Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On November 29, the Senate Committee on Banking, Housing, and Urban Affairs held a hearing entitled “Combating Money Laundering and Other Forms of Illicit Finance: Regulator and Law Enforcement Perspectives on Reform” to discuss efforts to improve the Bank Secrecy Act/anti-money laundering (BSA/AML) regulatory, supervisory, and enforcement regime. Committee Chairman Mike Crapro, R-Idaho, opened the hearing by emphasizing the need for a continued dialogue on modernizing the BSA/AML regime to “encourage the innovation necessary to combat illicit financing while also encouraging regulators to focus on more tangible threats, and law enforcement to increase interagency cooperation and improve information sharing throughout the process.”
Among other things, Financial Crimes Enforcement Network (FinCEN) Director Kenneth A. Blanco highlighted the following three key priorities as part of FinCEN’s “multi-prong approach” to the regulatory reform process: (i) examining and understanding the value and effectiveness of the BSA through data-driven analysis in conjunction with both considering changes to enhance efficiency (such as evaluating suspicious activity and currency transaction reporting requirements) and engaging with regulators through, for example, monthly meetings with the FFIEC’s Anti-Money Laundering Working Group; (ii) “promot[ing] responsible innovation and creative solutions to combat money laundering and terrorist financing” by exploring ways to collaborate with financial institutions to improve AML/countering the financing of terrorism compliance, fostering innovation, and leveraging technology while also minimizing vulnerabilities; and (iii) “[e]nhancing public-private partnerships that reveal and mitigate vulnerabilities” and sharing information with the private sector to help identify suspicious activity.
OCC Compliance and Community Affairs Senior Deputy Comptroller Grovetta N. Gardineer discussed the agency’s efforts to enhance the efficiency of its current supervisory practices, and commented on how new technologies such as artificial intelligence and machine learning provide opportunities for banks to cut costs and identify suspicious activity. Gardineer also highlighted the OCC’s Money Laundering Risk System, which allows for the identification of potentially higher-risk community bank areas by “identifying the products and services offered by these institutions, as well as the customers and geographies they serve.” In addition, Gardineer offered recommendations for BSA amendments to improve supervisory efforts, such as (i) requiring a periodic review of BSA/AML regulations to identify those that may be outdated or burdensome; (ii) amending BSA safe harbor rules to clarify that a financial institution can file a suspicious activity report without being exposed to civil liability; and (iii) expanding safe harbor to permit information sharing beyond money laundering and terrorism financing between financial institutions without incurring liability. Moreover, Gardineer stated that FinCEN’s notice requirement with respect to information-sharing under section 314(b) of the USA Patriot Act should be eliminated or modified in order to enhance institutions’ ability to share information.
FBI Criminal Investigative Division Section Chief Steven M. D'Antuono also discussed, among other things, the Treasury Department’s recent Customer Due Diligence Final Rule (see previous InfoBytes coverage here), and stated that the Rule is “a step toward a system that makes it difficult for sophisticated criminals to circumvent the law through use of opaque corporate structures.”
On August 23, the Senate Banking Committee approved, in a 13-12 party-line vote, Kathy Kraninger to be the next Director of the CFPB, which carries a five-year term. Kraninger’s nomination next moves to the full Senate. Acting Director, Mick Mulvaney, will remain in his position for the foreseeable future, as the Federal Vacancies Reform Act allows him to continue in his acting capacity until the full Senate confirms or denies Kraninger’s nomination.
In July, Kraninger testified before the Senate Banking Committee where she fielded questions covering a range of topics, including whether she would appeal a June ruling by a federal judge in New York asserting that the CFPB’s structure was unconstitutional. While Kraninger did not provide a substantive answer to that question, she did comment that, “Congress, through [the] Dodd-Frank Act, gave the Bureau incredible powers and incredible independence from both the president and the Congress in its structure. . . . My focus is on running the agency as Congress established it, but certainly working with members of Congress. I’m very open to changes in that structure that will make the agency more accountable and more transparent.” See more detailed InfoBytes coverage on Kraninger’s July nomination hearing here.
CFPB Succession: Kraninger testifies before Senate Banking Committee; Bureau nominates Paul Watkins to lead Office of Innovation
On July 19, the Senate Banking Committee held a confirmation hearing for Kathy Kraninger on her nomination as permanent director of the CFPB. Prior to the hearing, the White House issued a fact sheet asserting that “Kraninger has the management skills and policy background necessary to reform and refocus the Bureau.” In her written testimony Kraninger shared four initial priorities: (i) the Bureau should be fair and transparent, utilize a cost benefit analysis to facilitate competition, and effectively use notice and comment rulemaking to ensure the proper balance of interests; (ii) the Bureau should work closely with other regulators and states to “take aggressive action against bad actors who break the rules by engaging in fraud and other illegal activities”; (iii) data collection will be limited to what is needed and required under the law and measures will be taken to ensure the protection of the data; and (iv) the Bureau will be held accountable to the public for its actions, including its expenditure of resources.
Chairman of the Committee Senator Mike Crapo, R-Idaho, remarked in his opening statement that he hoped Kraninger “will be more accountable to senators on this Committee than Director Cordray was” but that he had “the utmost confidence that she is well-prepared to lead the Bureau in enforcing federal consumer financial laws and protecting consumers in the financial marketplace.” Conversely, Senator Elizabeth Warren, D-Mass., released a staff report prior to the hearing detailing Kraninger’s tenure at OMB and identifying her participation in several alleged management failures in the current administration.
During the hearing, Kraninger received questions covering a range of topics, including whether she would appeal last month’s ruling by a federal judge in New York that the CFPB’s structure was unconstitutional. (See previous InfoBytes coverage on the ruling here.) Kraninger responded that constitutionality questions are “not for me in this position to answer.” However, Kraninger did comment that “Congress, through [the] Dodd-Frank Act, gave the Bureau incredible powers and incredible independence from both the president and the Congress in its structure. . . . My focus is on running the agency as Congress established it, but certainly working with members of Congress. I’m very open to changes in that structure that will make the agency more accountable and more transparent.” Kraninger also commended recent efforts by the OCC to encourage banks to make small-dollar loans, discussed plans to consult Bureau staff on the use of the disparate impact theory in enforcement, and stated she will seek to promote the agency’s regulatory views through formal rulemaking instead of through enforcement.
On July 18, acting Director of the CFPB Mick Mulvaney announced the selection of Paul Watkins to lead the Bureau’s new Office of Innovation. The Office of Innovation—a recent addition to the Bureau—will focus on policies for facilitating innovation, engage with entrepreneurs and regulators, and review outdated or unnecessary regulations. Specifically, the Office of Innovation will replace what was previously known as Project Catalyst, which was—as previously discussed in InfoBytes—responsible for facilitating innovation in consumer financial services. Prior to joining the Bureau, Watkins worked for the Arizona Attorney General and helped launch the first state regulatory sandbox for fintech innovation. (See previous InfoBytes coverage on Arizona’s regulatory sandbox here.) Earlier in May, Mulvaney announced at a luncheon hosted by the Women in Housing & Finance that the Bureau is working to build its own regulatory sandbox program, and last year the agency took steps to make it easier for emerging technology companies to comply with federal rules by issuing its first “no action letter.”
Federal Reserve chair delivers semi-annual congressional testimony, discusses U.S. financial conditions and regulatory relief act
On July 17, Federal Reserve Chair Jerome Powell testified before the Senate Banking Committee and spoke the next day before the House Financial Services Committee. In his semi-annual congressional testimony, Powell presented the Federal Reserve’s Monetary Policy Report, and discussed the current economic situation, job market, inflation levels, and the federal funds rate. Powell stressed, among other things, that interest rates and financial conditions remain favorable to growth and that the financial system remains in a good position to meet household and business credit needs. Chairman of the Committee, Senator Mike Crapo, R-Idaho, remarked in his opening statement that, while recent economic developments are encouraging, an effort should be made to focus on reviewing, improving, and tailoring regulations to be consistent with the recently passed Economic Growth, Regulatory Relief, and Consumer Protection Act S.2155/P.L. 115-174 (the Act). During the hearing, Powell confirmed that the Fed plans to implement provisions of the Act as soon as possible. (See previous InfoBytes coverage here.) When questioned by Senator Sherrod Brown, D-Ohio, about the direction the Fed plans to take to address stress test concerns, Powell responded that the Fed is committed to using stress tests, particularly for the largest, most systemically important institutions, and that going forward, the Fed wants to strengthen the tests and make the process more transparent. Powell also indicated the Fed intends to “publish for public comment the range of factors [the Fed] can consider” when applying prudential standards. Powell also stated that he believes government-sponsored-enterprise reform would help the economy in the long term.
When giving testimony to the House Financial Services Committee, Powell also commented that cryptocurrency does not currently impair the Fed’s work on monetary policy and that the Fed will not seek jurisdiction over cryptocurrency and instead will defer to the SEC’s oversight as well as Treasury’s lead to identify the right regulatory structure.
On July 12, the Senate Committee on Banking, Housing, and Urban Affairs held a hearing entitled “An Overview of the Credit Bureaus and the Fair Credit Reporting Act” to discuss the scope and enforcement of the Fair Credit Reporting Act (FCRA), the measures undertaken by the CFPB and the FTC to oversee credit bureau data security and accurate credit reporting, and other laws and regulations as they pertain to credit bureaus. Committee Chairman Mike Crapo, R-Idaho, opened the hearing by discussing the need to understand the “current state of data security, data accuracy, data breach policy” given consumers’ increased reliance on technology and recent cybersecurity incidents.
Associate Director for the Division of Privacy and Identity Protection at the FTC, Maneesha Mithal, discussed in prepared remarks the FTC’s role in implementing, enforcing, and interpreting the FCRA, as we all as the importance of educating consumers and businesses about FCRA requirements. According to Mithal, the FCRA continues to be a “top priority” for the FTC as the consumer reporting system evolves and new technologies emerge. Mithal discussed consumer reporting agency (CRA) FCRA compliance requirements concerning, among other things, dispute resolution processes, furnisher obligations, and credit reporting accuracy. Specifically, Mithal commented on the FTC’s more than 30 FCRA enforcement actions, in addition to the more than 60 law enforcement actions taken against companies for allegedly failing to implement reasonable data security practices. Mithal also touched upon the FTC’s business guidance and consumer education efforts concerning FCRA rights and obligations.
Assistant Director for Supervision Policy at the Bureau, Peggy Twohig, similarly discussed the Bureau’s authority over CRAs and furnishers with respect to the agency’s supervisory and enforcement authority, and noted, among other things, that while the agency possesses broad authority to promulgate rules as required to enforce the FCRA, it lacks rulemaking authority under certain sections of the FCRA related to red flags and the disposal of records, which fall under the FTC’s purview. Twohig further commented on the Bureau’s efforts to educate consumers on a variety of topics, including data breaches, credit freezes, and credit and identity monitoring.
On April 16, the FDIC’s Office of Inspector General (OIG) released its Special Inquiry Report—“The FDIC’s Response, Reporting, and Interactions with Congress Concerning Information Security Incidents and Breaches”—which contains findings from an examination of the FDIC’s practices and policies related to data security, incident response and reporting, and Congressional interactions. The Special Inquiry Report is the culmination of a request made by the former Chairman of the Senate Committee on Banking, Housing, and Urban Affairs in 2016, and focuses on the circumstances surrounding eight information security incidents that occurred in 2015 and 2016—seven of which involved personally identifiable information and constituted data breaches. An eighth incident involved the removal of “highly sensitive components of resolution plans submitted by certain large systemically important financial institutions without authorization” by a departing FDIC employee.
According to the report, the OIG asserts that, among other things, the FDIC failed to (i) put in place a “comprehensive incident response program and plan” to handle security incidents and breaches; (ii) clearly document risk assessments and decisions associated with data incidents; (iii) fully consider the range of impacts on bank customers whose information was compromised; (iv) promptly notify consumers when an incident occurred and did not adequately consider notifications as a separate decision from whether it would provide credit monitoring services; (v) for at least one incident, failed to convey the seriousness of the breach; and (vi) provide timely, accurate, and complete responses to Congressional requests to gather information about how the agency was handling the incidents.
As a result of these findings, the OIG presented recommendations and timeframes for the FDIC to “address the systemic issues.” Recommendations include: (i) clearly defining roles and responsibilities within the FDIC Breach Response Plan, and establishing procedures “consistent with legal, regulatory, and/or operational requirements for records management”; (ii) establishing a separation between consumer breach notifications and the offer of credit monitoring services; (iii) adhering to established timeframes for reporting incidents to FinCEN when suspicious activity report information has been compromised; (iv) conducting an annual review of the Breach Response Plan to confirm that that the guidance has been consistently followed during the preceding year; (v) developing guidance and training to ensure that employees and contractors are fully aware of the legal consequences of removing any sensitive information from FDIC premises before they depart; (vi) ensuring that FDIC policies, procedures, and practices result in complete, accurate statements and representations to Congress, and updating and correcting prior statements and representations as necessary; (vii) clarifying “legal hold policies and processes”; and (viii) specifying that the Office of Legislative Affairs is responsible for “providing timely responses to Congressional requests and communicating with Congressional staff regarding those requests.”
The FDIC concurred with the recommendations and has completed corrective actions for two, with plans to address the remaining recommendations between June and December of this year. The FDIC has also agreed to keep the OIG informed of the progress made to address the identified performance issues.
CFPB Succession: Mulvaney pleads for Congress to restructure the CFPB; oral arguments held in English litigation
On April 11 and 12, acting Director of the CFPB, Mick Mulvaney, testified before the House Financial Services Committee and the Senate Banking Committee regarding the Bureau’s semi-annual report to Congress. (Previously covered by InfoBytes here). Mulvaney’s prepared testimony, which was submitted to both committees, covers the salient points of the semi-annual report but also includes the same request to Congress that he made in the report: change the law “in order to establish meaningful accountability for the Bureau.” This request, which includes four specific changes (such as, subjecting the Bureau to the Congressional appropriations process and creating an independent Inspector General for the Bureau), was the focus of many of Mulvaney’s responses to questions posed by members of each committee. Specifically, during the House Financial Services hearing, Mulvaney encouraged the members of the committee to include the CFPB restructure in negotiations with the Senate regarding the bipartisan regulatory reform bill, S.2155, which passed the Senate last month. (Previously covered by InfoBytes here).
Mulvaney also fielded many questions regarding the Bureau’s announcement that it plans to reconsider the final rule addressing payday loans, vehicle title loans, and certain other extensions of credit (Rule); however, his responses gave little indication of what the Bureau’s specific plans for the Rule are. As previously covered by InfoBytes, resolutions have been introduced in the House and the Senate to overturn the rule under the Congressional Review Act. Additionally, on April 9, two payday loan trade groups filed a lawsuit in the U.S. District Court for the Western District of Texas asking the court to set aside the Rule because, among other reasons, the CFPB is unconstitutional and the Bureau’s rulemaking failed to comply with the Administrative Procedure Act. The complaint alleges that the Rule is “outside the Bureau's constitutional and statutory authority, as well as unnecessary, arbitrary, capricious, overreaching, procedurally improper and substantially harmful to lenders and borrowers alike.” The complaint also argues that the rule is a product of an agency that violates the Constitution’s separation of powers due to the Bureau’s structure of a single director who may only be removed by the president “for cause.” A similar argument in CFPB v. PHH Corporation was recently rejected by the U.S. Court of Appeals for the D.C. Circuit (covered by a Buckley Sandler Special Alert).
Additionally, on April 12, the U.S. Court of Appeals for the D.C. Circuit heard oral arguments in English v. Trump. In this suit, Leandra English, the current deputy director of the CFPB, challenges Mulvaney’s appointment as acting director. Unlike previous arguments, which focused on the president’s authority to appoint Mulvaney under the Federal Vacancies Reform Act (FVRA), the court spent considerable time discussing Mulvaney’s concurrent role as head of the Office of Management and Budget (OMB), and whether that dual role is inconsistent with the independent structure of the Bureau, as established by the Dodd-Frank Act.
On February 6, the Senate Committee on Banking, Housing, and Urban Affairs held a hearing entitled, “Virtual Currencies: The Oversight Role of the U.S. Securities and Exchange Commission and the U.S. Commodity Futures Trading Commission” to discuss the need for unified measures to close regulatory gaps in the cryptocurrency space. Committee Chairman Mike Crapo, R-Idaho, opened the hearing by briefly discussing the rise in interest in virtual currencies among Americans, as well as investor education and enforcement efforts undertaken by the SEC and the CFTC. Crapo commented that he was interested in learning how regulators plan to safeguard investors. Sen. Sherrod Brown (D-Ohio), ranking member of the Committee, spoke about the importance of pursuing “the unique enforcement of regulatory demands posed by virtual currencies.”
SEC Chairman Jay Clayton commented in prepared remarks that the SEC does not want to “undermine the fostering of innovation through our capital markets,” but cautioned that there are significant risks for investors when they participate in an entity’s initial coin offering (a method used to raise capital through decentralized autonomous organizations or other forms of distributed ledgers or blockchain technology) or buy and sell cryptocurrency with firms that are not compliant with securities laws. Speaking before the Committee, Clayton stated that the SEC has some oversight power in this space but supported collaborating with Congress and states on new regulations for cryptocurrency firms. “We should all come together, the federal banking regulators, CFTC, the SEC—there are states involved as well—and have a coordinated plan for dealing with the virtual currency trading market,” Clayton stressed.
In prepared remarks, CFTC Chairman Chris Giancarlo discussed different approaches to regulating distributed ledger technologies and virtual currencies. “‘Do no harm’ was unquestionably the right approach to development of the internet. Similarly, I believe that ‘do no harm’ is the right overarching approach for distributed ledger technology,” Giancarlo said. “Virtual currencies, however, likely require more attentive regulatory oversight in key areas, especially to the extent that retail investors are attracted to this space.”
Giancarlo referenced a joint op-ed in which the two chairmen discussed whether the “historic approach to the regulation of currency transactions is appropriate for the cryptocurrency markets,” and offered support for “policy efforts to revisit these frameworks and ensure they are effective and efficient for the digital era.” The chairmen also agreed that the lack of a clear definition for what cryptocurrencies are has contributed to regulatory challenges, but stressed that their agencies would continue to bring enforcement actions against fraudsters. Both the SEC and CFTC have joined a virtual currency working group formed by the Treasury Department—which also includes the Federal Reserve and the Financial Crimes Enforcement Network—to discuss cryptocurrency jurisdiction among the agencies and understand where the gaps exist.
See here for additional InfoBytes coverage on initial coin offerings and virtual currency.
On January 18, by a vote of 243-184, the House passed H.R. 2954, to amend HMDA to exempt low-volume mortgage lenders from certain disclosure requirements. If enacted, the bill would exempt depository institutions from maintenance of records and disclosure requirements if, (i) for closed-end mortgage loans, “the depository institution originated less than 500 closed-end mortgage loans in each of the 2 preceding calendar years”; and (ii) for open-end lines of credit, “the depository institution originated less than 500 open-end lines of credit in each of the 2 preceding calendar years.” On January 19, the bill was received in the Senate and referred to the Committee on Banking, Housing, and Urban Affairs.
On January 17, the Senate Committee on Banking, Housing, and Urban Affairs held a second hearing with witnesses from the Treasury and Justice departments to further address the need to modernize and reform the Bank Secrecy Act and anti-money laundering (BSA/AML) regime. The hearing, entitled “Combating Money Laundering and Other Forms of Illicit Finance: Administration Perspectives on Reforming and Strengthening BSA Enforcement,” follows a January 9 hearing before the same Committee on related issues (see previous InfoBytes coverage here). Committee Chairman Mike Crapo, R-Idaho, opened the hearing by stating the need to understand the government’s position on “strengthening enforcement and protecting the integrity of the U.S. financial system in a new technological era,” while also recognizing the challenges technology creates for law enforcement. A primary topic of interest to the Committee was “the rise of cryptocurrencies and their potential to facilitate sanctions evasion and perhaps, other crimes.”
The first witness, Treasury’s undersecretary for terrorism and financial crimes, Sigal Mandelker (testimony), noted that money laundering related to cryptocurrencies is “an area of high focus” for Treasury, and highlighted actions taken by Treasury’s Financial Crimes Enforcement Network (FinCEN), such as the release of guidance announcing that “virtual currency exchangers and administrators” are subject to regulations under the BSA. Regulated entities, Mandelker stated, are required to file suspicious activity reports (SARs) and are subject to FinCEN and IRS examinations and enforcement actions. Mandelker further commented that Treasury is “aggressively tackling” illicit financing entering the U.S. system and elsewhere, and stressed that other countries face consequences if they fail to have an AML/Combating the Financing of Terrorism regime that meets Treasury standards.
The second witness, DOJ acting deputy assistant attorney general M. Kendall Day (testimony), informed the Committee of the recent hiring of a digital currency counsel who is responsible for ensuring prosecutors are up-to-date on the latest money-laundering threats in the digital currency field. Day also commented on recent DOJ prosecutions in this space, and emphasized the need for enhanced information sharing for law enforcement, including the benefit of deriving information from SARs.
- Jonice Gray Tucker to discuss "Trends in regulatory enforcement" at the American Bar Association Banking Law Committee Meeting
- Jessica L. Pollet to discuss "Your career is impacting your life..." at the Ark Group Women Legal Conference
- Jon David D. Langlois to discuss "Successors in interest updates" at the Mortgage Bankers Association National Mortgage Servicing Conference & Expo
- Brandy A. Hood to discuss "Keeping your head above water in flood insurance compliance" at the Mortgage Bankers Association National Mortgage Servicing Conference & Expo