The Buy Now, Pay Later (BNPL) marketplace is undergoing a significant shift in New York. Governor Kathy Hochul signed the New York BNPL Act into law on May 9, 2025, and the New York State Department of Financial Services (NYDFS) has now released its proposed implementing regulations. Together, these actions mark one of the most comprehensive state-level interventions in the fast-growing Buy Now Pay Later state regulation sector. The proposed BNPL rule, which is currently in a public comment period and not yet final, establishes BNPL licensing requirements in New York and imposes strict BNPL consumer protection requirements, disclosure, fee and BNPL data privacy requirements on BNPL providers.
As federal oversight eased, states began regulating BNPL. Governor Hochul described New York’s rules as “nation-leading,” with advocates viewing them as a model for other states. In May 2024, the CFPB attempted to apply credit card protections to BNPL providers via an interpretive rule; however, following litigation challenges and a change in administration, the CFPB formally rescinded that rule in May 2025. New York’s NYDFS fintech regulation approach illustrates a growing trend toward state-led NY BNPL Act compliance framework
Non‑exempt BNPL providers must obtain a NYDFS license and display it on consumer‑facing platforms. Existing providers have 45 days to apply and may operate provisionally. Lenders must also obtain category permissions for interest‑free, interest‑bearing or both types of BNPL products.
The rule aligns with TILA‑style protections, requiring underwriting for income and debt, robust disclosures, dispute and refund rights, and strict limits on fees and interest. Interest is capped at 16% APR (the BNPL APR cap in New York derives from the state’s civil usury law and applies in most cases; federally chartered banks may be exempt due to federal preemption), late fees are limited, and many fees are prohibited. Strong data‑privacy rules require explicit, revocable consumer consent for data use beyond loan servicing.
To provide a handy reference, the table below summarizes which key requirements apply to different BNPL provider categories:
| Regulatory Requirement | Applicability by Provider Type |
|---|---|
| BNPL License Must obtain NYDFS license to offer BNPL loans in NY | All non-bank BNPL providers (fintech lenders, BNPL platforms, loan buyers) must be licensed. NY “Banking Law” entities (NY-chartered banks, NY-licensed lenders) need authorization, not a license. Exempt orgs (national banks, federal credit unions, etc.) are exempt from licensing. |
| Category Permission Additional approval for interest-free vs. interest-bearing products | All licensed or authorized BNPL lenders must obtain specific category permissions for offering interest-free BNPL, interest-bearing BNPL or both. (Not applicable to exempt organizations.) |
| Interest Rate Cap 16% APR ceiling on BNPL loans with interest | Applies to all interest-bearing BNPL loans (offered by licensed or authorized lenders). Interest includes any finance/origination charges. (Federally chartered banks may not be subject to state interest caps due to preemption.) Zero-interest “pay-in-4” BNPL plans are unaffected since they charge no APR. |
| Late/Penalty Fees $8 safe harbor cap; limits on multiple fees | Applies to all BNPL lenders (licensed or authorized). $8 per late payment or violation is the safe harbor max; higher fees require regulator approval. No multiple fees for one missed payment; total penalties can’t exceed the amount owed. |
| Dispute Resolution and Refunds TILA-like billing error process | Applies to all BNPL lenders. Must allow consumers to dispute errors within 60 days; acknowledge in 30 days and resolve in ≤90 days. During disputes, no collection or negative credit reporting on disputed sums. Lenders must pursue merchant refunds for returns/cancellations and credit the consumer promptly. |
| Unauthorized Use Liability Cap on consumer’s responsibility | Applies to all BNPL lenders. Consumer’s liability for unauthorized charges is capped at $50 (or less, if the unauthorized amount is smaller), mirroring credit card protections under federal law. |
| Disclosure Requirements Pre-sale, post-sale and periodic statements | Applies to all BNPL lenders. Must provide pre-transaction disclosures (key loan terms, fees, consequences) before each purchase; written confirmation after each loan; and periodic billing statements for any month with a balance or charge. Disclosures must be in English and other languages used in service or advertising to NY consumers. |
| Underwriting Standards Ability-to-repay evaluation required | Applies to all BNPL lenders. Must perform reasonable, income and debt-based underwriting on each BNPL loan and maintain written underwriting policies. Use of social networks or friends’ data for credit decisions is banned outright. |
| Data Privacy and Consent Limits on data use and sharing | Applies to all BNPL lenders. Use, sharing or sale of “covered data” (any nonpublic consumer info) beyond servicing the loan requires opt-in consent for each specific use. Consent expires in one year and is never a condition for obtaining the loan. Lenders must allow easy opt-out/withdrawal and delete data (and ensure third parties delete it) if consent is withdrawn. Activities like targeted ads, cross-selling or selling data require separate annual consent. |
| Operational and Reporting Customer service, records, capital, etc. | Applies to all BNPL lenders (licensed/authorized). Must provide a toll-free customer service line with live support at least 10 hours/day on weekdays and a contact email. Record-keeping (advertisements retained seven years), limited payment retries (max two attempts per due amount), capital requirements (surety bond or reserve for loan obligations) and periodic financial reporting and compliance officer designation are also mandated. |
(“Exempt organizations” under NY Banking Law – e.g., federally chartered banks, federal credit unions and similar institutions – are not subject to the state’s BNPL licensing and many operational requirements. However, non-bank fintech companies and out-of-state state-chartered banks should assume full compliance obligations when serving New York consumers.)
New York’s BNPL regulation introduces significant compliance and operational demands for fintech companies. Firms must invest in licensing, customer service, underwriting, disclosures and data privacy systems. Business models reliant on fees, tips or consumer data, especially for interest-free “pay-in-four” products, face new constraints, including the 16% APR cap and an $8 late fee limit.
Data privacy rules require BNPL providers to overhaul consent processes, track expiration and ensure easy opt-outs and data deletion. This could disrupt partnerships involving targeted advertising or cross-selling.
Key strategic considerations:
Looking ahead, New York’s rule is likely to influence other states. While consumer advocates support the move, industry groups warn it may hinder innovation. The light-touch era for BNPL is ending. Fintech leaders should assess compliance gaps, engage in the rulemaking process and adapt their strategies accordingly.
Connect with a member of our FinTech Services Team to discuss compliance strategies and next steps.
As the Financial Times reported on April 2, the U.S. Treasury is urging regulators to convene now on the risks building in private credit—an indication that concerns around governance gaps in the sector are beginning to intensify. Recent redemption constraints weren’t a sign of failure in private credit, but they did bring a long-standing tension…
OpenAI has just taken a bold step into the future of online shopping with the launch of Instant Checkout, a new feature that allows users to purchase products directly through ChatGPT. This opens a new avenue for e-commerce growth while representing a structural shift in how payments are initiated, processed, and safeguarded in an AI-driven…
ETFs have gone from being mysterious tools of the trading floor to becoming the unsung heroes of modern finance. They’re quietly transforming into “onboarding vehicles” across asset classes and strategies giving investors a frictionless way to participate in almost any market. ETFs are now the front door to the latest investing trends, from emerging and…
