The Consumer Financial Protection Bureau (CFPB) finalized a new policy that establishes a process for companies to apply for a no-action letter from the Bureau in order to reduce regulatory uncertainty for a new product or service that offers the potential for significant consumer-friendly innovation. The policy is issued in response to changing technologies in the consumer financial market that may not have been envisioned at the time existing statutes and regulations were issued. Companies with new products that may offer the promise of a significant consumer benefit can apply for the no-action letter to see how a product fits within the regulatory scheme; however, the Bureau's final policy stresses that no-action letters will be the exception, not the norm, and "will be provided rarely and on the basis of exceptional circumstances and a thorough and persuasive demonstration of the appropriateness of such treatment."

The CFPB will assess applications based on a variety of factors, including:

  1. product structure, terms and conditions, disclosures and agreements with consumers, and the cost, benefits and risks associated with the product;
  2. the extent to which evidence such as the requester's own testing indicates the product may be beneficial to consumers;
  3. the extent to which the asserted benefits to consumers are available in the marketplace from other products;
  4. the extent to which the requester controls for and effectively addresses and mitigates risk to consumers;
  5. the extent to which granting the request is necessary in order to reduce substantial regulatory uncertainty;
  6. the extent to which the substantial regulatory uncertainty may be better addressed through other regulatory means;
  7. whether the entity demonstrates that it is in compliance with other relevant federal and state regulatory requirements;
  8. the extent to which the request is limited in time, volume of transactions or otherwise;
  9. the extent to which any data provided by the entity is expected to improve consumer protection; and
  10. the extent to which public disclosure of relevant data may be permitted.

Of course, the requester's relevant government supervision and enforcement history will also be considered. The no-action letters are not binding (as regards the CFPB as well as other regulators) and are revocable at any time. Instead, the no-action letters provide a statement by the CFPB that it does not intend to recommend enforcement or supervisory action regarding the product or service. The CFPB has indicated that it will make reasonable efforts to respond to applications in a timely manner, but has not provided a strict timetable for response to applications.

Under the final policy, the no-action letters will be published on the CFPB's website (along with the initial request, in some form). In addition, the no-action letters will likely not cover unfair, deceptive, or abusive acts or practices (UDAAP)—and the CFPB discourages the use of no-action letters to "excuse potential UDAAP violations that might arise from other aspects of the product, such as marketing or operation that were not addressed in the NAL letter or stem from subsequent changes in the product."

Institutions considering submitting a request for a no-action letter, as with any engagement with the Bureau, are well served by working with experienced counsel.