To commemorate the six months since the Oregon Consumer Privacy Act (“OCPA”) became effective, Oregon Attorney General Dan Rayfield released earlier this month a Report summarizing complaints received from consumers about alleged violations of the law and the Oregon Department of Justice Privacy Unit’s initial enforcement efforts.
In advance of its April 4, 2025, board meeting, the California Privacy Protection Agency (CPPA) released a discussion draft of revisions to its proposed California Consumer Privacy Act (CCPA) regulations. These revisions pertain to cybersecurity audits, risk assessments, automated decision-making technology (ADMT), serving to update the existing CCPA proposed regulations. Our priorsummaries addressed the broad reach of these proposed regulations.
Banks have reportedly more than doubled their lending to nonbank financial institutions (NBFIs) over the past five years and are now lending those companies $1 trillion a year.
This lending enables banks to profit from the growing share of lending that is being done by NBFIs, but it has also raised concerns among banking regulators, Bloomberg reported Thursday (March 27).
In an era where data privacy is becoming increasingly important, state data privacy regulations are rapidly evolving, reshaping the landscape for financial services companies. As legislation tightens and consumer expectations around data protection rise, collections departments across lenders, collection agencies, debt buyers, credit unions, and debt settlement companies are compelled to adapt.
On March 20, the Arkansas governor signed into law Arkansas Act 347, known as the Earned Wage Access Services Act. Sponsored by Representative David Ray (R) and Senator Ben Gilmore (R), this legislation aims to regulate earned wage access (EWA) providers. Notably, “providers” is defined to include a person engaged in the business of offering earned wage access, but not an employer that advances a portion of earned wages directly to employees or independent contractors.
.jpg)
.jpg)