Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB Publishes Updated TRID Small Entity Compliance Guide; ABA Submits Comments on CFPB’s Proposal to Fix TRID’s “Black Hole” Issue
On October 6, the CFPB released an updated version of its TILA-RESPA Integrated Disclosure Rule (Final Rule) small entity compliance guide. The updated guide reflects amendments issued July 7, previously discussed in a Buckley Sandler Special Alert, that the CFPB made to the Final Rule. The guide also provides a version log to outline incorporated changes.
Separately, on October 10, the American Bankers Association (ABA) issued a comment letter regarding the CFPB’s proposal to address an aspect of the Final Rule concerning a “black hole” issue that prevents creditors from resetting tolerances using the Closing Disclosure except in very limited circumstances. (See previous InfoBytes coverage here.) The proposal was issued August 11, the same day the CFPB published the Final Rule. In its letter, the ABA requested additional clarification on certain areas of the proposal, but stated that it supports the removal of the “four-business-day limit for providing Closing Disclosures for purposes of resetting tolerances” because it “is an effective and very efficient approach to addressing the ‘black hole’ problem while preserving adequate consumer protections that will avoid bait-and-switch tactics or unjustified fee increases.” Furthermore, the ABA believes, “the use of [Closing Disclosures], whether initial or corrected, as a vehicle for correcting and ‘re-baselining’ fee disclosures, is a straightforward approach to returning regulatory order and compliance clarity on this provision.”
On July 20, the Senate Committee on Banking, Housing, and Urban Affairs (Committee) held a hearing entitled, “Housing Finance Reform: Maintaining Access for Small Lenders.” Frequent topics of discussion in the hearing included, among other things, housing finance reform, secondary market access, affordable housing, access to credit in rural areas, mortgage insurance, and mortgage backed securities issued by government-sponsored enterprises (GSEs), operating under conservatorship since 2008.
Sen. Mike Crapo (R-Idaho), Chairman of the Committee, remarked in his opening statement that “small lenders play a critical role in the mortgage market,” and that a need exists to preserve access to the secondary market. However, Sen. Crapo asserted that although GSEs are currently earning profits, a risk exists for taxpayers if there is a market downturn. “A mortgage market dominated by two huge government-sponsored companies in conservatorship is not a long-term solution, and is not in the best interest of consumers, taxpayers, lenders, investors, or the broader economy,” Sen. Crapo stated.
Sen. Sherrod Brown (D-Ohio), ranking member of the Committee, released an opening statement in which he stated, “[S]mall lenders are often the only lenders willing to go the extra mile to underwrite mortgages . . . in cities’ urban core and in rural communities. . . . As we continue to debate the role of the GSEs, private capital, and large financial institutions in providing access to affordable mortgages, we cannot create a system that allows the GSEs or new players to use a business model that serves only the largest lenders, the highest income borrowers, or the well-off pockets of our country.”
The coalition of consumer groups and small lenders present at the hearing supported GSE reform, sought additional support for small lenders, and called for prompt government action relative to housing finance reform.
The July 20 hearing—a video of which can be accessed here—included testimony from the following witnesses:
- Ms. Brenda Hughes, Senior Vice President and Director of Mortgage and Retail Lending, First Federal Savings Bank of Twin Falls, on behalf of the American Bankers Association (testimony)
- Mr. Tim Mislansky, Senior Vice President and Chief Lending Officer, Wright-Patt Credit Union and President and CEO, myCUmortgage, LLC on behalf of the Credit Union National Association (testimony)
- Mr. Jack E. Hopkins, President and CEO, CorTrust Bank, N.A., on behalf of the Independent Community Bankers of America (testimony)
- Mr. Charles M. Pruvis, President and CEO, Coastal Federal Credit Union, on behalf of the National Association of Federally-Insured Credit Unions (testimony)
- Mr. Wes Hunt, President, Homestar Financial Corporation, on behalf of the Community Mortgage Lenders of America (testimony)
- Mr. Bill Giambrone, President and CEO, Platinum Home Mortgage and President, Community Home Lenders Association (testimony)
On July 17, the ABA and CFPB announced a joint webinar on August 8 at 2:00 pm EDT, which will instruct compliance, operations, and loan processing professionals on how to use the new platform for submitting HMDA data. The webinar will provide an overview of the new tool and data collection process that all financial institutions must use to submit HMDA data beginning January 1, 2018 for data collected during 2017 and going forward.
Notably, however, on July 14, the CFPB issued a request for comments on proposed amendments to its HMDA reporting threshold for calendar years 2018 and 2019 to ease the burden on small-volume lenders. The comment period ends July 31, 2017. (See previous InfoBytes summary here.)
On July 20, the Senate Banking Committee will hold a hearing on mortgage reform for small lenders. The hearing, entitled “Housing Finance Reform: Maintaining Access for Small Lenders,” will feature witnesses from the American Bankers Association, the Credit Union National Association, the Independent Community Bankers of America, the National Association of Federally-Insured Credit Unions, the Community Mortgage Lenders of America, and the Community Home Lenders Association.
Following up on comments submitted to the CFPB on its proposal to amend the 2015 HMDA rule (see previous InfoBytes coverage here), the American Bankers Association (ABA)—along with state banking associations representing all 50 states and Puerto Rico—sent a letter on July 12 to the Bureau requesting that the new “complex” and “substantive” requirements scheduled to take effect January 1, 2018 be delayed to allow banks time to comply. The associations claim the Bureau (i) failed to sufficiently conduct industry research to identify and address questions and proposed solutions concerning the proposed changes, and (ii) inadequately addressed issues related to the protection of borrower data. The ABA also stresses that the software systems banks need to incorporate into their platforms to ensure compliant data collection will not be available in time “because the industry and systems vendors are still awaiting rule changes that will necessitate system adaptations.” The Bureau has been asked to announce its intention for a delay within the next month.
ABA, State Bankers Associations Respond to HUD’s Request for Comment; Discuss Need to Clarify Disparate Impact
On May 15, HUD issued a request for comment on its review of regulations as required by Executive Order 13777, which compels each agency to review and carry out regulatory reform. According to the request for comment, the self-assessment will address suggestions for “specific current regulations that may be outdated, ineffective, or excessively burdensome, and therefore, warranting repeal, replacement, or modification.” The request, which closed for public comment on June 14, received 100 comments from state bankers associations, financial institutions, and individuals.
American Bankers Association (ABA) and State Bankers Associations. On June 14, a joint comment letter was sent on behalf of the ABA and state bankers associations representing all 50 states. A key issue raised by the letter was that HUD adopted an incorrect and improper standard for disparate impact liability in its rule implementing the Fair Housing Act’s discriminatory effects standard—a rule the groups calls “outdated and legally wrong.” Under the terms of the rule, HUD provided that “[l]iability may be established under the Fair Housing Act based on a practice’s discriminatory effect . . . even if the practice was not motivated by a discriminatory intent” and then articulated a burden shifting framework for such claims in which a plaintiff can establish a prima facie case using statistics alone. However, the groups claim that the burden shifting framework conflicts with a Supreme Court decision in Texas Department of Housing and Community Affairs v. Inclusive Communities Project, and assert that “a case premised on statistics alone is a prime example of an abuse of disparate impact.” The groups further wonder if HUD will “maintain the supervisory view that statistics alone can establish a prima facie case, as stated in the [r]ule[.]” It is the opinion of the groups that the Supreme Court enforced strict limitations of the use of disparate impact—“in stark contrast to the Rule’s approach”—in order to “avoid injecting the consideration of race into decision making and . . . address important constitutional concerns.” Thus, “[a] rule that creates, rather than eliminates, confusion undermines its own purpose and is entirely ineffective.” Furthermore, the letter (i) indicates that the groups are willing to engage in discussions with HUD on the topic of disparate impact, and (ii) raises the issue of whether a revised rule or a reopening of comments on the existing rule are in order.
As previously covered in an InfoBytes Special Alert, the CFPB issued a request for comment on its proposal to amend the 2015 HMDA rule, which would incorporate changes primarily for the purpose of clarifying data collection and reporting requirements. The request, which closed for public comment on May 25, received 46 public comments from several banking and credit union industry associations.
Mortgage Bankers Association (MBA). On May 25, the MBA—a national association representing the real estate financial industry—submitted a comment letter outlining outstanding issues and calling upon the Bureau to provide clarifying and technical corrections to Regulation C, which implements HMDA. The MBA outlined the following points, among others, for consideration:
- delay the effective date of the Final Rule and amendments pending completion of key actions in the following areas: “HMDA data collection portals; publication and implementation of data quality edits; geocoder production release and integration specs; data privacy concerns; resubmission expectations; updated filing instructions guides; guidance on reporting and collection issues; impacts of the proposed amendments; uniform residential loan application; government monitoring information”;
- address recommendations pertaining to multifamily lending: (i) “multifamily loans should not be subject to HMDA reporting”; (ii) “purchases and assumptions of multifamily loans should be exempt from introductory rate period reporting”; (iii) “the CFPB should accept simplified reporting from smaller-volume HMDA reporters, particularly smaller-volume multifamily reporters”; and (iv) “further consideration and clarification of the multifamily definition is needed”; and
- a one-year delay would allow the CFPB to address privacy concerns that “might dictate that certain data not be disclosed publicly,” thereby giving the Bureau time to “reconsider whether the many data points required under Dodd-Frank . . . should be required.”
According to the CFPB’s request for comment, most of the amendments in the Final Rule are to go into effect January 1, 2018; however, the MBA noted that data collection must commence in 2017 for loan applications that may become reportable in 2018. Therefore, the MBA urged the Bureau to delay implementation for at least one year to allow sufficient time for data collection and reporting which would give the CFPB “time to provide much-needed information and materials, and to allow HMDA reporters more time to finalize and implement the changes effectively.”
American Bankers Association (ABA). Separately, on May 25, the ABA submitted a comment letter opining that many of the Bureau’s “technical corrections, clarifying amendments or minor changes” are “substantive in nature” and require a more comprehensive and formal process to “identify industry questions and proposed solutions.” Specifically, among other things, the ABA emphasized the following recommendations:
- the January 1, 2018 effective date of the Final Rule should be “suspended immediately” in order to “promote the orderly, coordinated, and thorough consideration and resolution of all the interrelated issues presented and to make sure that all of the privacy and security issues are adequately addressed”;
- the CFPB should consider updating, rather than discontinuing, its reference tool for lenders entitled A Guide to HMDA: Getting it Right;
- several categories require further clarification: loans in process or loans originated before but purchased after the rule’s effective date; multifamily dwellings; home improvement loans; temporary financing; the threshold for reporting; counteroffers; applicant or borrower’s reported income; the annual percentage rate; rate spreads and rate set dates; reporting when there are no closing disclosures; corrected disclosures; the unique loan identifier; the geocoding tool’s use; and information pertaining to ethnicity and race; and
- pending guidance on error resolution and software required for reporters should be finalized “as soon as possible,” and regulations on privacy and data security should be proposed “with the utmost speed.”
“Piecemeal corrections based on informal and anecdotal evidence only adds to regulatory burden, which adds costs to borrowers and reduces access to mortgage credit,” the ABA noted.
As previously covered in InfoBytes, the CFPB issued a request for comment on its plan for assessing the effectiveness of its May 2013 final rule governing consumer remittance transfers (Remittance Rule). The request, which closed for public comment on May 23, focused on, among other things: (i) “whether the market for remittances has evolved . . . in ways that promote access, efficiency, and limited market disruption”; and (ii) whether the Remittance Rule (and other CFPB regulatory activity) has “brought more information, transparency, and greater predictability of prices to the market.” The CFPB received over 35 public comments from a vast array of large and small credit unions, as well as some of the leading providers of money transfer by volume. The consensus among these institutions was that implementing and maintaining the Remittance Rule’s new disclosures, cancellation windows, and audits are costly and the benefits to consumers are negligible. Specifically, one commenter noted increased consumer confusion, increased consumer delays in receiving their funds, and some have discontinued offering money transfers altogether.
On May 23, the American Bankers Association (ABA) submitted a comment letter calling upon the Bureau to conduct an evidence-based assessment on whether the rule has preserved consumers’ access to remittance services. According to a survey conducted by the ABA of 75 member banks of varying asset sizes and cited in the comment letter, the rule—intended to “provide additional information to help consumers shop for remittances and establish error resolution procedures and protections”—has “restricted consumers’ access to remittances, increased fees for use of the service, and unnecessarily delayed remittance requests.” As explained in the letter, the ABA expressed concern about the rule, stating that there is “little evidence that the final rule has improved consumer decision-making or facilitated comparison shopping.” Furthermore, the ABA has asked the CFPB to examine the following issues: (i) whether consumers, including those in rural areas, have access to remittance transfer services; (ii) whether consumers are provided information about remittance services that inform rather than confuse; and (iii) whether regulation of remittances is not unnecessarily burdensome to the financial institutions that provide this service.
Separately, on May 23, The Clearing House, the Consumer Bankers Association, the Bankers Association for Finance and Trade, and the ABA (Associations), issued a joint letter urging the CFPB to examine the effects of the rule from the perspective of both consumer-senders of remittance transfers and the providers of those services. The Associations outlined recommendations for the CFPB including: (i) continuing to permit depository institutions to provide estimates of third-party fees and exchange rates rather than actual fees and rates in cases where obtaining exact data is not feasible; (ii) excluding from the rule high-value transfers in excess of a certain dollar amount as well as excluding from coverage transfers effectuated through reloadable prepaid cards; (iii) modifying disclosure requirements and cancellation and resend rights; and (iv) making changes to the rule’s error resolution provisions to hold the sender responsible for transaction costs resulting from sender error.
On May 12, a cyberattack spread around the world, affecting more than 230,000 computers in roughly 150 countries, according to a statement issued by the American Bankers Association. The ransomware, known as “WannaCry,” was used to exploit a vulnerability that affects computers running Microsoft Windows (see Department of Homeland Security Alert). Users of infected computers received a message that their files had been encrypted and that they must pay a ransom in bitcoin in order to decrypt their files. However, as conveyed in a press release issued by the Financial Services - Information Sharing and Analysis Center (FS-ISAC), it appears that the majority of the attacks seem to be targeting and impacting non-financial sector entities globally. FS-ISAC “believes the current attacks utilize known vulnerabilities for which there are available software patches,” but that firms and service providers need to implement the patches. Agencies continue to monitor what may be the first in a series of attacks.
SEC Office of Compliance and Examinations (OCIE) and FBI Issue Responses. The OCIE released a statement cautioning registrants to be vigilant in mitigating risk, and noted a recent OCIE study that determined a substantial number of registrants did not conduct periodic risk assessments, penetration tests, or vulnerability scans, while a smaller number had not updated critical security patches. The OCIE also provided links to guidance on cybersecurity risk management. Likewise, the FBI issued a bulletin providing guidance on additional protection measures following the attack.
Bipartisan Legislation Introduced. On May 17, bipartisan legislation was introduced in the House and Senate to add transparency and accountability to the federal government process for retaining or disclosing vulnerabilities in technology products, services, applications, and systems. The bill, Protecting our Ability To Counter Hacking (PATCH) Act, follows the apparently leaked NSA hacking tool which opened the door to the global “WannaCry” ransomware attack. It is sponsored by Senators Brian Schatz (D-Haw.), Ron Johnson (R-Wis.), and Cory Gardner (R-Colo.), and Representatives Ted Lieu (D-Cal.) and Blake Farenthold (R-Tex.). As described in a release issued by Sen. Schatz’s office, the proposed legislation would make the Vulnerabilities Equities Process (VEP) more permanent, while altering its structure. It would also make the Department of Homeland Security the chair of the interagency board overseeing the VEP. Under the bill, the NSA and other security agencies would still be a permanent part of the board, while other agencies and the White House's National Security Council could attend meetings if the board deems it necessary. The established board would also produce a report for Congress on the policies it establishes regarding the disclosure of vulnerabilities no later than 180 days after the enactment of the Act. An unclassified version of the report will be publicly available as well. “Striking the balance between U.S. national security and general cybersecurity is critical, but it's not easy,” Sen. Schatz noted. “This bill strikes that balance. Codifying a framework for the relevant agencies to review and disclose vulnerabilities will improve cybersecurity and transparency to the benefit of the public while also ensuring that the federal government has the tools it needs to protect national security.”
Coalition for Cybersecurity Policy and Law. The legislation has already received support. The Coalition issued the following statement in support of the proposed bill: “We support the goals of the PATCH Act and we look forward to working with Chairman Johnson, Senators Schatz and Gardner, and Reps. Lieu and Farenthold as it moves forward in both chambers. The events of the past week clearly demonstrate the real-world consequences of exploited vulnerabilities. Governments have a critical role in getting vulnerability information to organizations capable of acting to protect security in a timely manner upon discovery.”
CFPB Issues Request for Information on Small Business Lending; Prepares to Implement Section 1071 of Dodd Frank Act
On May 10, the CFPB announced the issuance of a Request for Information on various aspects of the market for small business loans as the Bureau prepares to implement Section 1071 of the Dodd-Frank Act, which amends the Equal Credit Opportunity Act (ECOA) to require financial institutions to compile, maintain, and report information concerning credit applications made by women-owned, minority-owned, and small businesses. The Request includes questions grouped in five categories: (i) defining what constitutes a small business; (ii) data points the Bureau will require to be submitted and collected; (iii) types of lenders involved in small business lending and the appropriate institutional coverage for the data collection requirements; (iv) types of financial products offered to small businesses generally, and those owned by women and minorities in particular; and (v) privacy concerns related to the data collection.
The CFPB also released Director Cordray’s prepared remarks in advance of a field hearing on small business lending where he introduced the Request for Information and issued a related press release. Comments are due 60 days after the Request for Information is published in the Federal Register. The Bureau also released a report, entitled “Key Dimensions of the Small Business Lending Landscape,” which presents the CFPB's perspective on the market for lending to small, minority-owned and woman-owned firms and gaps in its understanding.
A couple of industry groups have already weighed in regarding expected difficulties with the application of Section 1071. In a letter sent Tuesday in advance of the field hearing, the National Association of Federally-Insured Credit Unions (NAFCU) urged the CFPB to exempt its members from any rulemaking that compels disclosure of business loan information. NAFCU Regulatory Affairs Counsel Andrew Morris cites the unique characteristics of credit unions, and that such data collection “may yield confusing information about credit unions and further restrict lending activity as a result of increased compliance costs.” The letter notes that “[c]redit unions serve distinct fields of membership, and as a result, institution-level data related to women-owned, minority-owned and small business lending substantially differs in relation to other lenders.”
And, in a white paper provided to the Treasury Department, the American Bankers Association criticizes what amounts to Section 1071’s conflation of consumer and commercial lending, “recommend[ing] the elimination of any vestige of Bureau regulatory, supervisory, or enforcement authority over commercial credit or other commercial account and financial services.”