Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations
Section Content

Upcoming Events

Filter

Subscribe to our InfoBytes Blog weekly newsletter for news affecting the financial services industry.

  • FINRA releases 2018 Regulatory and Examinations Priorities Letter

    Securities

    On January 8, the Financial Industry Regulatory Authority (FINRA) published its Annual Regulatory and Examination Priorities Letter (2018 Letter), which focused on several broad issues within the securities industry, including improving the examination program to “implement a risk-based framework designed to better align examination resources to the risk profile of [] member firms.” As previously covered in InfoBytes, last July FINRA360 (a comprehensive self-evaluation and organizational improvement initiative) prompted the organization to announce plans currently underway to enhance operations by consolidating its existing enforcement teams into a single unit. In the 2018 Letter, FINRA announced ongoing efforts to work with member firms to understand the risks and benefits of fintech innovation such as blockchain technology, as well as the impact initial coin offerings (ICOs) and digital currencies have on broker-dealers.

    Additional areas of regulatory and examination focus for FINRA in 2018 will include: (i) fraudulent activities and suspicious activity report filing requirements; (ii) business continuity planning; (iii) protection and verification of customer assets, including whether firms have implemented adequate controls and supervision methods along with measuring the effectiveness of cybersecurity programs; (iv) anti-money laundering monitoring and surveillance resources and policies and procedures; and (v) the role firms and other registered representatives play when effecting transactions in cryptocurrencies and ICOs—specifically with regard to the supervisory, compliance and operational infrastructure firms implement to “ensure compliance with relevant federal securities laws and regulations and FINRA rules.”

    Securities Fintech FINRA Examination Fraud Privacy/Cyber Risk & Data Security Anti-Money Laundering Initial Coin Offerings Virtual Currency SARs Blockchain Financial Crimes

    Share page with AddThis
  • FDIC’s OIG Issues Evaluation of Agency’s Implementation of ATR/QM and Loan Originator Rules

    Federal Issues

    On December 6, the FDIC’s Office of Inspector General (OIG) released an evaluation report to examine how the agency implements certain consumer protection rules concerning consumers’ ability to repay mortgage loans and limits for loan originator compensation. The OIG report, FDIC’s Implementation of Consumer Protection Rules Regarding Ability to Repay Mortgages and Compensation for Loan Originators (EVAL-18-001), focused on the FDIC’s Division of Depositor and Consumer Protection (DCP), which is responsible for implementing the Ability to Repay/Qualified Mortgage (ATR/QM) and Loan Originator rules and tracking violations of the rules. The report found that the DCP “incorporated these rules into its examination program, trained its examiners, and communicated regulatory changes to FDIC-supervised institutions.” However, based on a sample of 12 examinations, the OIG also determined that examination workpapers generally needed improvement, finding (i) inconsistent documentation by examiners on decisions to exclude compliance testing for the ATR/QM and Loan Originator rules, and (ii) in certain circumstances, incomplete, incorrect, or improperly stored examiners’ workpapers, “which would preclude someone independent of the examination team from fully understanding examination findings and conclusions, based on the workpapers alone.”

    OIG further noted that, because DCP’s examination practices did not include tracking the number of institutions subject to the rules or recording how frequently examiners tested for compliance, any identified variances among the FDIC’s six regional offices could not be assessed for significance due to lack of context.

    As a result of these findings, the OIG made several recommendations for the DCP to strengthen its compliance examination process, including:

    • “research potential reasons for the regional variances in the number of rule violations by banks in the FDIC’s six regional offices”;
    • “track the aggregate number of FDIC-supervised institutions in each region that are subject to the rules”;
    • “track how often examiners test for compliance with the rules”; and
    • ‘‘take steps to improve workpaper documentation and retention.”

    The DCP agreed to implement these recommendations June 30, 2018.

    Federal Issues OIG FDIC Ability To Repay Qualified Mortgage Consumer Finance Loan Origination Mortgages Examination

    Share page with AddThis
  • NCUA Issues Final Rules Regarding Appeals Procedures; Proposes Rule Regarding Capital Planning and Stress Testing

    Agency Rule-Making & Guidance

    On October 30, the National Credit Union Administration (NCUA) issued a final rule expanding the number of material supervisory determinations that can be appealed to the NCUA Supervisory Review Committee (SRC). Under the rule, federally insured credit unions (FICUs) may appeal examination-related determinations that may significantly affect capital, earnings, operating flexibility, or level of supervisory oversight. The effective date for the final rule is January 1, 2018.

    On October 30, the NCUA also proposed changes to rules covering capital planning and stress testing requirements for covered credit unions (see previously InfoBytes coverage on proposed changes to stress tests by other federal agencies). The proposal would allow FICUs with over $10 billion in assets to conduct their own stress tests in accordance with NCUA requirements and report the results in their capital plan submissions. The specific testing requirements are tiered and dependent on various asset size and capital planning cycles. Comments about the NCUA proposed rule must be received on or before December 29.

    Agency Rule-Making & Guidance NCUA Examination Credit Union Stress Test

    Share page with AddThis
  • OCC Updates Guidance on Federal Branch Supervision and Enforcement Action Policies and Procedures

    Federal Issues

    On October 27, the OCC issued Bulletin 2017-46, updating guidance related to federal bank branch supervision and licensing. The OCC issued a revised version of its “Federal Branches and Agencies” booklet, which clarifies the process for reviewing and evaluating license conversion applications by a state-licensed branch or agency operated by a foreign bank to a federal branch or agency. Bulletin 2017-46 also replaced the 2014 agency paper entitled, The OCC’s Approach to Federal Branch and Agency Supervision. The paper outlines the OCC’s framework and considerations related to (i) the regulatory approach and supervision process for large and complex federal branches and agencies (not community banks), and (ii) the general overview of the filing requirements for applications, notices, and licenses, as well as the review and decision process.

    On October 31, the OCC issued Bulletin 2017-48 to update its policies and procedures regarding bank enforcement actions. The updates are designed to provide more clarity and consistency in the implementation, communication and monitoring of enforcement actions.  In particular, the updates are intended to, among other things, better describe the relationship between violations, concerns identified in matters requiring attention, and enforcement actions, emphasize communication with bank management and personnel and OCC supervisors, and enhance standard processes for tracking and resolving corrective actions.  The updates are effective December 1, and are reflected in its “Bank Supervision Process,” “Community Bank Supervision,” “Federal Branches and Agencies Supervision,” and “Large Bank Supervision” booklets of the Comptroller’s Handbook.

    Federal Issues OCC Bank Supervision Enforcement Examination

    Share page with AddThis
  • Trade Groups Lobby for Exemption of Small Independent Mortgage Lenders from CFPB Examinations

    Agency Rule-Making & Guidance

    On September 18, the Community Home Lenders Association and the Community Mortgage Lenders of America sent a joint letter to Treasury Secretary Mnuchin urging relief for smaller independent mortgage bankers from CFPB supervision, enforcement, and vender management audits. Specifically, the trade groups requested support for legislation that would help eliminate the risk of enforcement actions from the CFPB for smaller nonbanks. The letter cites the conclusions drawn in the Treasury Report on financial regulations, released in June (this report was a product of the February Executive Order, covered by a Buckley Sandler Special Alert). Of particular interest from the trade groups was the report’s conclusion that Congress should repeal the CFPB’s supervisory authority and return the supervision of nonbanks to state regulators.

    Agency Rule-Making & Guidance Mortgages CFPB Examination Vendor Management Department of Treasury

    Share page with AddThis
  • OIG Report: Potential for Improvement Within CFPB Examiner Commissioning and On-the-Job Training Programs

    Agency Rule-Making & Guidance

    On September 20, the Office of Inspector General (OIG) for the CFPB issued findings in a report entitled The CFPB Can Enhance the Effectiveness of Its Examiner Commissioning Program and On-the-Job Training Program (the Report) stemming from an evaluation to assess the Bureau’s effectiveness when designing, implementing, and executing these two programs.

    Examiner Commissioning Program (ECP). The Report found that, despite efforts to enhance the program since it began in 2014, the CFPB's Supervision Learning and Development Division (SL&D)—which is responsible for examiner training—presented several areas in need of improvement, including: (i) where examiners appeared to pursue commissioning before being fully prepared or required multiple attempts to pass commissioning components, which in turn affected the number of examiners available for examinations; (ii) where examiners commenced components of the ECP, despite inadequate training, developmental opportunities, or exposure to certain internal processes; (iii) findings that SL&D lacked a formal method for evaluating and updating the ECP, thus reducing opportunities to identify potential areas for improvement; (iv) inconsistent delivery of ECP requirements to prospective employees; and (v) a lack of clarity on when the start of the five-year time requirement begins for examiners trying to obtain their commissioning, which can create the risk of examiners moving through the ECP before being ready.

    On-the-Job Training Program (OJT). The OIG also identified areas for improvement in the CFPB’s implementation of the OJT program. Specifically, the OIG found that due to inconsistent implementation of the OJT program, examiners are unable to clearly understand the program’s requirements and expectations.

    Recommendations. The OIG presented the following recommendations: (i) issue guidance documenting an examiner’s readiness, including recommendations from regional management; (ii) update ECP guidance to better prepare examiners in understanding the program’s requirements, including the starting point of the five-year requirement; (iii) implement a formal method to evaluate the ECP program; (iv) develop guidelines for applicants of the ECP program; and (v) reassess the OJT program timeline for module development, communicate guidelines effectively at all regional offices, and develop guidelines for OJT program expectations.

    Agency Rule-Making & Guidance OIG CFPB Examination

    Share page with AddThis
  • GAO Publishes Study Examining Fintech Industry Regulation

    Fintech

    On April 19, the U.S. Government Accountability Office (GAO) published a study examining four “subsectors” within the fintech industry—marketplace lenders, mobile payments, digital wealth management platforms, and distributed ledger technology (also known as blockchain)—and highlighting the types of products and services offered and how they are regulated. The report, Financial Technology – Information on Subsectors and Regulatory Oversight, is the first in a series of planned reports on fintech, following a request by Congress for a review of issues related to the industry. From July 2016 to April 2017, GAO reviewed agency publications, guidance, final rulemakings, initiatives, and enforcement actions, and also conducted interviews with representatives from the federal prudential regulators, state supervision agencies, and trade associations in order to compile the findings in the report. The report provides an overview of the technologies associated with each subsector, identifies primary users of the products and services, notes potential benefits and risks, and highlights industry trends and current regulations and oversight. Notably, GAO stated it made no recommendations in this report.

    Fintech GAO Examination Congress Marketplace Lending Distributed Ledger Blockchain Virtual Currency Mobile Payments

    Share page with AddThis
  • Fed Extends Post-Employment Restrictions for Senior Examiners

    Federal Issues

    In a press release on November 18, the Fed announced revised post-employment restrictions that more than double the number of senior staff examiners barred from leaving a Federal Reserve Bank and going right to work for a bank they had supervised. By law, senior bank examiners are prohibited for one year from accepting paid work from a financial institution that they had primary responsibility for examining in their last year of Reserve Bank employment. This post-employment restriction has previously applied only to central points of contacts (CPCs) at firms with more than $10 billion in assets. The revised policy expands this post-employment restriction to deputy CPCs, senior supervisory officers (SSOs), deputy SSOs, enterprise risk officers, and supervisory team leaders, which has the effect of more than doubling the number of senior examiners covered. The policy—which takes effect January 2, 2017—does not apply to senior examiners responsible for multiple unaffiliated banks.

    In addition, another new Fed policy prohibits former Fed Bank officers from representing financial institutions and other third parties in matters before the Fed for one year after leaving their Federal Reserve position. This policy takes effect on December 5.

    Federal Issues Banking Examination Federal Reserve Bank Compliance Enforcement

    Share page with AddThis
  • FFIEC Revises Information Security Booklet

    Privacy, Cyber Risk & Data Security

    On September 9, the FFIEC updated its Information Security booklet, a key element of its Information Technology Examination Handbook. The booklet is intended to provide examiners with guidance on assessing a financial institution’s information security operations, and is divided into the following four main sections: (i) Governance of the Information Security Program; (ii) Information Security Program Management; (iii) Security Operations; and (iv) Information Security Program Effectiveness. In addition to offering technology-centric recommendations such as encryption, the booklet advises firms to create security processes and risk assessment “commensurate with their operational complexities.” It also advises financial institutions to “have strong board and senior management support, promote integration of security activities and controls throughout the institution’s business processes, and establish clear accountability for carrying out security responsibilities.” As expected, the booklet highlights the importance of implementing effective oversight of third-party service providers. Pursuant to sub-section II.C.20, in order to ensure effective oversight of third-party service providers, management should, among other things, determine when third-parties identify, measure, mitigate, monitor, and report cyber risks so as to “facilitate a comprehensive understanding of the institution’s exposure to third-party cyber threats.”

    Examination FFIEC Vendor Management Privacy/Cyber Risk & Data Security

    Share page with AddThis
  • FDIC Advises Bank Management to Maintain Ongoing Communication with Examination Staff

    Consumer Finance

    On July 29, the FDIC issued FIL-51-2016 to remind and encourage bank management to maintain open communications with FDIC personnel regarding supervisory findings. FIL-51-2016 is a re-issuance of and update to the March 1, 2011 FIL-13-2011, and emphasizes that “open dialogue with bank management is critical to ensuring the supervisory process is effective in promoting an institution’s strong financial condition and safe-and-sound operation.” If an institution has concerns about FDIC examination findings, the letter advises the institution to (i) discuss the issues with the FDIC examiner-in-charge, or contact the field or regional office representative; (ii) utilize the FDIC’s formal appeals process for material supervisory determinations; or (iii) contact the FDIC Office of the Ombudsman for “confidential, neutral, and independent” information and assistance if disagreements were not resolved informally at the Division-level. According to the letter, FDIC policy prohibits any retaliation, abuse, or retribution by any FDIC examiner or other personnel against an institution. The letter further emphasizes that “[s]uch behavior against an institution constitutes unprofessional conduct and will subject the examiner or other personnel to appropriate disciplinary or remedial action.”

    FDIC Examination

    Share page with AddThis

Pages