Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On August 20, the OCC and the FDIC approved a final rule, which will amend the Volcker Rule to simplify and tailor compliance with Section 13 of the Bank Holding Company Act’s restrictions on a bank’s ability to engage in proprietary trading and own certain funds. (See the OCC press release here.) The Federal Reserve Board, CFTC, and SEC are expected to adopt the final rule as well. As previously covered by InfoBytes, the five financial regulators released a joint notice of proposed rulemaking in July 2018 designed to reduce compliance costs for banks and tailor Volcker Rule requirements to better align with a bank’s size and level of trading activity and risks. The final rule clarifies prohibited activities and simplifies compliance burdens by tailoring compliance obligations to reflect the size and scope of a bank’s trading activities, with more stringent requirements imposed on entities with greater activity. The final rule also addresses the activities of foreign banking entities outside of the United States.
Specifically, the final rule focuses on the following areas:
- Compliance program requirements and thresholds. The final rule includes a three-tiered approach to compliance program requirements, based on the level of a banking entity’s trading assets and liabilities. Banks with total consolidated trading assets and liabilities of at least $20 billion will be considered to have “significant” trading activities and will be subject to a six-pillar compliance program. Banks with “moderate” trading activities (total consolidated trading assets and liabilities between $1 billion and $20 billion) will be subject to a simplified compliance program. Finally, banks with “limited” trading activities (less than $1 billion in total consolidated trading assets and liabilities) will be subject to a rebuttable presumption of compliance with the final rule.
- Proprietary trading. Among other changes, the final rule (i) retains a modified version of the short-term intent prong; (ii) eliminates the agencies’ rebuttable presumption that financial instruments held for fewer than 60 days are within the short-term intent prong of the trading account; and (iii) adds a rebuttable presumption that financial instruments held for 60 days or longer are not within the short-term intent prong of the trading account. Additionally, banks subject to the market risk capital prong will be exempt from the short-term intent prong.
- Proprietary trading exclusions. The final rule modifies the liquidity management exclusion to allow banks to use a broader range of financial instruments to manage liquidity. In addition, exclusions have been added for error trades, certain customer-driven swaps, hedges of mortgage servicing rights, and certain purchases or sales of instruments that do not meet the definition of “trading assets and liabilities.”
- Proprietary trading exemptions. The final rule includes changes from the proposed rule related to the exemptions for underwriting and market making-related activities, risk-mitigating hedging, and trading by foreign entities outside the U.S.
- Covered funds. Among other things, the final rule incorporates proposed changes to the covered funds provision concerning permitted underwriting and market making and risk-mitigating hedging with respect to such funds, as well as investments in and sponsorships of covered funds by foreign banking entities located solely outside the U.S.
FDIC board member Martin J. Gruenberg voted against the rule, stating the “final rule before the FDIC Board today would effectively undo the Volcker Rule prohibition on proprietary trading by severely narrowing the scope of financial instruments subject to the Volcker Rule. It would thereby allow the largest, most systemically important banks and bank holding companies to engage in speculative proprietary trading funded with FDIC-insured deposits.” Gruenberg emphasized that the final rule “includes within the definition of trading account only one of these categories of fair valued financial instruments—those reported on the bank’s balance sheet as trading assets and liabilities. This significantly narrows the scope of financial instruments subject to the Volcker Rule.”
Once approved by the Federal Reserve, SEC, and CFTC, the final rule will take effect January 1, 2020, with banks having until January 1, 2021, to comply. Prior to the compliance date, the 2013 rule will remain in effect. Alternatively, banking entities may elect to voluntarily comply, in whole or in part, with the final rule’s amendments prior to January 1, 2021, provided the agencies have implemented necessary technological changes.
On August 21, the OCC published in the Federal Register a final rule providing partial assessment refunds to banks under OCC jurisdiction that exit the OCC’s jurisdiction within the prescribed timeframe. As previously covered by InfoBytes, in March, the OCC proposed to maintain semiannual assessment fee payments, but allow for partial refunds equal to the prospective half of the assessment for banks that leave the OCC’s jurisdiction between the date of the applicable Call Report and the date of collection. The final rule was adopted without substantive changes to the proposed rule and is effective as of September 20.
On August 9, the Federal Reserve Board, the FDIC, and the OCC released the current host state loan-to-deposit ratios for each state or U.S. territory, which the agencies use to determine compliance with Section 109 of the Riegle-Neal Interstate Banking and Branching Efficiency Act of 1994. Under the Act, banks are prohibited from establishing or acquiring branches outside of their home state for the primary purpose of deposit production. Branches of banks controlled by out-of-state bank holding companies are also subject to the same restriction. Determining compliance with Section 109 requires a comparison of a bank’s estimated statewide loan-to-deposit ratio to the yearly host state loan-to-deposit ratios. If a bank’s statewide ratio is less than one-half of the yearly published host state ratio, an additional review is required by the appropriate agency, which involves a determination of whether a bank is reasonably helping to meet the credit needs of the communities served by the bank’s interstate branches. Banks that do not meet the compliance requirements are subject to sanctions by the OCC. Notably, Section 109 is not applicable to federal savings associations or community banks with covered interstate branches.
On July 31, the OCC issued Bulletin 2019-40, which provides guidelines for requesting designation as a wholesale or limited purposes bank for Community Reinvestment Act (CRA) purposes, or requesting confirmation of exemption as a special purposes bank under the CRA. The guidelines summarize the process for requesting or confirming designation, including (i) information that a bank should provide to substantiate its request; (ii) instructions on how to submit requests; and (iii) the review and approval process. Among other things, the OCC encourages banks seeking confirmation or designation to request an informal consultation with the bank’s supervisory office. As for such a request, the OCC notes that it is customary to include a description on how the bank satisfies the definition for a wholesale bank, limited purposes bank, or special purposes bank, including facts and data sufficient to describe the nature of the bank's current and prospective business, the credit products offered, and the market area served. Within 60 days of receiving a complete designation or confirmation request, the OCC will notify the bank of its decision to approve or deny the request. For designations as wholesale or limited purpose, the designation will remain in effect until the bank requests revocation or one year after the OCC notifies the bank it has revoked the designation. For special purpose confirmations, the exemption remains in effect until the OCC is informed the exemption no longer applies. Designation and confirmation requests may be made available to the public under the Freedom of Information Act (FOIA), but a bank may request confidential treatment for information that would normally be exempt from FOIA disclosure requirements.
On July 31, the OCC announced two new units, which consolidates bank supervision support, risk analysis, and oversight of national trust banks and significant service providers. One hundred and fifty staff members were realigned to create the news units, the OCC reported, with the intention of eliminating redundancies and “presenting a single voice to supervised institutions.” The OCC additionally noted that the agency’s Committee on Bank Supervision “will provide strategic direction and oversight to both units, and will review and approve strategic plans and initiatives, annual business plans or operating plans, and major projects and initiatives.”
The first unit, Supervision System and Analytical Support, consists of OCC supervisory and policy unit teams that oversee supervisory information systems, data management, business intelligence, risk analysis, and supervision risk management. The second unit, Systemic Risk Identification Support and Specialty Supervision, includes lead experts from Large Bank Supervision and Midsize Bank Supervision, in addition to teams responsible for supervising trust companies from the Northeastern District National Trust Banks team and significant service providers from Bank Supervision Policy.
The OCC further noted that Midsize and Community Bank Supervision and Large Bank Supervision will retain primary responsibility for overseeing the banks, savings associations, and federal branches and agencies of foreign banks that compose the federal banking system.
On July 24, the OCC issued Bulletin 2019-37 to provide fraud risk management principles for all OCC-supervised institutions. The Bulletin supplements previously issued notices addressing corporate and risk governance, and focuses on fraud risk, operational risk, and the need for strong governance and sound risk management principles. According to the OCC, strong governance is vital to managing an institution’s exposure to fraud and must include a strong corporate culture that discourages imprudent risk-taking. However, the OCC noted that fraud risk management should be commensurate with the bank’s risk profile. The Bulletin highlights several preventative and detective controls, including (i) developing anti-fraud policies and procedures, such as ethics policies, codes of conduct, and identity theft programs; (ii) creating anti-fraud awareness campaigns; (iii) establishing fraud risk management training programs for employees and contractors and educating customers on preventative measures; (iv) implementing a system of controls intended to prevent employees and third parties from conducting fraudulent transactions, such as opening or closing of bank accounts; (v) conducting background investigations for new employees and periodic checks for existing employees and third parties; (vi) providing sound training and information security programs; and (vii) establishing processes for customer identification, customer due diligence, and beneficial ownership identification and verification. Additionally, the OCC stated that senior management should understand the institution’s exposure to fraud risk and associated losses.
On July 25, the OCC announced the issuance of a fully revised “Corporate and Risk Governance” booklet for the Comptroller’s Handbook, as well as limited updates to the “Internal and External Audits” booklet for examiners completing core assessments affected by audit functions. Among other things, the revised “Corporate and Risk Governance” booklet is intended to provide examiners with a summary of corporate and risk governance, related risks, the board’s role and responsibilities in corporate and risk governance, strategic planning, and examination procedures. The revised booklet identifies the following as the primary risk categories associated with corporate and risk governance: (i) strategic; (ii) reputation; (iii) compliance; and (iv) operational. Updates to both booklets incorporate references to relevant OCC issuances and auditing standards published since the booklets were last issued, reflect the integration of federal savings associations into certain regulations, and make clarifying edits regarding supervisory guidance, sound risk management practices, legal language, and the roles of the bank’s board and management.
On July 23, the OCC issued Bulletin 2019-36 reminding banks to follow safety and soundness standards and guidelines when using asset dissipation underwriting (ADU)—also known as “asset depletion underwriting or asset amortization underwriting”—to originate mortgage loans. Specifically, the OCC states banks should develop and implement policies and processes for ADU in a manner consistent with existing regulatory real estate and mortgage lending standards and guidelines. Banks should also align ADU activities with their overall business plans and strategies, including “working with consumers who have a capacity to repay a mortgage loan even though they do not meet traditional income-based underwriting repayment standards.” The OCC additionally expects bank management to “develop and maintain risk governance processes that are commensurate with the credit risk of ADU, particularly if the offering constitutes a deviation from the bank’s existing mortgage lending business activities.” With regard to Fannie Mae and Freddie Mac loans, the OCC states that lenders may use ADU to underwrite mortgage loans based on certain assets, including employment-related retirement assets, for applicants who are near retirement.
On July 18, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. The new enforcement actions include personal cease-and-desist orders, civil money penalties, formal agreements, prompt corrective action directives, removal and prohibition orders, and terminations of existing enforcement actions. Included in the list is a formal agreement issued against a Texas-based bank on June 20 for alleged unsafe or unsound practices related to, among other things, compliance risk management and violations of laws and regulations concerning the Flood Disaster Protection Act (FDPA), Bank Secrecy Act, TILA, RESPA, and the Expedited Funds Availability Act. Among other things, the agreement requires the bank to (i) appoint a compliance committee responsible for submitting a written progress report detailing specific corrective actions; (ii) ensure that it has “sufficient and competent management”; (iii) prepare a risk-based consumer compliance program, which must include revised policies and procedures related to the Servicemembers’ Civil Relief Act, TILA-RESPA Integrated Disclosure rule, and the FDPA; and (iv) take measures to “ensure that current and satisfactory credit and proper collateral information is maintained on all loans.”
On July 22, the Federal Reserve Board, FDIC, NCUA, and the OCC along with the Financial Crimes Enforcement Network (FinCEN), released a joint statement to improve transparency of their risk-focused approach to Bank Secrecy Act/anti-money laundering (BSA/AML) supervision. The statement outlines common practices for assessing a bank’s risk profile, including (i) leveraging available information, including internal BSA/AML risk assessments, independent audits, and results from previous examinations; (ii) contacting banks between examinations or before finalizing the scope of an examination; and (iii) considering the bank’s ability to identify, measure, monitor, and control risks. Examiners will use the information from the risk assessments to scope and plan the examination, as well as to evaluate the adequacy of the bank’s BSA/AML compliance program. The statement notes that the extent of examination activities needed to evaluate a bank’s BSA/AML compliance program, “generally depends on a bank’s risk profile and the quality of its risk management processes.”
- Hank Asbill to discuss "Ethical guidance in conducting internal investigations – The intersection of Yates and Upjohn" at the American Bar Association Southeastern White Collar Crime Institute
- H Joshua Kotin to discuss "Recent developments in fair lending and avoiding the pitfalls" at the Arkansas Community Bankers/Bankers Assurance 2019 Compliance Conference
- Brandy A. Hood to discuss "RESPA Section 8/referrals: How do you stay compliant?" at the New England Mortgage Bankers Conference
- Daniel P. Stipano to discuss "Risk management in enforcement actions: Managing risk or micromanaging it" at the American Bar Association Business Law Section Annual Meeting
- Valerie L. Hletko to discuss "Banking on guns ‘n drugs: Social policy meets financial services" at the American Bar Association Business Law Section Annual Meeting
- Daniel P. Stipano to discuss "Navigating the conflicting federal and state laws for doing business with cannabis companies" at the American Bar Association Business Law Section Annual Meeting
- Tim Lange to discuss "Services and value" at the North American Collection Agency Regulatory Association Annual Conference
- Katherine L. Halliday to discuss "UDAP, UDAAP & the Map rule compliance basics" at the Mortgage Bankers Association Regulatory Compliance Conference
- Brandy A. Hood to discuss "How to ace your TRID exam" at the Mortgage Bankers Association Regulatory Compliance Conference
- Amanda R. Lawrence to discuss "Data privacy litigation" at the Mortgage Bankers Association Regulatory Compliance Conference
- Melissa Klimkiewicz to discuss "Navigating FHA rules and regs" at the Mortgage Bankers Association Regulatory Compliance Conference
- Jonice Gray Tucker to discuss "HMDA data is out, now what?" at the Mortgage Bankers Association Regulatory Compliance Conference
- Jeffrey P. Naimon to discuss "Washington regulatory overview" at the Mortgage Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Kathryn L. Ryan to discuss "The state’s role in fintech: Providing an industry framework for innovation" at Lend360
- Jeffrey P. Naimon to discuss "Truth in lending" at the American Bar Association National Institute on Consumer Financial Services Basics
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions" at the Institute of International Bankers Risk Management and Regulatory Examination/Compliance Seminar
- Jonice Gray Tucker to discuss "Fintech regulatory developments, crypto-assets, blockchain and digital banking, and consumer issues" at the Practising Law Institute Banking Law Institute
- Amanda R. Lawrence to discuss "How to balance a successful (and stressful) career with greater personal well-being" at the American Bar Association Women in Litigation Joint CLE Conference