By Rajashri Chakrabarti, Gabriel Leonard, Donald P. Morgan, Thu Pham, and Lee Seltzer; Federal Reserve Bank of New York/Liberty Street Economics
Click here to read the entire article.
In imperial China, 3 percent was the maximum legal monthly loan rate; charging more was punishable by 40 to 100 blows with the “light cane.” (Rockoff 2003) Centuries later, many U.S. states are imposing the same cap (without corporal penalties) on alternative credit providers, such as payday, installment, and auto-title lenders, with the goal of lowering credit costs and delinquency for the high-risk borrowers that rely on these funding sources.
A concern, however, is that lenders will simply refuse to lend to these borrowers at lower interest rates. Our recent Staff Report studies how interest rate caps have played out in several states that recently adopted them. Using household-level data from a major credit bureau, we find that loan balances for the riskiest borrowers declined substantially relative to counterparts in states without caps. Despite taking on less debt, these borrowers did not experience an improvement in delinquencies.
The Resurgence of Usury Limits
Usury limits have waned over the centuries in the U.S, but their recent resurgence on the consumer side was triggered by payday lenders’ entry into the small dollar loan market in the mid-1990s (Rockoff 2003). In 2007, rates on loans to military staff were capped at 36 percent—marking the first-ever national usury limit in the U.S. A bill currently before Congress, the Predatory Loan Elimination Act, would extend the 36 percent cap across the entire U.S.
Saunders (2021) traces the 36 percent standard back to credit reform in the early 20th century. Concerned that prevailing usury limits were too low, the Russell Sage Foundation promulgated a Uniform Small Loan Law recommending a higher cap of 3.5 percent per month. Thirty-four states raised caps to between 36 and 42 percent over the next few decades (Anderson et al. 2015).
Cheaper Credit…or Less Credit?
Opponents of rate caps predict that they will lower the supply of credit for riskier borrowers rather than drive down the cost of credit. The textbook credit model below illustrates this effect. In this model, lenders separately provide credit for high-risk borrowers (sH) and low-risk borrowers (sL). At market equilibrium, lenders charge high-risk borrowers i, which is higher than what they would charge low-risk borrowers; lenders charge high-risk borrowers a higher interest rate to compensate for higher expected loan losses. However, a usury cap requires lenders to charge no higher than icap for interest, which is lower than the equilibrium rate i. As a result, lenders contract the quantity of loans supplied, as shown.
In fact, if profits from loans to high-risk borrowers don’t cover the fixed cost of providing them, lenders may entirely refuse to make any loans to high-risk borrowers, which is referred to as credit rationing. This is particularly likely as less creditworthy borrowers are also typically more likely to take out relatively small loans.
Note that icap is higher than the equilibrium interest rate for low-risk borrowers, and under standard model assumptions, lending to lower-risk borrowers does not change. However, under certain conditions, the rate cap could also have implications for low-risk borrowers, a situation we examine in the next post in this series.
Click here to continue reading.
Ravie Lakshmanan, The Hacker News
Click here to read the entire article.
Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites.
“This emerging delivery technique extends social engineering beyond conventional search results and increases the visibility of malicious software recommendations,” Microsoft Defender Experts and the Microsoft Defender Security Research Team said in a report published Tuesday.
The activity, per the tech giant, impersonates legitimate system utilities like CrystalDiskInfo, HWMonitor, Display Driver Uninstaller, FurMark, K-Lite Codec Pack, and PDFgear, likely in an attempt to target users who own high-performance GPUs. The idea is to focus on compromising systems with higher mining value than indiscriminately infecting a large number of machines, it added.
The goals of the campaign are not merely financially motivated. The threat actors have also been found to establish persistent remote access to compromised hosts through ScreenConnect deployments, which could then be leveraged for follow-on activity, such as data theft, lateral movement, or ransomware.
The attack chain is more deliberate than other typical cryptocurrency mining efforts, strategically opting for endpoints that help maximize GPU mining yield per compromised device. The Windows maker said it detected and blocked activity associated with the campaign.
It all begins when users search for trusted system utilities and hardware-monitoring software on search engines, which surface malicious sites that have been gamed via techniques like search engine optimization (SEO) poisoning. Subsequent iterations observed in April 2026 indicate that users are being directed to these sites not through search engine results, but rather via interactions with large language model (LLM)-based tools.
“In these cases, users querying AI chatbots for software download recommendations were presented with links to attacker-controlled domains within generated responses,” Microsoft said. “While this behavior is based on observed patterns and correlated data sources, it’s consistent with emerging techniques in AI search result poisoning, representing an extension of traditional SEO poisoning beyond conventional search engines.”
Each of these sites contains a prominent download button that retrieves a ZIP archive from a campaign-specific subdomain of gleeze[.]com, which is hosted by infrastructure associated with Dynu, a dynamic DNS provider frequently used by threat actors. More than 150 malicious domains have been identified serving the malicious tools.
Click here to continue reading.
Kayla Selhorst, SVP/Chief Operations Officer, CME Federal Credit Union
Published by the Ohio Credit Union League
Amid the recent decision by Hicksville Bank to sell to Interra Credit Union, you may have seen a series of misstatements and misdirection from the Bank Lobby surrounding credit unions and the credit union model that serves the financial needs of more than 3.3 million Ohioans.
We’re here to set the record straight as part of a four-part series: Credit Union Myth Busters. Today’s topic is the unlevel playing field for credit unions versus banks.
While banks are publicly claiming that credit unions enjoy an unfair economic advantage as not-for-profit financial institutions, the truth is that banks enjoy several economic advantages that credit unions do not.
Examples of these credit union industry disadvantages include:
- Capped Business Lending: While federal law caps credit union member business lending at 12.25% of total assets, banks face no such limit on business lending.
- Restricted Membership: While credit unions are bound by defined and often narrow fields of membership, banks are free to serve any customer and expand without these limitations.
- Limited Access to Public Deposits: Unlike banks, credit unions do not have access to public deposits, which constrains balance sheet growth and liquidity options.
- Constrained Capital Formation: Credit unions cannot issue stock and have only limited access to supplemental capital, restricting their ability to compete.
Credit unions are proud of our collective Movement and our ability to serve Ohio’s 3.3 million credit union members with flexibility and agility. And we’ll continue to do so.
However, any claims that credit unions enjoy an ‘unfair advantage’ are not only false, but also only serve to highlight the ways in which credit unions often operate at a distinct disadvantage when compared to banks and other financial institutions.
Instead of punishing credit unions, as the bankers propose, lawmakers should be rewarding credit unions for stepping up and providing community-based financial services even when banks will not.
The credit union model values ‘people over profit,’ which is why 3.3 million Ohioans choose to belong to a credit union. And while others seek to distract and divide from that mission, Ohio credit unions remain laser-focused on serving our members and the financial needs of every Ohio community.
By Michael K. Mahoney, Ogletree, Deakins, Nash, Smoak & Stewart, P.C.; National Law Review
Click here to read the entire article.
On May 19, 2026, President Donald Trump issued Executive Order No. 14406 (“Restoring Integrity to America’s Financial System”), which is likely to impact access to financial services for employees who are not U.S. citizens.
Quick Hits
- On May 19, 2026, President Trump issued an executive order calling for stricter due diligence requirements when financial institutions vet customer applications.
- The executive order requires banks and financial services companies to treat customers’ immigration status as a factor in evaluating potential financial risk.
- The executive order’s stated purpose is to “safeguard [the] financial system from illicit use[s],” such as unwithheld payroll taxes, money laundering, terrorism financing, and labor trafficking.
The executive order directs the secretary of the treasury and federal regulators to propose changes to Bank Secrecy Act regulations to strengthen due diligence requirements for financial institutions. A White House fact sheet explains, “Gaps in customer identification practices have allowed terrorists, drug traffickers, money launderers, and other criminal networks to exploit U.S. financial institutions to move illicit funds and evade law enforcement.”
The executive order describes red flags associated with suspicious financial activity, including:
- “evidentiary patterns of payroll tax evasion by employers or labor brokers,” including failures to withhold or remit federal taxes for non–work-authorized individuals;
- the use of unregistered third-party payment processors or digital platforms to “facilitate ‘off-the-books’ wage payments intended to bypass Bank Secrecy Act reporting thresholds or tax obligations”;
- the use of certain “foreign-identity documents, nominee accounts, shell companies, or complex ‘funnel’ structures designed to obfuscate the identity of the ultimate beneficial owners or conceal the true nature of payroll disbursements”;
- “patterns of repetitive, sub-threshold cash withdrawals or deposits that correlate with payroll cycles conducted outside of regulated payroll processing systems”;
- “financial activity indicative of labor trafficking or forced labor … where proceeds are commingled with legitimate business revenue or transferred to foreign jurisdictions; and
- “the use of an individual taxpayer identification number (ITIN) to obtain credit products or open depository accounts where the applicant lacks verified lawful immigration status.”
The executive order clarifies that an ITIN “facilitates tax compliance,” but its use in lieu of a Social Security number or valid work-authorized visa “may be identified as a risk factor requiring enhanced due diligence to ensure the account is not being utilized to facilitate the unlawful employment of unauthorized aliens.”
The executive order could make it more difficult for employees who are not U.S. citizens to open bank accounts, obtain credit, and access other financial services. It calls on federal regulators to issue guidance for banks and other financial institutions on managing the credit risks associated with extending loans and providing financial services to individuals without work authorization. It also directs the Consumer Financial Protection Bureau to consider changing regulations to clarify that potential deportation and loss of wages are factors that could affect a borrower’s ability to repay a loan.
Click here to continue reading.
By Josh Taylor, CSO Magazine
Click here to read the entire article.
The rise of autonomous AI in warfare has shifted cyber conflict from speed to scale, requiring a new doctrine focused on probabilistic, adaptive defense.
For most of my career running security operations, the shape of cyber conflict has been defined by who could move faster than the other side. Faster at identifying a vulnerability, faster at patching, faster at detecting, faster at responding. The last few months have made me reevaluate that framing. Speed still matters. It just no longer carries the picture on its own. Scale and autonomy have moved alongside it, and the relative emphasis I place on the three is something I expect to keep adjusting. When I read recent coverage of the US government’s deepening use of advanced AI for cyber operations, Anthropic’s Claude Mythos Preview disclosure and the wave of defensive AI being built in response, I recognized the pattern. It fits the pattern of doctrine forming.
Doctrine rarely arrives through formal announcements in this field. It emerges through repeated behavior, through choices made under operational pressure, through what capable actors do when no one is telling them to stop. That is where I believe we are now.
From tools to operational capability
I remember when cyber operations lived inside scripts. They moved into frameworks, then into automated pipelines, then into what we somewhat optimistically called orchestration. Each step compressed time and lowered required expertise. Frontier AI is starting to look to me less like the next step in that sequence and more like a different thing.
What seems to separate frontier AI from the automation we have lived with, in what I have seen so far, is less about efficiency and more about independence. A model that can conduct reconnaissance across an unbounded attack surface, identify vulnerabilities without predefined signatures, assist in exploit chaining and adapt based on feedback feels less like enhancing an analyst’s workflow and more like operating with reduced human constraint. That shifts the economics of offense in ways that break assumptions most security programs still quietly rely on.
Click here to continue reading.
Published in PYMNTS
Click here to read the entire article.
Subprime consumers are navigating the credit markets through a mix of installments, informal borrowing and carefully managed payment behavior that traditional scoring models do not always capture.
PYMNTS Intelligence data on the behavioral profiles of subprime consumers argues that the subprime population represents a durable and identifiable segment of roughly 44 million U.S. adults, rather than a temporary byproduct of economic pressure. The report found that 17% of U.S. consumers identify as subprime, a share that has remained within a relatively narrow range for 47 consecutive monthly survey waves dating back to March 2022.
The stability of that segment matters for lenders, merchants and installment providers because the data suggests these consumers continue to seek credit access, even as many traditional products fail to align with their financial realities. The report notes that 35% of subprime consumers hold no credit or store card at all, compared to just 4% of super-prime consumers.
The report repeatedly points to one structural characteristic separating subprime consumers from the broader population: chronic pressure around bill payment. Fifty-five percent of subprime consumers reported living paycheck to paycheck with difficulty paying bills, more than double the rate for the overall population.
Traditional underwriting models remain heavily anchored to credit bureau data, revolving utilization and repayment history. Yet the PYMNTS Intelligence findings suggest that cash-flow behavior, spending priorities and payment sequencing may provide additional insight into repayment capacity and consumer stability.
The report highlights several behavioral indicators that may prove increasingly useful in underwriting targeted credit products for subprime consumers. One of the clearest involves the handling of periodic cash-flow events such as tax refunds. Among subprime consumers who received refunds, 67% described the money as either critical or very important to maintaining financial stability. Thirty-six percent directed the largest share of those funds toward everyday expenses or bills.
Click here to continue reading.
By John Beauchamp, CUAnswers/CUSO Magazine
Click here to read the entire article.
Your team has been talking to a vendor who has a solution that is going to make your life amazing. The vendor even said integration with your core is FREE. All you must do is pay the recurring fees going forward and be willing to be their beta test…and of course, provide them your data to develop with. What a bargain.
Not so fast.
While this solution might be a bargain for your organization, without the proper due diligence, this seemingly wonderful integration could be a formula for disaster. Too often, organizations see only the promises of a cool, new solution without understanding the risks and implications of turning over member data. Risks include the possibility of violating privacy laws if information is turned over without members’ consent. You can also be on the hook for data breaches, whether by the vendor or a downstream organization that receives access to the data.
Top questions to ask before signing on the dotted line
Consider the following before quickly agreeing to send your data to a third-party vendor:
What/how much data is your vendor requesting?
Is the vendor only asking for the data required to accomplish the task you are engaging them for, or is the vendor broadly requesting data that is unnecessary for your purposes? You may be exposing your organization to a massive data breach by sending data unneeded to reach your goals. In addition, your vendor may want volumes of data for such purposes as training their Artificial Intelligence (AI) models, at your risk.
Are you compliant with privacy laws?
Many states require consent from a person before their information can be sent to a third party. While there are federal carve-outs in state privacy laws for data sent to third parties to provide members with a financial product or service, many states grant their residents much broader protection regarding notification and the right to opt out. Do not assume an all-encompassing right to send data without first ensuring that your members do not have notification, consent, and opt-out rights regarding the data you are sending.
Have you reviewed the vendor’s data security policy?
Anytime you send member data to a third party, you are required to ensure that the third party is adequately safeguarding the data. Depending on the data sent, ensure the vendor can demonstrate safety and data protection, including physical safeguards, employee training, and compensating controls for you to follow.
Click here to continue reading.
By Kurt Woock, NerdWallet
Click here to read the entire article.
Changing priorities and shifting income cause spending habits to morph as people age.
American households spent an average of $539 on bakery products and $131 on postage and stationery in 2024. Those are a few of the quirkier spending habits tracked and categorized in the Consumer Expenditure Surveys, a nationwide survey of more than 30,000 people. The federal government has conducted detailed expenditure surveys since 1888.
The Bureau of Labor Statistics releases this data, which includes spending details on hundreds of items for different generations, in one-year batches. While it may seem outdated by the time it’s released — particularly last year, when the 2024 data release was delayed until December due to the federal government shutdown — the tradeoff is specificity: We can put the spending patterns of specific groups of Americans under a magnifying glass.
Overall spending trends, by generation
The average dollar amount spent isn’t the best way to understand this data. Varying incomes can distort the meaning behind raw dollar amounts. For example, a younger household may spend a smaller dollar amount at restaurants than an older household, but if the younger household has a lower income, they may still be devoting a larger percentage of their income to eating out.
Instead, comparing the share of spending to the average income for each demographic reveals how much income each expense category eats up. Income reported in this survey is pre-tax.
Housing, transportation and food make up the core of American budgets. These three expenses used, on average, 48% of a household’s income in 2024. (The BLS measures spending by household, or what they call a “consumer unit.” That term includes families and other groups who pool their income and expenditure decisions. Roommates, on the other hand, are distinct consumer units.)
Click here to continue reading.
By Jim Tyson, CFO Dive
Click here to read the entire article.
Before the war with Iran, 8% of adults said their family sometimes or often lacked enough food, the Federal Reserve said, citing survey results.
Dive Brief:
- Roughly three out of four U.S. adults (73%) said they are “doing okay financially” or “living comfortably” even as their view of the economy has dimmed, with 42% of survey respondents voicing concern about finding or keeping a job, the Federal Reserve said.
- More than 90% of adults identified inflation as a concern, the central bank said in a report on an annual survey, noting that price pressures persisted as their most common financial worry.
- “Fifty-eight percent [of households] said that changes in the prices they paid compared with the prior year had eroded their financial standing,” the Fed said, with 14% saying inflation had made their situation much worse.
Dive Insight:
The economic outlook has dimmed since the Fed gathered results for the survey in October, with the Iran war increasing price pressures and prompting downgrades of forecasts for growth.
“The Middle East war is expected to exert a modest but meaningful drag on near-term growth through renewed supply chain disruptions, higher shipping costs and increased uncertainty around energy and trade flows,” LPL Financial Chief Economist Jeffrey Roach said Monday.
The war will likely slow growth by 0.2 percentage point in the second quarter and by 0.3 percentage point in Q3, he said in a note. Economists see 35% odds of a recession in the next 12 months, an increase from 32% in February and March, according to a Wolters Kluwer survey.
Inflation is casting a shadow on the outlook. A war-induced surge in energy prices last month pushed up the rate of price gains to a three-year high, with the consumer price index climbing 3.8% on an annual basis. The cost of energy jumped 17.9% during the past year, spurred by a 28.4% increase in the price of gasoline and 54.3% gain in the price of fuel oil, the Bureau of Labor Statistics said Tuesday.
Price pressures, and declining affordability, have eroded consumer sentiments to record lows in recent months. In turn, retail sales growth slowed to 0.5% last month from 1.6% in March as a war-induced surge in price pressures exceeded wage gains and put the price of some goods out of reach for low-income consumers. On an annual basis, sales increased 4.9%, the Census Bureau said Thursday.
Before the Iran war, 8% of adults said their family sometimes or often lacked enough food and 16% failed to pay all their bills the prior month, the Fed said, citing survey results. Although most households said they are financially stable, some “demographic groups — including low-income, young, and Black adults — saw meaningful declines” in their financial well-being from 2024 to 2025, the central bank said.
Click here to continue reading.
By Michael Wayland, CNBC
Click here to read the entire article.
Key Points
- The head of Capital One Auto, one of the nation’s largest auto finance lenders, told CNBC he isn’t overly concerned about rising consumer automotive debt and inflated used car prices leading to so-called “forever loans.”
- While median monthly car payments have jumped from $390 to $525 since 2019, data provided by Capital One Auto suggests vehicle costs have been stable compared with income.
- The lender found 80% of car purchasers who finance a vehicle are below the generally recognized payment to income threshold of 15%, even though they’re taking out longer loans to get to that goal.
The head of one of the nation’s largest auto finance lenders isn’t overly concerned about rising consumer automotive debt and inflated used car prices leading to longer loans on vehicle purchases.
His main reasoning? The percentage of income consumers are spending on their vehicles has remained relatively flat compared with 2019, before the coronavirus pandemic led to inflated pricing as demand surged but inventories stayed low.
“If I just told you, ‘Car prices going up, interest rates going up, insurance prices going up,’ you would say, ‘You know what, consumers must be paying more as a ratio to the income,’” Capital One
Auto President Sanjiv Yajnik told CNBC. “However, if you look at every quintile of salary and earnings of people, the payment-to-income ratio has remained fairly flat.”
While Capital One reports median monthly car ownership payments have jumped from $390 to $525 since 2019, data provided exclusively to CNBC from its automotive unit suggest that vehicle costs have stayed relatively stable compared with income. That’s because, overall, the payment-to-income ratio has remained flat at approximately 10% since 2019, according to the automotive arm of the American bank.
Capital One Auto found 80% of car purchasers who finance a vehicle are below the generally recognized payment to income threshold of 15%.
“The consumer is being cautious. They’re being responsible. This is a much healthier way to do things than the alternative, because it’s not a discretionary spend,” said Yajnik, referring to consumers prioritizing vehicle payments for transportation, including work.
To get to that goal, however, more consumers are taking on longer loans to keep payments affordable.
Click here to continue reading.
By Lori Sommerfield, Chris Willis, Taylor Gess & Lane Page; Consumer Financial Services Law Monitor, Troutman Pepper Locke
Click here to read the entire article.
On May 5, Craig Trainor, Assistant Secretary for the Office of Fair Housing and Equal Opportunity (FHEO) at the U.S. Department of Housing and Urban Development (HUD), used the American Bankers Association’s Risk and Compliance Conference to send a clear message about how the Trump administration plans to enforce the Fair Housing Act (FHA) going forward, including with respect to how it will treat special purpose credit programs (SPCPs).
Trainor stated that the FHEO is “returning to the beating heart” of FHA enforcement by prioritizing cases with “strong evidence of disparate treatment,” and that it “will no longer chase phantom discrimination based upon statistical disparities without evidence of intentional unlawful treatment.” In other words, HUD is signaling a focus on intentional discrimination claims, and a corresponding retreat from large‑scale disparate impact cases built primarily on statistical disparities.
At the same time, Trainor underscored that the FHEO is closely scrutinizing SPCPs. He specifically referenced a program offered by the Washington State Housing Finance Commission that was “created to address disparities resulting from past discrimination against racial groups.” As summarized below, earlier this year the FHEO launched an investigation into that program. Trainor warned that SPCPs “that do not comply with the statutory text of the [FHA] continue to be subject to enforcement,” and he cautioned that lenders “found engaging in illegal discrimination will be held accountable.”
Trainor also encouraged institutions that may have offered programs with race‑based eligibility criteria to take “immediate remedial actions” and indicated that “meaningful” remedial efforts will be viewed favorably in deciding whether and how to pursue enforcement.
Click here to continue reading.
By Walter Donway, The Daily Economy
Click here to read the entire article.
Organizations often mistake measurable activity for meaningful achievement. AI productivity metrics confuse computation costs with added value.
A recent Wall Street Journal report on a workplace trend called “tokenmaxxing” offers a revealing glimpse into some of the confusion attending America’s AI boom.
Some companies, the Journal reports, are experimenting with measuring an employee’s engagement with AI by tracking “tokens”—the units into which the system converts text typed into prompts. Now, in some workplaces, it seems token consumption has become a badge of an AI user’s engagement, experimentation, or productivity.
This is a striking moment. During what often feels like a national celebration—or national heart attack—over the transformative productive potential of artificial intelligence, we are publicly debating if an employee’s value might be measured by the volume of text sent to and from a chatbot.
The controversy deserves more attention than its odd jargon suggests. It exposes a central uncertainty in the AI revolution: what, exactly, does productive use of AI mean?
Reporting in Built-In, Ellen Glover reports that tokenmaxxing “is taking much of the tech industry by storm… individuals are ranked on leaderboards based on how much they use AI, with generous perks and incentives encouraging them to push these tools to their limits… The assumption is that the more you use AI, the more productive you must be. Those who lean in the hardest will come out on top.”
She adds that some employees take advantage of the fact that now “systems use AI agents to work autonomously for hours on end, reviewing and editing large codebases and writing entire programs while their human users are out living their lives.”
Tokens are real enough. Large language models do not “read” language as humans do. They convert words, punctuation, fragments of words, and other text elements into tokens—standardized units processed mathematically. The more tokens used, generally, the more computing resources consumed. AI providers often charge by token volume. Tokens therefore matter to engineers, accountants, and software managers.
When tokens migrate from a technical unit used in billing into a measure of employee performance, however, we risk confusing the cost of computation with the creation of value.