Belgian DPA Finds Broad Tax Information Transfers to IRS Unlawful
The Belgian Data Protection Authority recently ruled that a Belgian government entity, FPS Finance, cannot transfer the personal data of “accidental Americans” to the IRS. According to the decision, the transfers needed to cease for several reasons.
The case was brought by a dual US-Belgian citizen, who, while a US citizen by birth, did not reside in the US or otherwise have any significant connections to the US (i.e., an “accidental American”). He argued that his personal information should not be transferred to the US, even though the US’s Foreign Account Tax Compliance Act requires all US citizens to report their tax information to the US to combat terrorism and prevent tax evasion. That law is enforced in Belgium through a 2014 bilateral treaty, which was entered into before the GDPR’s effective date. The Belgian tax authority argued that it could make the transfer under a GDPR exception (Article 96), which allows pre-GDPR international agreements, such as this one, to remain in place if they comply with the law in effect at the time. Thus, the Belgian DPA examined not only whether the transfer violated GDPR (as the individual argued) but also whether it violated the laws in existence at the time the treaty was signed.
The Belgian DPA found that the transfers did not comply with pre-GDPR law because the amount of information being transferred exceeded what was necessary to meet the specified purposes. Further, the FATCA was not compliant with current GDPR standards. The Belgian DPA also emphasized that FATCA, as implemented, lacked sufficient safeguards to protect the personal data of EU residents, especially those with tenuous or accidental ties to the US. The Belgian DPA gave FPS Finance a year to modify its transfer process. This included minimizing the amount of data transferred, conducting a data transfer impact assessment, and giving individuals more information about its data processing activities.
Putting it Into Practice: This decision is a reminder that there may an increase in scrutiny of data transfers to the US. While the facts in this case were narrow, we expect that there may be other, similar, decisions in the future.
Listen to this post
YA Global Heads to Appeals Court Over Tax Court Ruling on Offshore Fund’s U.S. Activities
Last month, YA Global Investments, LP (the “Fund”) filed a notice of appeal to the U.S. Court of Appeals for the Third Circuit, seeking review of the U.S. Tax Court holding in YA Global Investments, LP v. Commissioner.[1] In November 2023, the Tax Court held that this Cayman Islands fund was engaged in a U.S. trade or business through an agency relationship with its U.S. investment manager, Yorkville Advisors (YA), and failed to withhold tax on income that was effectively connected with its U.S. trade or business (ECI) and allocable to its non-U.S. partners. Further, the Tax Court determined that the Fund was a dealer in securities subject to the Section 475 mark-to-market rules.[2] Our prior summary of the case is available here.
This appeal reopens the discussion on agency principles, the characterization of a U.S. trade or business, and the Section 475 dealer definition. The Tax Court found YA to be the Fund’s agent primarily because the investment management agreements designated YA as such. In determining that the Fund was engaged in a U.S. trade or business through YA’s activities, the Tax Court emphasized that YA’s fees tied to convertible debt and standby equity distribution agreement transactions from portfolio companies were compensation for services and exceeded returns on invested capital. The Tax Court also classified the Fund as a Section 475 dealer and its gains as ordinary income and ECI. It rejected the Fund’s claim that it had no customers and invested for its own account. Sponsors to credit funds with non-U.S. investors and their tax advisors continue to follow the case closely, as it could has significant implications on such credit funds.
[1] 161 T.C. 11 (2023). [https://www.foley.com/wp-content/uploads/2023/11/161-tc-no-11-YA-Global.pdf]
[2] All Section references are to the U.S. Internal Revenue Code of 1986, as amended.
State Regulators Poised to Increase Enforcement Efforts as Trump Administration Executes Deregulation Agenda
In the first three months of the second Trump administration, federal regulators have signaled a shift in priorities while enforcing federal securities violations and consumer protection laws. In fact, the administration has effectively shuttered the Consumer Financial Protection Bureau (CFPB) and effected significant changes to the Securities and Exchange Commission’s (SEC or Commission) organizational structure and enforcement procedures. As federal regulators shift their focus, state attorneys general have shown a willingness to ramp up enforcement efforts. States have various tools at their disposal, including enforcing existing federal and state consumer financial protection and securities laws and amending state law to expand their regulatory enforcement authority.
The variances in state law and appetites of the state attorneys general may result in a patchwork style of enforcement across the United States. Moreover, states with a more aggressive enforcement approach, such as New York and Massachusetts, may also spur other states to action.
Trump Administration’s Deregulation Agenda Expected to Impact the SEC Enforcement Program
Developments in Washington strongly suggest that the SEC under the Trump administration will depart from aggressive and novel enforcement strategies that characterized the previous administration. In the first few days of the current administration, President Trump announced a “massive” deregulation initiative,1 which we expect will impact the breadth and volume of SEC enforcement activity. Some changes already taking place at the SEC include:
Refocusing the Commission’s Enforcement Approach. During his confirmation hearing, SEC Chair Paul Atkins said he “will strive to protect investors from fraud, to keep politics out of how our securities laws and regulations are applied, and to advance clear rules of the road that encourage investment in our economy.”2 He further called “for the SEC to return to its core mission” of “investor protection; fair, orderly, and efficient markets; and capital formation.”3 Senate Banking Chairman Tim Scott observed that the Commission under Chair Atkins will “roll back harmful Biden-era policies” and “provide regulatory clarity for digital assets.”4
Focus on Investor Fraud Protection. Going forward, many SEC observers expect the primary enforcement priority will shift to protecting investors from clear cases of fraud, rather than pursuing broader or more innovative regulatory actions.5
Reduction in Enforcement Division Authority. The SEC revoked the Director of the Division of Enforcement’s ability to initiate investigations, formally centralizing decision-making at the Commission level.6
Increased White House Oversight. Executive orders now restrict the SEC’s independent rule-making authority7 and embed a White House liaison in key decision‑making processes.8
Coordination with DOGE. Another executive order directs the SEC to coordinate its rule-making efforts with the DOGE government task force, which could lead to further agency restructuring and efficiency measures.9
Office Closures and Staff Reductions. The SEC reportedly canceled leases for major regional offices and plans to eliminate regional director positions, reducing the agency’s physical presence and staff autonomy.10
Focus on Big Firms. Then-Acting SEC Chair Mark Uyeda suggested in an April 8, 2025, speech that the SEC could prioritize enforcement actions against larger, more complex investment advisers and firms, leaving oversight of smaller firms to state regulators.11
Reduction in Crypto Enforcement. There will be fewer enforcement actions against the crypto industry, with a preference for rule-making and public guidance over enforcement actions to clarify the regulatory status of crypto assets.12
Cryptocurrency Enforcement Taken on by the States
Particularly in the area of cryptocurrency, states are poised to step up enforcement activity. This follows the disbanding of the Department of Justice (DOJ) National Cryptocurrency Enforcement Team and Deputy Attorney General Todd Blanche’s announcement that the DOJ will “no longer pursue litigation or enforcement actions that have the effect of superimposing regulatory frameworks on digital assets[.]”13 The DOJ will instead focus on prosecuting individuals who victimize digital asset investors or use digital assets in furtherance of criminal conduct, including terrorism, human trafficking, and gang financing.14
Several states have already taken steps to ramp up enforcement actions relating to cryptocurrency, with others likely to follow. Recent examples include:
New York
In recent years, the Attorney General has filed multiple lawsuits against crypto platforms for selling or purchasing crypto tokens without registering in the state.
In March 2023, sued KuCoin for failing to register as a securities and commodities broker-dealer under New York law.
Secured a consent order in December 2023 banning KuCoin from trading securities and commodities in New York, requiring $16.7 million in refunds to investors and $5.3 million in penalties.15
Iowa
Attorney General filed lawsuits against Lux Vending, LLC (Bitcoin Depot) and GDP Holdings LLC (Coin Flip), operators of cryptocurrency ATMs, alleging insufficient policies and procedures to identify and block scams.16
Claims include Iowa Consumer Fraud Act violations, unfair and deceptive practices, and misrepresentation.17
Asserted that companies profit from fees charged to consumers sending cryptocurrency to scammers and fail to warn or protect users adequately.
Pennsylvania
Attorney General issued a public warning to consumers about scams involving cryptocurrency ATMs.18
Provided tips for identifying scams and encouraged scam victims to contact the Attorney General’s office.
Indicated potential for future legal action against crypto companies operating ATMs in the state.
States Prepare for the Uncertain Future of the CFPB
Likewise, as the Trump administration seeks to dismantle the CFPB, states are preparing to fill the gap in regulation and enforcement of consumer protection violations.19 Recent actions states are taking to prepare for the CFPB enforcement gap include the following:20
Amicus Brief Filing. Twenty-three state attorneys general filed an amicus brief supporting the National Treasury Employees Union’s action to block the shutdown of the CFPB, emphasizing the Bureau’s historical partnership with states in consumer protection cases.21
Independent Authority Under CFPA. States leverage their independent authority under the Consumer Financial Protection Act (CFPA) to bring civil actions against covered persons or providers for unfair, deceptive, and abusive acts or practices.22 Michigan’s attorney general, for example, brought a claim under the CFPA against an online lender for offering loans with exorbitant interest rates, resulting in a settlement that stopped the lender from marketing and extending new loans to Michigan consumers.23
New York’s FAIR Act Proposal.
New York Attorney General Letitia James proposed the Fostering Affordability and Integrity through Reasonable Business Practices Act (FAIR), which would expand the state’s consumer protection law to cover “unfair” and “abusive” practices, allowing for broader enforcement authority.24
The FAIR Act would permit the New York attorney general to bring claims for a single instance of unfair, deceptive, or abusive activity, rather than being limited to conduct impacting the public at large.
The FAIR Act would enable the New York attorney general to address a wide range of conduct, including predatory loans, fraudulent landlord-tenant transactions, and other prohibited activities affecting individuals.
New York Banking Fee Regulations. New York’s Department of Financial Services proposed regulations to eliminate exploitative and deceptive banking fees, such as prohibiting overdraft fees on overdrafts of less than $20 and charging overdraft fees that exceed the overdrawn amount.25
Massachusetts Junk Fee Regulations. Massachusetts Attorney General Joy Campbell issued new regulations under the state’s consumer protection law to curb “junk fees.”26 The regulations require companies to disclose the total price of a product or service upfront and provide clear information regarding additional charges.
Expanded State Enforcement for Financial Markets
States are also increasingly scrutinizing new financial products and digital platforms, with particular attention to the trading of event contracts and the practices of online investment platforms. Recent actions in Massachusetts highlight how state regulators are responding to perceived risks and potential violations in these emerging areas.
In March, Massachusetts Secretary of the Commonwealth Bill Galvin issued a subpoena to Robinhood over its launch of a prediction markets hub, which allows users to bet on the outcomes of events such as March Madness basketball tournaments.27 Galvin raised concerns about integrating gambling-like features on a platform popular with young investors, suggesting these event contracts are designed to lure users away from sound investing.
Massachusetts previously filed an enforcement action against Robinhood for improper “gamification” features, resulting in a $7.5 million settlement for violations of state securities laws.28
The current investigation may focus on potential violations of Massachusetts’s Fiduciary Rule, which requires broker-dealers and investment advisors to act with utmost care and loyalty to customers and make recommendations solely in the customer’s best interest.29
Conclusion
Unlike past White House transitions, when federal regulators’ priorities remained relatively consistent, the Trump administration’s agenda has and will likely continue to significantly curtail the scope and volume of actions brought by federal regulators. However, we can expect state attorneys general, regulators, and legislators to increase enforcement efforts against financial markets participants. We will continue to monitor state-level initiatives very closely and will alert our financial markets clients to any significant developments.
1 The White House, “Fact Sheet: President Donald J. Trump Launches Massive 10-to-1 Deregulation Initiative” (Jan. 31, 2025), https://www.whitehouse.gov/fact-sheets/2025/01/fact-sheet-president-donald-j-trump-launches-massive-10-to-1-deregulation-initiative/.
2 Paul Atkins, Opening Statement Before the Senate Banking Committee, Nomination Hearing of Paul Atkins (Mar. 27, 2025).
3 Id.
4 Sen. Tim Scott, “Scott Applauds Paul Atkins’ Confirmation as SEC Chairman” (Apr. 9, 2025), Senate Banking Committee, https://www.banking.senate.gov/newsroom/majority/scott-applauds-paul-atkins-confirmation-as-sec-chairman.
5 On April 29, 2025, for example, the SEC filed a complaint against a CEO of an investment advisory firm and business development company alleging the CEO defrauded investors by making material misrepresentations in offering documents provided to prospective investors and engaged in self-dealing by extending loans to two companies in which the CEO had undisclosed financial interests. See Securities and Exchange Comm’n v. Derek R. Taller, 25 Civ. 3537, S.D.N.Y. (April 29, 2025).
6 Delegation of Authority to Director of the Division of Enforcement, 90 Fed. Reg. 12105 (Mar. 10, 2025).
7 Exec. Order 14215, 90 Fed. Reg. 10447 (Feb. 24, 2025).
8 Exec. Order 14215, 90 Fed. Reg. 10447 (Feb. 24, 2025).
9 Jessica Corso & Jon Hill, “Atkins Suggests He May Open SEC’s Doors To DOGE” (Mar. 27, 2025), Law360, https://www.law360.com/banking/articles/2316005.
10 Carl Ayers, “RCW exclusive: Leases on three SEC regional offices to end” (Mar. 7, 2025), Regulatory Compliance Watch, http://regcompliancewatch.com/rcw-exclusive-leases-on-three-sec-regional-offices-to-end/.
11 Mark T. Uyeda, “Remarks to the Annual Conference on Federal and State Securities Cooperation” (Apr. 8, 2025), SEC, http://sec.gov/newsroom/speeches-statements/uyeda-nasaa-040825.
12 Mark T. Uyeda, “Remarks at the Crypto Task Force’s Inaugural Roundtable” (Mar. 21, 2025), SEC, https://www.sec.gov/newsroom/speeches-statements/uyeda-remarks-crypto-roundtable-032125.
13 DOJ, “Memorandum for All Department Employees” (Apr. 7, 2025), https://www.justice.gov/dag/media/1395781/dl?inline.
14 The SEC has similarly reduced its investigations and enforcement in the area of cryptocurrency. In late April, for example, PayPal disclosed in its quarterly Form 10-Q report that the SEC was closing an inquiry, opened in November 2023, regarding PayPal’s PYUSD stablecoin, which pegs its value to the U.S. dollar.
15 New York Stipulation and Consent (Dec. 8, 2023), https://ag.ny.gov/sites/default/files/settlements-agreements/kucoin-stipulation-and-consent.pdf.
16 Iowa Attorney Department of Justice, “Attorney General Bird Sues Crypto ATM Companies for Costing Iowans More than $20 Million” (Feb. 26, 2025), https://www.iowaattorneygeneral.gov/newsroom/attorney-general-bird-sues-crypto-atm-companies-for-costing-iowans-more-than-20-million.
17 Id.
18 Pennsylvania Attorney General, “AG Sunday Warns Pennsylvanians of Rise in Scams Involving Bitcoin ATMs” (Feb. 25, 2025), https://www.attorneygeneral.gov/taking-action/ag-sunday-warns-pennsylvanians-of-rise-in-scams-involving-bitcoin-atms/.
19 Note that the materials relied upon by Katten for purposes of this advisory do not appear publicly on the CFPB’s website. However, the materials reviewed appear on CFPB letterhead and, as described herein, are consistent with public positions agency leadership has taken with respect to the nature of future agency activities in light of the recent presidential election.
20 For a closer look at what the CFPB’s new leadership proposes, see Katten’s recent advisory, “CFPB Suggests Shift In Supervision and Enforcement Priorities.”
21 National Treasury Employees Union, et al v. Russell Vought, et al., No. 25-cv-00381, Dkt. No. 24 (D. DC. Feb. 21, 2025), https://www.marylandattorneygeneral.gov/News%20Documents/022125_DC_DCt_Amicus.pdf.
22 Id. at 4.
23 Dana Nessel, Attorney General of the State of Michigan v. Huggy Lamar Price, et al., No. 19-cv-13078, Dkt. No. 1 (E.D. Mich. Oct. 18, 2019), https://www.michigan.gov/ag/-/media/Project/Websites/AG/releases/2019/october/Complaint_FILED.pdf?rev=ed465f8086f147629de063292258e59c&hash=96ABAB057544A8516DEC0A12D0C4FC88.
24 N.Y Gen. Bus. Law FAIR Business Practices Act at § 349.
25 New York Governor, “Protecting Consumers: Governor Hochul Cracks Down on Exploitative Overdraft Fees Targeting Low-Income New Yorkers” (Jan. 22, 2025), https://www.governor.ny.gov/news/protecting-consumers-governor-hochul-cracks-down-exploitative-overdraft-fees-targeting-low.
26 Mass. Attorney General, “AG Campbell Releases ‘Junk Fee’ Regulations to Help Consumers Avoid Unnecessary Costs” (Mar. 3, 2025), https://www.mass.gov/news/ag-campbell-releases-junk-fee-regulations-to-help-consumers-avoid-unnecessary-costs.
27 “Massachusetts regulator subpoenas Robinhood over sports betting” (Mar. 24, 2025), CNN, https://www.cnn.com/2025/03/24/business/regulators-probe-robinhood-prediction-markets-march-madness/index.html.
28 Id.
29 950 Code Mass. Regs. § 12.207(1)(a).
Five Tips for Navigating Antitrust Risk from Algorithmic Pricing Software
In recent years, both private plaintiffs and the government have increasingly scrutinized businesses’ use of “algorithmic pricing” software, leading to a wave of antitrust lawsuits and enforcement actions. These softwares, used in a wide array of industries, employ algorithms to analyze market conditions, to generate pricing recommendations. While these tools can help businesses optimize their pricing strategies, they also can raise antitrust concerns, particularly when they involve confidential competitor data or appear to facilitate price coordination among competitors.
One of the first antitrust challenges to algorithmic pricing came in 2015, when the U.S. Department of Justice charged an executive at an e-commerce site with conspiring with various competitors to adopt the same algorithm to set their respective prices. The trend gained momentum in 2022, when several lawsuits accused a software company and various property managers of using software to coordinate rental rates in multifamily housing, allegedly in violation of Section 1 of the Sherman Antitrust Act. Since then, new lawsuits have continued to emerge, and antitrust enforcers are showing an increased focus on algorithmic pricing. DOJ recently weighed in on an “algorithmic collusion” case, arguing that using a common pricing algorithm can qualify as concerted action under the Sherman Act.
Algorithmic collusion claims are still relatively new, and courts have not yet settled on clear legal standards to govern these claims, but recent cases offer insight on potential risks. Below, we outline five key considerations for companies using or thinking about adopting pricing algorithms.
1. Consult with counsel before using software that may incorporate competitors’ confidential price information. When pricing software relies on competitors’ confidential data to make pricing recommendations, it potentially can raise legal concerns. Some courts have allowed lawsuits to proceed when a software’s algorithm ran on confidential pricing data shared by competitors, with one court likening such algorithms to a “melting pot of confidential competitor information.” By contrast, several algorithmic collusion claims have been dismissed when they involved software that relied only on publicly available data. Reviewing a competitor’s publicly listed prices is generally legal under antitrust laws, whereas using private competitor data has sometimes been construed to suggest illegal collusion. Therefore, before using software that may incorporate competitors’ confidential pricing data, it is advisable to consult with counsel to consider how the software works and assess the potential risks.
2. Do not automatically follow the software’s pricing recommendations. Some of the antitrust lawsuits involving algorithmic pricing have alleged that businesses have given up control over their pricing decisions by blindly following a software’s pricing recommendations. A former FTC commissioner once explained the plaintiffs’ theory this way: “If it isn’t ok for a guy named Bob to do it [tell competitors how to set their prices], then it probably isn’t ok for an algorithm to do it either.” It is therefore significant that, in at least one case, defendants successfully obtained dismissal of the complaint in part by pointing to allegations that they sometimes overrode the software’s recommendations rather than blindly following them. Therefore, to reduce legal risk, businesses should consider maintaining the discretion to make their own independent pricing decisions rather than automatically accepting a software’s recommendation. This might mean implementing policies or trainings that empower employees to deviate from the software’s recommendations at times. At a minimum, it means keeping a “human in the loop” to monitor the software and ensure it does not work in unintended ways. The key is to retain some degree of human control over pricing instead of fully outsourcing pricing decisions to an algorithm — especially if you have reason to believe competitors may be doing the same.
3. Do not discuss algorithmic pricing software with competitors. Many lawsuits alleging algorithmic collusion rely on the concept of a “hub-and-spoke” conspiracy, where the software provider supposedly acts as the central “hub” of the alleged conspiracy and its customers (competing businesses) are the “spokes.” Importantly, to prove a “hub-and-spoke” conspiracy, a plaintiff must show not only that there were agreements between the hub and the spokes but also that the competing spokes all reached an agreement with one another — what courts call the “rim” of the wheel. In past cases, plaintiffs have cited discussions between competitors at industry conferences, webinars, and meetings hosted by the software provider as circumstantial evidence of an agreement. To lessen these sorts of risks, avoid discussing your use of algorithmic pricing software — or your competitors’ use of it — at such events or in any other contexts your competitors may learn about.
4. Avoid talking about algorithmic pricing in terms of “profit maximization” and, instead, emphasize its procompetitive benefits. Some lawsuits have cited statements from software providers and users claiming algorithmic pricing helps raise prices and increase profits. Some courts have viewed such statements as an “invitation” to collude, where the users allegedly agreed to join the asserted conspiracy by adopting the software. To reduce these kinds of risks, avoid making statements — whether in marketing materials, board presentations, or investor reports — that suggest any pricing software is being used to push prices above competitive levels. Instead, emphasize the software’s procompetitive benefits such as helping businesses offer lower prices than their rivals or helping to match supply with demand. Documenting these benefits ahead of time can help strengthen your defense if a legal challenge arises.
5. Consult an antitrust lawyer before using algorithmic pricing software. Antitrust laws surrounding algorithmic pricing are still evolving, and what seems like low-risk behavior today could become actionable conduct in the future. With ongoing court cases and appeals, as well as various legislative efforts at the city, state, and federal levels, the legal landscape is changing quickly.
$4MM TCPA SETTLEMENT: Another Seven Figure TCPA Settlement Haunts BigLaw as Truist Agrees to Pay Big Bucks
Repeat after me:
Hire big law. Expect a big loss.
Indeed you can’t even say “big loss” without “big law.” Its built into the words.
Its the same script every time.
Big law gets assigned the case. They litigate it for years charging god knows how much. Eventually get to a place where they realize they can’t win. So they recommend settlement on a classwide basis for millions of dollars.
Just terrible.
The latest victim of this ongoing TCPAWorld phenomenon is Truist Bank. They trusted a biglaw firm to help guide them through a TCPA class action in North Carolina against the powerful Keith Keogh and, well, it didn’t end up going very well.
It went so poorly, in fact, that Truist agreed to pay over $4mm to resolve the claims of just 5,998 class members per the Court’s preliminary approval order.
That means Truist agreed to pay about $666.00–look at that number– per class member in a TCPA settlement a RIDICULOUS over payment on a per-class member basis. (Pre-certification TCPA class actions like this should settle for well under $100.00 per head– and the Czar’s class settlements are usually down under $20.00 per person (look it up!!!).)
Its all about the counsel you choose folks.
The class definition here is very telling and suggests the parties cooked it up based on class data sets of Truist’s choosing:
The subscribers or regular users of the 5,998 telephone numbers assigned to cellular telephone service in the United States to which Truist placed a prerecorded telephone call concerning an unrelated account between February 10, 2019, and August 31, 2022
Compare this to the original class definitions in the complaint:
All persons subscribing to a telephone number assigned to cellulartelephone service in the United States to which Defendant placed aprerecorded telephone call concerning an unrelated account sincethe date that is four years prior to the filing of this complaint.
All persons subscribing to a telephone number assigned to cellulartelephone service in the United States to which Defendant placedprerecorded telephone calls concerning at least two unrelatedaccounts since the date that is four years prior to the filing of thiscomplaint
Night and day.
Wonder if anyone will object? Hmmm.
I understand Truist was looking for the lowest number they could get to here–hence the odd class definition– but there is just no value to this settlement at all in my opinion. Just a waste of millions of dollars.
But this is how it is.
Big law just can’t seem to win class certification motions.
And what it is, is reality.
Truist pays $4.1MM to settle with Keogh. #Biglaw strikes again. And the TCPAWorld keeps turning.
Do You Really Want to Be an ERISA Fiduciary?
Two recent class action lawsuits charging a breach of fiduciary duty under the Employee Retirement Income Security Act (ERISA) have increased the stakes and raised important considerations regarding a plan fiduciary’s duty of loyalty/prudence and engagement in prohibited transactions. This follows a string of cases over the years that have expanded the responsibilities of ERISA fiduciaries in the context of the use and investment of retirement plan assets.
Quick Hits
The U.S. District Court for the Northern District of Texas recently ruled that an employer breached a duty of loyalty to plan participants by permitting an investment manager to invest retirement assets in holdings based on nonpecuniary environmental, social, and governance (ESG) factors. A major factor in the case was that the CFO of the employer also acted as the fiduciary overseeing the plan asset investment managers.
The Supreme Court of the United States recently ruled in another case that involved allegations of prohibited transactions under ERISA, 29 U.S.C. § 1106(a)(1)(C). The main issue was whether a plaintiff is required to plead facts addressing the elements of a prohibited transaction exemption under 29 U.S.C. § 1108(b)(2)(A) in order to state a viable prohibited transaction claim under 29 U.S.C. § 1106(a)(1)(C).
First Case
In a recent class action filed in the Northern District of Texas against an employer and its fiduciary committee responsible for several 401(k) plans, the plaintiffs alleged the fiduciaries had breached their duties to the plans when investing plan assets in ESG investments. The court ruled that there was no breach of the duty of prudence but found that there had been a breach of the duty of loyalty.
Duty of Prudence
The court concluded that there was no breach of the duty of prudence concerning the selection and retention of investment managers. According to the ruling and ERISA’s relevant provisions, fiduciaries are required to perform their duties with “the care, skill, prudence, and diligence under the circumstances then prevailing that a prudent man acting in a like capacity and familiar with such matters would use in the conduct of an enterprise of a like character and with like aims.” 29 U.S.C. § 1104(a)(1)(B).
Most prudence claims are process-focused. A key factor in the court’s decision was the robust process the employer maintained for monitoring, selecting, and retaining managers in the plans’ core investment lineup. The court found the employer and fiduciary committee’s method to be thorough and well-documented. Additionally, the court viewed favorably the defendants’ efforts to mitigate risks by hiring an external, industry-leading consultant to continuously monitor all aspects of the plans.
The court emphasized that the duty-of-prudence analysis is “inherently comparative” and objective, relying on how fiduciaries should act “consistent with prevailing industry standards.” This comparative approach underscores the importance of adhering to industry norms and best practices in fiduciary decision-making.
Duty of Loyalty
In contrast to the first ruling, the court determined that there had been a breach of the duty of loyalty because the employer’s interests were intertwined with the investment manager’s. ERISA’s duty of loyalty is the “highest known to law,” requiring fiduciaries to act solely and exclusively in the best interests of the plan’s participants and beneficiaries. The court ruled that this standard had not been met.
A significant concern for the court was the undue influence the investment manager had over the employer, evidenced by its ownership of approximately $400 million of the employer’s fixed income debt and 5 percent of the employer’s stock.
Another critical issue identified by the court was the dual role of the employer’s chief financial officer (CFO), who managed the day-to-day operations of the investment manager while also holding a fiduciary duty to the employer as an officer of the company. These conflicting interests were exacerbated by the CFO’s admission that the relationship between the employer and the investment manager regarding ESG investments was circular. The court found that these overlapping interests and roles regarding plan and employer compromised the fiduciary duty of loyalty, highlighting the need for clear and uncompromised dedication to the best interests of plan participants and beneficiaries.
While the court found that there had been a breach of the duty of loyalty, it did not outright prohibit plan fiduciaries from looking at ESG factors for investment plans. In State of Utah v. Micone (February 14, 2025), the U.S. District Court for the Northern District of Texas upheld a 2022 U.S. Department of Labor regulation allowing fiduciaries to consider ESG factors if the factors served as a tiebreaker between equally beneficial financial options. The court emphasized that financial benefits must be the sole and primary consideration, with ESG factors considered only after confirming the financial benefits of an investment for the plan beneficiaries.
Second Case
The Supreme Court of the United States reviewed a case brought by employees who participated in a university’s 403(b) plans from 2010 to 2016. Among other claims, the employees alleged that payments made to the plan’s service providers were prohibited transactions under ERISA, 29 U.S.C. §1106, due to excessively high recordkeeping fees. The district court dismissed the employees’ prohibited transactions claim, and the U.S. Court of Appeals for the Second Circuit affirmed, primarily based on the courts’ conclusion that the employees were also required to plead facts supporting the nonapplication of relevant prohibited transaction exemptions in §1108.
Before the Supreme Court, the employees argued that §1106(a)(1)(C) of ERISA prohibits all transactions between plan fiduciaries and service providers and that the exemptions in §1108 are affirmative defenses that a defendant must plead and prove. The fiduciaries argued that plaintiffs must also plead and prove that the exemption facts negate application of the §1108 exemptions.
On April 17, 2025, the Supreme Court reversed the Second Circuit’s decision. The Court held that §1108 exemptions are affirmative defenses and that “defendant fiduciaries bear the burden of pleading and proving that a §1108 exemption applies to an otherwise prohibited transaction under §1106.” This holding drastically reduces the requirements for plaintiffs to plausibly allege that a prohibited transaction occurred, and it will likely expose fiduciaries to greater potential liability and expense because it will lead to more prohibited transaction claims getting past the pleading stage, forcing defendants to engage in expensive discovery.
Next Steps
Plan sponsors may want to review the makeup of their fiduciary committees to ensure they do not include high-ranking members who have a conflict of interest to the employer stemming from their duty of loyalty to the company as an officer or director. Instead, plan sponsors may want to consider appointing individuals who, while perhaps holding a lower rank such as a manager, are still knowledgeable about investments to make prudent choices for the plan.
Plan sponsors may also want to ensure that their committee delegation is properly documented, and that the fiduciary committee is actively fulfilling its responsibilities. It is crucial that the committee members possess a thorough understanding of their responsibilities, including investments and fees associated with the plan.
When selecting a plan vendor, a plan sponsor may want to verify whether the vendor holds a significant ownership stake (e.g., at least 5 percent) in the employer and make note of other external influences that may sway investment decisions.
Finally, ERISA requires plan fiduciaries to conduct proper due diligence of the investments, their returns over time, and the fees being paid by the plan as compared to other similarly situated plans.
CFIUS Announces “Fast-Track” Pilot Program Being Developed
On May 8, 2025, the US Department of the Treasury (Treasury) announced that it “will establish a fast-track process” to facilitate the review by the Committee on Foreign Investment in the United States (CFIUS) of foreign investment into the United States from “allies and partners sources . . . where there is verifiable distance and independence from foreign adversaries or threat actors.” The announcement noted that the contemplated process will include a “Known Investor” portal where information from foreign investors can be collected in advance of investment filings with CFIUS. The process is being developed by Treasury as a pilot program, however, the announcement did not include details for when the process would be rolled out.
The creation of a fast-track process for foreign investors was directed by President Trump in his National Security Presidential Memorandum (NSPM) titled “America First Investment Policy,” issued on February 21, 2025. That NSPM directed the creation of an “expedited ‘fast-track’ process” for investors from allied/partner nations as a way to facilitate greater investment into the US from trusted sources, “subject to appropriate security provisions, including requirements that the specified foreign investors avoid partnering with United States foreign adversaries,” including China and Russia.
On April 24, 2025, Deputy Secretary of the Treasury Michael Faulkender issued a statement that highlighted the possibility of collecting information from foreign investors earlier in the filing process as a way “to more efficiently get [CFIUS] the information needed to conduct risk-based assessments so as to more expediently review transactions.” Deputy Secretary Faulkender noted that maintaining a “knowledge base” on repeat filers would limit the amount of information such filers would need to resubmit with each new filing and could expedite the process. He also noted, consistent with the NSPM, that a key point would be information to establish “the distance and independence” of such trusted investors from foreign adversaries. Based on these comments, it is possible the Known Investor portal is a first-step in creating such a knowledge base for repeat filers before CFIUS.
Indiana Enacts Earned Wage Access Law
On May 6, Indiana Governor Mike Braun signed House Enrolled Act No. 1125 into law, making Indiana the latest state to enact a statutory framework for regulating earned wage access (EWA) products. The Indiana Earned Wage Access Act, which takes effect January 1, 2026, requires most EWA providers to obtain a license from the Indiana Department of Financial Institutions and comply with operational, disclosure, and consumer protection requirements.
The Act distinguishes between “employer-integrated” and “consumer-directed” EWA models. Employer-integrated models rely on income, attendance, or other employment data supplied directly by the employer. Consumer-directed models, by contrast, are based on a provider’s reasonable determination of a consumer’s earnings using information reported by the consumer.
The Act also clarifies that services offered in accordance with the new framework are not considered loans or credit under Indiana law. Other key provisions include:
Mandatory licensing and reporting requirements. EWA providers must obtain a license, submit quarterly reports, and retain records for at least two years.
Fee restrictions and tip transparency. Providers must offer a no-cost option, and any tips must be clearly disclosed as voluntary and may not be shared with employers. Providers may not default users into fee-based or tip-based services.
Prohibited debt collection practices. Providers are barred from using outbound collection calls, lawsuits, or third-party collections to recover unpaid proceeds unless fraud is involved.
Data use and advertising limits. The statute restricts software from accessing a user’s location (except to verify Indiana residency) and bans unsolicited advertisements without opt-in consent.
Exemptions. Employers offering EWA directly to their workers and federally insured depository institutions are not subject to the licensing requirement.
Putting It Into Practice: With Indiana’s enactment of HEA 1125, eight states have now adopted EWA-specific laws (previously discussed here, here, and here). Indiana’s framework reflects a growing recognition that EWA products are not loans. As more states enact laws governing EWA products, providers should remain attentive to new legislative and regulatory developments that may impact their compliance obligations.
Listen to this Post
FTC Imposed $9.6 Million Judgement Against Debt Collector for Alleged Threats and Phantom Debt
On April 30, 2025, the FTC filed an amended complaint and final order in the U.S. District Court for the Northern District of Georgia against a debt collection company in connection with allegations that the company engaged in deception and coercion to pressure consumers into paying debts they did not owe, in violation of the FTC Act, the Fair Debt Collection Practices Act (FDCPA), Regulation F, the Gramm-Leach-Bliley Act (GLBA), and the FTC’s Impersonation Rule.
According to the complaint, the debt collector allegedly engaged in years-long campaign of intimidation and misrepresentation. The FTC’s allegations include:
False threats of arrest and legal action. The debt collection company allegedly informed consumers they faced imminent lawsuits, wage garnishment, or criminal charges unless they paid.
Use of fictitious business names. The defendants allegedly used unregistered names such as “Total Consumer Solutions” to appear legitimate.
Impersonation of lenders. The FTC claims the defendants falsely claimed to be affiliated with well-known payday lenders to lend credibility to the debts they were attempting to collect.
Unlawful access to consumer information. The defendants allegedly obtained sensitive financial data, including bank account information, through fraudulent means in violation of the GLBA.
Failure to provide required disclosures. The FTC alleges the debt collector failed to issue debt validation notices and did not identify itself as a debt collector, as required by the FDCPA and Regulation F.
Improper third-party contact. The complaint also details instances where the defendants contacted consumers’ family members and shared information about their supposed debts.
The stipulated order permanently bans the debt collection company from all debt collection and brokering activities and imposes prohibitions on impersonation, misrepresentations, and unauthorized acquisition of financial data. The judgement includes a $9.68 million monetary award to the receiver, which is suspended contingent upon turnover of assets, including bank funds, cryptocurrency, and personal property. The order also requires the defendants to destroy consumer data obtained during the course of the alleged scheme and imposes a 20-year compliance and recordkeeping obligation.
Putting It Into Practice: As the role of the CFPB remains somewhat unclear under the Trump administration, the FTC as well as state financial regulators continue to remain active and aggressive (previously discussed here and here). Companies engaged in debt collection should regularly evaluate their practices to ensure compliance with all applicable federal and state requirements.
CFPB Orders Defunct Debt-Relief Company to Pay $43 Million for Alleged Student Loan Abuses
On May 1, the U.S. District Court for the Northern District of Illinois ordered the former owner of a now-defunct debt-relief company to pay over $43 million in restitution and penalties. The order resolves a lawsuit filed by the CFPB in 2020 alleging violations of the Consumer Financial Protection Act (CFPA) and the Telemarketing Sales Rule (TSR).
The CFPB alleged that the company engaged in deceptive conduct and unlawful billing practices in violation of both statutes. Specifically, the Bureau alleged that the company:
Charged illegal advance fees. The company collected fees from consumers before performing any debt-relief services, in violation of the TSR.
Deceived student loan borrowers. The company misrepresented its ability to secure loan forgiveness or reduced payments and to improve credit scores, constituting deceptive practices under the CFPA.
Failed to provide required disclosures. The company did not clearly inform consumers of material terms, including the true cost, scope, and limitations of its services.
The company was dissolved before the lawsuit was filed and never appeared in the case and a default judgment was entered against it in 2022. On January 10, 2025, the court granted summary judgment against the company’s former owner, finding him personally liable for the company’s conduct. The May 1 order directs him to pay approximately $2.1 million in restitution based on net revenues, and a $41.1 million civil penalty.
Putting It Into Practice: Despite the continued uncertainty surrounding the CFPB’s future role in consumer protection, UDAAP enforcement remains a priority for both federal and state agencies, particularly in matters affecting financially vulnerable consumers (previously discussed here and here). Financial institutions can expect UDAAP enforcement to continue regardless of the result of the ongoing litigation regarding the future of the CFPB (previously discussed here).
Listen to this post
OCC’s Hood Emphasized AI Oversight and Inclusion in Financial Services
On April 29, Acting Comptroller of the Currency Rodney Hood delivered pre-recorded remarks at the National Fair Housing Alliance’s Responsible AI Symposium. In his speech, Hood reiterated the OCC’s commitment to deploying AI responsibly within the banking sector and highlighted the agency’s broader initiatives to promote financial inclusion.
Hood outlined several key OCC initiatives focused on the responsible use of AI in banking, including:
Establishing a risk-based oversight framework. The OCC has issued guidance promoting transparency, accountability, and fairness in AI use in the financial services sector. Hood noted that AI should be governed by the same risk-based, technology-neutral principles that apply to other banking activities.
Encouraging traditional risk management practices for AI. Banks should apply established model risk management principles to AI tools due to the complex nature of AI, including its use of large data sets and intricate algorithms.
Leveraging AI for expanded access to credit. The OCC supports the use of alternative data, such as rent and cash flow information, to improve credit modeling and increase financial inclusion.
Supporting innovation through internal infrastructure. The OCC’s Office of Financial Technology continues to monitor developments in financial technology, including AI adoption and bank-fintech partnerships, and supports supervisory and policy development efforts in those areas.
Hood also discussed the role of Project REACh (Roundtable for Economic Access and Change), an OCC-led initiative that brings together banking, community, and technology stakeholders to expand affordable credit access. Project REAch has supported pilot programs that helped establish over 100,000 accounts for consumers previously unable to access credit. New workstreams under Project REACh aim to tackle homeownership barriers and explore tech-driven inclusion strategies.
Putting It Into Practice: The OCC’s ongoing efforts to promote responsible AI use underscore the federal government’s broader commitment to ensuring AI is integrated safely and equitably into the financial services sector (previously discussed here). With the vision that AI will play a growing role in financial services, market participants should expect continued developments in the regulation of both AI applications and the use of alternative data in credit decisioning on both federal and state levels (previously discussed here, here, and here).
Listen to this post
CFPB Withdraws Medical Debt Rule After Legal Challenge from Industry Groups
On May 1, the CFPB filed a joint motion with two financial trade groups to vacate a Biden-era rule barring most medical debt from appearing on consumer credit reports. The motion comes after lender groups filed a lawsuit in January, arguing that the rule unlawfully exceeded the CFPB’s statutory authority under the Fair Credit Reporting Act (FCRA).
The vacated rule would have removed an estimated $49 billion in medical debt from credit reports. The rule would have also barred creditors from considering medical debt in credit decisions and prohibited consumer reporting agencies (CRAs) from furnishing coded medical debt data for such purposes.
According to the joint filing, the CFPB’s rule contradicted express statutory permission by not allowing CRAs to furnish, and creditors to use, medical debt data if it coded to conceal health details. In addition, the rule allegedly rested on outdated and limited evidence, and would have imposed significant compliance costs and degrade the utility of consumer credit reports by suppressing accurate, non-identifying information about borrowers obligations.
Putting It Into Practice: The CFPB’s request to vacate its own medical debt reporting rule marks another example of the Bureau narrowing its regulatory focus under new leadership (previously discussed here and here). Credit reporting agencies should continue to monitor CFPB related developments and assess whether compliance updates are needed.
Listen to this post