Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • CFPB proposal would limit negative credit reporting on human trafficking victims

    Federal Issues

    On April 7, the CFPB released a proposed rule and solicited comments on regulations implementing amendments to the FCRA intended to assist victims of trafficking. The proposed rule would establish a method for a trafficking victim to submit documentation to consumer reporting agencies (CRAs) establishing that they are a survivor of trafficking, and would require CRAs to block adverse information in consumer reports after receiving such documentation.  The proposed rules would amend Regulation V to implement changes to FCRA enacted in the National Defense Authorization Act for Fiscal Year 2022, also referred to as the “Debt Bondage Repair Act,” which was signed into law in December 2021. (Covered by InfoBytes here). Under the law, CRAs are prohibited “from providing consumer reports that contain any negative item of information about a survivor of trafficking from any period the survivor was being trafficked.” In announcing the proposal, the CFPB noted that “Congress required the CFPB to utilize its rulemaking authorities to implement the Debt Bondage Repair Act through rule changes to Regulation V, which ensures consumers’ credit information is fairly reported by CRAs.” According to the CFPB, the proposal “would protect survivors of human trafficking by preventing CRAs from including negative information resulting from abuse.” Comments are due 30 days after publication in the Federal Register.

    Federal Issues Agency Rule-Making & Guidance CFPB Federal Register Consumer Finance Consumer Reporting Agency FCRA Regulation V Consumer Reporting

  • HUD proposes 40-year term for loan modifications

    Agency Rule-Making & Guidance

    On April 1, HUD published a proposed rule in the Federal Register to increase the maximum term limit allowable on loan modifications for FHA-insured mortgages from 360 to 480 months. According to the proposed rule, the update would allow mortgagees to provide a 40-year loan modification option to borrowers who may not qualify for loss mitigation options and is intended to help borrowers experiencing a financial hardship, including those impacted by the Covid-19 pandemic, obtain affordable monthly payments. The proposed rule noted that “[i]ncreasing the maximum term limit to 480 months would allow mortgagees to further reduce the borrower’s monthly payment as the outstanding balance would be spread over a longer time frame, providing more borrowers with FHA-insured mortgages the ability to retain their homes after default.” Additionally, the proposal would align FHA with Fannie Mae and Freddie Mac, “which both currently provide a 40-year loan modification option.” Comments are due by May 31.

    Agency Rule-Making & Guidance HUD Federal Register FHA Mortgages Fannie Mae Freddie Mac Consumer Finance

  • SEC seeks to include market participants as dealers or government securities dealers

    Securities

    On March 28, the SEC announced two proposed rules, which would require market participants, such as proprietary (or principal) trading firms, who assume certain dealer functions, in particular those who as act as liquidity providers in the markets, to register with the SEC, to become members of a self-regulatory organization (SRO), and comply with federal securities laws and regulatory obligations. According to the SEC, the rules would establish that a market participant engaging in the activities described in the rules is a “dealer” or “government securities dealer” and, absent an exception or exemption, is required to: (i) register with the Commission under Section 15(a) or Section 15C, as applicable; (ii) become a member of an SRO; and (iii) comply with federal securities laws and regulatory obligations, including as applicable, SEC, SRO, and Treasury rules and requirements. A footnote in the proposal indicates that its new rules would apply to any digital asset that is regarded as a security or a government security within existing laws. The SEC also released a Fact Sheet regarding the proposals, which provides information on why the proposal matters and how it applies. Comments are due 60 days after publication of the proposing release on the SEC’s website or 30 days after publication in the Federal Register, whichever period is longer. SEC Chair Gary Gensler released a statement stating he believes that the proposed rules “reflect[] Congress’s statutory intent that firms engaging in important liquidity-providing roles in the securities markets, including in the U.S. Treasury market, be registered with the Commission.”

    Securities Agency Rule-Making & Guidance Digital Assets SEC Federal Register

  • FDIC issues draft principles on climate risk management

    On March 30, the FDIC announced a request for comment on draft principles, which provide a high-level framework for the safe and sound management of exposures to climate-related financial risks. The principles are intended for the largest financial institutions (those with over $100 billion in total consolidated assets), though the announcement notes that all financial institutions, regardless of size, can have material exposures to climate-related financial risks. The topics covered by the principles include: (i) governance; (ii) policies, procedures, and limits; (iii) strategic planning; (iv) risk management; (v) data, risk measurement, and reporting; and (vi) scenario analysis. The draft principles also highlight management of risk areas. Comments close 60 days after publication in the Federal Register. In a statement, acting FDIC Chairman Martin Gruenberg said the key principles are “an initial step toward the promotion of a consistent understanding of the effective management of climate-related financial risks.”

    Bank Regulatory Federal Issues Agency Rule-Making & Guidance FDIC Climate-Related Financial Risks Federal Register

  • SEC proposes climate risk disclosures

    Securities

    On March 21, the SEC announced a proposed rule to require registrants to disclose certain climate-related information in their registration statements and periodic reports. According to the proposed rule, a registrant must disclose, among other things, information regarding its direct and certain indirect emissions of greenhouse gas (GHG). The GHG emissions disclosure proposals “would provide investors with decision-useful information to assess a registrant’s exposure to, and management of, climate-related risks, and in particular transition risks.”

    The proposed rule also establishes that accelerated filers and large accelerated filers would be required to include an attestation report from an independent attestation service provider covering certain emissions disclosures, with a phase-in over time, to promote the reliability of GHG emissions disclosures for investors. The proposed rule further noted additional disclosure requirements for registrants that have made a so-called net-zero commitment or adopted a plan to reduce their GHG footprint or exposures.

    The same day, the SEC released a Fact Sheet on the proposed rule, which summarized the content of the proposed disclosure and presentation and attestation requirements, among other things. According to a statement released by SEC Chair Gary Gensler, the proposed rule will “provide investors with consistent, comparable, and decision-useful information for making their investment decisions and would provide consistent and clear reporting obligations for issuers.” However, a statement released by SEC Commissioner Hester M. Peirce took a different view, stating that the proposed amendments would “turn[] the disclosure regime on its head” and noting that some elements are “missing,” such as “[a] credible rationale for such a prescriptive framework when our existing disclosure requirements already capture material risks relating to climate change;[a] materiality limitation; [and] [a] compelling explanation of how the proposal will generate comparable, consistent, and reliable disclosures.” Treasury Secretary Janet L. Yellen also released a statement commending the proposal and the SEC, calling the effort “an important step to protect investors and strengthen the overall resilience of the financial system.”

    Comments on the proposal are due 30 days after publication in the Federal Register, or 60 days after the date of issuance and publication on sec.gov, whichever period is longer.

    Securities Agency Rule-Making & Guidance SEC Climate-Related Financial Risks Department of Treasury Federal Register Risk Management Disclosures

  • OCC issues final rule for granting exemptions to SAR requirements

    On March 16, the OCC issued a final rule amending its suspicious activity report (SAR) regulations. The rule sets out a process for national banks and federal savings associations to request exemptions from the OCC’s SAR requirements. To request exemption under the final rule, national banks or federal savings associations, including federal branches and agencies of foreign banks, must submit a request in writing to the OCC. The agency “will consider whether the exemption is consistent with the purposes of the [Bank Secrecy Act] and with safe and sound banking and may consider any other appropriate factors.” Where required, institutions must separately seek an exemption from FinCEN, and the OCC intends to coordinate with FinCEN on such requests. The final rule will also allow “the OCC to facilitate changes required by the Anti-Money Laundering Act of 2020" and “will make it possible for the OCC to grant relief to national banks or federal savings associations that develop innovative solutions intended to meet Bank Secrecy Act requirements more efficiently and effectively.”

    Bank Regulatory Federal Issues Financial Crimes Agency Rule-Making & Guidance OCC SARs Federal Register Of Interest to Non-US Persons Bank Secrecy Act Anti-Money Laundering Anti-Money Laundering Act of 2020 FinCEN Bank Compliance

  • Fed reshaping “novel institutions” guidelines

    On March 1, the Federal Reserve Board announced that it is soliciting comments on a supplement to a previous proposal intended to ensure that the Fed’s banks utilize a transparent and consistent set of factors when reviewing requests to access Federal Reserve Bank accounts and payment services. The framework, which builds on a proposal from May 2021 (covered by InfoBytes here), would establish a three tier system. Tier 1 would consist of eligible institutions that are federally-insured, and would be “subject to a less intensive and more streamlined review.” Tier 2 would consist of certain eligible institutions or holding companies that are not federally-insured but subject to prudential supervision, and would generally receive an “intermediate” level of review. Tier 3 would consist of eligible institutions that are “not federally insured and not subject to prudential supervision by a federal banking agency at the institution or holding company level,” and, given their potential higher risk, “would be subject to the strictest level of review.” Comments close 45 days after publication in the Federal Register.

    Bank Regulatory Agency Rule-Making & Guidance Federal Reserve Federal Reserve Banks Federal Register Payments Fintech

  • FCC launches inquiry to reduce cyber risks

    Privacy, Cyber Risk & Data Security

    On February 25, the FCC adopted a Notice of Inquiry proposed by FCC Chairwoman Jessica Rosenworcel that would launch an inquiry into the vulnerabilities of the internet’s global routing system, in response to the increasing risk of cyberattacks stemming from Russia’s invasion of Ukraine. The adopted inquiry solicits public comments on vulnerabilities threatening the security and integrity of the Border Gateway Protocol, which is central to the global routing of internet traffic. The inquiry also intends to evaluate how these security risks could impact the transmission of data through email, e-commerce, and bank transactions to interconnected Voiceover Internet Protocol and 911 calls and how best to address any identified challenges. Comments are due 30 days after publication in the Federal Register, with replies due 30 days later.

    Privacy/Cyber Risk & Data Security FCC Russia Ukraine Ukraine Invasion Federal Register

  • FHFA finalizes enterprise regulatory capital framework

    Agency Rule-Making & Guidance

    On February 25, FHFA announced a final rule, which amends the Enterprise Regulatory Capital Framework (ERCF) by refining the prescribed leverage buffer amount (leverage buffer) and risk-based capital treatment of retained credit risk transfer (CRT) exposures for Fannie Mae and Freddie Mac (collectively, GSEs). Among other things, the final rule: (i) replaces the fixed leverage buffer equal to 1.5 percent of a GSE's adjusted total assets with a dynamic leverage buffer equal to 50 percent of the GSE's stability capital buffer; (ii) replaces the prudential floor of 10 percent on the risk weight assigned to any retained CRT exposure with a prudential floor of 5 percent on the risk weight assigned to any retained CRT exposure; and (iii) removes the requirement that a GSE must apply an overall effectiveness adjustment to its retained CRT exposures in accordance with the ERCF’s securitization framework. Additionally, the final rule implements technical corrections to provisions of the ERCF that were published in December 2020. (Covered by InfoBytes here.) The ERCF amendments and technical corrections will be effective 60 days after publication in the Federal Register.

    Agency Rule-Making & Guidance Federal Issues GSE FHFA Fannie Mae Freddie Mac Federal Register

  • NIST to update cybersecurity framework with a focus on supply chain risk

    Privacy, Cyber Risk & Data Security

    On February 22, the National Institute of Standards and Technology (NIST) published a notice and request for information (RFI) in the Federal Register seeking information to assist in the evaluation and improvement of the agency’s “Framework for Improving Critical Infrastructure Cybersecurity,” as well as other existing and potentials standards related to supply chain cybersecurity. NIST stated it is considering updating the framework (last updated in 2018) to account for the changing landscape of cybersecurity risks, technologies, and resources, and noted that it recently announced it intends to launch the National Initiative for Improving Cybersecurity in Supply Chains (NIICS) to address cybersecurity risks in this space. Responses to the RFI will help to inform the direction of the NIICS, including how it may be integrated and aligned with the framework. NIST explained that the framework outlines standards and guidance for private and public sector companies on how to prevent and respond to cyber threats. Acknowledging that much has changed in the cybersecurity landscape since the framework was last updated, including an increased awareness and emphasis on supply chain cybersecurity risks, the RFI seeks information that will support the identification and prioritization of supply chain-related cybersecurity needs across sectors. Among other things, NIST is interested in: the usefulness of the framework for managing risks; the relationship of the framework to other NIST risk management resources; and how companies manage security risks to their software supply chains and whether this area of increasing concern should be incorporated into the framework or whether a new, separate framework focusing on cybersecurity supply chain risk management might be more valuable. Comments are due April 25.

    Privacy/Cyber Risk & Data Security NIST Agency Rule-Making & Guidance Federal Register Risk Management Supply Chain

Pages

Upcoming Events