On April 11, the CFPB announced that it will not prioritize enforcement or supervision against nonbank financial companies that miss registration deadlines under its Repeat Offender Registry. The Bureau also stated that it is considering a notice of proposed rulemaking to rescind or narrow the scope of the rule, finalized in 2024, that established the registry.
Under the rule (previously discussed here) covered nonbanks subject to covered orders will be required to submit certain corporate identity information, administrative information, and information regarding the covered order (e.g., copies of the order, issuing agencies or courts, effective and expiration dates, and laws found to have been violated). In addition, the final rule will require covered nonbanks to file annual reports attesting to their compliance with the registered orders. The rule’s compliance deadlines are as follows:
- April 14, 2025 for nonbanks already subject to CFPB supervision; and
- July 14, 2025 for all other covered nonbanks.
In its press release, the Bureau stated that the temporary non-enforcement policy applies to these deadlines and that it will instead focus enforcement and supervision efforts on more pressing threats to consumers.
Putting It Into Practice: The CFPB’s decision to deprioritize enforcement and consider rescinding the registry rule reflects a broader shift away from regulatory initiatives finalized under the prior administration (previously discussed here and here). While the move eases near-term compliance pressure, it may invite greater attention from state regulators and consumer advocates concerned about regulatory gaps. Nonbank financial institutions should prepare for a shifting landscape of federal and state supervision going forward.