[House Hearing, 118 Congress]
[From the U.S. Government Publishing Office]






                  

 


 
                       BUREAUCRATIC OVERREACH OR

                     CONSUMER PROTECTION? EXAMINING


                      THE CFPB'S LATEST ACTION TO


                    RESTRICT COMPETITION IN PAYMENTS

=======================================================================

                                HEARING

                               BEFORE THE

                    SUBCOMMITTEE ON DIGITAL ASSETS,
                         FINANCIAL TECHNOLOGY,
                             AND INCLUSION

                                 OF THE

                    COMMITTEE ON FINANCIAL SERVICES

                     U.S. HOUSE OF REPRESENTATIVES

                    ONE HUNDRED EIGHTEENTH CONGRESS

                             SECOND SESSION

                               __________

                             MARCH 13, 2024

                               __________

       Printed for the use of the Committee on Financial Services

                           Serial No. 118-81
                           
                           
                           
                           
     [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT] 
     
     
     
                           ______
     
                  U.S. GOVERNMENT PUBLISHING OFFICE 
 56-391 PDF                 WASHINGTON : 2024
     
     
                      
                           
                           
                           
                           

                 HOUSE COMMITTEE ON FINANCIAL SERVICES

               PATRICK McHENRY, North Carolina, Chairman

FRANK D. LUCAS, Oklahoma             MAXINE WATERS, California, Ranking 
PETE SESSIONS, Texas                     Member
BILL POSEY, Florida                  NYDIA M. VELAZQUEZ, New York
BLAINE LUETKEMEYER, Missouri         BRAD SHERMAN, California
BILL HUIZENGA, Michigan              GREGORY W. MEEKS, New York
ANN WAGNER, Missouri                 DAVID SCOTT, Georgia
ANDY BARR, Kentucky                  STEPHEN F. LYNCH, Massachusetts
ROGER WILLIAMS, Texas                AL GREEN, Texas
FRENCH HILL, Arkansas, Vice          EMANUEL CLEAVER, Missouri
    Chairman                         JIM A. HIMES, Connecticut
TOM EMMER, Minnesota                 BILL FOSTER, Illinois
BARRY LOUDERMILK, Georgia            JOYCE BEATTY, Ohio
ALEXANDER X. MOONEY, West Virginia   JUAN VARGAS, California
WARREN DAVIDSON, Ohio                JOSH GOTTHEIMER, New Jersey
JOHN ROSE, Tennessee                 VICENTE GONZALEZ, Texas
BRYAN STEIL, Wisconsin               SEAN CASTEN, Illinois
WILLIAM TIMMONS, South Carolina      AYANNA PRESSLEY, Massachusetts
RALPH NORMAN, South Carolina         STEVEN HORSFORD, Nevada
DAN MEUSER, Pennsylvania             RASHIDA TLAIB, Michigan
SCOTT FITZGERALD, Wisconsin          RITCHIE TORRES, New York
ANDREW GARBARINO, New York           SYLVIA GARCIA, Texas
YOUNG KIM, California                NIKEMA WILLIAMS, Georgia
BYRON DONALDS, Florida               WILEY NICKEL, North Carolina
MIKE FLOOD, Nebraska                 BRITTANY PETTERSEN, Colorado
MIKE LAWLER, New York
ZACH NUNN, Iowa
MONICA DE LA CRUZ, Texas
ERIN HOUCHIN, Indiana
ANDY OGLES, Tennessee

                     Matt Hoffmann, Staff Director
                    SUBCOMMITTEE ON DIGITAL ASSETS, 
                  FINANCIAL TECHNOLOGY, AND INCLUSION

                    FRENCH HILL, Arkansas, Chairman

FRANK D. LUCAS, Oklahoma             STEPHEN F. LYNCH, Massachusetts, 
TOM EMMER, Minnesota                     Ranking Member
WARREN DAVIDSON, Ohio, Vice          BILL FOSTER, Illinois
    Chairman                         JOSH GOTTHEIMER, New Jersey
JOHN ROSE, Tennessee                 RITCHIE TORRES, New York
BRYAN STEIL, Wisconsin               BRAD SHERMAN, California
WILLIAM TIMMONS, South Carolina      AL GREEN, Texas
BYRON DONALDS, Florida               SEAN CASTEN, Illinois
MIKE FLOOD, Nebraska                 WILEY NICKEL, North Carolina
ERIN HOUCHIN, Indiana
                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on:
    March 13, 2024...............................................     1
Appendix:
    March 13, 2024...............................................    37

                               WITNESSES
                       Wednesday, March 13, 2024

Holshouser, Carl, Executive Vice President and Corporate 
  Secretary, TechNet.............................................     4
Johnson, Brian, Managing Director, Patomak Global Partners LLC...     5
Kim, James, Partner and Head of the Fintech Industry Group, 
  Troutman Pepper Hamilton Sanders LLP...........................     7
Odinet, Christopher K., Josephine R. Witte Professor of Law, 
  University of Iowa.............................................    10
Solowey, Jack W., Policy Analyst, Center for Monetary and 
  Financial Alternatives, Cato Institute.........................     8

                                APPENDIX

Prepared statements:
    Holshouser, Carl.............................................    38
    Johnson, Brian...............................................    48
    Kim, James...................................................    64
    Odinet, Christopher K........................................    70
    Solowey, Jack W..............................................    85

              Additional Material Submitted for the Record

Hill, Hon. French:
    Letter to CFPB Director Rohit Chopra dated December 18, 2023.    97
    Letter to CFPB Director Rohit Chopra dated January 5, 2024...   101
    Letter to CFPB Director Rohit Chopra dated January 30, 2024..   103
    Letter to CFPB Director Rohit Chopra from the American 
      Bankers Association (ABA) and the Consumer Bankers 
      Association (CBA), dated January 8, 2024...................   109
Waters, Hon. Maxine:
    Written statement of America's Credit Unions.................   107
    Letter to CFPB Director Rohit Chopra from the American 
      Bankers Association (ABA) and the Consumer Bankers 
      Association (CBA), dated January 8, 2024...................   109
    Letter to CFPB Director Rohit Chopra from various consumer 
      groups, dated January 8, 2024..............................   112
Holshouser, Carl:
    Written responses to questions for the record from 
      Representative Hill........................................   134
    Written responses to questions for the record from 
      Representative Waters......................................   139
Johnson, Brian:
    Written responses to questions for the record from 
      Representative Hill........................................   140
    Written responses to questions for the record from 
      Representative Waters......................................   141
Kim, James:
    Written responses to questions for the record from 
      Representative Hill........................................   143
    Written responses to questions for the record from 
      Representative Waters......................................   143
Odinet, Christopher K.:
    Written responses to questions for the record from 
      Representative Waters......................................   144
Solowey, Jack W.:
    Written responses to questions for the record from 
      Representative Waters......................................   145


                       BUREAUCRATIC OVERREACH OR



                     CONSUMER PROTECTION? EXAMINING



                      THE CFPB'S LATEST ACTION TO



                    RESTRICT COMPETITION IN PAYMENTS

                              ----------                              


                       Wednesday, March 13, 2024

             U.S. House of Representatives,
                    Subcommittee on Digital Assets,
                              Financial Technology,
                                     and Inclusion,
                           Committee on Financial Services,
                                                   Washington, D.C.
    The subcommittee met, pursuant to notice, at 9:01 a.m., in 
room 2128, Rayburn House Office Building, Hon. French Hill 
[chairman of the subcommittee] presiding.
    Members present: Representatives Hill, Lucas, Davidson, 
Rose, Steil, Timmons, Donalds, Flood; Lynch, Foster, 
Gottheimer, Sherman, Green, Casten, and Nickel.
    Ex officio present: Representative Waters.
    Chairman Hill. The Subcommittee on Digital Assets, 
Financial Technology, and Inclusion will come to order.
    Without objection, the Chair is authorized to declare a 
recess of the subcommittee at any time.
    Today's hearing is entitled, ``Bureaucratic Overreach or 
Consumer Protection? Examining the CFPB's Latest Action to 
Restrict Competition in Payments.''
    I now recognize myself for 5 minutes for an opening 
statement. Today's hearing is critical because it is going to 
talk about, ``larger participants,'' in the general-use digital 
consumer payment applications market. This is the sixth Larger 
Participant Rule (LPR) that the CFPB has initiated.
    And putting aside the egregiously short comment period--
which frustrates members of this committee--and the deeply-
flawed cost-benefit analysis, both of which have become 
hallmarks of this Administration, I find the substance of the 
CFPB's proposal deeply concerning.
    The proposal asserts that companies that let you send money 
to friends, peer to peer (P2P), or companies that keep your 
credit card information on your phone, somehow are in the exact 
same market. Why? Well, just because the CFPB says so.
    This breadth of the, ``market,'' the CFPB is trying to 
define has perplexed many on this committee, from potentially 
covered entities to, as I say, Members on both sides of the 
aisle here.
    Many companies are utterly confused, wondering not only how 
the rule will be implemented, but whether they are even covered 
by it. I would argue that this confusion is by no means an 
accident. The CFPB is trying to cast as wide a net as possible 
and become a, ``technology regulator.''
    And in more ways than one, this proposal marks a sharp 
departure from the CFPB's previous Larger Participant Rules.
    Director Chopra has decided, on a whim, and in my view, 
without justification, that technology companies pose a threat 
to consumers, and this rule should be viewed as a thinly-veiled 
workaround to get CFPB's supervision teams into these tech 
companies.
    And that is because once an entity is designated as a, 
``larger participant,'' the CFPB can not only supervise the 
activities--which is what I think the intent of the Dodd-Frank 
Act was--that originally qualified, but they can actually 
supervise the entity's business itself.
    Their proposal intends to establish limits by only 
capturing those companies with 5 million transactions within a 
year--and we would love to hear from the panel on whether that 
is a good number or a bad number. But don't be fooled: This 
modest threshold is so low that the agency will effectively 
have carte blanche to knock down the door of companies, large 
and small, with their fleet of examiners.
    There is no doubt that this proposal will decrease 
incentives to innovate in the payments space and leave 
consumers with fewer firms from which to choose a payment 
method, and that decreases competition.
    This LPR doesn't benefit consumers or provide market 
clarity. In fact, the only people this proposal potentially 
will benefit, besides witnesses like you, are compliance 
lawyers.
    To further expand their authority, the CFPB has decided to 
capture digital assets under this proposal as well. The CFPB 
asserts the definition of, ``funds,'' includes digital assets. 
This is a novel position, and the CFPB justifies the 
interpretation only in a very small and unassuming footnote.
    Concerns around this proposal are not strictly partisan. 
Comment letters were submitted by both sides of the aisle to 
express concern about the proposal's scope and implications.
    The CFPB needs to go back to the drawing board, work to 
protect consumers, and not hinder innovation or expand the 
CFPB's insatiable reach for more power and scope.
    We thank our panel of witnesses for being here today, and 
we greatly appreciate your testimony and your willingness to 
work with us.
    And I now yield to the ranking member of the subcommittee, 
Mr. Lynch of Massachusetts, for 5 minutes for his opening 
comments.
    Mr. Lynch. Thank you, Mr. Chairman. Good morning. I would 
also like to thank all of our witnesses today for your 
willingness to help the committee with its work. It is the 
fundamental mission of the Consumer Financial Protection Bureau 
to safeguard American consumers against unfair, deceptive, and 
abusive financial practices and discrimination. The CFPB also 
ensures that our markets are for consumer products and services 
to operate fairly and efficiently in the interest of consumer 
access and responsible innovation.
    In furtherance of its critical mandate, the CFPB recently 
proposed a rule, as the chairman noted, that will allow the 
agency to exercise supervisory authority over larger non-bank 
technology companies that offer digital wallets and payment 
services. This includes peer-to-peer payment apps and 
electronic funds transfer apps. Importantly, this rule will 
place Apple, Google, Meta, and other Big Tech companies that 
have moved into the financial services space on par with 
financial institutions that are already there, and are already 
subject to CFPB supervision.
    However, unlike large banks and credit unions, these 
companies do not currently undergo CFPB supervisory exams, 
periodic monitoring, or compliance checks. They may not even be 
required to insure company funds or deposits. CFPB action in 
this area is timely, considering the escalation of shadow 
banking, that is, the migration of core banking activities to 
non-bank entities, which currently fall outside the scope of 
traditional bank regulation. The rule is also necessary, given 
the growing expansion of Big Tech companies into the financial 
services sector and their deployment of opaque artificial 
intelligence (AI) technologies.
    As reported by the CFPB, consumer usage of digital wallet 
tap-to-pay options in the U.S. has already reached $300 
billion, and it is estimated to grow by over 150 percent by 
2028. Moreover, an estimated two-thirds of all Americans, 
including a majority of low- to moderate-income users are now 
relying on peer-to-peer (P2P) digital payments such as PayPal 
and Venmo. Many of these providers have already launched 
cryptocurrency payment and transfer options.
    So, it is not surprising that consumer advocates strongly 
support the rule. According to the Consumer Federation of 
America, ``We would be concerned whenever the line between 
commerce and banking is permitted to blur.'' By closing this 
loophole, the CFPB is moving forward to hold Big Tech companies 
accountable to play by the same rules as everyone else. I agree 
with that statement.
    The CFPB is not becoming a tech regulator, as much as tech 
companies are becoming banks, or are becoming involved in the 
conduct of banking. By subjecting large tech companies to the 
same consumer privacy standards that apply to financial 
institutions under the Gramm-Leach-Bliley Act, the rule will 
also protect consumers against massive data breaches and the 
release of personal information.
    The CFPB estimates that the proposed rule would only apply 
to 17 entities. The agency has also made clear that its 
supervision of non-bank institutions is based on risk, size, 
and financial transaction volume as well as the extent of State 
oversight. That is why the rule includes a threshold of 5 
million payment transactions annually.
    I look forward to hearing from our panelists this morning 
and other stakeholders as this rulemaking process develops. 
Thank you, Mr. Chairman, and I yield back the balance of my 
time.
    Chairman Hill. The gentleman yields back. We want to thank 
our witnesses for being here today.
    We now welcome the testimony of Carl Holshouser, executive 
vice president and corporate secretary at TechNet; Brian 
Johnson, managing director of Patomak Global Partners; James 
Kim, partner and head of the Fintech Industry Group at Troutman 
Pepper Hamilton Sanders LLP; Jack Solowey, policy analyst at 
the Cato Institute; and Christopher Odinet, the Josephine R. 
Witte Professor of Law at the University of Iowa.
    You will each be recognized for 5 minutes to give an oral 
presentation of your testimony. And without objection, your 
written statements will be made a part of the record.
    Mr. Holshouser, you are now recognized for 5 minutes to 
give your oral remarks.

  STATEMENT OF CARL HOLSHOUSER, EXECUTIVE VICE PRESIDENT AND 
                  CORPORATE SECRETARY, TECHNET

    Mr. Holshouser. Thank you, Mr. Chairman. Chairman Hill, 
Ranking Member Lynch, and members of the Subcommittee on 
Digital Assets, Financial Technology, and Innovation, thank you 
for the opportunity to discuss the Consumer Financial 
Protection Bureau's proposed rule on Defining Larger 
Participants of a Market for General-Use Digital Consumer 
Payment Applications. I am Carl Holshouser, executive vice 
president of TechNet, the national bipartisan network of 
technology CEOs and senior executives that promotes the growth 
of the innovation economy at the Federal and 50-State level. 
Our diverse membership includes dynamic American businesses, 
ranging from startups to the most iconic companies on the 
planet. We represent over 4.2 million employees and countless 
customers in the fields of information technology, artificial 
intelligence, e-commerce, the sharing and gig economies, 
advanced energy, transportation, cyber, venture capital, and 
finance.
    As you know, technology plays an important role in removing 
barriers to financial access, and empowering Americans of all 
backgrounds to better manage their financial lives through 
safe, secure, inclusive, and reliable financial tools, 
including digital wallets and payment applications.
    TechNet and our members support efforts by policymakers to 
adapt and update outdated laws and regulations to meet the 
growing demand from consumers and businesses for these 
innovative fintech products.
    In our view, the current consumer payment ecosystem is 
highly diversified. Companies across the ecosystem play a wide 
array of unique roles, each serving different markets, and 
offering different functionalities.
    Regulations focused on fintechs must always ensure that 
consumers are protected, while continuing to allow for 
innovation in this dynamic ecosystem to flourish. 
Unfortunately, the CFPB's proposed rule fails to accomplish 
both of these goals.
    Under the Dodd-Frank Act and the Administrative Procedure 
Act (APA), the Bureau must conduct thorough due diligence 
before issuing a proposed rule. The CFPB falls well short of 
satisfying this requirement in this proposed rule. Frankly, the 
CFPB's lack of empirical analysis underlying its proposed rule 
is stark and troubling.
    Because the CFPB failed to follow rulemaking requirements 
required by Congress, the proposed rule creates an arbitrary 
market that is not based on data-driven analysis or the 
realities of the digital payment ecosystem; fails to identify 
specific consumer harms that would necessitate CFPB 
supervision; and fails to adequately address the costs to the 
diverse array of companies that could be subject to CFPB 
supervision. We strongly feel that these deficiencies render 
the proposed rule defective.
    Before moving forward, it is critical that the CFPB more 
precisely and narrowly define the consumer payments market in 
which it seeks to supervise, and to conduct the empirical 
analysis required in the rulemaking process.
    At a very basic level, the Bureau should complete a cost-
benefit analysis that adequately considers companies that may 
fall within the purview of the proposed rule; analyze the costs 
to the companies rather than using conservative estimates; and 
determine the costs that may be passed on to consumers.
    Until the CFPB conducts the analysis required of it by law, 
TechNet has urged the CFPB to pause the rulemaking process 
altogether, and reconsider the proposed rule in its entirety. 
Otherwise, this rule will introduce tremendous complexity and 
uncertainty into the digital payments markets to the detriment 
of consumers and businesses across our country.
    We appreciate the subcommittee's attention to this 
important rule, and I look forward to answering your questions.
    [The prepared statement of Mr. Holshouser can be found on 
page 38 of the appendix.]
    Chairman Hill. We thank you. Mr. Johnson, you are 
recognized for 5 minutes.

 STATEMENT OF BRIAN JOHNSON, MANAGING DIRECTOR, PATOMAK GLOBAL 
                          PARTNERS LLC

    Mr. Johnson. Chairman Hill, Ranking Member Lynch, and 
members of the subcommittee, thank you for holding this 
important hearing on the CFPB's proposed Larger Participant 
rulemaking. I am Brian Johnson, Managing Director of Patomak 
Global Partners. I previously served as Deputy Director of the 
CFPB. And prior to that, I served on the Financial Services 
Committee's professional staff. I will address my comments 
today, first, to the proposed rule, and second, to the broader 
context of recent CFPB actions.
    As Members are aware, Congress gave the CFPB authority to 
subject so-called larger participants of defined markets for 
consumer financial products and services to supervisory 
examinations. The proposed rule would, if finalized, define a 
market for general-use digital consumer payment applications. 
Larger participants of this market are defined as providers of 
at least 5 million annual consumer payment transactions, that 
are not small business concerns, that will become subject to 
CFPB exams.
    There are several reasons for Members on a bipartisan basis 
to encourage the CFPB to withdraw and repropose its rule so 
that it may engage in a more thoughtful and deliberative 
rulemaking process.
    First, Director Chopra's recent public remarks, which are 
the impetus for the proposed rule, express concerns about the 
potential for Big Tech companies to engage in various 
anticompetitive practices. However, the CFPB is not the proper 
agency to address such concerns. The CFPB's supervisory duty is 
to assess institutions for compliance with Federal consumer 
financial law, not antitrust law. The proposed rule lacks 
adequate justification because it is not grounded in consumer 
financial risks arising from the offering or use of covered 
products and services within the defined market.
    Second, the Dodd-Frank Act provides the CFPB with no 
intelligible principle to guide its definition of markets or 
selection of larger participants. Rather, it gives the CFPB 
carte blanche to expand its own supervisory reach. This 
violates nondelegation principles. Congress should define the 
boundaries of the CFPB authority, not the CFPB itself.
    Third, the proposed market definition is impermissibly 
broad because it aggregates terms in order to cover a number of 
disparate functions rather than describing a coherent market 
for reasonably interchangeable financial products and services.
    Fourth, the CFPB interprets the term, ``funds,'' to cover 
digital assets, the effect of which would be to expand its 
regulatory authority over a large number of new products and 
participants. This would up-end careful efforts by Members of 
Congress to craft a balanced legislative framework for digital 
asset regulation. This presents a major question of economic 
and political significance that must be left to Congress to 
decide.
    Fifth, the CFPB cost-benefit analysis uses a decade-old 
framework to calculate the expected cost to the larger 
participant examination. In my view, the Bureau's exam cost 
estimate of about $25,000 understates the true cost of an exam 
by at least an order of magnitude. The CFPB's failure to update 
its assumptions and obtain accurate information is a 
significant weakness in the proposal's 1022 analysis.
    Finally, without good cause shown, the CFPB departed from 
its standard practice in order to limit the amount of time 
available for the public to submit comments on the proposed 
rule, which is contrary to the spirit of the APA.
    Now, I will address the broader context of recent CFPB 
actions. Regarding the nonfinancial consequences of CFPB 
supervision, I note that CFPB examiners sometimes require 
institutions to waive attorney-client privilege, and turn over 
protected communications. The Supreme Court has long held that 
agencies cannot compel production of this information without 
an express authorization from Congress, which the CFPB does not 
have. This practice chills a company's consultation with legal 
counsel, which is detrimental to consumers.
    Also, the CFPB, unlike the OCC or the SEC, does not publish 
an annual list of exam priorities. As a result, institutions 
have comparatively less insight into the CFPB's prioritization 
of compliance risks, and therefore, less opportunity to 
proactively address them.
    Regarding rulemaking, the CFPB has recently proposed or 
finalized several rules on so-called junk fees as part of a 
coordinated campaign to scapegoat companies for rising prices 
caused by inflation. The CFPB's price controls depart from the 
traditional Federal approach to consumer finance regulation. 
The politicized allocation of credit and capital through 
unwarranted market intervention constitutes a severe danger to 
free markets and consumer autonomy. This is not consumer 
protection.
    I urge Congress to use all available means to prevent 
bureaucratic central planning and overreach. Thank you. And I 
welcome the opportunity to answer your questions.
    [The prepared statement of Mr. Johnson can be found on page 
48 of the appendix.]
    Chairman Hill. Thank you very much. Mr. Kim, you are 
recognized for 5 minutes.

    STATEMENT OF JAMES KIM, PARTNER AND HEAD OF THE FINTECH 
      INDUSTRY GROUP, TROUTMAN PEPPER HAMILTON SANDERS LLP

    Mr. Kim. Thank you, sir. Chairman Hill, Ranking Member 
Lynch, and members of the subcommittee, thank you for inviting 
me to testify today. My name is James Kim, and I am a partner 
at the law firm Troutman Pepper Hamilton Sanders. Today, I am 
presenting my own views and not those of the firm or any client 
of the firm. My testimony and the views I express today are 
informed by my tenure at the CFPB, and my subsequent practice 
focusing on payments and financial technology. My clients at 
Troutman Pepper range from banks and other established 
institutions, to medium-sized and early-stage companies seeking 
to introduce innovative products and expand choices for 
consumers in the marketplace.
    From 2012 through 2014, I had the privilege of serving at 
the CFPB, where I was the lead attorney in the Bureau's first 
enforcement action involving mobile devices and payments. I 
also worked with colleagues in the office of supervision and 
supported examinations, and I was a member of an 
interdepartmental working group focusing on emerging payment 
products. And since leaving the Bureau, my practice very much 
focuses on helping companies navigate examinations, 
investigations, and rulemaking involving the agency.
    So, why is the proposed rule for defining larger 
participants in the payment space important? Before I answer, 
it is worth highlighting that there is no question that 
consumer payments are currently regulated by a host of Federal 
and State laws and rules, that are enforced by a combination of 
the CFPB, Federal prudential regulators, the Federal Trade 
Commission, FinCEN, and many State agencies.
    The proposed rule does not change the substance of these 
myriad statutes and regulations. Instead, the proposed rule is 
important because it seeks to define the larger participants 
who will be subject to the CFPB supervisory authority.
    The Bureau's power to examine institutions is the agency's 
most powerful and least transparent tool. Companies supervised 
by the CFPB must devote personnel and significant resources to 
host examiners at their offices, respond to information 
requests and follow-up questions, and address findings.
    Examinations are nonpublic, and often last months, and 
sometimes longer than a year. The CFPB typically extends the 
scope of their exams to the company's parent, affiliated 
entities, and other business areas beyond the covered activity, 
in this case, general-use payment applications.
    Examinations lack a third party, such as a court or an 
administrative law judge to oversee the process and adjudicate 
disputes. Companies also forfeit their attorney-client 
privilege during exams.
    With these considerations in mind, Congress carefully 
defined the CFPB's supervisory authority by generally limiting 
supervision to larger banks and larger nonbanks which can bear 
the significant costs of complying with exams. And Congress 
also mandated requirements before the Bureau can expand the 
scope of its own authority through the Larger Participant 
rulemaking.
    I am going to just highlight two issues in my opening 
statement. The first is the rulemaking requirements in Dodd-
Frank and duplication with existing supervision by Federal 
prudential regulators and State agencies. Dodd-Frank lays out 
the requirements for issuing a Larger Participant rule. And 
before issuing such a rule, the Bureau must consult with the 
Federal Trade Commission. That requirement is critical because 
defining a market is the fundamental prerequisite to 
determining who is a larger participant within the market. The 
FTC analyzes market concentration and enforces Federal 
antitrust laws. And therefore, Dodd-Frank requires the CFPB to 
consult with the FTC.
    Now, the proposed rule states that the CFPB consulted or 
provided an opportunity for consultation and input with not 
only the FTC, but other Federal agencies. But it doesn't 
discuss any input from the FTC or any factors determining which 
products or services should be included within the same market. 
It is, therefore, unclear whether the Bureau met its statutory 
obligation to consult with the FTC, which plainly provides that 
the Bureau shall consult with its sister agency.
    Turning to duplicative supervision by State and other 
Federal agencies, the proposed rule would create duplicative 
and overlapping supervision for many companies in the space. 
The proposed rule mentions that States have supervisory 
programs that ignore the fact that many companies potentially 
subject to the rule already partner with financial institutions 
which are already supervised and subject to examinations by the 
CFPB or the bank's prudential regulators under the Bank Service 
Company Act.
    Chairman Hill. Mr. Kim, you have gone over your time. Your 
full statement will be in the record.
    Mr. Kim. Thank you, sir.
    [The prepared statement of Mr. Kim can be found on page 64 
of the appendix.]
    Chairman Hill. Mr. Solowey, you are recognized for 5 
minutes.

   STATEMENT OF JACK W. SOLOWEY, POLICY ANALYST, CENTER FOR 
      MONETARY AND FINANCIAL ALTERNATIVES, CATO INSTITUTE

    Mr. Solowey. Good morning, Chairman Hill, Ranking Member 
Lynch, and distinguished members of the House Subcommittee on 
Digital Assets, Financial Technology, and Inclusion. Thank you 
for the opportunity to take part in today's hearing. My name is 
Jack Solowey, and I am a policy analyst at the Cato Institute 
Center for Monetary and Financial Alternatives. The views I 
express today in my testimony are my own.
    The Consumer Financial Protection Bureau's proposal for 
supervising digital consumer payment apps lacks a risk-based 
justification. For that reason and others laid out in my 
testimony, it should be withdrawn.
    Since the launch of the first digital payment app, these 
tools have become highly successful at satisfying demand. The 
CFPB explains this well. More than nine in 10 U.S. consumers 
report having used a digital payment method. And a majority of 
lower-income Americans report using digital payment apps.
    In recent years, cryptocurrencies and decentralized finance 
(DeFi) have helped to further promote competition to keep the 
United States at the technological frontier. Diverse payment 
tools benefit U.S. entrepreneurs and consumers.
    Unfortunately, the CFPB's proposed Larger Participant rule 
takes the utility and popularity of digital payment tools as 
the reason to subject them to greater scrutiny. It would target 
market success, not market failure. The CFPB does not identify 
specific risks to consumers from digital payment apps. Rather, 
vague references to generic risks leave the proposed rule 
without a persuasive justification. They also create 
uncertainty, such as when the Bureau indicates that its 
supervision priorities will be tied to unpredictable factors. 
Unclear rationales and priorities provide little practical 
guidance.
    Given these shortcomings, the Bureau should withdraw the 
proposed rule. Even if the proposed rule were justified, it 
would still present multiple problems when attempting to assert 
jurisdiction over cryptocurrencies. The problem begins when the 
CFPB interprets the term, ``funds,'' to cover crypto.
    As the Bureau acknowledges, the word, ``funds,'' is not 
specifically defined in the Consumer Financial Protection Act. 
And it is not clear that the original public meaning of, 
``funds,'' under that Act included cryptocurrency. The Act was 
part of legislation designed to address the 2007-2008 global 
financial crisis, an event predating the first bitcoin 
transfer. That transfer took place in 2009, the year just prior 
to the Act's passage. Ethereum, another major cryptocurrency, 
would not launch until 2015.
    As the CFPB acknowledges, the case law the Bureau cites to 
support its interpretation does not address the Consumer 
Financial Protection Act, but rather other Federal laws. 
Asserting jurisdiction over crypto creates further issues.
    The Bureau's lack of clarity regarding key terms in the 
proposed rule risks mistakenly treating certain crypto tools 
like other fintech tools despite key differences. Specifically, 
treating what are known as self-hosted or noncustodial crypto 
wallets as if they were the same as digital payment apps would 
be inappropriate. Unlike payment apps where users rely on 
service providers, self-hosted crypto wallets are simply tools 
that let users protect the unique, cryptographic keys for 
accessing their own crypto holdings. Importantly, these 
holdings are not held or documented by self-hosted crypto 
wallet creators. Rather, they are recorded on public blockchain 
ledgers that operate independently.
    The proposed rule also faces procedural issues when it 
comes to these technologies. The Bureau does not analyze the 
specific costs, benefits, and impact of extending authority 
over cryptocurrencies, or self-hosted crypto wallets. Applying 
the proposed rule to them would raise serious concerns under 
the Administrative Procedure Act and the Consumer Financial 
Protection Act itself.
    While there are good reasons that the proposed rule should 
not be read to cover self-hosted crypto wallets, if the 
proposal were to proceed, the Bureau must expressly clarify 
that the proposed rule does not apply to these tools. Notably, 
the Bureau's attempt to assert authority over crypto conflicts 
with the work of Congress and this subcommittee in particular 
to define that jurisdiction.
    For the long-term health of both the fintech ecosystem and 
the constitutional order, Congress, not administrative agencies 
should define the limits of regulatory authority.
    Thank you for the opportunity to provide this information, 
and I welcome any questions that you may have.
    [The prepared statement of Mr. Solowey can be found on page 
85 of the appendix.]
    Chairman Hill. Thank you. Professor Odinet, you are 
recognized for 5 minutes for your oral remarks.

    STATEMENT OF CHRISTOPHER K. ODINET, JOSEPHINE R. WITTE 
              PROFESSOR OF LAW, UNIVERSITY OF IOWA

    Mr. Odinet. Thank you. Good morning, Chairman Hill, Ranking 
Member Lynch, and members of the subcommittee, and thank you 
for inviting me to testify today. My name is Chris Odinet, and 
I am a law professor at the University of Iowa where I teach 
and write in the areas of commercial law, consumer finance, 
digital assets, and financial regulation.
    I would like to make three points today regarding the non-
bank payments market, as well as the CFPB's Larger Participant 
rule.
    First, and as an initial matter, the CFPB supervision of 
non-bank payment platforms would help level the regulatory 
playing field between those platforms and banks. And the need 
for leveling that regulatory playing field has to do with the 
fact that both banks and nonbanks are playing similar roles in 
the payments ecosystem.
    To be sure, we know that banks have long held a central 
role in the payment system, and as such they are highly-
regulated institutions. And a critical aspect of their 
regulation is supervision. Non-bank payment platforms are 
acting as powerful intermediaries in helping consumers transfer 
funds, as well as transactions between consumers and merchants. 
But when they do, they add additional parties and additional 
legs in the payment process. And that has the effect of 
increasing the chances for losses related to fraud, data 
breaches, and the insolvency of these powerful intermediaries.
    Now, to be sure, in order to engage in the transmission of 
money, one must obtain a license from various State regulators. 
But the requirements relative to obtaining those licenses and 
the degree of oversight and supervision can vary significantly 
among the States.
    Against that backdrop, the CFPB's proposal to establish a 
more coherent supervisory framework overseeing both banks and 
nonbanks makes a lot of sense. It can prevent the evasion of 
consumer finance laws and ensure compliance across entities 
that are offering similar services, in this case, payment 
services.
    Second, another compelling reason favoring the CFPB's 
supervision over non-bank payment platforms has to do with 
their collection use and maintenance of important and sensitive 
consumer financial data. As Big Tech companies increasingly 
penetrate the payments market, a major incentive appears to be 
gaining access to vast troves of important and valuable 
information about how consumers spend money. This notion 
aligns, I think very well, with the tech industry's data-
driven, advertising-centered business models that really thrive 
on harvesting consumer data.
    But, by these firms also operating payment transmission 
lines, that allows them to amass personalized financial data, 
which they can then integrate with their existing stockpiles of 
data to create very granular, multi-dimensional consumer 
profiles. And those very multi-dimensional profiles can be 
exploited by these platforms as well as sold to third persons.
    And I think to that end, and perhaps more alarming, these 
in-depth consumer profiles can be used for discriminatory 
purposes, such as unlawful differential pricing and targeting 
marketing. And, of course, there is already a long history of 
discrimination against Black and Latino households and women in 
U.S. credit markets.
    To put it bluntly, I think a lack of the CFPB's supervisory 
authority over nonbanks in the payment system is and has been a 
glaring blind spot for that agency. And establishing and 
extending the supervisory authority of the Bureau in this area 
helps remediate that blind spot and establish more consumer 
trust in the payment's ecosystem.
    Third, and lastly, I think the inclusion of at least some 
forms and some types of crypto companies is much needed when it 
comes to CFPB supervision. These firms' business models are 
often very intertwined with consumer finance, but very little 
is known about their very intricate and largely opaque 
operations.
    In fact, it is largely through these firms' failures and 
unwinding in bankruptcy right now that we are finding out 
anything about how they actually operate. Take, for instance, 
the high-profile collapse of the crypto exchange giant, FTX, 
which has exposed, I think, how little was previously known 
about the true nature of these transactions and the handling of 
consumer assets.
    Lastly, I will note that extending CFPB supervision over at 
least some crypto firms is not just good for consumers, it is 
also good for other crypto firms. So while robust supervision 
can help detect and deter consumer fraud before it happens, it 
will also drive bad players from the market.
    In conclusion, we jumped generations in the payment system 
just over the few years of the pandemic. And the CFPB's 
rulemaking in that regard is sorely needed. I think it is well-
aligned with safeguarding American households as well 
maintaining a secure and competitive payments landscape. 
Indeed, given these platforms' immense growth, this rule is 
actually quite long overdue. Thank you.
    [The prepared statement of Professor Odinet can be found on 
page 70 of the appendix.]
    Chairman Hill. I thank our panel for your excellent 
testimony.
    We have the privilege of having the ranking member of the 
full Financial Services Committee, Maxine Waters, here, and I 
will yield to the ranking member for one minute.
    Ms. Waters. Thank you very much, Mr. Chairman. I have long 
raised concerns about Big Tech's expansion into financial 
services. And I am pleased that the CFPB is finally taking 
action to oversee these companies. Big Tech already dominates 
markets, and possesses massive amounts of consumer data. But it 
has not been subject to the CFPB supervision that banks and 
other financial institutions already follow.
    When I was Chair, this committee held Big Tech to account, 
including by convening a hearing with Facebook CEO Mark 
Zuckerberg over his plans to develop a cryptocurrency called 
Libra. Moreover, when Democrats led the passage of the Dodd-
Frank Act, we empowered the CFPB to supervise any large 
nonbank, including Big Tech, when they facilitate payments or 
offer financial products to consumers, to ensure that consumers 
are always protected no matter whom they are dealing with. I am 
pleased they are using these tools as intended. I look forward 
to today's discussion, and I yield back.
    Chairman Hill. The gentlewoman yields back. I now yield 
myself 5 minutes for questions. In my view, it is an 
understatement to say the CFPB has been controversial since it 
was created 13 years ago. It has been talked about, as the 
ranking member said, for that past 13 years in this committee 
about its legal authorities under Dodd-Frank, and its 
constitutional funding structure. Because the CFPB often 
asserts its authorities broadly, it is important for Congress 
to be a check.
    For the Larger Participant rulemakings like this one, 
defining a market is a prerequisite to determining what 
companies are, in fact, larger participants.
    It is really important for an LPR to set a narrow and 
clearly-defined market because it allows the CFPB to subject 
non-bank consumer finance companies to its full supervision, as 
I said in my opening statement. It is not just about the 
product regulation. It opens those companies designated for 
full supervision and examination, even if they are not 
statutorily enumerated.
    However, I have concerns about how the Bureau has chosen to 
set an overly-broad and unclearly-defined market in this rule 
over companies in the general-use digital consumer payment 
applications space.
    Legal precedent in the antitrust laws dictate products that 
are in the same market if they are reasonably interchangeable 
by consumers for the same purposes. This matters because the 
CFPB is supposed to consult with the FTC when defining the 
market. And it is unclear from the testimony today if, in fact, 
the CFPB met its obligation to do so.
    In contrast, this proposal attempts to sweep in practically 
the entire payments ecosystem by relying on the definition of, 
``general use,'' and thus, it is overly broad and ambiguous.
    Mr. Holshouser, does TechNet and its members view these 
three types of products as part of the same market, that is, 
peer to peer access to digital payments. Are they all part of 
the same market?
    Mr. Holshouser. No, no, general-use data consumer payment 
applications is not a market. That is an arbitrary conflation 
of a lot of different products and services.
    Chairman Hill. Does the CFPB's overly-broad approach and 
unclear definition of a market threaten innovation and 
competition in this space?
    Mr. Holshouser. Absolutely. We have to protect consumers 
and safeguard them. But onerous regulations like this will have 
a chilling effect on innovation, particularly for small 
businesses and startups, people in a garage who are just trying 
to make a dream work--it is really unclear whether or not--
particularly with the 5 million transactions being so low--who 
would be covered in this. It is definitely more than 17. But if 
we are going to impose this type of onerous compliance on a 
really small startup, we are impacting our job growth and our 
ability to compete.
    Chairman Hill. Very interesting. And Mr. Johnson, on that 
point, I think MasterCard might do 160 billion transactions a 
year. So in the payment space, the numbers are in the billions 
when it comes to consumer payment transactions, would be my 
judgment. But you were at the CFPB. Do you have any perspective 
on the 5 million number as being way too small? Or is it a 
Goldilocks number, or not a right number?
    Mr. Johnson. Mr. Chairman, I would say the onus is on the 
Bureau to prove why that is the correct figure.
    Chairman Hill. Did they do that?
    Mr. Johnson. I think they have failed to----
    Chairman Hill. What evidence have they provided that 5 
million is a great place to start on this topic?
    Mr. Johnson. Putting a finger in the wind and seeing which 
direction it blows. My written testimony says, I believe the 
justification provided by the Bureau in this instance is 
inadequate. And one measure to look at here, to your question 
about market definitions, and each of the five prior Larger 
Participant rules that the CFPB has proposed, it was very easy 
for the Bureau to actually define those markets. It took two to 
three pages in the definitions. Here, just as a metric, the 
CFPB has struggled for seven pages in the Federal Register to 
try and define this market. And I think that speaks volumes 
about the struggle the agency has undertaken.
    Chairman Hill. Thank you. That is very helpful. But let me 
ask you this, again, based on your experience, should the LPR 
process be statutorily reformed? Should we direct the CFPB 
exactly how to propose an LPR, or provide more definition 
instead of this fishing expedition in comparison to the 
consumer debt collection rule in 2012, the auto financing rule 
back in 2015? To your point that they were very specific, this 
seems overly broad.
    Mr. Johnson. At a minimum, Congress ought to provide an 
intelligible principle for the Bureau to follow in promulgating 
its rules. That could include a list of statutory factors the 
Bureau must consider for setting a market definition, and for 
setting the manner in which it establishes that larger----
    Chairman Hill. Thank you. My time has expired. If you have 
anything further on that, or anyone else, please submit it for 
the record.
    Without objection, I would like to propose that some 
letters be inserted in the record: December 18th from 
Republican Members to Director Chopra; January 30th to Director 
Chopra from Chairman McHenry, myself, and Mr. Flood; and a 
letter dated January 5th from Democratic Members--Mr. Himes, 
Mr. Gottheimer, et al, dated January 5th. Without objection, 
they will be included as a part of our record.
    And now, we turn to the ranking member of the subcommittee, 
the gentleman from Massachusetts, Mr. Lynch, for his questions.
    Mr. Lynch. Thank you, Mr. Chairman. Again, I thank the 
witnesses. Professor Odinet, I was here when we created the 
CFPB. I was here during that debate. And the goal here and the 
statutory direction for the CFPB was we were trying to provide 
a single point of accountability for enforcing Federal consumer 
financial laws in protecting consumers in the financial 
marketplace. Why would this proposed rule be outside of the 
regulatory framework that we set up for the CFPB? In my mind, 
this is exactly why we created the CFPB. We understood, even 
back then, not that long ago, that technology was changing. We 
understood that. So, we didn't put limitations on technology 
for the CFPB. We said, protect consumers in the financial 
marketplace, full stop.
    Now, technology companies are getting into the financial 
marketplace in a big, big way: $300 billion so far in peer-to-
peer apps and other platforms.
    Explain to me why the CFPB would not be--that would not be 
in the legitimate purview of their regulatory mission?
    Mr. Odinet. Thank you for the question. I think that 
regulating this space is absolutely within the CFPB's 
jurisdiction. And I view it not so much as the CFPB trying to 
regulate tech firms, but as the CFPB exercising its authority, 
as directed by Congress, to regulate, in this case, to 
supervise nondepository institutions, nonbanks. It just so 
happens that these nonbanks often bill themselves as tech 
firms--or the term that has become so popular, financial 
technology companies or fintech companies.
    And this point about digital payment firms having to abide 
by the same laws, the Electronic Funds Transfer Act, the Gramm-
Leach-Bliley Act, but not in the same way that banks do with 
respect to supervision, I think really accentuates a divide 
between banks and nonbanks, or shadow banks and banks, which 
remains an issue, even after the 2008 crisis.
    I think we saw this most significantly in the run-up to 
that crisis where banks, chartered institutions were subject to 
one set of rules, and nonbanks, which were largely the engine 
of subprime lending, were not. And I think it is worth saying 
what I mean by not subject to the same set of rules. That is 
really along two dimensions.
    First, they don't have the same sort of safety and 
soundness requirements as banks. The result is that their 
business models can come in a form that requires very few 
reserves, also very thin margins, which makes them vulnerable 
to shocks, which, in turn, can trickle down to consumer harm.
    And then, supervision being the other side of that, these 
firms generally--while they have to abide by the same rules, 
they are not subject to the same monitoring----
    Mr. Lynch. I have to jump in here. No, I appreciate that. I 
have heard from other witnesses that there is no risk-based 
foundation for the CFPB to act. But of the 24,000 
cryptocurrencies that have been launched, over half, 14,000, 
have died. So, people have lost their investment completely. 
Those cryptocurrencies have gone dead. Gone to zero. Never mind 
that FTX, Mixin, ERON, TERA, PayCoin, and BitConnect have all 
gone to zero. There is a huge amount of risk and volatility in 
that, and yet, there are some who say there is no risk-based 
reason for the CFPB to venture into this.
    And let me just ask you this last question. If I set up a 
banking system that has all of the bells and whistles, all of 
the banking regulations for one group, and then I create 
another one that has no regulations, completely unregulated, 
where is the money going to migrate, in your estimation? Where 
will the money migrate and the financial activity migrate to? 
The heavily-regulated one that protects consumers or the 
fintech area with no regulation?
    Mr. Odinet. I think, quite simply, it will migrate over to 
the non-bank area because there are lower regulatory burdens in 
that space. But the tradeoff there is that there can be more 
consumer harm in that space because there is less watching of 
the players in that market.
    Mr. Lynch. Thank you. I yield back.
    Chairman Hill. The gentleman yields back. Mr. Lucas of 
Oklahoma is recognized for 5 minutes.
    Mr. Lucas. Thank you, Mr. Chairman. The U.S. banking sector 
is among the most highly-regulated sectors in the country. And 
in 2010, the passage of Dodd-Frank unleashed more than 2,000 
pages of sweeping reforms and new regulations across the 
industry. Dodd-Frank also established the CFPB, giving the new 
regulator broad authorities over banks and nonbanks. Part of 
this authority was supervision over the larger participants in 
consumer financial markets.
    CFPB's proposed Larger Participant rule from this past 
November is the sixth rule in this category, this time aimed at 
digital consumer payments applications. This rule would allow 
the CFPB to supervise certain nonbanks that provide money 
transfer services to consumers.
    Mr. Holshouser, let's talk about some fundamentals for a 
moment. You discussed in your testimony how the CFPB does not 
follow the Administrative Procedure Act. Can you expand on 
that? That is one of the fundamental issues, playing by the 
rules.
    Mr. Holshouser. There is a statutory rulemaking process 
that has to be followed, including plenty of time for 
respondents. I think that 60 responses were heard in this case, 
in what really was 41 days, if you include all the holidays, 
that was supposed to be 60 days. They also have to provide a 
justification of consumer harm and a reason for why they need 
to do this. And they need to explain who is going to be 
regulated and how it is going to happen for a response.
    Just to quickly answer so you can have it back, that is, in 
and of itself, not sufficient.
    Mr. Lucas. Mr. Kim, this isn't new for CFPB. Could you 
highlight the importance of a robust Administrative Procedure 
Act process? Why does it matter?
    Mr. Kim. It matters because the agency does have a lot of 
power. And in order to exercise its power, it should follow its 
statutory mandate in Dodd-Frank and other acts, but primarily 
in Dodd-Frank. And I think in order to have the right balance 
of executing its mission to protect consumers, exercising its 
broad regulatory powers, it has to follow the mandate from 
Congress.
    Mr. Lucas. There has been a significant number of questions 
regarding the details of the rule. For example, CFPB does not 
clearly define the term, ``funds.'' And there are concerns that 
this could rope in entities that transfer assets such as 
securities or even commodities that are outside the purpose of 
this rulemaking.
    Mr. Kim, could you please explain how elements in the 
proposal such as this are overly broad?
    Mr. Kim. Dodd-Frank has a specific requirement, or really, 
I think, ``boundaries,'' is a better word, saying very clearly 
that the CFPB's jurisdiction ends where the SEC's and the CFTCs 
begins. And I think it is pretty clear that those two sister 
agencies have been very active in the digital assets and crypto 
space. And so, the Bureau should, I think, respect and 
recognize the jurisdiction and the effort and the investment by 
those agencies and Congress in the digital asset space.
    Mr. Lucas. Mr. Johnson, could you offer your perspective on 
the far-reaching nature of the proposal? This has long-term 
impacts.
    Mr. Johnson. Yes, Congressman. It does have long-term 
impacts. And I think the impacts will manifest over time due to 
the confidential nature of the supervisory process. An 
overbroad market definition and an imprecise establishment of 
the asset threshold for determining larger participants means 
that an unknown number of institutions will be subject to 
supervision. As a confidential process, the public won't 
understand what the Bureau does behind the scenes afterwards. 
And I think that is the primary risk.
    Mr. Lucas. Focusing in on the requirements under the 
proposal, does the CFPB outline any specific examination 
procedures for larger participants offering covered payment 
services? And I will direct that again to you, Mr. Johnson. 
Please give us a sense of what details the CFPB lays out, in my 
remaining time.
    Mr. Johnson. The only reference I am aware of is the 
general statutory requirement that the supervisory process 
itself be risk-based. Notably, the rule is not risk-based. The 
Bureau's determination of the market and the institution 
subject to the proposed rule is not risk-based.
    Mr. Lucas. With that, Mr. Chairman, my time is about to 
expire, so I yield back.
    Chairman Hill. The gentleman yields back. The ranking 
member of the Full Committee, Ms. Waters, is recognized for 5 
minutes.
    Ms. Waters. Thank you very much. To Professor Odinet, the 
misleading title of this hearing suggests that the CFPB's 
Larger Participant rule would restrict competition in payments. 
But, if anything, this rule should increase competition by 
ensuring that the largest companies are not able to leverage 
their size and data to unfairly crowd out smaller companies. 
This is a concern, because some of these Big Tech companies do 
not have the best record when it comes to consumer protection.
    Meta, for example, has engaged in illegal data practices 
and has been a repeat offender of regulatory order, 
highlighting the importance of supervisory authority in this 
space. Can you talk about how this rule would help smaller 
companies by keeping the biggest companies in check?
    Mr. Odinet. Thank you for the question. I agree with you 
that market dominance is a real concern in the non-bank payment 
space. The dominance and the concentration of the consumer 
payments market by a handful of companies poses, I think, some 
significant dangers. We know that when a small number of 
companies control the majority of the market, that does limit 
competition, and leads to higher prices, and, of course, to 
reduced innovation. Also, lower-income households facing 
financial constraints may be disproportionately affected by 
having fewer alternatives and, of course, are more vulnerable 
to those price increases.
    And market dominance can stifle diversity in the consumer 
payment space by limiting access to services that are more 
tailored to the needs of specific demographic groups.
    I see this rule as being in service to addressing that 
market concentration. To give you an example, the CFPB, with 
supervision authority in this space, could monitor instances of 
unfair and deceptive acts and practices by non-bank payment 
firms that make it more difficult for consumers to untangle 
themselves from their payment account relationships, and thus 
move on to other providers that might be more optimal for their 
uses.
    Ms. Waters Thank you, Professor. Can you also speak to the 
broader concerns about the potential for monopolistic use of 
data and misuse of market power by Big Tech companies? How 
concentrated is the market for payments currently, and what 
risks do you foresee in the absence of enhanced supervision by 
the CFPB under its new proposed rule?
    Mr. Odinet. Some of the empirical data right now indicates 
that a vast majority of U.S. households use just a few of the 
major payment platforms--I think I saw that 56 percent of U.S. 
adults use Venmo and PayPal. So, that is a great deal of 
concentration. And I think that level of concentration and the 
way in which it generates very sensitive consumer financial 
data raises really significant concerns, particularly relative 
to privacy. I think this rule is animated by that concern.
    We know that major tech companies build their business 
models around the large collection and analysis of user data, 
like browsing history, social interactions, and search 
inquiries. Having this payment information helps build even 
larger stockpiles of data about consumers, which, held by just 
a few companies, can be very powerful. And as I mentioned in my 
earlier remarks, unlawful price differentials, as well as 
targeted marketing.
    Ms. Waters. Thank you so much. Mr. Chairman and Members, I 
served on one of the conference committees of Dodd-Frank. And I 
was so happy that consumers finally had an agency dedicated to 
taking care of their concerns.
    Mr. Hill has said that it has been controversial. 
Controversial because the opposite side of the aisle did not 
like the idea that the consumers were now going to have 
influence and power. So, I am very thankful for this hearing, 
although its title is misleading. But this helps bring out what 
the CFPB is responsible for, what they should be doing, and it 
does not continue to have to take certain kinds of criticism 
from the opposite side of the aisle who never liked the 
Consumer Financial Protection Bureau. Thank you, and I yield 
back.
    Chairman Hill. The gentlewoman yields back.
    Mr. Rose of Tennessee is recognized for 5 minutes.
    Mr. Rose. Thank you, Chairman Hill.
    And thank you to our witnesses for being here with us 
today.
    Recently, I was made aware that on February 23, 2024--my 
birthday, incidentally--the Consumer Financial Protection 
Bureau disclosed that a company had made the decision to 
challenge an order that sought to establish supervisory 
authority based on, ``risk determination.''
    Director Chopra has described the agency's authority as the 
ability to decide that a company is risky and subject to 
supervision through its statutory authority.
    Mr. Johnson, are there any meaningful considerations the 
CFPB is required to make before determining a company is risky, 
or has the CFPB set this up as an arbitrary process where they 
have nearly unlimited discretion?
    Mr. Johnson. The standard of evidence that the Bureau has 
established through its procedural rule is quite low. And the 
real problem here is that the Bureau changed its procedure 
rules to make non-public confidential processes associated with 
the supervision of institutions public in one instance and one 
instance only, and that is where the company challenges the 
proposed determination.
    So, this creates leverage for the agency to say, we want to 
supervise you, and if you fight us on this then we are going to 
publicly name you as having challenged that proposed 
designation and subject you to, among other things, class 
actions and reputational harm.
    Mr. Rose. Thank you. One of the factors that the Consumer 
Financial Protection Bureau's proposal uses to determine if a 
nonbank-covered person would be included in the general-use 
digital consumer payment application space is whether they 
provide at least 5 million covered transactions annually. 
Several market participants have indicated that this threshold 
is alarmingly low.
    Mr. Holshouser, would you describe the potential market 
impact if the CFPB categorizes entities with such a small 
market share as larger participants?
    Mr. Holshouser. The minimum of 5 million transactions is 
alarmingly low. If you think about just some of the small to 
medium-sized businesses having tens if not hundreds of 
thousands a day, that threshold is so low that it is obvious it 
is an attempt to increase the purview of oversight of the CFPB, 
which will, as I mentioned earlier, have an outsized effect on 
startups and small and medium-sized companies which are trying 
to innovate and grow, and will disproportionately affect them.
    Mr. Rose. Thank you. I appreciate the insight.
    Mr. Kim, how has the CFPB historically determined 
thresholds for identifying entities to be considered larger 
participants under the Larger Participant rulemaking?
    Mr. Kim. In the past, they have conducted data-based 
research that is specific to a very well-defined market. So, 
there hasn't been the uncertainty that there is today with this 
rule.
    For example, with credit reporting, that is a very well-
defined market. I don't think there was a lot of debate or 
discussion or uncertainty about what is large in that market, 
and it's the same for a lot of the other LPRs. I think today's 
hearing highlights the uncertainty with this particular LPR.
    Mr. Rose. In your view, Mr. Kim, did the CFPB conduct 
significant analysis to arrive at the threshold in the 
proposal?
    Mr. Kim. I don't see it in the proposed rule. I can't tell 
you what their basis was for 5 million. I can say that, very 
anecdotally, there are, as Mr. Holshouser said, smaller to mid-
sized payment companies that would easily meet that threshold 
within a matter of months.
    Mr. Rose. Shifting gears a bit. Mr. Johnson, in addition to 
the Larger Participant rulemaking, the CFPB is attempting to 
create a nonbank registry. I signed a letter that my colleague, 
Mr. Ogles, led in May of last year highlighting our concerns 
with these actions by the CFPB.
    The CFPB has justified the need for a costly registration 
system where non-bank companies, ``self-report public orders 
like enforcement actions or consent orders so that consumers 
can be on the lookout for repeat offenders.''
    Mr. Johnson, isn't this information already public?
    Mr. Johnson. It is. And other aspects of that proposed 
rulemaking are equally troubling.
    Mr. Rose. I see my time has expired, so I yield back, Mr. 
Chairman.
    Chairman Hill. The gentleman yields back.
    Mr. Sherman of California, you are recognized for 5 
minutes.
    Mr. Sherman. I, too, would like to criticize the CFPB. It 
has taken them over a decade to come up with a rule defining 
who would be subject to some future rule. While consumers need 
the protection now, we may get it in several more years. This 
initial pre-rule is long past due.
    I have been in this town for a long time, and I have snuck 
in at least once to Lobbying 101 secret classes. The rule is 
very simple or the teaching is simple. If the facts are on your 
side, argue the facts. If you are on the side of good public 
policy, argue the public policy. And if the facts are against 
you, and the public policy is against you, argue the procedure. 
And that is mostly what we have here, people telling us that 
the procedure is somehow off.
    Now, the most extreme of those arguments is to have the 
cryptocurrency industry come in and say how awful and 
outrageous it is that somebody would treat crypto as a 
currency. If you aspire to be a currency, you should aspire to 
be regulated like a currency.
    And like our ranking member, and the chairman, and the 
ranking member of the subcommittee, I was here for Dodd-Frank. 
And I can assure you that when we said, ``funds,'' we certainly 
included anything that qualified as a currency.
    Banks have long not really enjoyed the Community 
Reinvestment Act. And so, the high-tech companies have decided, 
well, if we can be a bank but call ourselves a fintech, then we 
don't have to live with the Community Reinvestment Act or a 
host of others.
    Mr. Odinet, PayPal is holding onto, I think it is about $18 
billion of customer money. I assume that they invest it as they 
will, maybe safe investments, maybe speculation. If they go 
bankrupt, does the FDIC reimburse the customers?
    Mr. Odinet. Thank you for the question. And the simple 
answer is, no. Those customers are holding their funds with a 
relationship only to that non-bank intermediary. The FDIC 
insurance--
    Mr. Sherman. So it is like loaning money to your brother-
in-law, if your brother-in-law is Sam Bankman-Fried?
    Mr. Odinet. Yes.
    Mr. Sherman. I will ask Mr. Holshouser, representing 
TechNet, if one of your members goes bankrupt, will the other 
members chip in and make the customers whole, or will those 
customers/voters be here demanding that Congress bail them out?
    Mr. Holshouser. It depends on what side of the fintech 
industry you are speaking of; there is zero liability for 
credit and debit and other products, but there is some 
exposure----
    Mr. Sherman. Right now, they are holding onto $18 billion. 
They are investing it in either something safe or maybe pork 
bellies. I don't know where they put their money. And wherever 
they put it today, they could have put it somewhere else more 
risky tomorrow. And your members aren't going to bail them out. 
They are going to be here demanding a bailout from Congress.
    I will point out that the deal with Venmo is that you pay 
1.75 percent to get your money 3 days earlier. I don't think 
APR is really the way you should evaluate this, but for those 
of you who are fans of annual percentage rate, that is charging 
the consumer a 213-percent annual percentage rate. Yes, it is 
only 1.75 percent, but that is just for 3 days instead of for 
365 days.
    So, we have a situation--Mr. Odinet, I can't think of any 
other situation where ordinary Americans put their money in a 
financial institution that is totally unregulated, and is 
allowed to invest their money into pork bellies or Mongoose 
Coin or whatever they want and they have no insurance.
    Can you think of any other place where millions of 
Americans have their money at that kind of risk, where they 
deposit their money and they think it is there?
    Mr. Odinet. No, nothing comes to mind. But, to your point, 
I think a real danger of the way consumers interact with non-
bank payment platforms--and I will say this is also 
particularly true for crypto firms--is they do so under the 
misperception that when they do, they enjoy the same sort of 
regulatory protections they have when they deal with a broker-
dealer and they invest in securities or deposit accounts when 
they deal with banks, which is manifestly not the case.
    Mr. Sherman. Thank you.
    Chairman Hill. The gentleman's time has expired.
    The gentleman from Ohio, Mr. Davidson, who is also the Vice 
Chair of the subcommittee, is recognized for 5 minutes.
    Mr. Davidson. I thank the chairman.
    I think it is great that we are having this hearing, and it 
is important that we address just the growth of government. It 
seems like the government expands every year. We do have one 
party that campaigns on a smaller government. We are not doing 
so well. Every year, every Congress, we get more government.
    One of the guaranteed-to-grow forms of government is the 
Consumer Financial Protection Bureau. And the mission and cause 
are important. I think we have multiple ways to try to address 
that. But one of the things that is important is to ensure that 
we get the right kind of government wherever we have it is that 
participation.
    So, Mr. Kim, in the most recent proposal for more 
government by the CFPB, they state that they don't have to 
demonstrate that any customer harm has even occurred.
    Could you explain what the bare minimum is that CFPB has to 
show to bring an entity under its supervision?
    Mr. Kim. The statute--and talking about Dodd-Frank--
requires a cost-benefit and risk analysis. So in identifying, 
number one, a market that is ripe for supervision, it should 
identify risk to the consumers in that market. That is what I 
see as lacking in the rule.
    Mr. Davidson. Thank you. I guess cost-benefit analysis 
might not overtly address harm, but it seems like there is 
always a case, we just need more government. And one of the 
footnotes CFPB tucked into their proposal, many believe would 
give the Bureau supervisory authority in the divisions within a 
company that are outside the scope of the proposal. What is the 
practical impact, Mr. Johnson, of including that wide sweeping 
statement in their proposal?
    Mr. Johnson. Congressman, I think you are referring to the 
statement where the Bureau says that if an institution 
qualifies as a larger participant within a defined market, CFPB 
not only achieves supervisory authority, can examine for that 
product line that drew it in as a larger participant, but can 
thereafter and forevermore examine the institution for any 
other product line that may be a covered product or service.
    And I think that expansive view of the Bureau's authority 
is contrary to the specific process that Congress established 
for identifying a larger participant within a specific market.
    Mr. Davidson. Yes. Thank you for that clarification. It is 
the hook that allows kind of more spread. A lot of times, 
government is sort of like an invasive plant. Once it gets in a 
field, it just keeps growing. And the only way to get it out is 
to dig it up by root and branch. And if it is actually doing 
something useful, you at least have to prune it to make sure it 
doesn't overtake everything else.
    And I think companies that find themselves under regulatory 
scrutiny are frustrated because there seems to be no 
satisfaction of the amount of regulation. There is always more. 
That is particularly true in the digital asset space.
    We have seen digital asset companies come to the CFPB 
saying--or come to the SEC in particular, saying, please 
regulate us. We want clarity. We are happy to cooperate with 
you. What do you need to know? And they share endless 
information and they never get an answer. It is like, ``Hotel 
California,'' in a way. You can never check out. You can never 
leave.
    So, Mr. Solowey, could you highlight the particular 
challenge digital asset companies confront when you have CFPB 
trying to put hooks into them in a regulatory environment where 
in no other part of the economy are they getting real clarity?
    Mr. Solowey. I agree, Congressman. I think the lack of 
regulatory clarity in the digital asset space presents a real 
problem for market participants there.
    It is my view that the proposed rule only muddies the 
waters here. Not only does the lack of risk-based justification 
make the rule unjustified, but it also leaves market 
participants in the dark regarding how they are supposed to 
prioritize compliance and whether they are even supposed to be 
covered by the proposed rule.
    Mr. Davidson. Yes. Thank you. I hope that we do what our 
committee has set out to do, which is to provide that 
regulatory clarity. We passed the Financial Innovation and 
Technology Act for the 21st Century (FIT21). We passed a ban on 
a central bank digital currency. We passed stablecoin 
legislation. And we, importantly, protected the right of self-
custody.
    Are there any concerns that the CFPB's approach threatens 
self-custody, because, frankly, one of the most important 
protections we found as companies maybe haven't flourished, 
they have had problems, some have failed, users have been 
harmed, notably by FTX.
    Isn't self-custody a way to protect yourself?
    Mr. Solowey. Self-custody would address the risks that FTX 
presented. And the proposed rule's lack of clarity regarding 
whether these technologies are covered only makes it harder for 
developers and users to deploy that technology, given the 
regulatory uncertainty.
    Mr. Davidson. Thank you. My time has expired, and I yield 
back.
    Chairman Hill. The gentleman's time has, in fact, expired.
    And we turn to the gentleman from Texas, Mr. Green, for 5 
minutes.
    Mr. Green. Thank you, Mr. Chairman. I thank the ranking 
member and the witnesses as well.
    Professor Odinet, the Consumer Federation of America 
recently submitted a statement on payments fraud for a Senate 
Banking Committee hearing, outlining how the scale of payment 
fraud is sizable and increasing, including payment apps.
    The statement indicated that consumers had reported $100 
million in unauthorized transactions on Cash App and $57 
million on Venmo in 2022 alone.
    How would the CFPB's proposed rule help to alleviate the 
amount of payment fraud in the market?
    Mr. Odinet. With respect to fraud specifically, when the 
CFPB has supervision over a firm, it conducts regular 
examinations to ensure compliance with, of course, stringent 
guidelines and in this case related to Electronic Fund Transfer 
Act obligations for account fraud. And usually the aim is to 
make sure that the company is fortifying itself with consumer 
protection measures as well as trying to thwart consumer fraud 
before it occurs.
    The Bureau can closely monitor compliance with these Acts 
to ensure that payment companies have, for instance, robust 
dispute resolution mechanisms as well as disclosures. And then, 
of course, the Bureau can also assess a company's risk 
assessment strategies, and the Bureau can in that way delve 
into sort of the intricacies of the payment company's 
operations, and kind of pinpoint vulnerabilities and fraud hot 
spots.
    Supervision will not solve all fraud problems, but it can 
go a long way toward making sure companies are doing their part 
to flag fraud before it happens.
    Mr. Green. Is it fair to say that consumers are better 
protected with the benefit of the Consumer Financial Protection 
Bureau as opposed to without the benefits?
    Mr. Odinet. Yes. I think that is absolutely true.
    Mr. Green. And would the other members of the panel be so 
kind as to indicate whether you think that we ought to be 
concerned with fraud protection? If you think that fraud 
protection is something that we should concern ourselves with, 
would you kindly raise your hand?
    Let the record reflect that all have raised their hand.
    Let me move quickly to another aspect of this about which I 
am concerned. There have been some suggestions that the 
threshold should be raised to 10 million as opposed to the 5 
million where it is currently proposed to be elevated to.
    What would be the consequences of raising the threshold? 
Professor, I am calling on you again.
    Mr. Odinet. My understanding is that the CFPB's setting of 
the threshold at 5 million transactions in a calendar year was 
designed to enable the Bureau to supervise those firms that 
have the most significant share of this general-use digital 
consumer payments application market, and that it was based on 
available data suggesting that there is a very high 
concentration within this market.
    So a very small number of firms processing millions, 
perhaps billions of dollars' worth of transactions in a year, 
while there are many other firms that are not captured by the 
rule but they handle fewer transactions. And the focus was 
really on trying to supervise the firms that have the most 
critical role in this market.
    Mr. Green. You indicated a small number. I have 
intelligence indicating that the agency has estimated that the 
threshold would capture approximately 17 entities. Is that 
about what you understand the case to be?
    Mr. Odinet. That is what I understand, based on the 
information the Bureau has provided.
    Mr. Green. Seventeen entities. Okay. Let's move to another 
area quickly.
    Is it true that Cash App allows users to sell stocks, buy 
and sell stocks?
    Mr. Odinet. I am not familiar with that particular 
functionality of Cash App.
    Mr. Green. Is anyone familiar with that function? If so, 
you may speak--Cash App allowing users to buy and sell stocks. 
I received an indication that it does have this feature, and 
they can do so without a commission.
    This causes me some concern if this is the case, because 
buying and selling stocks is a means by which a good amount of 
fraud can occur when we don't have the CFPB protecting the 
consumer. I am hopeful that maybe this is incorrect, and if it 
is, I will understand, but, if not, I am grateful that the CFPB 
is looking into this.
    I yield back the balance of my time.
    Chairman Hill. The gentleman yields back.
    The gentleman from Illinois, Mr. Casten, is recognized for 
5 minutes.
    Mr. Casten. Thank you. Just a quick question before I 
start. And I want to be quick, but I do want to get this on the 
record. All of you, before coming here, signed a truth in 
testimony form disclosing your government affiliations and 
contracts. I know a lot of you are speaking on behalf of things 
that would benefit the tech companies. Just a quick raise of 
hands, do any of you have clients that are tech companies? 
Raise your hands.
    Mr. Kim, only you. Can you disclose the amount of money the 
tech firms pay you?
    Mr. Kim. I don't know, sir. I can't say.
    Mr. Casten. Maybe we can follow up for the record. Thank 
you for letting us know.
    I have a very naive hope here, which I am listening to this 
and my completely naive--maybe the most naive thing I have ever 
thought in Congress is that I really hope my wife and daughter 
are watching this hearing, because we have this ongoing debate 
at home. I do all my banking with Schwab. I don't use PayPal. I 
don't use Venmo. They are completely addicted to it. And I keep 
telling them, there are different rules here. And I am looking 
forward to them celebrating me as a returning hero when I get 
home today at this point.
    First, just a quick question for you, Mr. Kim, and 
hopefully, this is going to help. Do you feel it is important 
to maintain a wall between commerce and banking?
    Mr. Kim. I think that is a policy question, sir, and I am 
not qualified to answer that one.
    Mr. Casten. Okay. Well, I certainly do. I asked the 
question because, Professor Odinet, in your testimony you 
mentioned that customers' interactions with PayPal are a lot 
like using a bank. Do you want to expand on what you meant by 
that?
    Mr. Odinet. Yes, I would be happy to. When an individual 
uses a non-bank intermediary, the payment still has to happen 
along the transmission lines of the banking system. It is just 
one step removed. So, all of these non-banking platforms sit 
atop the transmission lines of the banking system. But the 
consumer is not interacting with the bank. The intermediary is 
interacting with the bank. So the benefits related to, for 
instance, FDIC insurance, run in favor of the intermediary. And 
that leaves the consumer with what is just essentially a 
contract claim against the intermediary.
    As long as the intermediary has the assets to make good on 
withdrawal requests, and payment requests, then everything is 
fine. But if the intermediary becomes insolvent, that insurance 
through the banking system ultimately does not benefit the 
consumer. The consumer just has a claim in the bankruptcy 
against the intermediary, not unlike the customers of the now 
defunct FTX.
    Mr. Casten. I appreciate that, because I am a dyed-in-the-
wool deep free marketer. And free markets mean that everybody 
has to play on the same playing field. And the idea that if I 
use Schwab, and my daughter uses Venmo, there are these 
different rules, there are different incentives, that strikes 
me as a fundamentally anti-capitalistic idea.
    I also want to just pick on there is this very sort of a 
vapid libertarianism that says that we should never give our 
information to the government because we can't trust the 
government with information, but we should give all of our 
information to private companies that have no obligation to the 
public interest, and who can sell it to data brokers, who can 
then resell that information to other governments whose 
interests are antithetical to our own.
    Professor Odinet, in your testimony you described this as a 
massive blind spot for the Bureau. And I wonder if you could 
expand on why we need to be more vigilant in protecting 
consumer data and what we need to do to guard against it in 
this rule?
    Mr. Odinet. Thank you. The reason why I said that is 
because we don't exactly know, and it may be in some instances 
that the companies that collect and process the data, 
particularly as they use sophisticated artificial intelligence 
programs, know exactly what they are doing when they use data 
to make decisions relative to a variety of products and 
services.
    Now, we do have some visibility into that when banks are 
doing so, but that is because banks are subject to supervision, 
both by the Bureau above a certain asset class, but always by 
their prudential regulators.
    But we know there is way more innovation happening in data 
processing and artificial intelligence outside the bank system 
in the non-bank system. For that reason, the Bureau needs some 
visibility into what is happening on that side of the house, if 
you will, because that is likely to be the place where there 
can be more consumer harm.
    Mr. Casten. I see I have 15 seconds left, so maybe if we 
could just follow up for the record afterwards. I do have some 
concerns that in some of the carve-outs for crypto, 
particularly as we have seen some of the companies like PayPal 
developing stablecoins, as we have seen some of the runs on 
other currencies, that there are some blind spots.
    And so, Professor Odinet, if you have some thoughts about 
how we might improve the role to protect consumers, I would 
welcome it.
    Chairman Hill. The gentleman's time has expired.
    Mr. Casten. Thank you. I yield back.
    Chairman Hill. Feel free to respond to him in writing on 
that question.
    As you know, we have votes on the House Floor, so we are 
going to take a recess for not less than 5 minutes, and we will 
come back and finish our questioning.
    We thank our panel for your excellent testimony today.
    And we are in recess for 5 minutes.
    [recess]
    Mr. Flood. [presiding]. The committee will come to order.
    I now recognize the gentleman from Wisconsin, Mr. Steil, 
for 5 minutes for questions.
    Mr. Steil. I thank the Chair.
    Let me start with you, if I can, Mr. Johnson. The CFPB can 
see that it, ``lacks sufficient information on a substantial 
number of known market participants necessary to estimate their 
larger participant status.''
    In other words, they don't have the data to know how many 
companies would be swept under the rule, so they don't know how 
much the rule would really cost or what the full market impacts 
could be.
    You served at the CFPB under a previous Administration. 
Would moving forward on a major rule like this without adequate 
data be unusual, in your professional opinion?
    Mr. Johnson. I think it would be unusual and would 
certainly present APA challenge risk. I think in some ways this 
is the Bureau's response to an Executive Order and revised 
guidance for the Office of Management and Budget (OMB) 
regarding the relaxing of standards for cost-benefit analysis.
    Mr. Steil. I appreciate that. I have continued concern that 
the CFPB isn't doing a proper cost-benefit analysis. And the 
fact that we don't have data as to who is going to be swept in 
under such a rule, I think is incredibly concerning.
    Let me continue on with you if I can, Mr. Johnson.
    The law authorizing the CFPB says that the Bureau shall 
consult with the Federal Trade Commission (FTC) and define 
covered persons under Larger Participant rules. The Bureau said 
that it consulted with or provided an opportunity for 
consultation with the FTC, which could obviously mean the FTC 
did not actually weigh in.
    Can you explain briefly why it is important for the CFPB to 
consult with the FTC and why it would be a problem if the CFPB 
actually didn't fulfill its regulatory requirement?
    Mr. Johnson. The Dodd-Frank Act creates clear distinctions 
and boundaries between the FTC and the CFPB. And the CFPB 
inherited certain consumer protection authorities but not 
antitrust authorities from the FTC.
    So, it is vitally important that the CFPB consult on a 
regular basis and Congress require them to consult with other 
agencies, I think for the reason of establishing that they are 
not intruding upon the jurisdiction or boundaries denied them 
in the Dodd-Frank Act.
    Mr. Steil. I appreciate that.
    Let me jump over to you, Mr. Solowey. Did I say that 
correctly?
    Mr. Solowey. Yes, sir.
    Mr. Steil. Thank you very much.
    There is a lot of uncertainty about how sweeping more 
companies under the CFPB's authority would impact the cost of 
payment services to consumers. How does the uncertainty about 
the regulatory cost impact--the LPR impact competition and 
innovation in the payments industry?
    Mr. Solowey. I think uncertainty always adds costs. Even 
just the initial legal fees dealing with the ambiguity of 
whether or not a market participant is or should be covered.
    And then, you have further uncertainty when it becomes hard 
to budget for those compliance risks. All of those issues take 
away precious time, capital, and attention that only make it 
harder for folks to innovate. When that is the case, consumers 
can miss out on new and important technologies.
    Mr. Steil. Thank you.
    Let me jump to you, Mr. Holshouser, if I can. Let's take a 
broader view of how the CFPB's regulatory expansion impacts our 
economy and workers. In a period of time of high inflation, 
when people can't afford the things that they need, the Bureau 
is targeting a very competitive industry with innovators coming 
from across the globe.
    And I am concerned that overbearing and poorly-considered 
regulations from the CFPB will make the U.S. less competitive 
and push jobs overseas. Can you talk about how the LPR and 
other CFPB efforts may discourage innovation and investment 
here in the United States?
    Mr. Holshouser. That is a great question. You just have to 
balance the safeguards with the environment for innovation. Red 
tape never created innovative companies that are the envy of 
the world, like we have here in the United States. It was 
innovators and the American spirit and our laws and regulations 
that allow innovation to flourish.
    Just look at the EU. There has been a 40-percent decrease 
in the investment in startups since the GDPR, showing that an 
onerous top-down regulation has a huge constriction effect on 
innovation and investment.
    The jobs that are created in this country are mostly 
created by startups and small businesses. They are going to 
really see the impact and burden much more than the larger 
platforms. And I think that it is misguided to think that this 
rule only targets what would be seen as big players.
    The little ones are really the ones that need the help, and 
this is going to constrict their ability to grow and stifle 
innovation.
    Mr. Steil. I share your concerns. I am incredibly concerned 
the CFPB is going to continue to stifle innovation development 
here in the United States.
    I appreciate all of our witnesses. And Mr. Chairman, I 
yield back.
    Mr. Flood. The gentleman yields back.
    The gentleman from California is recognized.
    Mr. Sherman. I have already had my 5 minutes. Do you want 
to give me another 5 minutes?
    Mr. Flood. The Chair recognizes himself.
    I will start with this. I have been concerned about the 
CFPB's Larger Participant rulemaking for some time, and I am 
glad that we have the opportunity to explore its impacts 
further today.
    First, let's begin with a refresher on what the Larger 
Participant rule refers to. The CFPB has four broad categories 
of supervisory jurisdiction pursuant to Dodd-Frank: number one, 
financial institutions with over $10 billion in assets; number 
two, mortgage companies, payday lenders and student lenders; 
number three, companies deemed, ``larger participants,'' in a 
consumer financial market; and number four, companies 
designated by CFPB as a potential risk to consumers.
    If unchecked, that third category, the larger participant 
category, is sufficiently broad as to potentially expand the 
CFPB's jurisdiction dramatically over time. I fear that we are 
seeing that with this rule today.
    One example of how this rule expands the CFPB's reach 
hasn't gotten much discussion to this point as it relates to 
merchants. The CFPB is explicitly barred from supervising 
merchants pursuant to Dodd-Frank when they are selling 
nonfinancial goods. This is a common-sense guardrail. The CFPB 
is a financial regulator. They don't have supervisory authority 
over non-financial merchants in the country and they shouldn't.
    However, I feel this proposed rule takes that boundary and 
pushes it away. One piece of this rule claims that at any time 
a merchant uses consumer payment information for something 
other than completing the transaction, including for benign 
purposes like research, they go from selling a nonfinancial 
good to a financial one and are, therefore, within the scope of 
the rule.
    Let's step back and think about that for just a moment. 
When a completely nonfinancial merchant conducts research on 
their payments data, even for a good reason like conducting 
research to stop future fraud, they could be subject to CFPB 
supervision.
    For example, if a consumer buys a recliner chair at an 
online furniture store, whether or not that transaction is 
considered a financial transaction by the CFPB would depend 
upon exactly how the merchant treats the information associated 
with it.
    According to this interpretation, the fact that we are 
talking about a merchant selling a piece of furniture is 
irrelevant. The CFPB still may have jurisdiction anyway. 
Conveniently for the CFPB, this could extend their supervisory 
authority to merchants selling any and all kinds of goods. This 
interpretation allows them to go from a financial regulator to 
a regulator that could have authority over anything sold 
online.
    Another way the rulemaking expands CFPB's authority is not 
just over U.S. dollar transactions, but digital asset 
transactions. Again, this would be a broad expansion of their 
power.
    Mr. Johnson, in your testimony you connected the CFPB's 
jurisdictional grab over digital asset transactions to the 
major questions doctrine from the landmark, West Virginia v. 
EPA case.
    Do you believe the CFPB has clear congressional 
authorization for its claimed authority over digital assets? 
And please explain why or why not?
    Mr. Johnson. I don't believe it has that authority because 
Congress didn't give it that authority and didn't give it that 
authority expressly in Title X of the Dodd-Frank Act.
    Mr. Flood. It is a relief to hear you say that, because the 
members of this committee have been working on delegating 
authority to our regulators over digital assets for over a 
year. It would be rather discouraging if the CFPB could simply 
claim authority over the space with the stroke of a pen and 
very little legal basis.
    I would like to close today by bringing up one more issue 
with the proposed rule. It completely failed to assess its 
potential impact on small businesses pursuant to the Regulatory 
Flexibility Act. The rule certifies it will not have a 
significant impact on small entities, but does so with no 
serious analysis. This is despite the fact that small 
businesses and sole proprietors are some of the most common 
users of the third-party payment technology that could be 
clearly covered under the rule.
    Mr. Holshouser, you mentioned the lack of analysis 
regarding the rule's potential small business impact in your 
testimony. Would you provide some additional thoughts on this 
topic?
    Mr. Holshouser. I would be happy to.
    I think small and medium-sized businesses have no idea 
whether or not they are covered under this proposed rule, and 
that in and of itself is the problem. We are hearing an 
estimate of 17 covered firms, but I think the estimate could be 
well in the hundreds.
    But if you are a small business and you are making a 
decision between spending money on compliance costs to deal 
with this new proposed regime versus innovating new products 
and then selling them, which is the lifeblood of creating a new 
business, you are going to see a real headwind in your ability 
to maintain and grow.
    And I think if you limit and define the scope of this 
proposed rule on a more targeted basis, you will certainly give 
more certainty to businesses who are really confused about 
whether or not they would be caught in this and what that means 
for their ability and need for raising money to grow.
    Mr. Flood. Thank you very much for your testimony.
    I now recognize the gentleman from North Carolina.
    Mr. Nickel. Thanks to our chairman and our ranking member 
and our witnesses for being here. I represent North Carolina's 
13th District.
    And I have said this before, the work of the CFPB is 
incredibly important. Their mission of protecting consumers is 
supported by the vast majority of Americans, regardless of 
political party.
    The CFPB recently released their Larger Participant rule 
for digital consumer payment apps in November. I understand the 
goal of this rulemaking is millions of Americans are now using 
digital payment apps. However, I am concerned that this rule is 
overly broad and lacks clarity.
    Mr. Holshouser, as my colleagues have mentioned, the CFPB 
indicated that 17 companies will be covered by this rule. 
However, they refuse to say which companies. Is that standard 
practice? What purpose is served by keeping secret the list of 
companies which would be impacted by this rule?
    Mr. Holshouser. This is not standard practice, and I have 
no idea what this serves. Certainty is what businesses need in 
order to operate their businesses and to know how to plan. And 
this lack of specificity is a real concern.
    Mr. Nickel. And, Mr. Holshouser, again, given the 
uncertainly surrounding this rule, will companies be 
discouraged from offering payment services to consumers and how 
will this impact competition and innovation?
    Mr. Holshouser. Absolutely. I think it will decrease the 
players in the market and reduce new entrants. It will cause 
those that are in it who might be caught up in this rule to 
retract from this market, which will lessen the number of 
products and, therefore, hurt competition.
    Mr. Nickel. Mr. Kim, next question to you: To justify the 
rule, the CFPB only performed a cost-benefit analysis of peer-
to-peer products. However, the rule would cover products like 
express checkout that have nothing to do with the peer-to-peer 
cost-benefit analysis.
    Is it right for the CFPB to propose such an all-
encompassing rule when they don't have adequate data to justify 
it?
    Mr. Kim. I agree that the proposed rule conflates very 
separate and distinct payment products and functionalities. It 
doesn't explain why it does so. And in not explaining why it 
conflates them, there is no cost-benefit or any sort of 
empirical analysis to support that kind of overly-broad 
definition.
    Mr. Nickel. Mr. Kim, again, how does this Larger 
Participant rule compare to previous Larger Participant rules?
    Mr. Kim. With prior ones, we weren't asking these 
questions. With student loan servicing, everyone knew who the 
big players were and I don't think people really debated or had 
much concern about whether the threshold would capture the 
large ones versus the small ones.
    I think today's hearing highlights how there is a lot of 
uncertainty about the scope of the rule and its potential 
impact.
    Mr. Nickel. Mr. Kim, again to you, can you walk us through 
what a typical supervisory examination by the CFPB would look 
like for firms identified as larger participants, and describe 
what powers the CFPB has over an entity once it has been 
designated as a larger participant?
    Mr. Kim. They send examiners, and it is typically, at a 
minimum, several, but easily 20 to 30. And for large tech 
companies, I would imagine the CFPB would bring its so-called A 
game and bring as many as it can.
    It would probably be a combination of hosting them on-site 
but also hybrid or virtual. And these exams last months. So, we 
are talking about wave after wave of information requests and 
follow-up requests. And companies often field those questions 
for over a year, and then maybe, they might get an exam report 
a year or two later. So, it is significant. People have to kind 
of drop their day jobs to respond to the information requests 
in exams.
    Mr. Nickel. Thank you. I yield back.
    Mr. Flood. The gentleman yields back. The gentleman from 
Florida is recognized.
    Mr. Donalds. Thank you, Mr. Chairman.
    Wow, this has been a very interesting hearing. I often say 
in this room that the first hearing I ever watched as a citizen 
of this country was the Financial Services hearings when Dodd-
Frank was being created.
    I was in the finance world, not a Member commenting on the 
finance world. And to be blunt, and with no disrespect to the 
staff on Capitol Hill, I was not a staffer writing memos about 
the financial world; I was actually doing it.
    A lot of the things in Dodd-Frank concerned me, and most 
overarching was the CFPB. My concern was that the CFPB would be 
this overarching agency with no real oversight, that would just 
roam the fruited plain trying to figure out what they can 
meddle in. And, obviously, they are doing that today.
    Mr. Holshouser, we get very technical in financial 
services. For the people watching at home, what actually are 
digital payment systems? What are the actual pieces of 
technology we are talking about that would apply to the 
American consumer?
    Mr. Holshouser. That is an incredibly complex and diverse 
question with a lot of different aspects to it.
    Mr. Donalds. Just give me an example.
    Mr. Holshouser. You are running financial transactions 
there through a large digital pipe, through a bunch of data 
centers back and forth between merchants and banks, with other 
regulated entities in the payments ecosystem also involved in 
that.
    Mr. Donalds. Would a digital wallet be a part of this?
    Mr. Holshouser. That is subject to interpretation, but 
normally yes.
    Mr. Donalds. Okay. So, I am a consumer. I go on my phone. I 
download a digital wallet. I could put crypto stablecoin or 
potentially even cash in this wallet. Would that all be subject 
to the CFPB's rule?
    Mr. Holshouser. Under the proposed rule, yes.
    Mr. Donalds. Okay. Professor Odinet, a question for you: 
Even in its infancy, when Dodd-Frank was being created, did the 
Members--I will say the Democrat Members because they are the 
ones who voted for it--think that it would make it possible 
that the CFPB would regulate consumer transactions between 
consumers?
    Mr. Odinet. I wasn't involved in that process, like you. I 
was much younger. But what I do know is that Congress intended 
for the CFPB to have jurisdiction over nondepository 
institutions involved in the provision of consumer financial 
products and services.
    Mr. Donalds. I don't want to interrupt, but we are short on 
time. Do you know why they did that? I was a lender at the 
time, and in the lending market, the issue was home mortgages, 
specifically, no income, no job, and no assets (NINJA) loans, 
where you could show up and say, I want to buy this house. 
There was no credit report, no income verification, and a 
nonbank issued you a mortgage to go buy a house that you 
couldn't afford. Isn't that correct?
    Mr. Odinet. I think that the subprime mortgage crisis was 
at the forefront of Congress at the time. But that doesn't mean 
that the Bureau's authority is limited to the mortgage market. 
In fact, the text of the Consumer Financial Protection Act goes 
far beyond that into multiple different types of consumer 
financial products.
    Mr. Donalds. Professor Odinet, I would like to opine on 
that. That is why Dodd-Frank is trash and is one of the worst 
pieces of legislation ever contemplated by this body.
    But let me move on. Do you think that digital wallets pose 
a systemic threat to the United States of America?
    Mr. Odinet. My understanding is that the Bureau is not 
making its rulemaking on the basis of systemic threat, but on 
the threat of consumer harm in the offering of that product.
    Mr. Donalds. Is there a consumer harm in Americans being 
able to actually use their resources to buy goods and services 
from a business, a merchant, or from another individual?
    Mr. Odinet. Under the limited facts of your question, no.
    Mr. Donalds. Okay. Is it plausible that an American citizen 
needs a license or needs authority or approval from the CFPB in 
order to transact business in commerce?
    Mr. Odinet. No, but the businesses that facilitate it do.
    Mr. Donalds. You said in your statement that, ``businesses 
could discriminate based upon information that they take down 
in the normal course of business.''
    Is there any evidence at all that there has been any 
discrimination with the use of digital wallets at all by these 
tech companies?
    Mr. Odinet. I think proper supervision will reveal whether 
or not that is the case.
    Mr. Donalds. Mr. Johnson, is there any discrimination that 
has been found by any of these tech companies or fintech 
companies actually allowing for these products to be used by 
consumers?
    Mr. Johnson. Not that I am aware of for laws that are 
within the CFPB's jurisdiction.
    Mr. Donalds. Here is a question for you: Do you think the 
CFPB even has evidence to the fact that there might be 
discrimination with the use of any of these products by 
consumers?
    Mr. Johnson. I think the Bureau's articulated concerns in 
speeches and other communications speak to speculative concerns 
rather than actual observations of marketplace behavior.
    Mr. Donalds. So for the people watching at home, the CFPB 
is looking for something to do, because they are busybodies. 
There is no need for them to regulate in this space. Mr. 
Chopra, once again, is way beyond his bounds, which is why this 
agency needs to go away permanently.
    I yield back.
    Mr. Flood. The gentleman yields back.
    The gentleman from Illinois is recognized.
    Mr. Foster. Thank you, Mr. Chairman, and thank you to our 
witnesses.
    Mr. Odinet, in your testimony you note that many of the 
firms that we expect to be covered under the Larger 
Participants rule are large non-bank tech firms with business 
lines that benefit from the mass collection of consumer data.
    Typically, we think of this through the lens of marketing, 
usually insights gleaned from interactions with your favorite 
search engine or social media app to shape targeted 
advertisements that are more likely to get you to buy 
something.
    Others have relationships with third parties, who may also 
have access to consumers' information. As you note, large 
payment providers have access to a very valuable trove of 
financial information about their users that can show how much 
they spend, where they spend it, and how they manage their 
finances.
    Now, I imagine that most consumers would deem that 
sensitive information. What are some of the risks of non-bank 
financial firms having access to that sort of information and 
what safeguards do you believe are missing?
    Mr. Odinet. As I mentioned in my written testimony, one of 
the most important and profitable kinds of information is how 
people spend their money, and that is exactly the kind of data 
that these payment processing payment platforms are able to 
generate and capture.
    The fear, to my mind, is the ability to use that kind of 
information, coupled with other types of nonfinancial consumer 
data, browsing histories, social interactions, et cetera, and 
in combination engage in activity relative to targeted 
marketing, price differentials on products and services that is 
unlawful, and that is discriminatory.
    Mr. Foster. And there have been instances where perhaps 
even inadvertently some of the AI algorithms of some of the big 
firms have been doing things like digital redlining that have 
resulted in real harm to American citizens.
    So, how do the risks change when the firm has significant 
lines of business that are outside the financial services 
sector?
    Mr. Odinet. I think this goes toward the question earlier 
about the separation between banking and commerce. The way in 
which nonbank, which is to say nondepository institutions, 
engage in the payment ecosystem places them outside that 
division, because they are not depositories. They don't fall 
under the Bank Holding Company Act. And that allows for a level 
of sharing and interaction and penetration between the payment 
side of the house, if I can, and the commercial--we will say 
the tech side of the house.
    And it is the combination and the interaction of those two 
lines of business and the data that they produce that I think 
poses the risk of creating these multidimensional, very 
granular profiles about people and how that granular 
information can be used in ways that we would find problematic.
    Mr. Foster. In recent months, I have been happy to see the 
CFPB take steps to give consumers greater control over their 
personal financial data. While the details of the proposals are 
still being hammered out, the Bureau's 1033 rulemaking, I 
believe is an important step to ensure that consumers' data is 
protected and that they have the freedom to walk away and move 
their data to another bank or financial institution when they 
determine that they could be better served.
    My question is this: How does this Larger Participants 
proposal interact with other consumer protection laws, and what 
would it mean for something like the 1033 rulemaking?
    Mr. Odinet. I think the way that supervision interacts with 
this idea which you speak of, which is generally referred to 
like a component of open banking, is to ensure that those 
nonbank institutions that are covered by the rule that are 
required to generate consumer data in an interface that is 
standardized and easily sharable, which includes, as you say, 
controls on how much of it is shared and the need to get 
reauthorizations on an annual basis are being complied with.
    That is what supervision is. It is not to impose new rules; 
it is to ensure that the rules that already apply are being 
abided by.
    Mr. Foster. Thank you. How does the lack of supervisory 
authority over digital payments applications hinder the 
Bureau's ability to protect consumers' financial data right 
now?
    Mr. Odinet. The problem is that when there are breakdowns 
in compliance with the consumer financial laws, like the Gramm-
Leach-Bliley Act or others, if the Bureau does not have the 
ability to monitor on an ongoing basis that level of 
compliance, the public generally does not discover misbehavior 
and wrongdoing until the consumer harm has already happened.
    I think it is also worth saying that there are benefits to 
supervision that were not mentioned at all today, one being we 
often hear about regulation through enforcement and the fear of 
CFPB enforcement.
    But supervision happens on an ongoing basis and in a 
confidential capacity, so that the business and the Bureau can 
engage in an ongoing dialogue, and flag problems and resolve 
them before they become public.
    Mr. Foster. Thank you. My time is up, and I yield back.
    Mr. Flood. The gentleman yields back.
    The gentleman from South Carolina is recognized.
    Mr. Timmons. Thank you, Mr. Chairman.
    And thank you to the witnesses for being here today.
    When examining the Larger Participant proposal, one can't 
help but see it as another power grab from Director Chopra at 
the CFPB. Since his swearing in, he has consistently applied 
liberal academic theories with no common sense or basis in the 
real world.
    Time and time again, these theories are put into practice 
and result in increased cost for services, unintentionally 
hurting consumers instead of protecting and promoting their 
best interests.
    What's worse is that these consequences are foreseeable and 
even predicted by the seemingly ever-increasing chorus of those 
of us with business experience. Yet, our warnings are 
perpetually cast aside.
    It seems that the only possible course correction will be 
either Tuesday, November 5, 2024, or who knows, perhaps the 
Supreme Court. But for now, I guess we will continue to 
highlight the adverse consequences of CFPB's proposals.
    This time, the Director has become even more emboldened, 
stating that the CFPB's supervisory authority is not limited to 
the products or services that qualify a covered institution for 
supervision, but could essentially capture every aspect of a 
given business, subjecting companies that largely provide 
services outside of the financial sector to the CFPB's 
oversight.
    Not only does this proposal appear to be broad, it is 
incredibly ambiguous, leaving many market participants 
questioning their status.
    Mr. Holshouser, the CFPB identifies 17 firms as potential 
larger participants under the proposal. However, the CFPB has 
collected data on almost 200 companies in consideration of this 
rule. To say the least, it appears there is widespread 
confusion among market participants, with many companies unsure 
of their designation.
    Given the ambiguity in the CFPB's definition of the market 
in this proposal, are your member firms able to say with 
certainty whether they are covered?
    Mr. Holshouser. No.
    Mr. Timmons. Do you think that is a problem?
    Mr. Holshouser. Market uncertainty is the bane of the 
existence of any business but particularly small and medium-
sized businesses trying to grow.
    And the 17 that are mentioned don't account for the 
hundreds more that are in the space, that are sitting 
wondering, am I going to be covered under this even though I am 
a small company? Maybe I have 20 employees.
    Mr. Timmons. Businesses, no matter what size, want to 
compete on an even playing field. And they have to know the 
rules of the game in order to compete. This is not productive.
    Mr. Kim, do you find it appropriate for this rule to 
encapsulate both companies that facilitate transactions and 
those that provide a native digital wallet? And what is the 
CFPB's justification for such a broad scope?
    Mr. Kim. I don't see the justification in the proposed rule 
for combining what I think are very different functionalities 
with different risk profiles. As I read the proposed rule, if 
you are merely saving and passing payment credentials and 
instructions but not actually touching the money in any way, 
you are still covered by the rule. And then, you are treated 
the same as a company that actually holds and moves the money. 
So, I don't see the explanation in the rule for treating those 
two very different things the same way.
    Mr. Timmons. Unless you see it for what it is, which is 
just a way to expand their authority and have additional scope.
    Mr. Solowey, in this proposal, the CFPB includes digital 
assets in their definition of funds. This committee has been 
crafting legislation to address digital assets, yet it appears 
the CFPB is trying to front-run Congress and expand its 
authority.
    What potential implications could this proposal have on the 
digital asset ecosystem?
    Mr. Solowey. If the CFPB were to succeed in, as you put it, 
front-running Congress, it would not only add additional 
regulatory uncertainty to an already-uncertain space, but one 
of the specific risks would be the application of this rule to 
self-hosted crypto wallets that do not exhibit the same 
underlying technological structure nor the same risks as more 
traditional digital payment apps.
    Mr. Timmons. Mr. Solowey, this seems like a radical 
expansion of the CFPB's authorities. Could the CFPB use this 
novel interpretation of funds in future proposals?
    Mr. Solowey. If unchecked and unchallenged, they could. In 
addition, they could take away the lesson that they can 
interpret and expand their authority broadly.
    Mr. Timmons. Also, Mr. Solowey, given the unique nature of 
some digital assets, does the CFPB provide sufficient guidance 
on which digital assets they would consider to be funds and 
which would be excluded?
    Mr. Solowey. No, they do not. They provide little in the 
way of guidance, which is to say essentially none at all. There 
are very different types of digital assets out there, and the 
failure to distinguish between them is one of the shortcomings 
of the proposed rule.
    Mr. Timmons. I am not sure what this proposed rule helps. 
It literally only seeks to expand the Director's authority, and 
it further complicates business' ability to compete in the U.S. 
and in the global economy.
    And I really think it needs to be reconsidered but, again, 
as always, I imagine that our warnings will be cast aside and 
it will take the Supreme Court or an election to change its 
course.
    With that, Mr. Chairman, I yield back.
    Mr. Flood. The gentleman yields back.
    I would like to thank our witnesses for their testimony 
today.
    The Chair notes that some Members may have additional 
questions for this panel, which they may wish to submit in 
writing. Without objection, the hearing record will remain open 
for 5 legislative days for Members to submit written questions 
to these witnesses and to place their responses in the record. 
Also, without objection, Members will have 5 legislative days 
to submit extraneous materials to the Chair for inclusion in 
the record.
    I ask our witnesses to please respond as promptly as you 
are able.
    This hearing is now adjourned.
    [Whereupon, at 11:00 a.m., the hearing was adjourned.]
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT] 
    
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT] 
                            A P P E N D I X
                            



                             March 13, 2024