Colorado Establishes Safe Harbor for Bank/Fintech Lending Programs

The Administrator of the Colorado Uniform Consumer Credit Code (an officer within the Colorado Attorney General's office) (the "Colorado Administrator") has announced a settlement with Avant LLC and Avant of Colorado LLC (together, "Avant") and Marlette Funding LLC ("Marlette")¹ in its suit challenging the "bank partnership model" for providing consumer credit services. The settlement has far-reaching implications for bank/fintech lending programs.

Background

In 2017, the Colorado Administrator sued two bank/fintech lending programs that originated loans to Colorado consumers: one operated by Avant for its bank partner, WebBank, a Utah state-chartered bank; and the other operated by Marlette for its bank partner, Cross River Bank, a New Jersey state-chartered bank (CRB). The Colorado Administrator alleged that the consumer loans offered to Colorado residents pursuant to both programs violated the Colorado Uniform Consumer Credit Code. Specifically, the Colorado Administrator alleged that neither WebBank nor CRB were the "true lenders" in their respective lending program because the fintech companies operating the lending platforms bore all the risk under the program. If Avant and Marlette were the legal "true lenders" in these programs, then the loans could have been subject to Colorado's usury limits, which could have possibly rendered some of these loans unenforceable.

On June 9, the Colorado Administrator's case against Marlette was supported when a Colorado state trial court found that that "the non-bank purchasers are prohibited under C.R.S. § 5-2-201 from charging interest rates in the designated loans in excess of Colorado's interest caps and, further, that [CRB] cannot export its interest rate to a nonbank such as Defendant Marlette, and finally, that the [Colorado] statute is not preempted."² Based on this analysis, the Court found that interest rate exportation rights were limited to banks and could not be enforced by non-bank assignees. That decision is only binding on Marlette and CRB with respect to that particular program.

However, on August 18, the Colorado Administrator, Avant, Marlette, CRB and WebBank collectively agreed on a groundbreaking settlement that establishes a safe harbor framework for consumer lending programs where bank-originated loans are sold to fintech companies (the "Colorado Safe Harbor Framework"), superseding the June 9 ruling of the Colorado state trial court against Marlette and CRB. As part of the settlement, Avant, Marlette, CRB and WebBank also agreed to collectively pay an aggregate sum of $1.05 million to the Colorado Attorney General's office to cover litigation expenses and to make a $500,000 donation to the Colorado MoneyWi$er program in support of K-12 financial literacy education.

Colorado Safe Harbor Framework Methods

Under the newly announced Colorado Safe Harbor Framework, a bank/fintech loan program can provide loans to Colorado consumers if it meets any one of the following three methods:

1. The first method would restrict the ability of a bank and a fintech to enter into a committed forward flow purchase agreement with respect to loans that were originated by the bank in excess of Colorado's usury limit; however, there would be no restrictions with respect to uncommitted forward flow purchase agreements. Importantly, notwithstanding the foregoing restriction, a bank and a fintech company can enter into committed forward flow arrangements with respect to loans that are originated by the bank that do not exceed Colorado's usury limit. Uncommitted forward flow purchase agreements would satisfy this safe harbor prong so long as they did not include: (1) broad indemnity provisions for failure by the fintech company to purchase the bank-originated loans or losses arising from a borrower's failure to make payments on such loans; and (2) the use of collateral accounts posted by the fintech companies to be used by the originating bank to either fund such loans directly or secure the funding of such loans at origination.
2. The second method would restrict the originating bank's ability to transfer loans to fintech companies under one of two methods. Either it would (1) restrict a committed forward flow arrangement in excess of 49 percent of the economic interests in all loans originated in any calendar year in excess of Colorado's usury limits by the bank under a specific fintech lending program and there could be no uncommitted facility for the balance of such loans; or (2) restrict a committed forward flow arrangement in excess of 25 percent of the economic interests in all loans originated in any calendar year in excess of Colorado's usury limits by the bank under a specific fintech lending program but there could be an uncommitted forward flow arrangement for the balance of such loans as long as the bank and the fintech company complied with the limitations in method #1. Economic interests for these purposes would include (1) the sale of whole loans; (2) the sale of participation interests or receivables; (3) any transfer resulting in the transferee accepting the economic risk of loss; (4) any sales of securities backed by whole loans or receivables (excluding the related fintech's acquisition of such securities in a broadly subscribed securitization); and (5) any transfer of any of the foregoing to an affiliate of the applicable fintech. However, in either scenario under this method #2, there would be no such restrictions on loans that are below Colorado's usury limits.
3. The third method would restrict the bank's ability to transfer loans to a single fintech company in excess of 85 percent of all loans originated by the bank under such program regardless of whether or not the loans violate Colorado's usury limits and would require the bank to not originate more than 35 percent of loans under a single program with a fintech company with an interest rate in excess of Colorado's usury limits.

Each of these methods under the Colorado Safe Harbor Framework is limited to an individual relationship between a single bank and a single fintech company. Furthermore, regardless of which method above a bank/fintech loan program chooses to operate within, the Colorado Safe Harbor Framework requires the bank to maintain robust oversight over the bank/fintech lending program and also imposes a 36 percent annual percentage rate (APR) cap on all loans originated by the bank under any such program.

Prior to this settlement, the focus of other state and federal "true lender" actions and rulings has been on bank loan retention. The framework established by the Colorado Administrator instead places emphasis on the bank retaining risk with respect to the loans it originates, rather than the loans themselves. By retaining documented risk in the performance of the loans made to Colorado consumers, either through not having a committed buyer or by restricting the percentage of loans that can be sold post-origination, the bank has both "skin in the game" and oversight of its originations by its regulators.

What the Settlement Means for Future Regulations

Importantly, the Colorado Safe Harbor Framework will provide greater protection to banks and fintech companies in Colorado with respect to the "true lender" issue than (1) the recently effective August 3 final rule issued by the Office of the Comptroller of the Currency (OCC) affirming the "valid when made" doctrine with respect to loans made by national banks and federal savings banks; and (2) the Federal Deposit Insurance Corporation (FDIC) proposed corresponding rule with respect to state-chartered banks and "valid when made" that becomes effective on August 21 (collectively with the OCC’s final rule, the "VWM Rules"). As has been reported, the Attorneys General of California, Illinois and New York are challenging the OCC ruling in a recent lawsuit filed on July 29 alleging that the OCC does not have the authority to issue such regulations under federal law and that such rule encourages predatory lending. In contrast to the VWM Rules, the Colorado Safe Harbor Framework relates solely to bank/fintech loan programs and does not cover other consumer lending that may be deemed predatory to the extent that interest rates charged under those consumer loans exceed Colorado's usury rate. On July 20, the OCC proposed a "true lender" rule for national banks which provides that the bank is the "true lender" if, as of the date of origination, (1) it is named as the lender in the loan agreement; or (2) it funds the loan. The deadline for comments on that proposal is September 6, 2020.

We expect that most bank/fintech loan programs will comply with the Colorado Safe Harbor Framework by choosing method #1 or the hybrid approach under method #2, both of which will involve an uncommitted forward flow agreement with bank originators. With either of these methods, banks will not always have a readily available purchaser for the loans it originates because these are uncommitted facilities. In the event a fintech company declines to purchase loans offered to it by its bank partner, the bank would have three options: retain the loans on its balance sheet (thereby increasing its capital obligations), sell the loans to another purchaser (including a securitization special purpose entity), or sponsor its own securitization of such loans.

Conclusion

The Colorado Safe Harbor Framework offers a model for other state Attorneys General to follow and could provide much needed regulatory certainty to the fintech community, including access to the financial markets through securitization. The Colorado Safe Harbor Framework provides Colorado residents with access to credit from banks that are supervised and examined by their prudential regulators while still protecting its citizens from other types of lending that may be considered predatory if the rates charged are above Colorado's usury limits. Because it is more prescriptive than the VWM Rules, it provides greater consumer protection while promoting responsible bank partnerships.

Fintech lending programs have been able to grow and thrive during the last decade due to banks' abilities to export the interest rate and fees of the state where each such bank is located or operates its loan origination functions to borrowers in other states and then sell such loans in the secondary market. With proper guidance and advocacy, the Colorado Safe Harbor Framework is the first in what could be widespread adoption by state regulators of bank/fintech lending program requirements that permit the responsible provision of credit to their residents.