InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FHFA shares ‘lessons learned’ from evaluating exposure to climate-related risks
On May 1, the FHFA released a report covering the “lessons learned” from its review of the Climate Scenario Analysis (CSA) which was used by financial institutions and regulators to evaluate exposure to climate-related risk. Climate-related risk can be categorized in two ways: (i) physical risk which is damage to property, land, and infrastructure due to severe weather and environmental changes; and (ii) transition risk that results from policy and technological shifts towards a low-carbon economy.
In its preliminary CSA exercises, the FHFA made the following key observations:
- Data and Methodology Limitations: There were data limitations and methodological shortcomings as current tools depend on incomplete data.
- Modeling Assumptions: Results were significantly impacted by modeling assumptions.
- Challenges with Existing Credit Models: Current credit loss models were constrained while incorporating climate risks.
- Predictive Inaccuracy: The tools used to estimate the historical relationship between climate-related events and financial impacts may not be representative of future financial impacts.
The FHFA concluded that these findings indicated the CSA a complex process with room for enhancement and that no single risk assessment can fully capture the breadth of potential impacts from climate-related physical and transition risks.
HUD announces FFRMS final rule
Recently, HUD announced a final rule to implement the Federal Flood Risk Management Standard to “protect communities from flood risk, heavy storms, increased frequency of severe weather events and disasters, changes in development patterns, and erosion.” The final rule will enact the FFRMS as mandated by Executive Order 13690 by amending two HUD regulations: (i) Part 55, Floodplain Management and Protection of Wetlands; and (ii) Part 200, Minimum Property Standards. Among other things, the final rule will raise the elevations and flood proofing requirements of properties in flood-prone areas that use federal funds for new construction or are financed through HUD’s grant or subsidy programs. The revisions to Minimum Property Standards specifically target Federal Housing Administration-insured new constructions located within the 100-year floodplain. The final rule becomes effective on May 23.
FDIC makes public August enforcement actions
On September 29, the FDIC released a list of administrative enforcement actions taken against banks and individuals in August. During the month, the FDIC made public nine orders consisting of “three consent orders, three orders terminating consent orders, two orders of prohibition, and one order to pay a civil money penalty.” The list includes an order to pay a civil money penalty imposed against a Utah-based bank related to violations of the Flood Disaster Protection Act. The FDIC claimed that the bank engaged in a pattern practice of violating FDPA by, among other things: (i) issuing loans without adequate flood insurance; (ii) failing to provide notices when increasing or extending loans; and (iii) “failing to provide required force-placed insurance notices when loans were secured by properties and contents located in Special Flood Hazard Areas.” The bank neither admitted nor denied the alleged violations but agreed to, among other things, pay a $4,125 civil money penalty.
Biden signs H.R. 5860 into law, prevents shutdown
On October 1, President Joe Biden signed H.R. 5860, a government spending bill to avert a government shutdown. The President’s remarks note that although a budget agreement was reached months ago, House Republicans made a last-minute push for spending cuts, derailing the original agreement. Among other things, the bill extends (i) government funding through November 17; and (ii) the National Flood Insurance Program through November 17.
FDIC releases July enforcement actions, including breaches of fiduciary duty and FDPA violations
On August 25, the FDIC announced a list of administrative enforcement actions taken against banks and individuals in July. The 10 orders include “two orders that combined a prohibition order and order to pay CMP; one combined personal consent order and order to pay CMP; four prohibition orders; one order modifying a prohibition order; one order of termination of deposit insurance; and one order to pay CMP for pattern or practice violations of the Flood Disaster Protection Act.” The FDIC assessed a civil money penalty against a North Dakota-based bank for alleged violations of the Flood Disaster Protection Act and the National Flood Insurance Act including providing or extending loans secured by a building or mobile home situated in or intended for placement within an area with a recognized risk of flooding, without promptly notifying the borrower and/or the servicer about the availability of flood insurance for the asset.
OCC releases enforcement actions and terminations
On August 17, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. The new enforcement actions include civil money penalty orders, formal agreements, and prohibition orders, each issued with the consent of the parties. The OCC also announced a termination of an existing enforcement action against a bank. Included in the release is a formal agreement entered into with a Minnesota-based bank on June 27 in connection with OCC findings of alleged unsafe or unsound practices relating to, among other things, consumer compliance and third party risk management. In connection to violations of certain Flood Disaster Protection Act rules, the agreement requires the bank to (i) establish a compliance committee to monitor the bank’s progress in complying with the agreement’s provisions; (ii) report such progress to the bank’s board of directors on a quarterly basis; and (iii) implement a written consumer compliance program. This program must also include procedures and guidance for compliance with all consumer protection laws, rules, and regulations to which the bank should adhere, an independent audit program, a comprehensive training program for bank personnel in the consumer protection laws, rules, and regulations as appropriate, and policies to manage risks in the credit process. It also separately requires revisions to the third-party risk management program addressing due diligence and monitoring of third parties, including monitoring for compliance with consumer protection-related laws and regulations.
FDIC releases February enforcement actions
On March 31, the FDIC released a list of administrative enforcement actions taken against banks and individuals in February. The FDIC made public five orders and one notice, including “three orders of prohibition from further participation, one order to pay civil money penalty, one Section 19 order, and one Notice of Charges.”
The actions include a civil money penalties order against a Wisconsin-based bank related to alleged violations of the Flood Disaster Protection Act (FDPA). The FDIC determined that the bank had engaged in a pattern or practice of violating the FDPA by failing to (i) obtain flood insurance on a building securing a designated loan at the time of origination of two loans; (ii) obtain adequate flood insurance at the time of origination of seven loans; (iii) follow lender-placed flood insurance procedures for one loan; (iv) provide borrowers with a Notice of Special Flood Hazard and Availability of Federal Disaster Relief Assistance when making, increasing, extending, or renewing a loan on four occasions; and (v) provide borrowers with a Notice of Special Flood Hazard and Availability of Federal Disaster Relief Assistance within a reasonable time prior to the completion of the transaction on one loan.
FDIC issues January enforcement actions
On February 24, the FDIC released a list of administrative enforcement actions taken against banks and individuals in January. The FDIC made public 11 orders, including “four combined orders of prohibition and orders to pay civil money penalties, one 8(b) consent order, one order to pay civil money penalty, three orders of prohibition, one order terminating a Section 19 order, and one order terminating consent order.”
The actions include a civil money order against a Pennsylvania-based bank related to alleged violations of the Flood Disaster Protection Act (FDPA). The FDIC determined that the bank had engaged in a pattern or practice of violating the FDPA by failing to provide required notices of lender-placed flood insurance to borrowers in 16 instances.
Additionally, the FDIC issued a consent order against an Iowa-based bank alleging the bank engaged in “unsafe or unsound banking practices and violations of law or regulations” relating to, among other things, its process for testing a proposed debit/prepaid card program. The FDIC stipulated that before starting the testing phase of any new debit card program or similar program, the bank “must develop, adopt, and implement an effective program addressing anti-money laundering (AML) / combating the financing of terrorism (CFT) controls” for the new program and conduct an independent assessment. The bank is also ordered to revise its AML/CFT policy and conduct a review of its information security program to ensure it reflects current risks.
FDIC issues December enforcement actions
On January 27, the FDIC released a list of administrative enforcement actions taken against banks and individuals in December. The FDIC made public nine orders, including “one order to pay civil money penalty, two consent orders, one combined personal consent order and order to pay, two Section 19 orders, four prohibition orders, and seven orders of termination of insurance.”
The actions included a civil money order against a Georgia-based bank related to violations of the Flood Disaster Protection Act. The FDIC determined that the bank had engaged in a pattern or practice of violations because it “made, increased, extended, or renewed loans secured by a building or mobile home located in a special flood hazard area or to be located in a special flood hazard area without providing timely notice to the borrower and/or the servicer as to whether flood insurance was available for the collateral.”
Additionally, the FDIC issued a consent order against a Texas-based bank alleging the bank engaged in “unsafe or unsound banking practices or violations of law or regulation relating to, among other things, weaknesses in board and management oversight of the information technology function.” The bank neither admitted nor denied the allegations but agreed, among other things, that it would develop a staffing analysis plan “to ensure sufficient resources are available with the knowledge [and] prerequisite skills commensurate with the risk profile and complexity of the Bank’s information technology [] function.”
FDIC issues November enforcement actions
On December 30, the FDIC released a list of orders of administrative enforcement actions taken against banks and individuals in November. The FDIC made public nine orders consisting of “two consent orders; two orders terminating deposit insurance; three orders to pay civil money penalties; one order terminating consent order; and one Section 19 order.” Among the orders is a civil money penalty against a Wisconsin-based bank related to violations of the Flood Disaster Protection Act. The FDIC determined that the bank had engaged in a pattern or practice of violations that included the bank’s failure to: (i) obtain adequate flood insurance on the building securing a designated loan at the time of loan origination; (ii) obtain adequate flood insurance at the time of the origination; (iii) notify borrowers that the borrower should obtain flood insurance where a determination had been made that flood insurance had lapsed or a loan was not covered with the required amount of insurance; (iv) provide borrowers with a Notice of Special Flood Hazard and Availability of Federal Disaster Relief Assistance when making, increasing, extending or renewing a loan; and (v) provide borrowers with a Notice of Special Flood Hazard and Availability of Federal Disaster Relief Assistance within a reasonable time before the completion of the transaction. The order requires the payment of a $39,000 civil money penalty.
The FDIC also issued a civil money penalty against an Oregon-based bank for allegedly violating Section 8(a) of RESPA “by entering into mortgage lead generation arrangements with the operator of a real estate website and the operator of an online loan marketplace that were used to facilitate and disguise referral payments for mortgage business.” The FDIC also determined that the bank violated the FTC Act “by making deceptive and misleading representations in three of the bank’s prescreened offers of credit” and violated the FCRA “by obtaining the consumer reports of former loan clients with recent credit inquiries without a legally permissible purpose.” The order requires the payment of a $425,000 civil money penalty.
Additionally, the FDIC issued a consent order against a Tennessee-based bank alleging the bank engaged in “unsafe or unsound banking practices relating to weaknesses in capital, asset quality, liquidity, and earnings.” The bank neither admitted nor denied the allegations but agreed, among other things, that its board would “increase its participation in the affairs of the bank by assuming full responsibility for the approval of the bank’s policies and objectives and for the supervision of the bank’s management, including all the bank’s activities.” The bank also agreed to maintain a Tier 1 Leverage Capital ratio equal to or greater than 8.50 percent and a Total Capital ratio equal to or greater than 11.50 percent. The FDIC also issued a consent order against a New Jersey-based bank claiming the bank engaged in “unsafe or unsound banking practices relating to, among other things, management supervision, Board oversight, weaknesses in internal controls, interest rate sensitivity, and earnings.” The bank neither admitted nor denied the allegations but agreed, among other things, that it would retain a third-party consultant “to develop a written analysis and assessment of the bank’s board and management needs (Board and Management Report) for the purpose of ensuring appropriate director oversight and providing qualified management for the bank.”