Published by K&L Gates; Key contacts: Varu Chilakamarri, J. Timothy Hobbs, Craig E. Leen, Timothy J. Furdyna, and Neeki Memarzadeh
Click here to read the entire article.
Since returning to office in January 2025, President Trump has made broad assertions of executive authority, including the power to fire independent agency heads at will. For almost a century, these officials have been protected by law from such “without cause” removals, enjoying insulation from direct presidential control. That status quo—rooted in the Supreme Court’s 1935 decision in Humphrey’s Executor v. United States—is on the verge of transformation.
This term, the Supreme Court will reconsider Humphrey’s Executor and decide whether Congress may insulate independent agency heads from the president’s control. The practical implications are significant, including increased presidential oversight of regulatory decisions made across independent agencies such as the Federal Reserve System, the Securities and Exchange Commission, the Federal Trade Commission (FTC), the National Labor Relations Board (NLRB), and many others. Depending on how the Supreme Court rules in the pending cases, businesses may have to reassess how they interact with these agencies in the regulatory process.
Humphrey’s Executor and Removal Authority
Although the president has clear constitutional authority to remove executive agency heads (such as the Secretary of State), Congress has long sought to restrict the removal power as it relates to leaders of “independent” boards and commissions—those agencies that Congress has structured to be more insulated from presidential control.
To that end, Congress has often imposed “for cause” restrictions on the president’s ability to remove the heads of these independent agencies. The Supreme Court validated this approach in Humphrey’s Executor, where it upheld a law that prevented the president from removing FTC members except in cases of “inefficiency, neglect of duty, or malfeasance in office.” That decision—which was seen as a check on President Roosevelt—established that Congress could limit the president’s removal authority for independent agencies, which function as quasi-legislative or quasi-judicial bodies.
Click here to continue reading the entire article.
By Robin Hess, CUInsight
Click here to read the entire article
For nearly a century, credit unions have enjoyed a federal tax exemption designed to support their mission: serving people of modest means through a cooperative, not-for-profit model. Today, as credit unions grow larger and more bank-like, the question of whether this exemption still makes sense has resurfaced. Recent studies, surveys, and policy proposals reveal a heated debate with significant implications for consumers, communities, and the financial industry.
The economic impact argument
Research by economists Robert Feinberg and Douglas Meade suggests that removing tax exemption could have severe consequences:
- GDP loss: $266 billion over 10 years
- Jobs lost: 822,000
- Consumer cost increase: $234.6 billion due to higher loan rates and lower deposit yields
Goal: Demonstrate that taxing credit unions would harm consumers and the economy.
Debate: Critics argue these studies are industry-funded and overstate benefits, while banks claim the exemption creates an uneven playing field.
The fairness & competitive balance argument
Reports from the Tax Foundation and banking associations highlight that credit unions now hold $2.2 trillion in assets and avoid roughly $4 billion in annual federal taxes. They argue:
- Large credit unions compete directly with banks but pay no taxes.
- Bank acquisitions by credit unions reduce state tax revenues.
Goal: Push for tax parity between banks and credit unions.
Debate: Credit unions counter that banks enjoy their own tax breaks (e.g., Subchapter S status) and that their cooperative model still fulfills a public-service mission.
Policy proposals
Industry groups like ICBA (Independent Community Bankers of America) advocate ending exemptions for credit unions with assets over $1 billion or all federal credit unions, estimating $30 billion in revenue over 10 years.
Click here to continue reading the entire article.
By Bill Toulas, Bleeping Computer
Click here to read the entire article
An ongoing phishing campaign impersonates popular brands, such as Unilever, Disney, MasterCard, LVMH, and Uber, in Calendly-themed lures to steal Google Workspace and Facebook business account credentials.
Although threat actors targeting business ad manager accounts isn’t new, the campaign discovered by Push Security is highly targeted, with professionally crafted lures that create conditions for high success rates.
Access to marketing accounts gives threat actors a springboard to launch malvertising campaigns for AiTM phishing, malware distribution, and ClickFix attacks. Also, ad platforms allow geo-targeting, domain filtering, and device-specific targeting, enabling “watering-hole” styled attacks.
Ultimately, compromised marketing accounts can be resold to cybercriminals, so direct monetization is always a valid option. Google Workspace accounts also often extend to enterprise environments and business data, especially via SSO and permissive IdP configurations.
Calendly phishing
Calendly is a legitimate online scheduling platform where the organizer of a meeting sends a link to the other party, allowing recipients to pick an available time slot. The service has been abused in the past for phishing attacks, but the use of well-known brands to exploit trust and familiarity is what elevated this campaign.
The attack starts with the threat actor impersonating a recruiter for a well-known brand and then sending a fake meeting invitation to the target. The recruiters are legitimate employees who are also impersonated on the phishing landing pages.
Click here to continue reading the entire article.
Published by Payments Intelligence
Click here to read the entire article
Two-thirds of U.S. consumers live paycheck to paycheck, and a growing share do so out of necessity. Hourly, gig and contract workers are redrawing the line between financial stability and strain.
The share of United States consumers living paycheck to paycheck dipped slightly but remained high at 66% in October 2025, and the financial strain for many is deepening. More people are living this way out of necessity, not choice—42% of consumers live paycheck to paycheck because they have no other choice, an 18% jump since August.
This surge in financial strain is unfolding against a backdrop of mounting economic pressure. Layoffs, spending cuts and a lackluster job market have likely disrupted income stability for many households. Tariff-related instability has created uncertainty for businesses and workers in trade-exposed industries. Together, these factors are likely contributing to eroded income predictability and pushing more consumers into financial precarity.
Take-home income volatility is a core contributor. Six in 10 consumers earn their primary income outside of fixed salaries. Hourly wages, contract work and gig platforms make up a significant share of livelihoods. Among those struggling to pay their bills, more than seven in 10 depend on non-salaried work. Fixed-salary earners remain the least likely to face challenges paying their bills.
The divide between income stability and financial control is widening. Three in four consumers living paycheck to paycheck out of necessity earn their pay from non-salaried sources, compared to 57% among those living that lifestyle by choice. Taken together, these findings suggest a paycheck-to-paycheck economy that is currently shaped more by income structure and macroeconomic instability than by spending behavior.
As Americans navigate a landscape marked by pocketbook tightening, trade uncertainty and shifting work arrangements, income volatility has become a defining driver of financial insecurity—shaping not only how consumers live but also how they stay afloat.
Click here to continue reading the entire article
By Nicole Volpe, The Financial Brand
Click here to read the entire article
As margins tighten and balance-sheet pressure builds, more credit unions are weighing whether to continue issuing credit cards on their own or to sell their portfolio and partner with an agent issuer. Entering an agent relationship can give the institution and its cardholders access to program features and operating advantages typically reserved for the industry’s largest players. But there are tradeoffs. The question is, how does an institution know when, or if, to make a change?
Credit union strategists recognize that credit cards can be strong drivers of member value and revenue. They put the institution’s brand at the center of an account-holder’s daily spending, helping cement primacy; and they’re a source of recurring lending and fee income. But running a card portfolio can also be expensive, capital-, and risk-intensive, and requires expertise many small and midsized institutions either don’t have or can’t sustain.
For credit unions, the issue plays out amid steadily more challenging industry economics. Since 2000, even with significant consolidation, average return on assets has fallen from 1.0% to 0.6%, a 40% decline. Today’s institutions may on average be much larger than they were 25 years or so ago, based on membership and assets, but they’re also more costly to run: On a per-member basis, average expenses have grown faster than fee and margin income combined.
As a result, many credit unions are seeking greater overall efficiency. And moving cards from in-house to agent programs may seem like an eat-our-cake-and-have-it-too option — one in which balance-sheet exposure is swapped for stable fee income and operating efficiency while retaining branding and member engagement. But the shift does not come without trade-offs, including loss of in-house control, which is a shift in decision-making authority.
Here are five questions credit unions can ask themselves as they assess the pros and cons of making a change…
Click here to continue reading the entire article.
By Corin Cesaric, CNET
Click here to read the entire article
Personal information for both customers and drivers was exposed after an employee fell for a social-engineering scam.
Food delivery is becoming increasingly popular, but here’s the delivery of bad news for users of one popular company. DoorDash confirmed that it suffered a recent data breach. According to the company, the accessed information includes customer names, phone numbers, email addresses and physical addresses, but “no sensitive information” was obtained.
It’s unclear when exactly the breach occurred, but DoorDash released its statement on the incident on Nov. 13.
How did the data breach occur?
DoorDash stated that an employee with the company “was recently targeted in a social engineering scam.” Information on delivery drivers and customers was exposed.
After discovering the scam, the company’s response team removed access from the unauthorized party and reported the incident to law enforcement. DoorDash has since “implemented additional training and awareness for our employees around various social engineering scams,” the company says.
Is my credit card information at risk?
According to DoorDash, the criminals didn’t access bank or payment card information, but they did get customer names, phone numbers, email addresses and physical addresses.
Click here to continue reading the entire article
By TSCA at Keller and Heckman Keller and Heckman LLP;
Published in the National Law Review, November 13, 2025, Volume XV, Number 317
A coalition of 39 state and territory attorneys general recently submitted a letter to congressional leaders requesting clarification of the federal definition of “hemp” under the Agricultural Improvement Act of 2018 (commonly known as the 2018 Farm Bill).
The letter, coordinated by the National Association of Attorneys General (NAAG), expresses concern over what the signatories describe as the unintended consequences of the current statutory language, particularly regarding the proliferation of hemp-derived intoxicating products.
The 2018 Farm Bill federally legalized hemp by defining it as cannabis containing no more than 0.3% delta-9 tetrahydrocannabinol (THC) on a dry weight basis. This definition was intended to distinguish non-intoxicating industrial hemp from marijuana, which remains a Schedule I controlled substance under federal law.
However, the bill did not explicitly address other cannabinoids derived from hemp, such as delta-8 THC, delta-10 THC, THC-O, and others. These compounds, while chemically distinct from delta-9 THC, can also produce psychoactive effects and are often synthesized from cannabidiol (CBD) extracted from hemp.
According to the letter, the attorneys general assert that certain manufacturers are exploiting ambiguities in the Farm Bill’s definition of hemp to produce and sell synthetic THC products that they claim fall within the legal scope of the law. The AGs argue that these products are often more intoxicating than marijuana and are being marketed in ways that appeal to minors, including as gummies, candies, and beverages.
The attorneys general are urging Congress to act either through the Fiscal Year 2026 appropriations process or the upcoming reauthorization of the Farm Bill. Specifically, they seek a revision to the definition of hemp that would make clear that intoxicating hemp-derived THC products are not legal under federal law. They emphasize that such clarification would not affect the cultivation of industrial hemp for non-intoxicating uses, which they support.
Visa is running pilot trials of USD-backed stablecoin payouts to creators and gig workers.
The pilot allows businesses and platforms to send payouts directly to recipients’ stablecoin wallets, instead of sending to a card or bank account.
For businesses using Visa Direct, payouts can be funded in fiat currency, while recipients can choose to receive their funds in USD-backed stablecoins like USDC.
“Launching stablecoin payouts is about enabling truly universal access to money in minutes – not days.” says Chris Newkirk, president, commercial & money movement solutions, Visa. “Whether it’s a creator building a digital brand, a business reaching new global markets or a freelancer working across borders, everyone benefits from faster, more flexible money movement.”
Recent research from Visa shows that faster access to funds is ranked as the top reason digital content creators prefer using digital payment methods. Fifty-seven percent (57%) cited instant access as their leading motivation for choosing digital payment methods to get paid for content creation work.
This latest pilot advances Visa’s land-grab in stablecoin-powered payments. In September, Visa Direct announced a stablecoin pre-funding pilot for back-end treasury: letting businesses fund payouts using stablecoins instead of only fiat.
Today’s pilot extends that proposition, enabling payouts to end recipients, like consumers, in stablecoins – putting digital dollars directly in recipients’ wallets. Visa says it is in the process of onboarding select partners, with wider access projected for 2026.
By Robert Crow, the Cool Down.
Click here to read the entire article.
A growing number of extreme weather events and natural disasters have pushed insurance markets to the brink, potentially impacting millions of homeowners across the United States.
What’s happening?
Politico Pro reported on an insurance crisis that has impacted several states, most notably California. An increased risk of wildfires and other severe weather events has caused some private insurance companies to raise their rates to levels that are unsustainable for many people, or to leave states completely. In 2023, State Farm announced it would no longer offer new homeowner’s insurance policies in California because of the increased risk of fire and other disasters.
To counter this, California created a state-chartered insurance plan called the FAIR Plan, which uses policy premiums to pay out claims when needed. The number of policies under the FAIR Plan, however, has nearly doubled, and its total liability is nearly $700 billion, which has many experts questioning if the plan will soon run out of money, forcing insurance companies and policyholders to pay out claims.
For example, January’s deadly Southern California wildfires created so many insurance claims that the state assessed insurers and policyholders $1 billion. Rob Moore, director of climate adaptation with the Natural Resources Defense Council, told Politico Pro that policymakers “have a huge challenge ahead of them. And it’s a climate resilience and climate risk challenge they’re facing.”
Why is this concerning?
That risk has only grown because of human-caused pollution. As we burn dirty fuels, we release massive amounts of heat-trapping pollution into the atmosphere. That pollution has caused global temperatures to increase to record-breaking levels, with the last decade seeing the 10 warmest years in recorded history.
Those temperature increases cause more frequent and severe weather events, such as hurricanes, floods, and wildfires. The connection is so strong that one expert likened increasing global temperatures to “steroids for weather.”
Click here to read the entire article.
By Esteban Camargo, published in CUSO Magazine
We are wrapping up another Cybersecurity Month here at CUSO Magazine. We have learned about the rise of AI scams, RFID skimming, got a refresher on password hygiene, and were reminded how important board literacy training is for credit union cyber health.
As we close out the month, it’s time to talk about another attack vector bad actors use to confuse and exploit members and staff alike: website spoofing.
What is website spoofing?
Spoofing is the act of cleverly disguising fraudulent websites as trusted ones. Regardless of how the faked website is sent to members and staff—and we’ll get to the specifics shortly—the important idea here is that the URL of a fraudulent website is made to look like something you know and recognize. Sometimes this is done by doing something as simple as replacing an ‘m’ with ‘rn’ (e.g. cusornag.com instead of cusomag.com). Sometimes an extra letter is inserted where it might not be noticed by the reader. Depending on the font used, it might be glaringly obvious (if you’re looking for it), but sometimes it’s disguised so cleverly by the font, it’s nearly impossible to tell.
Getting an unsuspecting target to click on a bad link is only step one for scammers. Maybe the site the user is directed to delivers a nasty payload to that person’s device. Another option though is that the individual is presented with a very convincing replica of the site they thought they were visiting. From there maybe they’re presented with a “confidential” web form asking for sensitive information the bad actor can use to access accounts, take over emails or phones, and in general wreak havoc. Either way, avoiding these websites is the first and most important countermeasure.
How are these spoofed sites presented?
Spoofed sites are delivered in a variety of ways using a variety of methods to convince you to click. Chances are you have received a text saying you owe money for this or that. Sometimes it’s a package that can’t be delivered and they need new information (despite the fact that you weren’t expecting anything). Whatever it is, text scams rely on you clicking on a link that has either been spoofed to look like something you know or is designed to look like something that might be legitimate.
Click here to read the entire article.
Conference of State Bank Supervisors
In separate letters to the U.S. Treasury Department and the federal banking agencies, CSBS outlined important policy considerations to foster a national regulatory framework for stablecoins and tokenized deposits that protects consumers, promotes financial stability, and provides a level playing field for traditional financial institutions and new payment stablecoin issuers.
“Stablecoin and tokenized deposit efforts should proceed in tandem,” said CSBS President and CEO Brandon Milhorn. “All financial institutions that choose to innovate – from community banks to stablecoin issuers – should have the benefit of regulatory clarity so they can bring responsible blockchain-based financial products to market.”
CSBS’s letter to Treasury provides a blueprint for achieving the GENIUS Act’s vision of a robust state-federal regulatory framework that facilitates a dynamic and resilient stablecoin market in the United States. Importantly, the CSBS comments:
- Reinforce that the GENIUS Act’s “substantial similarity” standard creates a federal floor, not a requirement for nationwide uniformity;
- Encourage Treasury to maintain vital flexibility that allows issuers to choose between federal and state frameworks based on their organizational structures and business strategy; and,
- Argue for strict compliance with GENIUS Act limitations on financial activities by payment stablecoin issuers, along with robust capital and resolution planning requirements and federal rules that prevent evasion of the “interest” and “yield” prohibitions in the GENIUS Act.
Click here to read the entire release.
By Wesley Grant, published in PaymentsJournal, click here to read the entire article.
There are now more superprime and subprime borrowers, leaving fewer consumers in the middle of the credit market.
According to TransUnion, the share of super prime borrowers—low-risk consumers with exceptional credit scores—increased from 37.1% in Q3 2019 to 40.9% in Q3 2025, representing roughly 16 million additional customers.
At the other end, the subprime segment also saw an uptick after contracting during the pandemic, when many consumers paid down debt. Together, the super prime and subprime groups drove higher origination volumes and overall growth in the credit card market.
“TransUnion always has great card-level data based on information furnished by lenders,” said Brian Riley, Director of Credit and Co-Head of Payments at Javelin Strategy & Research. “Here we see consumer polarization between good scores and weak scores, and everything in between. Super prime cards are booming, and you can expect to see more with Amex, Chase, and Citi’s amped up offers.”
An Avalanche of Offerings
The premium card market has heated up as economic conditions continue to batter the average consumer. To reach more affluent—and potentially more stable—customers, American Express and Chase have both recently enhanced their premium card benefits and raised annual fees.
Citi followed suit with the launch of its premium-tier Strata Elite card, and an avalanche of offerings aimed at the super prime market has followed. Even Klarna launched subscription tiers for its debit/BNPL card, designed to offer luxury perks without the debt associated with traditional credit cards.
More Stress Is Ahead
Meanwhile, the spiraling credit card balances have pushed many consumers, especially in the subprime segment, toward BNPL cards. However, the TransUnion report found that despite the significant amount of existing debt and credit growth in the subprime segment, delinquencies have continued to decline.
This may reflect improving consumer credit health, but issuers have also played a role, most notably by tightening credit lines. The average new account credit limit has dropped, and TransUnion found that subprime credit limits were down 5% year-over-year. Still, even with the drop in delinquencies, credit card issuers aren’t out of the woods yet.