InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OCC to Host Credit Risk and Operational Workshops for Directors of National Community Banks and Federal Savings Associations; Banking Agencies to Conduct Webinar to Introduce New FFIEC Call Report
On March 2, the Office of the Comptroller of the Currency (OCC) announced that it will host two workshops in Phoenix on April 11-12 for directors of OCC supervised national community banks and federal associations. The Credit Risk workshop (April 11) will cover strategies to recognize trends and problems in credit risk within the loan portfolio, and the Operational Risk workshop (April 12) will discuss key components of operational risk, governance, third-party risk, vendor management, and cybersecurity.
Also on March 2, four members of the Federal Financial Institutions Examination Council (FFIEC) (Federal Reserve Board, Federal Deposit Insurance Corporation, Office of the Comptroller of the Currency, and the Conference of State Bank Supervisors) announced the implementation of the new streamlined FFIEC 051 Call Report, effective March 31, 2017, that will introduce burden-reducing changes to the existing versions of the Call Report and will be available to eligible small institutions. “’Eligible small institutions’ are [defined as] institutions with domestic offices only and total assets of less than $1 billion, excluding those that are advanced approaches institutions for regulatory capital purposes.” The revisions to the requirements are subject to approval by the OMB. On March 8, the FFIEC will conduct a webinar from 2:00 p.m. to 3:30 p.m. ET to introduce the new Call Report and explain the revisions.
FTC Issues New Top 10 Consumer Complaint Categories in Annual Summary
On March 3, the Federal Trade Commission (FTC) issued an annual summary of consumer complaints, highlighting trends in the various categories of consumer complaints received by the Commission over the past year. The agency released its overview in the form of the Consumer Sentinel Network Data Book for January - December 2016 (2016 Data Book)—which provides category breakdowns and state specific data extrapolated from the Consumer Sentinel Network (CSN)—a secure online database of millions of consumer complaints available only to law enforcement, including, but not limited to, the FTC. In compiling the 2016 Data Book, the CSN collected more than 3.1 million consumer complaints, which the FTC sorted into 30 top complaint categories.
Florida, Georgia and Michigan were (again) the top three states for fraud and other complaints, while Michigan, Florida and Delaware were the top three states for identity theft complaints. The 2016 Data Book also reveals that debt-collection complaints remained the top category, comprising 28 percent of all complaints. The Commission attributes this “high number of reported debt collection complaints” to, among other things, “complaints submitted by a data contributor who collects complaints via a mobile app.” The Commission also identifies “imposter scams” as a “serious and growing problem.” In response to this trend, Acting Director of the FTC’s Bureau of Consumer Protection, Thomas Pahl, indicates that the agency “will use all the tools at its disposal to address it,” including “law enforcement actions against scammers and consumer education to help consumers avoid losing money.”
Another category that saw some movement was identity theft. While overall complaints in this category declined from 16 percent to 13 percent, 29 percent were consumers reporting that their data was used to commit tax fraud. Furthermore, there was a jump in those who reported “that their stolen data was used for credit card fraud. . .[a number that] rose from nearly 16 percent in 2015 to more than 32 percent in 2016.” And, rounding out the “Top Ten” consumer complaints for 2016 after debt-collection, imposter scams, and identify theft, were: telephone and mobile services, banks and lenders, prizes/sweepstakes/lotteries, shop-at-home/catalog sales, auto-related complaints, credit bureaus/information furnishers/report users, and television and electronic media complaints.
More information about the Consumer Sentinel Network and Data Book is available through www.FTC.gov/sentinel.
Congressmen Send Letter Urging Fed to Delay Rulemaking Until New Vice Chairman is Confirmed
On February 23, several GOP members of the House Financial Services Committee sent a letter to Fed Chair Janet Yellen in response to Chair Yellen’s recent Congressional testimony that the Fed may advance a pending rulemaking “pertain[ing] to the stress tests and what is called the Stress Capital Buffer.” Among other things, the letter urged that, “[a]bsent an emergency, the Federal Reserve should neither propose nor adopt any new rules until the U.S. Senate confirms a [Fed] Vice Chairman for Supervision.” The GOP lawmakers also cautioned that, should the Fed adopt rules prior to the confirmation of the Vice Chairman for Supervision, they intend to “work with [their] colleagues to ensure that Congress scrutinizes the Federal Reserve’s actions—and, if appropriate, overturns them—pursuant to the Congressional Review Act.”
White House Calls for “Regulatory Reform Task Forces”; OMB Sends Guidance Memorandum to Heads of Departments and Agencies
On February 24, President Trump signed an Executive Order directing the “head of each agency” to establish a “Regulatory Reform Task Force,” led by a designated “Regulatory Reform Officer,” who is responsible for reviewing existing regulations and making “recommendations to the agency head regarding their repeal, replacement, or modification.” Specifically, the Regulatory Reform Task Forces are charged with identifying regulations that: (i) “eliminate jobs, or inhibit job creation”; (ii) are outdated, unnecessary, or ineffective; (iii) “impose costs that exceed benefits”; (iv) create a “serious inconsistency or otherwise interfere with regulatory reform initiatives and policies”; (v) are inconsistent with OMB’s “Information Quality Guidelines”; or (vi) implement Executive Orders or Presidential directives that have been repealed or substantially modified.
Among other things, the Order instructs the OMB Director to issue guidance outlining requirements for the incorporation of regulatory reform “performance indicators” into agencies’ annual performance plans and potentially “address[ing] how agencies not otherwise covered under this subsection should be held accountable for compliance with this order. The Order requires that the task forces solicit input from “entities significantly affected by Federal regulations, including state, local, and tribal governments, small businesses, consumers, non-governmental organizations, and trade associations,” and submit a report to the agency head within 90 days.
Thereafter, on February 28, recently-confirmed Director of the Office of Management and Budget (OMB) Mick Mulvaney released a memorandum and attachment for the heads of all offices in the Executive Office of the President (EOP) and Executive agencies, which summarizes the major elements of the legislative clearance function that the OMB, working with other offices, carries out on behalf of the President. The memorandum (OMB Circular No. A-19) details the requirements and procedures for legislative coordination and clearance, while the attachment summarizes the major elements and the essential purposes of the clearance process.
Among other things, the memorandum recommends that, in supporting the “President’s Program,” agencies within the Administration should: (i) submit to Congress legislative proposals needed to carry out the President’s Program; (ii) convey the Administration’s views on legislation that Congress has under consideration; and (iii) recommend approval or disapproval of bills passed by Congress. According to the memorandum, the primary goals of the clearance process are twofold: (i) to ensure that an agencies’ legislative communications with Congress are consistent with the President’s policies and objectives; and (ii) to allow for the Administration to “speak[] with one voice” regarding legislation.
BAFT Issues Comments on Proposed AML/CFT Guidance Revisions
On February 22, the Bankers Association for Finance and Trade (BAFT), an international financial services association for organizations engaged in international transaction banking, together with the Institute of International Finance (IIF) issued a letter to the Basel Committee on Banking Supervision (BCBS) with comments on BCBS’ proposed revisions to its risk management guidance related to anti-money laundering and counter-terrorism financing. In the letter, BAFT and IFF note that, while both associations are “particularly pleased with [BCBS’] recognition that not all correspondent banking relationships bear the same level of risk and [BCBS’] acknowledgment of the difference between inherent and residual risk,” they do summarize several areas where enhancements would assist with the “general usefulness” of the final guidance:
- BCBS should “design guidance that explicitly permits a correspondent bank to rely upon appropriate utilities for the vast majority of cases rather than simply permitting a correspondent bank to use a utility as another source of information supporting the due diligence process” with the purpose of “establishing international standards or sound practices for such utilities to create greater assurance of achieving official ALM/CFT goals.”
- BCBS should adopt “regulatory practices [that] include standards for ‘verification’ that national authorities could administer or supervise.”
The “[s]tandardization of information requirements (or templates) for utilities could also be extended to include [the] international standardization of basic due diligence information and ‘enhanced due diligence’ information for higher-risk relationships.” A “basic standardization would give both parties a ground of expectations to build upon in making judgments about how to do business. It could [also] eliminate a degree of unnecessary duplication of effort and costs.”
GOP Lawmakers Reintroduce House Version of the “TAILOR” Act
On February 22, Congressman Scott Tipton (R-CO) and eight GOP cosponsors reintroduced the Taking Account of Institutions with Low Operation Risk (TAILOR) Act (H.R. 1116), a bill intended to “provide smaller community banks and credit unions relief from onerous regulatory compliance burdens” by “requiring federal regulatory agencies to tailor regulations to fit the business model and risk profile of institutions instead of imposing one-size-fits-all mandates across the board.” According to Rep. Tipton, the various provisions contained within the measure are ultimately intended to provide a means of reducing “often unworkable” compliance costs that community and independent banks and credit unions face when forced to adhere to "regulations designed and intended for big banks.”
In a February 17 press release, the American Bankers Association (ABA) “strongly supported” the bill, which it anticipates would effectively “address the huge flow of new regulations that have made it more difficult for banks to meet the needs of consumers and small businesses as well as local and regional economies.”
The TAILOR Act received bipartisan support when it was previously introduced before the 114th Congress. The June 2015 version of the bill—which was substantially similar to the current iteration—received bipartisan support and was twice approved by the House Financial Services Committee. And, as previously covered on InfoBytes, a companion Senate-version of the TAILOR Act (S. 366) was introduced earlier this month by Sen. Mike Rounds (R-SD).
FinCEN Renews GTOs for Title Insurance Companies in Six Major Metropolitan Areas Upon Finding that GTOs Provide ‘Valuable Data’
On February 23, the Financial Crimes Enforcement Network (FinCEN) announced the renewal of its existing GTOs Geographic Targeting Orders (GTOs), each of which temporarily require U.S. title insurance companies to identify the natural persons behind shell companies used to pay “all cash” for high-end residential real estate in six major metropolitan areas. Generally, the GTOs require all title insurance companies in the targeted cities to file a FinCEN Form 8300 within 30 days of closing a covered transaction, identifying the buyer, any beneficial owner of the buyer, and the individual primarily responsible for representing the buyer in an “all-cash” purchase of high-end residential real estate. Covered businesses must also retain their records for at least five years after the GTO expires.
Notably, the decision to continue the GTO program for another 180 days—beginning on February 24, 2017—was based largely on FinCEN’s finding that the first GTOs issued back in July are producing “valuable data” that is assisting both law enforcement and FinCEN’s efforts to address money laundering through real estate transactions. Nearly one-third of the targeted transactions covered by the July GTOs ended up involving a beneficial owner or representative who is already the subject of a previous suspicious activity report. The results appear to validate the concerns underlying FinCEN’s rationale for issuing GTOs in the first place, namely the use of shell companies to buy luxury real estate in all-cash transactions.
The targeted geographic areas and corresponding closing price thresholds include: (i) Manhattan ($3 million) and all other boroughs of New York City ($1.5 million); (ii) Miami-Dade, Broward, and Palm Beach counties ($1 million); (iii) Los Angeles County ($2 million); (iv) San Francisco, San Mateo, and Santa Clara counties ($2 million); (v) San Diego County ($2 million); and (vi) Bexar County, Texas, which includes San Antonio ($500,000). In targeting the above-listed metropolitan areas, FinCEN clarified that “GTOs do not imply any derogatory finding by FinCEN with respect to the covered companies.” Rather, as explained by FinCEN Acting Director Jamal El-Hindi, “Money laundering and illicit financial flows involving the real estate sector is something that we have been taking on in steps to ensure that we continue to build an efficient and effective regulatory approach.”
For additional information concerning GTO compliance, FAQs released by FinCEN in August 2016 are available here.
CFPB Will Renew Four Advisory Councils
On February 23, the CFPB published four notices in the Federal Register to renew three advisory councils and one advisory board for an additional two year period, covering the Academic Research Council, Community Banker Advisory Council, Consumer Advisory Board, and Credit Union Advisory Council. According to each respective notice, these entities have been reestablished for the purposes of providing information and recommendations in accordance with provisions of the Federal Advisory Committee Act. Each notice is effective as of its publication date and charters filed for each entity are set to expire two years after the filing date unless renewed again.
- The Academic Research Council provides the CFPB’s Office of Research with “advice and feedback on research methodologies, framing research questions, data collection, and analytic strategies.”
- The Community Banker Advisory Council provides information and recommendations concerning the Bureau’s exercise of its authority under the federal consumer financial laws “as they pertain to banks or thrifts with total assets of $10 billion or less.”
- The Consumer Advisory Board provides information and recommendations concerning the Bureau’s policy development, rulemaking, and enforcement functions, including on “emerging practices in the consumer financial products or services industry, including regional trends, concerns, and other relevant information.”
- The Credit Union Advisory Council provides information and recommendations concerning the “Bureau’s policy development, rulemaking, and engagement functions as they relate to credit unions.”
NYDFS Landmark Cybersecurity Rule Set to Take Effect on March 1
On February 16, New York Governor Andrew Cuomo announced that with the New York Department of Financial Services’ (NYDFS) publication of a Final Regulation, New York’s “First-in-the-Nation Cybersecurity Regulation” is set to take effect on March 1. As discussed previously in InfoBytes, the regulation—which requires banks, insurance companies, and other financial services institutions regulated by NYDFS to establish and maintain a cybersecurity program designed to protect consumers’ private data—imposes broad and, in some cases proscriptive, data security and cybersecurity requirements on Covered Entities that venture into new territory for both state and federal financial regulators. Indeed, as described by Governor Cuomo, the regulation reflects New York’s efforts to “lead[] the nation” through “decisive action to protect consumers and our financial system from serious economic harm that is often perpetrated by state-sponsored organizations, global terrorist networks, and other criminal enterprises.”
Moreover, as detailed in a follow-up InfoBytes Special Alert, NYDFS issued a updated proposed regulation on December 28 in response to over 150 comments and testimony presented at a hearing before New York State lawmakers. Though the updated proposed regulation did not differ drastically from the original, the revised proposed regulation provided for somewhat greater flexibility in how covered entities could go about implementing the requirements. Among other things, the December 28 revisions provided for: (i) longer timeframes for compliance with its requirements; (ii) more flexibility for compliance with certain requirements and acknowledgement that some requirements may not be applicable to all financial institutions; and (iii) clarifications to certain key definitions.
The newly released Final Regulation retains the revisions incorporated in the December 28 revision, but also contains the following notable revisions:
- Record retention requirements for audit trail materials relating to Cybersecurity Events were reduced from five years to three years.
- Clarification that Covered Entities’ policies and procedures for reporting by Third Party Service Providers of Cybersecurity Events only apply to the Covered Entity’s Nonpublic Information.
- The limited exemption for small businesses to certain requirements of the rule has been narrowed by including a Covered Entity’s New York affiliates when calculating its number of employees and annual revenue.
- Further clarification on the exemptions for companies regulated under New York’s Insurance Law.
With the expiration of the 30-day comment period and the publication of the Final Rule, New York’s Cybersecurity regulation is officially cleared to become effective upon publication in the New York State Register on March 1.
InfoBytes will continue to monitor the rollout of this pioneering regulation as it progresses.
FDIC Issues Revised Scenarios for 2017 Stress Tests
On February 13, the FDIC released revised economic scenarios for use by certain financial institutions with total consolidated assets of more than $10 billion for 2017 stress tests. According to a statement from the agency, the previously released scenarios contained incorrect historical values for the BBB corporate yield in 2016. The Fed and OCC, with whom the FDIC works develop and distribute the scenarios, also issued revised data.