally churning loans and harvesting fees from their customers. What Southern sold as a financial lifeline was, in reality, pushing customers into financial quicksand.
Specifically, the Bureau’s suit alleged Heights Finance illegally harmed borrowers by “[c]oercing distressed customers into fee-laden cycles of reborrowing,” “[i]ncentivizing employees to push refinances,” “[t]argeting customers for their likelihood to refinance,” and “[f]alsely marketing refinances as fresh starts.”
According to the complaint, the installment loans offered by Heights Finance were for a median loan principal of $585, carried a median annual interest rate of 92%, and were typically repayable in nine to eleven monthly installments.
Nearly 10% of Heights Finance borrowers refinanced their loans more than a dozen times or more and, although they only made up less than a tenth of the lender’s customer base, they accounted for 40% of net revenue.
The CFPB offered no public comment or rationale for dismissing the case.
CFPB Drops Cases Against Capital One, Vanderbilt, Rocket Homes, TransUnion, and PHEAA — But Not MoneyLion
Other cases the Bureau dropped include suits against Vanderbilt Mortgage and Finance, Capital One, Rocket Homes, TransUnion, and Pennsylvania Higher Education Assistance Agency.
In the Vanderbilt case, filed in early January, the CFPB alleged Vanderbilt, a non-bank lender focused on financing manufactured homes, “ignored clear and obvious red flags that the borrowers could not afford the loans. As a result, many families found themselves struggling to make payments and meet basic life necessities. Vanderbilt charged many borrowers additional fees and penalties when their loans became delinquent, and some eventually lost their homes.”
Rocket Mortgage, the Bureau alleged in its December 2024 complaint, operated an “illegal kickback scheme” to encourage real estate agents to steer applicants to the company. Now-former Director Chopra said at the time, “Rocket engaged in a kickback scheme that discouraged homebuyers from comparison shopping and getting the best deal. At a time when homeownership feels out of reach for so many, companies should not illegally block competition in ways that drive up the cost of housing.”
The suit against Pennsylvania Higher Education Assistance Agency, one of the nation’s largest student loan servicers, alleged the firm illegally collected money for loans that had been discharged in bankruptcy and reported false information to credit bureaus. Now-former Director Chopra said at the time, “PHEAA has ignored its responsibilities and illegally pursued borrowers for loans they no longer owe. The CFPB is suing PHEAA for demanding money from borrowers that they do not owe and for reporting false information to credit reporting companies.”
The Capital One case, arguably a dubious effort from a legal perspective, alleged that the bank “unlawfully misled consumers about its 360 Savings accounts and obscured its higher-interest savings product from them.” The CFPB’s suit, filed just six days before President Trump took office, claimed Capital One deceived customers in order to “cheat” millions of consumers out of $2 billion in interest.
On Friday, the CFPB dropped its case against TransUnion and the president of TransUnion Interacctive, John Danaher. The suit, filed in April 2022, alleged TransUnion and Danaher had violated a 2017 consent order that prohibited the company from engaging in deceptive marketing practices. TransUnion Interactive markets, sells, and provides credit-related products directly to the public, such as credit scores and reports. The CFPB’s suit alleged TransUnion and Danaher employed so-called “digital dark patterns” to trick consumers into paying for services and making it difficult to cancel them.
Also on Friday, the CFPB withdrew its case against 1st Alliance Lending, which accused the company of unlawful mortgage lending practices, including violations of the Truth In Lending Act (TILA), Equal Credit Opportunity Act (ECOA), Fair Credit Reporting Act (FCRA), and the Mortgage Acts and Practices Advertising Rule. The suit, filed in January 2021, accused the company of using unlicensed employees to operate what amounted to a boiler room for unlicensed loan origination. The company’s license to operate in Connecticut had previously been revoked for substantially similar violations.
The CFPB’s suit against MoneyLion, which accuses the company of violating the Military Lending Act by charging covered servicemembers and their families rates that exceed 36% MAPR (Military APR), is a notable outlier: the Bureau filed an update with the court on Friday that it would not be dropping the case. The suit further alleges that MoneyLion required users to sign up for a “membership” to access “low APR” loans, but prohibited users from canceling the membership until their loans were repaid.
MoneyLion isn’t the only case the CFPB is continuing, providing at least a fig leaf to claim the Bureau is continuing to operate and meet its statutory obligations — despite testimony from current and former employees last week that the administration’s goal is to reduce the Bureau to a room with “five men and a phone in it.”
How just five employees, roles which are required by law, could fulfill all of the Bureau’s statutory obligations, including taking and responding to millions of consumer complaints, is an open question.
FDIC Files Change of Position in CBW Case, Withdraws Amicus Brief in Colorado DIDMCA Suit
Meanwhile, over at the FDIC, under the management of acting Director Travis Hill, significant policy changes are also underway.
On February 20th, the acting Solicitor General informed Congress that the Department of Justice “will no longer defend the constitutionality of statutes that protect administrative law judges (ALJs) from removal by officials that are themselves removable only for cause.”
The DOJ now asserts that the multiple levels of removal protection are unconstitutional, citing the Supreme Court decision in Free Enterprise Fund v. PCAOB.
But, analysis from law firm Orrick, Herrington & Sutcliffe argues, “the letter failed to note that the Supreme Court’s decision expressly declined to decide whether these removal restrictions were unconstitutional in the context of ALJs.”
In the US Court of Appeals for the Fifth Circuit found in SEC v. Jarkesy that the statutory removal provisions for ALJs are unconstitutional, but the Supreme Court did not address the removal restrictions in its holding in Jarkesy.
This decision by the DOJ is already showing up in litigation the FDIC is involved in.
In CBW Bank’s suit against the FDIC, stemming from the bank’s attempt to contest a $20 million civil money penalty the regulator is seeking, the FDIC notified the court it is changing its position, declining to defend this argument as part of the suit, as first reported by me last week.
In a separate case in Colorado, in which three banking and fintech trade groups are seeking to prevent the state’s effort to block out-of-state state-chartered banks from making loans to Colorado consumers at rates above the state’s usury cap, the FDIC has withdrawn an amicus brief supporting Colorado’s position, which I was the first to report here.
The case turns on the somewhat esoteric question of “where” a loan is made when a consumer is borrowing online: in the state the borrower lives in or where the bank making the loan is located?
The FDIC’s amicus brief in the Colorado case was a reversal of its prior, long-held position by arguing “loans are made in a state if either the borrower or the lender enters into the transaction in that state.”
The now-withdrawn brief supported Colorado’s effort to block out-of-state state-chartered banks and, by extension, fintech lenders that work with them from exceeding the state’s usury cap.
Although the FDIC has withdrawn its amicus brief, the case remains ongoing.
Finally, in a statement released concurrently with the FDIC’s Q4 2024 Quarterly Banking Profile, acting Chair Travis Hill explained the regulator’s decision to no longer report the aggregate assets of banks on the “problem bank list.”
Hill explained the decision in a brief statement, writing in part:
[C]hanges in the industry over the past 35 years have made it comparatively easier to identify a large bank that is added to the list, resulting in a number of potentially negative consequences, including, as examples:
A large bank experiencing severe financial distress is added to the Problem Bank List, which the public correctly identifies, prompting a disorderly run;
Supervisors fail to downgrade a large bank in poor condition for fear the disclosure could spark a bank run and/or financial instability;
The public incorrectly identifies a bank added to the Problem Bank List (e.g., if a large regional bank and a smaller midsize bank are both added to the list in the same quarter, and the public incorrectly assumes the addition was a large bank whose assets approximately equal the combined total), prompting customers to withdraw funds from the incorrectly identified bank; and
A large bank is downgraded for reasons other than deteriorating financial condition (which, as a general matter, occurs regularly), prompting customers to withdraw funds out of misplaced fear of insolvency.
Other Good Reads
Fourth Quarter 2024 Banking Conditions (Kansas City Fed)
Colorado, Virginia legislation would impact fintech lending (Banking Dive)
Where Debanking Didn't Happen (Without Warning)
Stripe’s 2024 annual letter (Stripe)
Promoting Responsible Innovation through the Novel Activities Program (Speech by Fed Vice Chair Barr)
The Cryptocurrency Scam That Turned a Small Town Against Itself (NYTimes)
About Fintech Business Weekly
Looking to work with me in any of the following areas? Email me.
Now available: buy my best-selling book, Banking as a Service: Opportunities, Challenges and Risks of New Banking Business Models, here
Vendor, partner & investment opportunity advice and due diligence
Fintech advising & consulting
Sponsoring this newsletter
News tip or story suggestion — reach me on Signal at mikulaja.01