Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Tennessee enacts Money Transmission Modernization Act
On April 4, the Tennessee governor signed HB 316 / SB 268 to enact the Money Transmission Modernization Act, the money transmitter model law created by industry and state experts. Provisions under the Act amend Tennessee Code Annotated, Title 45, and are intended to (i) reduce regulatory burden by promoting coordination among the states in areas of regulation, licensing, and supervision; (ii) protect the public from financial crime; (iii) standardize activities that are subject to, or otherwise exempt from, licensure; and (iv) modernize safety and soundness requirements to protect customer funds while supporting innovative and competitive business practices. Under the Act, persons may not engage in the business of money transmission, or advertise, solicit, or hold themselves out as providing money transmission without being licensed. In addition to exempting federal and state agencies and financial institutions organized under the laws of any state or the United States, the Act now exempts “authorized delegates”—persons designated by a licensee to engage in money transmission on behalf of the licensee, and persons that fall within an outlined exemption, including persons appointed as an agent of the payee.
The Act also provides the commissioner of financial institutions with the authority to exercise various powers, including the use of the Nationwide Multistate Licensing System and Registry, and the ability to participate in multistate supervisory processes coordinated through the Conference of State Bank Supervisors, Money Transmitter Regulator Association, and others for all licensees that hold licenses in Tennessee and other states. While retaining the ability to conduct examinations of licensees, the commissioner may now examine or investigate an authorized delegate. The Act also updates licensee liability requirements related to net worth assets and surety bonds and make various other changes related to audit reports and disclosure permissions. The Act further provides that “[a] person shall not engage in the business of money transmission on behalf of a person not licensed under this chapter or not exempt pursuant to § 45-7-104,” and stipulates that “[a] person that engages in such activity provides money transmission to the same extent as if the person were a licensee, and is jointly and severally liable with the unlicensed or nonexempt person.” The Act takes effect January 1, 2024.
CSBS seeks comments on uniform mortgage licensing standards
On March 16, the Conference of State Bank Supervisors (CSBS), on behalf of the NMLS Policy Committee, issued a request for public comments on proposed uniform state licensing standards for mortgage companies. The Proposal: Mortgage Business-Specific Requirements would create a national standard for mortgage industry licensing to help improve uniformity within the state system and streamline the licensing process for mortgagees seeking licensure in multiple states.
The proposal is broken down into eight components:
- Contacts. All licensees will be required to provide contacts within the company for accounting, legal, licensing, data breach/cybersecurity, exam billing, exam delivery, and mortgage call reports, in addition to a primary company contact and a primary consumer complaint contact. If a licensee chooses to list a third-party contact, “the company will be deemed to have expressly authorized a state agency to contact the third party without further approval from the company” and “the company is ultimately responsible for the area of responsibility.”
- Periodic reporting. All licensees will be required to complete periodic reports covering mortgage call reports, audited financial statements, and reportable incidents.
- Data requirements. All licensees will be required to “provide numbers for any approvals or designations the company holds[,]” as well as business bank account information for accounts held in the name of the applicant and used for mortgage activities.
- Document requirements. Required documentation includes financial statements; policies and certifications; current Bank Secrecy Act/anti-money laundering and Gramm-Leach Bliley Privacy Act policies; current disaster recovery or business continuity plans; a current consumer grievance/complaint policy (as well as the required certification); and documents used in the regular course of business such as operating agreements, consumer complaint notices, customer agreements, and third-party contracts.
- Required functionality. All licensees must abide by a three-party electronic surety bond agreement in order to guarantee “the surety’s performance or monetary compensation to the obligee should there be a failure by the principal to perform specified acts within a stated time period.” The surety bond will be electronically managed by NMLS.
- Location reporting. All licenses will be required to provide locations where licensed activity will be performed, where records will be stored, or where support staff for licensed activities will be located. Licensees must also provide the primary location for accounting services, regardless of whether they are provided in house or by a third-party accounting firm, cloud storage services (including services used to collect data from customers), and the primary location for legal services, regardless of whether they are provided in house or by a third-party law firm.
- Company operated work locations’ information. The proposal outlines information required for each company operated work location, including business activities, licensing authorities, addresses, books and records information, and “doing business as” names.
- Key individual requirements. Licensees will be required to identify key individuals in the areas of management, ownership, functional risk areas, and industry specific roles. The proposal explains that the key individual inquiry focuses on key risk and functional areas (operations, finance, compliance, and information security), rather than titles. Key individuals for mortgages must also submit credit reports and complete an FBI criminal background check. Key individuals who have lived outside the United States at any time in the past 10 years must also provide an investigative background report.
Comments on the proposal are due May 15.
CSBS says state regulators need access to FinCEN’s beneficial ownership database
On February 14, the Conference of State Bank Supervisors commented that FinCEN should be more explicit in its inclusion of state regulators as agencies that can request access to FinCEN’s forthcoming secure, non-public beneficial ownership information database. (See comment letter here.) As previously covered by InfoBytes, last December FinCEN issued a notice of proposed rulemaking (NPRM) to implement provisions of the Corporate Transparency Act (CTA) that govern the access to and protection of beneficial ownership information (BOI). The NPRM proposed regulations for establishing who may request beneficial ownership information, how the information must be secured, and non-compliance penalties, and also addressed aspects of the database that are currently in development. Agreeing that the new database would help enhance anti-money laundering and countering the financing of terrorism standards and help prevent the use of privacy to hide illicit activity from law enforcement and government authorities, CSBS asked that the final rule “explicitly define state regulators so that there is no confusion about their ability to access BOI when examining state-chartered banks and non-depository trust companies for compliance with customer due diligence requirements under the Bank Secrecy Act (BSA).” According to CSBS, state regulators conducted over 1,200 BSA exams in 2021. CSBS further pointed out that being able request BOI on an as needed basis would aid investigative and enforcement responsibilities for both state-chartered banks and state-licensed nonbank financial services providers.
NYDFS's Harris to serve as the state banking representative on the FSOC
On December 13, the Conference of State Bank Supervisors (CSBS) announced that NYDFS Superintendent Adrienne A. Harris will serve as the state banking representative on the Financial Stability Oversight Council (FSOC). According to the announcement, in 2013, Superintendent Harris joined the Obama Administration as a Senior Advisor in the U.S. Department of Treasury prior to being appointed as the Special Assistant to the President for Economic Policy. In this role, she managed the financial services portfolio, focusing on the implementation of Dodd-Frank, and developed strategies for financial reform, consumer protections, cybersecurity and housing finance reform. According to James M. Cooper, president and CEO of CSBS, Harris’s “background and experience at both the federal and state level will be an asset for the council as it manages emerging risk during a time of economic uncertainty.”
CSBS says FDIC board nominees lack state bank regulatory expertise
On November 29, the Conference of State Bank Supervisors sent a letter to Senator Sherrod Brown (D-OH), Chairman of the Senate Banking Committee, and Rep. Pat Toomey (R-PA), Ranking Member of the House Financial Services Committee, to express their disappointment that none of the nominees to the FDIC Board of Directors have state bank supervisory experience. Last month, President Biden nominated Martin Gruenberg, who has been serving as acting chairman, to serve as chair and member of the board, and in September, Travis Hill and Jonathan McKernan were nominated to fill the board’s two vacant seats (covered by InfoBytes here and here). At the time of the announcement, CSBS President and CEO James M. Cooper issued a statement encouraging the U.S. Senate to ask nominees how they intend to work with state bank regulators. Cooper reiterated in his follow-up letter that the FDI Act requires that at least one board member have state bank supervisory experience, especially since having the Comptroller of the Currency seated on the board represents the interest of national banks. According to Cooper, fulfilling this statutory requirement “can only be met by a person who has worked in state government as a supervisor of state-chartered banks, and as the legislative history notes, [is] someone with ‘state bank regulatory expertise and sensitivity to the issues confronting the dual banking system.’” Cooper asked that the slate of nominees confirmed by the Senate includes at least one individual who fulfills this requirement.
The following day, during the Senate Banking Committee’s nomination hearing, Republican senators questioned Gruenberg’s role in a dispute between Democratic board members and former Chairwoman Jelena McWilliams related to a joint request for information seeking public comment on revisions to the FDIC’s framework for vetting proposed bank mergers. McWilliams eventually announced her resignation at the end of last year (covered by InfoBytes here). Senator Pat Toomey (R-PA) called Gruenberg’s participation in the dispute “very disturbing,” and expressed concerns that his actions, along with some of his colleagues, “really undermines the  FDIC and could have lasting implications.” Gruenberg countered that under the FDI Act, “the authority of the agency explicitly is vested in the board of directors, and the majority of the board has the authority to place items before the board.”
Some Republican senators also raised concerns with Gruenberg’s past involvement in Operation Choke Point, with Senator Steve Daines (R-MT) requesting that Gruenberg commit to actively preventing FDIC employees from “criticizing, discouraging or prohibiting banks from lending or doing business with any industries or customers that are operating in accordance with the law.” Gruenberg agreed to do so, saying this has been the FDIC’s policy. The FDIC’s current approach to cryptocurrency was also addressed, while Senator Cynthia Lummis (R-WY) took issue with the fact that none of the board nominees fulfill the Biden administration’s push for diversity and inclusion.
Biden nominates Gruenberg for FDIC chair
On November 14, President Biden announced his intention to nominate Martin Gruenberg to serve as chair and member of the FDIC Board of Directors. Following the resignation of the FDIC’s former chair, Jelena McWilliams (covered by InfoBytes here), Gruenberg has been acting chairman. Since joining the FDIC Board of Directors in 2005, Gruenberg has served as vice chairman, chairman, and acting chairman. Prior to joining the FDIC, Gruenberg served on the staff of the Senate Banking Housing and Urban Affairs Committee as Senior Counsel of the full Committee, and as staff director of the Subcommittee on International Finance and Monetary Policy.
CSBS President and CEO James M. Cooper issued a statement following the announcement: “Today’s announcement from the White House means that none of the nominees to the FDIC Board will meet the requirement for state bank supervisory experience. This requirement is not only the law but also a great benefit for consumers and the banking sector when the dual-banking system is fully represented on the FDIC Board. We encourage Senators, in their role in the confirmation process, to ask nominees how they will work with state bank regulators to benefit from their experience sitting closer to citizens and local economies.”
CSBS provides tips on NMLS annual renewal
On October 20, the Conference of State Bank Supervisors (CSBS) announced that individuals and businesses in the mortgage, money transmission, debt collection, and consumer financial services industry are encouraged by state regulators to prepare for November 1, which is the beginning of the Nationwide Multistate Licensing System (NMLS) annual license renewal. The announcement noted the number of individual state licenses eligible for renewal is 13 percent higher than the same time last year, while the number of company licenses eligible for renewal is up 16 percent compared to this time last year. CSBS provided five tips for licensees to prepare for NMLS renewal, which include, among other things, resetting NMLS passwords to conform with new requirements that went into effect this past March and to review state-specific renewal requirements. CSBS also noted that the renewal period in most states runs from November 1 to December 31.
FSOC reports on cryptocurrency systemic risks
On October 3, the Financial Stability Oversight Council (FSOC) released its Report on Digital Asset Financial Stability Risks and Regulation. As called for by Executive Order 14067, “Ensuring Responsible Development of Digital Assets” (covered by InfoBytes here), the report reviewed financial stability risks and regulatory gaps posed by various types of digital assets and provided recommendations to address such risks. Among other things, the report noted three gaps in the existing cryptocurrency regulatory framework: (i) limited direct federal oversight of the spot market for crypto-assets that are not securities; (ii) opportunities for regulatory arbitrage; and (iii) whether vertically integrated market structures can or should be accommodated under existing laws and regulations. The report stated that FSOC recommended that Congress pass legislation that would create “a comprehensive prudential framework for stablecoin issuers that also addresses the associated market integrity, investor and consumer protection and payments system risks, including for entities that perform services critical to the functioning of the stablecoin arrangement.” FSOC further recommended that the member agencies should follow several guiding principles, including “same activity, same risk, same regulatory outcome,” and “technology neutrality.” The report also requested that agencies consider whether “vertical integration” or other business models where retail customers can directly access markets instead of going through a broker-dealer “can or should be accommodated.” The report noted that if banks “scale up their participation in the crypto-asset ecosystem, such activity could potentially entail much greater access to the crypto-asset market by a broad range of institutional investors, corporations, and retail customers than currently exists.” The U.S. Treasury Department released a Fact Sheet summarizing the report’s key findings and recommendations.
Treasury Secretary Janet Yellen noted in a statement that the “report adds to analysis of digital asset issues that have been covered in other recent reports, including on the future of money and payments; consumers and investor protection; illicit finance; and a framework for international engagement.” Acting Comptroller of the Currency Michael J. Hsu released a statement supporting the report, emphasizing that “it is critical for the Council and Congress to prioritize Recommendation 4 regarding interagency coordination, Recommendation 5 regarding a federal prudential framework for stablecoin issuers, and Recommendation 6 regarding regulatory visibility and authorities over all of the activities of crypto-asset entities.” SEC Chair Gary Gensler also expressed his support in a statement, noting that he looks “forward to working with Congress to achieve our public policy goals, consistent with maintaining the regulation of crypto security tokens and related intermediaries at the SEC.” Texas Banking Commissioner and FSOC state banking representative Charles G. Cooper released a statement of support through the Conference of State Bank Supervisors saying that the report should “inform the work that we do as individual agencies and on an interagency basis to balance responsible innovation with safeguarding our financial markets and consumers.”CFPB Director Rohit Chopra released a statement, noting that “agencies have already taken steps to address discrete issues related to deposit insurance misrepresentation and to lay groundwork to address concerns related to fraud, hacks, and scams,” and emphasized the need “to tackle broader risks to the financial system.”
CSBS releases nonbank cybersecurity examination tools
On August 9, the Conference of State Bank Supervisors (CSBS) released two new tools used by state examiners to assess nonbank financial services companies’ cyber preparedness. Developed by a multi-state team of cybersecurity examination experts, the Baseline Nonbank Cybersecurity Exam Program and the Enhanced Nonbank Cybersecurity Exam Program provide nonbanks the opportunity to improve their cybersecurity posture and better prepare for cybersecurity exams conducted by state examiners. The “Baseline” program is geared toward exams of “smaller, noncomplex, low-risk institutions,” and “is targeted for use by examiners with or without specialized IT and cybersecurity knowledge.” The “Enhanced” program includes all of the Baseline procedures as well as additional procedures to provide a “more in-depth review for larger, more complex institutions or for those where concerns are raised during exams.” The program is intended for use by examiners with specialized IT and cybersecurity knowledge.
“Supervisory clarity is essential to increasing industry awareness and making our financial system more resilient to cyber-attacks,” CSBS Senior Vice President of Nonbank Supervision Chuck Cross said in the announcement. “The Nonbank Cybersecurity Exam Procedures released today provide nonbank institutions additional optional tools to guard against cyber-attacks, data breaches or lapses in management oversight in this crucial area.”
CSBS announced that it intends to provide additional tools tailored to the needs of smaller nonbank financial institutions in the coming months.
States settle with company on fraudulent MLO certifications
On February 10, the Conference of State Bank Supervisors announced that the California Department of Financial Protection and Innovation, Maryland’s Office of the Commissioner of Financial Regulation, and the Oregon Division of Financial Regulation have reached a settlement agreement with the owner of a California-based company for providing false certificates claiming that mortgage loan originators (MLOs) took mandatory eight-hour continuing education courses as required for licensure under state and federal law. The three state financial regulators brought separate enforcement actions alleging violations of the Secure and Fair Enforcement for Mortgage Licensing Act (SAFE Act) against the individual and his family (collectively, “respondents”) for their role in the “multi-state fraud scheme that involved hundreds of mortgage loan originators.” According to the announcement, the respondents have “agreed to fully cooperate and provide testimony against implicated mortgage loan originators,” and have “agreed to a lifetime restriction from direct and indirect involvement in businesses that provide mortgage lending-related education.” In addition to a $75,000 monetary penalty (which will be divided between the three states), the respondents have agreed to a non-compliance penalty of $15 million should they fail to fully comply with the terms of the settlement agreement.
The action follows a multistate $1.2 million settlement reached last month with 441 MLOs. As previously covered by InfoBytes, the enforcement action included the participation of 44 state agencies from 42 states, and required the settling MLOs to surrender their licenses for three months, pay a $1,000 fine to each state that is a signatory to the consent order in which the MLO holds a license, and take pre-licensing and continuing-education courses before petitioning or reapplying for an MLO endorsement or license.