Welcome to Wiley's update on recent developments and what's next in consumer protection at the Consumer Financial Protection Bureau (CFPB), Federal Trade Commission (FTC), and at the state level. CFPB activity continues to be scaled back in the new Administration, and we are closely watching leadership changes, as the Senate Banking Committee approved the nomination of Jonathan McKernan as the next CFPB Director on March 6, 2025. The FTC has been active under new Chairman Andrew Ferguson, while State Attorneys General (AG) and other state agencies have signaled stronger enforcement.
Wiley also has launched a Trump Administration Resource Center and Resource Guide to track Executive branch priorities during the second Administration of President Trump. With Wiley's deep-rooted understanding of Washington and today's evolving regulatory landscape, the Resource Center and Resource Guide provide critical insights, actionable intelligence, practical solutions, and guidance across key industries to help businesses stay ahead of the curve and manage challenges in 2025 and beyond.
Please reach out to any of our authors with any questions about recent Trump Administration actions and the potential impact on regulations or enforcement activity.
To subscribe to this newsletter, click here.
Federal and State Regulatory Announcements
Mark Meador Confirmed as FTC Commissioner. On April 10, the Senate confirmed Mark Meador as the third Republican Commissioner of the FTC. Alongside Chairman Andrew Ferguson and Commissioner Melissa Holyoak, the Commission is now comprised of a 3-0 Republican majority. Commissioner Meador most recently worked at a law firm and was a visiting fellow at the Heritage Foundation Tech Policy Center. In response to Meador's confirmation, Chairman Ferguson stated, "Mark is a brilliant antitrust lawyer who will be a great asset to the Trump-Vance FTC."
California AG Announces Consortium of Privacy Regulators. On April 16, California AG Rob Bonta announced an agreement between the Attorneys General of Colorado, Connecticut, Delaware, Indiana, New Jersey, and Oregon and the California Privacy Protection Agency "to promote collaboration and information sharing in the bipartisan effort to safeguard the privacy rights of consumers." The group, which is known as the Consortium of Privacy Regulators, discusses developments in privacy law and shared priorities, and coordinates enforcement based on the common interest of members.
FTC Releases Data Spotlight on Text Scams. On April 14, the FTC's Division of Consumer Response & Operations Staff released a data spotlight on the "Top text scams of 2024." According to the spotlight, in 2024 consumers reported $470 million in losses due to alleged text scams, more than five times the reported losses in 2020. The FTC reported that the most frequent text scams in 2024 included fake notices regarding package deliveries, job opportunities, fraud alerts, and unpaid tolls, as well as "wrong number" texts that are sent in order to initiate a fake friendship, romantic relationship, or investment opportunity.
CFPB Deprioritizes Enforcement of Non-Depository Institutions and Student Loan, Medical Debt, and Digital Payment App Practices. On April 16, the CFPB's Chief Legal Officer, Mark Paoletta, reportedly circulated a to staff detailing the Bureau's 2025 Supervision and Enforcement Priorities. Among other things, the Bureau will shift its focus to depository institutions and on "actual fraud against consumers," rather than circumstances where consumers "made 'wrong' choices," according to the memo. The CFPB's priorities will include, but are not limited to, mortgages, FCRA/Reg V data furnishing violations, and FDCPA/Reg F violations related to consumer contracts and debt. The memo also advises that the Bureau will deprioritize student loans, medical debt, consumer data, and digital payments, among other areas.
CFPB Deprioritizes Enforcement of Registration Requirements for Small Loan Providers. On April 11, the CFPB announced that it will not prioritize enforcement or supervision actions with respect to certain registration requirements under the Registry of Nonbank Covered Persons Subject to Certain Agency and Court Orders Final Rule (Rule). The Rule requires certain types of nonbank covered persons to report whether they are subject to certain government-issued final public orders to a CFPB registry. The CFPB announced that it will not prioritize enforcement of the requirements for small loan providers with the upcoming April 14, 2025 registration deadline for entities subject to 12 C.F.R. § 1092.206(a)(2), and the July 14, 2025 registration deadline for entities subject to 12 C.F.R. § 1092.206(a)(3).
California AG Warns of Job Recruitment Scams. On April 10, California AG Rob Bonta issued a consumer alert warning California residents to be aware of job recruitment scams, which, according to the California AG, "occur when bad actors trick job seekers into providing money or personal information by posing as employers, recruiters, or job placement agencies. These scams often promise high-paying jobs with urgent hiring, little qualifications, or the opportunity to work from home – and can sometimes be a front to recruit job seekers to assist with criminal activity." The consumer alert also included some warning signs for consumers, along with ways that consumers may protect themselves from such scams.
Select Federal Enforcement Actions
FTC Sues Ride-Sharing Company for Allegedly Deceptive Business Practices. On April 21, the FTC filed a complaint in the U.S. District Court for the Northern District of California against a ride-sharing company for alleged violations of the FTC Act and the Restore Online Shoppers' Confidence Act. The FTC alleges that the company misled consumers by charging customers during a subscription free-trial period and making it difficult for customers to cancel their subscription despite advertising that it could be canceled at any time. The FTC seeks injunctive and monetary relief.
Select State Enforcement Actions
Colorado AG Settles With Filing Service Companies for Alleged Unlawful Solicitation and Fee Collection. On April 15, Colorado AG Phil Weiser announced that his office had reached a settlement with two filing service companies for alleged violations of the Colorado Consumer Protection Act. Specifically, the AG alleged that the companies had solicited consumers without required disclosures and with a form that could be reasonably considered a bill, invoice, or compliance obligation. The companies agreed to cease any business in which they solicit a fee for filing a document and pay $95,631 in restitution to consumers.
Illinois AG Settles with Alternative Energy Supplier for Alleged Deceptive Marketing. On April 17, Illinois AG Kwame Raoul settled with an alternative energy supplier for alleged violations of the Illinois Consumer Fraud and Deceptive Business Act and the Telephone Solicitations Act. Specifically, the AG alleged that the energy company had, among other things, solicited consumers without required disclosures, misrepresented rates, and routinely failed to disclose the new higher rates associated with the new services consumers enrolled in. As part of the settlement, the defendant agreed to not market to Illinois consumers for one year and pay $12 million in restitution and penalties.
NY AG Sues Paycheck Advance Providers Over Alleged Abusive Lending Schemes. On April 14, New York Attorney General Letitia James filed complaints against two paycheck advance providers (here and here) for allegedly engaging in abusive and deceptive acts and practices and violating New York's usury law by, among other things, requiring consumers to pay fees (including fees for advanced access to paychecks and optional tips) that total annualized percentage rates ranging from 200% to 750%. According to the New York AG, the lenders allegedly "employ deceptive advertising to entice workers into taking out their exploitative loans." The complaints seek to end certain lending practices by both companies in New York, obtain restitution for tens of thousands of workers, and impose civil penalties and costs.
NYDFS Announces $40 Million Settlement with Financial Services Company for Allegedly Inadequate Anti-Money Laundering Program and Compliance Failures. On April 10, the New York Department of Financial Services (NYDFS) announced that the agency entered into a consent order with a financial services company after NYDFS allegedly "identified serious compliance deficiencies" with the financial services company's Bank Secrecy Act/Anti-Money Laundering program required under NYDFS regulations, "including inadequate customer due diligence, failure to implement sufficient risk-based controls designed to prevent money laundering and illicit activity, and failure to effectively and timely monitor transactions." The financial services company agreed to pay a $40 million penalty and to implement certain compliance measures pursuant to the consent order.
Upcoming Events and Comment Deadlines
California DFPI Seeks Comment on NPRM to Implement the DFAL. Comments are due May 19, 2025 on a California Department of Financial Protection and Innovation (DFPI) Notice of Proposed Rulemaking (NPRM) seeking comment on the implementation of California's Digital Financial Assets Law (DFAL). The DFAL, which was signed into law in October 2023, prohibits a person or entity from engaging in digital financial asset business activity, or holding themselves out as being capable of engaging in such an activity, unless the person or entity has submitted a license application to the California DFPI on or before July 1, 2026, and is awaiting approval or denial of that application or is exempt from licensure. The DFAL defines a digital financial business activity to include activities such as exchanging, storing, or transferring a digital financial asset, including a cryptocurrency asset. According to the California DFPI, the purpose of the NPRM is to implement the DFAL by establishing exemptions to licensure, explaining the process and requirements for obtaining a license, requiring applicants and licensees to notify the California DFPI in the event of any subsequent change in information in an application, and explaining how a licensee can surrender their DFAL authorization.
FTC Reschedules Virtual Workshop to Examine Impact of Big Tech Firm Practices on Kids and Families. The FTC will hold a virtual workshop on June 4, 2025 (originally scheduled for May 28, 2025) to "discuss how Big Tech companies impose addictive design features, erode parental authority, and fail to protect children from exposure to harmful content." The workshop, titled "The Attention Economy: How Big Tech Firms Exploit Children and Hurt Families," will feature parents, child safety experts, and government leaders. Experts will discuss potential approaches to protecting kids online, including age verification and parental consent requirements. The FTC is seeking input by April 30 from those who are interested in participating as panelists or who may have expertise about these topics.
More Analysis from Wiley
FTC Commissioner Holyoak Highlights Privacy Priorities in IAPP Keynote
New DOJ Task Force Seeks Input on State and Federal Laws that Impede Competition and Innovation
Virginia Enacts Amendments to Consumer Protection Act
Executive Order on Ticket Resale Market Calls for Greater FTC Enforcement
Key Takeaways from the California Privacy Agency's First CCPA Enforcement Action
What Comes Next at the FTC, After Removal of Two Commissioners
What to Expect from New FTC Leadership on Digital Health Care
FCC Grants Limited Waiver for Part of the TCPA Consent Revocation Rule
Trump Administration Revamps Guidance on Federal Use and Procurement of AI
Chinese AI Firm DeepSeek Triggers a Wide U.S. Policy Response
March Privacy Forecast: A Weekly Series
FTC Announces New Labor Market Task Force and Prioritizes Worker Protections
FTC Seeks Comment on Tech Content Moderation Policies
10 Key Privacy Developments and Trends to Watch in 2025
CES 2025: FTC Commissioners Discuss Approach to AI in New Administration
FTC Adopts Amended Children's Online Protection Act Rule
Federal Cybersecurity Policy in 2025: What to Watch in Changing Times
Trump Administration Issues New AI Executive Order
FTC Announces Rule on "Junk Fees" and Pricing Disclosures in Certain Industries
10 Noteworthy CFPB Developments From 2024
CFPB Proposes to Expand Reach of Fair Credit Reporting Act to "Data Brokers" and Beyond
FTC Adopts Final "Click-to-Cancel" Rule with Requirements for Recurring Subscriptions
Key Takeaways from Our Conversation with Oregon and Texas Regulators About Privacy Enforcement
Litigation Grows Around Website Technologies, With Focus on Sensitive Data
74 Wiley Attorneys Recognized in 2025 Edition of The Best Lawyers in America
Legal 500 US Recognizes Wiley's Telecom, Media & Technology Practice. Read more here.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.