Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On November 9, the CFPB issued its semi-annual report to Congress, covering the Bureau’s work from October 1, 2017 to March 30, 2018. The report, which is required by the Dodd-Frank Act, addresses, among other things, problems faced by consumers with regard to consumer financial products or services; significant rules and orders adopted by the Bureau; and various supervisory and enforcement actions taken during the majority of acting Director Mick Mulvaney’s tenure. Specifically, the report includes (i) a summary of five “significant” state Attorney General actions pursuant to Section 1042 of the Dodd-Frank Act, which allows states to enforce the federal law; (ii) a review of the Bureau’s fair lending efforts, noting that it “conducted fewer fair lending supervisory events. . .than in the prior period,” but “cleared a substantially higher number of MRAs or MOU items from past supervisory events than in the prior period”; (iii) a discussion of non-prime and secured credit cards marketed to consumers; and (iv) a list of upcoming initiatives, which includes requests for information regarding, among other things, the Bureau’s consumer complaint and consumer inquiry handling processes, the Bureau’s inherited regulations and inherited rulemaking authorities, the Bureau’s adopted regulations and new rulemaking authorities, Bureau rulemaking processes, Bureau public reporting practices of consumer complaint information, Bureau external engagements, the Bureau’s supervision program, and the Bureau’s enforcement processes.
Notably, the report also discusses the budget for FY 2018, acknowledging the unusual January 2018 request for zero dollars in funding for the Bureau’s quarterly operations (previously covered by InfoBytes here). As for FY 2019, Mulvaney most recently requested nearly $173 million for Q1, which is still significantly below former Bureau Director Richard Cordray’s FY 2017 Q1 request of $217 million.
On November 2, the Federal Reserve Board (Board) finalized a new supervisory rating system for large financial institutions that is aligned to the core areas supporting qualifying institutions’ safety and soundness and is effective February 1, 2019. Supervisors will use the new rating system to assign confidential ratings for “all domestic bank holding companies and non-insurance, non-commercial savings and loan holding companies with $100 billion or more in total consolidated assets”—an increase from the $50 billion threshold proposed originally. The Board stated that the new rating system “will also apply to U.S. intermediate holding companies of foreign banking organizations with $50 billion or more in total consolidated assets.” The new rating system is designed to (i) better align with current Board supervisory programs and practices; (ii) “[e]nhance the clarity and consistency of supervisory assessments and communications of supervisory findings and implications”; and (iii) “provide transparency related to the supervisory consequences of a given rating.”
According to the Board, supervisors will continue to apply the existing rating system to bank holding companies with less than $100 billion in total consolidated assets, as well as to non-insurance, non-commercial savings and loan holding companies who do not meet the $100 billion total consolidated asset minimum threshold.
On October 29, the Financial Industry Regulatory Authority (FINRA) entered into a Letter of Acceptance, Waiver, and Consent (AWC), fining a broker-dealer $2.75 million for identified deficiencies in its anti-money laundering (AML) program. According to FINRA, design flaws in the firm’s AML program allegedly resulted in the firm’s failure to properly investigate (i) certain third-party attempts to gain unauthorized access to its electronic systems, and (ii) other potential illegal activity, which should have led to the filing of Suspicious Activity Reports (SARs). FINRA notes that this failure primarily stemmed from the firm's use of an inaccurate “fraud case chart,” which provided guidance to employees about investigating and reporting requirements related to suspicious activity where third parties use “electronic means to attempt to compromise a customer's email or brokerage account.” Consequently, FINRA alleges that the firm failed to file more than 400 SARs and did not investigate certain cyber-related events. Among other things, FINRA also asserts that the firm failed to file or amend forms U4 or U5, which are used to report certain customer complaints, due to an overly restrictive interpretation of a requirement that complaints contain a claim for compensatory damages exceeding $5,000.
The firm neither admitted nor denied the findings set forth in the AWC agreement, but agreed to address identified deficiencies in its programs.
On October 22, the Federal Reserve Board (Board) entered into a written agreement with an Oklahoma state chartered bank, which outlines a compliance proposal to “maintain the financial soundness” of the bank. The agreement requires the bank to submit, within 60 days, written plans to improve various aspects of the bank’s functions including, but not limited to, (i) internal controls; (ii) credit risk management; (iii) liquidity and funds management; (iv) interest rate risk management; (v) information technology/cybersecurity; and (vi) BSA/AML compliance. The agreement also prevents the bank from extending, renewing, or restructuring any credit for any borrower whose loans or other extensions of credit were part of the Board’s examination critiques, without prior approval from the board of directors, who are required to document the reasons for the credit extension and certify its compliance with the terms of the agreement.
On October 23, a bipartisan coalition of 33 state Attorneys General sent a letter to acting Director of the CFPB, Mick Mulvaney, expressing concern over reports that the Bureau is no longer supervising financial institutions for compliance with the Military Lending Act (MLA). The Attorneys General wrote that the Bureau would be “failing to abide by its statutorily mandated duty to enforce the MLA” by interpreting its authority to preclude the examination of lenders for compliance with the act. Specifically, the Attorneys General point to recent amendments to the MLA providing that the statute “shall be enforced” by the Bureau (among other agencies) “under any . . . applicable authorities available to the [Bureau].” This includes the authority to examine lenders “to ‘detect and assess risks to consumers.” According to the Attorneys General, the origination of non-MLA compliant loans to servicemembers constitutes such a risk.
On September 25, the CFPB issued Bulletin 2018-01, which announces changes to how it communicates supervisory expectations to institutions. According to the bulletin, effective immediately, examination reports and supervisory letters will include two categories of findings that convey supervisory expectations: (i) Matters Requiring Attention (MRAs); and (ii) Supervisory Recommendations (SRs). MRAs will continue to be used to outline specific goals for institutions to accomplish in order to correct violations of law, remediate harmed consumers, and address compliance management system (CMS) weaknesses, and will include timeframes for companies to report on its efforts to address MRAs and timeframes for implementation. SRs will be used when the Bureau has not identified violations of law but noted weaknesses in CMS and will contain recommended actions to address weaknesses. The bulletin notes that neither MRAs nor SRs are legally enforceable, but emphasizes the Bureau will consider an institution’s response in addressing the noted concerns when assessing a compliance rating, prioritizing future supervisory work, or assessing the need for an enforcement action.
On September 26, the OCC issued Bulletin 2018-31, which updates the “Truth in Lending Act” (TILA) booklet of the Comptroller’s Handbook, which previously was issued in December 2014. The booklet provides guidance for OCC examiners to be used in connection with the examination and supervision of national banks and federal savings associations, which offer or extend consumer credit products covered by TILA. The updates reflect changes made to Regulation Z, TILA’s implementing regulations, since the booklet’s previous release, and includes procedures implementing the CFPB’s TILA-RESPA integrated disclosure rule (TRID). Additional updates include, among other things, (i) special provisions on certain construction loans; (ii) special provisions relating to small creditors and rural or underserved areas; (iii) changes regarding appraisals for higher-priced mortgage loan exemptions; (iv) updates to mortgage origination examination procedures; and (v) updates to mortgage servicing rules and the small creditor definition.
With the issuance of the new booklet, the OCC rescinds (i) OCC Bulletin 2014-61, “Truth in Lending Act: Revised Comptroller’s Handbook Booklet and Rescissions”; (ii) The TILA sections of OCC Bulletin 2015-27, “Revised Interagency Examination Procedures for Consumer Compliance”; and (iii) OCC Bulletin 2015-42, “Initial Examinations for Compliance With TILA-RESPA Integrated Disclosure Rule.”
On September 13, Securities and Exchange Commission (Commission) Chairman, Jay Clayton, issued a statement confirming that staff communications, in the form of written statements, compliance guides, letters, speeches, responses to frequently asked questions, and responses to specific requests for assistance, are “nonbinding and create no enforceable legal rights or obligations of the Commission or other parties.” Clayton’s statement echoes a similar position taken in a joint statement by five federal agencies regarding supervisory guidance, released two days earlier (previously covered by InfoBytes here). Clayton emphasized that only Commission adopted rules and regulations have the force and effect of law and encouraged public engagement on staff statements in order to assist the Commission in developing future rules and regulations.
On September 12, the OCC issued Bulletin 2018-28, which updates the “Deposit-Related Credit” booklet of the Comptroller’s Handbook previously issued March 2015. The booklet provides guidance for OCC examiners to be used in connection with the examination and supervision of national banks and federal savings associations who offer small-dollar, unsecured deposit-related credit products and services, such as check credit, overdraft protection, and deposit advance products. The booklet also includes, among other things, (i) updated guidance following the rescission of OCC Bulletin 2013-40, “Deposit Advance Products: Final Supervisory Guidance,” (previously covered by InfoBytes here) and the issuance of OCC Bulletin 2018-14, “Installment Lending: Core Lending Principles for Short-Term, Small-Dollar Installment Lending” (previously covered by InfoBytes here); (ii) information concerning limitations and requirements for consumer credit products extended to active-duty servicemembers covered by the Military Lending Act; (iii) integrated citations to third-party risk management guidance and procedures; (iv) information pertaining to new products and services, including sound due diligence practices; and (v) prohibitions against unfair, deceptive, or abusive acts or practices under Dodd-Frank.
On September 11, five federal agencies (the Federal Reserve Board, CFPB, FDIC, NCUA, and OCC) issued a joint statement confirming that supervisory guidance “does not have the force and effect of law, and [that] the agencies do not take enforcement actions based on supervisory guidance.” The statement distinguishes the various types of supervisory guidance—interagency statements, advisories, bulletins, policy statements, questions and answers, and frequently asked questions—from laws or regulations and emphasizes that the intention of supervisory guidance is to outline agencies’ expectations or priorities. The statement highlights five policies and practices related to supervisory guidance: (i) limit the use of numerical thresholds or other “bright-line” requirements; (ii) examiners will not cite to “violations” of supervisory guidance; (iii) request for public comment does not mean the guidance has the force and effect of law; (iv) limit multiple issuances of guidance on the same topic; and (v) continue to emphasize the role of supervisory guidance to examiners and to supervised institutions.
- Andrea K. Mitchell to discuss "Developments in fair lending law" at the Mortgage Bankers Association Summit on Diversity and Inclusion
- David S. Krakoff to discuss "The DOJ corporate enforcement policy and your disclosure calculus one year in: Are companies benefitting?" at the American Conference Institute International Conference on the Foreign Corrupt Practices Act
- Moorari K. Shah to discuss "Legal & regulatory issues" at the Opal Group Marketplace Lending & Alternative Financing Summit
- Moorari K. Shah to discuss "Fraud prevention, data security, and verification: How to manage fraud in an online marketplace with universally compromised data" at the Opal Group Marketplace Lending & Alternative Financing Summit
- Jonice Gray Tucker to discuss "Hot topics in consumer financial services" at the Practising Law Institute Banking Law Institute
- Daniel P. Stipano to discuss "New CDD Rule: Pitfalls in compliance" at the American Bankers Association/American Bar Association Financial Crimes Enforcement Conference
- Daniel P. Stipano to discuss "Anti-money laundering/OFAC compliance" at the Institute of International Bankers U.S. Regulatory/Compliance Orientation Program