InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OCC’s Hsu discusses creating economic opportunity for “new Americans”
On April 10, Acting Comptroller of the Currency, Michael J. Hsu, delivered prepared remarks, during a public meeting of the Financial Literacy and Education Commission (FLEC). During his remarks, Hsu underscored the significance of financial literacy and inclusion for “new Americans,” drawing from his own experience as a child of immigrants. Acknowledging the substantial contributions of immigrant communities to the U.S. economy, including through entrepreneurship and innovation, Hsu urged financial institutions to support a system that is inclusive and equitable. Hsu called for banks to expand services offered in languages other than English and to explore innovative means of accepting diverse forms of identification within the regulatory framework to facilitate greater access to financial services for foreign-born individuals who are more likely to be unbanked. The speech also highlighted the need for mortgage financing options that cater to the unique requirements of immigrant populations, including extending access to credit for individuals without traditional credit scores. Hsu specifically emphasized special purpose credit programs and community partnerships as a means to extend credit to new Americans. Hsu concluded by pointing to the OCC's resources aimed at bolstering the efforts of banks and their community partners in enhancing financial capability among immigrant populations.
OCC extends comment period on proposed rules for the Bank Merger Act
On April 10, the OCC announced a notice published in the Federal Register extending the comment period for the OCC’s proposed rule on bank mergers. The NPRM titled, “Business Combinations under the Bank Merger Act,” was originally published on February 14. As previously covered by InfoBytes, the rule would amend procedures to include a policy statement that “summarizes the principles the OCC uses when it reviews proposed bank merger transactions under the Bank Merger Act.” Under the typical 60-day comment period, the comment period for the original NPRM would have closed on April 15. The OCC extended the comment period in response to a request to do so, to allow interested parties additional time to prepare and submit their comments. The notice will not not indicate who made the request. The new deadline for parties to submit comments is June 15.
FDIC releases report on bank's past discriminatory lending practices
On April 3, the FDIC made public for the first time its Community Reinvestment Act Performance Evaluation for a bank from September 2022. The bank focused on residential and commercial lending and had $1.15 billion in assets at the time of the review. During its supervision window from 2019 to 2022, the FDIC rated the bank’s CRA rating as “Needs to Improve,” which was a downgrade from its previous rating of “Satisfactory.” Although the FDIC found that the bank “demonstrated satisfactory performance” under the Lending and Community Development Tests, it was found to have violated ECOA and FHFA. Specifically, the FDIC found that the bank engaged in discriminatory lending through alleged redlining practices, the FDIC deemed. The FDIC noted that these violations occurred due to a lack of sufficient oversight and appropriate policies and procedures.
OCC releases March CRA evaluations for 19 banks
On April 1, the OCC released its Community Reinvestment Act (CRA) performance evaluations for last March. The OCC evaluated 19 national banks, federal savings associations, and insured federal branches of foreign banks with a rubric that included four possible ratings: Outstanding, Satisfactory, Needs to Improve, and Substantial Noncompliance. Of the 19 evaluations reported by the OCC, two Midwest banks received the lowest rating, which was “Needs to Improve.” Most entities were rated “Satisfactory,” and four entities were rated “Outstanding.” A full list of the bank evaluations is available here. In an OCC FAQ regarding the implementation of the CRA, the OCC detailed how it evaluated and rated financial institutions by reviewing both the institution itself (such as its capacity, constraints, business strategies, competitors, and peers) and the community the institution serves (such as its demographics, economic data, and its lending, investment, and service opportunities).
FinCEN seeks public comment for changing SSN requirements during customer identification
On March 29, FinCEN published a request for information (RFI) and comment in the Federal Register, in consultation with the OCC, FDIC, NCUA, and the Fed, to receive more information on the Customer Identification Program (CIP) Rule requirement. This announcement extended the comment period as the regulators explored how banks can better collect a customer’s social security number (SSN). Specifically, FinCEN sought information on the “potential risks and benefits” if banks were to be allowed to collect partial SSNs from customers, and then used a “reputable” third-party source to obtain the full SSN. FinCEN noted there has been “expressed interest” in permitting this practice. Written comments must be received on or before May 28.
Utah enshrines two acts to create cybersecurity notification guidelines
On March 19, Utah enacted SB 98 which amended the state’s online data security and privacy requirements. SB 98 will include new protocols that individuals and governmental entities must follow under its data breach reporting requirements. SB 98 will require individuals and governmental entities to provide specific information about the breach, including, among other things: (i) when the data breach occurred; (ii) when the data breach was discovered; (iii) the total number of individuals affected by the breach, with a separate count for Utah residents; (iv) the type of personal data involved; (v) a brief description of the data breach; and only for government entities (vi) the path of means by which access was granted to the system if known; (vii) the individual or entity who perpetrated the breach if known; and (viii) the actions taken by the governmental entity to mitigate the effects of the breach. Additionally, the Cyber Center will be tasked with assisting the governmental entity in responding to breaches. This assistance may include: (a) conducting or participating in an internal investigation; (b) assisting law enforcement with their investigation if necessary; (c) determining the scope of the data breach; (d) helping the entity to restore the integrity of the compromised system; and (e) providing any other necessary support in response to the breach.
On that same day, the governor also signed into law HB 491 which enacted the Government Data Privacy Act. Similarly, the bill will describe the duties of state government agencies related to personal data privacy, including breach notification requirements, limits on data collection and use, and the ability to correct and access personal data. On structure, the bill created the Utah Privacy Governing Board to recommend changes in the state privacy policy, established the Office of Data Privacy to coordinate implementation of privacy protections, and named the Personal Privacy Oversight Commission to the Utah Privacy Commission and amended the commission’s duties. Both SB 98 and HB 491 will go into effect on May 1.
5th Circuit reverses judgment in FDCPA case
Recently, the U.S. Court of Appeals for the Fifth Circuit ordered an FDCPA case to be reversed and remanded after the U.S. District Court for the Eastern District of Louisiana granted a motion for summary judgment. The plaintiffs filed a putative class action alleging that the defendant law firm violated the FDCPA for misrepresenting judicial enforceability of a debt in their dunning letters. The case concerned Congress’s “Road Home” grant program, which was created to provide grants to repair and rebuild homes in the aftermath of Hurricanes Katrina and Rita. All Road Home grant recipients were required to disclose repair benefits previously received. The named plaintiffs in this case applied for and received Road Home grants but failed to disclose repair benefits previously received from FEMA or a privacy insurance carrier. In March 2008, the State’s contractor, ICF, noticed the potential double payments to the two named plaintiffs and placed an internal flag on their accounts in the Road Home database. After a decade, the defendant law firm was engaged to help recover these double payments. The defendants sent a dunning letter demanding repayment in 90 days or the defendants “may proceed with further action against you, including legal action.” The dunning letter further stated that “you may be responsible for legal interest from judicial demand, court costs, and attorneys fees if it is necessary to bring legal action against you.” The plaintiffs filed suit under Section 1692e of the FDCPA and, in an amended complaint, alleged the defendants collected or attempted to collect time-barred debts, failed to itemize the alleged debts, and threatened to assess attorneys’ fees without determining if that right existed. The district court granted summary judgment to the defendants.
The 5th Circuit reversed on appeal. Concerning the first allegation of collecting or attempting to collect a time-barred debt, the court reasoned that while it does not violate the FDCPA to collect on a time-barred debt, a debt-collector “can run afoul of the FDCPA by threatening judicial action while completely failing to mention that a limitations period might affect judicial enforceability.” Further, the appellate court found the dunning letters were “untimely even under the most liberal, 10-year time window” as the plaintiffs breached their agreements when they closed on their Road Home grants or when the State of Louisiana was provided actual notice of the alleged duplicative payments, both of which occurred more than 10 years before the dunning letters were received. The court also found that the defendants mischaracterized one plaintiff’s debt as the dunning letter said the amount owed was for insurance proceeds when it included a 30 percent penalty for lack of flood insurance. Finally, the court explained that because there was no lawful basis to recover attorneys fees, the defendants violated the FDCPA.
OCC’s Hsu discusses bank fairness and effective compliance risk management
On March 25, the Acting Comptroller of the Currency, Michael J. Hsu, released a transcript of a speech on fairness and effective compliance risk management in banking, delivered at a banking association meeting. The speech focused on how bank fairness can be used as a “guide and input to effective compliance risk management,” and how Hsu believed banks could develop more fairness in banking. Hsu noted that deploying more resources and adopting modern technologies will be only part of the challenge in improving a bank’s compliance risk programs; the other part of the challenge is “adapting and anticipating” where compliance risks could arise.
While speaking on the challenges of bank consumer compliance, Hsu discussed rapid changes in product offerings, such as the growth of credit cards, BNPL products, and Earned Wage Access. Hsu discussed how the increase in the digitalization of banking has aligned with third-party arrangements, fraud, and cyber risks in finance. On fairness, Hsu discussed the increased prevalence of overdraft charges and how a “well developed sense of fairness” can guide banks in connection with such areas. Hsu stated that fairness is not unidimensional, and when a bank develops an internal sense of fairness, it should be aware of how multiple notions of fairness interact. For example, he noted that “disparate treatment and disparate impact” provide the foundations for fair lending laws, and to comply with fair lending laws, a bank must mitigate both disparities.
FDIC opens comment period on proposed Statement of Policy regarding bank merger transactions, highlights “added scrutiny” for $100+ billion mergers
On March 21, the FDIC issued a request for comment on its proposed Statement of Policy (SOP) on bank merger transactions, which will aim to update, strengthen, and clarify the FDIC’s approach to bank merger evaluation. The proposed SOP does note that transactions in excess of $100 billion are more likely to present financial stability concerns and will be “subject to added scrutiny.” The new SOP will replace the FDIC’s current SOP on its responsibilities under the Bank Merger Act (BMA) or Section 18(c) of the FDI Act. Both the heads of the CFPB and OCC issued statements on this review, with the Acting Comptroller of the Currency offering his explicit support.
Broadly speaking, the proposed SOP aims to make the process more principles based, communicate the FDIC’s expectations in its evaluation of merger applications, and describe which merger transactions are under the FDIC’s domain. The proposed SOP will include separate discussions for each statutory factor as set forth in the BMA, including the effects on competition, financial resources, future prospects, CRA, financial and banking stability risk, and AML considerations. Further, this will not be an exhaustive list, as the FDIC will claim jurisdiction over any other elements that could present a risk to financial stability. Of note, the proposed SOP will not include any “bright lines or specific metrics” on what transaction would be considered anti-competitive, as the FDIC wishes to maintain its flexibility to appropriately evaluate the circumstances of each merger application.
This new comment period will begin after the FDIC reviewed 33 comment letters received during the previous comment period, about three-fourths of which were in favor of at least some changes to the FDIC’s merger review process. Six commenters were against such changes and two commenters were neither in favor of nor against the changes. The comments against argued that the current framework was “sound,” and any revisions could harm the sector by making the bank merger process more difficult and disproportionally impacting community, mid-size, and regional banks. Comments must be received by 60 days from the date of the SOP’s publication in the Federal Register.
OCC releases Q4 report on first-lien mortgage performance
On March 19, the OCC released a report on the performance of first-lien mortgages in the federal banking system during the fourth quarter of 2023. According to the report, 97.2 percent of mortgages included in the report were current and performing at the end of the quarter, which is a slight improvement from the fourth quarter of 2022, but also a minor decline from the third quarter of 2023. The report also shows
- a rise in the percentage of seriously delinquent mortgages compared to the previous quarter (1.2 percent in the fourth quarter compared to 1.1 percent in the third quarter), but this percentage has trended down since the fourth quarter of 2021 (when it was 2.3 percent);
- a decline in new foreclosures, with 8,320 new foreclosures in the fourth quarter of 2023, compared to 8,965 new foreclosures the previous quarter and a high of 19,524 new foreclosures in the first quarter of 2022;
- finalization of 7,382 loan modifications, which was less than the 7,436 modifications completed in the prior quarter. Eighty-seven percent of the modifications were “combination modifications,” which are modifications that incorporate more than one type of modification action to improve the loan’s affordability, such as an interest rate reduction and a loan term extension.
First-lien mortgages account for 22.2 percent of the total outstanding residential mortgage debt in the country, representing approximately 11.7 million loans with a combined principal balance of $2.9 trillion.