Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On January 22, the Financial Industry Regulatory Authority (FINRA) issued new guidance on areas member firms should consider when seeking to improve their compliance, supervisory, and risk management programs. The 2019 FINRA Risk Monitoring and Examination Priorities Letter (2019 Priorities Letter) examines both new priorities as well as areas of ongoing concern, including the adequacy of firms’ cybersecurity programs. FINRA notes, however, that the 2019 Priorities Letter does not repeat topics previously addressed in prior letters, and advises member firms that it will continue to review ongoing obligations for compliance. Topics FINRA plans to focus on in the coming year include:
- Firms’ use of regulatory technology to help compliance efforts become “more efficient, effective, and risk-based.” FINRA will work with firms to understand risks and concerns related to supervision and governance systems, third party vendor management, and safeguarding customer data;
- Supervision of digital assets, including coordinating with the SEC to review how firms determine whether a given digital asset is a security and whether firms are implementing adequate controls and supervisions related to digital assets, such as complying with anti-money laundering and Bank Secrecy Act rules and regulations;
- Assessment of firms’ compliance with FinCEN’s Customer Due Diligence rule, which requires firms to identify beneficial owners of legal entity customers (as previously covered by InfoBytes here); and
- Financial risks, including credit risks, funding and liquidity planning.
On January 17, the OCC announced, together with the Federal Reserve Board and the FDIC, the final rule amending regulations governing eligibility for the 18-month on-site examination cycle, pursuant to the Economic Growth, Regulatory Relief, and Consumer Protection Act. The final rule was published without change from the interim rule issued in August 2018 (covered by InfoBytes here). The final rule allows for qualifying insured depository institutions with less than $3 billion in total assets (which is an increase from the previous threshold of $1 billion) to be eligible for an 18-month on-site examination cycle. The agencies reserve the right to adopt a more frequent schedule than 18 months for qualifying institutions if deemed “necessary or appropriate.” The final rule is effective January 28.
On December 7, the Federal Reserve Board, the FDIC, and the OCC issued guidance regarding the HMDA key data fields that Federal Reserve examiners use to evaluate the accuracy of HMDA data collected since January 1 pursuant to the CFPB’s October 2015 and August 2017 amendments and the May 2018 Economic Growth, Regulatory Relief, and Consumer Protection Act (the Act) exemptions (all of which have been previously covered by InfoBytes here, here, and here).
The guidance cites to the October 2017 list of 37 key data fields identified by the agencies and notes that “[o]nce examiners have selected a random sample of entries from an institution’s HMDA Loan Application Register (HMDA LAR) and have received the corresponding loan files, they would verify the accuracy of the applicable HMDA key data fields in the entries in the HMDA LAR sample(s) against information in the loan files.” Additionally, for institutions eligible for the partial exemption granted by the Act, and covered by the Bureau’s August interpretive and procedural rule (InfoBytes coverage here), the guidance notes that these institutions are responsible for collecting, recording, and reporting only 21 of the 37 designated HMDA key data fields, as the exemption covers the other 16 fields.
The Federal Financial Institutions Examination Council members are currently developing a set of revised interagency HMDA examination procedures regarding HMDA requirements relating to data collected from January 1, 2018 onward.
On November 27, the Federal Financial Institutions Examination Council (FFIEC) issued the second update on the status of its Examination Modernization Project. The project’s objective is to identify and assess measures to improve the community bank safety and soundness examination process, pursuant to the Economic Growth and Regulatory Paperwork Reduction Act’s review of regulations. As previously covered by InfoBytes, in March, the FFIEC released the first update, which identified four areas with potential for the most “meaningful supervisory burden reduction.” The second update focuses on tailoring examination plans and procedures based on risk in order to reduce burden. Specifically, after a review of risk-based procedures and processes, the Federal Reserve Board, the FDIC, the NCUA, the OCC, and the State Liaison Committee have committed to issue reinforcing and clarifying examiner guidance to their examination staffs on risk-focused examination principles for community financial institutions, if necessary. The guidance covers, among other things, the following practices (i) consideration of the unique risk profile, complexity, and business model of the institution when developing the exam plan; (ii) tailoring of the document request list based on the financial institution’s business model, complexity, risk profile and planned scope of review; and (iii) applying examination procedures in a way that reduces the level of review of low risk institutions or low risk areas.
The FFIEC noted it may take further action to improve the examination process as the project progresses.
On October 23, a bipartisan coalition of 33 state Attorneys General sent a letter to acting Director of the CFPB, Mick Mulvaney, expressing concern over reports that the Bureau is no longer supervising financial institutions for compliance with the Military Lending Act (MLA). The Attorneys General wrote that the Bureau would be “failing to abide by its statutorily mandated duty to enforce the MLA” by interpreting its authority to preclude the examination of lenders for compliance with the act. Specifically, the Attorneys General point to recent amendments to the MLA providing that the statute “shall be enforced” by the Bureau (among other agencies) “under any . . . applicable authorities available to the [Bureau].” This includes the authority to examine lenders “to ‘detect and assess risks to consumers.” According to the Attorneys General, the origination of non-MLA compliant loans to servicemembers constitutes such a risk.
On October 18, the Federal Financial Institutions Examination Council (FFIEC) released a newly updated Bank Secrecy Act/Anti-Money Laundering (BSA/AML) InfoBase website, which provides examiners and financial institutions access to BSA/AML examination procedures and resources, including the BSA/AML Examination Manual. According to the FFIEC, the InfoBase will “provide just-in-time training for new regulations and for other topics of specific concern to examiners within the FFIEC's member agencies.”
On October 15, the OCC issued Bulletin 2018-38, which updates, among other things, the “Trade Finance and Services” booklet of the Comptroller’s Handbook previously issued in April 2015. The booklet provides guidance for OCC examiners to use in connection with the examination and supervision of national banks and federal savings associations that engage in international trade finance and services activites, including “letters of credit, guarantees, acceptances, open account financing, other specialized trade financing, financial supply chain solutions, prepayment, advising, trade collections, bank-to-bank reimbursement services, insourcing/outsourcing trade processing, and hedging services.”
The updated booklet (i) incorporates references to relevant OCC issuances published since April 2015; (ii) reflects the integration of federal savings associations into certain regulations; and (iii) makes “clarifying edits regarding supervisory guidance, sound risk management practices, legal language, or the roles of the bank’s board or management.”
On October 1, the Federal Reserve Board (Board) issued SR 18-7 to qualifying state member banks and U.S. branches and agencies of foreign banks outlining updated 18-month on-site examination eligibility criteria. As previously covered in InfoBytes, the Board, OCC, and FDIC issued an interim final rule effective August 29—as authorized by the Economic Growth, Regulatory Reform, and Consumer Protection Act—which qualifies banks with less than $3 billion in total assets (an increase from the previous threshold of $1 billion), provided they satisfy additional criteria. SR 18-7 separately lists the relevant eligibility criteria for state member banks and for U.S. branches or agencies of foreign banks, and requires that qualifying banks (i) not be subject to a federal banking agency’s formal enforcement proceeding or order; and (ii) not have experienced a change of control during the previous 12 months that would have required a full-scope examination. Additional eligibility criteria address component and composite examination ratings and risk-based capital ratios.
On September 25, the CFPB issued Bulletin 2018-01, which announces changes to how it communicates supervisory expectations to institutions. According to the bulletin, effective immediately, examination reports and supervisory letters will include two categories of findings that convey supervisory expectations: (i) Matters Requiring Attention (MRAs); and (ii) Supervisory Recommendations (SRs). MRAs will continue to be used to outline specific goals for institutions to accomplish in order to correct violations of law, remediate harmed consumers, and address compliance management system (CMS) weaknesses, and will include timeframes for companies to report on its efforts to address MRAs and timeframes for implementation. SRs will be used when the Bureau has not identified violations of law but noted weaknesses in CMS and will contain recommended actions to address weaknesses. The bulletin notes that neither MRAs nor SRs are legally enforceable, but emphasizes the Bureau will consider an institution’s response in addressing the noted concerns when assessing a compliance rating, prioritizing future supervisory work, or assessing the need for an enforcement action.
On September 26, the OCC issued Bulletin 2018-31, which updates the “Truth in Lending Act” (TILA) booklet of the Comptroller’s Handbook, which previously was issued in December 2014. The booklet provides guidance for OCC examiners to be used in connection with the examination and supervision of national banks and federal savings associations, which offer or extend consumer credit products covered by TILA. The updates reflect changes made to Regulation Z, TILA’s implementing regulations, since the booklet’s previous release, and includes procedures implementing the CFPB’s TILA-RESPA integrated disclosure rule (TRID). Additional updates include, among other things, (i) special provisions on certain construction loans; (ii) special provisions relating to small creditors and rural or underserved areas; (iii) changes regarding appraisals for higher-priced mortgage loan exemptions; (iv) updates to mortgage origination examination procedures; and (v) updates to mortgage servicing rules and the small creditor definition.
With the issuance of the new booklet, the OCC rescinds (i) OCC Bulletin 2014-61, “Truth in Lending Act: Revised Comptroller’s Handbook Booklet and Rescissions”; (ii) The TILA sections of OCC Bulletin 2015-27, “Revised Interagency Examination Procedures for Consumer Compliance”; and (iii) OCC Bulletin 2015-42, “Initial Examinations for Compliance With TILA-RESPA Integrated Disclosure Rule.”
- Jeffrey S. Hydrick to discuss "State legislative update" at the NMLS Annual Conference & Training
- Kathryn L. Ryan to speak at the "Business model primer" at the NMLS Annual Conference & Training
- Daniel P. Stipano to discuss "Dynamic customer due diligence and beneficial ownership from KYC to ongoing CDD and the new rule implementation" at the Puerto Rican Symposium of Anti-Money Laundering
- Jon David D. Langlois to discuss "Regulatory risks of convenience fees" at the Mortgage Bankers Association National Mortgage Servicing Conference & Expo
- Michelle L. Rogers to discuss "Preparing for servicing exams in the current regulatory environment" at the Mortgage Bankers Association National Mortgage Servicing Conference & Expo
- APPROVED Webcast: NMLS Annual Conference & Ombudsman Meeting: Review and recap
- Brandy A. Hood to discuss "Keeping your head above water in flood insurance compliance" at the Mortgage Bankers Association National Mortgage Servicing Conference & Expo
- Melissa Klimkiewicz to discuss "Servicing super session" at the Mortgage Bankers Association National Mortgage Servicing Conference & Expo
- Jessica L. Pollet to discuss "Law & compliance speedsmarts" at the American Financial Services Association Law & Compliance Symposium
- Daniel P. Stipano to discuss "Lessons learned from recent high profile enforcement actions" at the Florida International Bankers Association AML Compliance Conference
- Moorari K. Shah to provide "Regulatory update – California and beyond" at the National Equipment Finance Association Summit
- Sasha Leonhardt and John B. Williams to discuss "Privacy" at the National Association of Federally-Insured Credit Unions Spring Regulatory Compliance School
- Aaron C. Mahler to discuss "Regulation B/fair lending" at the National Association of Federally-Insured Credit Unions Spring Regulatory Compliance School
- Heidi M. Bauer to discuss "'So you want to form a joint venture' — Licensing strategies for successful JVs" at RESPRO26
- Jonice Gray Tucker to to discuss "DC policy: Everything but the kitchen sink" at CBA Live
- Jonice Gray Tucker to discuss "Small business & regulation: How fair lending has evolved & where are we heading?" at CBA Live
- Daniel P. Stipano to discuss "Lessons learned from ABLV and other major cases involving inadequate compliance oversight" at the ACAMS International AML & Financial Crime Conference
- Daniel P. Stipano to discuss "A year in the life of the CDD final rule: A first anniversary assessment" at the ACAMS International AML & Financial Crime Conference
- Moorari K. Shah to discuss "State regulatory and disclosures" at the Equipment Leasing and Finance Association Legal Forum
- Hank Asbill to discuss "Pay no attention to the man behind the curtain: Addressing prosecutions driven by hidden actors" at the National Association of Criminal Defense Lawyers West Coast White Collar Conference
- Daniel P. Stipano to discuss "Keep off the grass: Mitigating the risks of banking marijuana-related businesses" at the ACAMS AML Risk Management Conference
- Daniel P. Stipano to discuss "Mid-year policy update" at the ACAMS AML Risk Management Conference
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program