InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FFIEC releases updated BSA/AML InfoBase website
On October 18, the Federal Financial Institutions Examination Council (FFIEC) released a newly updated Bank Secrecy Act/Anti-Money Laundering (BSA/AML) InfoBase website, which provides examiners and financial institutions access to BSA/AML examination procedures and resources, including the BSA/AML Examination Manual. According to the FFIEC, the InfoBase will “provide just-in-time training for new regulations and for other topics of specific concern to examiners within the FFIEC's member agencies.”
Federal Reserve Board launches inaugural Consumer Compliance Supervision Bulletin
On July 26, the Federal Reserve Board released its inaugural Consumer Compliance Supervision Bulletin (Bulletin) to share information about the agency’s supervisory observations and other noteworthy developments related to consumer protection, and provide practical steps for banking organizations to consider when addressing consumer compliance risk. The first Bulletin focuses on fair lending issues related to the practice of redlining and outlines key risk factors the Fed considers in its review, such as (i) whether a bank’s Community Reinvestment Act (CRA) assessment areas inappropriately exclude minority census tracts; (ii) whether a bank’s Home Mortgage Disclosure Act or CRA lending data show “statistically significant disparities in majority minority census tracts when compared with similar lenders”; or (iii) whether the bank’s branches, loan production offices, or marketing strategies appear to exclude majority minority census tracts. Practical steps for mitigating redlining risk are also provided. The Bulletin also discusses fair lending risk related to mortgage pricing discrimination against minority borrowers, small dollar loan pricing that discriminates against minorities and women, disability discrimination, and maternity leave discrimination.
The Bulletin additionally addresses unfair or deceptive acts or practices risks related to overdrafts, misrepresentations made by loan officers, and the marketing of student financial products and services. The Bulletin also highlights regulatory and policy developments related to the Federal Financial Institutions Examination Council’s updated Uniform Interagency Consumer Compliance Rating System along with recent changes to the Military Lending Act.
Federal banking agencies release policy statement on interagency notification of enforcement actions
On June 12, the OCC, Federal Reserve, and FDIC (collectively, “Federal Banking Agencies” or “FBAs”) published in the Federal Register a policy statement on interagency notification of formal enforcement actions to assure ongoing coordination after the Federal Financial Institutions Examination Council rescinded its 1997 revised policy statement on “Interagency Coordination of Formal Corrective Action by the Federal Bank Regulatory Agencies.” According to the new policy statement, when making a determination to bring a formal enforcement action, an FBA should evaluate whether a potential enforcement action involves the interests of another FBA and if so, should notify the agency prior to notifying the financial institution about the pending action. The notice to the FBA should contain enough information for the agency to take necessary action to examine or investigate the financial institution. The statement clarifies that the policy is not intended to substitute or replace the informal communication that routinely occurs between FBAs in advance of an enforcement action.
FFIEC releases customer due diligence and beneficial ownership examination procedures
On May 11, the Federal Financial Institutions Examination Council released updated examination procedures for the Financial Crimes Enforcement Network's (FinCEN) final rule, “Customer Due Diligence Requirements for Financial Institutions” (CDD rule). Compliance with the CDD rule became mandatory on May 11. The updated customer due diligence exam procedures were developed in close collaboration with FinCEN and replace those in the current Bank Secrecy Act/Anti-Money Laundering Examination Manual. Additionally, a new set of exam procedures address the CDD rule’s beneficial ownership requirements.
According to an OCC bulletin released the same day, the examination procedures reflect federal and state banking agencies’ “ongoing commitment to examine financial institutions for compliance with the Bank Secrecy Act . . . in accordance with uniform standards and principles.”
See here for continuing InfoBytes coverage of the CDD rule.
FFIEC releases 2017 HMDA data; CFPB releases new annual report on mortgage market activity and trends
On May 7, the Federal Financial Institutions Examinations Council released the 2017 Home Mortgage Disclosure Act (HMDA) data on mortgage lending transactions covering information submitted by financial institutions on or before April 18. The data will not remain static, but instead will be updated on an on-going basis to reflect late submissions and resubmissions. The data currently include information on 14.1 million actions: 12.1 million home loan applications, 7.3 million of which resulted in loan originations, and 2.1 million in purchased loans. Observations from the CFPB on the data include: (i) total number of originated loans decreased by 12.4 percent; home-purchase lending increased by 4 percent; (ii) nondepository, independent mortgage companies accounted for 56.1 percent of first-lien owner-occupied home purchase loans (up from 53.3 percent in 2016); and (iii) the share of refinance loans to low- and moderate-income borrowers increased from 16.9 percent to 22.9 percent.
On the same day, the CFPB also released its first annual series of data points describing mortgage market activity based on data reported under HMDA. The report summarizes the 2017 HMDA data and recent trends in the mortgage market.
FFIEC joint statement addresses role of cyber insurance in risk management programs
On April 10, the Federal Financial Institutions Examination Council (FFIEC) members issued a joint statement advising financial institutions to consider the role of cyber insurance as a component of their overall risk management programs in light of the increasing number of sophisticated cyber-attacks. While financial institutions are not required to have cyber insurance, the FFIEC stated that it can be an effective tool to help mitigate risk. However, the FFIEC emphasized that cyber insurance does not diminish the need for a sound control environment; rather, it “may be a component of a broader risk management strategy that includes identifying, measuring, mitigating and monitoring cyber risk exposure.” Additionally, cyber insurance may offset financial losses resulting from data breaches that may not be covered by traditional insurance policies. Considerations for financial institutions assessing the costs and benefits of adding cyber insurance include: (i) involving multiple stakeholders in the decision, (ii) conducting proper due diligence to understand coverage and identify any gaps; and (iii) reviewing cyber insurance as part of a financial institution’s annual insurance review and budgeting process.
Agencies seek OMB approval on November 2017 Call Report revisions
On April 11, the Federal Reserve Board, FDIC, and OCC—as members of the Federal Financial Institutions Examination Council (FFIEC)—published a joint notice and request for comment for OMB review and approval regarding revisions to the Consolidated Reports of Condition and Income (Call Reports) for financial institutions. The finalized changes modify Call Reports applicable to banks with (i) domestic offices only and less than $1 billion in total assets (FFIEC 051); (ii) domestic offices only (FFIEC 041); and (iii) domestic and foreign offices (FFIEC 031). The changes include removing or consolidating certain data items and adding a new or raising certain existing reporting thresholds in the three versions of the Call Report. Comments must be submitted by May 11. Subject to OMB approval, the revisions would take effect as of the June 30, 2018 report date. As previously covered by InfoBytes, the changes were originally proposed in November 2017.
FFIEC issues Examination Modernization Project update
On March 22, the Federal Financial Institutions Examination Council (FFIEC) issued an update on the status of its Examination Modernization Project. According to FDIC FIL-11-2018 and the accompanying press release, the project’s objective is to identify and assess measures to improve the community bank safety and soundness examination process, pursuant to the Economic Growth and Regulatory Paperwork Reduction Act’s review of regulations. According to feedback from selected supervised institutions and examiners, agencies should ensure examiners understand the importance of clear, transparent communication objectives during the examination process. As a result, the FFIEC indicated the following four areas with the potential for “meaningful supervisory burden reduction”:
- regulator communication objectives should be highlighted and reinforced before, during, and after examinations;
- technology should be leveraged to “shift, as appropriate, examination work from onsite to offsite”;
- examinations should continue to be tailored “based on risk”; and
- electronic file transfer systems should be improved “to facilitate the secure exchange of information between institutions and supervisory offices or examiners.”
The FFIEC also announced plans to take further action on other areas of improvement.
House passes two bipartisan bills to increase transparency for regulatory appeals process and tailor regulations based on size and complexity
On March 15, the House passed H.R. 4545, the “Financial Institutions Examination Fairness and Reform Act,” which would amend the Federal Financial Institutions Examination Council Act of 1978 to increase transparency and accountability for financial institutions. Among other things, the bill will require federal financial regulatory agencies to comply with deadlines established in the bill to improve the timeliness of examination reports and exit interviews, and will establish the Office of Independent Examination Review to adjudicate financial institutions’ appeals and complaints concerning examination reports. The bill further “requires the establishment of an independent internal agency appellate process at the CFPB for the review of supervisory determinations made at institutions supervised by the CFPB.”
Separately, on March 14, the House passed H.R. 1116, the “Taking Account of Institutions with Low Operation Risk Act of 2017” (TAILOR Act), which would require federal financial regulatory agencies to tailor regulations to a financial institution’s size and complexity. The TAILOR Act would apply not only to future regulatory guidance and rulemaking but also to regulations adopted seven years prior from February 16, 2017. According to a press release issued by the House Financial Services Committee, the TAILOR Act “moves financial regulatory agencies away from the current one-size-fits-all approach to instead consider additional factors such as an institution's risk profile, unintended potential impact of implementation of such regulations, and underlying policy objectives of the statutory scheme which led to the regulation.” In registering her opposition to the bill, Ranking Member of the Committee, Representative Maxine Waters, D-CA, argued that it would “weaken important safeguards established since the financial crisis” and “provide all financial institutions, including the largest banks, with opportunities to challenge any and every regulation in court if they felt it was not 'uniquely tailored' to their business needs.”
9th Circuit denies bank’s challenge to FDIC bank secrecy order
On March 12, the U.S. Court of Appeals for the 9th Circuit upheld a 2016 FDIC cease and desist order against a California bank arising out of alleged deficiencies in compliance management relating to the Bank Secrecy Act (BSA) and anti-money laundering laws. According to the opinion, FDIC examinations dating back to 2010 identified areas for BSA compliance improvement. While the bank made adjustments in response to the original findings, a 2012 FDIC examination found the bank’s BSA compliance program still was deficient, including because it did not “establish and maintain procedures designed to ensure adequate internal controls, independent testing, administration, and training”—known as the “four pillars”—and because the bank had not filed a necessary suspicious activity report. The bank argued that the BSA compliance standards were too vague, accused FDIC examiners of bias during the examination in a manner that violated its due process rights, and alleged that the decision was not supported by substantial evidence.
The three-judge panel ruled that (i) there was no bias in the FDIC’s decision to assess a penalty against the bank because there was substantial evidence to support an administrative law judge’s findings that the bank’s failure to maintain adequate controls violated BSA regulations; and (ii) because the BSA and FDIC’s implementing regulations are “economic in nature and threaten no constitutionally protected rights,” vagueness is not an overriding concern. While the “four pillars” of BSA compliance are open to interpretation, the panel noted, the FDIC provides banks with a manual written by the Federal Financial Institutions Examination Council that sets forth a uniform compliance standard. Furthermore, FDIC Financial Institution Letter 17-2010 clarifies that the manual contains the FDIC’s BSA compliance supervisory expectations. “A BSA Officer at the Bank bearing the requisite ‘specialized knowledge’ would understand that compliance with the FFIEC Manual ensures compliance with the BSA. . . . The BSA and its implementing regulations are not unconstitutionally vague,” the panel stated. Therefore, the 9th Circuit held that the manual was entitled to Chevron deference and denied the bank’s petition for review.