Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations
Section Content

Upcoming Events

Filter

Subscribe to our InfoBytes Blog weekly newsletter for news affecting the financial services industry.

  • FDIC OIG releases Special Inquiry Report to address breach response plan

    Privacy, Cyber Risk & Data Security

    On April 16, the FDIC’s Office of Inspector General (OIG) released its Special Inquiry Report—“The FDIC’s Response, Reporting, and Interactions with Congress Concerning Information Security Incidents and Breaches”—which contains findings from an examination of the FDIC’s practices and policies related to data security, incident response and reporting, and Congressional interactions. The Special Inquiry Report is the culmination of a request made by the former Chairman of the Senate Committee on Banking, Housing, and Urban Affairs in 2016, and focuses on the circumstances surrounding eight information security incidents that occurred in 2015 and 2016—seven of which involved personally identifiable information and constituted data breaches. An eighth incident involved the removal of “highly sensitive components of resolution plans submitted by certain large systemically important financial institutions without authorization” by a departing FDIC employee.

    According to the report, the OIG asserts that, among other things, the FDIC failed to (i) put in place a “comprehensive incident response program and plan” to handle security incidents and breaches; (ii) clearly document risk assessments and decisions associated with data incidents; (iii) fully consider the range of impacts on bank customers whose information was compromised; (iv) promptly notify consumers when an incident occurred and did not adequately consider notifications as a separate decision from whether it would provide credit monitoring services; (v) for at least one incident, failed to convey the seriousness of the breach; and (vi) provide timely, accurate, and complete responses to Congressional requests to gather information about how the agency was handling the incidents.

    As a result of these findings, the OIG presented recommendations and timeframes for the FDIC to “address the systemic issues.” Recommendations include: (i) clearly defining roles and responsibilities within the FDIC Breach Response Plan, and establishing procedures “consistent with legal, regulatory, and/or operational requirements for records management”; (ii) establishing a separation between consumer breach notifications and the offer of credit monitoring services; (iii) adhering to established timeframes for reporting incidents to FinCEN when suspicious activity report information has been compromised; (iv) conducting an annual review of the Breach Response Plan to confirm that that the guidance has been consistently followed during the preceding year; (v) developing guidance and training to ensure that employees and contractors are fully aware of the legal consequences of removing any sensitive information from FDIC premises before they depart; (vi) ensuring that FDIC policies, procedures, and practices result in complete, accurate statements and representations to Congress, and updating and correcting prior statements and representations as necessary; (vii) clarifying “legal hold policies and processes”; and (viii) specifying that the Office of Legislative Affairs is responsible for “providing timely responses to Congressional requests and communicating with Congressional staff regarding those requests.”

    The FDIC concurred with the recommendations and has completed corrective actions for two, with plans to address the remaining recommendations between June and December of this year. The FDIC has also agreed to keep the OIG informed of the progress made to address the identified performance issues.

    Privacy/Cyber Risk & Data Security FDIC OIG Data Breach Congress Senate Banking Committee

    Share page with AddThis
  • Student loan servicer seeks declaratory and injunctive relief to resolve dispute concerning preemption of state law

    Courts

    On April 4, a Pennsylvania-based student loan servicer (servicer) that services federal student loans on behalf of the U.S. Department of Education (Department) filed a complaint in the U.S. District Court for the District of Columbia against the Connecticut Department of Banking and its banking commissioner (together, the Connecticut Defendants), and the Department, seeking a judicial determination that the federal Privacy Act of 1974 (Privacy Act) preempts Connecticut law requiring the servicer to disclose certain records containing confidential information about its student loan borrowers to the state, along with data related to borrower complaints, or risk revocation of its state servicer’s license. In addition, the servicer seeks injunctive relief against the Connecticut Defendants to prevent the enforcement of state law in contravention of the Privacy Act and revocation of the servicer’s license.

    In support of the injunctive relief sought, the servicer cites several irreparable harms, including (i) the potential termination of its federal loan servicing contract; (ii) the revocation of its license to service, which would adversely affect approximately 100,000 student borrowers in the state, and (iii) the potential impact on loan servicing arrangements that the servicer has with “dozens of private lenders doing business in Connecticut.”

    As previously covered in InfoBytes, on March 12 Department Secretary Betsy DeVos published an Interpretation that asserted the position that state “regulation of the servicing of Direct Loans” is preempted because it “impedes uniquely Federal interests,” and state regulation of the servicing of loan under the Federal Family Education Loan Program “is preempted to the extent that it undermines uniform administration of the program.” However, last month—as discussed in InfoBytes—a bipartisan coalition of 30 state Attorneys General released a letter urging Congress to reject Section 493E(d) of the Higher Education Act reauthorization—H.R. 4508, known as the “PROSPER Act”—which would prohibit states from “overseeing, licensing, or addressing certain state law violations by companies that originate, service, or collect on student loans.” The states expressed a concern that, if enacted, the law would preempt state consumer protection laws for student borrowers and constitute “an all-out assault on states’ rights and basic principles of federalism.”

    Courts Department of Education Student Lending State Issues Preemption Congress Federal Legislation

    Share page with AddThis
  • Mulvaney requests more oversight and accountability for the Bureau in semi-annual report to Congress

    Federal Issues

    On April 2, the CFPB issued its semi-annual report to Congress covering the Bureau’s work from April 1, 2017 to September 30, 2017. The report details, among other things, problems faced by consumers with regard to consumer financial products or services; significant rules and orders adopted by the Bureau; and various supervisory and enforcement actions prior to Mick Mulvaney’s appointment as acting director. Most notably, the report includes an opening letter from Mulvaney, which requests Congress make changes to the law to “establish meaningful accountability” for the Bureau which is “far too powerful.” Specifically, Mulvaney requests four changes (i) subject the Bureau to Congressional appropriations; (ii) require Congressional approval for major rules; (iii) make the director accountable to the President’s exercise of executive authority; and (iv) create an independent Inspector General for the agency. Mulvaney writes that the cycle of Congressional frustration with the CFPB will repeat “ad infinitum unless Congress acts to make [the Bureau] accountable to the American people.”

    Mulvaney is set to testify on April 11 before the full House Financial Services Committee regarding the Bureau’s semi-annual report. As he notes in his letter, he intends to discuss his recommendations regarding the Bureau’s oversight at the hearing.

    Federal Issues CFPB Succession Enforcement Congress CFPB

    Share page with AddThis
  • Senate Nullifies CFPB Arbitration Rule

    Federal Issues

    On October 24, the Senate cleared a resolution under the Congressional Review Act to nullify the CFPB’s recently adopted final arbitration rule, with Vice President Mike Pence casting the deciding vote to break the 50-50 tie. As previously covered in InfoBytes, the House passed H.J. Res. 111 earlier in July to invalidate the rule, which prohibits the use of mandatory pre-dispute arbitration clauses in certain contracts for consumer financial products and services. The resolution now heads to President Trump.

    Both CFPB Director Richard Cordray and Acting Comptroller of the Currency Keith A. Noreika issued statements following the vote. Noreika stated: “The elected representatives acted to stop a rule from going into effect that would have likely increased the cost of credit for hardworking Americans and made it more difficult for small community banks to resolve differences with their customers without achieving the rule’s goal of deterring future financial abuse.” Noreika labeled the action by Congress as a “victory for consumers and small banks across the country.”

    However, according to many media outlets, Director Cordray condemned the Senate’s action. Cordray explained: “Tonight's vote is a giant setback for every consumer in this country. Wall Street won and ordinary people lost. This vote means the courtroom doors will remain closed for groups of people seeking justice and relief when they are wronged by a company.”

    Federal Issues Agency Rule-Making & Guidance Arbitration CFPB U.S. Senate Congress Congressional Review Act

    Share page with AddThis
  • DOJ Civil Rights Division Issues Annual Report to Congress

    Federal Issues

    In September, the DOJ Civil Rights Division issued its Annual Report to Congress regarding its 2016 activities related to the Equal Credit Opportunity Act (ECOA), the Fair Housing Act (FHA), and the Servicemembers Civil Relief Act (SCRA). Highlights include:

    • Fair lending: The DOJ opened 18 fair lending investigations; filed seven lawsuits and settled six of them; and obtained almost $37 million in relief. At the end of 2016, the DOJ had 33 open fair lending investigations.
    • Servicemembers Civil Relief Act: In November 2016, the DOJ announced a new pilot program funding additional attorneys and resources to support enforcement efforts related to the SCRA. In addition, the DOJ entered into two SCRA settlements, initiated a new lawsuit (subsequently settled in 2017), and continued to support distribution of compensation under the National Mortgage Settlement.
    • ECOA/FHA Referrals: The DOJ received 22 ECOA and FHA referrals in 2016; opened eight investigations from these referrals; and noted that all but one of the lawsuits filed by the Civil Rights Division in 2016 were based in part on referrals.

    Federal Issues DOJ Congress Enforcement ECOA FHA SCRA Fair Lending

    Share page with AddThis
  • Senate and House Committees File Separate Resolutions Disapproving of CFPB Arbitration Rule

    Federal Issues

    On July 20, the Senate Committee on Banking, Housing and Urban Affairs and the House Financial Services Committee each announced Congressional Review Act Joint Resolutions of Disapproval against the CFPB’s Arbitration Agreements final rule issued July 10. In a press release issued by the Senate Committee, 24 Republican senators—including Chairman Mike Crapo (R-Idaho)—expressed concern that the anti-arbitration measure will discourage cost-effective dispute resolution and push consumers into class action lawsuits causing more harm than good. House Republicans outlined similar concerns in a press release issued the same day. H.J. Res. 111, co-sponsored by all 34 Republican members of the House Financial Services Committee, will seek to nullify the rule, which they believe “punish[es] consumers with decreased access to financial products, increased costs for such products, or both.”

    The Congressional Review Act allows Congress to overturn agency rules by a simple majority if moved within 60 days from the rule’s publication.

    Federal Issues Agency Rule-Making & Guidance Arbitration CFPB Senate Banking Committee House Financial Services Committee Congress Class Action Congressional Review Act

    Share page with AddThis
  • Senate Committee on Banking, Housing & Urban Affairs Releases Flood Insurance Bill

    Federal Issues

    On July 17, Senate Committee on Banking, Housing & Urban Affairs Chairman Mike Crapo (R-Idaho) and Ranking Member Sherrod Brown (D-Ohio) released the text of the National Flood Insurance Program Reauthorization Act of 2017, which would reform the National Flood Insurance Program (NFIP) and extend it another six years. Among the provisions covered in the bill are: (i) risk mitigation, particularly in repeatedly flooded communities; (ii) compliance cost increases; (iii) predisaster hazard mitigation programs; (iv) flood risk disclosure requirements for sellers or lessors of real estate; (v) flood mapping program improvements; and (vi) various program improvements, including requirements for federal banking regulators to conduct annual compliance studies on mandatory purchase requirements in special flood hazard areas, and directions for “FEMA to annually study NFIP participation in areas outside of special flood hazard areas.”

    “We have held multiple hearings and worked on a bipartisan basis to hear thoughts and concerns from the Program's stakeholders, regulators and from Banking Committee members,” Crapo and Brown stated in a joint release. “This bill represents the many areas where we have found agreement, and we look forward to working with our colleagues to address outstanding issues.”

    The bill is one of many introduced this year in both the Senate and the House as the NFIP is set to expire at the end of September. (See previous InfoBytes coverage here and here.)

    Federal Issues Federal Legislation National Flood Insurance Program Congress Senate Banking Committee Flood Insurance

    Share page with AddThis
  • CFPB Issues Semi-Annual Report to Congress

    Consumer Finance

    On June 26, the CFPB issued its eleventh semi-annual report to Congress, covering the period October 1, 2016 through March 31, 2017. The report highlights various supervisory and enforcement actions, regulations, and other guidance. The report focuses on Regulations E and Z, which “create a comprehensive set of consumer protections for prepaid products.” In addition, the report notes ongoing efforts to develop rules with respect to payday loans, auto title loans, installment loans, arbitration agreements, and overdraft programs.

    Consumer Finance Federal Issues Agency Rule-Making & Guidance Enforcement Congress

    Share page with AddThis
  • Federal Reserve Chair Comments on CCAR and Stress Test Transparency

    Agency Rule-Making & Guidance

    On June 16, Federal Reserve (Fed) Chair Janet Yellen sent a letter to Rep. Blaine Luetkemeyer (R-Mo.) underscoring the Fed’s understanding of the need to provide transparency in its Comprehensive Capital Analysis and Review (CCAR) process and stress test scenarios. The Fed, Yellen asserts, will continue to published CCAR instructions in advance of the submission date for capital plans. Yellen further committed to releasing instructions and scenarios for the stress tests by February 15. The guidance will offer banks more details about the qualitative and quantitative components of the exam. However, Yellen warned that disclosing all the details of the Fed's modeling on the annual exams “would give banks an incentive to adjust their business practices in ways that change the results of the stress test without changing the risks faced by the firms . . . [resulting in] less effective stress tests that present a misleading picture of the actual vulnerabilities faced by firms. There would also be a risk of increased correlations in asset holdings among large banks, making the financial system more vulnerable to adverse economic shocks.” However, Yellen said the Fed is weighing different approaches to provide banks with more information about the agency's modeling.

    Agency Rule-Making & Guidance Federal Reserve Stress Test Congress CCAR

    Share page with AddThis
  • House Passes Financial CHOICE Act of 2017

    Federal Issues

    On June 8, by a vote of 233-186 with no Democrats voting in favor of the bill and one Republican voting against, the House passed the Financial CHOICE Act of 2017 (H.R. 10), as amended, which would repeal or modify provisions of Dodd-Frank and restructure the CFPB. Committee Report 115-163 accompanying House Resolution 375, which provided for consideration H.R. 10 and recommended that the resolution be adopted, outlines the provisions introduced to overhaul existing financial regulations. Included were five additional amendments incorporated into H.R. 10 introduced by members of Congress:

    • Rep. Jeb Hensarling (R-Tex.): “Revises provisions subjecting certain FDIC and National Credit Union Association functions to congressional appropriations, relating to appointments of positions created by [H.R. 10], and providing congressional access to non-public [Financial Security Oversight Council] information”;
    • Rep. Joseph Hollingsworth (R-Ind.): “Allows closed-end funds that are listed on a national securities exchange, and that meet certain requirements to be considered ‘well-known seasoned issuers’”;
    • Rep. Lloyd Smucker (R-Pa.): “Expresses the sense of Congress that consumer reporting agencies and their subsidiaries should implement stronger multi-factor authentication procedures when providing access to personal information files to more adequately protect consumer information from identity theft”;
    • Rep. Martha McSally (R-Ariz.): “Requires the Department of Treasury” to submit a report to Congress regarding its efforts to work with Federal bank regulators, financial institutions, and money service businesses to ensure that legitimate financial transactions along the southern border move freely”; and
    • Rep. Ken Buck (R-Colo.), “Requires the [General Services Administration] to study the [Consumer Law Enforcement Agency’s] real estate needs due to changes in the Agency’s structure. It would then authorize the GSA to sell the current CLEA building if CLEA’s real estate needs have changed and there is no government department or agency that can utilize the building.”

    See previous InfoBytes here and here for additional coverage.

    The bill now advances to the Senate where it is unlikely to pass in its current form—a fact acknowledged by both Democrats and Republicans.

    Federal Issues House Financial Services Committee Financial CHOICE Act Congress Federal Legislation Dodd-Frank FDIC NCUA FSOC CFPB Department of Treasury

    Share page with AddThis

Pages