CFPB’s Overreach: Applying Regulation E to Unhosted Wallets is Legally and Technologically Unsound
The Consumer Financial Protection Bureau (CFPB) recently issued a proposed interpretive rule that aims to expand the scope of Electronic Fund Transfer Act (EFTA) and Regulation E to include unhosted blockchain wallets such as MetaMask.
Consensys, a leader in Ethereum-based software, submitted a formal comment strongly opposing this regulatory move, arguing that the proposal is fundamentally flawed on legal, policy, and procedural grounds.
At Anderson P.C., we share their concerns. The CFPB’s attempt to classify unhosted wallets as “financial institutions” under EFTA is an overreach that not only misunderstands blockchain technology but also imposes impossible compliance burdens on developers of decentralized software.
What is the CFPB Proposing?
On January 10, 2025, the CFPB issued a proposed interpretive rule designed to clarify how EFTA and Regulation E apply to modern digital payment systems (the “Proposed Rule”). The stated intent is to extend consumer protections to users of:
✅ Digital wallets and payment apps
✅ Gaming platforms with in-game currencies
✅ Digital assets such as stablecoins
Historically, EFTA and Regulation E cover electronic fund transfers (EFTs) that involve “accounts” used for personal, family, or household purposes. The CFPB now seeks to interpret “funds” broadly to include stablecoins and certain digital assets, potentially classifying wallet providers, fintech firms, and gaming platforms as financial institutions.
This expansion means that unhosted wallets, which do not hold or control user funds, could be subject to compliance obligations under EFTA’s error resolution, unauthorized transaction protections, and disclosure requirements.
If finalized, the rule could significantly reshape the regulatory landscape for crypto and fintech companies.
Key Concerns with the CFPB’s Proposal
1. Unhosted Wallets Are Not Financial Institutions
Under the CFPB’s proposal, a non-custodial wallet could be treated the same way as a bank or fintech company—even though:
🚫 Unhosted wallets do not hold or control user funds. They merely allow users to access blockchain networks.
🚫 They cannot freeze, reverse, or modify transactions.
🚫 Developers do not act as intermediaries in transactions.
This is akin to regulating Ford for how drivers use their vehicles—a misapplication of existing law to a fundamentally different technology.
2. The CFPB’s Definition of “Funds” is Overly Broad
The CFPB argues that digital assets like stablecoins should be considered “funds” under EFTA. While some courts have classified certain cryptocurrencies as “funds” for other regulatory purposes, the legal basis for applying this definition to all digital wallets is highly questionable.
Moreover, extending EFTA liability to wallet providers ignores the decentralized nature of blockchain—where transactions are publicly recorded and cannot be reversed by any single entity.
3. Compliance is Impossible for Wallet Developers
If finalized, this rule would create insurmountable compliance burdens on unhosted wallet providers. EFTA mandates financial institutions to:
✔ Investigate and resolve transaction errors
✔ Limit consumer liability for unauthorized transactions
✔ Provide mandatory disclosures
Wallet developers literally cannot comply with these requirements. They do not control user funds and have no ability to undo blockchain transactions.
The result? U.S.-based blockchain developers would be forced offshore, damaging innovation and ceding leadership in crypto and digital finance to foreign jurisdictions.
4. Procedural Violations: A Clear APA Overstep
The CFPB is using an interpretive rule—bypassing the Administrative Procedure Act (APA), which requires formal rulemaking for substantive changes. Courts routinely strike down regulatory overreach when agencies attempt to rewrite laws without congressional approval.
The agency's failure to follow proper procedure exposes this proposal to significant legal challenges.
The Bigger Picture: The CFPB’s Regulatory Overreach Under Scrutiny
The CFPB’s expansion of Regulation E comes at a critical transition point. The Biden-era CFPB leadership proposed this rule, but with Trump’s administration taking office, the regulatory agenda is shifting.
We expect Acting CFPB Director Scott Bessent to either:
Withdraw the rule entirely; OR
Amend it to exclude unhosted wallets
The broader crypto and fintech industry is already pushing back hard, and the Blockchain Association and DeFi Education Fund have also submitted formal comment letters opposing the rule.
What Happens Next?
📌 Public comments on the rule are open until March 31, 2025.
The crypto industry must engage in this regulatory process to ensure ill-advised regulations don’t cripple blockchain innovation.
We strongly encourage companies, developers, and industry stakeholders to submit their concerns to the CFPB.
📩 Submit your comments here:
👉 CFPB-2025-0003 on Regulations.gov
Final Thoughts
We expect this rule to be withdrawn or significantly altered in the coming months. If it is not, legal challenges will likely invalidate it before it takes effect. At Anderson P.C., we are actively monitoring this issue, advising clients, and preparing regulatory responses. For legal guidance on crypto compliance, financial regulations, and blockchain law, reach out to our team.
* * *
Attorney Advertising—Anderson P.C. is a U.S. law firm and provides this information as a service to clients, prospective clients, and other friends for educational purposes only. It should not be construed or relied on as legal advice or to create a lawyer-client relationship.
Anderson P.C. is a boutique law firm dedicated to defending clients in government investigations and securities enforcement actions initiated by the SEC, FINRA, DOJ, and other regulatory bodies. We provide focused, strategic counsel and regulatory guidance across the full spectrum of federal laws and regulations affecting broker-dealers, investment advisers, banks, asset managers, private funds, public companies, senior executives, and digital assets. Our deep expertise allows us to navigate complex legal challenges and deliver results-driven solutions tailored to our clients' unique needs.
If you have any questions or need legal assistance related to government investigations, securities enforcement actions, or regulatory compliance, please don't hesitate to contact us. Our team at Anderson P.C. is here to provide the expert guidance and support you need to navigate these complex challenges.
