February 5 – Read the newsletter below for the latest Mortgage Banking and Consumer Finance industry news, written by Ballard Spahr attorneys. In this issue, our lawyers discuss new developments in the National Bank Act preemption, how employers can navigate 27 pay periods in 2026, the latest CCPA update, the current status of FinCEN's Residential Real Estate Reporting Rule, and much more.
- Coming Thursday, February 12: A First Look at New York’s FAIR Business Practices Act—Straight from the AG’s Office
- Podcast Episode: Breaking Developments in National Bank Act Preemption
- CFPB Receives Funding for Continued Operations
- CFPB Blasts Former Bureau Leadership for ‘Regulatory Overreach’
- Status of FinCEN’s Residential Real Estate Reporting Rule
- President Trump Announces Support for Legislation to Cap Credit Card Interest Rates at 10 Percent Per Annum for One Year
- U.S. Supreme Court Hears Arguments Regarding President Trump’s Attempt to Remove Lisa Cook From the Fed Board of Governors
- Navigating the 2026 CCPA Updates
- Chinese Enforcement Actions Reinforce Need for Global Privacy Compliance Strategy
- 27 Pay Periods—Not 27 Dresses—in 2026
- FDIC Creates New Office to Handle Appeals of Material Supervisory Determinations
We’re pleased to announce the upcoming release of a new episode of the Consumer Finance Monitor Podcast, dropping Thursday, February 12—just days before New York’s landmark FAIR Business Practices Act takes effect on February 17.
In this timely episode, we take a deep dive into what is widely viewed as the most significant overhaul of New York’s consumer protection statute in nearly 50 years. The FAIR Act dramatically expands the State’s authority to challenge unfair and abusive business practices, reshaping the compliance and enforcement landscape for companies doing business with New Yorkers.
We were honored to be joined by Jane Azia, Chief of the Bureau of Consumer Frauds and Protection, and Alec Webley, Assistant Attorney General in the Bureau — two of the key architects and enforcers of the FAIR Act. This conversation with our host, Alan Kaplinsky (founder and former leader of our Consumer Financial Services Group for 25 years) marks the first public outreach by the New York Attorney General’s Consumer Frauds and Protection Bureau explaining some of the FAIR Act’s applications in practice.
Among other topics, we discuss:
- How the FAIR Act expands New York’s consumer protection law beyond deception to include unfair and abusive conduct.
- The growing role of the New York Attorney General in filling the enforcement void left by the CFPB’s pullback from investigations and litigation, including the AG’s prosecution of lawsuits dropped by the CFPB.
- Why companies—including banks and Fintechs—do not need a physical presence in New York to fall within the AG’s enforcement jurisdiction.
- What this new enforcement regime means for consumers, financial institutions, and businesses nationwide.
If your organization does business with New York consumers—or is watching the evolving balance between state and federal consumer protection enforcement—this is an episode you won’t want to miss. Our podcast show is available on this blog, our firm website (www.ballardspahr.com), and all other major podcast platforms.
Available Thursday, February 12. Mark your calendar.Consumer Financial Services Group
Podcast Episode: Breaking Developments in National Bank Act Preemption
Our podcast consists of a webinar we produced on November 10, 2025, titled, “Breaking Developments in National Bank Act Preemption.” Join our panel of top legal panelists as they break down how landmark court rulings are changing the rules for national banks, examine the growing application of state law, and discuss what these changes mean for compliance, risk, and the future of consumer financial services.
Meet the Panelists:
- Alan S. Kaplinsky (Host and Moderator): Senior counsel and former practice group leader and founder of the Consumer Financial Services Group at Ballard Spahr.
- Professor Arthur Wilmarth: Professor emeritus at George Washington University Law School, widely recognized for his scholarship on National Bank Act preemption.
- John L. Culhane, Jr.: Senior counsel of the Consumer Financial Services Group at Ballard Spahr specializing in national bank compliance and regulatory strategy.
- Ronald K. Vaske: Senior counsel of the Consumer Financial Services Group at Ballard Spahr advising financial institutions on regulatory and compliance matters.
- Joseph J. Schuster: Partner of the Consumer Financial Services Group at Ballard Spahr guiding national banks on state law adaptation and implementation.
Key Points Covered:
- Landmark Court Decisions: Recent cases like Cantero in the U.S. Supreme Court and Conti in the First Circuit Court of Appeals have moved National Bank Act preemption away from blanket coverage, requiring courts to carefully assess each state law’s impact on national banks.
- Dodd-Frank’s Transformative Impact: The Dodd-Frank Act codified the legal standard established by the Supreme Court in the Barnett Bank Case that state laws are only preempted if they “prevent or significantly interfere” with national bank authority, and curtailed the OCC’s sweeping preemption powers.
- Erosion of Uniform Federal Standards: National banks now face the reality of complying with an increasing patchwork of state laws, which challenges the traditional advantage of a federal charter.
- Compliance Strategies in Practice: Banks are proactively reviewing and updating their products, disclosures, and processes to ensure compliance with varying state requirements using robust legislative tracking methods.
- What’s Next—Regulatory and Litigation Outlook: The panel anticipates ongoing legal and regulatory developments and urges institutions to prepare for further changes by starting comprehensive compliance reviews now.
This episode delivers vital updates and practical guidance on the evolving landscape of national bank preemption, making it essential listening for anyone involved in consumer financial services, banking compliance, or regulatory strategy.
Consumer Finance Monitor is hosted by Alan Kaplinsky, senior counsel at Ballard Spahr, and the founder and former chair of the firm’s Consumer Financial Services Group. We encourage listeners to subscribe to the podcast on their preferred platform for weekly insights into developments in the consumer finance industry.
To listen to this episode, click here.
Consumer Financial Services GroupCFPB Receives Funding for Continued Operations
The CFPB has received the funding it requested from the Federal Reserve, according to a January 15 letter submitted by the Justice Department to the court in the lawsuit filed against the CFPB by the National Treasury Employees Union.
On January 9, CFPB Acting Director Russell Vought notified Judge Amy Berman Jackson that, in response to her December 30, 2025, opinion in National Treasury Employees Union v. CFPB (DDC), he had requested $145 Million from the Federal Reserve Board to operate the CFPB from January through March of this year.
When he requested the funds, Vought made it clear that he made the request despite his disagreement with Judge Jackson’s opinion. We don’t know how the CFPB will deploy the funds it has received.
Earlier this year, Judge Jackson issued an injunction prohibiting the Administration from firing more than 1,400 employees and taking certain other actions at the CFPB. A three-judge panel of the U.S. Court of Appeals for the District of Columbia dissolved the injunction but withheld its mandate in the case. However, when the DC Court of Appeals granted the Union’s request for a rehearing en banc, the ruling of the three-judge panel was vacated. Judge Berman’s injunction blocking the firings remains in effect. The lawsuit is in the process of being briefed before the Court of Appeals.
Alan S. Kaplinsky, John L. Culhane, Jr., and Richard J. Andreano, Jr.
CFPB Blasts Former Bureau Leadership for ‘Regulatory Overreach’
The CFPB, under former Director Rohit Chopra, regularly engaged in regulatory overreach, the Bureau’s current leadership said in its semi-annual report, covering the period from April 1- September 30, 2024.
“As indicated throughout the Report, under his leadership, the Bureau regularly engaged in an overreach of its statutory mandates via punishment of disfavored industries,” the Bureau, under current Acting Director Russell Vought said, in the report. “This overreach and weaponization of the government manifested especially clearly in burdensome regulations and guidance and in investigations and cases that the Bureau initiated.”
The CFPB said one of the most “shameful” examples was a lawsuit against Townstone, a nonbank retail mortgage company in Chicago.
“Under the guise of enforcement of the Equal Credit Opportunity Act, the Bureau targeted Townstone based on an alleged shortfall of the number of applicants from minority areas as compared to other mortgage companies in Chicago,” the CFPB said, in the report. “This was a purely statistical difference and based on an arbitrary scale [that the] CFPB devised and which it impermissibly equated to discrimination.” The Bureau said that the CFPB continued the prosecution of that business because Townstone’s owner made comments about crime in Chicago that Bureau officials found offensive. “Under my leadership, we sought to expose these abuses and the Bureau’s trampling on Americans’ First Amendment rights,” Vought wrote. We previously reported on the CFPB’s attempt to unwind its consent order with Townstone, which was rejected by the court.
Vought also cited a case against Credova Financial, LLC. “Credova’s use of innovative financial technology solutions to provide consumer financing to facilitate the exercise of Americans’ Second Amendment rights made it a target for the Bureau,” Vought wrote. According to Credova, it provides point-of-sale financing to outdoor recreation merchants and the firearms industry. Vought also stated that the probe “was also one of numerous regulation-by-enforcement actions for which the CFPB under former Director Chopra became infamous. Under my leadership, that investigation was closed. These are egregious examples of companies being targeted for engaging in protected political speech and exercising their constitutional rights.” We previously reported on the CFPB’s dropping of the probe of Credova, with the CFPB characterizing the probe as an instance of politically motivated debanking.
Vought wrote that under his leadership, the CFPB is focusing on pressing threats to consumers, in particular those having an impact on servicemembers and their families, and veterans. “The Bureau dedicates its resources to addressing actual fraud, where there are identifiable victims with material and measurable damages, rather than to matters based on the Bureau’s perception that consumers made ‘wrong’ choices,” according to Vought. “The Bureau under my leadership seeks to redress tangible harm by getting money back directly to consumers, rather than imposing penalties on companies to simply fill the Bureau’s penalty fund.”
The CFPB has taken “multiple remedial actions,” including the withdrawal of unnecessary and burdensome guidance documents in accordance with a Trump administration executive order, the Bureau said.
The report summarizes various actions taken by the CFPB during the period covered by the report, including significant rules it adopted, guidance that it issued, and enforcement matters and lawsuits that it brought, as well as an analysis of complaints filed with the CFPB. The report notes that many of the actions listed were subsequently addressed by the new CFPB leadership, resulting in the withdrawal of numerous guidance documents, the termination of consent orders, and the withdrawal or dismissal of various enforcement actions.
Richard J. Andreano, Jr., Joseph J. Schuster, and John L. Culhane, Jr.
Status of FinCEN’s Residential Real Estate Reporting Rule
As a reminder, the Financial Crime Enforcement Network’s (FinCEN) Residential Real Estate rule (the Real Estate Rule) is effective March 1, 2026. The Real Estate Rule was originally to take effect December 1, 2025, but FinCENs subsequently announced a temporary exemptive relief, extending the effective date until March. We have previously blogged about the Real Estate Rule here and here.
To recap, the Real Estate Rule institutes a new reporting form, the “Real Estate Report” which imposes a nation-wide reporting requirement for certain non-financed transfers of residential real estate to legal entities or trusts. Beginning March 1, the “reporting person” must file the Real Estate Report electronically through FinCEN’s BSA E-Filing System. The Real Estate Rule provides a “cascading” reporting structure that requires at least one person involved in the real estate transaction to file the Real Estate Report.
The Real Estate Rule has been subject to various lawsuits, including one case in Florida that argues the constitutionality of the rulemaking. In that Florida case, a recent Magistrate Judge’s Report and Recommendation concluded that the Real Estate Rule was statutorily authorized by the Bank Secrecy Act and recommended summary judgment be granted to the Department of the Treasury. The Plaintiff has objected to the Magistrate Judge’s Report. Despite the pending lawsuits, and as of now, the Real Estate Rule appears to be on track for the March effective date.
If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. Please click here to find out about Ballard Spahr’s Anti-Money Laundering Team.
We recently blogged about President Trump’s Truth Social post in which he announced his intent to impose a 10 percent per annum interest rate cap on credit cards for one year beginning on January 20, 2026, the one-year anniversary of his second term of office. On January 21, during his speech delivered at the World Economic Forum in Davos, Switzerland, he announced his support for legislation to accomplish that result.
For the reasons we gave in our prior blog about this subject, we remain very skeptical about Congress enacting such legislation.
He said nothing about his earlier support expressed on Truth Social of the Credit Card Competition Act, a bill intended to reduce credit card interchange fees by enabling merchants to select one of two rails for processing credit card payments.
We are including below the transcript from this portion of President Trump’s speech:
“One of the biggest barriers to saving for a down payment has been surging credit card debt. The profit margin for credit card companies now exceeds 50 percent. One of the biggest. And they charge Americans interest rates of 28 percent, 30 percent, 31 percent, 32 percent. Whatever have happened to usury?”
“So to help our citizens recover from the Biden disaster, all caused by this horrible, just horrible precedent, I’m asking Congress to cap credit card interest rates at 10 percent for one year. And this will help millions of Americans save for a home. They have no idea they’re paying 28 percent. They go out there a little late in their payment, and they end up losing their house. It’s terrible.”
Consumer Financial Services Group
The U.S. Supreme Court recently heard oral arguments in Trump v. Cook, involving the issue of whether the President may remove Lisa Cook as a member of the Board of Governors of the Federal Reserve Board. Board Members may be removed “for cause,” and the President has cited alleged mortgage fraud as the basis for the removal of Cook as a Board Member.
In September 2025, Judge Jia M. Cobb, with the federal district court for the District of Columbia, issued a preliminary injunction blocking the attempt to remove Cook. While the Trump administration argued that Cook made false statements on mortgage applications for a home in Michigan and a condominium in Georgia, Judge Cobb held that the administration had not presented evidence of cause related to Cook’s conduct or job performance as a Fed Board member. Significantly Judge Cobb also held that the “for cause” removal provision applicable to Fed Board Members only applies to their behavior while they are a Board Member. With regard to the allegations of mortgage fraud, lawyers for Cook have asserted that reports confirm that Cook properly declared her Michigan home as her principal residence, and that, as part of her mortgage application, she described the property in Georgia as a vacation home.
Judge Cobb also ruled that Cook should have been given notice of and an opportunity to answer the allegations against her before she was terminated. The Trump administration argued that a post by the President on Truth Social alleging the mortgage fraud provided Cook with the opportunity to respond. She did not respond to the allegations, and the President subsequently sent her a letter stating he was removing her from the Board. Cook then brought the lawsuit challenging her termination.
The Trump administration promptly filed an appeal with the U.S. Circuit Court of Appeals for the District of Columbia. Six days after the ruling by Judge Cobb, a divided three-judge panel of the D.C. Court of Appeals upheld Judge Cobb’s preliminary injunction, finding that Cook’s “due process claim is likely to succeed” and that because she “has a property interest in her position, she is entitled to ‘some kind’ of process before removal.”
The Trump administration then filed an emergency application with the U.S. Supreme Court seeking a stay of the preliminary injunction. The Court allowed Cook to remain on the Fed Board pending the oral arguments before the Court.
At the Court, Solicitor General D. John Sauer argued on behalf of the Trump administration and former Solicitor General Paul D. Clement argued on behalf of Cook.
While the Trump administration admitted that the President can’t remove a Fed Board Member for policy differences, the main thrust of its position is that (1) the President can remove a Board Member for cause, even for acts before the person was a Board Member, without any formal notice or hearing, (2) the appropriate remedy to challenge the removal would be mandamus, and (3) mandamus is not available to challenge the removal because it was a discretionary act of the President. Thus, the basic position of the Trump administration is that there is no ability for a court to review if the removal was proper. Justices expressed skepticism about such position, particularly Justice Kagan who stated “[s]o, I mean, when we’re talking about the president’s removal powers, you’re essentially saying that the only remedy[, which is mandamus,] doesn’t apply.”
Some of the Justices pressed Sauer on whether the President will suffer irreparable harm if Cook is allowed to remain on the Board pending the final outcome of the litigation. When questioning Sauer, Justice Sotomayor stated:
“Explain to me why the president’s harm is greater than the public’s, greater than the Federal Reserve, who deserves to have people acting that have been in office, and, number three, why we should disrupt, as we said in Wilcox, the disruptive effect of repeated removals and reinstatement of officers.
Why shouldn’t we wait until the end of this case, where all the issues are clear and where we make a final decision as to whether she should have been removed or not?”
Justice Jackson did not think the President would suffer irreparable harm, and Justice Barrett also appeared to be skeptical of whether he would suffer such harm.
One of the more interesting exchanges occurred during the questioning of Sauer by Justice Kavanaugh regarding the reason for the “for cause” removal provision, which the Justice stated, “is what protects the independence of the Federal Reserve.” After stating that the position argued by the government would establish “a very low bar” for the “for cause” removal of a Board Member, Justice Kavanaugh then engaged in the following questioning:
JUSTICE KAVANAUGH: Let’s talk about the real-world downstream effects of this because, if this were set as a precedent, it seems to me, just thinking big picture, what goes around comes around.
All of the current president’s appointees would likely be removed for cause on January 20th, 2029, if there’s a Democratic President or January 20th, 2033, and then we’re really at at-will removal. So what are we doing here?
GENERAL SAUER: Yeah.
JUSTICE KAVANAUGH: What is –you know, we started –that’s why I started with what’s the purpose of the independence in the for-cause removal. If we accept all these no procedure, no judicial review, no remedy, you know, that’s what’s going to happen, I think, and then –then where are we?
So do you dispute that that is, you know, the –the real-world effect?
GENERAL SAUER: I cannot predict what future presidents may or may not do, but the argument strikes me as a policy argument –
JUSTICE KAVANAUGH: Well, history is a pretty good guide. Once these tools are unleashed, they are used by both sides and usually more the second time around. And I think that’s what –that’s what we have to make sure we’re –again, that can’t drive the decision necessarily. We have to be aware of what we’re doing and the consequences of your position for the structure of the government.
Other Justices also appear to be concerned about the ramifications of the case. Significantly, the case has proceeded rapidly through the courts and as noted above, is before the Supreme Court on an emergency application. As a result, the significant legal issues involved have not been thoroughly analyzed, nor have the facts of the case been determined. As a result, the Justices appear to be skeptical about ruling on the substantive issues in view of the limited record and analysis.
The issues include:
- What is cause for purposes of the “for cause” removal provision?
- Does it mean the INM standard, inefficiency, neglect of duty, or malfeasance in office, used in some statutes; INM plus ineligibility for office by virtue of serving as an officer, director, or stockholder of a bank, banking institution, or trust company, which is prohibited under Section 244 (12 U.S.C. 244); or something else?
- Does it include gross negligence?
- Does the “for cause” removal provision only apply to the behavior of a Board Member while they are on the Board, or does it also apply to pre-tenure behavior?
- Does the “for cause” removal provision, which does not expressly provide for notice and a hearing, nonetheless require notice and a hearing?
- If so, what type of notice and hearing?
- Is a preliminary injunction an appropriate remedy to challenge a removal, or is mandamus the only option?
Predicting how the Court will rule based on oral arguments is a cross between reading a cloudy crystal ball and reading tea leaves. Assuming the Justices believe that a preliminary injunction is the appropriate remedy at this point in the case, it appears they are inclined to leave the injunction in place and remand the case to the district court for the development of the facts and analysis of the substantive issues. If so, Cook will be eligible to remain on the Board at least until there is a ruling on the substance of the case.
Richard J. Andreano, Jr. and John L. Culhane, Jr.
Navigating the 2026 CCPA Updates
As forecasted, effective January 1, 2026, businesses that are subject to the California Consumer Privacy Act (CCPA) must comply with newly-updated regulations. For some businesses, complying with these updates will require the implementation of or updates to policies and procedures related to, among other things, risk assessments, cybersecurity audits, and the use of Automated Decision-Making Technologies. Businesses should review the updated regulations to determine if they might be affected and, if so, implement a plan to promptly ensure compliance.
Outlined below are just a few of the most notable CCPA updates businesses should be aware of:
- Risk Assessments
- Businesses who engage in certain processing activities, including selling or sharing personal information, will need to conduct risk assessments. For new processing activities (beginning after January 1, 2026), risk assessments must be conducted prior to commencement of the new activity. Businesses that conduct a risk assessment in the prior calendar year must submit an attestation of the risk assessment to the California Privacy Protection Agency (Agency) by April 1 of the following year.
- For activity that occurred prior to January 1, 2026, and continued thereafter, businesses must conduct a risk assessment by December 31, 2027, and provide attestation on or before April 1, 2028.
- Risk assessments completed for other state laws can demonstrate compliance if they check the boxes of CCPA’s regulations as well.
- Automated Decision-Making Technology (ADMT) Rules
- The updated regulations impose new requirements for businesses that use ADMT to make “significant decisions” about consumers. Those requirements will take effect in 2027. “Significant decisions” include granting or denying services like financial or lending products, housing, educational admissions or opportunities, job or contracting opportunities and compensation, or health care services.
- Obligations associated with ADMT use include:
- Providing consumers with pre-use notice of and access to information describing the manner in which ADMT is used and informing them of their associated opt-out and access rights;
- Offering consumers ADMT opt-out, unless an exception applies;
- Conducting risk assessments, as applicable; and
- Updating privacy notices, as applicable.
- Cybersecurity Audits
- The CCPA regulations will require certain businesses to conduct mandatory cybersecurity audits. The scope of the audits contains a long list of specifics, which generally tracks established audit standards such as the NIST Cybersecurity Framework. Businesses will also have to submit annual certifications of completion to the Agency.
- While the deadlines for submitting certifications begin in 2028, businesses should be aware that implementing compliant cybersecurity programs—which often must include, among other things, incident response management, access controls, data inventory, retention and disposal procedures, and vendor oversight—often requires collaboration across businesses and can be very time consuming.
- Broadened Definition of “Sensitive Personal Information”
- The updates also imported the statutory definition of “sensitive personal information,” with the addition of “personal information collected and analyzed concerning a consumer’s health, sex life, or sexual orientation,” and “personal information of consumers that the business has actual knowledge [or willfully disregards] are less than 16 years of age.”
- With the broadened definition, businesses should reassess their need for notices, opt-outs, and back-end procedures related to the Right to Limit.
- Other Notable Updates
- Stricter requirements relating to the use of dark patterns, highlighting the need for careful consideration relating to cookie banners and opt-out menus;
- Additional notice requirements for businesses that disclose personal information collected through augmented or virtual reality devices;
- Updates to data subject rights procedures; and
- New transparency requirements, including in-app privacy policy posting requirement.
Although many of the deadlines outlined above seem distant, businesses should be auditing their current processing activities for compliance now rather than discovering potential issues right before the applicable deadlines expire.
Kelsey Fayer, J. Matthew Thornton, and Gregory P. SzewczykChinese Enforcement Actions Reinforce Need for Global Privacy Compliance Strategy
China’s internet regulatory authority and top prosecutors have recently released a series of enforcement actions and cases, aimed at highlighting enforcement priorities in the data security realm over the last year. In 2025, enforcements under the Chinese Cybersecurity Law, the Data Security Law, the Personal Information Protection Law, and the Regulations on the Security Management of Network Data, focused primary on data security compliance, illegal cross-border transfers, and violations of personal information rights.
Companies were cited for violations related to over-collection of data, noncompliance with network data security rules, improper storage, allowing unrestricted access to sensitive information, and violating consent requirements.
Chinese authorities have stated that enforcement priorities in 2026 will include increased oversight in the “digital sphere” including activities of illegal collection and misuse of personal data. Enforcement actions in 2026 are also expected to focus on data leaks and improper network governance and increased penalties for data breaches.
To prevent being the focus of China’s regulatory authority, companies should focus on:
- Ensuring adequate safeguards are in place to protect data in transit and at rest;
- Completing required cybersecurity classification and grading, where required;
- Implementing effective security management policies and access policies, including strong password requirements;
- Completing necessary assessments or certifications where required for cross-border transfers; and
- Publishing adequate notices disclosing personal information collection and processing practices, and do not exceed those disclosed practices.
While specific compliance requirements will vary depending on the business, any data collection, storage, or processing occurring in China will be subject to increased scrutiny in 2026, requiring businesses to take a closer look to ensure proper data security is in place.
Importantly, although the safeguards may have overlap across different international laws and standards, cross-border transfer and localization principles are causing harder operational issues for businesses. With enforcement ramping up, businesses should carefully consider their global compliance strategy.
Madison Etherington and Gregory P. Szewczyk
27 Pay Periods—Not 27 Dresses—in 2026
Like Katherine Heigl’s character in the 2008 film “27 Dresses,” employers in 2026 may run into an equally-numbered—albeit less quirky—quandary this year: a potential for 27 pay periods. And just as Heigl’s character ultimately found true love, employers can use this helpful guide to find payroll love before Valentines Day.
Why 27 Pay Periods Occur. You may be thinking, how could there be 27 pay periods this year? Each year has 52 weeks, and if employees are paid bi-weekly, then there will be 26 pay periods, right? Not exactly. There is a slight discrepancy between our 365-day years and traditional 14-day pay periods. This is because 14 x 26 = 364, leaving one day (two in leap years) floating in limbo. These add up, and every 11 or 12 years, we hit a point where a 27-pay-period year is possible.
2026 is one of those years. Indeed, employers that pay every other Friday likely started the year with a paycheck on Friday, January 2, 2026. Because Friday, January 1, 2027, is a holiday such that banks will be closed, those employers may decide to issue the final paycheck of 2026 on Thursday, December 31, 2026. This means that the employer will have paid that employee 27 pay checks in 2026, which likely means that salaried employees were overpaid.
The overpayment occurs when employers take an employee salary, divide it by 26, and then provide a 27 payment to the employee based on that figure. Consider this example:
Jane works for Rom-Com Corp. She is exempt and paid an annual salary of $104,000. Rom-Com Corp. typically divides this salary into 26 payments of $4,000, which it provides her every 14 days—every other Friday. This year, if it first paid her on Friday, January 2, 2026, then a payment on Thursday, December 31, 2026, will mean Jane was overpaid by $4,000. This issue is magnified when factoring in 401k matching, overcontributions in violation of IRS rules or benefit plans, payroll taxes, and other expenses associated with employee pay.
So, you may be thinking, why not just forego the 27 payment to Jane? She will have earned her $104,000 by December 18, 2026, right? Not exactly…
Federal and State Law Considerations. Employees who are properly classified as exempt from overtime under the Fair Labor Standards Act must receive a predetermined amount for each pay period that equals at least $684 a week (this number can be higher under certain state laws) and meet certain duties tests. So, withholding that 27 payment is not an option.
Options for Employers That Have Already Paid. Employers who find themselves subject to a 27th pay period as a result of issuing the first paycheck of 2026 on Friday, January 2 should decide whether to: (1) overpay exempt employees in 2026 or (2) reduce remaining paychecks in 2026 to ensure that all paychecks issued in 2026 equal the agreed-upon salary between employer and employee.
Employers who choose the second option will want to: (1) comply with state laws requiring notice to employees regarding a reduction in pay per pay period (usually at least one full pay period in advance, but check your state and local laws); (2) review employment and collective bargaining agreements to ensure that reducing paychecks during 2026 will not violate such agreements and/or bargain with applicable unions; and (3) confirm that reducing pay during 2026 pay periods will not bring the relevant employee(s) below the applicable salary-basis threshold ($684 per week federally, but many times this is higher under applicable state law).
If the employer wishes to reduce the employee’s pay going forward to ensure that all pay periods in a given year add up to the employee’s salary, the adjustment should not be applied retroactively, and it should not reduce the employee’s overall annual salary. The goal is to preserve both the employees’ annual salary and the employer’s budget through prospective change. This can be done using the following formula:
(Annual Salary – Amount Already Paid) ÷ Remaining Number of Pay Periods = New Biweekly Amount
Benefit Considerations. Employers who choose the first option will want to take care they are not violating IRS rules or benefit plans by overcontributing to retirement accounts, health insurance premiums, and/or flexible spending accounts. Assuming no issues arise with this option, it is likely you will have some happy employees.
Employer responsibilities are difficult, weird calendar issues notwithstanding. If your company will have 27 pay periods this year and you are concerned about the potential issues, please contact Ballard Spahr’s Labor and Employment Group. We advise employers on labor, employment, and policy issues, and we also monitor developments under the new administration and their impact on employers. Please contact us if we can assist you.
Joseph Q. Ridgeway, Shanae T. Jones, Shirley S. Lou-Magnuson, and Denise M. Keyser
FDIC Creates New Office to Handle Appeals of Material Supervisory Determinations
In a move viewed favorably by FDIC-regulated institutions, the FDIC has approved amendments to the agency’s Guidelines for Appeals of Material Supervisory Determinations that were proposed back in July of 2025 new supervisory appeals office will now establish review panels that include someone with bank supervisory experience and someone with industry experience.
The amendments call for replacing the current Supervisory Appeals Review Committee (SARC) with an “independent, standalone Office” as part of the agency.
“The Office of Supervisory Appeals will be the final level of review of material supervisory determinations, independent of the Divisions that make supervisory determinations,” the agency said. “The Office will be staffed by reviewing officials who are hired externally, and each panel will have at least one reviewing official with bank supervisory experience and at least one reviewing official with industry experience.”
“Including individuals with industry experience will broaden the perspectives reflected on a panel and allow the appellate process to benefit from a diversity of views, while still ensuring that panelists have deep familiarity with the supervisory process,” FDIC Chairman Travis Hill said.
He added that the final guidelines would “expand institutions’ appellate rights by allowing appeals in certain cases where a formal enforcement action is proposed or pending. Under the final guidelines, the facts and circumstances underlying a proposed formal enforcement action would be in scope for appeals to the Office under certain circumstances, which would allow an independent review in cases where supervisory determinations may have significant consequences for an institution.”
In particular, the FDIC will now allow appeals of the facts and circumstances underlying a proposed or pending enforcement action as long as the enforcement action is not based, in whole or in part, on allegations of: (1) unsafe or unsound practices or (2) violations of AML/CFT laws or regulations or the institution’s sanctions compliance.
Hill said that, as he noted when the proposal was first unveiled, “The intent of the Office, which would be staffed by officials hired externally whose sole job would be reviewing and adjudicating supervisory appeals, is to promote an independent, apolitical, and consistent appeals process.”
The guidelines would become effective upon the FDIC determination that the office is sufficiently operational to carry out its functions.
Subscribe to Ballard Spahr Mailing Lists
Copyright © 2026 by Ballard Spahr LLP.
www.ballardspahr.com
(No claim to original U.S. government material.)
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, including electronic, mechanical, photocopying, recording, or otherwise, without prior written permission of the author and publisher.
This alert is a periodic publication of Ballard Spahr LLP and is intended to notify recipients of new developments in the law. It should not be construed as legal advice or legal opinion on any specific facts or circumstances. The contents are intended for general informational purposes only, and you are urged to consult your own attorney concerning your situation and specific legal questions you have.