InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB proposes registry of nonbank repeat offenders
On December 12, the CFPB announced a proposed rule seeking to identify repeat financial law offenders by establishing a database of enforcement actions taken against certain nonbank covered entities. Specifically, the Bureau proposes to enhance market monitoring and risk-based supervision efforts by including all final public written orders and judgments (including any consent and stipulated orders and judgments) obtained or issued by any federal, state, or local government agency for violation of certain consumer protection laws related to unfair, deceptive, or abusive acts or practices in the database. Additionally, pursuant to Section 1024(b)(7) of the Consumer Financial Protection Act, the Bureau is also proposing that larger supervised nonbanks be required to submit annual written statements regarding compliance with each underlying order that is signed by an attesting executive with “knowledge of the entity’s relevant systems and procedures for achieving compliance and control over the entity’s compliance efforts.” Excluded from the registry will be insured depository institutions and credit unions, related persons, states, natural persons, and certain other entities.
Explaining that protecting American consumers is a shared effort spanning local, state, and federal authorities, CFPB Director Rohit Chopra stated that currently “readily accessible information is lacking about the identity of orders issued against nonbanks subject either to the CFPB’s market monitoring authority or to its supervisory authority across the various markets for consumer financial products and services.” The creation of a central repository of enforcement actions around the country for use in tracking and mitigating risks posed by repeat offenders and monitoring entities subject to agency and court orders will help the Bureau, the law enforcement community, and the public “limit the harms from repeat offenders,” the Bureau said in its announcement. The Bureau noted that it plans to share the database with other regulators and law enforcement agencies by making the registry public.
Comments on the proposal are due 60 days after publication in the Federal Register. The Bureau said the proposed registry would launch “no earlier than January 2024.”
CFPB issues HMDA technical amendment
On December 12, the CFPB issued a technical amendment to the HMDA Rule to reflect the closed-end mortgage loan reporting threshold of 25 mortgage loans in each of the two preceding calendar years. As previously covered by InfoBytes, in September, the U.S. District Court for the District of Columbia granted partial summary judgment to a group of consumer fair housing associations (collectively, “plaintiffs”) that challenged changes made in 2020 that permanently raised coverage thresholds for collecting and reporting data about closed-end mortgage loans and open-end lines of credit under HMDA. The 2020 Rule, which amended Regulation C, permanently increased the reporting threshold from the origination of at least 25 closed-end mortgage loans in each of the two preceding calendar years to 100, and permanently increased the threshold for collecting and reporting data about open-end lines of credit from the origination of 100 lines of credit in each of the two preceding calendar years to 200 (covered by InfoBytes here). The plaintiffs sued the CFPB in 2020, arguing, among other things, that the final rule “exempts about 40 percent of depository institutions that were previously required to report” and undermines HMDA’s purpose by allowing potential violations of fair lending laws to go undetected. (Covered by InfoBytes here.) As a result of the September 23 order, the threshold for reporting data about closed-end mortgage loans is 25, the threshold established by the 2015 HMDA Rule.
OCC warns of crypto-asset and cybersecurity risks facing the federal banking system
On December 8, the OCC released its Semiannual Risk Perspective for Fall 2022, which reports on key risks threatening the safety and soundness of national banks, federal savings associations, and federal branches and agencies. The OCC reported that, in the aggregate, banks “remain well capitalized” and have “ample liquidity and sound credit quality, although macroeconomic headwinds are a concern.” The OCC highlighted interest rate, operational, compliance, and credit risks as key risk themes. Observations include: (i) the rising rate environment has adversely impacted bank investment portfolios; (ii) operational risk, including evolving cyber risk, is elevated, with “threat actors continuing to target the financial services industry with ransomware and other attacks”; (iii) compliance risk remains heightened as banks navigate significant regulatory changes; and (iv) credit risk in commercial and retail loan portfolios remains moderate and demonstrates resiliency, “but signs of potential weakening in some segments warrant careful monitoring.”
The report discussed emerging risks related to innovation and the adoption of new products and services, including crypto-assets. Highlighting risks arising from banks’ expansion into digital offerings and the “heightened” threat of fraud risk associated with innovative peer-to-peer payment platforms, the OCC noted that banks should be “clearly communicating risks, educating customers on potential scams, and enhancing internal fraud monitoring capabilities” to mitigate threats and protect consumers. The report noted that “[b]anks may require additional or different controls to safeguard against fraud, financial crimes, violations of Bank Secrecy Act, anti-money laundering, and Office of Foreign Assets Control (BSA/AML/OFAC) requirements, and consumer protection or fair lending laws, or operational errors,” and should “maintain comprehensive operational resilience frameworks commensurate with the size and complexity of products, services, and operations being supported.”
The OCC reiterated the importance of taking a “careful and cautious approach” toward banks’ engagement with the crypto-related firms. Recent events in the crypto market have also “revealed a high degree of interconnectedness between certain crypto participants through a variety of opaque lending and investing arrangements,” which has led to “a high risk of contagion among connected parties.” The report noted that national banks and federal savings associations interested in engaging in crypto-asset activities should discuss the activities with their supervisory office before engaging the activities. Some activities may require a supervisory non-objection under OCC Interpretive Letter #1179.
The report cited risks related to cybersecurity and partnerships with fintech and other third parties. The OCC said it is applying a “heightened supervisory focus” to its scrutiny of banks’ oversight of third-party relationships and flagged an upward trend in ransomware attacks targeting banks’ service providers and other third parties. Partnering with fintechs to support operations or provide opportunities for customers to enter the digital asset market can “increase the risk of unfair or deceptive acts or practices because of the coordination, communication, and disclosure challenges involved in these partnerships,” the report said, adding that “[u]nclear or arbitrary partnership agreements may result in implementation breakdowns, untimely resolution of issues, or failure to deliver products or services as intended, and may result in significant customer remediation.” The OCC cautioned that banks must “conduct appropriate due diligence” before entering a partnership with a third party. “The scope and depth of due diligence, as well as ongoing monitoring and oversight of the third party’s performance, should be commensurate with the nature and criticality of the proposed activity.”
The report also discussed forthcoming climate risk management guidelines applicable to banks with more than $100 billion in total consolidated assets. As previously covered by InfoBytes, the OCC, Federal Reserve Board, and the FDIC announced they intend to issue final interagency guidance to promote consistency.
FDIC announces South Carolina disaster relief
December 9, the FDIC issued FIL-51-2022 to provide regulatory relief to financial institutions and help facilitate recovery in areas of South Carolina affected by Hurricane Ian from September 25 to October 4. The FDIC acknowledged the unusual circumstances faced by institutions affected by the storms and suggested that institutions work with impacted borrowers to, among other things: (i) extend repayment terms; (ii) restructure existing loans; or (iii) ease terms for new loans, provided the measures are done “in a manner consistent with sound banking practices.” Additionally, the FDIC noted that institutions “may receive favorable Community Reinvestment Act consideration for community development loans, investments, and services in support of disaster recovery.” The FDIC will also consider regulatory relief from certain filing and publishing requirements.
FTC, Florida permanently shut down grant funding operation
On December 8, the FTC and the Florida attorney general announced that a Florida-based grant funding company and its owner (collectively, “defendants”) will be permanently banned from offering grant-writing and business consulting services as a result of a lawsuit the regulators brought against the defendants in June. As previously covered by InfoBytes, the complaint alleged that the defendants violated the Consumer Protection Act, the FTC Act, and the Florida Deceptive Unfair Trade Practices Act by deceptively marketing their services to minority-owned small businesses. Among other things, the defendants (i) promised grant funding that did not exist and/or was never awarded; (ii) misled customers about the status of grant awards; and (iii) failed to honor a “money-back guarantee” and suppressed customer complaints. The defendants agreed to the terms of a proposed court order, which would ban them from providing grant-related services and business consulting, and prohibit them from making misrepresentations regarding advertised products or services. Defendants would also be required to turn over certain property to be sold in order to provide refunds to affected businesses. The proposed order also includes a more than $2 million monetary judgment, which is partially suspended due to defendants’ inability to pay.
Senators ask federal agencies about banks’ ties to crypto firms
On December 7, Senators Elizabeth Warren (D-MA) and Tina Smith (D-MN) sent letters to the heads of the Federal Reserve Board, FDIC, and OCC seeking information on how the agencies assess risks associated with banks’ relationships with cryptocurrency firms. The senators expressed concerns related to recent revelations that “crypto may be more integrated into the banking system than regulators are aware.” The senators asked the agencies a series of questions, including (i) whether the regulators plan to conduct a review of crypto firms’ relationships with banks; (ii) the names of regulated banks engaged in crypto-related activities, such as providing crypto custody services and acting as nodes to verify customer payments; and (iii) the estimated total dollar volume for each specific activity per bank. The responses were requested by December 21.
FCC orders companies to block student loan scam calls
On December 8, the FCC’s Enforcement Bureau ordered voice service providers to cease carrying robocalls related to known student loan scams and specifically designated a service believed to account for more than 40 percent of student loan robocalls in October. The FCC’s order provides written notice to all voice service providers regarding suspected illegal robocalls that have been made in violation of the TCPA, the Truth In Caller ID Act of 2009, or the TRACED Act. Specifically, the order “directs all U.S.-based voice service providers to take immediate steps to mitigate suspected illegal student loan-related robocall traffic.” The order further noted that if a provider fails to “take all necessary steps” to avoid carrying suspected illegal robocall traffic, the provider may be “deemed to have knowingly and willfully engaged in transmitting unlawful robocalls.” According to FCC Chairwoman Jessica Rosenworcel, the Commission is “cutting these scammers off so they can't use efforts to provide student loan debt relief as cover for fraud.”
Senators request information from California bank on its relationship with collapsed crypto exchange
On December 5, Senators Elizabeth Warren (D-MA), John Kennedy (R-LA), and Roger Marshall (R-KS) asked the CEO of a California-based bank for information regarding its relationship with several cryptocurrency firms founded by the CEO of a now-collapsed crypto exchange. In their letter, the senators pressed the CEO for an explanation for why the bank failed to monitor for and report suspicious transactions to the Financial Crimes Enforcement Network, and asked for information about how deposits it was holding on behalf of the collapsed exchange and related firm were being handled. The senators stressed that the bank has a legal responsibility under the Bank Secrecy Act to maintain an effective anti-money laundering program that may have flagged suspicious activity. “Your bank's involvement in the transfer of [the collapsed exchange’s] customer funds to [the related firm] reveals what appears to be an egregious failure of your bank’s responsibility to monitor for and report suspicious financial activity carried out by its clients,” the letter said. The senators asked the bank to respond to a series of questions by December 19.
Fannie expands underwriting eligibility to help "credit invisible" borrowers
On December 6, Fannie Mae announced enhancements to its Desktop Underwriter to create more homeownership opportunities for “credit invisible” borrowers by changing its automated underwriting system to expand eligibility and further simplify the borrowing process for loans where borrowers do not have a credit score. Fannie noted that close to 15 percent of Black and Latino/Hispanic people are credit invisible (as compared to nine percent of their white and Asian counterparts), explaining that these imbalances lead to racial disparities in access to credit and quality affordable housing. “We believe consumers should benefit from their responsible money management habits and a steady stream of income when buying a home, even if they don’t have an established credit history,” Mallory Evans, Executive Vice President and Head of Single-Family Business at Fannie Mae, said in the announcement. “Traditional lending practices make it hard for borrowers with no credit score to access credit, so we’ve taken steps that may help them responsibly qualify for a home loan using data that provides a more holistic view of how they manage their money.”
Beginning December 10, enhancements made to the Desktop Underwriter will (i) update borrower eligibility criteria for those with no credit score to align with Fannie’s standard selling guide requirements; (ii) enable the system to evaluate “a borrower’s monthly cash flow over a 12-month period to potentially enhance their credit risk assessment”; and (iii) simplify the mortgage process by automating the current selling guide requirement for documenting nontraditional sources of credit.
CFPB says TILA does not preempt NY law on commercial disclosures
On December 7, the CFPB issued a preliminary determination that New York’s commercial financing disclosure law is not preempted by TILA because the state’s statute regulates commercial financing transactions and not consumer-purpose transactions. The CFPB issued a Notice of Intent to Make Preemption Determination under the Truth in Lending Act seeking comments pursuant to Appendix A of Regulation Z on whether it should finalize its preliminary determination that New York’s law, as well as potentially similar laws in California, Utah, and Virginia, are not preempted by TILA. Comments are due January 20, 2023. Once the comment period closes, the Bureau will publish a notice of final determination in the Federal Register.
Explaining that recently a number of states have enacted laws to require improved disclosures of information contained in commercial financing transactions, including loans to small businesses, in order to mitigate predatory small business lending and improve transparency, the Bureau said it received a written request to make a preemption determination involving certain disclosure provisions in TILA. While Congress expressly granted the Bureau authority to evaluate whether any inconsistencies exist between certain TILA provisions and state laws and to make a preemption determination, the statute’s implementing regulations require the agency to request public comments before making a final determination.
While New York’s Commercial Financing Law “requires financial disclosures before consummation of covered transactions,” the Bureau pointed out that this applies to “commercial financing” rather than consumer credit. The request contended that TILA preempts New York’s law in relation to its use of the terms “finance charge” and “annual percentage rate”—“notwithstanding that the statutes govern different categories of transactions.” The request outlined material differences in how the two statutes use these terms and asserted “that these differences make the New York law inconsistent with Federal law for purposes of preemption.” As an example, the request noted that the state’s definition of “finance charge” is broader than the federal definition, and that the “estimated APR” disclosure required under state law “for certain transactions is less precise than the APR calculation under TILA and Regulation Z.” Moreover, “New York law requires certain assumptions about payment amounts and payment frequencies in order to calculate APR and estimated APR, whereas TILA does not require similar assumptions,” the request asserted, adding that inconsistencies between the two laws could lead to borrower confusion or misunderstanding.
In making its preliminary determination, the Bureau concluded that the state and federal laws do not appear “contradictory” for preemption purposes based on the request’s assertions. The Bureau explained that the statutes govern different transactions and disagreed with the argument that New York’s law impedes the operation of TILA or interferes with its primary purpose. Specifically, the Bureau stated that the “differences between the New York and Federal disclosure requirements do not frustrate these purposes because lenders are not required to provide the New York disclosures to consumers seeking consumer credit.”