CA DFAL APPLICATION WINDOW OPENS, JULY DEADLINE
California has officially opened the application window for its Digital Financial Assets Law, with license applications now accepted through the NMLS. The law will be enforced starting July 1, 2026, at which point companies engaging in covered digital asset activity must either hold a license, have a completed application under review, or qualify for an exemption. Regulators have indicated that simply submitting an incomplete or placeholder application may not be sufficient to qualify for transition relief, placing greater emphasis on early preparation. The DFPI is also hosting industry guidance sessions to walk through requirements and application expectations. For crypto and digital asset businesses operating in California, this marks a critical period to assess licensing triggers and ensure application readiness ahead of the enforcement date.
COURT VACATES FINCEN REAL ESTATE REPORTING RULE
A federal court in Texas has vacated FinCEN’s Residential Real Estate Reporting Rule in its entirety, effectively rolling back the requirements that had just taken effect earlier this month. The decision removes the additional reporting layer that would have applied to certain real estate transactions, returning the regulatory landscape to its prior state. For business-purpose lenders and others involved in real estate transactions, this eliminates a new operational burden that had required expanded reporting around ownership and transaction details. Importantly, existing Bank Secrecy Act obligations remain unchanged, including requirements around monitoring, reporting suspicious activity, and maintaining internal programs. The ruling introduces near-term relief but also creates uncertainty, as further regulatory action or an appeal could reshape expectations again in the coming months.
WEBINAR: HOW TO PREPARE FOR THE LICENSE APPLICATION PROCESS
If you’ve confirmed that licensing is required, the next step is understanding how to move from decision to submission without unnecessary delays. This free webinar will breakdown what it means to be “license-ready,” walking through each phase of the process from early preparation to final filing. You’ll get an overview of what teams are typically asked to provide, how requirements shift across states, and where applications tend to stall. The goal is to help you align your internal team, organize your documentation, and approach the process with a clear, realistic plan.
What we’ll cover:
- The key stages of the application process, from readiness review through submission
- The information and documentation most commonly required, and how to prepare it
- How state-by-state differences show up in real applications
- Common bottlenecks that slow down approvals, and how to avoid them
- How to structure your internal team and materials to keep the process moving efficiently
NY PROPOSED BUY NOW, PAY LATER RULES
New York regulators have introduced proposed rules governing Buy Now, Pay Later products, signaling increased attention on short-term financing models. The proposed rules would require most BNPL lenders, platforms, and even loan purchasers to obtain a license or authorization to operate in the state, with oversight from the Department of Financial Services. The proposal outlines expectations around disclosures, consumer protections, and operational oversight for providers operating in the state. For lenders and fintech platforms, this is an early indicator that BNPL may face more structured requirements across jurisdictions. Companies offering similar products should monitor how these rules evolve and consider how they may impact licensing and product design.
CA UPDATED DEBT COLLECTION LICENSING AND MEDICAL DEBT DEFINITIONS
California is considering updates that would reshape both the structure and scope of its debt collection framework. One proposal would streamline licensing by shifting to a single license per business, introduce tiered fees, and expand the use of remote examinations. A separate measure would clarify how medical debt is defined, distinguishing it from most traditional credit card obligations unless specifically structured for medical use. Together, these changes aim to modernize oversight while providing clearer boundaries around how different types of debt are classified and regulated.
MN MULTIPLE FINANCIAL SERVICES REFORMS ACROSS LENDING, SERVICING, AND FINTECH
Minnesota is advancing several pieces of legislation that collectively expand oversight across mortgage servicing, consumer lending, and emerging fintech models. Proposed changes include stricter operational standards for mortgage servicers, enhanced protections for student loan borrowers, and new requirements for virtual currency kiosks, including transaction limits and disclosures. Additional bills would update licensing frameworks for nondepository financial institutions, clarify how digital assets are treated in net worth calculations, and broaden what activities trigger small loan licensing. The state is also moving to establish a dedicated licensing regime for earned wage access providers, with detailed rules around fees, disclosures, and consumer protections. Together, these efforts signal a coordinated push toward more defined licensing structures and tighter operational expectations.
NEW! LENDER LICENSING GUIDE
If you’re launching or expanding a lending program, this guide lays out what it takes to be license-ready across states, before timelines and product plans get boxed in
What’s Included:
- Consumer vs. commercial licensing footprint
- Federal expectations
- State licensing nuance
- Bonds, net worth, & insurance expectations
- Common pitfalls that create delays
WY & SD: MOVES TO LICENSE AND REGULATE CRYPTO KIOSK OPERATORS
States are continuing to tighten oversight of virtual currency kiosks, with new laws focusing on both licensing and consumer protection. Wyoming now requires kiosk operators to obtain a money transmitter license, bringing these activities under existing financial regulatory frameworks. South Dakota has taken a more prescriptive approach, adding transaction limits, fee caps, identity verification requirements, and fraud-related safeguards. These developments reflect a growing trend of applying traditional licensing models alongside targeted consumer protections to address risks in consumer-facing crypto services.
LENDING EBOOK COMING SOON!
Deep dive into the regulatory pressures shaping nonbank lending today, from licensing and supervision to partnerships, servicing, product design, and data governance.
Join the list to get the ebook The State of Regulatory Risk in Lending as soon as it’s released!
CT ADVANCED CONSUMER PROTECTIONS IN COLLECTION AND MEDICAL FINANCING
Connecticut lawmakers are advancing multiple proposals that expand consumer protections across both debt collection and medical financing practices. One bill would limit collection activity against funds in joint accounts where the debtor has no ownership interest, requiring more precise evaluation before pursuing recovery. Another proposal targets medical credit cards, restricting how providers can promote or assist with these products and introducing disclosure requirements and refund rights for consumers.
RECORDED WEBINAR: MASTERING LENDER LICENSING
Licensing questions tend to surface quickly as lenders grow, expand into new states, or evolve their products. What starts as a simple question often becomes more complex once state requirements, product structure, and borrower type come into play.
CATCH UP ON WHAT OU MISSED:
- Licensing is not one-size-fits-all and can vary based on how your business operates
- Waiting too long to address licensing can increase risk and cost
- Licensing is ongoing, with renewals, reporting, and regulator interaction
- Growth events like new markets, products, or ownership changes can trigger new requirements
- Regulatory obligations may still apply even without a license
- Issues often surface through audits, complaints, or applications, making proactive review critical
- Effective licensing management requires coordination across multiple teams
SURETY BONDS
Surety Bonds can feel like just one more hassle standing in the way of your compliance. You want to close the loop on your licensing or permitting requirements and get back to what you do best – running your business. But the process can be slow, costly, and downright stressful. And while you’re waiting, you’re losing out on potential clients and revenue.
At Cornerstone, we understand and we’re here to help. Our team of experts work tirelessly to get you the surety bond you need quickly and at a fair price. No more lengthy waits for a response or being hit with hidden fees. Plus, our dedication to exceptional customer service ensures a stress-free experience from start to finish.
DE PROPOSED DEDICATED STABLECOIN LICENSING REGIME
Delaware lawmakers have introduced a bill that would create a specialized licensing framework for stablecoin issuers, rather than relying on existing money transmitter laws. The proposal includes strict requirements around full reserve backing, segregation of customer assets, regular independent audits, and clear redemption rights at par value. It also establishes a new category of state-chartered institutions tailored specifically to digital asset issuance, signaling a more structured approach to regulating this segment. For fintech and payments companies, this reflects a broader shift toward product-specific licensing models that go beyond traditional frameworks. If enacted, the bill could influence how other states approach stablecoin oversight and further accelerate the move toward clearer, but more fragmented, state-level requirements.
FL ENFORCEMENT ACTION FOR UNLICENSED ACTIVITY
Florida regulators recently fined a software company $155,000 for operating as an unlicensed money transmitter over an extended period, with the issue uncovered during review of a related license application. The case underscores how business models that involve movement of funds, even indirectly, can trigger licensing requirements if not carefully assessed. As part of the resolution, the company agreed to come into alignment with state requirements, and its pending license application was approved shortly after. For fintech and software platforms, this serves as a reminder that regulators are actively reviewing operational structures and may identify licensing gaps during the application process itself.
MI & IL DEBT MANAGEMENT LICENSING AND REQUIREMENTS
States are continuing to refine their approach to debt management services through both structural and operational updates. Mississippi has extended its existing framework, maintaining established licensing, bonding, escrow, and fee requirements for providers. At the same time, Illinois is proposing changes that would increase bonding requirements and clarify how service fees can be structured following initial counseling. Together, these developments reflect a steady move toward more defined expectations around financial responsibility, pricing, and fund handling. For providers operating across multiple jurisdictions, this reinforces the need to monitor state-specific requirements and ensure consistency in both licensing and service models.
BEYOND THE NEWSLETTER
Head to LinkedIn and give us a follow to tap into a stream of real-time updates, legislative changes, and great content tailored for ARM and Fintech professionals. Engage with thought leaders and peers in our community to enhance your expertise.
Follow Cornerstone on LinkedIn and transform the way you stay informed in our ever-evolving industry.
SEC AND CFTC ISSUE JOINT GUIDANCE ON CRYPTO ASSET CLASSIFICATION
The SEC has released a formal interpretation clarifying how federal securities laws apply to crypto assets, alongside coordinated guidance from the CFTC. The interpretation introduces a structured framework for categorizing digital assets and confirms that many crypto assets may not be securities on their own, though they can be part of investment contracts depending on how they are offered and used. It also addresses how common activities such as staking, airdrops, and token wrapping are treated under existing laws. For market participants, the guidance provides clearer boundaries between SEC and CFTC oversight, which has been a longstanding source of uncertainty. This marks a significant step toward a more defined federal approach as broader legislative efforts around digital asset market structure continue.
OK COMPREHENSIVE DATA PRIVACY LAW ENACTED WITH EXEMPTIONS
Oklahoma has enacted a new consumer data privacy law, set to take effect January 1, 2027, adding to the growing number of states adopting broad privacy frameworks. The law applies to companies meeting certain data volume or revenue thresholds and introduces standard consumer rights, including access, correction, deletion, and opt-out of targeted advertising and data sales. It also requires consent for processing sensitive data and mandates formal contracts between controllers and processors, along with documented data protection assessments for higher-risk activities. Notably, the law includes exemptions for financial institutions and data governed by federal laws such as GLBA, which limits its direct impact on many traditional financial services providers. Enforcement authority rests with the state Attorney General, with penalties and a defined cure period for violations.
This information is not intended to be, nor is it, legal advice. It is intended for information purposes only. We make no warranty, express or implied, as to the accuracy or reliability of this information. We are not attorneys. You must retain your own attorney to receive legal advice. While Cornerstone strives to provide the most current and accurate state licensing information, the responsibility for any decision related to state licensing or agency compliance is solely yours.
