CFPB proposes crypto firms refund users for funds lost to hacks

CFPB proposes crypto firms refund users for funds lost to hacks

The US Consumer Financial Protection Bureau (CFPB) has proposed a rule that could require crypto asset service providers to reimburse users for funds stolen through illicit activities, including hacks.In a Jan. 10 notice, the CFPB proposed a rule that could allow accounts or wallets using ā€œemerging payment mechanismsā€ set up for personal use to be subject to similar protections as fiat bank accounts. The US regulator suggested that the same rights that ā€œguard against error and fraudā€ under the Electronic Fund Transfer Act (EFTA) could protect consumers transacting in stablecoins or ā€œany other similarly-situated fungible assets that either operate as a medium of exchange or as a means of paying for goods or services.ā€ā€œBased on the plain language used in EFTA and the reasoning of judicial decisions, as well as the CFPBā€™s experience in market monitoring, it has long been clear that the term ā€˜fundsā€™ in EFTA is not limited to fiat currency like US dollars,ā€ said the proposed rule. ā€œThe CFPB interprets the term ā€˜fundsā€™ to include assets that act or are used like money, in the sense that they are accepted as a medium of exchange, a measure of value, or a means of payment.ā€The proposed action could be one of the last moves by the CFPB under US President Joe Biden, who is scheduled to leave office on Jan. 20. Tesla CEO Elon Musk, a close adviser to President-elect Donald Trump, who may have a role in his administration, suggested in November he ā€œdeleteā€ the CFPB.Crypto stolen from hacks increased from 2023In January, blockchain security firms began releasing comprehensive reports of losses due to crypto-related illicit activities in 2024. PeckShield reported that there had been more than $2 billion in crypto stolen in hacks, while CertiK said that phishing schemes were the ā€œmost costly attack vectorā€ related to crypto losses in 2024.Itā€™s unclear whether these attacks could escalate in 2025 if adoption continues to grow, but the proposed CFPB rule could place a significant financial burden on crypto firms if enacted. Companies based in the US could be required to hold millions or billions of dollars in reserve in the event usersā€™ funds were compromised.The CFPB opened the proposed rule to public comments until March 31, roughly two months into Trumpā€™s term.

Cointelegraph