InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FHFA requests information on its FHLBank Affordable Housing Program
On June 20, FHFA released its request for input (RFI) on the application process for the Federal Home Loan Banks’ (FHLBanks) Affordable Housing Program (AHP). FHFA invited input on all aspects of the AHP application process, with a deadline for submissions no later than August 19. The AHP housing program was designed to provide funding to purchase, construct, and rehabilitate housing for very low-, low-, and moderate-income households. Each FHLBank provides funding through either a competitive application program that funds both rental and homeownership projects or a homeownership set-aside program that supports owner-occupied housing for income-eligible households. The RFI focused on the competitive application programs and posed eight questions related to the AHP application process, including the use of consultants to apply for AHP funds, and opportunities for improvements to the application process.
Agencies finalize new standards for AVMs
On June 20, the CFPB, OCC, Fed, FDIC, NCUA and FHFA (the financial services regulators) issued a final rule implementing new provisions governing the use of automated valuation models (AVMs), which are commonly used by mortgage originators and secondary-market issuers to estimate a property’s value for loan underwriting and portfolio monitoring. The rule, which was proposed in June 2023 (covered by InfoBytes here), had mortgage servicers adopt policies and procedures ensuring that AVMs operate with certain quality control standards, designed to operate with a high level of confidence. These estimates should be produced to protect against data manipulation and avoid conflicts of interest. The rule included requirements to conduct random sampling testing and reviews, and to comply with nondiscrimination laws. The financial services regulators noted that despite comments that lending institutions have little control over how AVMs were created, the rule “will allow the implementation of the standards to evolve along with changes in AVM technology and minimize compliance costs.”
In announcing the final rule, FDIC Chairman Martin Gruenberg emphasized that the rule created an independent requirement “to ensure that AVMs used in connection with making credit decisions or covered securitization determinations adhere to quality control standards designed to comply with applicable nondiscrimination laws,” and that the “new requirement would further mitigate potential discrimination risk in lenders’ use of AVMs.” In its announcement, the OCC stated that the rule “supports Acting Comptroller of the Currency Michael J. Hsu’s priority to reduce inequality and elevate fairness in banking.”
The final rule will go into effect the first day of the calendar quarter 12 months after its publication in the Federal Register.
CFPB extends its small business lending rule and opens comment period
On June 25, the CFPB released its formal action to extend the compliance dates for its small business lending rule, section 1071 (covered by InfoBytes here). The extension of 290 days represented the time elapsed between the Texas court’s first issuance of a stay last year and the Supreme Court’s decision in CFPB v. CFSA last month. As previously covered by InfoBytes, the CFPB notified the public of these changes in May but has now issued its interim final rule with a request for public comment. The new rule will implement section 1071 by adding subpart B to Regulation B of the rule, and the CFPB estimated this rule will affect at most 1,900 banks, savings associations and credit unions with $10 billion or less in total assets.
Under the new rule, the following dates will go into effect:
- Tier 1 institutions (highest volume lenders): The new compliance date will be July 18, 2025, and the first filing deadline will be June 1, 2026.
- Tier 2 institutions (moderate volume lenders): The new compliance date will be January 16, 2026, and the first filing deadline will be June 1, 2027.
- Tier 3 institutions (lowest volume lenders): The new compliance date will be October 18, 2026, and the first filing deadline will be June 1, 2027.
The CFPB also included the previous rule’s 12-month grace period wherein the Bureau would not assess penalties for errors made in good faith in data reporting. To add clarity to these changes, the Bureau issued an unofficial redline of its final changes. The new rule will go into effect 30 days following its publication in the Federal Register.
FDIC approves final rule to adjust resolution plan requirements
On June 20, the FDIC adopted its final rule amending the resolution planning requirements for large banks. The amended rule will amend 12 C.F.R. Part 360 “Resolutions and Receivership Rules,” and, among other components, require a covered institution’s full resolution submission to include:
- Identified Strategy – resolving issues in the event of a failure.
- Failure Scenario – proof of assets in the event of a failure.
- Executive Summary – summarizing the identified strategy with descriptions and discussions.
- Organizational Structure – legal entities, core business lines, and branches.
- Methodology for Material Designation
- Separation from Parent – demonstrate the ability to operate separately from parent org.
- Overall Deposit Activities – including foreign deposits, sweep arrangements, etc.
- Critical Services – ensure continuity of the institution’s critical services in resolution.
- Key Personnel – identified by title, function, location, core business line, etc.
- Franchise Components – ensure that franchises are marketable in resolution.
Under the rule, depository institutions with more than $100 billion in total assets must submit a full resolution plan either biennially or triennially (most will file triennially, with the “largest and most systematic and interconnected” institutions required to file biennially). Depository institutions with at least $50 billion but less than $100 billion in total assets must submit more limited informational filings – which would not include an identified strategy for the institution’s resolution or proof of assets in the event of a failure – on a triennial basis. The FDIC noted that because such institutions will file less information, “the FDIC expects the engagement and capabilities testing [] will be a key component of its resolution planning for such firms and expects to conduct engagement and capabilities testing with most [of these institutions] in each cycle.” Failure to submit a full resolution submission, and address adequately a material weakness identified by the FDIC may lead to enforcement actions against non-compliant institutions. The rule will go into effect on October 1 and the FDIC will notify institutions of the date when their first full resolution submissions or interim supplements are due under the final rule (The FDIC will set a date for Group A Filers at least 270 days after the effective date, and the FDIC will set a date for Group B Filers at least a year after the effective date).
In an OCC news release, the Acting Comptroller of the Currency stated his support for the FDIC’s resolution plan rule, noting that when such plans are lacking, “consequences can include not just disorderly failure and the need for extraordinary government action, but also a broader loss of trust in banks and their regulators.” The Director of the CFPB, Rohit Chopra, also released a statement and noted that the sale of a failed bank to an even larger institution can result in substantial costs to the Deposit Insurance Fund. Chopra expressed support that rules requiring banks to demonstrate how they might be wound down would help the FDIC pursue alternative dissolution strategies for large banks, such as breaking up the bank into smaller components or reprivatizing it through an initial public offering.
OCC proposes revisions to its recovery planning guidelines
On June 24, the OCC proposed revisions to its recovery planning guidelines—plans for how to respond quickly and effectively to, and recover from, the financial effects of severe stress on large financial institutions. Considering the increase in withdrawals of uninsured deposits in March 2023, the OCC will expand the application of its guideline requirements to insured national banks, federal savings associations and federal branches with average total consolidated assets of $100 billion or more.
The proposed revisions also change “average total consolidated assets” as defined in the guidelines to clarify that the calculation would be based on the “total assets” line of the Call Report, not the “average total consolidated assets” line of the Call Report. The OCC said this may affect the quarter in which a bank becomes a covered bank.
The OCC further proposed to incorporate a yearly, risk-based testing standard of recovery plans to include stress scenarios that ensure “the plan’s triggers appropriately reflect the covered bank’s particular vulnerabilities and will, in practice, provide the covered bank with timely notice of a continuum of increasingly severe stress, ranging from warnings of the likely occurrence of severe stress to the actual existence of severe stress.” Testing should ensure that management and the board can confirm the bank's readiness to execute identified strategies under stress. The OCC will require that a covered bank’s recovery plan will consider appropriately both financial risk and non-financial risk (including operational and strategic risks), as well as be integrated into its risk governance functions.
Covered banks will have one year from the effective date of the amendments to comply with the new requirements. Comments must be received 30 days after publication in the Federal Register.
CFPB’s payday lender rule to begin in March 2025
On June 14, the CFPB published a press release announcing that its payday lender rule from 2017, titled “Payday, Vehicle Title and Certain High-Cost Installment Loans,” will take effect on or around March 30, 2025. The rule will target unfair and abusive practices in short-term lending and will aim to curb lenders’ repeated attempts to withdraw payments from consumers’ accounts even after knowing the accounts may have nonsufficient funds. The CFPB found that such practices resulted in accumulated fees for consumers such as nonsufficient fund fees and overdraft fees. The Bureau also maintained that repeated attempts to withdraw payment from a consumer’s account rarely benefitted lenders because once a withdrawal fails, consecutive attempts are unlikely to succeed.
As previously covered by InfoBytes, the Bureau’s payday lender rule included a “two-strikes-and-you’re-out” rule, which would prohibit lenders from attempting further withdrawals after two failed attempts without the borrower’s explicit authorization. The rule was supposed to take effect in 2019 – however, the rule’s implementation was delayed due to a challenge by an industry trade group. A court order pausing the rule will expire 286 days after the Supreme Court issued a decision in CFPB v. CFSA, which it did so on June 17. In CFPB v. CFSA, the Supreme Court held that the CFPB’s funding structure was constitutional (covered by InfoBytes here).
GAO urges Fed to address outstanding recommendations
On June 3, GAO released a letter addressed to Fed Chair, Jerome Powell, to provide an update on the Fed's implementation of past GAO recommendations. As of May, GAO noted 13 open recommendations under the Fed. The Fed recently implemented two of the GAO’s four 2023 priority recommendations: one on stress test capital ratio estimates, and the other pertaining to risk tolerance articulation. GAO did not add any new priority recommendations for the Fed, but instead emphasized the importance of addressing the remaining two items: one related to blockchain technology and the other on financial technology.
Regarding the blockchain recommendation, GAO urged the Fed to work with other regulators to create a formal mechanism for identifying risks associated with this technology. GAO observed that the Fed had stated in April that it would participate in the Digital Asset Working Group to work with other agencies to address blockchain risks, but GAO recommended that the working group must include a “planning process for identifying and addressing” blockchain risks. Regarding the fintech partnerships recommendation, and in coordination with other federal financial regulators, GAO recommended clear communication on the appropriate use of alternative data in the underwriting process since fintech lenders “may analyze large amounts of alternative data on borrower characteristics … when determining borrowers’ creditworthiness.”
GAO’s letter also emphasized the importance of Congressional oversight to implement recommendations, suggesting strategies such as legislative incorporation and oversight hearings.
Ginnie Mae updates its guide to streamline processes for eMortgages
On May 31, Ginnie Mae published its APM 24-09: Updates To Digital Collateral Program Guide to clarify, update, remove and expand policies on digital products, such as notes, closing systems, vaults, applicants and registries. The program may help streamline processes for digital mortgages known as “eMortgages.”
The guide clarified eligibility requirements for issuers and custodians, aligning technology standards with industry best practices, and expanding the types of mortgage pools that can include digital loans. Additionally, Ginnie Mae clarified various requirements related to eMortgages, such as handling defects, transfers, and assumptions. This followed other efforts to promote eMortgages, including Ginnie’s efforts to securitize digital collateral in the same pools as traditional paper collateral (as covered by InfoBytes here). The Digital Collateral Program Guide can be found here, and the changes will go into effect on June 1.
CFPB proposes final rule for registering nonbanks for supervision
On June 3, the CFPB issued a final rule to require the registration and reporting of nonbank financial institutions that have been subject to public orders resulting from regulatory actions. The Bureau’s stated goal in establishing the registry was to assist the public and enforcement agencies in identifying repeat offenders. The registry will compile and maintain all public orders issued by an agency or court, involving certain nonbank entities that were issued at least in part by an action or proceeding by any federal, state or local agency. The final rule mandated those nonbank covered entities—excluding depository institutions and credit unions—must register with the Bureau when they are subject to a public order. Under the CFPA, Section 1022(b)(1) authorized the Bureau to create rules “as may be necessary or appropriate to enable the Bureau to… carry out the purposes and objectives of the Federal consumer financial laws.” Section 1024(b) authorized the Bureau to exercise supervisory authority over certain nonbank entities. The final rule will also require nonbank entities to submit an annual written statement confirming compliance with each public order.
This rule will apply to all covered entities, specifically nonbanks, which have entered into an order with an effective date on or later than January 1, 2017, and which remain in effect following the effective date of the final rule. Every nonbank that was named in an order and was covered under the rule must register, submitting all information required including the executed order. However, nonbanks that were subject to an order published on the NMLS’s Consumer Access website (other than an order in which the CFPB was involved) can elect for a simplified option.
This action will be the latest step in the Bureau’s efforts to expand its nonbank supervision program. As previously covered by InfoBytes, the CFPB released a supervisory designation over a nonbank company in March since that company’s conduct posed an alleged risk to consumers (here), and in April the Bureau released its procedural rule to change how it will supervise nonbanks (here). In a prepared statement, the Director of the CFPB, Rohit Chopra, expressed that the final rule was designed to aid the CFPB and other law enforcement agencies to “monitor and track repeat offenders in order to better hold them accountable” regardless of companies reoffending. The director emphasized that court or enforcement orders are not a “tipsheet or set of suggestions.” This rule will go into effect on September 16.
CFPB finalizes standards setting body component of open banking rule
On June 5, the CFPB announced it finalized in part its proposed Personal Financial Data Rights rule, thus establishing the minimum qualifications necessary for the Bureau to become a recognized industry standard setting body when the full rule becomes final. Last October, the CFPB proposed the Personal Financial Data Rights rule to implement Section 1033 of the CFPA (covered by InfoBytes here) which was intended to offer consumers more control over their financial data and more consumer protections for misused data.
After considering relevant public comments, the CFPB made several changes to the sections concerning standard setters and the standards they issue. Commenters asked for clarity regarding changes in standards, such as when a consensus standard ceases to have consensus status, and how it could potentially cause market uncertainty. In response, the Bureau replaced the term “qualified industry standard” with “consensus standard” and added a newly defined “recognized standard setter” term. The final rule defined “consensus standard” to clarify when a given standard will be a consensus standard, and also added that a “consensus standard” must be one that will be adopted and maintained by a recognized standard setter. In response to concerns about market uncertainty, the CFPB responded that they expect revocation of recognition for a standard setter to be a rare occurrence.
Regarding periodic review, the final rule extended the maximum duration of the CFPB’s recognition of a standard-setting body from the proposed duration of three years to five years. The Bureau expects this change will incentivize standard-setting bodies to obtain recognition. The final rule included “data recipients” as an interested party in response to commenter concern that certain fintech sectors may be excluded. Additionally, meeting the criteria in the final rule is just the starting point for approval, as the CFPB may also assess whether the standard-setting body will be committed to developing and upholding open banking standards.
The final rule also included a guide that detailed how standard setters can apply for CFPB recognition, how the Bureau will evaluate applications, and what standard setters can expect once recognized. The final rule will go into effect 30 days after publication in the Federal Register.