Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • FDIC issues list of banks examined for CRA compliance

    On September 4, the FDIC released its latest evaluations of state nonmember banks for compliance under the CRA. The Financial Institutions Reform, Recovery, and Enforcement Act of 1989 requires public disclosure of evaluations and ratings for banks undergoing CRA examinations. These ratings assess how well banks meet the credit needs of their communities, including low- and moderate-income neighborhoods, while maintaining safe and sound operations. The FDIC’s recent evaluations included 54 banks, which received ratings in June 2024. Two banks were rated as “Needs to Improve” while the remaining institutions received a “Satisfactory” rating.

    Bank Regulatory FDIC FIRREA CRA Compliance

  • Broker-Dealer fined for “No Remuneration” indicators in FINRA reports

    Securities

    On August 27, FINRA accepted a broker dealer firm’s Letter of Acceptance, Waiver, and Consent (AWC) regarding alleged trade reporting violations and supervisory failures. According to the AWC, the respondent failed to include a required “No Remuneration” indicator on about 50,000 reports to FINRA’s Trade Reporting and Compliance Engine (TRACE) from 2016-2023, which violated FINRA Rules 6730 and 2010. FINRA further alleged that the respondent did not establish an acceptable system to achieve compliance with Rule 6730 and did not conduct supervisory reviews of TRACE reports, thereby failing to detect errors with certain indicators.

    Without admitting or denying the allegations, the respondent agreed to a censure, a $175,000 fine, and an undertaking to certify within 60 days that the firm remediated the alleged issues and implemented a supervisory system designed to comply with FINRA Rule 6730.

    Securities Federal Issues AWC Enforcement Compliance

  • CFPB cautions against unenforceable contract terms and conditions

    Federal Issues

    On June 4, the CFPB issued Circular 2024-03, which cautioned covered persons under the CFPA against contracts for consumer financial products or services, including illegal or non-binding clauses. The Bureau said that such clauses may mislead consumers into thinking they have forfeited legal rights, which would violate the CFPA. Specifically, consumer contracts that falsely claim to restrict consumer rights (including liability waivers and mandatory arbitration clauses) can violate the prohibition on deceptive acts. CFPB Director, Rohit Chopra, said in an accompanying press release that the Bureau will address companies that “deceptively slip these terms into their fine print.” The Bureau reiterated prior guidance that disclaimers in a contract such as “subject to applicable law” do not cure misrepresentations caused by an unenforceable contract term. Past CFPB actions have addressed “deceptive contract terms” in various consumer finance areas, including mortgages, bank accounts, remittance transfers, and auto loans. The CFPB said it will continue to ensure fair consumer interactions with financial institutions, including efforts to regulate nonbank companies' contract terms and uphold the right to post honest online reviews. The Bureau also said it supported servicemembers' rights to challenge unlawful contract terms through legal action. 

    Federal Issues CFPB Compliance Contracts

  • OCC seeks input on LCR and NSFR reporting and recordkeeping requirements

    On April 16, the OCC released a request for comment on proposed revisions to its “Reporting and Recordkeeping Requirements Associated with Liquidity Coverage Ratio: Liquidity Risk Measurement, Standards, and Monitoring” to account for three new recordkeeping requirements to be included in 12 CFR part 50, which applies to large national banks and Federal savings associations. The notice outlined steps that such institutions should take to ensure they properly document compliance with the “liquidity coverage ratio” (LCR), which is designed to “promote the short-term resilience” of a bank’s liquidity risk profile, and the “net stable funding ratio” (NSFR), which is designed to reduce disruptions to a bank’s funding sources. The revised reporting obligations require covered institutions to self-report when LCR falls below the minimum threshold or when there is an NSFR shortfall and, in some cases, to submit a liquidity or remediation plan, including estimated time frame for resuming compliance with LCR or NSFR requirements. The recordkeeping revisions require covered entities to, among other things, establish and maintain written policies and procedures for a number of processes, including monitoring changes in relevant laws related to master netting agreements, determine the composition of its eligible high-quality liquid assets (HQLA), and ensure consistent treatment for determining eligible HQLA. Comments must be received by June 17.

    Bank Regulatory OCC Recordkeeping Liquidity Compliance FDIC

  • OCC’s Hsu discusses bank fairness and effective compliance risk management

    On March 25, the Acting Comptroller of the Currency, Michael J. Hsu, released a transcript of a speech on fairness and effective compliance risk management in banking, delivered at a banking association meeting. The speech focused on how bank fairness can be used as a “guide and input to effective compliance risk management,” and how Hsu believed banks could develop more fairness in banking. Hsu noted that deploying more resources and adopting modern technologies will be only part of the challenge in improving a bank’s compliance risk programs; the other part of the challenge is “adapting and anticipating” where compliance risks could arise.

    While speaking on the challenges of bank consumer compliance, Hsu discussed rapid changes in product offerings, such as the growth of credit cards, BNPL products, and Earned Wage Access. Hsu discussed how the increase in the digitalization of banking has aligned with third-party arrangements, fraud, and cyber risks in finance. On fairness, Hsu discussed the increased prevalence of overdraft charges and how a “well developed sense of fairness” can guide banks in connection with such areas. Hsu stated that fairness is not unidimensional, and when a bank develops an internal sense of fairness, it should be aware of how multiple notions of fairness interact. For example, he noted that “disparate treatment and disparate impact” provide the foundations for fair lending laws, and to comply with fair lending laws, a bank must mitigate both disparities.

    Bank Regulatory OCC Fair Lending Compliance Risk Management

  • OCC and FDIC announce their CRA evaluations

    On February 2, OCC and the FDIC released their Community Reinvestment Act (CRA) evaluations. The OCC disclosed a list of evaluations of national banks, federal savings associations, and insured federal branches of foreign banks that became public in January 2024. Out of the 18 evaluations, six were rated “outstanding,” nine were rated “satisfactory,” and three were rated as “needs to improve.” The evaluations can be accessed on the OCC’s website, including a searchable list of all public CRA evaluations. Simultaneously, the FDIC released its list of state nonmember banks that were evaluated for CRA compliance in November 2023. Out of 57 evaluations, 56 were rated as “satisfactory” and one bank was rated as “outstanding.”  

    Bank Regulatory CRA OCC FDIC Bank Supervision Federal Issues Compliance

  • California Attorney General investigates streaming services for CCPA violations

    Privacy, Cyber Risk & Data Security

    On January 26, California State Attorney General Rob Bonta announced an investigative initiative by issuing letters to businesses operating streaming apps and devices, accusing them of non-compliance with the California Consumer Privacy Act (CCPA). The focus of the investigation is the evaluation of streaming services’ adherence to the CCPA's opt-out requirements, in particular those businesses that sell or share consumer personal information. The investigation targets businesses failing to provide a direct mechanism for consumers wishing to prevent the sale of their data.

    AG Bonta urged consumers to know about and exercise their rights under the CCPA, emphasizing the right to instruct businesses not to sell their personal information. The CCPA grants California consumers enhanced rights regarding the collection, sharing, and disclosure of their personal information by businesses, and compliance responsibilities include responding to consumer requests and providing necessary notices about privacy practices. AG Bonta noted that the right to opt-out under the CCPA mandates that businesses selling or sharing personal data for targeted advertising must facilitate an easy and minimal-step process for consumers to exercise their right. For example, users should be able to easily navigate their streaming service’s mobile application settings to enable the “Do Not Sell My Personal Information” option. The expectation is that this choice remains effective across various devices if users are logged into their accounts when electing to opt-out. Finally, Bonta added that consumers should be given easy access to a streaming service’s privacy policy outlining their CCPA rights. 

    Privacy, Cyber Risk & Data Security State Issues State Attorney General CCPA California Compliance Opt-Out Consumer Protection

  • NYDFS and Fed order bank to pay fines for BSA/AML non-compliance

    Financial Crimes

    On January 19, the Federal Reserve Board and NYDFS each issued separate enforcement actions against one of the largest banks in the world for alleged compliance deficiencies and violations under BSA/AML. The Fed issued its cease and desist order and ordered the bank to pay a civil money penalty of $2.4 million. The NYDFS also issued a similar consent order with a monetary penalty of $30 million.

    According to the Fed’s order, an investigation into the bank’s practices determined that the New York branch lacked any formal policies or training on confidential supervisory information (CSI). Additionally, the order required the bank to submit a written plan to enhance internal compliance controls to the Fed, including designation of a CSI officer, among other requirements. According to NYDFS’s order, the bank previously entered into a 2018 cease and desist order with the Fed to address “significant deficiencies” in its compliance with BSA/AML requirements and OFAC regulations. NYDFS conducted an examination in 2022 and found that deficiencies cited in the 2018 order persisted for several more years. A subsequent examination in 2023 found that the bank had made significant efforts toward enhancing its compliance programs and successfully remediated prior deficiencies. Per this most recent order, NYDFS found that the bank’s BSA/AML program was not in compliance for several years; the bank failed to maintain appropriate accounting records; and the bank failed to submit a report after discovering the occurrence of “embezzlement, misapplication, larceny, forgery, fraud, [or] dishonesty[.]” The consent order stipulated several remediation requirements, including a status report to NYDFS on the bank’s BSA/AML compliance.

    Financial Crimes New York NYDFS Bank Secrecy Act Federal Reserve Bank of New York Compliance

  • NYDFS pens guidance for vetting key senior officials within financial institutions

    On January 22, NYDFS issued an industry letter titled “Guidance on Assessment of the Character and Fitness of Directors, Senior Officers, and Managers” for banks and other financial institutions (Covered Institutions) to notify them of NYDFS’s expectations. The final guidance came after a review process conducted over the past year where twenty comments indicated the need for Covered Institutions to build “robust character and fitness” policies. NYDFS asked that these Covered Institutions develop and maintain a framework to vet senior officials’ character and fitness during onboarding and on a regular basis.

    According to the guidance, each Covered Institution is expected to “define sensitive issues, warning signs, and other indicators” that would be cause for concern. The depth and nature of each Covered Institution’s assessment is tailored to each institution, and the guidance does not demand a defined period for the review, but NYDFS supplied a list of suggested questions for Covered Institutions to use as best practices for vetting key individuals. (These questions are not mandated, however.) NYDFS noted that Covered Institutions are expected to review materials related to the character and fitness assessment of key persons. The guidance’s appendix lists suggested questions, including whether the key person has reviewed and understood pertinent policies and whether the interviewee has ever been charged or convicted of a crime or has previously been sanctioned or censured by a securities regulator. 

    Bank Regulatory NYDFS Financial Institutions Compliance Banking

  • OCC’s Fall 2023 report highlights risks in banking system

    On December 7, the OCC reported key issues facing the federal banking system in its Semiannual Risk Perspective for Fall 2023. In evaluating the overall soundness of the federal banking system, the OCC emphasized the need for banks to maintain prudent risk management practices. The key themes that the OCC underscored in the report included (i) credit risk due to high interest rates, commercial real estate lending, and inflation; (ii) market risks from rising deposit rates, liquidity contraction, and reliance on wholesale funding; (iii) operational risks from cyber threats, increased digitization, and fraud; and (iv) compliance risks from equal access to credit, fair treatment of consumers, fintech partnerships, and BSA/AML risk. The OCC noted that deposit and liquid asset trends stabilized in the latter half of 2023, and the stability was sustained through a greater dependence on wholesale funding.

    The report included a special discussion of emerging risks linked to artificial intelligence (AI) in banking. The OCC noted the potential benefits of widespread AI adoption, which could reduce costs, improve products, strengthen risk management, and expand access to credit. At the same time, the OCC cautioned that AI use can create risk and banks must manage its use carefully. 

    Bank Regulatory Federal Issues OCC Compliance Cyber Risk & Data Security

Pages

Upcoming Events