Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On November 20, the Office of Information and Regulatory Affairs released the CFPB’s fall 2019 rulemaking agenda. According to a Bureau announcement, the information released represents regulatory matters it “reasonably anticipates having under consideration during the period from October 1, 2019, to September 30, 2020.”
Key rulemaking initiatives include:
- Property Assessed Clean Energy (PACE) Financing: As previously covered by InfoBytes, the Bureau published an Advanced Notice of Proposed Rulemaking (ANPR) in March 2019 seeking feedback on the unique features of PACE financing and the general implications of regulating PACE financing under TILA. The Bureau notes it is currently reviewing comments as it considers next steps.
- Small Business Rulemaking: On November 6, the Bureau held a symposium on small business lending to gather information for upcoming rulemaking (previously covered by InfoBytes here). The Bureau emphasized it will focus on rulemaking that would not impede small business access to credit by imposing unnecessary costs on financial institutions. According to the Bureau, materials will be released prior to convening a panel under the Small Business Regulatory Enforcement Fairness Act to consult with businesses that may be affected by future rulemaking.
- HMDA/Regulation C: The Bureau plans to finalize the permanent thresholds for reporting data on open-end lines of credit and closed-end mortgage loans in March 2020, and expects to issue a Notice of Proposed Rulemaking (NPRM) to govern the collection of HMDA data points and the disclosure of this data in July 2020. Both initiatives follow an NPRM and an ANPR issued by the Bureau in May (previously covered by InfoBytes here).
- Payday, Vehicle Title, and Certain High-Cost Installment Loans: As previously covered by InfoBytes, the Bureau published two NPRMs related to certain payday lending requirements under the final rule titled “Payday, Vehicle Title, and Certain High-Cost Installment Loans.” Specifically, the Bureau proposed to rescind the portion of the rule that would make it an unfair and abusive practice for a lender to make covered high-interest rate, short-term loans or covered longer-term balloon payment loans without reasonably determining that the consumer has the ability to repay, and to delay the rule’s compliance date for mandatory underwriting provisions. The Bureau notes it is currently reviewing comments and expects to issue a final rule in April 2020.
- Debt Collection: Following an NPRM issued in May concerning debt collection communications, disclosures, and related practices (previously covered by InfoBytes here), the Bureau states it is currently “engaged in testing of consumer disclosures related to time-barred debt disclosure issues that were not addressed in the May 2019 proposal.” Once testing has concluded, the Bureau will assess the need for publishing a supplemental NPRM related to time-barred debt disclosures.
- Remittance Transfers: The Bureau expects in December to issue a proposed rule to address the July 2020 expiration of the Remittance Rule’s temporary exception for certain insured depository institutions from the rule’s disclosure requirements related to the estimation of fees and exchange rates. (Previously covered by InfoBytes here.)
- GSE Patch: The Bureau plans to address in December the so-called GSE patch, which confers Qualified Mortgage status for loans purchased or guaranteed by Fannie Mae and Freddie Mac while those entities operate under FHFA conservatorship. The patch is set to expire in January 2021, or when Fannie and Freddie exit their conservatorships, whichever comes first. (See Buckley Special Alert here.)
The Bureau further notes in its announcement the addition of entries to its long-term regulatory agenda “to address issues of concern in connection with loan originator compensation and to facilitate the use of electronic channels of communication in the origination and servicing of credit card accounts.”
On November 20, the CFPB issued a request for information (RFI) regarding the TILA-RESPA Integrated Disclosures Rule (TRID Rule) assessment, which is required by Section 1022(d) of the Dodd-Frank Act. Section 1022(d) requires the Bureau to conduct an assessment of each “significant rule or order” no later than five years after its effective date. The Bureau issued the TRID Rule in November 2013, and the rule took effect on October 3, 2015. In addition to comments received on this RFI, the Bureau notes that it is also considering the approximately 63 comments already received regarding the TRID Rule from the 2018 series of RFIs issued on the adopted regulations and new rulemakings, as well as the inherited regulations (covered by InfoBytes here and here).
The RFI seeks public feedback on any information relevant to assessing the effectiveness of the TRID Rule, including (i) comments on the feasibility and effectiveness of the assessment plan; (ii) recommendations to improve the assessment plan; (iii) data and information about the benefits, costs, and effectiveness of the TRID Rule; and (iv) recommendations for modifying, expanding, or eliminating the TRID Rule.
Comments must be received within 60 days of publication in the Federal Register.
On November 21, the DOJ updated its FCPA Corporate Enforcement Policy to clarify ways in which companies can voluntarily disclose information in an effort to receive leniency from the Department in foreign bribery situations. First, a company does not need to have a complete picture of a possible violation when it first shares information with the DOJ; rather, the company should “make clear that it is making its disclosure based upon a preliminary investigation.” Next, the agency expects a company to disclose “where the company is aware of relevant evidence not in the company’s possession,” simplifying the requirement which previously called for disclosure of “opportunities for the department to obtain relevant evidence not in the company’s possession.” Finally, in the course of a merger or acquisition “an acquiring company that discloses misconduct may be eligible for a declination, even if aggravating circumstances existed as to the acquired entity.”
As previously covered by InfoBytes, the policy was last amended in March (March 2019 version available here) to, among other things, clarify the Department’s position on the use of ephemeral messaging apps by companies seeking full cooperation credit under the policy.
On November 19, the FDIC issued a proposed rule, which would formalize the agency’s Federal Deposit Insurance Act (FDI Act) Section 19 policy statement covering individuals seeking to work in the banking industry who have been convicted of certain crimes. In general, Section 19 of the FDI Act prohibits, without the prior written consent of the FDIC, any person who has been convicted of any criminal offense involving dishonesty, breach of trust, or money laundering—or who has entered into a pretrial diversion or similar program in connection with such an offense—from participating in the banking industry. As previously covered by InfoBytes, in August 2018, the FDIC updated the statement of policy to expand the criteria of de minimis offenses for which the FDIC will not require the filing of an application and (i) clarify when an expungement is considered complete for Section 19 purposes; (ii) recognize that convictions set aside based on procedural or substantive error should not be considered convictions under Section 19; and (iii) adjust the definition of “jail time” to not include “those on probation or parole who may be restricted to a particular jurisdiction.”
The proposal not only seeks to codify the policy statement but requests public comment on all aspects of the policy. According to Chairman McWilliams, the FDIC is particularly interested in “whether and how the FDIC should expand the criteria for what constitutes a de minimis offense.” Comments are due 60 days after publication in the Federal Register.
On November 14, NYDFS announced a proposed regulation, which would allow regulated entities to share confidential supervisory information with legal counsel or with independent auditors without obtaining prior written approval from the agency. Currently, entities are required to receive prior written approval for each instance in which they want to share confidential supervisory information with hired legal counsel or independent auditors. The proposal would allow a regulated entity to share this information without prior written approval from NYDFS as long as there is a written agreement between the parties, in which the hired legal counsel or independent auditor agrees to, among other things, (i) only use the information for the purposes of legal representation or auditing services; (ii) not to disclose the information to its employees except on a “need to know” basis; (iii) promptly notify NYDFS of any requests for the information; and (iv) maintain records for all information disclosed pursuant to the regulation. Comments on the proposal will be accepted for 60 days following publication in the state register on November 27.
On November 14, the Federal Financial Institutions Examination Council (FFIEC) issued a revised Business Continuity Management booklet, one of a series of booklets that make up the FFIEC Information Technology Examination Handbook. The revised booklet replaces the 2015 version, and provides enterprise-wise guidance for examiners on the principles of business continuity management and approaches toward business continuity planning and resilience, including those designed to “achieve safety and soundness, consumer financial protection, and compliance with applicable laws, regulations, and rules.” It also provides examination procedures intended to help examiners assess the effectiveness of business continuity and resilience frameworks for entities including depository financial institutions, nonbank financial institutions, bank holding companies, and third-party service providers.
The same day, the OCC also issued Bulletin 2019-57 to note that the revised booklet rescinds Bulletin 2015-9, “FFIEC Information Technology Examination Handbook: Strengthening the Resilience of Outsourced Technology Services, New Appendix for Business Continuity Planning Booklet.”
CFPB says some organizations won’t need to comply with screening and training requirements for temporary MLOs
On November 15, the CFPB issued an interpretive rule, which clarifies the screening and training requirements for mortgage loan originators (MLOs) with temporary authority under Regulation Z. As previously covered by InfoBytes, Section 106 of Economic Growth, Regulatory Relief, and Consumer Protection Act amends the Secure and Fair Enforcement for Mortgage Licensing Act of 2008 (SAFE Act) to establish temporary authority, providing a way for eligible MLOs who have applied for a new state loan originator license to act as a loan originator in the application state while the state considers the application. Regulation Z currently requires organizations to perform criminal screenings (including whether the applicant has been convicted of enumerated felonies within specified timeframes) and training requirements before permitting the individual to originate loans. According to the Bureau, Regulation Z is “ambiguous” as to whether these requirements would apply to MLOs with temporary authority and therefore, the interpretive rule clarifies that an organization is not required to conduct the criminal screening or ensure the training of any MLOs with temporary authority under the SAFE Act.
The interpretive rule is effective November 24, the same day the SAFE Act amendments take effect.
On November 7, the FCC released a public notice seeking comment on a petition filed by a financial institution requesting a declaratory ruling on whether a company can send a follow-up clarification text message in response to an opt-out message from a consumer without violating the TCPA. More specifically, in connection with informational texts that the consumer previously consented to receive, the institution desires to “discern the scope of that opt-out,” because “[s]ome customers want to opt-out of all texts; others merely want to opt-out of the specific category of text message alert they received most recently.” The institution notes it filed the petition “in an abundance of caution” in light of the highly technical nature of TCPA compliance, and that it believes the FCC’s 2012 ruling in SoundBite Communications, Inc. Petition for Expedited Declaratory Ruling is clear that a sender may clarify in an opt-out confirmation message the scope of the consumer’s request without violating the TCPA as long as the message does not contain marketing or promotional content or seek to encourage or persuade the recipient to reconsider the opt-out.
Comments on the FCC’s public notice are due by December 9, with reply comments by December 24.
On November 8, the Federal Reserve Board announced a proposal to extend the initial compliance dates for foreign banks subject to its single-counterparty credit limit rule by 18 months, which would require the largest foreign banks to comply by July 1, 2021 and smaller foreign banks to comply by January 1, 2022.
As previously covered by InfoBytes, in June 2018, the Federal Reserve Board approved a rule to establish single-counterparty credit limits for U.S. bank holding companies with at least $250 billion in total consolidated assets, foreign banking organizations operating in the U.S. with at least $250 billion in total global consolidated assets (as well as their intermediate holding companies with $50 billion or more in total U.S. consolidated assets), and global systemically important bank holding companies (GSIBs). The rule, which implements section 165(e) of the Dodd-Frank Act, requires the Board to limit a bank holding company’s or foreign banking organization’s credit exposure to an unaffiliated company. Under the rule, a GSIB’s credit exposure is limited to 15 percent of its tier 1 capital to another systemically important firm. A U.S. bank holding company and other applicable foreign institution is limited to a credit exposure of 25 percent of its tier 1 capital to a counterparty.
Comments on the proposal to extend the compliance dates will be accepted for 30 days after publication in the Federal Register.
On November 4, the FHFA issued a Request for Input (RFI) on Fannie Mae’s and Freddie Mac’s (the GSEs) pooling practices as they relate to the formation of the “To-Be-Announced”-eligible Uniform Mortgage-Backed Securities (UMBS). The RFI follows the June launch of the UMBS—a common security through which GSE mortgage-backed securities will be issued (previously covered by InfoBytes here)—and seeks input to assist FHFA in determining whether further action or alignment is required to ensure reasonably consistent security cash flows and continued fungibility of the GSEs’ UMBS so they “remain a source of stable, affordable liquidity for the U.S. housing finance system.” In addition, FHFA requests input on whether having more aligned pooling practices could facilitate the issuance of UMBS by market participants beyond the GSEs, and seeks comments on other policies and practices that might affect UMBS compatibility. Comments are due December 19.
- Daniel P. Stipano to discuss "Risk management in enforcement actions: Managing risk or micromanaging it" at an American Bar Association webinar
- Kari K. Hall and Christopher M. Walczyszyn to speak on the "Understanding updates to Regulation CC to ensure effective check processing" at a National Association of Federal Credit Unions webinar
- Daniel P. Stipano to discuss "ACAMS Moneylaundering.com Year-End Compliance Review and 2020 Outlook" at an ACAMS webinar
- APPROVED Webcast: Periodic reporting made easier
- Daniel P. Stipano to discuss "A 20/20 view on 2020’s legislative and regulatory outlook" at the ACAMS Anti-Financial Crime and Public Policy Conference