Earlier today, Carter Dougherty at Bloomberg scooped the CFPB, saying that the Bureau is contemplating supervisory or enforcement actions for credit-card reward programs. Aside from making me wonder if I’m going to lose my beloved $200 credit for baggage fees from my favorite card, the article points to a vital policy question: when is a product a problem. In the past, bank regulators waited far too long to address disasters like subprime mortgages. The Bureau is now scrutinizing an old product, one from which all consumers seem to want is more. But, it’s hands-off for new products – especially in the lightening-speed arena of mobile payments – that pose risk not only to consumers, but also to broader financial-system stability.

The Bloomberg story suggests that the CFPB is interested in reward programs because they contribute to card decision-making – as indeed doubtless they do. What’s apparently under scrutiny are reward disclosures, which the CFPB frets may not be well understood by the high-income consumers using the premium cards that offer these perks. I’m the first to admit I have no clue about all the rewards all of my cards convey, but who’s fault is that? And, if I decide on my card based on rewards – not hard costs and rights – should I be protected from myself? If one airline offers me a free upgrade and another a companion ticket, which is “better?” Does the CFPB know I need the upgrade more than a friend?

Now, back to mobile payments and the risks I think emerging products here may truly pose. Earlier this year, we laid out a paradigm for more effective consumer financial regulation (http://www.fedfin.com/images/stories/client_reports/FedFin%20Consumer%20Financial%20Protection%20Paradigm.pdf ), in which we highlighted this areas as a top priority. The reason? Products are exploding across the web and on every smartphone to make it easier to pay for everything and to do so not just in dollars, but also in BitCoins. As the Wall street Journal laid out yesterday, one can now travel the world and pay for everything with virtual currency by waving electronic devices at whomever is willing to accept payment as such.

Leaving aside for the moment the extent to which virtual currencies can be used for real-life crime – a critical issue as recent law-enforcement actions make clear – circumventing traditional payment mechanisms raises real risk to payor and payee. Sure, banks are slow and often resistant to change. This is a longstanding feature of banking – one usually doesn’t go into this business because you’re hip. Technocrats are, of course, nothing but hip, and that has its virtues up to the point at which they start playing with other people’s money. Then, I like boring a lot better.

When the you-know-what hits the fan and Google’s latest cool payment device crashes or PayPal mislays somebody’s money, who will suffer? If the failures are small and the provider as big as Google or eBay, maybe not much because losses will be only to a few hapless consumers and might even be reimbursed by companies large enough to protect their reputations. But, if a new payment product reaches vulnerable consumers to any considerable extent or is offered by a provider with no funds with which to make up lapses, real harm will result to real people. Do mobile-payment users know that their funds aren’t protected by the FDIC and the people with whom they park them are under no prudential regulation? I rather doubt it – no law or rule now requires these providers to make clear anything so inconvenient.

Regulated companies have lots of flaws – we know this all too well from the last few years not only from the systemic financial crisis, but also from the non-stop parade of costly penalties inflicted on big banks that did grievous things under their regulators’ noses. But, will “shadow” institutions do any better, especially in start-up mode when all they care about is the up-front cash? Of course not. Prioritizing more study into unproven problems at regulated banks already spending billions to clean up their act means the Bureau is betting on non-banks to be better stewards than banks of the public trust just because they’re doing something way cool. A bad bet, I think.