USA LAW AND PRACTICE Contributed by: Margo H.K. Tank, Michael Fluhr, Era Anagnosti, Kristin Boggiano, David Stier, Liz S. M. Caires, Adam Dubin, Emily Honsa Hicks, Kathleen Birrane and Chezelle McDade, DLA Piper LLP
approach including withdrawing outdated guidance and engaging in initiatives to integrate tokenised col - lateral, including stablecoins, into derivatives markets, and a focus on collaborative regulation with SEC to harmonise regulations and foster innovation in finan - cial markets. CFPB In 2025, CFPB issued several statements regarding deprioritisation of certain areas of enforcement and significantly reduced their volume of enforcement activity. Only one enforcement action was concluded in 2025. CFPB alleged that the fintech did not main - tain adequate location records related to consumers’ funds, and did not reconcile those records with part - nering banks, resulting in the loss of those funds. The parties entered into a stipulated judgment with injunc - tive relief and a USD1 civil penalty. AML and Sanctions The Department of Justice (DOJ) and Treasury con - tinued aggressive AML and sanctions enforcement against digital asset companies and their execu - tives primarily for conduct that threatened (or had the potential to threaten) US national security. • A centralised cryptocurrency exchange pleaded guilty to unlicensed money transmission and agreed to pay nearly USD300 million in penalties for operating in the USA without properly register - ing and failing to implement AML controls. • A cryptocurrency exchange also pleaded guilty to operating an unlicensed money transmitting busi - ness, with penalties totalling ~ USD504 million. The exchange also committed to compliance undertak - ings, including an external compliance consultant through at least 2027. • FinCEN assessed a USD3.5 million penalty against a peer-to-peer CVC trading platform, alleging it facilitated more than USD500 million in suspicious activity and had major AML programme failures. • OFAC brought enforcement actions against, among others: (i) a defunct cryptocurrency trading platform which serviced users in sanctioned juris - dictions; (ii) a digital asset wallet company for reck - lessly evading or coaching users on how to evade sanctions on North Korea and Iran; and (iii) non-US entities, including fintechs in the Middle East, Rus -
sia, and China, adding the entities to its Specially Designated Nationals (SDNs) list for facilitating sanctions evasion and assisting in military and ter - rorist operations, including through cryptocurrency. Although 2025 reflected a less aggressive enforce - ment environment for SEC, CFTC, and CFPB, national security-related enforcement by Treasury, the DOJ, and Departments of State and Commerce increased significantly. This trend is likely to continue. 2.11 Implications of Additional, Non- Financial Services Regulations While privacy, cybersecurity, social media and soft - ware development regulations apply broadly across financial entities and services, legacy financial insti - tutions and fintechs have different regulatory frame - works and enforcement risks. For example, banks are subject to direct supervisory oversight whereas fin - techs may be obligated through contractual arrange - ments with partners, vendors, or technology provid - ers. Where strict privacy rules apply to banks under the federal Gramm–Leach–Bliley Act and strict data rules also apply, fintechs are subject to state privacy and data laws – a much less onerous framework. 2024 saw a significant uptick in enforcement and litigation matters related to privacy claims under various state Biometric Information Privacy Acts and under the Cali - fornia Invasion of Privacy Act. Fintechs are exposed to other marketing and consum - er engagement regulations and policies due to their dependence on technology. Prohibitions against the use of “dark patterns” are one such example. “Dark patterns” is a set of practices using electronic inter - face design that may manipulate, mislead or deceive a consumer into providing consent that they would not otherwise or otherwise steer consumers into deci - sions that they may not truly intend or understand. 2.12 Review of Industry Participants by Parties Other Than Regulators Entities like self-regulatory organisations (SROs) and accounting firms or accountants may have respon - sibilities to review activities of industry participants. SROs are not regulators but are overseen by federal
966 CHAMBERS.COM
Powered by FlippingBook