InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FDIC grants exception requests for certain deposit insurance recordkeeping requirements
On August 4, the FDIC published responses to exception requests pursuant to the Recordkeeping for Timely Deposit Insurance Determination rule (Rule). The notice outlines two time-limited exceptions for covered institutions effective as of July 28. The Rule, codified at 12 CFR Part 370 (and amended last year—covered by InfoBytes here), requires covered institutions to implement information technology systems and recordkeeping capabilities in order to calculate quickly the available amount of deposit insurance coverage for each deposit account in the event of failure. The FDIC allows covered institutions to request an exception from one or more of Part 370’s requirements should circumstances “make it impracticable or overly burdensome to meet those requirements.” Additionally, a covered institution may—upon notice to the FDIC—rely upon another covered institution’s FDIC-granted exception request, if the two institutions have substantially similar facts and circumstances.
The first exception grants an exception of up to 18 months from certain information technology and general recordkeeping requirements to allow covered institutions to perform system updates and remediation efforts to ensure certain sole proprietorship deposit accounts are correctly classified by an institution’s information technology system. The second exception grants an exception of up to 12 months from certain information technology and general recordkeeping requirements “for a limited number of joint accounts that a covered institution has not confirmed are ‘qualifying joint accounts’ entitled to separate deposit insurance coverage.”
California DBO opinion letters cover activities exempt from MTA licensing
The California Department of Business Oversight (CDBO) released several opinion letters issued throughout the summer covering virtual currency and agent of payee rules under the California Money Transmission Act (MTA). Highlights from the redacted letters include:
- Cryptocurrency - Escrow Accounts and Exchanges. The redacted opinion letter states that the CDBO has not yet determined whether cryptocurrencies are a form of money that triggers the application of the MTA and therefore, a business model that operates brokerage accounts using cryptocurrency exchanges would not need to be licensed and supervised under the MTA. As for a business model that the letter describes as a third-party repurchase transaction related to borrowing and lending cryptocurrency, the CDBO reminds the company that the activity may still be subject to California Escrow Law.
- Agent of Payee Exemption - Payment Processing Service. The redacted opinion letter concludes that the company’s payment processing services—which use mobile applications or card readers to capture customer information through merchants, and the payment funds flow first from the customer to the company, and then from the company to the merchant—“fall within the definition of ‘money transmission’ but are exempt from the MTA to the extent [the company], acting as the [m]erchant’s agent, receives money from [c]ustomers, via the relevant card company, as payment for goods or services.”
- Online Foreign Currency Exchange Service. The redacted opinion letter concludes the company’s online foreign currency exchange service is not subject to licensure under the MTA, because the service does not “involve ‘payment instruments’ or ‘stored value’” and there is no indication that the company would “receive money for transmission,” as customers would use the service to purchase foreign currency “like other online retail purchases.”
- Exemption for Operator of Payment System. The redacted opinion letter notes that California governmental entities are exempt from the MTA, and a company that provides payment processing services to facilitate the transfer from a California Department of Correction detainee’s cash at a detention facility to that detention facility’s bank account, is exempt from the MTA because it is processing payments between or among persons exempt from the MTA.
- MTA - Agent of Payee. The redacted opinion letter states that the company’s transactions by an agent of a merchant to collect funds from the merchant’s customer for payment of goods and services are exempt from the requirements of the MTA. The company is acting as an agent of the payee when a company is receiving money as an agent of a merchant pursuant to a preexisting written contract, and delivery of the money to the company satisfies the customer’s obligation to the merchant for a good or service provided by the merchant.
- Sending Instructions Not Money Transmission. The redacted opinion letter states that the company’s actions do not constitute money transmission under the MTA because “[the company] never ‘receives money for transmission.’” The company only “receives instructions from consumers and merchants to transmit money to each other and forwards these instructions for processing by their respective banks on the ACH network.” Because the banks are “solely responsible for payment and settlement in accordance with these instructions” the company’s payment system does not require an MTA license.
FTC continues to enforce Privacy Shield
On August 5, the FTC Commissioners testified before the Senate Committee on Commerce, Science, and Transportation and discussed, among other things, the agency’s continued enforcement of the EU-U.S. Privacy Shield, despite the recent Court of Justice of the European Union (CJEU) invalidation of the framework, and their interest in federal data privacy legislation. As previously covered by InfoBytes, in July, the CJEU determined that because the requirements of U.S. national security, public interest and law enforcement have “primacy” over the data protection principles of the EU-U.S. Privacy Shield, the data transferred under the EU-U.S. Privacy Shield would not be subject to the same level of protections prescribed by the EU General Data Protection Regulation, and thus, declared the EU-U.S. Privacy Shield invalid.
In his opening remarks, Commissioner Simons emphasized that the FTC will “continue to hold companies accountable for their privacy commitments, including privacy promises made under the Privacy Shield,” which the FTC has also noted on its website. Additionally, Simons urged Congress to enact federal privacy and data security legislation, that would be enforced by the FTC and give the agency, among other things, the “ability to seek civil penalties” and “targeted [Administrative Procedures Act] rulemaking authority to ensure that the law keeps pace with changes and technology in the market.” Moreover, Commissioner Wilson agreed with a senator’s proposition that the enactment of a preemptive federal privacy framework would make “achieving a future adequacy determination by the E.U. easier.”
OCC amends 2020 assessment structure
On August 7, the OCC released an amended fees and assessments structure for 2020 due to the Covid-19 pandemic. The announcement includes information on the OCC’s interim final rule (covered by InfoBytes here), which intended to lower assessments for supervised banks making assessments due on September 30 based on the December 31, 2019 Call Report for each institution, rather than the June 30 Call Report. Additionally, the OCC notes that for the 2020 assessment year, among other things, (i) there will be no inflation adjustment to assessment rates; (ii) new entrants to the federal banking system will be assessed on a prorated basis using call report information as of December 31 or June 30, depending on the entrance date; and (iii) the hourly fee for special examinations and investigations is increasing from $110 to $140.
$21.7 million FCPA settlement for consumer lender
On August 6, the SEC announced that a South Carolina-based consumer loan company agreed to pay over $21.7 million to settle the SEC’s claims that the company violated the books and records and internal accounting controls provisions of the FCPA through its Mexican loan operations. According to the SEC, the company’s former Mexican subsidiary paid more than $4 million in bribes, “directly or through intermediaries, to Mexican government officials and union officials, from at least December 2010 through June 2017 to obtain and retain business” related to the offering of small loans to state and federal government employees. The SEC alleged that in order to “retain the ability to make loans to government employees under all of the contracts” and to ensure loan repayments were made in a timely manner, the former subsidiary paid bribes in several ways, including (i) cash payments; (ii) making deposits into bank accounts linked to government officials and union officials or those of their relatives and friends; and (iii) hiring third-party intermediaries to assist in securing business and making bribe payments, including large bags of cash, to officials.
These bribes, the SEC alleged, were then inaccurately recorded in the company’s books and records as “legitimate ‘commission’ expenses.” The SEC also found that the company and its former subsidiary lacked “internal accounting controls sufficient to detect or prevent such payments,” and that as a result of the subsidiary’s failure to implement a sufficient accounts payable system, managers pre-signed blank checks, which made “it impossible to enforce authorization limits in place over payments.” The SEC further alleged that while the former subsidiary sent spreadsheets to the parent company each month detailing the payments, the company did not require invoices or back-up support to account for the expenses and failed to identify the high risk of bribery and corruption in Mexico. Additionally, the SEC noted that despite incorporating an FCPA policy into the company’s corporate compliance manual in 2013, there was no effective formal monitoring or internal controls to ensure the former subsidiary complied with the policy. The company also allegedly lacked personnel oversight in Mexico, and “the tone at the top” from company management “did not support robust internal audit and compliance functions,” leading to several material weaknesses.
In entering into the administrative order, the SEC considered the company’s cooperation and remedial efforts. Without admitting or denying wrongdoing, the company consented to a cease and desist order, and agreed to pay a $2 million civil money penalty and approximately $19.7 million in disgorgement and pre-judgment interest.
FHFA announces that multifamily property owners in forbearance must inform tenants of tenant protections
On August 6, the Federal Housing Finance Agency (FHFA) announced that multifamily property owners with mortgages backed by Fannie Mae or Freddie Mac (the Enterprises) who enter into a new or modified forbearance agreement must inform tenants in writing about tenant protections during the multifamily property owner's forbearance and repayment periods. Landlords with Enterprise-backed mortgages can enter new, or if qualified, modified forbearance if they experienced or continue to experience a financial hardship due to the Covid-19 emergency. While in forbearance, the property owners must agree not to evict tenants solely for the nonpayment of rent. The announcement notes that the Enterprises are modifying online multifamily property loan look-up tools to make it easier for tenants to find the tenant protections and to find out if the multifamily property in which they reside has an Enterprise-backed mortgage.
NYDFS extends suspension of license expiration for individual insurance producers
On August 6, the New York Department of Financial Services (DFS) issued a third supplement to Insurance Circular Letter No. 9, previously covered here and here. The letter, which suspended the expiration of licenses for individual insurance producers, has been extended for an additional 30 days through September 6, 2020. All licenses that would have expired between March 25, 2020, and September 6, 2020, but for Insurance Circular Letter No. 9 (2020) and the supplements thereto will automatically expire on September 7, 2020, unless the producer completes all necessary continuing education credits, and submits a license renewal application, before September 7, 2020. The supplement notes that the extension is a “final accommodation.”
OFAC sanctions additional persons for human rights violations in China’s Xinjiang region
On July 31, the U.S. Treasury Department’s Office of Foreign Assets Control announced sanctions pursuant to Executive Order 13818 against a Chinese government entity and two current or former government officials for alleged corruption violations of the Global Magnitsky Human Rights Accountability Act. According to OFAC, the sanctioned persons are connected to serious human rights abuse against ethnic monitories, including Uyghurs, in the Xinjiang region. Earlier in July, OFAC sanctioned another Chinese government entity and several current or former government officials for similar corruption violations (covered by InfoBytes here). As a result of the sanctions, all property and interests in property of the designated persons within U.S. jurisdiction must be blocked and reported to OFAC. OFAC notes that its regulations generally prohibit U.S. persons from participating in transactions with these individuals and entities, which includes “the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any blocked person or the receipt of any contribution or provision of funds, goods or services from any such person.”
Concurrent with the sanctions, OFAC also issued General License No. 2, which authorizes certain wind down and divestment transactions and activities related to blocked subsidiaries of the Chinese entity through September 30.
FinCEN clarifies customer due diligence FAQs
On August 3, the Financial Crimes Enforcement Network (FinCEN), in consultation with the federal functional regulators, issued responses to three frequently asked questions (FAQs) concerning customer due diligence (CDD) requirements under the Bank Secrecy Act for covered financial institutions. As previously covered by InfoBytes, the 2016 CDD Rule imposed standardized requirements for financial institutions to identify and verify beneficial owners of legal entity customers, subject to certain exclusions and exemptions. The FAQs follow those issued by FinCEN in July 2016 and April 2018 (covered by InfoBytes here and here), and address procedures to collect customer information, methods to establish a customer risk profile, and obligations to update customer information.
CSBS: OCC’s proposed “non-branch” provisions undermine dual banking system
On August 3, the Conference of State Bank Supervisors (CSBS) issued its comment letter to the OCC’s Notice of Proposed Rulemaking (NPR) on national bank and savings association activities concerning “non-branch” offices. Specifically, CSBS wrote that the “non-branch” provisions in the NPR make “far-reaching” revisions without legal authority, undermine the dual banking system, conflict with National Bank Act (NBA) preemption limits, and would allow national banks to operate branches without complying with related Community Reinvestment Act (CRA) obligations. Additionally, CSBS contended that the OCC’s rulemaking process is “truncated and flawed,” and afforded a particularly brief period for public comments during the Covid-19 pandemic.
According to CSBS, the NPR, announced in June (covered by InfoBytes here), would “expand the scope of activities that may occur at non-branch offices purportedly without regard” to state restrictions. These activities include: (i) performing loan approval and origination functions at a single, publicly accessible office; (ii) disbursing loan proceeds through an operating subsidiary; and (iii) establishing drop boxes and other unstaffed facilities. CSBS also contended that the NPR’s non-branch provisions would undermine Congressional intent and give national banks competitive advantages over state-charted banks. CSBS further argued that the non-branch provisions conflict with Congress’ clear intention that “NBA preemption does not apply to agents, affiliates or subsidiaries of national banks.” Finally, CSBS highlighted a distinction between the proposed non-branches (but de facto branches) and actual branch offices, arguing that the NPR creates a legal loophole allowing non-branch national banks to avoid CRA obligations associated with licensed branches.