PRESS RELEASE: EPIC and Americans for Financial Reform Oppose Attempt to Strip Away Payment App Protections

WASHINGTON, D.C. — EPIC and Americans for Financial Reform (AFR) oppose the Trump Administration’s recent attacks on the CFPB and efforts by Congress to overturn finalized CFPB rules that protect users of payment apps. These attacks put Americans’ privacy and financial wellbeing at risk, as well as threatening to destabilize the financial industry.

“Since its founding in 2011, the Consumer Financial Protection Bureau has been a champion for consumers by ensuring that financial services companies follow the law. The Bureau has returned over $21 billion to consumers in its 14 years of operation. Yet the Trump Administration has launched a full-scale attack on the CFPB over the past month, putting the Project 2025 goal of eliminating the CFPB into action,” stated Caroline Kraczon, EPIC Law Fellow, in a recent blog post detailing the privacy and competition risks imposed by the Trump administration’s attacks on the CFPB.

Recently appointed CFPB officials have ordered CFPB staff to halt key operations and fired a significant portion of CFPB staff. The CFPB is responsible for protecting consumers from harm caused by financial institutions by resolving consumer complaints, monitoring financial entities’ compliance with consumer financial protection laws, and bringing enforcement actions against companies that violate the law. The administration’s attacks on the CFPB will have dire consequences for consumers.

Further, the administration has allowed DOGE to access sensitive CFPB data in violation of laws like the Federal Information Security Modernization Act (FISMA) and the Bureau’s strict data access rules. DOGE’s access to swathes of sensitive data about American consumers puts people at higher risk of being the victim of a data breach. DOGE also accessed CFPB records containing financial institutions’ sensitive business information, which increases the risk that the information could be breached. Such a breach could destabilize the financial services industry by unduly advantaging competitors and malicious third-party actors.

In another attack on the CFPB’s efforts to protect consumers, Congress is poised to vote on Congressional Review Act (CRA) resolution, H.J. Res. 64 and S.J. Res 28, which would disapprove a recently finalized CFPB rule that would protect users of large payment apps entitles “Defining Larger Participants of a Market for General-Use Digital Consumer Payment Applications” and commonly called the “larger participant rule.”

This rule would enable the CFPB to oversee digital payment apps such as PayPal, Venmo, Cash App, Apple Wallet, and Elon Musk’s X-Money to ensure that they follow laws that protect user privacy, prohibit fraud, and outlaw unfair, deceptive, or abusive acts or practices.

“The CFPB has provided needed oversight to these payment apps to protect millions of users, but the Congress is poised to overturn the CFPB protections and give these payment apps — including Musk’s X — a get out of jail free card for future fraud, data harvesting, and arbitrary account deactivation that occur on their platforms,” said Patrick Woodall, managing director of policy for Americans for Financial Reform. “The implications of having zero oversight of the payment behemoths that are taking shape as Big Tech enters finance are truly shocking.”

EPIC, AFR, and over 110 other civil society organizations recently sent a letter urging Congress not to adopt S.J. 28 because disapproving this rule would empower Big Tech companies to evade the statutory protections that protect American consumers from fraud, abuse, deception, and privacy violations.

The attacks by the Trump Administration and Congress against the CFPB undermine consumer rights, threaten privacy, and give unfair competitive advantages to Big Tech Companies, including X, owned by Elon Musk. EPIC and AFR oppose these attacks, call on the CFPB’s newly appointed leaders to restore the Bureau’s ability to function, and urge Congress not to approve S.J. 28.

###

About EPIC

EPIC (the Electronic Privacy Information Center) is a 501(c)(3) non-profit established in 1994 to protect privacy, freedom of expression, and democratic values in the information age through advocacy, research, and litigation. EPIC has long advocated for robust safeguards to protect Americans’ personal information and routinely engages with the CFPB to strengthen financial privacy protections for consumers.

About Americans for Financial Reform

Americans for Financial Reform is a nonpartisan and nonprofit coalition of more than 200 civil rights, consumer, labor, business, investor, faith-based, and civic and community groups. Formed in the wake of the 2008 crisis, we are working to lay the foundation for a strong, stable, and ethical financial system – one that serves the economy and the nation as a whole.