Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations
Section Content

Upcoming Events

Filter

Subscribe to our InfoBytes Blog weekly newsletter for news affecting the financial services industry.

  • OCC Presents First National Bank Charter Since the Financial Crisis

    Agency Rule-Making & Guidance

    On October 27, Acting Comptroller of Currency, Keith A. Noreika, issued the first full-service national bank charter since the financial crisis to a banking institution in Florida. The institution is also the first de novo national bank and de novo approved for federal deposit insurance in Florida since the financial crisis. While presenting the charter, Noreika commented on the rarity of de novo banks and encouraged better efficiency in the process for their establishment in order to, “create more economic opportunity for consumers, businesses, and communities across the nation.”

    As previously covered by InfoBytes, the House Financial Services Committee held a hearing in March related to the “de novo drought” and to examine the impact the Dodd-Frank Act has had on the creation of new financial institutions.

    Agency Rule-Making & Guidance Lending OCC Bank Regulatory Federal Issues

    Share page with AddThis
  • Federal Banking Regulatory Agencies Issue Proposed Rulemaking to Simplify Regulatory Capital Rule

    Agency Rule-Making & Guidance

    On September 27, the Federal Reserve Board, the FDIC, and the OCC (agencies) issued a joint notice of proposed rulemaking to simplify capital rule compliance requirements and reduce the regulatory burden in accordance with the Economic Growth and Regulatory Paperwork Reduction Act (EGRPRA). Among other things, the proposed rule will “apply a simpler regulatory capital treatment” for mortgage servicing assets, certain deferred tax assets, investments in unconsolidated financial institutions, and capital issued by a consolidated subsidiary of a banking organization and held by third parties, or minority interest. To assist banks in evaluating the potential impact of the proposal, the agencies provided an estimation tool template and summary of the proposal. As previously discussed in InfoBytes, the agencies—all members of the Federal Financial Institutions Examination Council (FFIEC)—issued a report in March following an EGRPRA review, in which the agencies outlined initiatives designed to reduce regulatory burdens, particularly on community banks and savings associations. In a statement issued by FDIC Chairman Martin J. Gruenberg, commenters are encouraged to also consider methods for simplifying existing regulatory capital rules impacting community banks. Comments on the joint proposed rule are due 60 days after publication in the Federal Register.

    Agency Rule-Making & Guidance Bank Regulatory Capital Requirements Federal Reserve FDIC OCC EGRPRA FFIEC Federal Register

    Share page with AddThis
  • NYDFS Issues Reminder on Cybersecurity Regulation Compliance Effective August 28

    State Issues

    On August 28, the New York Department of Financial Services (NYDFS) issued an announcement reminding all NYDFS-regulated banks, insurance companies, and other financial services institutions that they must now begin complying with the state’s “first-in-nation cybersecurity regulation.” As previously covered in Infobytes, the regulation took effect March 1, 2017, but August 28 was the first compliance date. Covered entities are now required to implement the following: (i) a cybersecurity program designed to protect consumers’ private data; (ii) board/senior officer-approved written policy or policies; (iii) a designated Chief Information Security Officer to help protect an entity’s data and systems; and (iv) “controls and plans in place to help ensure the safety and soundness of New York’s financial services industry.” Furthermore, covered entities must begin reporting cybersecurity events through NYDFS’ online cybersecurity portal. (See previous InfoBytes coverage here.) Notices of exemption may be filed within “30 days of the determination that the covered entity is exempt,” and covered entities must file a certificate of compliance confirming compliance for the previous calendar year no later than February 15, 2018. NYDFS also released a series of frequently asked questions to provide assistance to institutions when complying with the regulation’s requirements.

    State Issues Privacy/Cyber Risk & Data Security NYDFS Compliance Bank Regulatory

    Share page with AddThis
  • Federal Banking Regulators Issue Proposal to Simplify Capital Requirements to Provide Regulatory Relief to Community Banks

    Agency Rule-Making & Guidance

    On August 22, the Federal Reserve, FDIC and OCC issued a proposed rule that capital requirements set to take effect in January 2018 would be suspended under a proposed rule for banking organizations not subject to the advanced approaches capital rules, such as community and midsized banks— generally those with less than $250 billion in total assets and fewer than $10 billion in foreign exposure. The federal banking regulators proposed the suspension as they develop a proposal that would simplify capital requirements to reduce regulatory burden. Banks subject to the advance approaches capital rules will still be required to comply with the capital rule requirements taking effect January 1, 2018. The proposal would pause the fully phased-in Basel III requirements regarding the treatment of mortgage servicing assets, certain deferred tax assets, investments in the capital instruments of unconsolidated financial institutions, and minority interests (see FDIC Financial Institution Letter FIL-34-2017). According to a press release issued by the FDIC, “the transitional treatment for those items is scheduled to be replaced with a different treatment on January 1, 2018.” FDIC Vice Chairman Thomas M. Hoenig issued a statement supporting the proposal but pushed for the need to provide additional relief for community banks such as predicating relief based on banking activities and tangible equity rather than asset size.

    Comments on the proposed rule are due 30 days after publication in the Federal Register.

    Agency Rule-Making & Guidance Basel Federal Reserve FDIC OCC Mortgages Community Banks Bank Regulatory

    Share page with AddThis
  • FDIC Releases August List of CRA Compliance Examinations

    Federal Issues

    On August 4, the FDIC published its monthly list of state nonmember banks recently evaluated for compliance with the Community Reinvestment Act (CRA). The list reports CRA evaluation ratings assigned to institutions in May 2017 as required by the Financial Institutions Reform, Recovery, and Enforcement Act of 1989. Monthly lists of all state nonmember banks and their evaluations that have been made publically available can be accessed through the FDIC’s website. Of the 68 banks evaluated, four were rated “Outstanding,” 62 received a “Satisfactory” rating, and two were rated “Needs to Improve.”

    Federal Issues FDIC CRA Banking Bank Regulatory FIRREA

    Share page with AddThis
  • Federal Reserve Issues Guidance Regarding Roles of Bank Boards, Requests Comments on New SIFI Rating System

    Agency Rule-Making & Guidance

    Guidance Regarding Roles of Bank Boards.

    On August 3, the Federal Reserve (Fed) took an important step towards easing the heavy regulatory burden placed on the boards of directors at the largest U.S. banking organizations, when it issued for public comment a corporate governance proposal intended to “enhance the effectiveness of boards of directors” and “refocus the Federal Reserve supervisory expectations for the largest firms’ boards of directors on their core responsibilities, which will promote the safety and soundness of the firms.”

    The proposal is a result of a multi-year review conducted by the Fed of practices of boards of directors, particularly at the largest banking institutions. The Fed focused on the challenges boards face, the factors that make boards effective, and the ways in which boards influence the safety and soundness of their firms and promote compliance within. The key takeaways of this review included:

    • supervisory expectations for boards of directors and senior management have become increasingly difficult to distinguish;
    • boards devote a significant amount of time satisfying supervisory expectations that do not directly relate to board’s core responsibilities; and
    • boards of large financial institutions face significant information flow challenges, which can result in boards being overwhelmed by the complexity and quantity of information received. 

    The Fed expects that these issues can be remediated by allowing banks to refocus on their core responsibilities, including: (i) developing the firm’s strategy and risk tolerance; (ii) overseeing senior management and holding them accountable for effective risk management and compliance; (iii) supporting the independence of the firm’s independent risk management and internal audit functions; and (iv) adopting effective governance practices.

    In April, Fed Governor Jerome Powell indicated that the financial crisis led to a “broad increase in supervisory expectations” for these boards of directors, but cautioned that the Fed needs to “ensure that directors are not distracted from conducting their key functions by overly detailed checklist of supervisory process requirements.” Explaining that the Fed was reassessing its supervisory expectations for boards, Powell stated “it is important to acknowledge that the board’s role is one of oversight, not management.”

    The proposed guidance better distinguishes the supervisory expectations for boards from those of senior management, and includes new criteria by which the Fed will assess bank boards. The Fed describes effective boards as those which:

    • set clear, aligned, and consistent direction regarding the firm’s strategy and risk tolerance;
    • actively manage information flow and board discussions;
    • hold senior management accountable;
    • support the independence and stature of independent risk management and internal audit; and
    • maintain a capable board composition and governance structure. 

    The proposal also clarifies expectations regarding internal communications within firms for communicating supervisory findings internally, stating that for all supervised firms, most supervisory findings should be communicated to the firm's senior management for corrective action, rather than to its board of directors. Such findings would only be directed to the board for corrective action when the board needs to address its corporate governance responsibilities or when senior management fails to take appropriate remedial action. 

    While the proposal does not address all of the post-crisis challenges faced by bank boards, it is a welcome message to the industry that the Fed recognized the need to recalibrate their expectations. The proposal also identifies existing supervisory expectations for boards of directors that could be eliminated or revised and notes that the Fed intends to continue assessing whether its expectations of bank boards require further changes.

    New SIFI Rating System.

    On August 3, the Fed also issued for public comment a new risk rating system for Large Financial Institutions (“LFI”s) that would replace the RFI rating system for bank holding companies with total consolidated assets of $50 billion or more; non-insurance, non-commercial savings and loan holding companies with total consolidated assets of $50 billion or more; and U.S. intermediate holding companies of foreign banking organizations established pursuant to the Fed’s Regulation YY. (The Fed will continue to use the same RFI rating system that has been in place since 2004 to evaluate community and regional bank holding companies.) 

    The LFI rating system is designed to evaluate LFIs on whether they possess sufficient financial and operational strength and resilience to maintain safe and sound operations through a range of conditions. The system would consist of three chief components:

    • Governance and Controls
      • board of directors
      • management of core business lines and independent risk management and controls and
      • recovery planning (for domestic bank holding companies subject to LISCC);
    • Capital Planning and Positions; and
    • Liquidity Risk Management and Positions.

    The Governance and Control component would evaluate a LFI’s effectiveness in ensuring that the firm’s strategic business objectives are safely within the firm’s risk tolerance and ability to manage the accordant risk. The component will focus on LFIs’ effectiveness in maintaining strong, effective and independent risk management and control functions, including internal audit and compliance, and providing for ongoing resiliency.

    The second and third components are intended to incorporate LFI supervision activities, including CCAR and CLAR, which will be directly reflected within the respective component ratings–resulting in a more comprehensive supervisory approach than the RFI rating system which did not incorporate the results of those supervisory activities.

    Each LFI would receive a component rating using a multi-level scale (Satisfactory/Satisfactory Watch, Deficient-1 and Deficient-2). “Satisfactory Watch” would indicate that a firm is generally considered safe and sound, however certain issues require timely resolution. Any Deficiency rating would result in that LFI being considered less than “well managed.”

    Agency Rule-Making & Guidance Federal Reserve Bank Regulatory Bank Supervision Federal Register SIFIs LFI Regulation YY

    Share page with AddThis
  • NYDFS Launches New Cybersecurity Portal, Sets Compliance Deadlines

    Privacy, Cyber Risk & Data Security

    On July 31, the New York Department of Financial Services (NYDFS) announced the launch of an online cybersecurity portal for businesses to securely report cybersecurity events as required by the state’s cybersecurity regulation that took effect March 1. (See previous InfoBytes summary here.) The regulation, Cybersecurity Requirements for Financial Services Companies, requires all banks, insurance companies, and other financial services institutions regulated by NYDFS to establish and maintain cybersecurity programs to safeguard consumers’ private data. The cyber portal is designed to facilitate easy reporting of cybersecurity events and will allow regulated entities to file compliance certifications. Starting August 28, 2017, all entities required to comply with NYDFS cybersecurity regulations “must file certain notifications to the [Financial Services] Superintendent including notices of certain cybersecurity events within 72 hours from a determination that a reportable event has occurred.” A cybersecurity event is reportable if it: (i) “impacts the covered entity and notice of it is required to be provided to any government body, self-regulatory agency or any other supervisory body”; or (ii) “has a reasonable likelihood of materially harming any material part of the normal operation(s) of the covered entity.” Additionally, covered entities are required to file a certificate of compliance confirming compliance for the previous calendar year no later than February 15, 2018.

    Privacy/Cyber Risk & Data Security NYDFS State Issues Bank Regulatory Compliance

    Share page with AddThis
  • OCC Releases Spring 2017 Semiannual Risk Report

    Agency Rule-Making & Guidance

    On July 7, the Office of the Comptroller of the Currency (OCC) announced the release of its Semiannual Risk Perspective for Spring 2017 indicating key risk areas for national banks and federal savings associations. Acting Comptroller of the Currency Keith Noreika pointed out in his remarks that, “[w]hile these are risks that the system faces as a whole, we note that the risks differ from bank to bank based on size, region, and business model. Compliance, governance, and operational risk issues remain leading risk issues for large banks while strategic, credit, and compliance risks remain the leading issues for midsize and community banks.”

    The report details the four top risk areas:

    • Elevated strategic risk—banks are expanding into new products and services as a result of fintech competition. According to the report, this competition is increasing potential risks. The OCC hopes to finish developing a special purpose banking charter for fintech companies soon.
    • Increased compliance risk—banks must comply with anti-money laundering rules and the Bank Secrecy Act in addition to addressing increased cybersecurity challenges and new consumer protection laws.
    • Upswing in credit risk—underwriting standards for commercial and retail loans have been relaxed as banks exhibit greater enthusiasm for risk and attempt to maintain loan market share as competition increases.
    • Rise in operational risk—banks face increasingly complex cyber threats while relying on third-party service providers, which may be targets for hackers.

    The report used data for the 12 months ending December 31, 2016.

    Agency Rule-Making & Guidance OCC Risk Management Consumer Finance Payments Consumer Lending Privacy/Cyber Risk & Data Security Anti-Money Laundering Military Lending Act Compliance Bank Regulatory Vendor Management

    Share page with AddThis
  • Senate Banking Committee Seeks Perspectives of Midsized, Regional, and Large Institutions, Regulators on Economic Growth

    Federal Issues

    On June 15, the Senate Committee on Banking, Housing, and Urban Affairs (Committee) held a hearing entitled, “Fostering Economic Growth: Midsized, Regional and Large Institution Perspective”. This is the third in a series of hearings to address economic growth. Frequent topics of discussion in the hearing included stress testing and capital planning—specifically the Federal Reserve’s Comprehensive Capital Analysis and Review stress test. Also discussed was the Systemically Important Financial Institution designation and costs incurred as a result, as well as the Volcker Rule.

    Sen. Mike Crapo (R-Idaho), Chairman of the Committee, remarked in his opening statement that the current regulatory framework is “insufficiently tailored for many of the firms subject to it.”

    Sen. Sherrod Brown (D-Ohio) – ranking member of the Committee—released an opening statement in which he stated “Let me be clear: proposals to weaken oversight of the biggest banks have no place in this committee’s process. . . Having said that, I am optimistic that there is room for agreement on a modified regime for overseeing regional banks.”

    The June 15 hearing—a video of which can be accessed here—included testimony from the following witnesses:

    • Mr. Harris Simmons, Chief Executive Officer and Chairman of Zions Bancorporation, on behalf of the Regional Bank Coalition (prepared statement)
    • Mr. Greg Baer, President of The Clearing House Association (prepared statement)
    • Mr. Robert HillChief Executive Officer of South State Corporation, on behalf of the Midsize Bank Coalition of America (prepared statement)
    • Ms. Saule Omarova, Professor of Law at Cornell University Law School (prepared statement)

    On June 22, the Senate Banking Committee held another hearing entitled “Fostering Economic Growth: Regulator Perspective, the fourth in its series of hearings focusing on economic growth. The hearing is available via webcast here.

    Federal Issues Senate Banking Committee Systemic Risk Bank Regulatory Bank Supervision FDIC OCC NCUA Federal Reserve CCAR Volcker Rule

    Share page with AddThis
  • President Trump Releases 2018 Budget Proposal; Key Areas of Reform Target Financial Regulators, Cybersecurity, and Student Loans

    Federal Issues

    On May 23, the White House released its fiscal 2018 budget request, A New Foundation for American Greatness, along with Major Savings and Reforms, which set forth the President’s funding proposals and priorities. The mission of the President’s budget is to bring spending under control by proposing savings of $57.3 billion in discretionary programs, including $26.7 billion in program eliminations and $30.6 billion in reductions.

    Financial Regulators. The budget stresses the importance of reducing the cost of complying with “burdensome financial regulations” adopted by independent agencies under the Dodd-Frank Act. However, the proposal provides few details about how the reform applies to federal financial services regulators. Identifying the CFPB specifically, the budget states that restructuring the Bureau is necessary in order to “ensure appropriate congressional oversight and to refocus [the] CFPB’s efforts on enforcing the law rather than impeding free commerce.” Major Savings and Reforms assert that subjecting the Bureau to the congressional appropriations process would “impose financial discipline and prevent future overreach of the Agency into consumer advocacy and activism.” The budget projects further savings of $35 billion through the end of 2027, resulting from legal, regulatory, and policy changes to be recommended by the Treasury once it completes its effectiveness review of existing laws and regulations in collaboration with the Financial Stability Oversight Council. The Treasury review is being performed as a result of the Executive Order on Core Principals.

    Dept. of Housing and Urban Development. As previously reported in InfoBytes, the budget proposes that funding be eliminated for the following: (i) small grant programs such as the Self-Help Homeownership Opportunity Program, which includes, among others, the Capacity Building for Community Development and Affordable Housing Program (a savings of $56 million); (ii) the CHOICE Neighborhoods program (a savings of $125 million), stating state and local governments should fund strategies for neighborhood revitalization; (iii) the Community Development Block Grant (a savings of $2.9 billion), over claims that it “has not demonstrated results”; and (iv) the HOME Investment Partnerships Programs (a savings of $948 million). The budget also proposes reductions to the Native American Housing Block Grant and plans to reduce costs across HUD’s rental assistance programs through legislative reforms. Rental assistance programs generally comprise about 80 percent of HUD’s total funding.

    Cybersecurity. The budget states that it “supports the President’s focus on cybersecurity to ensure strong programs and technology to defend the Federal networks that serve the American people, and continues efforts to share information, standards, and best practices with critical infrastructure and American businesses to keep them secure.” Law enforcement and cybersecurity personnel across the Department of Homeland Security (DHS), Department of Defense, and the FBI will see budget increases to execute efforts to counter cybercrime. Furthermore, the National Cybersecurity and Communications Integration Center—which DHS uses to respond to infrastructure cyberattacks—will receive an increase under the budget.

    Student Loan Reform. Under the proposed budget, a single income driven repayment plan (IDR) would be created that caps monthly payments at 12.5 percent of discretionary income—an increase from the 10 percent cap some current payment plans offer. Furthermore, balances would be forgiven after a specific number of repayment years—15 for undergraduate debt, 30 for graduate. In doing so, the Public Service Loan Forgiveness program and subsidized loans will be eliminated, and reforms will be established to “guarantee that borrowers in IDR pay an equitable share of their income.” These proposals will only apply to loans originated on or after July 1, 2018, with the exception of loans provided to borrowers in order to finish their “current course of study.”

    Dept. of the Treasury. The budget proposes to, among other things: (i) eliminate funding for new Community Development Financial Institutions Fund grants (a savings of $220 million); and (ii) reduce funding for the Troubled Asset Relief Program by 50 percent, “commensurate with the wind-down of TARP programs” (a savings of $21 million).

    Response from Treasury. In a statement released by the Treasury, Secretary Steven T. Mnuchin said the budget “prioritizes investments in cybersecurity, and maintains critical funding to implement sanctions, combat terrorist financing, and protect financial institutions from threats.” Furthermore, it also would “achieve savings through reforms that prevent taxpayer bailouts and reverse burdensome regulations that have been harmful to small businesses and American workers.”

    Federal Issues Department of Treasury HUD Budget Privacy/Cyber Risk & Data Security Student Lending Bank Regulatory FSOC Trump

    Share page with AddThis

Pages