June 2025 Regulatory Update: CFPB's Historic Rollback & More

If you thought last month was a busy month for regulatory updates, this month just raised the bar. The CFPB delivered on its promise of major change, with sweeping regulatory shifts keeping compliance officers across the industry busy.  

Join Ncontracts' regulatory experts as we break down these major developments and what they mean for your compliance strategy. We're covering everything from guidance withdrawals and rule rescissions to state enforcement and the latest on what’s going on in Congress. 

Want more detailed analysis? Listen to the Reg Update podcast for a deeper dive. And as always, additional resources, including regulatory analysis documents, are available in Ncomply to help you navigate this evolving landscape.  

CFPB's Massive Regulatory Rollback 

In May, the CFPB withdrew 67 pieces of guidance that have shaped financial services compliance for over a decade, affecting regulatory expectations across major consumer protection laws. This sweeping rollback revised the UDAAP framework, reduced fintech and crypto oversight, eroded fair lending protections, eliminated certain fee oversight guidelines, and weakened consumer protections in credit reporting. 

Key Action Items for Compliance Officers 

Every compliance officer should conduct a comprehensive review of policies and procedures to identify reliance on withdrawn guidance, assess risk tolerance given that consumer protection laws remain enforceable by courts and state regulators, and monitor enforcement signals from other regulatory bodies. The rollback creates uncertainty rather than permission — private litigation continues, and state enforcement is intensifying. 

Bottom Line: While federal guidance has been withdrawn, consumer protection laws remain on the books and enforceable through courts, state attorneys general, and private litigation. Institutions must carefully balance regulatory flexibility with ongoing legal risks in this new compliance landscape. For a detailed listing of the withdrawn guidance and a regulatory analysis document, log into Ncomply. 

CFPB Limits State Enforcement Authority

The CFPB rescinded its 2022 interpretive rule that had broadly expanded state authority to enforce federal consumer financial laws, now limiting states to enforcing only unfair, deceptive, or abusive practices under the Consumer Financial Protection Act rather than all consumer protection laws like TILA and ECOA.  

This rescission differs from other CFPB rollbacks because it attempts to limit state power rather than the CFPB's own authority, and the CFPB doesn’t control state enforcement capabilities — courts will ultimately determine the scope of state authority, with at least one district court already ruling that states retain broad enforcement powers under federal consumer financial laws. 

CFPB Withdraws Regulation AA on Contract Terms

The CFPB withdrew its proposed rule regarding Regulation AA, which would have prohibited certain contract clauses in consumer financial agreements for mid-sized banks and nonbank entities, including terms that waived consumers' legal rights or restricted free expression. The CFPB cited concerns over duplicating existing FTC rules and questions about their legal authority. 

While this eliminates a new compliance burden, the underlying risks remain through existing FTC enforcement and potential state-level action, so institutions should continue reviewing contracts and monitoring enforcement trends. 

CFPB Moves to Rescind Open Banking Rule 1033

The CFPB asked a federal court to vacate its Personal Financial Data Rights rule, citing issues including unlawful prohibition of data provider fees and requirements for third-party data sharing that weren't explicitly included in Dodd-Frank's Section 1033. The CFPB argues the rule exceeded statutory authority by mandating developer interfaces for third parties when the law only requires consumer access to their financial data in electronic form. 

While this rule may be rescinded, Section 1033 still requires some form of implementation allowing consumer access to financial data — potentially just with fewer technical requirements and third-party obligations than the original rule contained. 

Trump Withdraws McKernan's CFPB Director Nomination 

President Trump withdrew Jonathan McKernan's nomination as CFPB Director, moving him to the Treasury's Undersecretary of Domestic Finance instead. McKernan had cleared committee but never received a full Senate vote, with senators indicating confirmation would not happen until the CFPB reached the "right size." Acting Director Russell Vought will continue to lead the agency for now. 

CFPB Reverses Two Nonbank Oversight Rules

The CFPB proposed rescinding its Registry of Nonbank Covered Persons Rule that would require nonbank financial providers to report enforcement orders to a central database, citing speculative consumer benefits and compliance burdens. Simultaneously, President Trump signed a Congressional Review Act resolution voiding the CFPB's rule to supervise large nonbank digital payment providers handling 50+ million annual transactions. 

These changes reduce federal oversight of nonbank entities while maintaining supervision requirements for traditional banks and credit unions. Institutions should reassess third-party risk management frameworks and monitor potential state-level regulatory responses to fill oversight gaps. 

New York AG Picks Up Capital One Case After CFPB Withdrawal

After the CFPB dropped its lawsuit against Capital One in February, New York Attorney General Letitia James filed suit in May alleging the same core issues. The lawsuit claims Capital One marketed its 360 Savings account as high-interest but froze rates at 0.3% while launching the nearly identical 360 Performance Savings with much higher rates, and instructed employees not to disclose the better option unless specifically asked. 

This demonstrates the shift from federal to state enforcement, highlighting compliance risks around multiple product versions, rate change disclosures, and internal sales guidance that restricts information about better customer options — issues that continue to attract state-level scrutiny even as federal enforcement priorities change. 

House Passes Reconciliation Bill with Banking Provisions

The House passed the "One Big Beautiful Bill" reconciliation package maintaining credit unions' tax-exempt status, prohibiting state AI regulation, and excluding 25% of qualified rural/agricultural loan interest from taxation. The bill creates new "Trump Accounts" where banks serve as trustees for children's accounts receiving $1,000 federal deposits, requiring new fraud controls, and cuts CFPB funding to $249 million for 2025. 

The bill moves to the Senate where it is expected to pass. 

OCC Reinstates Streamlined Bank Merger Process

The OCC reinstated the streamlined application processes and expedited review for Bank Merger Act applications, reversing Biden-era restrictions and rescinding its 2024 merger policy statement. This follows the FDIC's similar March rollback and Congressional Review Act efforts to invalidate previous merger restrictions. 

Institutions considering mergers should inform boards of these streamlined processes now available. 

Change is nonstop—whether it’s new regulations or routine updates. Watch our latest webinar to learn how to build a change management program that’s both flexible and well-structured.