InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
New York Attorney General Announces Settlements Over Data Collection Practices
On February 9, the New York Attorney General’s (NYAG’s) office announced two settlements with mobile app developers who allegedly omitted information about their data collection practices in their privacy policies. While the investigation revealed that neither developer misused their customers’ personal information or improperly disclosed such information to third parties, the NYAG’s office determined that both companies failed to properly disclose the fact that they had collected the information as required by law. Both companies have agreed to add privacy policies to their apps.
State Financial Regulators Release BSA/AML Compliance Tool
On February 1, the Conference of State Bank Supervisors (CSBS) announced the release of its BSA/AML Self-Assessment Tool—a new, voluntary tool to help banks and non-depository financial institutions better manage Bank Secrecy Act/Anti-Money Laundering (BSA/AML) risk. Building upon CSBS’s efforts to help banks understand their risk exposure to third-parties, the self-assessment tool—developed jointly by the CSBS and state regulators—aims to help institutions better identify, monitor, and communicate BSA/AML risk, thereby reducing some of the burden and uncertainty surrounding compliance and facilitating more transparency within the financial sector. The self-assessment tool is available for use by any institution and may be accessed here. A narrated tutorial is also available here. Last year, CSBS released a white paper that outlines state supervision of money services businesses.
Global Money Services Business Reaches Settlements with 49 States and the District of Columbia
On January 31, state attorneys general from 49 states and the District of Columbia announced a $5 million settlement with a global money services business that resolves investigations into allegations that scammers used the company’s wire transfer services to defraud consumers over a period of 9 years. The company agreed to implement an anti-fraud program as part of the settlement, with the settlement funds paying for the states’ costs and fees. As discussed previously on InfoBytes, the company recently entered a $586 million settlement with the DOJ in connection with similar AML-related claims, which will be used for refunds to the victims of fraud-induced wire transfers.
NYDFS Fines German Bank $425 Million for Deficient Money Laundering Controls
On January 30, the New York Department of Financial Services (NYDFS) announced that it had assessed a $425 million fine against a German bank as part of a consent order addressing allegations that the bank allowed $10 billion in “mirror trades” involving Russian investors by failing to properly enforce protections against money laundering. According to the press release, the bank and several of its senior managers allegedly “missed key opportunities to detect, intercept and investigate a long-running mirror-trading scheme facilitated by its Moscow branch and involving New York and London branches.” Specifically, the consent order claims the bank (i) conducted its business in an unsafe and unsound matter; (ii) implemented weak “Know Your Customer” processes; (iii) failed to accurately rate its country and client risks for money laundering throughout the relevant time period and lacked a global policy benchmarking its risk appetite; (iv) maintained ineffective, understaffed anti-financial crime, AML, and compliance units; and (v) had a flawed corporate structure and organization.
In addition to the $425 million monetary penalty, the bank must, within 60 days of the consent order, engage an independent monitor to “conduct a comprehensive review of the [b]ank’s existing BSA/AML compliance programs, policies and procedures.” Furthermore, the bank must submit in writing for NYDFS review an action plan outlining enhancements to its current BSA/AML compliance programs.
NY Attorney General Announces Data Breach Settlement with Computer Manufacturer
On January 29, New York Attorney General Eric T. Schneiderman announced a settlement with a foreign computer manufacturer over allegations of a data breach of customer data. The AG’s office claims the security vulnerabilities allowing for the breach lasted almost a full calendar year. In addition to a $115,000 penalty, the manufacturer is required to “maintain [both] reasonable security policies designed to protect consumer personal information. . .[and] data security standards required by the credit card industry.”
Coinbase Gets NY BitLicense, Clearance For Its Operations
On January 18, the New York State Department of Financial Services (NYDFS) announced that it had approved the application of Coinbase, Inc., for a virtual currency and a money transmitter license. According to NYDFS, the license was issued to Coinbase—a digital currency wallet that facilitates transactions with Bitcoin and other virtual currencies—only after “a comprehensive review of Coinbase’s applications, including the company’s anti-money laundering, capitalization, consumer protection, and cyber security policies.” Having met the New York regulator’s standards for operations in the state, Coinbase may now operate, under supervision by NYDFS, as a service for buying, selling, sending, receiving and storing Bitcoin.
As previously covered in InfoBytes, NYDFS’s BitLicense framework—which was finalized back in June 2015—requires virtual currency companies to submit a 31-page application providing information covering, among other things: (i) written policies and procedures including, but not limited to BSA/AML, cybersecurity, privacy and information security, (ii) company information, (iii) biographical information on company directors and stockholders, and (iv) an explanation of the methodology used to calculate the value of virtual currency in fiat currency. In addition, the NYDFS released a set of FAQs to help clarify the BitLicense requirements. To date, NYDFS has approved five firms for virtual currency charters or licenses, while denying those applications that did not meet its standards.
District Court Dismisses Bank Trade Group's Lawsuit Regarding Credit Union Business Lending Rule
On January 24, the U.S. District Court for the Eastern District of Virginia issued an order dismissing a suit seeking to overturn a rule that allows federally regulated credit unions to expand their business lending activities. The complaint, filed in September 2016, claimed the NCUA exceeded the plain language of its statutory authority by permitting such business lending activities The bank trade group further alleged that because credit unions are tax-exempt, they offer commercial loans at a lower price than the trade group’s community bank members, resulting in injury to those institutions. The court, however, stated that the bank trade group failed to prove its claim or show that injury was caused to its members. “Merely codifying an extant rule in part of a new regulation does not effectuate a reopening. If anything, this reflects the agency’s view that its earlier rule is ... settled to the point that it may serve as a foundation for further rule-making,” Judge Cacheris wrote.
State Attorneys General Seek to Intervene in PHH v. CFPB Case
On January 23, the Attorneys General of 16 states and the District of Columbia (the State Attorneys General) filed a motion requesting the permission of the D.C. Circuit to intervene in the CFPB’s petition for en banc reconsideration in PHH Corp. v. CFPB. In the motion, the State Attorneys General argue that they have a vital interest in the matter because the October 2016 panel decision subjecting the CFPB Director to “at will” removal by the President “threatens to undermine the ability of the State Attorneys General [to work with the CFPB] to bring effective civil enforcement and coordinated regulatory actions free from political influence and interference.”
Noting the possibility that President Trump may seek to remove CFPB Director Cordray before the petition for rehearing is resolved or refuse to pursue an appeal to the Supreme Court if the panel decision stands, the State Attorneys General raise the concern that “[t]he incoming administration … may not continue an effective defense of the statutory for-cause protection of the CFPB director.” Therefore, because “[a] significant probability exists that the pending petition for rehearing will be withdrawn, or the case otherwise rendered moot,” the State Attorneys General argue that the D.C. Circuit should allow them to intervene to protect their interests.
In addition to the District of Columbia, the motion was filed on behalf of the Attorneys General for the following states: Connecticut, Delaware, Hawaii, Illinois, Iowa, Maine, Maryland, Massachusetts, Mississippi, New Mexico, New York, North Carolina, Oregon, Rhode Island, Vermont, and Washington. The filing of the motion was announced by Connecticut Attorney General George Jepsen, whose office prepared the initial draft.
NYDFS Submits Comment Letter Opposing OCC FinTech Charter
On January 17, the New York Department of Financial Services (NYDFS) Superintendent Maria T. Vullo submitted a comment letter in stern opposition to the OCC proposal to create a new FinTech charter, stating that the proposed regulatory scheme is not authorized by federal law and would create a number of problems, including a serious risk of regulatory confusion and uncertainty. New York’s top financial regulator is of the opinion that “the OCC should not use technological advances as an excuse to attempt to usurp state laws.” More specifically, NYDFS’ contends, among other things, that: (i) state regulators are better equipped to regulate cash-intensive nonbank financial service companies; (ii) a national charter is likely to stifle rather than encourage innovation; (iii) the proposal could permit companies to engage in regulatory arbitrage and avoid state consumer protection laws; and (iv) a national charter would encourage large “too big to fail” institutions, permitting a small number of technology-savvy firms to dominate different types of financial services.
An interview of Superintendent Vullo discussing this topic may be accessed here.
PA Secretary of Banking and Securities Voices Concerns About OCC FinTech Charter
On January 17, Secretary of the Pennsylvania Department of Banking and Securities, Robin L. Wiessmann, submitted a comment letter calling upon the OCC to give “more thoughtful deliberation about the intended and unintended consequences that will result from such an apparent departure from the OCC’s current policy and scope of supervision.” Specifically, Wiessman requested that the federal bank regulator address three concerns regarding: (i) the broad application and ambiguity of the term “fintech”; (ii) the need by the OCC to have an adequate regulatory scheme in place before approving charters; and (iii) the possible federal preemption of existing state consumer protection laws. The Secretary’s letter echoes many of the concerns raised in a recent comment letter submitted by the Conference of State Bank Supervisors (CSBS) “reiterating its opposition to the [OCC] proposal to issue a special charter for fintech companies.”