InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB issues ANPR on consumer access to financial records
On October 22, the CFPB released an advanced notice of proposed rulemaking (ANPR), which seeks comments to assist the Bureau in developing regulations covering consumers’ access to financial records. The Bureau is required to promulgate regulations to implement Section 1033 of the Dodd-Frank Act, which provides, among other things, that consumer financial services providers must make certain product or service information available to consumers. The Bureau’s press release notes that access to this information would allow consumers’ enhanced control of their financial matters. Additionally, should consumers allow third parties to access the information, those parties may “deliver new or improved financial products and services,” such as personal financial management and making or receiving payments. However, the Bureau acknowledges certain risks associated with access to financial records, including risks related to the methods of authorization and risks related to an institution’s collection and use of the records. The ANPR seeks comments on questions grouped into nine categories: (i) costs and benefits of consumer data access; (ii) competitive incentives; (iii) standard-setting; (iv) access scope; (v) consumer control and privacy; (vi) legal requirements outside of Section 1033; (vii) data security; (viii) data accuracy; and (ix) other information. Comments are due 90 days after publication in the Federal Register.
CFPB releases HMDA 2021 reference chart
On October 16, the CFPB published a new reference chart titled “Reportable HMDA Data: A Regulatory and Reporting Overview Reference Chart for Data Collected in 2021.” The chart is designed to be used as a reference tool for required data points to be collected, recorded, and reported under Regulation C, as amended by HMDA rules issued October 15, 2015, August 24, 2017, October 10, 2019, and April 16, 2020 (most recently covered by InfoBytes here). The Bureau noted that this chart does not provide HMDA loan/application register data fields or enumerations.
FHFA proposes rule for new GSE products
On October 19, the FHFA announced a notice of proposed rulemaking (NPR) that would require Fannie Mae and Freddie Mac (GSEs) to provide advance notice to FHFA of new activities and obtain prior approval before launching new products. According to a factsheet released in conjunction with the proposed rule, the NPR would allow “FHFA to assess the impact, risks, and benefits of a new activity, and to determine whether the new activity is a new product that merits public notice and comment,” and would replace an interim final rule that has been in effect since 2009. Among other things, the NPR would (i) establish revised criteria for determining “what is a new activity and a new product, and the process for that activity’s review and approval” by FHFA; (ii) provide a “unified notice process,” which will require the GSEs “to make a single form of submission”; (iii) streamline and simplify the advance notification process; and (iv) outline FHFA’s process for reviewing notices of new activity and provide timelines for both the public notice and request for comment period as well as final approval. Comments on the NPR must be submitted within 60 days of publication in the Federal Register.
Federal bank regulatory agencies release two final rules supporting large banks
On October 20, the Federal Reserve Board, OCC, and FDIC (collectively, “federal bank regulatory agencies”) finalized two rules for large banks.
The federal bank regulatory agencies first announced a final rule intended to reduce interconnectedness within the financial system between the largest banking organizations and to minimize systemic risks stemming from failure of these organizations. As the federal bank regulatory agencies noted in their announcement, the final rule, Regulatory Capital Treatment for Investments in Certain Unsecured Debt Instruments of Global Systemically Important U.S. Bank Holding Companies, Certain Intermediate Holding Companies, and Global Systemically Important Foreign Banking Organizations; Total Loss-Absorbing Capacity Requirements, “prescribes a more stringent regulatory capital treatment for holdings of [total loss-absorbing capacity] (TLAC) debt.” U.S. global systemically important banking organizations (GSIBs) will be required, among other things, to deduct from their regulatory capital certain investments in unsecured debt instruments issued by foreign or U.S. GSIBs in order to meet minimum TLAC requirements and long-term debt requirements, as applicable. The final rule recognizes the systemic risks posed by banking organizations’ investments in covered debt instruments and “create[s] an incentive for advanced approaches [for] banking organizations to limit their exposure to GSIBs.” The final rule takes effect April 1, 2021.
The federal bank regulatory agencies also announced a second final rule, Net Stable Funding Ratio: Liquidity Risk Measurement Standards and Disclosure Requirements, which will implement a stable funding requirement for certain large banking organizations established by a quantitative metric known as the net stable funding ratio (NSFR). The NSFR will measure banking organizations’ level of stability, and will require that a minimum level of stable funding be maintained over a one-year period. According to the federal bank regulatory agencies, the NSFR is intended “to reduce the likelihood that disruptions to a banking organization’s regular sources of funding will compromise its liquidity position,” and is designed to “promote effective liquidity risk management, and support the ability of banking organizations to provide financial intermediation to businesses and households across a range of market conditions.” The final rule “applies to certain large U.S. depository institution holding companies, depository institutions, and U.S. intermediate holding companies of foreign banking organizations, each with total consolidated assets of $100 billion or more, together with certain depository institution subsidiaries” with “increases in stringency based on risk-based measures of the top-tiered covered company.” The final rule takes effect July 1, 2021.
CFPB extends GSE Patch
On October 20, the CFPB issued a final rule extending the expiration of the GSE Patch until the mandatory compliance date of final amendments to the General Qualified Mortgage (QM) loan definition in order to facilitate a smooth and orderly transition away from the GSE Patch. As previously covered by a Buckley Special Alert, in June, the Bureau released two Notices of Proposed Rulemaking (NPRM) to address the January 2021 expiration of the GSE Patch for the QM Rule. The first NPRM proposed to remove the General QM loan definition’s 43 percent debt-to-income ratio (DTI) limit and replace it with a price-based threshold and the second proposed to extend the expiration of the GSE Patch.
The final rule replaces the original expiration of the GSE Patch (January 1, 2021) until the mandatory compliance date of the final amendments to the QM loan definition. The final rule also provides that the current QM definition “will be available only for covered transactions for which the creditor receives the consumer’s application before the mandatory compliance date of final amendments to the General QM loan definition in Regulation Z.” Notably, the NPRM for the new QM loan definition proposes an effective date of six months after the final rule is published in the Federal Register and the rule has not yet been published; it does not discuss a mandatory compliance date.
Agencies propose codifying that supervisory guidance lacks force of law
On October 20, the Federal Reserve Board, CFPB, FDIC, NCUA, and OCC released a notice of proposed rulemaking (NPRM), which seeks to codify the “Interagency Statement Clarifying the Role of Supervisory Guidance issued by the agencies on September 11, 2018 (2018 Statement).” As previously covered by InfoBytes, the 2018 Statement confirmed that supervisory guidance “does not have the force and effect of law, and [that] the agencies do not take enforcement actions based on supervisory guidance.” The Statement emphasized that the intention of supervisory guidance is to outline agencies’ expectations or priorities and highlighted specific policies and practices the agencies intend to take relating to supervisory guidance to further clarify the proper role of guidance, including: (i) not citing to “violations” of supervisory guidance; (ii) limiting the use of numerical thresholds or other “bright-line” requirements; (iii) limiting multiple issuances of guidance on the same topic; (iv) continuing to emphasize the role of supervisory guidance to examiners and to supervised institutions; and (v) encouraging supervised institutions to discuss supervisory guidance questions with their appropriate agency contact.
In addition to codifying the above elements of the 2018 Statement, the proposal would amend the 2018 Statement by (i) clarifying that references in the Statement limiting agency “criticisms” includes criticizing institutions “through the issuance of [matters requiring attention] MRAs and other supervisory criticisms, including those communicated through matters requiring board attention, documents of resolution, and supervisory recommendations”; and (ii) adding that supervisory criticisms should be “specific as to practices, operations, financial conditions, or other matters that could have a negative effect on the safety and soundness of the financial institution, could cause consumer harm, or could cause violations of laws, regulations, final agency orders, or other legally enforceable conditions.”
Comments are due 60 days after publication in the Federal Register, which has not yet occurred.
FinCEN, federal banking agencies provide CIP program relief
On October 9, the Financial Crimes Enforcement Network (FinCEN), in concurrence with the OCC, Federal Reserve, FDIC, and NCUA (collectively, “federal banking agencies”), issued an interagency order granting an exemption from the requirements of the customer identification program (CIP) rules for insurance premium finance loans extended by banks to all customers. The exemption is intended to facilitate insurance premium finance lending for the purchase of property and casualty insurance policies and will apply to loans extended by banks and their subsidiaries, subject to the federal banking agencies’ jurisdiction. According to FinCEN, insurance premium finance loans present a low risk for money laundering due to the purpose for which the loans are extended and the limitations on how such funds may be used. Moreover, FinCEN emphasized that “property and casualty insurance policies themselves are not an effective means for transferring illicit funds.” Banks, however, must still comply with all other regulatory requirements, including those implementing the Bank Secrecy Act that require the filing of suspicious activity reports. Furthermore, the federal banking agencies determined that the order is consistent with safe and sound banking practices. The order supersedes a September 2018 order, which previously granted an exemption from the CIP rule requirements for commercial customers (covered by InfoBytes here).
Fed recommends derivatives market follow IBOR Fallback Protocol
On October 9, the Federal Reserve Board issued SR 20-22,which strongly advises supervised institutions to transition away from LIBOR and consider following the International Swaps and Derivatives Association’s (ISDA) IBOR Fallback Protocol and IBOR Fallback Supplement (collectively, “the Protocol”). The Fed warned market participants that because the publication of LIBOR is not guaranteed after 2021, its continued use poses financial stability risks. The Fed recommended that examiners alert supervised firms active in the derivatives market to strongly consider adhering to the Protocol, which will, among other things, “facilitate[] the transition away from LIBOR by providing derivatives market participants with new fallbacks for legacy and new derivative contracts,” and will “allow LIBOR derivatives contracts to continue to perform through the transition.” The ISDA released a statement the same day announcing the Protocol will be launched on October 23 and take effect on January 25, 2021.
Find continuing InfoBytes coverage on LIBOR here.
DOJ Cyber-Digital Task Force releases cryptocurrency enforcement framework
On October 8, U.S. Attorney General William P. Barr released his Cyber-Digital Task Force’s comprehensive overview of emerging threats and enforcement challenges associated with the increased use of cryptocurrencies. The report, titled Cryptocurrency: An Enforcement Framework, is divided into three parts and details the relationships that the DOJ has built with U.S. and foreign regulatory and enforcement partners, and summarizes the Department’s response strategies.
- Part I: Threat Overview. This section illustrates how malicious actors misuse cryptocurrency technology to harm users and commit crimes. The task force catalogs most illicit uses of cryptocurrency into the following three broad categories: (i) “financial transactions associated with the commission of crimes,” including soliciting funds to support terrorist activities; (ii) money laundering and the shielding of otherwise legitimate activity from tax, reporting, or other legal requirements; or (iii) crimes that directly implicate the cryptocurrency marketplace itself, such as stealing cryptocurrency or promising cryptocurrency to defraud investors.
- Part II: Law and Regulations. This section explores the various legal and regulatory authorities that the DOJ has used to bring cryptocurrency enforcement actions, and highlights its partnerships with other U.S. federal and state authorities and foreign enforcement agencies to prevent crime and provide investigatory assistance.
- Part III: Ongoing Challenges and Future Strategies. This section discusses the ongoing challenges presented by the misuse of cryptocurrency, as well as ongoing strategies to combat emerging threats. This includes an examination of certain business models and activities employed by cryptocurrency exchanges, including money service businesses, virtual asset and peer-to-peer exchanges and platforms, kiosk operators, and casinos.
This is the task force’s second report. The first report, published in 2018, provides a more general overview of cyber threats.
CFPB outlines application process for early termination of consent orders
On October 5, the CFPB issued a policy statement outlining the application process for entities seeking to terminate a consent order before the original expiration date. Generally, consent orders issued by the Bureau carry five-year terms, although the term may be extended in certain circumstances. While reiterating the essential role consent orders play in the Bureau’s enforcement work, the Bureau recognizes that consent orders can impose costly and resource-intensive reporting and record-keeping requirements, and may impact a regulated depository institution’s ability to open new branches or merge or acquire other financial institutions. Acknowledging that there may be “exceptional circumstances” where early termination may be appropriate, the policy statement sets forth eligibility criteria that entities must meet, and lays out the standards that the Bureau intends to use when evaluating early termination applications. It also notes that only entities are permitted to apply for early termination of a consent order. Individuals are not eligible do so.
Among other things, an entity applying for early termination must demonstrate that it (i) has fully complied with the consent order’s terms and conditions; and (ii) has a “satisfactory” compliance management system in its institutional product line or compliance area under which the consent order was issued. Entities must also meet certain timing and threshold eligibility criteria. The policy statement further specifies that an entity may not apply if it has been banned from participating in a certain industry, if the consent order involves violations of an earlier order, or if any criminal activity is involved. Once an application is determined to be complete, the Bureau states that it “generally intends to complete [its] compliance review within six months.”
The policy statement takes effect October 8.