A Development to Watch: California's "Mini-CFPB" and Small Business Financing

5 Min Read By: Susan M. Seaman

In late September, California enacted the California Consumer Financial Protection Law (“CCFPL”), which renamed the California Department of Business Oversight (now the California Department of Financial Protection and Innovation) and granted the department broad authority “to regulate the offering and provision of various consumer financial products or services under California consumer financial laws” and to “exercise nonexclusive oversight and enforcement authority under California consumer financial laws and, to the extent permissible, under federal consumer financial laws.”[1] Modeled off of the federal Consumer Financial Protection Bureau (“CFPB”), some have dubbed the newly named Department of Financial Protection and Innovation (“Department”) a “mini-CFPB.”

In addition to granting the Department broad oversight and enforcement authority, the CCFPL makes it unlawful for a “covered person” or “service provider” to engage, have engaged, or propose to engage in any unlawful, unfair, deceptive, or abusive act or practice (“UDAAP”) with respect to “consumer financial products or services.”[2] The CCFPL gives the Department extensive rulemaking authority to implement the new law. For example, the Department may by rule identify acts or practices that the Department deems unlawful, unfair, deceptive, or abusive in connection with any transaction with a consumer for a consumer financial product or service.[3] In the provision giving the Department UDAAP rulemaking authority for consumer financial products or services, the CCFPL requires the Department to interpret the terms “unfair” and deceptive” in a manner that is consistent with Section 17200 of the California Unfair Practices Act[4] and case law thereunder.[5] The CCFPL adopts the broad definition of “abusive” acts or practices that appears in Title X of the Dodd–Frank Wall Street Reform and Consumer Protection Act of 2010 (“Dodd–Frank Act”) and instructs the Department to interpret the term “abusive” in a manner that is consistent with the Dodd–Frank Act.[6]

The aforementioned UDAAP rulemaking provision and most of the other rulemaking provisions in the CCFPL permit the Department to promulgate rules applicable to persons involved with “consumer financial products or services,” defined, in relevant part, as “a financial product or service that is delivered, offered, or provided for use by consumers primarily for personal, family, or household purposes.[7] Despite the law’s name and the scope of its focal provisions, the CCFPL gives the Department the authority to identify by rule UDAAPs in connection with small business financing products and to require data collection and reporting on small business financing products. Specifically, the CCFPL permits the Department to:

Define unfair, deceptive, and abusive acts and practices in connection with the offering or provision of commercial financing, as defined in Section 22800(d), or other offering or provision of financial products and services to small business recipients, nonprofits, and family farms. The rulemaking may also include data collection and reporting on the provision of commercial financing or other financial products and services.[8]

The CCFPL incorporates the definition of “commercial financing” from the relatively new California Commercial Financing Disclosure statute, which term covers a host of small business financing products such as merchant cash advances, asset-based lending, commercial loans, commercial revolving credit, and lease financing. [9] These products typically do not meet the definition of “consumer financial products or services” in the CCFPL and persons involved with these products should not be “covered persons” or “service providers” subject to other provisions of the CCFPL.

The Department’s “surprise” UDAAP and data collection rulemaking authority for small business financing products does not directly affect all small business financing providers. The CCFPL exempts a number of regulated entities including, but not limited to, banks, California-licensed finance lenders and California-licensed finance brokers.[10] However, a future rule could apply to merchant cash advance providers, unlicensed (but legal) loan brokers, and other non-exempt vendors that provide services in connection with the offering or provision of small business financing products. Because vendors supporting small business financing products could be subject to a future UDAAP or data collection rule by the Department, exempt entities may be indirectly affected by a future rule.

On the federal level, the Federal Trade Commission (“FTC”) has asserted its broad jurisdiction under the Federal Trade Commission Act and other laws “to stop deceptive, unfair and other unlawful practices by small business financing providers and their marketers, services or collectors.”[11] In mid-September, the CFPB released and sought comments on an outline of proposals to implement Section 1071 of the Dodd–Frank Act, which requires financial institutions to collect select data in connection with credit applications by women-owned, minority-owned, and small businesses and to report the data to the CFPB annually.[12] Whether and to what extent the FTC’s use of its unfair or deceptive acts or practices authority and the CFPB’s promulgation of a small business data collection rule will impact the Department’s use of its rulemaking authority for small business financing remains to be seen.  Of course, as a populous, individual protections-oriented state, California’s use of its UDAAP and data collection rulemaking authority could influence the actions of federal agencies with similar authority and other states. The Department’s use of its new rulemaking authority for small business financing is a development to watch. The CCFPL becomes effective on January 1, 2021.

[1] Cal. Fin. Code § 90006(a).

[2] Id. § 90003(a).

[3] Id.

[4] Cal. Bus. & Prof. Code § 17200.

[5] Cal Fin. Code § 90009(c)(1).

[6] Id. § 90009(c)(2)-(3).

[7] Id. § 90005(e)(1).

[8] Id. § 90009(e).

[9] Id. § 22800.

[10] Id. § 90002.

[11] Strictly Business:  A Staff Perspective, Fed. Trade Commission (February 2020), https://www.ftc.gov/system/files/documents/reports/staff-perspective-paper-ftcs-strictly-business-forum/strictly_business_forum_staff_perspective.pdf/.

[12] Consumer Financial Protection Bureau Releases Outline of Proposals Under Consideration to Implement Small Business Lending Data Collection Requirements, Cons. Fin. Protection Bureau (Sept. 15, 2020), https://www.consumerfinance.gov/about-us/newsroom/cfpb-releases-outline-proposals-implement-small-business-lending-data-collection-requirements/.

By: Susan M. Seaman


Connect with a global network of over 30,000 business law professionals


Login or Registration Required

You need to be logged in to complete that action.