Collections news at your fingertips

TCPA, FDCPA way up over last month, FCRA down a bit.

September 2025 saw TCPA and FDCPA litigation spike by double digits (+23.7& and +22.6% respectively) while FCRA litigation ticked down a bit (-4.7%).

Year-to-date, FDCPA is closing the gap and trending to possibly surpass last year’s number. Over the last six months, FDCPA has been hovering in the range of -9% down to -5% down over 2024. In September, that gap dropped to 1.7%. TCPA and FCRA will have no problem significantly surpassing their 2024 totals, with them ahead by +57.9% and +30.7% respectively.

Lenders are refining how they score enrolled accounts—not to rush them into courtrooms, but to determine whether litigation is a last resort or a misapplied strategy.

Today’s podcast features the second part of a repurposed webinar produced on September 3, 2025, which dives into the legal risks, compliance challenges, and emerging constitutional questions stemming from the GENIUS Act. The conversation examines the strict prohibition of deceptive claims regarding federal backing or insurance for stablecoins, highlighting the significant civil liabilities and penalty provisions attached to violations.

On October 21, 2025, the New York Department of Financial Services (the “DFS”) issued important guidance for covered entities (including all DFS licensees) for managing their cybersecurity risk related to third-party service providers (“TPSPs”). Industry Letter – October 21, 2025: Guidance on Managing Risks Related to Third-Party Service Providers | Department of Financial Services specifically includes the covered entity’s use of cloud, file transfer, AI and fintech providers (“Guidance”). According to the DFS, the “Guidance does not impose new requirements or obligations . . ..”

While October 1, 2025—the effective date of Maryland’s Online Data Privacy Act (“MODPA” or the ​“Act”)—has come and gone, businesses still have some time to ensure their practices are compliant.  By its own terms, MODPA does not apply to ​“any personal data processing activities before April 1, 2026,” (though it requires data protection assessments for certain processing activities that occur on or after October 1, 2025) and requires the Maryland Attorney General to consider whether to provide a 60-day cure period for alleged violations until April 1, 2027.  With these buffers in mind, we highlight some of the particularly challenging features of MODPA and practical ways that businesses can address them.