December 2022 in Brief: Business Regulation & Regulated Industries

Banking Law

The New York State Department of Financial Services Introduced New Cybersecurity Regulations Amendments

By Joseph Mayo, LL.M. Candidate at New York University School of Law

The New York State Department of Financial Services (NYDFS) is finalizing its proposed cybersecurity regulation amendments to its 23 NYCRR 500 Cyber Security Requirements for Financial Services Companies. The first version of the amendments was introduced in July 2022, followed by the current version on November 9, 2022, with a sixty-day public comment period.

The NYDFS regulates and monitors almost 3,000 financial institutions, such as insurance companies, banks, credit unions, and national and international financial services companies (covered entities), that hold more than $8.8 trillion as of Dec. 31, 2021.

The regulations’ primary objective is to protect the covered entities and New York customers from nation-states, terrorist organizations, and independent criminals’ attempts to exploit technological vulnerabilities and gain access to sensitive electronic data. Among other significant changes to the original regulations, the most notable is the requirement, as part of the covered entity’s cybersecurity governance, that Chief Information Security Officer (CISO) must have adequate authority to ensure cybersecurity risks are appropriately managed.

The proposed regulations emphasize the need for an experienced board, either directly or through specialized committees, to direct and oversight cybersecurity risks, including implementing the entity’s cyber-security program.

Under the proposed regulations, covered entities must give the NYDFS notice in the case of a cybersecurity event to a third-party service provider that affects the entity itself, within seventy-two hours from the time the covered entity is aware of such event.

Another requirement is that each covered entity must, in accordance with its risk assessment, develop and implement written policies and procedures for vulnerability management that are designed to assess the effectiveness of the entity’s cybersecurity program. The proposed regulation mandates automated and manual vulnerability scans, undertaken timely, as part of the entity’s risk assessment program and after any major system changes.

The NYDFS is expected to adopt the newly amended regulations near the close of the comment period, around January 9, 2023, and most changes would take effect 180 days afterward.

Consumer Finance Law

CFPB Director Chopra Testifies Before House, Senate Committees on Semi-Annual Report

By Eric Mogilnicki & B. Graves Lee, Covington & Burling LLP

On December 14 and 15, 2022, Consumer Financial Protection Bureau (CFPB) Director Rohit Chopra testified before the U.S. House Financial Services Committee and the Senate Banking Committee regarding the Bureau’s Semi-Annual Report to Congress. The Semi-Annual Report, which covers the Bureau’s activities from October 1, 2021, through March 31, 2022, discusses its significant rules and orders, complaints about consumer financial products or services, public supervisory and enforcement actions by the Bureau, significant actions by state regulators relating to federal consumer financial law, the Bureau’s efforts to fulfill its fair lending mission, diversity in the Bureau’s workforce, and the agency’s budget.

In written testimony (see House statement and Senate statement), Director Chopra described the state of the U.S. economy and household finances, pointing with concern to the increased utilization of Buy Now, Pay Later products, rising mortgage interest rates, and issues with medical debt and related credit reporting. He also described the presence of “Big Tech” firms in the payment space, noting the Bureau’s data collection efforts directed at such firms and its interest in how these payment platforms implement existing consumer protections, as well as how they make “decisions on account approvals, freezes, and terminations.” Chopra called on Congress to pass legislation that would “ensure that payments systems are neutral and nondiscriminatory, by eliminating the incentive for firms to use their control over payments to favor their other interests,” and legislation to strengthen financial privacy protections.

In response to questions from legislators during the hearings, Director Chopra covered a wide variety of topics, including the Fifth Circuit’s decision that the Bureau is unconstitutionally funded in Consumer Financial Services Association of America v. CFPB, the role of Bureau guidance, regulation of credit reporting agencies, changes in overdraft fee practices, student debt relief, medical debt, financial data privacy, and the use of the Bureau’s Civil Penalty Fund.

CFPB Proposal Would Create Public Registry and Attestation Requirement for Nonbanks Subject to Enforcement Orders

By Eric Mogilnicki & B. Graves Lee, Covington & Burling LLP

On December 12, 2022, the CFPB promulgated a proposed rule aimed at nonbank entities subject to federal, state, and local consumer financial protection law enforcement orders. The proposal would require nonbanks to report to the Bureau final agency any court orders or judgments brought under federal consumer financial protection laws or state laws regarding unfair, deceptive, or abusive acts or practices. In a press release accompanying the proposal, the Bureau stated that the resulting registry would help the Bureau “detect[,] . . . track and mitigate the risks posed by repeat offenders” and “monitor all lawbreakers subject to agency and court orders.”

The proposal would also impose an attestation requirement for certain larger nonbanks subject to the Bureau’s supervisory authority. Any such entity would be required to annually designate an executive responsible for and knowledgeable of the entity’s efforts to comply with any order in the registry, and annually submit a written statement signed by the executive regarding the entity’s compliance with each order.

The proposed rule would exempt insured banks and credit unions from its requirements. In its press release, the Bureau stated that “[w]hile the CFPB might later consider collecting or publishing the information described in the proposal from insured banks and credit unions, there is currently greater need to collect this information from nonbanks under its jurisdiction” in light of the active supervision of banks by the prudential financial regulatory agencies.

Comments on the proposal will be due sixty days following its publication in the Federal Register. The proposal states that the Bureau anticipates the registry to launch “no earlier than January 2024.”

State AGs Weigh in on Supreme Court Review of Bureau’s Funding Structure

By Eric Mogilnicki & B. Graves Lee, Covington & Burling LLP

On December 14, 2022, twenty-two Democratic and sixteen Republican state attorneys general filed separate amicus briefs requesting that the U.S. Supreme Court grant cross-petitions for certiorari in CFPB v. Community Financial Services Association of America, Ltd. In October, a panel of the U.S. Court of Appeals for the Fifth Circuit ruled that the Bureau’s funding structure violates the Constitution’s Appropriations Clause. The panel also invalidated a 2017 Bureau payday lending rule at issue in the litigation (the “Payday Rule”).

In the Democratic attorneys general amicus brief, amici argue that the Supreme Court should grant certiorari and reverse the Fifth Circuit as to remedial action. They explain that even if “the Court were to find a constitutional defect” in the Bureau’s funding structure, “the remedy imposed by the court below was neither justified nor compelled by law,” and “[l]eft undisturbed, the court of appeals’ reasoning could jeopardize many of the CFPB’s actions from across its decade-long existence, to the detriment of both consumers protected by those actions and financial-services providers that rely on them to guide their conduct.” They describe the Bureau’s role as a source of crucial financial regulatory authority, and they argue that the Supreme Court should reverse the ruling below and reinstate the Payday Rule.

In the Republican attorneys general brief, amici argue that the Supreme Court should grant certiorari and affirm the Fifth Circuit’s ruling, “apply[ing] its reasoning nationwide.” They point to the “undeniable and unenviable uncertainty” for financial markets caused by the circuit split between the Fifth Circuit and contrary precedent from the D.C. Circuit, and argue that the Supreme Court must “restore the CFPB’s accountability to the states.”

CFPB Prevails at Ninth Circuit in Dispute with Student Aid Company

By Eric Mogilnicki & B. Graves Lee, Covington & Burling LLP

On December 13, 2022, the U.S. Court of Appeals for the Ninth Circuit handed down a decision in CFPB v. Aria, et al., siding with the CFPB in a dispute with a student aid company and its CEO. The appeal resulted from a 2015 Bureau enforcement lawsuit against Global Financial Support, Inc. and Armond Aria. In that suit, the CFPB alleged that the defendants engaged in deceptive acts or practices in advertising a program to assist students applying for scholarships. The trial court in 2021 entered a judgment in favor of the Bureau, imposing approximately $15 million in civil money penalties and restitution.

On appeal, Aria contested the judgment by arguing that he was not a “covered person” under the Consumer Financial Protection Act because he was not “providing financial advisory services . . . to consumers on individual financial matters or relating to proprietary financial products or services . . . ,” citing 12 U.S.C. § 5481(15)(A)(viii). The Court rejected this view on the grounds that the scholarships discussed in his solicitations were financial in nature, the advice he provided covered general topics on financial aid, and he held himself out as an expert in finance. The Court also rejected arguments from Aria surrounding the deceptiveness of his solicitations and the calculation of restitution and penalties.

California Issues Cosigner Notice Translations

By Paul J. Lysobey & Arthur J. Rotatori, McGlinchey Stafford, PLLC

The California Department of Financial Protection and Innovation (DFPI) has released the Translated Notice to Cosigner on its website, in anticipation of a January 1, 2023, effective date for its cosigner notice amendment resulting from SB 633.

Lenders may use these translated notices from the DFPI website to satisfy the cosigner notice requirement. Therefore, any entity offering a consumer credit contract in California (including loans, retail installment contracts, consumer leases, and other extensions of credit) should review and implement the translated cosigner notice prior to January 1, 2023. Note that the DFPI did not provide any guidance to supplement the translations, so creditors will need to rely on the text of the bill to determine how to implement the translations. If the amended notice is not implemented prior to the effective date, any entity offering consumer credit contracts in California will potentially be subject to the risk that a cosigner can claim that they are not bound to pay on the contract if the borrower stops making payments.

Health & Life Sciences

FTC Issues New Health Products Compliance Guidance

By Lynette I. Hotchkiss, McGlinchey Stafford, PLLC

The Federal Trade Commission (FTC) has issued a new Health Products Compliance Guidance document to provide guidance to businesses on how to ensure that claims about the benefits and safety of health-related products are truthful, not misleading, and supported by science. The Guidance replaces the FTC’s Dietary Supplements: An Advertising Guide for Industry document that was issued in 1998. The Guidance notes that, since 1998, the FTC has settled or adjudicated more than 200 cases involving false or misleading advertising claims about the benefits or safety of dietary supplements or other health-related products, including foods, over-the-counter drugs, homeopathic products, health equipment, diagnostic tests, and health-related apps.

The new Guidance is provided to illustrate how the FTC identifies the express and implied claims conveyed in advertising and how the FTC evaluates the scientific support for those claims. The Guidance states that the principles and examples are intended to help advertisers comply with the basic tenets of FTC law, but the Guidance does not have the force or effect of law and does not provide a safe harbor from potential liability.

Tax Law

IRS Publishes Guidance on Inflation Reduction Act’s Strong Labor Protections

By Jane Michetti, JD Candidate 2023, Widener Commonwealth Law School

On November 30, 2022, the U.S. Department of the Treasury, Internal Revenue Service, published its long awaited initial guidance on the Inflation Reduction Act’s labor standards. The guidance clarifies the labor standards that businesses need to meet to qualify for the tax incentives for clean energy projects. There are two important requirements businesses need to meet to qualify: paying employees a “prevailing wage” and employing a certain number of apprentices from registered apprenticeship programs. The guidance specifies that to qualify for the tax credits, the projects must begin on or after January 30, 2023.

Other important facts to note about the guidance are as follows: (1) prevailing wage is something that will be posted on Department of Labor’s sam.gov web site and is specific to geographic areas and job specifications; (2) the number of the registered apprentices required is based on labor hour, ratio, and participation. In addition, the guidance has specific requirements for recordkeeping.

The guidance did not come without some criticism. The trade association Associated Builders and Contractors released a statement expressing concerns that the guidance is not sufficiently clear, which may prevent stakeholders from taking full advantage of the tax credits, which in turn may slow down the development of clean energy infrastructure.

The government will continue to clarify the guidance’s provisions in the months to come.

IRS Delays New $600 1099-K Threshold

By Timothy M. Todd, Ph.D., Associate Dean for Faculty Development & Scholarship, Professor of Law

Liberty University School of Law

On December 23, 2022, the IRS announced that it is delaying the implementation of the new $600 1099-K reporting threshold for third-party settlement organizations.

Section 6050W of the Code requires that payment settlement entities file an information return for certain payments; these information returns are known as Forms 1099-K, which include, among other things, the names, taxpayer identification numbers, and gross amount of reportable payment transactions. When this requirement was originally enacted in 2008, these forms were not required with respect to a payee unless the gross amount was more than $20,000 and the payee had more than 200 transactions.

The American Rescue Plan Act of 2021, however, amended § 6050W, changing the reporting threshold to $600 and removing the 200-transaction minimum. In Notice 2023-10, though, the IRS announced that calendar year 2022 will be regarded as a transition period for implementation of these amendments. Consequently, the IRS will apply the $20,000/200 rule for third-party settlement organizations for calendar year 2022. The new rule—$600 dollars regardless of the number of transactions—will begin for returns in calendar year 2023.

IRS Issues Guidance on New Corporate Alternative Minimum Tax

By Timothy M. Todd, Ph.D., Associate Dean for Faculty Development & Scholarship, Professor of Law

Liberty University School of Law

The Inflation Reduction Act of 2022 amended § 55 of the Code to impose a new corporate alternative minimum tax, which is based on the “adjusted financial statement income” (AFSI) of an applicable corporation for taxable years beginning after December 31, 2022. On December 27, 2022, the Treasury Department and the IRS issued Notice 2023-7, which provides interim guidance on the application of the new corporate alternative minimum tax.

Among other things, the interim guidance explains situations involving certain recognition and nonrecognition transactions, depreciation adjustments, a safe harbor for determining applicable corporation status, the treatment of certain federal income tax credits, and certain situations in which a corporation is a partner in a partnership. The Notice also solicited comments regarding the provided guidance; it also listed specific questions to which it seeks comments.

IRS Issues Guidance on New Stock Buyback Excise Tax

By Timothy M. Todd, Ph.D., Associate Dean for Faculty Development & Scholarship, Professor of Law

Liberty University School of Law

The Inflation Reduction Act of 2022 added § 4501 to the Code. Section 4501 imposes “on each covered corporation a tax equal to 1 percent of the fair market value of any stock of the corporation which is repurchased by such corporation during the taxable year.” Under § 4501(b), a covered corporation is a “domestic corporation the stock of which is traded on an established securities market.”

On December 27, 2022, the Treasury Department and IRS issued Notice 2023-2, which provides interim guidance on this new stock buyback excise tax. Among other things, the Notice provides guidance on calculating the excise tax and determining whether a transaction constitutes a repurchase. The Notice also explains that the excise tax will be reported on IRS Form 720, “Quarterly Federal Excise Tax Return.” Even though Forms 720 are generally filed quarterly, the Notice explains that it is contemplated that the repurchase excise tax will be reported only once per taxable year. The Notice also requests comments on the published guidance and additional questions set forth in the Notice.

Energy Law

Amid Mounting Challenges, New Infrastructure Act–Funded Program Provides $13 Billion for Power Grid Modernization

By Lev Breydo

The U.S. electric grid represents a “massive, complex, and rapidly transforming” system critical for the renewable energy transition—as well as everyday life. That system is also growing “increasingly unreliable”; a “sobering” May 2022 reliability assessment from the U.S. grid monitor warned of growing outages.

Recognizing these challenges, the bipartisan Infrastructure Investment and Jobs Act allocated significant capital to modernizing and expanding the electric grid—in large part to position it for a future of electrification and renewables adoption.

To that end, in November 2022 the Department of Energy (“DoE”) announced $13 billion of aggregate new financing opportunities for expansion and modernization of the electric grid—representing “the largest single direct federal investment in critical transmission and distribution infrastructure.”

The bulk of the funding, totaling about $10.5 billion, will be allocated through the DoE’s Grid Resilience Innovative Partnerships (GRIP) Program, with a smaller portion allocated through the Transmission Facilitation Program.

The GRIP Program investment is intended to enhance grid flexibility and improve system resilience “against growing threats of extreme weather and climate change.” It will center on three sets of initiatives:

• $2.5 billion for Grid Resilience Utility and Industry Grants, which will fund “comprehensive transmission and distribution technology solutions;”
• $3 billion for Smart Grid Grants to “increase the flexibility, efficiency, reliability, and resilience of the electric power system”; and
• $5 billion for the Grid Innovation Program, which provides financial assistance to states, Tribes, local governments and public utility commissions to collaborate with private and public sector third parties on projects “that use innovative approaches to transmission, storage, and distribution infrastructure to enhance grid resilience and reliability.”

Against Backdrop of Puerto Rico Electric Power Monopoly Bankruptcy, Department of Energy Pushes Grid Modernization, 100% Renewables Target by 2050

By Lev Breydo

In September 2022 Hurricane Fiona knocked out power to much of Puerto Rico, leaving residents in darkness. Sadly, the occurrence was hardly unprecedented. Indeed, the timing was particularly ominous, coming on the five-year anniversary of the devastating Hurricane Maria, which left 3,000 dead and decimated the electric system so severely that some were without power for nearly a year.

Shortly after Hurricane Fiona, President Biden created the Puerto Rico Grid Modernization and Recovery Team (PR Grid Modernization Team), a group intended to work collaboratively across the federal government to channel aid and assistance for Puerto Rico. In November 2022, the DoE announced the appointment of Agustín Carbó as the PR Grid Modernization Team’s first-ever director.

One of the PR Grid Modernization Team’s critical objectives will be facilitating the modernization of Puerto Rico’s electric grid, with the broader goal of a 100% renewable energy target by 2050. A recent study, PR100, details the objectives and strategies for accomplishing this goal.

For Puerto Rico, a transition to renewables would turn the page on decades of suffering from an infamously dysfunctional energy system. Indeed, while Puerto Rico’s travails have undoubtedly been exacerbated by extreme weather events, in many respects they represent manifestations of long-standing and deep-rooted legal, policy, and financial challenges.

At the center of Puerto Rico’s energy issues is undoubtedly the Puerto Rico Electric Power Authority (PREPA), the island’s monopoly power provider. In 2017, reeling under a $9 billion debt load, PREPA filed for a form of quasi-insolvency protection under a special Puerto Rico–specific legislation called PROMESA. While the Commonwealth of Puerto Rico itself exited its bankruptcy proceedings in March 2022, PREPA remains locked in legal disputes with its creditors and other stakeholders.

In December 2022, Puerto Rico’s financial oversight board filed an amended bankruptcy plan for PREPA, intended to cut its debt load by about 40%. As Professor David Skeel, Chairman of the Puerto Rico financial oversight board, explained in a video statement, the plan is intended to “end PREPA’s bankruptcy” and right-size its capital structure to make electricity more affordable for island residents.

In many respects, the resolution of PREPA’s challenges will help set the path forward for Puerto Rico’s electric modernization and broader post-bankruptcy revitalization.