Skip to main content
Menu Icon Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations


Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • OCC releases enforcement actions and terminations

    Federal Issues

    On August 17, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. The new enforcement actions include civil money penalty orders, formal agreements, and prohibition orders, each issued with the consent of the parties.  The OCC also announced a termination of an existing enforcement action against a bank. Included in the release is a formal agreement entered into with a Minnesota-based bank on June 27 in connection with OCC findings of alleged unsafe or unsound practices relating to, among other things, consumer compliance and third party risk management. In connection to violations of certain Flood Disaster Protection Act rules, the agreement requires the bank to (i) establish a compliance committee to monitor the bank’s progress in complying with the agreement’s provisions; (ii) report such progress to the bank’s board of directors on a quarterly basis; and (iii) implement a written consumer compliance program. This program must also include procedures and guidance for compliance with all consumer protection laws, rules, and regulations to which the bank should adhere, an independent audit program, a comprehensive training program for bank personnel in the consumer protection laws, rules, and regulations as appropriate, and policies to manage risks in the credit process. It also separately requires revisions to the third-party risk management program addressing due diligence and monitoring of third parties, including monitoring for compliance with consumer protection-related laws and regulations.

    Federal Issues Bank Regulatory Agency Rule-Making & Guidance Bank Compliance Enforcement OCC Flood Insurance

  • Fed suggests enhancing supervision of “novel activities” by banks

    Federal Issues

    On August 8, the Federal Reserve Board announced the issuance of two supervision letters that elaborate on the its program to supervise “novel activities” such as fintech partnerships, crypto-related activities, and activities using distributed ledger or “blockchain” technology. The first letter, SR 23-7, announces the establishment of the “Novel Activities Supervision Program,” a program designed to “ensure that the risks associated with innovation” supported by new technologies are managed appropriately by the bank. The program will focus on (i) technology-driven partnerships with non-banks; (ii) crypto-asset related activities such as asset custody, crypto-collateralized lending, asset trading, and crypto issuance and distribution; (iii) exploration or use of distributed ledger technology; and (iv) concentration of banking services to crypto-asset related entities and fintech companies. Supervisory teams will be tasked with monitoring and examining these novel activities within the existing supervisory portfolios and will take a risk-based approach on the level and intensity of supervision. The letter concludes that “the Program will also operate in keeping with the principle that banking organizations are neither prohibited nor discouraged from providing banking services to customers or any specific class or type” as permitted by law.

    In the second supervisory letter, SR 23-8, the Fed announced a “nonobjection process” for banks seeking to engage in certain dollar token activities. Previously, the OCC issued an interpretive letter permitting national banks to use distributed ledger technology (or similar) to conduct payments using dollar tokens, as long as the bank could demonstrate adequate controls. (Covered by InfoBytes here). The letter clarifies that any bank supervised by the Fed that wishes to engage in those same activities must first obtain a written notice of supervisory nonobjection from the Fed. In order to do so, the bank must be able to demonstrate it has implemented adequate risk management practices, taking into account operational, cybersecurity, liquidity, illicit finance, and consumer compliance risks, among others. The bank must also demonstrate that it is aware of and can comply with laws applicable to the activities.

    Federal Issues Federal Reserve OCC Bank Compliance Cryptocurrency Bank Supervision

  • Hsu discusses management of large banks

    On January 17, acting Comptroller of the Currency Michael J. Hsu delivered remarks at the Brookings Institute regarding large bank manageability. Hsu started by expressing his belief that developing a robust approach to detecting, preventing, and addressing too-big-to-manage (TBTM) risks will increasingly become an imperative for both banks and bank regulators. He stated that the best “way to successfully fix issues at a TBTM bank is to simplify it — by divesting businesses, curtailing operations and reducing complexity,” and that more typical actions, such as changing management, budgets, plans, and personnel will have limited impact at a bank that is too big to manage. Hsu added that “the size and complexity” of a bank “is the core problem that needs to be solved, not the weaknesses of its systems and processes or the unwillingness or incompetence of its senior leaders.”

    Hsu discussed the OCC’s four-step “escalation framework.” He noted that “the design logic of an escalation framework is to use the credible threat of restrictions and divestitures, guided by and consistent with due process, to force banks to prove that they are manageable and to then let the effectiveness or ineffectiveness of their actions speak for themselves.” He noted that the first step is to put a bank on notice and make clear the nature of the weakness requiring remediation. Significant deficiencies and/or weaknesses that go unaddressed can escalate into public enforcement actions, such as a consent order, where material safety and soundness risks or violations of laws and regulations are at play. If the problem continues, then the OCC will pursue a restriction and divestitures of a bank’s business activities or capital actions. The final step includes breaking up the bank by compelling divestment.

    Hsu concluded with his thoughts on the need for bank regulators to provide greater transparency on the supervisory process. He also emphasized the importance of due process and described supervisory remedies, including but not limited to, business restrictions, divestitures, and simplification of large banks when necessary.

    Bank Regulatory Federal Issues OCC Bank Supervision Bank Compliance

  • OCC releases enforcement actions data

    On September 15, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. Included in the release is an August 29 formal agreement between the OCC and a Texas-based bank in connection with allegedly unsafe or unsound practices relating to strategic and capital planning, credit risk management, Allowance for Loan and Lease Losses (ALLL) methodology, corporate governance, and internal controls. The agreement requires the bank to: (i) establish a compliance committee to monitor the bank’s progress in complying with the agreement’s provisions; (ii) report such progress to the bank’s board on a quarterly basis; and (iii) develop, implement, and adhere to, among other things, the ALLL Program, the contingency funding plan and any amendments thereto, and the internal audit program and any amendments or revisions thereto.

    Bank Regulatory Federal Issues OCC Enforcement Bank Compliance

  • OCC releases enforcement actions data

    On August 18, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. Included in the release is a formal agreement between the OCC and a New York-based bank from July 13 in connection with alleged unsafe or unsound practices relating to information technology security and controls and information technology risk governance. The agreement requires the bank to: (i) establish a compliance committee to monitor the bank’s progress in complying with the agreement’s provisions; (ii) report such progress to the bank’s board on a quarterly basis; and (iii) develop, implement, and adhere to a written risk-based IT assurance and testing program.

    Bank Regulatory Federal Issues Bank Compliance Enforcement OCC

  • Agencies release host state loan-to-deposit ratios

    On June 28, the FDIC, Federal Reserve Board, and OCC (collectively, "the agencies") released the current host state loan-to-deposit ratios for each state or territory, which the agencies use to determine compliance with Section 109 of the Riegle-Neal Interstate Banking and Branching Efficiency Act of 1994 (Interstate Act). Under the Interstate Act, banks are prohibited from establishing or acquiring branches outside of their home state for the primary purpose of deposit production. Branches of banks controlled by out-of-state bank holding companies are also subject to the same restriction. Determining compliance with Section 109 requires a comparison of a bank’s estimated statewide loan-to-deposit ratio to the estimated host state loan-to-deposit ratio. If a bank’s statewide ratio is less than one-half of the published host-state ratio, an additional review is required by the appropriate agency, which involves a determination of whether a bank is reasonably helping to meet the credit needs of the communities served by the bank’s interstate branches.

    Bank Regulatory Federal Issues OCC FDIC Bank Compliance Federal Reserve Riegle-Neal Act

  • Special Alert: Fed finalizes rule for FedNow platform

    The Federal Reserve Board recently issued a final rule for its FedNow instant-payments platform that offers more clarity on how the new service will work while essentially adopting the proposed rule. FedNow will stand alongside private sector initiatives and, like more modern payments systems, will feature credit payments to push funds rather than debit payments to pull funds, offering faster processing.

    Highlights of the new rule and FedNow

    • Not yet open for business. The Fed continues to target release of FedNow for sometime in 2023. It will implement the 24x7x365 real-time payments service in stages, each with additional features and enhancements.
    • Not a consumer or business app or service. Depository institutions that are eligible to hold Reserve Bank accounts will be able to use FedNow, which will be administered by the 12 Reserve Banks. Consumers and businesses may not participate in FedNow directly, and therefore, could not send payment orders to a Reserve Bank through it. They would instead send instant payments through their depository institution accounts.
    • Bank vnonbank direct participation in FedNow. Eligible institutions include banks, savings associations, credit unions, U.S. branches and agencies of non-U.S. banks, Edge or agreement corporations, some systemically important financial market utilities, and government-sponsored entities (including Fannie Mae and Freddie Mac). We use the term “banks” throughout to simplify the discussion.

    Bank Regulatory Federal Issues Agency Rule-Making & Guidance Special Alerts Federal Reserve FedNow Payments Regulation J Bank Compliance

  • OCC releases lineup of risk management workshops

    On April 27, the OCC released its lineup of virtual workshops for board directors of national community banks and federal savings associations for the second half of 2022. Included as part of the workshops to be held later this year is a risk management series focusing on risk governance, credit risk, operational risk, and compliance risk. Another workshop will present guidance for directors and senior managers on building blocks for success. A schedule of the upcoming workshops and registration information is available here.

    Bank Regulatory Federal Issues OCC Risk Management Bank Compliance

  • OCC issues consent order against digital asset bank for AML deficiencies

    On April 21, the OCC issued a consent order against the first federally-chartered bank focused on cryptocurrencies, just 15 months after granting the institution a national bank charter for purposes of taking custody of cryptocurrency. The consent order alleged failure to adopt and implement a compliance program that adequately covers required BSA/AML program elements. In January 2021, the OCC granted conditional approval to convert the bank’s charter to a national association with the “enforceable condition of approval” that the bank would, among other things, meet BSA/AML requirements.

    Bank Regulatory Federal Issues OCC Enforcement Bank Compliance Anti-Money Laundering Bank Secrecy Act SARs

  • OCC issues final rule on authority for SAR requirements

    On April 14, the OCC issued a bulletin reminding regulated banks of a final rule amending the agency’s suspicious activity report (SAR) regulations. The final rule takes effect May 1 (covered by InfoBytes here). Generally, the final rule clarifies the processes by which the OCC may issue exemptions from the requirements of the SAR regulations “based on a request … [for an exemption] that meets the criteria specified in the final rule.” The bulletin notes, however, that the final rule does not itself create any exemptions from the SAR regulations.

    Bank Regulatory Federal Issues Financial Crimes OCC Agency Rule-Making & Guidance SARs Of Interest to Non-US Persons Bank Compliance Bank Secrecy Act Anti-Money Laundering


Upcoming Events