Skip to main content
Menu Icon Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations
Section Content

Upcoming Events


Subscribe to our InfoBytes Blog weekly newsletter for news affecting the financial services industry.

  • Senate passes bipartisan financial regulatory reform bill

    Federal Issues

    On March 14, by a vote of 67-31, the Senate passed the Economic Growth, Regulatory Relief, and Consumer Protection Act (S. 2155) (the bill)—a bipartisan regulatory reform bill crafted by Senate Banking, Housing, and Urban Affairs Committee Chairman Mike Crapo, R-Idaho—that would repeal or modify provisions of Dodd-Frank and ease regulations on all but the biggest banks. (See previous InfoBytes coverage here.) The bill’s highlights include:

    • Improving consumer access to mortgage credit. The bill’s provisions state, among other things, that: (i) banks with less than $10 billion in assets are exempt from ability-to-repay requirements for certain qualified residential mortgage loans; (ii) appraisals will not be required for certain transactions valued at less than $400,000 in rural areas; (iii) banks and credit unions that originate fewer than 500 open-end and 500 closed-end mortgages are exempt from HMDA’s expanded data disclosures (the provision would not apply to nonbanks and would not exempt institutions from HMDA reporting altogether); (iv) amendments to the S.A.F.E. Mortgage Licensing Act will provide registered mortgage loan originators in good standing with 120 days of transitional authority to originate loans when moving from a federal depository institution to a non-depository institution or across state lines; and (v) the CFPB must clarify how TRID applies to mortgage assumption transactions and construction-to-permanent home loans, as well as outline certain liabilities related to model disclosure use.
    • Regulatory relief for certain institutions. Among other things, the bill simplifies capital calculations and exempts community banks from Section 13 of the Bank Holding Company Act if they have less than $10 billion in total consolidated assets. The bill also states that banks with less than $10 billion in assets, and total trading assets and liabilities not exceeding more than five percent of their total assets, are exempt from Volcker Rule restrictions on trading with their own capital.
    • Protections for consumers. Included in the bill are protections for veterans and active-duty military personnel such as: (i) permanently extending the protection that shields military personnel from foreclosure proceedings after they leave active military service from nine months to one year; and (ii) adding a requirement that credit reporting agencies provide free credit monitoring services and credit freezes to active-duty military personnel. The bill also addresses general consumer protection options such as expanded credit freezes and the creation of an identity theft protection database. Additionally, the bill instructs the CFPB to draft federal rules for the underwriting of Property Assessed Clean Energy loans (PACE loans), which would be subject to TILA consumer protections.
    • Changes for bank holding companies. Among other things, the bill raises the threshold for automatic designation as a systemically important financial institution from $50 billion in assets to $250 billion. The bill also subjects banks with $100 billion to $250 billion in total consolidated assets to periodic stress tests and exempts from stress test requirements entirely banks with under $100 billion in assets. Additionally, certain banks would be allowed to exclude assets they hold in custody for others—provided the assets are held at a central bank—when computing the amount such banks must hold in reserves.
    • Protections for student borrowers. The bill’s provisions include measures to prevent creditors from declaring an automatic default or accelerating the debt against a borrower on the sole basis of bankruptcy or cosigner death, and would require the removal of private student loans on credit reports after a default if the borrower completes a loan rehabilitation program and brings payments current.

    The bill now advances to the House where both Democrats and Republicans think it is unlikely to pass in its current form.

    Federal Issues Federal Legislation Bank Regulatory Dodd-Frank S. 2155 CFPB HMDA Mortgages Licensing TILA TRID Servicemembers Volcker Rule Student Lending Consumer Finance Bank Holding Companies Community Banks Privacy/Cyber Risk & Data Security

    Share page with AddThis
  • House passes several bills focused on regulatory relief

    Federal Issues

    On March 6, the House passed H.R. 2226, the “Portfolio Lending and Mortgage Access Act,” amending TILA and expanding the safe harbor provisions provided to qualified residential mortgages held in portfolio by banks with less than $10 billion in assets. Under the bill, a mortgage lender would not be subject to civil liability for violating specified ability-to-repay requirements if, among other things, the loan was originated and held continuously in portfolio by a covered institution and complies with certain limitations and requirements related to prepayment penalties and points and fees..

    On the same day, the House also passed H.R. 4725, the “Community Bank Reporting Relief Act,” to amend the Federal Deposit Insurance Act to reduce the regulatory reporting burden on community banks. Specifically, federal banking agencies would be required to issue regulations allowing qualified depository institutions with less than $5 billion in assets to submit abbreviated call reports (consolidated reports of condition and income) every other quarter rather than submitting full call reports every quarter.

    Finally, by a vote of 264-143, the House passed H.R. 4607, the “Comprehensive Regulatory Review Act,” a measure to amend the Economic Growth and Regulatory Paperwork Reduction Act of 1996’s regulatory review process. Among other things, the bill requires federal financial regulators to perform a comprehensive review at least every seven years, instead of every ten years as currently required, to identify regulations that may be tailored to limit burdens on insured depository institutions. 

    Federal Issues Federal Legislation U.S. House Qualified Mortgage Mortgages Community Banks EGRPRA Federal Deposit Insurance Act Bank Regulatory

    Share page with AddThis
  • Federal Reserve blocks national bank’s growth, cites internal governance and risk management oversight failures

    Federal Issues

    On February 2, the Federal Reserve Board (Fed) cited compliance breakdowns and widespread consumer abuses as the primary factors behind its decision to issue an order to cease and desist against a national bank. In addition to blocking the bank from growing beyond $1.95 trillion in assets until the Fed approves internal governance and risk management reforms, the order also requires the bank to take actions in the areas of board effectiveness, risk management program improvement, third party reviews of plans and improvements, and reports on progress. The bank must, among other things, (i) create “separate and independent reporting lines” to the chief risk officer and the board, and (ii) enhance risk management oversight and functions, which includes creating “an effective risk identification and escalation framework.” The bank concurrently agreed to replace four current board members in 2018, with three replaced by April. Notably, the order does not require the bank to cease current activities such as accepting customer deposits or making consumer loans.

    The Fed also sent letters to the bank’s former lead independent director and former chair of the board of directors (see letters here and here) to address the “many pervasive and serious compliance and conduct failures” that occurred during their tenures. Citing ineffective oversight following awareness of alleged consumer abuses, the Fed stated that the former directors failed to initiate any serious inquiry or request that the board do so. Further, the Fed asserted that the former chair of the board continued to support the sales goals that were a major cause of the identified sales practice problems and failed to initiate a serious investigation or inquiry. A third letter sent to the current board of directors outlines steps the board must take to improve senior management reporting, maintain an effective risk management structure, and ensure compensation and other incentive programs are “consistent with sound risk management objectives and promote . . . compliance with laws and regulations.” (See here and here for previous InfoBytes coverage on the alleged improper sales practices.)

    In response, the bank issued a press release stating it will commit to the Fed’s requirements and will provide a compliance plan for oversight, compliance, and operational risk management to the Fed within 60 days. The plan will also outline measures already completed by the bank, and if approved by the Fed, the bank will engage independent third parties to review its adoption and implementation of the plan.

    Federal Issues Federal Reserve Bank Regulatory CFPB OCC Consumer Finance Risk Management

    Share page with AddThis
  • House Financial Services Subcommittee conducts hearing on fintech opportunities and challenges


    On January 30, the House Financial Services Subcommittee on Financial Institutions and Consumer Credit held a hearing entitled “Examining Opportunities and Challenges in the Financial Technology (“Fintech”) Marketplace.” The Subcommittee issued a press release following the hearing and presented the following key takeaways:

    • “Modern developments in digital technology are changing the way in which many financial services are offered and delivered”; and
    • “Congress and the federal prudential regulators must continue to examine this innovative marketplace to understand the opportunities and challenges it presents, and to ensure that financial services entities are allowed to use fintech to deliver new products and services while also protecting consumers.”

    Opening statements were presented by several members of the Subcommittee, including Subcommittee Vice Chair Keith Rothfus, R-PA, who noted that online lending, mobile banking, and other products could bring capital back to areas deserted by traditional banks. Subcommittee Chairman Blaine Luetkemeyer, R-MO, highlighted that loan originations passed through marketplace lenders accounted for nearly $40 billion over the past ten years, with online lenders often able to offer better lending terms. Luetkemeyer also discussed the rise of mobile banking and lending and raised the question presented by some states of whether fintech companies should be required to comply with current laws that apply to similar products. He stressed that understanding fintech’s capabilities “can better create an environment that fosters certainty and responsible innovation while maintaining consumer protections.” A broad range of topics were discussed at the hearing, including the following highlights:

    • Madden v. Midland / True Lender. Companies that have chosen to partner with banks have also run into regulatory and legal roadblocks, including the recent decision in Madden v. Midland Funding, which determined that a nonbank entity taking assignment of debts originated by a national bank is not entitled to protection under the National Bank Act from state-law usury claims. (See Buckley Sandler Special Alert here.) In prepared remarks, Andrew Smith, Partner at Covington and Burling, LLP, stated that because of varying outcomes in true lender court challenges, the lack of certainty means that “market participants will no longer be willing to enter into these types of transactions, thereby depriving consumers, banks, and the economy of the many benefits of bank partnerships with fintech providers while also hampering the liquidity necessary to support a robust lending market.” Smith went on to discuss H.R. 4439, the Modernizing Credit Opportunities Act, which was introduced to “reconfirm and reinforce existing federal law with respect to a bank’s identity as the true lender of a loan with the assistance of a third-party service provider.” Smith emphasized that the legislation would “resolve any uncertainty about a bank’s ability to use third-party service providers by confirming the principle that when a bank enters into a loan agreement, it is the bank that has made the loan.”
    • Marketplace Lending. During his testimony, witness Nathaniel Hoopes, Executive Director at the Marketplace Lending Association, highlighted the role marketplace lending platforms (MPPs) have had in delivering products to underserved consumers, but emphasized that a lot of work still needs to happen for more of the “broad American ‘middle class’ to fully realize and benefit from the potential of MPPs specifically and fintech more broadly.” He also expressed support for the Special Purpose National Bank charter currently under consideration by the OCC.
    • Regulatory Sandboxes. Witness Brian Knight, Director of the Program on Financial Regulation and Senior Research Fellow at the Mercatus Center at George Mason University, suggested in his prepared remarks various methods to improve the current regulatory environment, and opined that lawmakers could allow firms that participate in a regulatory sandbox program and comply with its requirements to avoid liability as long as the firm makes “customers whole if the firm causes harm owing to a violation of the law.” Knight added that states could be allowed to grant special non-depository charters similar to those offered by the OCC. And while witness Professor Adam J. Levitin of the Georgetown University Law Center agreed that sandboxes would allow companies to explore new ideas with the understanding that customers must be protected, he cautioned that the fragmentation of the regulatory system around fintech makes it hard for experimentation, and that risk would need to be regulated.
    • Virtual Currencies. Knight discussed his concerns with initial coin offerings (ICOs) and commented that while ICOs “may enable firms to access capital more effectively than traditional methods, there are significant concerns that they are being used by both outright frauds and well-meaning but ignorant firms to obtain capital in contravention of existing laws governing the sales of securities, commodities futures contracts, and products and services.” However, Knight testified that despite the potential for risk, peer-to-peer payments, cryptocurrencies, and other innovations demonstrate potential, and that innovative lenders are replacing banks in communities where it is no longer profitable for those banks to serve.

    Inconsistent Regulations. During his testimony, witness Brian Peters, Executive Director at Financial Innovation Now, advocated for improved coordination among regulators and stressed that the “current structure is needlessly fragmented and inconsistent among federal regulators, and varies widely across state jurisdictions.” Peters also commented on the need to modernize the regulatory structure to keep pace with innovation and meet consumers’ needs.

    Fintech House Financial Services Committee Marketplace Lending True Lender Virtual Currency Bank Regulatory Usury Third-Party Madden

    Share page with AddThis
  • Bank regulators share living will expectations with foreign banks operating in the U.S.

    Federal Issues

    On January 29, the Federal Reserve Board and the FDIC sent letters to 19 foreign banks operating in the United States to outline and clarify resolution plan expectations. According to a joint release issued by the regulators, Dodd-Frank-mandated resolution plans—commonly known as living wills—require certain foreign banks to detail strategic plans for their U.S. operations “for rapid and orderly resolution under bankruptcy” should the banks fail or fall under material financial distress. Requested in the letters, among other things, are specifics on resolution strategies, capital calculations, management of liquidity, stress testing, and organizational structures. Banks are required to submit 2018 resolution plans no later than December 31, 2018. Refer here to access a list of banks and letters.

    Federal Issues Federal Reserve FDIC Living Wills International Bank Regulatory

    Share page with AddThis
  • Federal Reserve vice chairman evaluates post-crisis regulations

    Federal Issues

    On January 19, Federal Reserve Vice Chairman for Supervision Randal Quarles spoke at the American Bar Association Banking Law Committee Annual Meeting to discuss his initial observations on the post-crisis regulation regime and provide a status update on the Fed’s key areas of focus for improving the “efficiency, transparency, and simplicity of regulation.” Quarles emphasized that there are a variety of means to improve efficiency, such as (i) addressing unintended adverse consequences of a regulation, or (ii) calibrating a regulation “more precisely to the risks in need of mitigation.” Transparency around rulemaking encourages a variety of perspectives, and simplifying regulations “promotes public understanding of regulation, promotes meaningful compliance by the industry with regulation, and reduces unexpected negative synergies among regulations,” he added.

    According to Quarles, “small bank capital simplification, burden reduction in resolution planning, enhancements to stress testing, leverage ratio recalibration, and Volcker rule simplification” are common ground areas for improvement, efforts have progressed, and regulations have been proposed for changes, including extending the resolution planning cycle to reduce the reporting burden. Quarles also noted that the Fed expects to release a proposal on leverage ratio recalibration in the near future, and has started working with five banking agencies on a proposal to streamline the Volcker rule.

    Another area of focus Quarles highlighted is the Fed’s plan to revisit the “advanced approaches” thresholds used to identify internationally active banks, including risk-based capital requirements as well as the supplementary leverage ratio. Quarles further noted that the current $250 billion-asset or $10 billion in on-balance-sheet foreign exposures thresholds were formulated more than a decade ago “and have not been refined since then.” Additionally, Quarles announced plans to work with his Fed colleagues to simplify the framework for loss absorbency requirements. According to Quarles, candidates for simplification include (i) eliminating the advanced approaches risk-based capital requirements; (ii) eliminating one or more stress testing ratios; and (iii) modifying the total loss-absorbing capacity requirements. The framework for making determinations of control under the Bank Holding Company Act—while not a post-crisis regulation—could also be improved to be less “burdensome and time-consuming,” Quarles added.

    Finally, as previously covered in InfoBytes, Quarles commented on the Fed’s requests for comments issued last December on three proposals designed to increase stress testing transparency while also testing the resiliency of large, complex banks. “I believe that the disclosure we have provided does not go far enough to provide visibility into the supervisory models that often deliver a firm's binding capital constraint,” Quarles noted.

    Federal Issues Federal Reserve Bank Supervision Bank Regulatory Volcker Rule

    Share page with AddThis
  • OCC highlights supervisory priorities in fall 2017 semiannual risk report

    Federal Issues

    On January 18, the OCC announced the release of its Semiannual Risk Perspective for Fall 2017, identifying key risk areas for national banks and federal savings associations. Top supervisory priorities will focus on credit, operational, and compliance risk. As previously discussed in the spring 2017 semiannual report, compliance risk continues to be an ongoing concern, particularly as banks continue to adopt new technologies to help them comply with anti-money laundering rules and the Bank Secrecy Act (BSA), in addition to addressing increased cybersecurity challenges and new consumer protection laws. (See previous InfoBytes coverage here.) The OCC commented that these types of risks can be mitigated by banks with “appropriate due diligence and ongoing oversight.”

    Specific areas of particular concern include the following:

    • easing of commercial credit underwriting practices;
    • increasing complexity and severity of cybersecurity threats, including phishing scams that are the primary method of breaching bank data systems;
    • using limited third-party service providers for critical operations, which can create “concentrated points of failure resulting in systemic risk to the financial services sector”;
    • compliance challenges under the BSA; and
    • challenges in risk management involving consumer compliance regulations.

    The report also raises concerns about new requirements under the Military Lending Act along with pending changes to data collection under the Home Mortgage Disclosure Act, which could pose compliance challenges. It further discusses a new standard taking effect in 2020 for measuring expected credit losses, which “may pose operational and strategic risk to some banks when measuring and assessing the collectability of financial assets.”

    The data relied on in the report was effective as of June 30, 2017.

    Federal Issues Agency Rule-Making & Guidance OCC Risk Management Bank Regulatory Third-Party Bank Secrecy Act HMDA Military Lending Act Vendor Management Anti-Money Laundering Privacy/Cyber Risk & Data Security

    Share page with AddThis
  • Buckley Sandler Insights: Fed's LFI Risk Management Principles Open for Comments

    Agency Rule-Making & Guidance

    On January 4, the Federal Reserve (Fed) issued for public comment proposed guidance setting forth core principles of effective risk management for Large Financial Institutions (“LFI”s) (“Risk Management proposal”). Given that it is increasingly likely that Congress will release financial institutions with assets below $250 billion from “SIFI” designation, the Fed’s guidance yesterday is a further effort to ensure that risk at LFIs will continue to be managed well even after many of them are no longer subject to other SIFI obligations. The proposal would apply to domestic bank holding companies and savings and loan holding companies with total consolidated assets of $50 billion or more; the U.S. operations of foreign banking organizations (“FBOs”) with combined U.S. assets of $50 billion or more; and any state member bank subsidiary of these institutions. The proposal would also apply to any systemically important nonbank financial company designated by the Financial Stability Oversight Council (“FSOC”) for Fed supervision. The proposed guidance clarifies the Fed’s supervisory expectations of these institutions’ core principals with respect to effective senior management; the management of business lines; and independent risk management (“IRM”) and controls.

    The Risk Management proposal is part of the Fed’s broader initiative to develop a supervisory rating system and related guidance that would align its consolidated supervisory framework for LFIs. Last August, the Fed issued for public comment two related proposals: a new rating system for LFIs (“proposed LFI rating system”) and guidance addressing supervisory expectations for board directors (“Board Expectations proposal”). (See previous InfoBytes coverage on the proposals.) The proposed LFI rating system is designed to evaluate LFIs on whether they possess sufficient financial and operational strength and resilience to maintain safe and sound operations through a range of conditions. With regard to the Board Expectations proposal, the January 4 proposal establishes supervisory expectations relevant to the assessment of a firm’s governance and controls, which consists of three chief components: (i) effectiveness of a firm’s board of directors, (ii) management of business lines, independent risk management and controls, and (iii) recovery planning. This guidance sets forth the Fed’s expectations for LFIs with respect to the second component—the management of business lines and IRM and controls, and builds on previous supervisory guidance. In general, the proposal “is intended to consolidate and clarify the [Fed’s] existing supervisory expectations regarding risk management.”

    The January 4 release delineates the roles and responsibilities for individuals and functions related to risk management. Accordingly, it is organized in three parts: (i) core principals of effective senior management; (ii) core principals of the management of business lines; and (iii) core principles of IRM and controls.

    Senior Management

    The Risk Management proposal defines senior management as “the core group of individuals directly accountable to the board of directors for the sound and prudent day-to-day management of the firm.” Two key responsibilities of senior management are overseeing the activities of the firm’s business lines and the firm’s IRM and system of internal control. The proposed guidance highlights the principle that: Senior management is responsible for managing the day-to-day operations of the firm and ensuring safety and soundness and compliance with internal policies and procedures, laws and regulations, including those related to consumer protection.

    Management of Business Lines

    The proposal refers to “business line management” as the core group of individuals responsible for prudent day-to-day management of a business line and accountable to senior management for that responsibility. For LFIs that are not subject to supervision by the Large Institution Supervision Coordinating Committee (“LISCC”) these expectations would apply to any business line where a significant control disruption, failure, or loss event could result in a material loss of revenue, profit, or franchise value, or result in significant consumer harm.

    A firm’s business line management should:

    • Execute business line activities consistent with the firm’s strategy and risk tolerance.
    • Identify, measure, and manage the risks associated with the business activities under a broad range of conditions, incorporating input from IRM.
    • Provide a business line with the resources and infrastructure sufficient to manage the business line’s activities in a safe and sound manner, and in compliance with applicable laws and regulations, including those related to consumer protection, as well as policies, procedures, and limits.
    • Ensure that the internal control system is effective for the business line operations.
    • Be held accountable, with business line staff, for operating within established policies and guidelines, and acting in accordance with applicable laws, regulations, and supervisory guidance, including those related to consumer protection.

    Independent Risk Management and Controls

    The Risk Management proposal describes core principles of a firm’s independent risk management function, system of internal control, and internal audit function. The guidance does not prescribe in detail the governance structure for a firm’s IRM and controls. While the guidance does not dictate specifics regarding governance structure, it does set forth requirements with respect to the roles of the Chief Risk Officer and Chief Audit Executive:

    • The CRO should establish and maintain IRM that is appropriate for the size, complexity, and risk profile of the firm.
    • The Chief Audit Executive should have clear roles and responsibilities to establish and maintain an internal audit function that is appropriate for the size, complexity and risk profile of the firm.

    The proposal requires that a firm’s IRM function be sufficient to provide an objective, critical assessment of risks and evaluates whether a firm remains aligned with its stated risk tolerance. Specifically, a firm’s IRM function should:

    • Evaluate whether the firm’s risk tolerance appropriately captures the firm’s material risks and confirm that the risk tolerance is consistent with the capacity of the risk management framework.
    • Establish enterprise-wide risk limits consistent with the firm’s risk tolerance and monitor adherence to such limits.
    • Identify and measure the firm’s risks.
    • Aggregate risks and provide an independent assessment of the firm’s risk profile.
    • Provide the board and senior management with risk reports that accurately and concisely convey relevant, material risk data and assessments in a timely manner.

    With regard to internal controls, the proposed guidance builds upon the expectations described in the Fed’s Supervisory Letter 12-17. A firm should have a system of internal control to guide practices, provide appropriate checks and balances, and confirm quality of operations. In particular, the guidance states that a firm should:

    • Identify its system of internal control and demonstrate that it is commensurate with the firm’s size, scope of operations, activities, risk profile, strategy, and risk tolerance, and consistent with all applicable laws and regulations, including those related to consumer protection.
    • Regularly evaluate and test the effectiveness of internal controls, and monitor functioning of controls so that deficiencies are identified and communicated in a timely manner.

    With respect to internal audit, the proposed guidance does not expand upon the Fed’s expectations; rather it references existing supervisory expectations. The proposed guidance highlights that a firm should adhere to the underlying principle that its internal audit function should examine, evaluate, and perform independent assessments of the firm’s risk management and internal control systems and report findings to senior management and the firm’s audit committee.

    Comments on the Fed’s proposed guidance are due by March 15.

    Agency Rule-Making & Guidance Federal Reserve Risk Management LFI SIFIs Bank Regulatory Bank Supervision

    Share page with AddThis
  • House Passes Legislation Modifying Systemic Risk Designation Requirements

    Federal Issues

    The House voted 288-130 on December 19 to pass legislation modifying Dodd-Frank Act asset requirements for systemic risk designations of bank holding companies. Under H.R. 3312, the Systemic Risk Designation Improvement Act of 2017, bank holding companies that are subject to increased capital requirements and heightened supervision by the Federal Reserve (Fed) will no longer be automatically designated as systemically important financial institutions (SIFIs) if their asset threshold is $50 billion or greater. Instead, the Fed will review a bank holding company’s size, interconnectedness, infrastructure, “global cross-jurisdictional activity,” and complexity to determine whether it should be designated as a SIFI. Relatedly, the Senate Banking Committee is currently considering a separate measure, S. 2155, which would, among other things, increase the SIFI asset threshold to $250 billion.

    Federal Issues Federal Legislation Dodd-Frank SIFIs Bank Regulatory

    Share page with AddThis
  • Continuing Resolution Extends National Flood Insurance Program Deadline to December 22

    Federal Issues

    As previously reported in InfoBytes, the House voted 237-189 on November 14 to pass legislation reforming and reauthorizing the National Flood Insurance Program (NFIP) for five years before it expired at the beginning of December. A continuing resolution (H.J. Res. 123), passed by both the Senate and House and signed into law by President Trump on December 8, amended the expiration date of Fiscal Year 2018 appropriations to December 22, and extended the NFIP another two weeks. The Senate Banking Committee is still waiting to act on a flood insurance bill. 

    Federal Issues OCC Bank Regulatory National Flood Insurance Program Trump

    Share page with AddThis