InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Fed releases study on racial bias in mortgage lending
Recently, the Federal Reserve Board published a study titled How Much Does Racial Bias Affect Mortgage Lending? Evidence from Human and Algorithmic Credit Decisions. Using confidential supervisory data collected under HMDA to estimate the extent of racial and ethnic discrimination in mortgage lending, the study found that racial bias has played “a limited role” in recent years in generating disparities seen in mortgage lending denials. The researchers acknowledged that as a self-reporting mechanism, HDMA reports may not reflect reality, “as a lender engaged in illegal discrimination would be unlikely to explicitly admit this.” The study also analyzed denial rates among fintech lenders, finding that by automating more of the application process, fintech firms have the potential to decrease racial discrimination. The study also found that excess denials are higher at fintech lenders, which is “the opposite result we would expect if excess denials reflect racially biased human judgment.” Additionally, the study found that group differences in risk characteristics drive most of the disparities in credit access. The study showed that Black and Hispanic applicants tend to be more leveraged and have much lower credit scores. Both groups of applicants are “less likely to receive algorithmic approval recommendations from government automated underwriting systems (AUS) than white applicants,” the study found. The study also noted caveats, such as that the researchers “only study discrimination in approval decisions conditional on formally applying.”
FRBs to adopt new Fedwire format in 2025
On October 24, the Federal Reserve Board published a notice in the Federal Register announcing that the International Organization for Standardization’s (ISO) 20022 message format for the Fedwire Funds Service will be adopted on a single day, March 10, 2025. The Fedwire Funds Service is a real-time gross settlement system owned and operated by the Federal Reserve Banks that enables businesses and financial institutions to quickly and securely transfer funds using either balances held at the Reserve Banks or intraday credit provided by the Reserve Banks. A single-day implementation strategy is preferable to a three-phased implementation approach, the Fed said, explaining it is both simpler and more efficient and is likely to reduce users’ overall costs related to software development, testing, and training. The Fed also announced a revised testing strategy and backout strategy, as well as other details concerning ISO 20022’s implementation.
OCC releases enforcement actions
On October 20, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. Included among the actions is a cease and desist order against an New York branch of an India-based bank for allegedly engaging in Bank Secrecy Act/anti-money laundering (BSA/AML) program violations. The bank allegedly “failed to establish and maintain a reasonably designed BSA/AML compliance program ('BSA/AML Program') that adequately covers the required BSA/AML Program components. Deficiencies include (i) a weak system of internal controls; (ii) a weak BSA Officer function; and (iii) an insufficient training program.” The order requires the bank to, among other things, submit a BSA/AML action plan and develop a written suspicious activity monitoring and reporting program.
NYDFS reaches $4.5 million settlement over cybersecurity violations
On October 18, NYDFS announced a $4.5 million settlement with a licensed health insurance company for alleged violations of the Department’s Cybersecurity Regulation (23 NYCRR Part 500), which contributed to the exposure of consumers’ sensitive non-public information (NPI). According to NYDFS, a bad actor gained access to a shared email mailbox in 2020 via a phishing attack. This mailbox, NYDFS said, allegedly contained more than six years’ worth of consumer NPI. An NYDFS investigation found that the company allegedly, among other things, failed to implement multi-factor authentication throughout its email environment, did not limit user access privileges (thus allowing nine employees to share login credentials to the compromised mailbox), and failed to implement sufficient data retention and disposal procedures. NYDFS asserted that the cybersecurity event may have been avoided or limited in scope if these security controls had been implemented. Furthermore, the company’s alleged failure to conduct an adequate risk assessment as required by 23 NYCRR Part 500, prevented it from being able to identify the user access privilege and data disposal risks associated with the mailbox that was impacted by the phishing attack. Consequently, the company’s cybersecurity certifications for calendar years 2018 - 2021 were improper, NYDFS said.
Under the terms of the consent order, the company is required to pay a $4.5 million civil money penalty and must conduct a comprehensive cybersecurity risk assessment of its information systems. NYDFS recognized the company’s cooperation throughout the investigation and commended its ongoing and completed remediation efforts, including “devoting significant financial and other resources to enhance its cybersecurity program” and making “changes to its policies, procedures, systems, and governance structures.”
FDIC proposes amendments to its guide on supervisory appeals process
On October 18, the FDIC Board of Directors announced it is soliciting further public comments on proposed amendments to its Guidelines for Appeals of Material Supervisory Determinations. The notice follows an action taken by the Board earlier in May, which restored the Supervision Appeals Review Committee (SARC) as the final level of review in the agency’s supervisory appeals process (covered by InfoBytes here). While the revised guidelines took effect immediately, the FDIC solicited comments on the changes. In response to comments received, the proposed amendments would add the agency’s ombudsman to the SARC as a non-voting member, and the ombudsman would be responsible for monitoring the supervision process after a financial institution submits an appeal. The proposed amendments would also require that materials considered by the SARC be shared with both parties to the appeal (subject to applicable legal limitations on disclosure), and allow financial institutions to request a stay of material supervisory determination while an appeal is pending. Additionally, the division director would be given the discretion to grant a stay or grant a stay subject to certain conditions. Comments on the proposed amendments are due within 30 days of publication in the Federal Register.
FDIC raises deposit insurance assessment rates
On October 18, the FDIC Board of Directors approved the adoption of a final rule to increase the initial base deposit insurance assessment rate schedules uniformly by two basis points beginning with the first quarterly assessment period of 2023. (See also FDIC fact sheet here.) The FDIC said that after considering comments and updated analysis and projections, the increase in assessment rates was adopted without change from when it was proposed in June (covered by InfoBytes here). The FDIC emphasized that the increased assessment revenue is intended to increase the likelihood that the reserve ratio of the Deposit Insurance Fund (DIF) reaches the statutory minimum of 1.35 percent by the mandated deadline of September 30, 2028, while also reducing the likelihood that the FDIC would need to consider a potentially pro-cyclical assessment rate increase where it raises assessments when banking and economic conditions may be less favorable. This increase “is projected to have an insignificant effect on institutions’ capital levels, is estimated to reduce income slightly by annual average of 1.2 percent, and should not impact lending or credit availability in any meaningful way,” the FDIC said. Concurrently, the FDIC maintained the Designated Reserve Ratio for the DIF at two percent for 2023.
Acting Chairman Martin J. Gruenberg stressed that it “is better to take prudent but modest action earlier in the statutory 8-year period to reach the minimum reserve ratio, than to delay and potentially have to consider a pro-cyclical assessment increase.” CFPB Director and FDIC Board Member Rohit Chopra also chimed in, saying that while he voted in favor of finalizing the deposit insurance rate increase, there are a number of changes that must be made over the long term to deposit insurance assessment policies. These include (i) finding ways for banks that pose the most risk to the DIF “to pay more, relative to smaller institutions where the likelihood of large losses to the Fund are tiny”; (ii) building a framework to ensure assessment rate changes are countercyclical where premiums are adjusted “upward and downward based on economic conditions, recent industry profits, and other appropriate indicators”; and (iii) developing “a framework that relies less on ad-hoc adjustments and more on a systematized formula” based on specific quantitative factors.
FDIC issues final rule on troubled debt restructuring accounting standards
On October 18, the FDIC published a final rule in the Federal Register to incorporate updated accounting standards in the risk-based deposit insurance assessment system applicable to all large and highly complex insured depository institutions. According to the FDIC, the final rule adds a new term, “modifications to borrowers experiencing financial difficulty,” to two financial measures—the underperforming assets ratio and the higher-risk assets ratio—that are used to determine deposit insurance assessments for large and highly complex insured depository institutions.
Fed governor “highly skeptical” of U.S. CBDC
On October 14, Federal Reserve Governor Christopher J. Waller spoke during the “Digital Currencies and National Security Tradeoffs” symposium presented by the Harvard National Security Journal regarding the U.S. dollar and central bank digital currencies (CBDC). Waller said that he is “highly skeptical of whether there is a compelling need for the Fed to create a digital currency.” Regarding foreign CBDCs, Waller first considered the emergence of foreign CBDCs in a world without the U.S. CBDC. He noted that “advocates for a CBDC tend to promote the potential for a CBDC to reduce payment frictions by lowering transaction costs, enabling faster settlement speeds, and providing a better user experience.” Because of “the well-known network effects in payments,” Waller pointed out that “the more users the foreign CBDC acquires, the greater will be the pressure on the non-U.S. company to also use the foreign CBDC.”
However, Waller considered that the broader factors underpinning the dollar’s international role would not change. Waller further noted the possibility that a foreign-issued CBDC could have the opposite of its intended effect and make companies even less willing to use that country’s currency. Waller further noted that creating a U.S. CBDC “would come with a number of costs and risks, including cyber risk and the threat of disintermediating commercial banks, both of which could harm, rather than help, the U.S. dollar's standing internationally.” He said he believes that a U.S. CBDC would raise many issues, including money laundering and international financial stability. Waller also considered a scenario in which a privately issued stablecoin pegged to a sovereign currency is available for international payments. He stated that they may be more attractive than existing options due to their ability to provide real-time payments at a lower cost and their ability to provide a safe store of value for individuals residing in or transacting with countries with weak economic fundamentals. He further warned that stablecoins “must be risk-managed and subject to a robust supervisory and regulatory framework.” Waller reiterated that "no decisions have been made" at the Fed on CBDCs and noted that his remarks are intended to provide a free and open dialogue on their utility. He also noted that he is “happy to engage in vigorous debate regarding my view,” and “remain[s] open to the arguments advanced by others in this space.”
Fed, FDIC to consider enhancing large bank resolution requirements
On October 18, the FDIC Board of Directors approved the publication of an advance notice of proposed rulemaking (ANPRM) seeking comments on whether new requirements should be drafted to enhance the regulators’ ability to resolve large banks in an orderly way should they fail. The jointly proposed FDIC/Federal Reserve Board ANPRM seeks feedback on several new possible requirements, including a long-term debt requirement, that could be used for the orderly resolution of domestic large banking organizations in Categories II and III (which generally exceed a threshold of $250 billion in total consolidated assets) to help prevent customer and counterparty disruption. According to a Fed memo, the regulators are exploring whether certain bank resolution standards applicable to global systemically important banks (GSIBs) should be extended to other large banks that, while not as large as GSIBs, “could have very large or complex operations” and have expanded in size due to mergers and “organic growth.” The ANPRM, among other things, also seeks comment on the costs associated with such a proposal, recognizing that “a long-term debt requirement could impact the cost and availability of credit.” The regulators are also evaluating whether they should establish separability requirements, “such as the sale, transfer, or disposal of significant assets, portfolios, legal entities or business lines on a discrete product line or regional basis,” for some or all large banks to aid recovery or resolvability. Comments on the ANPRM are due within 60 days following publication in the Federal Register.
“As the banking system changes, policymakers must continuously evaluate whether resolution-related standards and prudential standards for large banks keep pace,” Fed Vice Chair for Supervision Michael S. Barr said in an announcement issued by the Fed earlier in the week. He explained that the regulators are evaluating whether capital requirements for large banks (including GSIBs), as well as other elements of the prudential framework, should be updated.
Expressing support for the joint ANPRM, acting Comptroller of the Currency Michael J. Hsu stressed that “[e]xploring the development of a rule that can ensure the resolvability of large, domestically-systemic banks will promote financial stability by guarding against the rise of non-GSIBs that may become too-big-to-fail, while enabling true competition amongst the largest banks.” CFPB Director and FDIC Board Member Rohit Chopra also expressed his support for the ANPRM. However, Chopra cautioned that if rulemaking is pursued, it “should not serve as a rationale for continuing a lax and opaque merger review process.” Chopra also advised that efforts “to reduce the risk of bailouts or increased concentration upon the failure of domestic systemically important banks should be complemented by efforts to reduce the probability of their failure,” and that the “increased attention on domestic systemically important banks should not be interpreted to mean that it is ‘mission accomplished’ when it comes to” GSIBs.
Agencies finalize TILA, CLA 2023 thresholds
On October 13, the CFPB and Federal Reserve Board finalized the annual dollar threshold adjustments that govern the application of TILA (Regulation Z) and the Consumer Leasing Act (Regulation M) (available here and here), as required by the Dodd-Frank Act. The exemption threshold for 2023, based on the annual percentage increase in the Consumer Price Index for Urban Wage Earners and Clerical Workers, will increase from $61,000 to $66,400, except for private education loans and loans secured by real or personal property used or expected to be used as the principal dwelling of a consumer, which are subject to TILA regardless of the amount. The final rules take effect January 1, 2023.