Consumer protection often begins with a simple question: Can the consumer walk away? If the answer is no—because switching is hard, data are locked up, markets are fragmented, or new competitors cannot enter—then the problem is not just weak consumer protection. It is weak competition.
That is the frame for a deceptively basic question: How should consumer-financial law foster a stronger competitive environment?
The question arises from the Consumer Financial Protection Bureau (CFPB) Taskforce’s report on federal consumer-financial law, published in January 2021. Chapter 8 of the report’s first volume emphasized a point too often lost in consumer-protection debates: competition is not separate from consumer protection. In many markets, competition is consumer protection.
When consumers can choose among rival providers, switch accounts, transfer their data, compare prices, and obtain credit from lawful new entrants, they are less vulnerable to poor service, excessive pricing, and exclusion. When law fragments markets, raises fixed compliance costs, or shields incumbents from competition, consumers often end up with fewer choices, not better protection.
The Taskforce drew on an earlier warning from the National Commission on Consumer Finance, which argued in 1972 that “fractionalized” legislation and regulation should be reviewed to ensure both free entry by firms and fair treatment of consumers. That warning has aged unfortunately well.
Developments since 2021—in law, regulation, litigation, and scholarship—do not support a simple call for more regulation. They point instead toward better regulation: rules that reinforce competitive markets rather than displacing them. The most promising reforms are structural and market-reinforcing: clearer allocations of federal and state authority, greater legal certainty for fintech-bank partnerships, workable consumer-data portability, improved credit-information systems, and more disciplined agency analysis of competitive effects.
That emphasis also echoes the CFPB Taskforce report. As Chapter 6 of that report explained:
Market-reinforcing regulation refers to regulatory action designed to “promote competition and consumer choice so that consumers can find those products that they think are best for themselves and their families.”
Market-reinforcing regulation is consistent with the disclosure-based regulatory strategy of the past several decades that is designed to help markets function and to satisfy consumer demand more effectively by enabling consumers to shop more easily among competing product providers. It also includes vigorous prosecution of fraud, deception, and other unlawful practices that undermine consumer choice.
That description remains as accurate as ever.
When Consumer Protection Is Incumbent Protection
Consumer finance does not suffer from a lack of government involvement. It is already governed by a dense web of federal and state regulation: the Truth in Lending Act (TILA), Equal Credit Opportunity Act (ECOA), Fair Credit Reporting Act (FCRA), Electronic Fund Transfer Act (FCRA), Fair Debt Collection Practices Act (FDCPA), Real Estate Settlement Procedures Act (RESPA), Home Mortgage Disclosure Act (HMDA), Gramm-Leach-Bliley Act (GLBA), state licensing regimes, state usury laws, prudential supervision, CFPB supervision, Federal Trade Commission (FTC) enforcement, state attorneys general, and private litigation.
The larger problem is not too little regulation. It is poorly targeted regulation. Some legal rules make markets work better. They deter fraud, require accurate disclosures, prohibit discrimination, keep payment systems reliable, and make contractual promises enforceable. Those rules can strengthen competition by giving consumers confidence to participate in markets.
Other rules can do the opposite. They raise entry costs, impose vague or open-ended liability, restrict truthful information, create state-by-state fragmentation, and substitute administrative price-setting for consumer choice. In practice, consumer protection can become incumbent protection.
So the question is not whether consumer finance should be regulated. It plainly already is. The better question is which rules increase consumer choice, market entry, accuracy, and accountability—and which ones suppress them.
New Financial Products, Old Legal Boxes
Since 2021, consumer finance has become more digital, more data-driven, and more dependent on partnerships. Consumers may experience a product as a single app or transaction. Behind the scenes, though, that product may involve a chartered bank, fintech platform, payment processor, data aggregator, servicer, cloud provider, program manager, and investor.
That layered structure can produce real benefits. It can lower distribution costs, reach consumers underserved by branch-based banking, create products better tailored to household cash-flow patterns, and intensify competition against large incumbent firms. It also creates legal uncertainty: Who is the lender? Who is responsible for disclosures? Who bears liability for fraud? Which state laws apply? Which federal regulator has supervisory authority?
Traditional legal categories do not map neatly onto modern market structures. Regulators that force every new financial product into an old legal box risk smothering useful innovation. Regulators that do nothing risk inviting evasion and consumer harm. The better approach is product-neutral regulation: similar consumer risks should receive similar legal treatment. But regulators should not assume that every new financial product is simply an old one wearing a hoodie.
When ‘Security Concerns’ Mean ‘Please Don’t Leave’
Consumer-authorized data portability may be the most promising competition reform in consumer finance. Data create switching costs. A consumer’s transaction history, income flows, recurring payments, balance patterns, and repayment behavior can help a rival provider offer a better account, loan, payment tool, budgeting service, or underwriting decision. Without meaningful data portability, incumbents can effectively hold consumers hostage. The consumer may “own” the relationship in theory, but the incumbent controls the data in practice.
That is why the CFPB’s Section 1033 open-banking rulemaking addresses a real competition problem. Open banking simply means that consumers can access their financial data and authorize third parties to use it securely. The hard part is implementation.
A workable open-banking framework should do five things. First, it should begin with the consumer’s own right to access usable, machine-readable data. Second, third-party access should depend on clear, revocable consumer authorization. Third, liability rules should be straightforward. If a consumer authorizes a third party and that third party misuses the data, the data provider should not face open-ended liability absent its own fault. At the same time, data providers should not be allowed to block access through conveniently vague “security concerns.”
Fourth, technical standards should evolve through private standard-setting. Government should define the relevant outcomes—security, authentication, revocation, availability, and auditability—without freezing a particular technology stack into law. Fifth, privacy rules should remain simple and enforceable. Data should be used only for the consumer-requested service, retained only as long as necessary, and deleted after authorization is revoked, subject to legitimate legal obligations.
If designed well, open banking can improve switching, refinancing, budgeting, income verification, small-business lending, and consumer choice. If designed poorly, it can become yet another compliance maze that only the largest firms can afford to navigate.
Bank-Fintech Partnerships Need Rules, Not Guesswork
Bank-fintech partnerships are now central to competition in consumer finance. These arrangements can help smaller banks reach new customers and allow fintech firms to offer products nationwide. They may also expand credit access to consumers underserved by traditional banks. The partnerships nonetheless raise a legitimate concern: some may exist primarily to evade state usury or licensing laws while leaving the bank as little more than a nominal participant.
The answer is neither blanket hostility toward bank-fintech partnerships nor blanket immunity for them. What is needed instead is a clear federal “true lender” framework. In plain English, true-lender rules determine who legally counts as the lender when a bank and a fintech work together. That matters because banks and nonbanks may face different rules, including different state interest-rate limits and licensing requirements.
A bank should qualify as the lender when it meaningfully controls underwriting, approval, funding, compliance, and the loan’s key economic terms—and when it retains genuine responsibility and economic exposure. By contrast, a fintech should be treated as the lender when the bank merely rents out its charter while the fintech controls the real economics of the transaction. If the bank is basically a regulatory mascot, courts and regulators should say so plainly.
The key point is that the governing rule should be clear, federal, and knowable in advance. The current regime of state-by-state litigation and after-the-fact multi-factor balancing tests creates pervasive uncertainty. That uncertainty favors large incumbents and well-capitalized firms that can absorb legal risk. Smaller entrants often cannot. In that sense, legal uncertainty is not just a legal problem. It is a barrier to entry.
Not Every Unpopular Fee Is a Market Failure
Another major development since 2021 has been the regulatory campaign against so-called “junk fees,” including credit-card late fees and overdraft charges. Some consumer concerns are real. Fees may be poorly disclosed. Consumers may underestimate their frequency or magnitude. Financial institutions may manipulate transaction-posting order to maximize overdrafts. Repeated overdraft or representment fees—fees charged when a previously rejected payment is submitted again—can surprise consumers and create real hardship.
Still, the mere fact that a fee is unpopular does not establish market failure. The relevant policy question is whether the fee is deceptive, coercive, unavoidable, unrelated to cost or risk, or insulated from competition by switching costs. If so, targeted intervention may be appropriate.
Broad price caps, by contrast, can produce unintended consequences. If overdraft credit becomes unavailable, some consumers may instead face declined transactions, late rent payments, payday loans, pawn transactions, or informal borrowing from friends and family. If late fees are capped below their cost or deterrence value, issuers may respond through higher interest rates, annual fees, tighter underwriting, or reduced access for higher-risk consumers.
That does not mean all fees are justified. It means reform should focus first on competition and transparency: real-time alerts, clearer opt-in rules, limits on manipulative practices, easier account switching, low-cost account competition, and targeted enforcement against deception. Consumer protection should not become a backdoor system of price administration absent strong evidence that price controls will improve consumer welfare after accounting for reduced access and substitution effects.
You Can’t Price Risk With a Blindfold On
Credit reporting is another area where competition and consumer protection intersect. Accurate credit information can expand access to credit and lower borrowing costs. Inaccurate information can wrongly exclude consumers from the market or force them to pay more than their actual risk justifies. The policy goal should be a credit-information system that is accurate, contestable, and competitive.
Recent debates over medical-debt reporting illustrate the tension. Medical debt can be noisy data. It may reflect insurance disputes, billing errors, or administrative confusion more than genuine creditworthiness. Those are legitimate concerns. At the same time, broad suppression of truthful information can reduce predictive accuracy, create cross-subsidies among borrowers, and raise costs for consumers who would otherwise benefit from more accurate risk differentiation.
The better approach is not politically popular deletion of disfavored data categories. It is to improve the underlying system: better accuracy standards, stronger dispute-resolution procedures, clearer furnishing requirements, improved identity matching, and more rigorous model validation. The key questions should be straightforward: Is the information accurate? Is it predictive? Was it fairly obtained? Can consumers meaningfully contest it? If the answer to those questions is no, policymakers should fix those problems directly.
Competitive credit markets depend on good information. Restricting information may feel consumer-friendly in the short run, but it can reduce credit availability over time.
A National App Shouldn’t Need 50 Different Licenses
The CFPB Taskforce’s warning about “fractionalized” regulation is especially relevant today. Digital finance is national. Consumers use the same financial apps across state lines. Fintech products scale nationally. Bank-fintech partnerships routinely operate across multiple jurisdictions. Yet many nonbank providers must navigate a maze of state-by-state licensing regimes, disclosure mandates, interest-rate limits, and enforcement risks.
Some state experimentation is valuable. States can identify local abuses, enforce anti-fraud laws, and serve as regulatory laboratories. But fragmentation can also become a form of economic protectionism. The costs of complying with 50 overlapping regulatory systems do not fall evenly. Large incumbent firms can absorb them. Smaller entrants often cannot. The result may be fewer competitors rather than safer markets.
That is why some form of federal chartering or passporting deserves renewed attention. A federal charter or passport would allow a qualified firm to operate nationally under federal standards, rather than securing separate permission in every state. Congress should consider creating an optional federal consumer-finance charter or passport for nonbank lenders, payment firms, and data intermediaries that satisfy robust federal standards.
Such a charter should not function as a regulatory loophole. Firms should still meet meaningful requirements for capital, compliance systems, cybersecurity, fair-lending controls, complaint handling, examination, and resolution planning calibrated to their risk profile. In exchange, qualifying firms should receive genuine nationwide operating authority, along with preemption of duplicative or inconsistent state rules that materially obstruct market entry.
After all, if consumers can use the same app in all 50 states, it is not obvious why the provider should need 50 different permission slips to operate it.
A well-designed federal framework could preserve consumer protection while reducing artificial barriers to competition.
Regulatory Whiplash Favors Incumbents
Recent Supreme Court decisions will also shape the future of consumer-finance policy. In CFPB v. Community Financial Services Association of America (2024), the Court upheld the CFPB’s funding structure, eliminating one existential challenge to the Bureau’s continued operation. At the same time, the Court overruled Chevron deference in Loper Bright Enterprises v. Raimondo (2024). Under the old Chevron framework, courts often deferred to an agency’s “reasonable” interpretation of an ambiguous statute. After Loper Bright, agencies can no longer rely as heavily on ambiguity to expand their authority. Courts will exercise independent judgment over statutory meaning.
For consumer finance, that shift should encourage a more disciplined regulatory environment. Rules that rest on clear statutory text, substantial evidence, and careful attention to reliance interests are likely to prove more durable. Rules that stretch older statutes into new markets through aggressive analogy are likely to face greater judicial skepticism.
That matters for competition because regulatory whiplash is itself anti-competitive. Large firms can usually survive prolonged uncertainty. Smaller firms often cannot. When a rule is adopted, stayed, litigated, revised, vacated, and revived, the practical beneficiary is frequently the incumbent firm with the deepest legal budget and the highest tolerance for uncertainty.
Post-Loper Bright, regulators should become more careful, not less active. The CFPB and other agencies should rely on clearer statutory authority, adopt narrower and more targeted rules, and support those rules with stronger economic analysis.
Every Consumer Rule Has a Competition Effect
One useful institutional reform would be to create a more serious competition-impact analysis function within the CFPB. The Bureau already has statutory objectives that include promoting access, encouraging innovation, and reducing unwarranted regulatory burdens. In practice, though, those goals are often overshadowed by enforcement and rulemaking priorities.
The CFPB’s existing competition office could play a more meaningful role by reviewing major rules and enforcement initiatives for their effects on market entry, small providers, product availability, switching costs, and consumer access. Before adopting a major rule, the Bureau should ask a few basic questions: Does this rule increase fixed compliance costs? Does it favor large incumbents over smaller entrants? Does it reduce access for higher-risk consumers? Does it restrict truthful information? Does it create vague or unpredictable liability? Does it impede interstate entry? Are there less restrictive alternatives?
That kind of analysis would not weaken consumer protection. It would recognize an often-overlooked reality: competition effects are consumer-protection effects. Put differently, if a regulation leaves consumers with fewer choices, fewer entrants, and higher switching costs, the Bureau should at least ask whether it is solving one problem by quietly creating another.
How to Regulate Consumer Finance Without Smothering It
The reform agenda follows from that basic principle. Congress should create an optional federal consumer-finance charter or passport, allowing qualified nonbank firms to operate nationally under strong federal standards without navigating duplicative state barriers.
Congress or the banking agencies should establish a clear federal framework for true-lender and valid-when-made rules. The valid-when-made doctrine generally means that a loan valid when made by the original lender does not become invalid merely because it is later sold or assigned.
Responsible bank-fintech partnerships should receive legal certainty. Sham arrangements should not.
Open banking should be implemented as secure competition infrastructure: consumer access rights, authorized data sharing, clear liability rules, revocation mechanisms, data minimization, and flexible technical standards that can evolve over time.
Regulators should favor targeted conduct rules over broad price caps. The focus should be deception, manipulation, surprise, and lack of meaningful consumer choice—not simply the existence of unpopular fees.
Disclosure rules should be modernized. Consumers need timely, salient, digital disclosures about total cost, repayment timing, default consequences, cancellation rights, and dispute rights. They do not need another stack of unread legal forms that everyone scrolls past at the speed of light.
Credit-reporting reform should focus on accuracy, dispute rights, furnishing standards, and competition among data providers—not broad suppression of truthful information absent careful evidence that doing so improves consumer welfare.
The CFPB should conduct meaningful competition-impact analysis for major rules and enforcement initiatives.
Finally, policymakers should preserve state experimentation while limiting protectionist fragmentation that materially obstructs federally supervised national competition.
Two objections are likely. The first is that market-oriented reform may leave consumers exposed. That objection misses the point. This agenda is not laissez-faire. It supports strong enforcement against fraud, deception, discrimination, data misuse, and coercive surprise. It supports meaningful dispute rights, privacy protections, and fair-lending controls. What it rejects is the assumption that more prescriptive regulation necessarily produces greater consumer welfare.
Consumers are harmed not only by bad products. They are also harmed by missing products: credit they cannot obtain, accounts they cannot open, data they cannot move, and competitors that never enter the market.
The second objection is that federal preemption or chartering could weaken state consumer protection. That concern is legitimate. Any federal charter should come with strong baseline obligations and genuine supervision. But state fragmentation can also undermine consumer welfare. If overlapping compliance regimes prevent firms from entering the market, consumers may end up with fewer choices and higher prices.
A national market needs at least some national rules. The real challenge is distinguishing legitimate state consumer protection from rules that operate mainly as entry barriers with a consumer-protection label attached.
The Best Consumer Protection May Be the Exit Door
The central lesson of the CFPB Taskforce report remains compelling: consumer protection and competition should be understood together, not treated as opposing goals.
A healthy consumer-finance market is one in which consumers can compare products, switch providers, authorize data sharing, access lawful credit, challenge errors, and choose among meaningful rivals. It is also a market in which firms know the rules before they enter.
Since 2021, the need for that framework has become even clearer. Digital finance, open banking, fintech partnerships, payment apps, buy now, pay later (BNPL), and alternative data have made consumer finance more dynamic and potentially more competitive. At the same time, legal uncertainty and regulatory fragmentation have grown.
The best path forward is neither endless new regulation nor deregulation for its own sake. It is market-reinforcing regulation: clear rules against fraud and abuse, strong information rights, secure data portability, workable federal pathways for responsible entry, and disciplined attention to competitive effects.
If policymakers want stronger consumer protection, they should not underestimate the protective force of competition itself.
Consumers are often safest not when regulators eliminate every risk, but when they can walk away from firms that treat them badly.
