By Tom Scanlon
General Counsel and Chief Compliance Officer
Earned Wage Access products and services are emerging as valuable financial products—both to employers and their employees—and Missouri and Nevada have enacted consumer protection laws that expressly regulate EWA providers. This pioneering approach provides a structure so that consumers' rights are more fully protected, particularly to guard against lenders that are masquerading their loan products as “earned wage access” services.
In this article, we'll look at the requirements enacted in these two new EWA laws. As a market leader for compliance measures in EWA services, Rain already is prepared to comply with the upcoming rules. One key takeaway: An employer need not face any changes in its existing operations because Rain will be fulfilling the responsibilities of compliance to meet consumers’ needs under these new EWA laws.
Classifications of EWA Providers
Missouri's law (2023 Mo. SB 103) and Nevada's law (2023 Nev. SB 290) have in common a general requirement: other than certain regulated financial institutions, such as a bank or credit union, any person or entity providing EWA services to residents must be authorized to do so by the state’s financial regulatory agency.
These laws introduce two types of EWA providers that will be supervised by the states’ agencies. One is the "direct-to-consumer" provider, and the other is the "employer-integrated" provider. An entity may seek authorization to operate in both capacities. Regardless of how a provider fits within each state’s framework, only that provider–not the employer–will be subject to oversight.
A "direct-to-consumer" EWA provider delivers EWA services primarily based on earnings data obtained from the consumer. By contrast, an "employer-integrated" EWA provider provides access to the consumer’s “earned but unpaid income” based on employment data obtained, directly or indirectly, from the consumer’s employer. Rain’s EWA services qualify under the "employer-integrated" category.
Core Requirements of New EWA Laws
The newly enacted EWA laws contain several key requirements designed to protect consumers. Among other requirements that apply to a provider are these three main measures:
1. Complaints Management: The provider must have policies and procedures to address questions or complaints from consumers.
2. Clear Disclosure of Fees: All fees associated with the provider’s EWA services must be disclosed to the consumer.
3. Privacy and Data Security: The provider must comply with all local, state, and federal privacy and information security laws.
In addition, these laws prohibit an EWA provider from using a consumer report to determine an employee-consumer’s eligibility for EWA services.
Proactive Measures by Rain
Rain already is prepared to meet the requirements that will arise under the newly enacted laws. Rain aims to work with the state agencies during the approval processes so that Rain remains in good standing to deliver its EWA program to consumers in these states.
Operating Under the New EWA Laws
The enacted laws mark a significant step toward better regulating the EWA industry. Among other intended benefits, the required application process in each state should allow the state's financial regulatory agency to assess the viability of a provider and their capacity to offer EWA services–and weed out providers that cannot meet the thresholds of reliable operations for consumers. Once a provider is authorized, the state agency is permitted to conduct examinations at any time to assess the provider’s compliance with laws.
In summary, these new laws create a clear pathway for EWA services to function within a structured and regulated environment. Rain, with its emphasis on transparency and commitment to the consumer, is at the forefront of this change, setting a benchmark for other providers in the industry. The introduction of these laws is a welcome step towards a more protected and regulated environment for EWA consumers.
1Q. When Rain seeks authorization under the new EWA laws, will Rain apply to each state’s financial regulatory agency to operate as an employer-integrated EWA provider?
2Q. What is an “employer-integrated” EWA provider?
2A. An employer-integrated EWA provider is defined as a provider that delivers its EWA services—“access to earned but unpaid income”—based on the provider’s use of employment data obtained, directly or indirectly, from the consumer’s employer. Data relating to the consumer’s earned but unpaid income also may be obtained from the employer’s payroll service provider. Rain would qualify as an employer-integrated EWA provider because Rain does not use data that the consumer provides to determine the amount of an earned wage payment that the consumer may obtain from Rain. Instead, Rain computes the limit on the amount of each potential earned wage payment based on employer-controlled data.
3Q. What is a “direct-to-consumer” EWA provider?
3A. A direct-to-consumer EWA provider delivers an advance of funds via its EWA services based on data that is not employment data obtained directly from an employer or an employer’s payroll service provider. Instead, the direct-to-consumer provider provides its EWA services by relying on data obtained primarily from the consumer.
4Q. May a provider use a consumer report about an employee-consumer to determine whether the consumer is eligible for the provider’s EWA services?
5Q. If a provider obtains fees for its EWA services that were charged to a consumer, is the provider permitted to share a portion of those fees with an employer?
6Q. How about the other way around: If an employer wishes to pay Rain to offset costs that otherwise would be borne by the employer’s employees, is Rain permitted to enter into that type of arrangement with the employer?
6A. Probably, yes. The new EWA laws are silent on requirements that may apply to a provider’s source(s) of revenue outside of fees paid by consumers or to payments made by an employer to a provider. Subject to conditions imposed by each state’s agency, adopted in the course of administering the new laws, Rain should be allowed to work with an employer that is seeking to reduce the costs of EWA services for its employees.
7Q. If a provider asks a consumer to pay for the EWA services from “tips” or other donations, do special requirements apply?
7A. Yes. Among other requirements, the provider must: (i) “conspicuously disclose” that any tip or donation is not paid to a specific employee of the provider (i.e., the “tip” is the provider’s own revenue); and (ii) “conspicuously provide an option” for the consumer to select zero as the amount of the tip or donation.
8Q. Is a provider permitted to be repaid directly by an employee, such as by initiating a charge to the employee’s own bank account, when the employee obtains the EWA services?
8A. Yes. But if the provider seeks payment from the consumer’s bank account, then the provider must satisfy certain conditions. Among other requirements in this context, the provider must reimburse the consumer the full amount of any overdraft fee or non-sufficient funds fee that the consumer faces from their bank if the provider’s attempt to charge the consumer’s account leads to the fee(s). Under Rain’s Employer Payroll Model (which is a form of “employer-integrated” EWA services), Rain does not seek payment from the consumer, except if the consumer engages in wrongful conduct or unauthorized transactions when using the Rain app.
9Q. After a state’s financial regulatory agency approves an applicant to become an authorized provider, what happens? What is the effect of that authorization?
9A. Generally speaking, the application process is designed to enable the state’s agency to assess whether the applicant is a bona fide business entity (or creditworthy person) and has the financial capacity to operate for its proposed EWA services. Once the state agency authorizes the provider to engage in its business for EWA services, the agency is permitted to conduct examinations, at any time, to assess whether the provider is complying with applicable laws. In addition, under the Nevada law, if the state’s agency finds that the provider has violated any law, or if the agency concludes an enforcement action against the provider, the agency is allowed to issue reports of its findings or other action to other government regulatory agencies.
Tom Scanlon works as General Counsel and Chief Compliance Officer for Rain Technologies Inc.
Tom advises the company on its contracts with employee-customers and its employer-partners, as well as the company’s arrangements with service providers, for Rain’s earned-wage access services. Tom also is responsible for counseling Rain on compliance with federal and state laws regulating consumer financial products and services.
Prior to joining Rain, Tom was a partner with Dorsey & Whitney LLP, and advised banks, fintech companies, and other clients on banking activities, payments systems, and matters involving consumer financial products and services. At the start of his career in Washington, D.C., Tom served at the Federal Reserve Board, and worked on rules for payments activities, financial privacy, data security, and consumer reporting activities. From 2009 to 2015, Tom served at the Department of the Treasury, and worked as the principal attorney of the Department’s team to help draft the Consumer Financial Protection Act of 2010 (Title X of the Dodd-Frank Act). Tom has experience with a range of financial services laws, including anti-money laundering laws, the Electronic Fund Transfer Act, and the Military Lending Act. Tom received his J.D. from the University of California, Berkeley School of Law, and his M.A. and B.A. from the University of California, San Diego.