Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • CFPB issues HMDA technical amendment

    Agency Rule-Making & Guidance

    On December 12, the CFPB issued a technical amendment to the HMDA Rule to reflect the closed-end mortgage loan reporting threshold of 25 mortgage loans in each of the two preceding calendar years. As previously covered by InfoBytes, in September, the U.S. District Court for the District of Columbia granted partial summary judgment to a group of consumer fair housing associations (collectively, “plaintiffs”) that challenged changes made in 2020 that permanently raised coverage thresholds for collecting and reporting data about closed-end mortgage loans and open-end lines of credit under HMDA. The 2020 Rule, which amended Regulation C, permanently increased the reporting threshold from the origination of at least 25 closed-end mortgage loans in each of the two preceding calendar years to 100, and permanently increased the threshold for collecting and reporting data about open-end lines of credit from the origination of 100 lines of credit in each of the two preceding calendar years to 200 (covered by InfoBytes here). The plaintiffs sued the CFPB in 2020, arguing, among other things, that the final rule “exempts about 40 percent of depository institutions that were previously required to report” and undermines HMDA’s purpose by allowing potential violations of fair lending laws to go undetected. (Covered by InfoBytes here.) As a result of the September 23 order, the threshold for reporting data about closed-end mortgage loans is 25, the threshold established by the 2015 HMDA Rule.

    Agency Rule-Making & Guidance Federal Issues CFPB HMDA Mortgages Regulation C Fair Lending Consumer Finance

  • Social media platform awarded $365,000 in scraping suit

    Courts

    On December 8, the U.S. District Court for the Northern District of California enjoined a data trading company (defendant) from accessing a social media platform (plaintiff), and ordered it to pay $361,790 in attorney fees and $3,640 in court costs to the platform. According to the complaint, the defendant unlawfully scraped the profiles of over 90 million of the plaintiff’s users before selling the data. The complaint specifically alleged that the defendant sold “in-depth insights into the demographics and psychographics of influencers and their audiences.” The order enjoined the defendants from, among other things: (i) accessing or attempting to access the plaintiff’s platforms; (ii) developing, offering, and marketing software or computer code intended to automate the collection of data; and (iii) engaging in any activity that disrupts the plaintiff’s platforms.

    Courts Privacy, Cyber Risk & Data Security Data Scraping Consumer Protection

  • Danish financial institution fined $2 billion for anti-money-laundering compliance failures

    Financial Crimes

    On December 13, a Danish global financial institution pled guilty to conspiring to commit bank fraud and agreed to forfeit approximately $2 billion. According to court documents, the financial institution defrauded U.S. banks at which it held correspondent accounts by misrepresenting the state of its AML controls and transaction monitoring capabilities. According to the Department of Justice, between 2008 and 2016, the financial institution offered banking services through its Estonia branch, including a business line serving non-resident customers (known as “NRP”). The Estonia branch allowed NRP customers to transfer large amounts of money with little to no oversight, and branch employees conspired with NRP customers to hide the true nature of the transactions, including through the use of shell companies that obscured the actual owners of the funds. During this period, the Estonia branch processed $160 billion through U.S. banks on behalf of NRP customers.

    The financial institution and its Estonia branch were required to provide information to U.S. banks in order to open and maintain correspondent accounts. This included information related to AML controls, transaction monitoring, and customers. By at least February 2014, the financial institution became aware of some NRP customers who were engaged in highly suspicious and potentially criminal transactions, including through U.S. banks. The DOJ noted that the financial institution was also aware that the Estonia branch’s AML program and procedures were not appropriate to meet the risks associated with NRP customers, but instead of providing truthful information, the financial institution lied about the state of the Estonia branch’s AML compliance program.

    Under the terms of the plea agreement, the bank has agreed to a criminal forfeiture of $2.059 billion. The bank will also enter into separate criminal or civil resolutions with domestic and foreign authorities. The DOJ will credit approximately $850 million in payments made by the financial institution to resolve related parallel investigations by other domestic and foreign authorities. The DOJ noted that the financial institution “received full credit for cooperation and remediation because it provided full cooperation with the investigation and demonstrated recognition and affirmative acceptance of responsibility for its criminal conduct.”

    The same day, the SEC announced fraud charges against the financial institution in connection with a related, parallel proceeding. The financial institution agreed to pay roughly $413 million, including a $178.6 million civil monetary penalty, as well as $178.6 million in disgorgement and $55.8 million in prejudgment interest. The SEC said it will deem the disgorgement and prejudgment interest satisfied by forfeiture and confiscation ordered in parallel criminal cases with the DOJ, the United States Attorney’s Office for the Southern District of New York, and Denmark’s Special Crime Unit.

    Financial Crimes Securities SEC DOJ Of Interest to Non-US Persons Anti-Money Laundering Compliance Denmark

  • Treasury supports resolution establishing humanitarian carveout across UN sanctions regimes

    Financial Crimes

    On December 9, Secretary of the Treasury Janet L. Yellen issued a statement on the adoption of United Nations Security Council Resolution 2664, which establishes a standardized humanitarian carveout across UN sanctions regimes. Yellen explained that while sanctions are an important tool for globally combating key threats such as money laundering and terrorist financing, Treasury also recognized the potential for unintended consequences and strongly recommended streamlining humanitarian authorizations across sanctions programs. Resolution 2664 “further enables the flow of legitimate humanitarian assistance supporting the basic human needs of vulnerable populations while continuing to deny resources to malicious actors,” Yellen said.

    Financial Crimes Of Interest to Non-US Persons OFAC Department of Treasury OFAC Sanctions OFAC Designations U.N.

  • OFAC designates sanctions evasion network connected to IRGC-QF

    Financial Crimes

    On December 8, the U.S. Treasury Department’s Office of Foreign Assets Control announced sanctions pursuant to Executive Order 13224 against a sanctions evasion network for facilitating and concealing the sale and shipment of hundreds of millions of dollars’ worth of oil for Iran’s Islamic Revolutionary Guard Corps-Qods Force (IRGC-QF). According to OFAC, the designated individual’s companies “established international sales contracts for Iranian oil with foreign purchasers, arranged shipments of oil, and helped launder the proceeds, obscuring the oil’s Iranian origin and the IRGC-QF’s interest in the sales.” The action supplements designations announced in May, which targeted an element of this network responsible for facilitating millions of dollars’ worth of Iranian oil sales for both the IRGC-QF and Hizballah, backed by senior levels of the Russian Federation government and state-run entities (covered by InfoBytes here). As a result, all property, and interests in property of the designated individuals and entities, “and of any entities that are owned, directly or indirectly, 50 percent or more by them, individually, or with other blocked persons, that are in the United States or in the possession or control of U.S. persons, must be blocked and reported to OFAC.” U.S. persons are generally prohibited from engaging in transactions with the designated persons unless authorized by a general or specific OFAC license or are otherwise exempt. OFAC further warned that “engaging in certain transactions with the individuals and entities designated today entails risk of secondary sanctions.”

    Financial Crimes Of Interest to Non-US Persons OFAC Department of Treasury OFAC Sanctions OFAC Designations SDN List Iran

  • OFAC sanctions over 40 individuals and entities in nine countries

    Financial Crimes

    On December 9, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against 40 individuals and entities that are connected to corruption or human rights abuse across nine countries, in recognition of International Anti-Corruption Day and Human Rights Day. According to OFAC, throughout 2022, Treasury “took numerous actions to promote accountability for human rights abusers and corrupt actors across the world, including sanctions on dozens of individuals and entities including in the Western Balkans, Belarus, Liberia, Guatemala, the Russian Federation, Burma, and Iran. Treasury utilized various tools and authorities — including Executive Order 13818, which builds upon and implements the Global Magnitsky Human Rights Accountability Act — to demonstrate the U.S. government’s focus on promoting respect for human rights and countering corruption.” As a result of the sanctions, all transactions by U.S. persons or in the U.S. that involve any property or interests in property of designated or otherwise blocked persons are generally prohibited. Additionally, “any entities that are owned, directly or indirectly 50 percent or more by them, individually, or with other blocked persons, that are in the United States or in the possession or control of U.S. persons, must be blocked and reported to OFAC.” U.S. persons are generally prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons, unless exempt or authorized by a general or specific OFAC license.

    Financial Crimes Of Interest to Non-US Persons Department of Treasury OFAC Sanctions OFAC Designations OFAC SDN List

  • NYDFS finds racial disparities in mortgage lending

    State Issues

    On December 8, NYDFS announced a second report in an ongoing statewide inquiry into redlining and other forms of housing discrimination by mortgage lenders, particularly non-depository lenders. This report focuses on racial disparities in mortgage lending in Long Island, Rochester, and Syracuse, and follows one on Buffalo (covered by InfoBytes here). The report maps lending activity and details individual institutions' lending in majority-minority neighborhoods and to borrowers identifying as members of a minority group. 

    Analyzing HMDA data, NYDFS’s recent report concluded that: “ In Nassau county, where the population is 41.8 percent non-white, on average, lenders make 35.32 percent of their loans to borrowers identifying as people of color. Among lenders operating in the county, lending to borrowers identifying as people of color ranges from 14.9 percent to 50.22 percent. In Suffolk county, where the population is 33.7 percent non-white, on average, lenders make 22.44 percent of their loans to borrowers identifying as people of color. Among lenders operating in the county, lending to borrowers identifying as people of color ranges from 13.07 percent to 36.85 percent. In the Rochester metro area, where 23.9 percent of the population is non-white, on average lenders make 11.32 percent of their loans to borrowers identifying as people of color, less than half of what would be expected based solely on population make-up. Similarly in the Syracuse metro area, 18.7 percent of the population is non-white, but on average lenders make 8.67 percent of their loans to borrowers identifying as people of color.”

    In the announcement, NYDFS noted that it is currently developing regulations to implement the updated New York Community Reinvestment Act, which expands oversight to non-depository mortgage lenders operating in the state. The insights uncovered through these reports’ investigations will be reflected in these proposed regulations which will be published for public comment in 2023.

    State Issues Bank Regulatory NYDFS New York Mortgages New York CRA Fair Lending Redlining

  • OCC warns of crypto-asset and cybersecurity risks facing the federal banking system

    On December 8, the OCC released its Semiannual Risk Perspective for Fall 2022, which reports on key risks threatening the safety and soundness of national banks, federal savings associations, and federal branches and agencies. The OCC reported that, in the aggregate, banks “remain well capitalized” and have “ample liquidity and sound credit quality, although macroeconomic headwinds are a concern.” The OCC highlighted interest rate, operational, compliance, and credit risks as key risk themes. Observations include: (i) the rising rate environment has adversely impacted bank investment portfolios; (ii) operational risk, including evolving cyber risk, is elevated, with “threat actors continuing to target the financial services industry with ransomware and other attacks”; (iii) compliance risk remains heightened as banks navigate significant regulatory changes; and (iv) credit risk in commercial and retail loan portfolios remains moderate and demonstrates resiliency, “but signs of potential weakening in some segments warrant careful monitoring.”

    The report discussed emerging risks related to innovation and the adoption of new products and services, including crypto-assets. Highlighting risks arising from banks’ expansion into digital offerings and the “heightened” threat of fraud risk associated with innovative peer-to-peer payment platforms, the OCC noted that banks should be “clearly communicating risks, educating customers on potential scams, and enhancing internal fraud monitoring capabilities” to mitigate threats and protect consumers. The report noted that “[b]anks may require additional or different controls to safeguard against fraud, financial crimes, violations of Bank Secrecy Act, anti-money laundering, and Office of Foreign Assets Control (BSA/AML/OFAC) requirements, and consumer protection or fair lending laws, or operational errors,” and should “maintain comprehensive operational resilience frameworks commensurate with the size and complexity of products, services, and operations being supported.”

    The OCC reiterated the importance of taking a “careful and cautious approach” toward banks’ engagement with the crypto-related firms. Recent events in the crypto market have also “revealed a high degree of interconnectedness between certain crypto participants through a variety of opaque lending and investing arrangements,” which has led to “a high risk of contagion among connected parties.” The report noted that national banks and federal savings associations interested in engaging in crypto-asset activities should discuss the activities with their supervisory office before engaging the activities. Some activities may require a supervisory non-objection under OCC Interpretive Letter #1179.

    The report cited risks related to cybersecurity and partnerships with fintech and other third parties. The OCC said it is applying a “heightened supervisory focus” to its scrutiny of banks’ oversight of third-party relationships and flagged an upward trend in ransomware attacks targeting banks’ service providers and other third parties. Partnering with fintechs to support operations or provide opportunities for customers to enter the digital asset market can “increase the risk of unfair or deceptive acts or practices because of the coordination, communication, and disclosure challenges involved in these partnerships,” the report said, adding that “[u]nclear or arbitrary partnership agreements may result in implementation breakdowns, untimely resolution of issues, or failure to deliver products or services as intended, and may result in significant customer remediation.” The OCC cautioned that banks must “conduct appropriate due diligence” before entering a partnership with a third party. “The scope and depth of due diligence, as well as ongoing monitoring and oversight of the third party’s performance, should be commensurate with the nature and criticality of the proposed activity.”

    The report also discussed forthcoming climate risk management guidelines applicable to banks with more than $100 billion in total consolidated assets. As previously covered by InfoBytes, the OCC, Federal Reserve Board, and the FDIC announced they intend to issue final interagency guidance to promote consistency.

    Bank Regulatory Federal Issues Digital Assets Privacy, Cyber Risk & Data Security OCC Risk Management Cryptocurrency Supervision Third-Party Risk Management Fintech Financial Crimes Climate-Related Financial Risks

  • FDIC announces South Carolina disaster relief

    December 9, the FDIC issued FIL-51-2022 to provide regulatory relief to financial institutions and help facilitate recovery in areas of South Carolina affected by Hurricane Ian from September 25 to October 4. The FDIC acknowledged the unusual circumstances faced by institutions affected by the storms and suggested that institutions work with impacted borrowers to, among other things: (i) extend repayment terms; (ii) restructure existing loans; or (iii) ease terms for new loans, provided the measures are done “in a manner consistent with sound banking practices.” Additionally, the FDIC noted that institutions “may receive favorable Community Reinvestment Act consideration for community development loans, investments, and services in support of disaster recovery.” The FDIC will also consider regulatory relief from certain filing and publishing requirements.

    Bank Regulatory Federal Issues FDIC Mortgages Disaster Relief Consumer Finance

  • FTC, Florida permanently shut down grant funding operation

    Federal Issues

    On December 8, the FTC and the Florida attorney general announced that a Florida-based grant funding company and its owner (collectively, “defendants”) will be permanently banned from offering grant-writing and business consulting services as a result of a lawsuit the regulators brought against the defendants in June. As previously covered by InfoBytes, the complaint alleged that the defendants violated the Consumer Protection Act, the FTC Act, and the Florida Deceptive Unfair Trade Practices Act by deceptively marketing their services to minority-owned small businesses. Among other things, the defendants (i) promised grant funding that did not exist and/or was never awarded; (ii) misled customers about the status of grant awards; and (iii) failed to honor a “money-back guarantee” and suppressed customer complaints. The defendants agreed to the terms of a proposed court order, which would ban them from providing grant-related services and business consulting, and prohibit them from making misrepresentations regarding advertised products or services. Defendants would also be required to turn over certain property to be sold in order to provide refunds to affected businesses. The proposed order also includes a more than $2 million monetary judgment, which is partially suspended due to defendants’ inability to pay.

    Federal Issues FTC Enforcement State Issues Florida State Attorney General FTC Act Deceptive UDAP

Pages

Upcoming Events