InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CSBS announces release of NMLS MCR Version 6 in Q1 2024
On October 13, 2023, the Conference of State Bank Supervisors (CSBS) announced the Nationwide Multistate Licensing System & Registry (NMLS) will be rolling out a new version of its Mortgage Call Report (MCR). In an effort to standardize mortgage company data at the state level, and minimize the amount of reporting outside the system, NMLS will be launching an updated version of the MCR, Version 6 (FV6) on March 16, 2024.
Licensees will see three main improvements in Version 6:
- FV6 eliminates standard and expanded forms and consolidates them into one form. All servicers will complete the servicer schedule and all lenders will complete the lender schedule. Lenders and servicers will file financials quarterly, and brokers will file financials annually.
- Commercial and consumer lending licensees will complete a separate state-specific form, removing the obligation to report mortgage information.
- The revision of line-item definitions will improve the overall quality of the data and help implement more completeness and accuracy checks.
FV6 will go into effect for all data collected on transactions dated on and after January 1, 2024. Additionally, NMLS will provide companies with the XML specifications no later than October 23. CSBS estimates that approximately 24,000 brokers, lenders, and servicers will experience reduced requirements, and approximately 3,100 lenders will have additional filing requirements.
The Mortgage Bankers Association sent a letter to CSBS in July, raising concerns with the new version, including (i) the lack of technical specifications needed for full consideration of the proposal and its implementation; and (ii) the significant expansion and burden of reporting requirements on smaller filers resulting from the replacement of standard and expanded forms in favor of the new and more detailed FV6. CSBS noted mortgage industry concerns surrounding the timing of the rollout of FV6 ahead of Q1 2024, and shared that details for leniency to the filing deadline will be provided in future communications. NMLS will provide regular updates on the Mortgage Call Report page, targeted learning opportunities and Q&A sessions.
Visit here for additional guidance on FV6 from APPROVED.
California enacts licensing requirements for digital asset businesses, regulation of crypto kiosks
On October 13, the California Governor signed AB 39, which will create a licensing requirement for businesses engaging in digital financial asset business activity. Crypto businesses will need to apply for a license with California’s Department of Financial Protection and Innovation (DFPI). The bill, among other things, (i) empowers DFPI to conduct examinations of a licensee; (ii) defines “digital financial asset” as “a digital representation of value that is used as a medium of exchange, unit of account, or store of value, and that is not legal tender, whether or not denominated in legal tender, except as specified”; (iii) empowers DFPI to conduct enforcement actions against a licensee or a non-licensed individual who engages in crypto business with, or on behalf of, a California resident for up to five years after their activity; (iv) allows DFPI to assess civil money penalties of up to $20,000 for each day a licensee is in material violation of the law, and up to $100,000 for each day an unlicensed person is in violation; and (v) requires licensees to provide certain disclosures to California clientele, such as when and how users may receive fees and charges, and how they are calculated. The new law exempts most government entities, certain financial institutions, most people who solely provide connectivity software, computing power, data storage or security services, and people engaging with digital assets for personal, family, household or academic use or whose digital financial asset business activity is reasonably expected to be valued at no more than $50,000 per year. In September of last year, the California Governor vetoed a similar bill because creating a licensing framework was “premature” considering conflicting efforts.
Also effective on July 1, 2025 is SB 401, which was also enacted on October 13. SB 401 establishes regulations for crypto kiosks under the DFPI’s authority. It will, among other things, prohibit kiosk operators from accepting or dispensing more than $1,000 in a single day to or form a customer via a kiosk. Operators would be required to furnish written disclosures detailing the transaction's terms and conditions as well as transaction details. Kiosk operators will also be obligated to provide customers with a receipt for any transaction at their kiosk, including both the amount of a digital financial asset or USD involved in a transaction and, in USD, any fees, expenses, and charges collected by the kiosk operator. Finally, operators will be required to provide DFPI with a list of all its crypto kiosks in California, and such list will be made public.
Payments processor fined $20 million by State Money Transmission Regulators and State AGs
On October 16, a national payment processor entered into two settlement agreements totaling $20 million with 44 state and territory money transmission regulators and 50 state and territory attorneys general to resolve issues stemming from alleged erroneous payment transactions. The alleged erroneous payments involved the mistaken initiation of payments on behalf of almost 480,000 mortgage borrowers, with the total amount at issue totaling nearly $2.4 billion.
According to the settlement entered into between the payment processor and the money transmission regulators, who were working through the Multi-State Money Service Business Examination Taskforce, the mistaken payments resulted from a breakdown of internal data security controls that allowed customer data intended for use in the testing of processing code to trigger actual payments. The payment processor, who regularly provided payment processing services to a large residential mortgage lending and servicing company, was using actual customer mortgage payment data for test purposes. As alleged in the settlement, it was determined that in the process of conducting testing on processing code to optimize the payment processors’ payment platform, more than 1.4 million payment entries were unintentionally and erroneously processed. This erroneous payment processing was said to be primarily the result of “circumvention of internal data security controls and a lack of segregation between internal production and testing environments.”
The settlement reached with the money transmission regulators requires the payment processor to maintain a comprehensive risk and compliance program and to provide regular reporting to a state regulator monitoring committee to ensure the adequacy of its risk management programs.
Under the terms of the settlement with the money transmission regulators, the payment processor is required to pay a total of $10 million, with approximately $9.5 million of that total being shared evenly by each participating state, with the remaining roughly $500,000 being used to cover the administrative costs of the investigating states. Under the agreement with the state attorneys general, the payment processor is required to pay an additional $10 million to the various participating states and territories. These amounts are in addition to the $25 million fine previously agreed to in the CFPB Consent Order, bringing the total amount to be paid by the payment processor to $45 million.
Fifth Circuit affirms dismissal of Fannie, Freddie shareholders’ claims related to FHFA removal restriction and funding
On October 12, the U.S. Court of Appeals for the Fifth Circuit affirmed dismissal of Fannie Mae and Freddie Mac shareholders’ claims that the FHFA’s unconstitutional removal restriction caused them harm and that the FHFA’s funding mechanism is inconsistent with the Appropriations Clause. After the Federal Housing Finance Agency (FHFA) placed Fannie Mae and Freddie Mac into conservatorship, it entered into several preferred stock purchase agreements with the U.S. Treasury. As a result of these agreements, any value the companies generated would go to the Treasury and not to junior preferred and common stockholders such as plaintiffs.
The plaintiff shareholders sued in 2016, arguing that the “for cause” removal protection for the director of the FHFA was unconstitutional. The district court granted summary judgment in favor of FHFA, but a panel of the 5th Circuit reversed. Sitting en banc, the 5th Circuit then determined that the removal provision violated the separation of powers, and held that the proper remedy was to sever the removal restriction from the rest of the authorizing statute. On further appeal, the Supreme Court held that for-cause restriction on the President’s removal authority violates the separation of powers, but it refused to hold that the relevant preferred stock purchase agreement must be undone.
The Supreme Court remanded the case for lower courts to resolve whether the unconstitutional removal provision caused harm to plaintiffs as shareholders, and the 5th Circuit, again sitting en banc, remanded that question to the district court. Plaintiffs filed an amended complaint on remand, bringing claims under the Administrative Procedure Act (“APA”) and directly under the Constitution. The amended complaint also alleged, for the first time, that the FHFA’s financing structure violates the Appropriations Clause. Defendants moved to dismiss, and the district court granted the motion in its entirety and dismissed all claims with prejudice.
The 5th Circuit determined that the removal claims were within the scope of the remand order, contrary to the district court’s conclusion, but that the plaintiff’s APA claim was barred by an anti-injunction clause in the authorizing statute. Turning to the Constitutional claim, the 5th Circuit concluded that judicial review was not precluded and proceeded to the merits of the claim.
To show compensable harm from the unconstitutional removal provision, plaintiffs had to allege, among other things, a “nexus between the desire to remove and the challenged actions taken by the insulated actor.” More specifically, they had to allege a connection between the Trump Administration’s desire to remove the director of the FHFA and the Administration’s failure to have FHFA exit the conservatorships and return Fannie Mae and Freddie Mac to private control. The amended complaint, however, failed to plead facts demonstrating that the Trump Administration’s purported plan for re-privatization would have been completed if President Trump had been able to remove the existing FHFA director. Those allegations, the Fifth Circuit held, were insufficient.
The 5th Circuit agreed with the district court that the plaintiffs’ Appropriations Clause argument was outside the mandate of the earlier remand order. The appeals court reasoned that the remand order “[left] no opening for plaintiffs to bring a challenge under a completely different constitutional theory for the first time on remand,” nor was there an intervening change in the law such that the mandate rule would not apply.
FDIC’s crypto risk oversight criticized in OIG report
On October 18, the FDIC Office of Inspector General released a report on the FDIC’s strategies addressing the risks posed by crypto assets. According to the report, the FDIC has started to develop and implement strategies that address crypto risks but has not assessed the significance and potential impact of the risks. Additionally, although the FDIC requested that financial institutions provide information pertaining to their crypto‑related activities, its process for providing supervisory feedback is unclear. Between March 2022 and May 2023, the FDIC sent pause letters to several institutions related to their crypto activities, but it had not provided supervisory feedback to all of those institutions, it did not have an expected timeline for reviewing information and responding to institutions, and its procedures did not describe what constitutes the end of the review process for supervised institutions that received a pause letter.
The OIG report recommends that the FDIC set a timeframe for assessing risks pertaining to related activities and update and clarify the supervisory feedback process related to its review of supervised institutions’ crypto-related activities. The FDIC agreed with both recommendations and plans to complete corrective actions by January 30, 2024.
CFPB proposes rule to accelerate a shift toward open banking
On October 19, the CFPB announced a proposed rule that it said would accelerate a shift toward open banking, would give consumers more control over their financial data, and would offer new protections against companies misusing consumer data. The proposed Personal Financial Data Rights rule activates a dormant provision of law enacted by Congress more than a decade ago, Section 1033 of the Consumer Financial Protection Act. According to the CFPB, the rule would “jumpstart competition” by prohibiting financial institutions from “hoarding” a person’s data and requiring companies to share data with other companies at the consumer’s direction about their use of checking and prepaid accounts, credit cards, and digital wallets. This would allow consumers to access competing products and services while ensuring that their data would be used only for their own preferred purpose. Among other things, the proposed rule would ensure that consumers: (i) can obtain their personal financial data at no cost; (ii) have a legal right to grant third parties access to information associated with their credit card, checking, prepaid, and digital wallet accounts; and (iii) can walk away from bad service. Comments on the proposed rule must be received on or before December 29, 2023.
EBA report recommends environmental and social risk enhancements for financial sector
On October 12, the European Banking Authority (EBA) announced the publication of a report on the role of environmental and social risks in the prudential framework of credit institutions and investment firms. The report recommends risk-based enhancements to the risk categories of the Pillar 1 framework, which sets capital requirements, noting that environmental and social risks are “changing the risk picture for the financial sector” and are expected to be more prominent over time. The report puts forward recommendations for actions over the next three years as part of the revised capital requirements regulations. Specifically, the EBA is proposing to: (i) include environmental risks as part of stress testing programs; (ii) encourage the inclusion of environmental and social factors as part of external credit assessments by credit rating agencies; (iii) encourage the inclusion of environmental and social factors as part of due diligence requirements and valuation of immovable property collateral; (iv) require institutions to identify whether environmental and social factors constitute triggers of operational risk losses; and (v) develop environment-related concentration risk metrics as part of supervisory reporting. With respect to revisions to the Pillar 1 framework, the report proposes: (i) the possible use of scenario analysis to enhance the forward-looking elements of the prudential framework; (ii) changes to the role that transition plans could play in the future; (iii) reassessing the appropriateness of revising the internal ratings-based supervisory formula and the corresponding standardized approach for credit risk to better reflect environmental risk elements; and (iv) the introduction of environment-related concentration risk metrics under the Pillar 1 framework.
Fed governor speaks on responsible innovation in money and payments
On October 17, Federal Reserve Board Governor Michelle Bowman provided remarks on innovation in money and payments, including crypto assets, central bank digital currency (CBDC), and the development of instant payments, in which she laid out her vision for “responsible innovation,” which recognizes the important role of private-sector innovation and leverages the U.S. banking system supported by clear prudential supervision and regulation. With respect to CBDC, Bowman said that she has yet to see a compelling argument that CBDC could address frictions within the payment system, promote financial inclusion, or provide the public with access to safe central bank money any more effectively or efficiently than alternatives. She explained that, given that the U.S. has a safe and well-functioning banking system, the potential uses of a U.S. CBDC remain unclear and, at the same time, could introduce significant risks and tradeoffs. Bowman also expressed skepticism over stablecoins, stating that in practice they have been less secure, less stable, and less regulated than traditional forms of money. Finally, Bowman discussed technological innovations in wholesale payments, which are large-value, interbank transactions. Bowman said that the Fed is researching emerging technologies that could enable or be supported by future Fed-operated payment infrastructures, including depository institutions transacting with “tokenized” forms of digital central bank money. Bowman noted that banks and other eligible institutions already hold central bank money as digital balances at the Fed. She also stressed that wholesale payment infrastructures operated by the Fed “underpin domestic and international financial activities” by serving as a “foundation” for payments and the broader financial system. Because these wholesale systems function “safely and efficiently” today, it is necessary to investigate and understand the potential opportunities, risks, and tradeoffs for wholesale payment innovation to support a safe and efficient U.S. payment system.
Find continuing InfoBytes coverage on CBDCs here.
FHFA revises policies for Covid-19 forbearance on GSE mortgages
On October 16, the Federal Housing Finance Agency (FHFA) announced it will revise how Fannie Mae and Freddie Mac (GSE) single-family mortgages are treated for borrowers who have entered Covid-19 forbearance under the GSEs’ representations and warranties framework. Under the revised policies, loans for which borrowers elected Covid-19 forbearance will be treated similarly to loans for which borrowers obtained forbearance due to a natural disaster. The GSEs’ current representations and warranties framework for natural disaster forbearance allows for consideration of the period during which a borrower is in forbearance as part of their demonstrated satisfactory payment history for the initial 36 months after the loan's origination. This framework will now be extended to loans with Covid-19 forbearance. FHFA Director Sandra L. Thompson said, "Servicers went to great lengths to implement forbearance quickly amid a national emergency, and the loans they service should not be subject to greater repurchase risk simply because a borrower was impacted by the pandemic."
The updates will be effective on October 31.
CFPB sues nonbank mortgage lender for alleged HMDA and CFPA violations
On October 10, the CFPB filed a lawsuit against a Florida-based nonbank mortgage originator for allegedly failing to accurately report mortgage data in violation of the Home Mortgage Disclosure Act (HMDA). According to the complaint, in 2019 the Bureau found that the lender violated HDMA by intentionally misreporting data regarding applicants’ race, ethnicity and gender from 2014-2017, which resulted in the lender paying a civil money penalty and taking corrective action. In this action, the Bureau alleges that during its supervision process, it found the lender submitted HMDA data for 2020 contained “widespread errors across multiple data fields” including 51 errors in 159 files and the lender violated a 2019 consent order condition that required it to improve its data practices. The alleged errors include (i) mistakes in inputting data concerning subordinate lien loans and acquired loans; (ii) inclusion of loans in HMDA reporting that did not meet the HMDA criteria for reportable applications; (iii) incorrect characterization of purchaser type for tens of thousands of loans; (iv) erroneous rate spread calculations, leading to errors in interconnected fields; (iv) inaccurate data related to lender credits; and (v) incorrect categorization of specific loan applications as “approved but not accepted” when they were, in fact, withdrawn, resulting in discrepancies in associated fields. Along with the HDMA violations and the violations of the 2019 consent order, the CFPB also alleges violations of the CFPA and requests that the court permanently enjoin the lender from committing future violations of HMDA, require the lender to take corrective action to prevent further violations of HMDA, injunctive relief, and the imposition of a civil money penalty.