InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OCC says digital asset innovators must avoid another financial crisis
On September 21, acting Comptroller of the Currency Michael J. Hsu spoke before the Blockchain Association to discuss similarities between the current growth of cryptocurrencies and decentralized finance (DeFi) and credit default swaps in the early 2000s. In prepared remarks, Hsu emphasized that while innovation is exciting and presents the opportunity for unlocking great potential—especially in areas relating to blockchain, distributed ledger technologies and DeFi—innovators and leaders have a responsibility to learn from the past to avoid repeating mistakes that led to the 2008 financial crisis. Noting that many people believe crypto/DeFi “can dramatically increase financial inclusion,” Hsu pointed to a poll showing that should it be proven that there is “fool’s gold” within the cryptocurrency space, the underbanked and non-Whites will bear the burden the most as they reportedly own more cryptocurrency than other consumers. Hsu instructed innovators to make sure financial innovation is anchored in purpose and actually serves to expand access to banking services and credit. He also highlighted the importance of speaking up and raising difficult and inconvenient questions to “help ensure better and more sustained innovation in the long term,” as well as having a straightforward explanation for how money is made and lost in the crypto/DeFi space. Hsu’s observations may signal increased scrutiny by the OCC of digital assets, including in the areas of risk management and safety, and soundness generally.
Biden announces Comptroller of the Currency nominee
On September 22, President Biden officially nominated Saule Omarova for Comptroller of the Currency. If confirmed, Omarova would be the first woman and person of color to serve as Comptroller. Currently Omarova is a professor of law at Cornell University and serves as Director of the Program on the Law and Regulation of Financial Institutions and Markets at Cornell’s Jack Clarke Institute for the Study and Practice of Business Law. Omarova’s academic expertise includes an expertise in issues related to the regulation of systemic risk and structural trends in financial markets. Prior to joining academia, Omarova also, among other things, served at the U.S. Department of Treasury as a Special Advisor for Regulatory Policy to the Under Secretary for Domestic Finance.
OCC updates earnings and regulatory Comptroller’s Handbook
On September 22, the OCC issued Bulletin 2021-44 announcing versions 1.0 of the “Earnings” and “Regulatory Reporting” booklets of the Comptroller’s Handbook. The new booklets apply to national banks, federal savings associations, and federal branches and agencies of foreign banking organizations, as well as the OCC’s supervision of community banks. The revised “Earnings” booklet rescinds the “Analytical Review of Income and Expense” booklet issued in March 1990 (with examination procedures issued in March 1998). The revised “Regulatory Reporting” booklet rescinds the “Review of Regulatory Reports” booklet, which was also issued in March 1990. The “Earnings” booklet, among other things, “supplements the earnings core assessments and provides examiners with expanded procedures to use when reviewing earnings for a specific line of business or the bank as a whole.” The “Regulatory Reporting” booklet, among other things: (i) pertains to call reports and similar financial reports but not, for instance, annual reports or those concerning nonfinancial activities; (ii) highlights sound risk management principles regarding regulatory reporting; and (iii) provides examiners procedures regarding assessing activities for a bank’s regulatory reporting. Although the rating system for federal branches does not include an earnings rating, examiners perform an earnings review, tailored to the activities of the federal branch, and, as such, the “Earnings” booklet is helpful guidance.
OCC issues cease and desist order against bank
On September 20, the OCC announced a cease and desist order issued against a bank for alleged “unsafe or unsound practices” related to “technology and operational risk management,” in addition to the bank’s noncompliance with the OCC’s Interagency Guidelines Establishing Information Security Standards contained in Appendix B to 12 CFR Part 30. Without admitting to or denying the claims, the bank is required by the order to improve information technology and operational risk governance, technology risk assessments, internal controls, and staffing deficiencies. Specifically, the bank must develop an acceptable, written action plan outlining the remedial actions necessary to achieve compliance with the order by addressing the alleged unsafe or unsound practices and noncompliance, which must specify, among other things, a description of the corrective actions, reasonable and well-supported timelines, and those responsible for completing the actions. The order provides that the bank must also establish a Compliance Committee to quarterly submit: (i) “a description of the corrective actions needed to achieve compliance with each Article of the order”; (ii) the specific corrective actions undertaken to comply with each Article of the Order”; and (iii) “the results and status of the corrective actions.”
OCC’s Hsu discusses priorities for safeguarding trust in banking
On September 15, acting Comptroller of the Currency Michael J. Hsu spoke before the Exchequer Club to discuss several agency priorities relating to reducing inequality, adapting to digitization, acting on climate change, and guarding against complacency. In prepared remarks, Hsu stressed the importance of safeguarding trust in banking. While he acknowledged the value of strong rules and regulations, Hsu cautioned that rules “are not adaptive to emerging risks” and “cannot perceive and respond to trends and developments that may erode or threaten trust.” He further emphasized that regulators must coordinate efforts to ensure stability and fairness, and pointed to the growth of cryptocurrency and decentralized finance as areas where it is imperative that regulators work together to ensure activities taking place within the banking system or those that are facilitated by banks are trustworthy. “Innovation is important, but safeguarding trust is paramount,” Hsu stressed. Additionally, Hsu noted that “coordination among all financial regulators will also be needed in the future to ensure a level playing field and limit regulatory arbitrage and to keep shadow banking at a safe distance from the regulated financial system. These goals cannot be achieved if the financial regulatory agencies, including state banking supervisors, do not work together. Public trust in bank regulators will rise or fall depending on our ability to do so.”
Agencies extend comment period on proposed third-party relationship risk management guidance
On September 10, the OCC, Federal Reserve Board, and FDIC extended the comment period on the regulators’ proposed interagency guidance designed to aid banking organizations in managing risks related to third-party relationships, including relationships with fintech-focused entities. The deadline has been extended to October 18 and interested parties may submit comments until the deadline.
As previously covered by InfoBytes, the proposed guidance addresses key components of risk management, such as (i) planning, due diligence and third-party selection; (ii) contract negotiation; (iii) oversight and accountability; (iv) ongoing monitoring; and (v) termination. Coupled with the release of a Federal Reserve Board paper describing community bank and fintech partnerships, as well as interagency guidance to help community banks evaluate fintech relationships (covered by InfoBytes here), the federal bank regulators are demonstrating continued and increased focus on third-party risk management issues.
Fed describes landscape of community banks and fintech partnerships
On September 9, the Federal Reserve Board published a paper describing the landscape of community banks and fintech partnerships. The paper, Community Bank Access to Innovation through Partnerships, is not guidance but is intended to promote and support “responsible innovation” through access and understanding to financial technology, as well as appropriate third-party risk management and compliance guardrails. The paper follows interagency guidance released last month by the Fed, OCC, and FDIC, which addressed several key due diligence topics for community banks considering relationships with prospective fintech companies, as well as interagency proposed guidance on third party risk management—signals of the regulators’ continued and increased focus on third-party relationships. (Covered by InfoBytes here and here.) The paper provides anecdotal observations shared with the Fed by outreach participants and discusses the benefits and risks of different broad partnership types (operational technology partnerships, customer-oriented partnerships, and front-end fintech partnerships), and key considerations for engaging in such partnerships. According to the report, outreach participants presented a general belief that “fintech partnerships were most effective when three elements were present: a commitment to innovation across the community bank; alignment of priorities and objectives of the community bank and its fintech partner; and a thoughtful approach to establishing technical connections between key parties, including the bank, fintech, and the bank’s core services provider.”
OCC releases new Problem Bank Supervision booklet
On September 13, the OCC issued a new Problem Bank Supervision booklet of the Comptroller's Handbook to be used by examiners in connection with the examination and supervision of national banks, federal savings associations, and federal branches and agencies of foreign banking organizations. The booklet—the central reference for the OCC's problem bank supervision policy—describes the OCC’s approach to timely identification and rehabilitation of problem banks and replaces previously-issued guidance. Among other things, the booklet (i) discusses red flags that can indicate a potential problem bank; (ii) details the supervisory and enforcement approaches the OCC can take to rehabilitate a problem bank; (iii) provides a comprehensive discussion of the agency’s authority under 12 CFR 6, “Prompt Corrective Action”; and (iv) explains the process for problem bank resolution, including receivership. The booklet complements other Comptroller’s Handbook booklets as well as topical OCC and interagency issuances. The OCC also notes that the booklet “should be supplemented with appropriate examiner consultation with the supervisory office, subject matter experts, Licensing Division staff, and OCC legal counsel.”
OCC issues cease and desist order and $250 million penalty against national bank
On September 9, the OCC announced a cease-and-desist and consent order and a $250 million civil money penalty against a national bank for alleged unsafe or unsound practices related to deficiencies in its home lending loss mitigation program and for violations of a 2018 consent order. According to the OCC, the bank, among other things: (i) failed to fully implement and maintain adequate loss mitigation practices; (ii) had mitigation decisioning tools and operational deficiencies that caused errors in loss mitigation processes; (iii) failed to timely detect, prevent, and quantify inaccurate loan modification decisions, due to inadequate controls, insufficient independent oversight, and ineffective governance related to loss mitigation activities; and (iv) had deficient internal auditing, which failed to consider aspects of previously identified issues. The cease and desist order requires the bank, among other things, to establish significant improvements to its loss mitigation program and cease taking on certain new bulk residential mortgage servicing rights from third parties. The September 9 civil money penalty order, which notes that the bank has taken steps to comply with the 2018 consent order but failed to effectively implement corrective actions, requires the bank to pay a civil penalty of $250 million.
OCC proposes rescinding its 2020 CRA rule
On September 8, the OCC announced in the Federal Register that it is soliciting comments on a proposal to rescind its 2020 Community Reinvestment Act Rule and to replace it with rules based largely on those adopted jointly by the Federal banking agencies in 1995, as amended. As previously covered by a Buckley Special Alert, the final rule, issued in May 2020, provides for at least a 27-month transition period for compliance based on a bank’s size and business model, among other things. According to the OCC, the proposal, “would align the OCC’s CRA rules with the current Board of Governors of the Federal Reserve System and Federal Deposit Insurance Corporation rules and thereby facilitate the on-going interagency work to modernize the CRA regulatory framework and create consistency for all insured depository institutions.” Since many aspects of the CRA 2020 rule remain in transition and have not been implemented, the OCC anticipates that the proposed rule will have a limited impact on national banks and savings associations. According to Acting Comptroller Michael J. Hsu, the issuance “is an important step toward strengthening and modernizing the CRA,” and that the agency “is committed to working with the Federal Reserve and FDIC on a future joint rulemaking.” According to the OCC, the proposed rules would apply to all national banks and all federal and state savings associations. Comments are due by October 29.