Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On November 7, the FTC and the State of Florida settled with a chargeback company to prevent it from deceiving any consumers who seek to dispute credit card charges. Back in April 2023, the FTC and the State of Florida sued the chargeback company under Section 5 of the FTC Act, 15 U.S.C. § 45, and the Florida Deceptive and Unfair Trade Practices Act (FDUTPA), Chapter 501, Part II, as previously covered by InfoBytes here. A chargeback is a system for consumers to get their money returned when they have a problem with a purchase. The proposed court order was agreed to by the defendants but, before it can go into effect, the order first must be approved by a federal judge. The final judgment totals $150,000 and prevents the defendants from working with several high-risk clients.
On November 1, the SEC charged a crypto company and its executive team with fraud through the unregistered sale of crypto asset securities. According to the complaint, the defendants represented in marketing materials, website, social media posts, and other communications with the public that a certain percentage of funds for each transaction would be retained and inaccessible by any party for a period of four years as a safety mechanism against asset misappropriation. Instead, the complaint alleges, the defendants accessed the funds and misappropriated tens of millions of dollars for various purposes, including manipulation of the market for the crypto asset, business expenses, investments in unrelated companies, and personal use. The complaint charges defendants with violating the registration and anti-fraud provisions of the Securities Act of 1933 and the anti-fraud provisions of the Securities Exchange Act of 1934.
On November 1, the Federal Housing Administration (FHA) proposed updates to FHA’s Home Equity Conversion Mortgage Program that are intended to address a number of servicing issues where existing program requirements have conflicted with HUD’s policy objectives. FHA is requesting public feedback. Key changes include the following:
- Allowing mortgage servicers to contact borrowers by phone to verify occupancy for the program’s required annual occupancy certification;
- Allowing outstanding homeowner’s association dues to be included in the calculation of a repayment plan for borrowers who are behind on their HECM financial obligations;
- Expanding the ability of mortgage servicers to work with borrowers who are behind on their property tax or hazard insurance by an amount up to $5,000 without calling the mortgage due and payable;
- Allowing mortgage servicers to assign a HECM to HUD after the servicer has funded a cure for a borrower’s delinquent financial obligations so long as the borrower has made all property charge payments for one year and all other assignment eligibility criteria are met;
- Streamlining requirements for executing alternatives to foreclosure and updating existing incentive payments for successful completion of loss mitigation options; and
- Providing a new incentive payment to mortgage servicers for completing these alternatives.
On November 1, the SBA announced that three new Small Business Lending Company (SBLC) licenses have been issued to lenders focused on underserved markets, which is notably the first expansion of the SBLC program in more than 40 years. An SBLC license permits lending institutions to leverage government guarantees during the process of approving small business loans, decreasing risk for the lender, and lowering costs for the borrower. Consequently, SBA noted, SBLCs can extend a greater number of loans to small businesses than would be feasible without government support. The announcement stated that SBA's current SBLCs surpass banks and credit unions in their ability to provide loans to minority-owned businesses.
In June, the SBA opened a window for new applications for lenders. In announcing the new licensees, SBA Administrator Isabel Guzman stated that “[w]ith the addition of three new Small Business License Companies, the SBA will be able to serve even more small business owners who need capital to start, operate, and grow their businesses.” The SBA highlighted that “[e]ach of the three new SBLC license holders will focus on historically underserved markets, including small businesses in Native, rural, and low-income communities.”
Recently, the U.S. Senate passed a joint resolution of disapproval (S.J. Res. 32) under the Congressional Review Act to nullify the CFPB’s small business lending rule. As previously covered on InfoBytes, the rule, which requires financial institutions to collect and report to the CFPB credit application data for small businesses, has faced opposition from various politicians and is the subject of litigation brought by financial institutions that would be subject to the rule in the U.S. District Court of the Southern District of Texas. In support of the joint resolution, Sen. John Kennedy (R-LA), who introduced the legislation, recently argued on the floor that “the CFPB is setting these small business people… up for lawsuits” because “[it] has promulgated a rule that totally perverts our intention in section 1071.” If the House of Representatives similarly passes the joint resolution, and President Biden signs it, the CFPB’s rule will be nullified under the Congressional Review Act.
The joint resolution follows the order from the U.S. District Court for the Southern District of Texas granting a nationwide preliminary injunction enjoining the CFPB from enforcing the rule (covered by InfoBytes here and here).
On October 27, the FTC approved an amendment to the Safeguards Rule to require nonbanks to report data breaches. Under the amended rule, financial institutions, including mortgage brokers, motor vehicle dealers, and payday lenders, will be required to notify the FTC of data breaches as soon as possible, and no later than 30 days after the discovery of incident involving at least 500 consumers. Notice of an incident is required if unencrypted consumer information was acquired without their authorization, as the FTC noted that encrypted consumer information is unlikely to cause consumer harm. The FTC will provide an online form that will be used to report certain information, including the type of information involved in the security event and the number of consumers affected or potentially affected. Additionally, the amended rule will require nonbanks to “to develop, implement, and maintain a comprehensive security program to keep their customers’ information safe.” As previously covered by InfoBytes, the FTC recently extended compliance on some Safeguards provisions finalized in October 2021 (covered by InfoBytes here), to June of this year.
The commission voted 3-0 to publish the amendment, which will become effective 180 days after its publication in the Federal Register.
On October 31, the Federal Housing Administration (FHA) announced, after a multi-year effort, the inclusion of policies for its Home Equity Conversion Mortgage (HECM) program in the Single-Family Housing Policy Handbook 4000.1. The FHA indicated this is the first time that all HECM program requirements will be available in a single place. According to the FHA, consolidating these programs eliminates more than one hundred individual policy documents and assist with strengthening the understanding and implementation of the HECM by lenders. New sections include Section II.B covering FHA policy for the origination through post-closing and endorsement of HECMs; and Section III.B, covering FHA policy for the servicing of HECMs and loss mitigation options to assist HECM borrowers who are behind on their HECM obligations. Assistant Secretary for Housing and Federal Housing Commissioner Julia Gordon stated that the “completion of the HECM sections of our Single Family Handbook reinforces FHA’s commitment to the HECM program and is part of a larger effort to retool the program for long-term success.” The FHA also updated model documents, frequently asked questions, and training and expects the online version to be available soon.
On October 30, President Biden issued an Executive Order (EO) outlining how the federal government can promote artifical intelligence (AI) safety and security to protect US citizens’ rights by: (i) directing AI developers to share critical information and test results with the U.S. government; (ii) developing standards for safe and secure AI systems; (iii) protecting citizens from AI-enabled fraud; (iv) establishing a cybersecurity program; and (v) creating a National Security Memorandum developed by the National Security Council to address AI security.
President Biden also called on Congress to act by passing “bipartisan data privacy legislation” that (i) prioritizes federal support for privacy preservation; (ii) strengthens privacy technologies; (iii) evaluates agencies’ information collection processes for AI risks; and (iv) develops guidelines for federal agencies to evaluate privacy-preserving techniques. The EO additionally encourages agencies to use existing authorities to protect consumers and promote equity. As previously covered by InfoBytes, the FCC recently proposed to use AI to block unwanted robocalls and texts). The order further outlines how the U.S. can continue acting as a leader in AI innovation by catalyzing AI research, promoting a fair and competitive AI ecosystem, and expanding the highly skilled workforce by streamlining visa review.
On October 30, the U.S. Treasury Department issued a joint statement on behalf of the U.S.-UK Financial Innovation Partnership (FIP) providing an overview of recent meetings where Regulatory and Commercial Pillar participants exchanged views on “topics of mutual interest and to deepen ties between U.S. and UK financial authorities on financial innovation.” As previously covered by InfoBytes, the FIP was created in 2019 as a way to expand bilateral financial services collaborative efforts, study emerging fintech innovation trends, and share information and expertise on regulatory practices. Discussions focused on four topic areas: (i) cryptoassets; (ii) payment system modernization; (iii) distributed ledger technology; and (iv) artificial intelligence. Participants recognized “the continued importance of their partnership on financial innovation as an integral component of U.S.-UK financial services cooperation.” Participants also noted a desire to continue discussing these topics ahead of the next meeting in 2024.
The Chairman of the Financial Services Committee, Patrick McHenry (R-NC), and Representative Andy Barr (R-KY), Chairman of the Subcommittee on Financial Institutions and Monetary Policy, sent a letter to the U.S. Government Accountability Office (GAO) requesting the GAO to “examine the role U.S. federal banking agencies played in work at the Basel Committee on Banking Supervision to develop the recent Basel III Endgame proposal, which calls for massive increases in capital requirements for already well-capitalized U.S. financial institutions.”
As previously covered by InfoBytes, the federal banking agencies issued a notice of proposed rulemaking that would substantially revise the capital requirements of large U.S. banking organizations. According to the letter, Congress has very little insight into the basis of such policy changes that “would fundamentally change the policy of the U.S. banking system.”
The letter requests the GAO to evaluate each federal banking agency’s participation in the development of Basel III Endgame. GAO’s evaluation should include: (i) a summary of each material proposal submitted by a federal banking agency to the Basel Committee; and (ii) a summary of concerns raised by a federal banking agency with respect to a consultative document or other proposal considered by the Basel Committee.
Further, the letter requests the GAO prioritize each proposal or concern from the federal banking agencies related to:
- Any proposals or concerns from the federal banking agencies that did not receive a fulsome response by the Basel Committee.
- Any evidence or rationale supporting the requirement that a “corporate entity (or parent) must have securities outstanding on a recognized securities exchange for an exposure to that entity (or parent) to be eligible for the reduced risk weight for investment-grade corporate exposures;”
- The absence of a tailored approach to “high-fee revenue banks under the Basel III Endgame business-indicator approach to operational risk capital”;
- The calibration of the “scaling factor, multiplier, dampener, and other coefficients for that business-indicator approach”; and
- The calibration of the “correlation factors and the profit-and-loss attribution test thresholds for the models-based measure of market risk capital.”