InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB issues advisory opinion on special purpose credit programs
On December 21, the CFPB issued an advisory opinion addressing ECOA’s implementing regulation, Regulation B, as it applies to certain aspects of special purpose credit programs (SPCPs). The CFPB issued the advisory opinion in response to feedback from the Bureau’s request for information (RFI) covering ECOA and Regulation B issued in July (covered by InfoBytes here). The Bureau notes that, while Regulation B provides creditors guidance for developing SPCPs that comply with ECOA, stakeholders were interested in additional guidance to ensure the development of compliant SPCPs. To address this, the advisory opinion clarifies (i) the content that a for-profit organization must include in an SPCP written plan, including details regarding the class of persons designed to benefit from the program and the procedures for extending credit pursuant to the program; and (ii) the type of research and data that may be appropriate to inform a for-profit organization’s determination that a SPCP would benefit a certain class of people, which can include external sources such as HMDA data.
For more details on the CFPB’s advisory opinion program, please see InfoBytes coverage here.
Agencies release annual CRA asset-size threshold adjustments
On December 17, the Federal Reserve Board and the FDIC announced the joint annual adjustments to CRA asset-size thresholds used to define small and intermediate small banks, which are subject to streamlined CRA evaluations and not subject to the reporting requirements applicable to large banks unless they choose to be evaluated as one. A “small” bank is defined as an institution that, as of December 31 of either of the prior two calendar years, had less than $1.322 billion in assets. An “intermediate small” bank is defined as an institution that, as of December 31 of both of the prior two calendar years, had at least $330 million in assets, and as of December 31 of either of the past two calendar years, had less than $1.322 billion in assets. This joint final rule became effective on January 1.
The OCC did not join in this announcement. As previously covered by a Buckley Special Alert, on May 20, the OCC announced the final rule to modernize the regulatory framework implementing the CRA. Its new CRA rule defines a small bank as an institution with $600 million or less in assets in four of the last five calendar quarters and an intermediate small bank as having $2.5 billion or less in assets in four of the last five calendar quarters.
CFPB finalizes debt collection disclosure rules
On December 18, the CFPB issued a final rule amending Regulation F, which implements the Fair Debt Collection Practices Act, clarifying the information debt collectors must provide to consumers at the outset of collection communications and providing a model validation notice containing such information. (See also the Bureau’s Executive Summary.) The final rule also prohibits debt collectors from bringing or threatening to bring legal action against a consumer to collect time-barred debt, and requires debt collectors to take certain actions before furnishing information about a consumer’s debt to a consumer reporting agencies (CRA). Among other things, the final rule addresses the following:
- Validation notice. The final rule clarifies that debt collectors may provide “clear and conspicuous” debt validation notices in writing or electronically when commencing debt collection communications. Validation notices must include a statement indicating that the communication is from a debt collector, along with additional information such as itemization-related information, the current amount of debt, consumer protection information, and information for consumers who may choose to dispute the debt or take other actions. The final rule also outlines optional content that debt collectors may choose to include while retaining the safe harbor for using the model notice, provided that “the optional content is no more prominent than the required content.” The final rule also revises the definition of “consumer” used in a separate final rule issued by the Bureau at the end of October (covered by InfoBytes here). The December final rule’s definition now includes both living and deceased consumers.
- Safe harbor for model validation notices. Debt collectors who choose to use the model validation notice are in compliance with the final rule’s content requirements. Additionally, the use of a model validation notice would not be considered a violation of the prohibition on conduct that “overshadows” a consumer’s rights during the validation period. The final rule outlines additional safe harbors, and provides examples where a safe harbor generally will not apply. Notably, the safe harbor does not cover validation notice delivery methods and timing requirements.
- Translations. Debt collectors who choose to provide validation notices in other languages must also include an English-language notice in the same communication.
- Credit reporting. The final rule requires debt collectors to either speak to a consumer in person, send an email or letter, or try to speak with a consumer by telephone before furnishing any information to a CRA. Communications sent via email or letter will require a 14 day waiting period to allow for a “reasonable period of time” to receive a notice of undeliverability.
- Time-barred debt. The final rule prohibits debt collectors from suing or threatening to sue consumers when attempting to collect time-barred debt. Proofs of claim filed in connection with a bankruptcy proceeding are not included in this prohibition.
The final rule takes effect November 30, 2021.
More information from Buckley on the details of the newest debt collection final rule will be available soon.
Agencies proposes SAR filing exemptions
On December 15, the FDIC issued a proposed rule (with accompanying Financial Institution Letter FIL-114-2020), which would amend the agency’s Suspicious Activity Report (SAR) regulation to permit additional, case-by-case, exemptions from SAR filing requirements. The proposed rule would allow the FDIC, in conjunction with the Financial Crimes Enforcement Network (FinCEN), to grant supervised institutions exemptions to SAR filing requirements when developing “innovative solutions to meet Bank Secrecy Act (BSA) requirements more efficiently and effectively.” The FDIC would seek FinCEN’s concurrence with an exemption when the exemption request involves the filing of a SAR for potential money laundering, violations of the BSA, or other unusual activity covered by FinCEN’s SAR regulation. The proposal allows the FDIC to grant the exemption for a specified time period and allows the FDIC to extend or revoke the exemption if circumstances change. The proposal is intended to reduce the regulatory burden on supervised financial institutions that are likely to leverage existing or future technologies to report suspicious activity in a different and innovative manner. Comments on the proposed rule must be submitted within 30 days of publication in the Federal Register.
The OCC also issued a proposal that would similarly allow the OCC to issue exemptions from SAR filing requirements to support national banks or federal savings associations developing innovative solutions intended to meet BSA requirements more efficiently and effectively.
FDIC finalizes industrial bank rules
On December 15, the FDIC approved a final rule (with accompanying fact sheet) that requires certain conditions and commitments for approval or non-objection to certain filings involving industrial banks and industrial loan companies (collectively, “industrial banks”), such as deposit insurance, change in bank control, and merger filings. The final rule is substantially similar to the proposed rule issued by the FDIC in March (covered by InfoBytes here) and applies to industrial banks whose parent company is not subject to consolidated supervision by the Federal Reserve Board. Specifically, the FDIC is now requiring a covered parent company to enter into written agreements with the FDIC and the industrial bank to: (i) address the company’s relationship with the industrial bank; (ii) require capital and liquidity support from the parent company to the industrial bank; and (iii) establish appropriate recordkeeping and reporting requirements. Additionally, the final rule requires prospective covered companies to agree to a minimum of eight commitments, which, for the most part, the FDIC has previously required as a condition of granting deposit insurance to industrial banks.
The final rule makes four substantive changes to the proposal: (i) requiring compliance from covered entities on or after the effective date of the rule rather than only after; (ii) requiring additional reporting regarding systems for protecting the security, confidentiality, and integrity of consumer and nonpublic personal information; (iii) increasing the threshold limiting the parent company’s representation on the board of the subsidiary industrial bank from 25 percent to less than 50 percent; and (iv) modifying the restrictions on appointments of directors and executives to apply only during the first three years of becoming a subsidiary of a covered parent company.
The final rule is effective April 1, 2021.
CFPB report anticipates data collection on small-business lending
On December 15, the CFPB released a report detailing the results of the panel convened pursuant to the Small Business Regulatory Enforcement Fairness Act (SBREFA), which discussed the Bureau’s pending rulemaking to implement Section 1071 Dodd-Frank Act. Section 1071 requires the Bureau to engage in a rulemaking to collect and disclose data on lending to both women-owned and minority-owned small businesses. In September, the Bureau released a detailed outline describing the proposals under consideration for Section 1071 implementation, including factors such as scope, covered lenders, covered products, data points, and privacy (details covered by InfoBytes here). The October panel was comprised of a representative from the Bureau, the Chief Counsel for Advocacy of the Small Business Administration, and a representative from the Office of Information and Regulatory Affairs in the Office of Management and Budget. The panel consulted with small entity representatives (SERs)—those who would likely be directly affected by the Section 1071 rulemaking—to discuss the economic impacts of compliance with the outline’s proposals, as well as regulatory alternatives to the proposals.
The report includes, among other things, the feedback and recommendations made by the SERs, and the findings and recommendations of the panel. Generally, the SERs were supportive of the proposal with “many expressly support[ing] broad coverage of both financial institutions and products in the 1071 rulemaking.” The SERs backed data transparency and simple regulations but expressed significant concern that the rulemaking would cause smaller financial institutions to “incur disproportionate compliance cost compared to large [financial institutions]” and would ultimately either decrease lending or increase costs for small businesses. The SERs also recommended that the Bureau take into account different types of financial institutions operating in the small business lending market, including non-depository institutions. The report also details specific recommendations by the panel, including that the Bureau issue compliance materials in connection with the rulemaking and consider providing sample disclosure language related to the collection of race, sex, and ethnicity information for principal owners as well as women-owned and minority-owned business status.
Agencies propose computer-security incident notification rule
On December 18, the FDIC, Federal Reserve Board, and the OCC (collectively, “agencies”) issued a joint notice of proposed rulemaking (NPRM), which would require supervised banking organizations to promptly notify their primary regulator within 36 hours of becoming aware that a “‘computer-security incident” that rises to the level of a ‘notification incident’” has occurred. Additionally, the NPRM would require bank service providers “to notify at least two individuals at affected banking organization customers immediately after the bank service provider experiences a computer-security incident that it believes in good faith could disrupt, degrade, or impair services provided for four or more hours.” According to the agencies, these “notification incidents” are significant computer-security incidents that have the potential to “jeopardize the viability of the operations of an individual banking organization,” and may impact the safety and soundness of stability of the banking organization, leading to a disruption in the delivery of bank products and services, among other things. The agencies stress, however, that the required notice is intended to serve as an early alert and not as an assessment of the incident. According to a statement released by FDIC Chairman Jelena McWilliams, only computer-security incidents that meet the definition of a “notification incident” must be reported—a figure which is estimated to be roughly 150 incidents a year, according to a review of supervisory data and suspicious activity reports.
Comments on the NPRM are due 90 days after publication in the Federal Register.
FDIC approves final brokered deposits rule, clarifies fintech partnerships
On December 15, the FDIC approved a final rule, which creates a new framework for brokered deposits by, among other things, establishing bright-line standards for determining the definition of a “deposit broker,” as well as a methodology for “analyzing whether deposits made through deposit arrangements qualify as brokered deposits, including those between insured depository institutions (IDIs) and third parties, such as financial technology companies.” Also released are two fact sheets on brokered deposits and interest rate restrictions (see here and here). The final rule follows a notice of proposed rulemaking issued last December (covered by InfoBytes here), which sought feedback on ways the agency could improve its brokered deposit regulation to ensure the “classification of a deposit as brokered appropriately reflects changes in the banking system, including banks’ use of new technologies to engage and interact with their customers.” The final rule also establishes a series of exceptions that will allow banks and their partners to determine whether they can avoid restrictions on brokered deposits, and will establish a process for entities to apply for a “primary purpose exception” if its relationship with an outside entity supplying deposits does not meet one of the final rule’s “designated exceptions.” Further, the FDIC noted that brokered deposit restrictions will not apply to banks that enter into exclusive deposit placement arrangements, such as those seen often between fintech companies and a partner bank, because, according to a statement released by FDIC Chairman Jelena McWilliams, “[e]ntities who place deposits with only one bank are less likely to present the types of funding stability risks that may arise when deposit brokers place deposits at a range of banks.” Further, the final rule amends the methodology for calculating the interest rate restrictions applicable to less than well capitalized IDIs, and changes the methodology for calculating the national rate and national rate cap for specific deposit products.
Acting Comptroller of the Currency Brian P. Brooks issued a statement in support of the final rule: “These improvements to the brokered-deposit rule help promote greater access to financial services by supporting fintech and bank partnerships and allowing a wider array of services to be available in the market, especially for unbanked and underbanked Americans for whom the easier user interface of fintech apps is a gateway to the mainstream financial system.”
Agencies provide no-action relief to facilitate transfers of certain legacy swaps
On December 11, the Federal Reserve Board and the OCC issued a joint statement addressing the ability of a covered swap entity to service cross-border clients. (See also OCC Bulletin 2020-108.) As previously covered by InfoBytes, the Fed, OCC, FDIC, FHFA, and Farm Credit Administration adopted an interim final rule (IFR) in 2019 to amend the Swap Margin Rule to assist covered swap entities preparing for the United Kingdom’s withdrawal from the European Union. The IFR addresses the situation where the withdrawal occurs without a negotiated agreement and entities located in the UK transfer existing swap portfolios that face counterparties located in the EU over to affiliates located in the US or the EU. Specifically, the IFR provides that certain swaps under this situation will not lose their “legacy” status—will not trigger the application of the Swap Margin Rule—if carried out in accordance with the conditions of the rule. The OCC notes that the absence of an agreement between the UK and the EU that addresses passporting rights (defined in the joint statement as the “EU’s system of cross-border authorizations to engage in regulated financial entities) would result in UK entities losing the ability to continue servicing their EU clients when the transition period expires.
The joint statement explains that the Fed and OCC “will not recommend that their respective agencies take action if a covered swap entity is a party to a legacy swap that was amended under [certain] conditions.” The no-action relief is applicable to the transfer of legacy swaps completed by the later of January 1, 2022, or one year after the expiration of EU passporting rights, unless amended, extended, terminated, or superseded, and is intended “to provide certainty to covered swap entities currently operating in the affected jurisdictions as to the legacy status of transferred swaps in light of the uncertainty regarding whether the EU will agree to a free trade agreement granting UK companies passporting rights related to financial services.”
CFPB amends General QM loan definition, creates definition for Seasoned QMs
On December 10, the CFPB issued two final rules related to qualified mortgage (QM) loans. The first of the two final rules, the General QM Final Rule, amends Regulation Z and revises the definition of a General QM by eliminating the General QM loan definition’s 43 percent debt-to-income ratio (DTI) limit and replacing it with bright-line price-based thresholds. The General QM Final Rule also eliminates QM status resulting solely from loans meeting qualifications for sale to Fannie or Freddie Mac (GSEs), known as the so-called “GSE Patch.” The Bureau’s second final rule, the Seasoned QM Final Rule, creates a new category of safe-harbor QMs applicable to first-lien, fixed-rate mortgages that are held in portfolio by the originating creditor or first purchaser for a 36-month period while meeting certain performance requirements, and comply with general restrictions on product features and points and fees.
Both final rules become effective 60 days after publication in the Federal Register. The mandatory compliance date for the General QM Final Rule is July 1, 2021; however, the Bureau notes that, between the effective date and the mandatory compliance date, there will be an optional early compliance period during which creditors will be able to use either the current General QM definition or the revised General QM definition. In addition, the GSE Patch will be available only for transactions where the creditor receives the consumer’s application before July 1, 2021 (or earlier if the GSEs exit conservatorship). Further, the Seasoned QM Final Rule applies to covered transactions for which creditors receive an application on or after the effective date, but will not apply retroactively to loans already in a lender’s portfolio.
Buckley will follow up with a more detailed summary of the final rules soon.