Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On June 4, the OCC extended the deadline for national banks and federal savings associations (FSAs) with consolidated assets between $100 billion and $250 billion to comply with the Dodd-Frank stress test (DFAST) requirements to November 25. In December 2018, the OCC issued a letter noting that prior DFAST exams and OCC supervision have indicated that qualifying banks with consolidated assets within these thresholds have adopted effective stress testing programs and integrated them into their general risk management tools, and as such, “requiring DFAST submissions for these banks in 2019 would provide limited supervisory value.” According to the OCC, the extension is consistent with the Economic Growth, Regulatory Relief, and Consumer Protection Act’s goal of reducing regulatory burden for applicable national banks and FSAs.
On May 9, HUD announced several proposed revisions to the Federal Housing Administration’s (FHA) lender certification requirements in an effort to provide lenders and servicers “greater certainty in how to satisfy the agency’s compliance requirements.” HUD stated that the revisions are in response to the White House’s March Memorandum on Federal Housing Finance Reform, which included a directive that FHA work to diversify the network of FHA-approved lenders. (Covered by InfoBytes here.) The proposed changes include:
- Loan-Level Certifications. FHA released proposed changes to the Addendum to the Uniform Residential Loan Application (Form 92900-A), reorganizing the Form in a “logical, easy to read, and understandable format” and eliminating “duplicative information collected elsewhere.”
- Annual Lender Certification Statements. FHA released proposed changes to the Annual Lender Certification Statements, including a side-by-side comparison of the current and proposed changes. The changes are intended to “better align [the certifications] with National Housing Act standards while continuing to hold lenders accountable for compliance with HUD eligibility requirements.” The proposed changes include deleting redundancies and replacing handbook references with a general certification to compliance with the requirements of 24 CFR § 202.5.
- Defect Taxonomy. FHA released proposed changes to the Defect Taxonomy. The draft of the Defect Taxonomy Version 2 includes (i) changes to the Severity Tier definitions; (ii) potential remedies that align with each Severity Tier; (iii) revised sources and causes in certain defect areas; (iv) new defect areas for servicing loan reviews; and (v) HUD policy references.
All proposals are posted on the FHA’s Drafting Table for 30-day feedback through June 8.
Buckley Special Alert
The U.S. Department of the Treasury’s Office of Foreign Assets Control last week issued a framework for OFAC Compliance Commitments, which, for the first time, outlines OFAC’s views on essential elements of a risk-based sanctions compliance program in a single document that can serve as a roadmap for organizations as they structure and evaluate these programs. The framework should be considered carefully by U.S. organizations with any significant foreign dealings, and foreign organizations that conduct business with the United States or that utilize U.S. goods, services, or financial systems.
The framework also makes clear that OFAC intends to target individual employees who are culpable for violations. That emphasis follows an action from earlier this year, where OFAC sanctioned an individual it deemed responsible for circumventing his employer’s compliance protocols.
* * *
Click here to read the full special alert.
If you have questions about the OFAC’s new guidance or related issues, please visit our Bank Secrecy Act/Anti-Money Laundering & Sanctions practice page or contact a Buckley attorney with whom you have worked in the past.
On April 26, the CFPB released version 3.1 of its Prepaid Small Entity Compliance Guide to incorporate previously issued submission instructions for issuers submitting account agreements pursuant to the prepaid account rule through the electronic submission system “Collect.” (See previous InfoBytes coverage here.)
On April 24, the Financial Industry Regulatory Authority (FINRA) announced the formation of a new office, the Office of Financial Innovation, that will act as a central point of coordination for issues related to financial innovation by FINRA members. The new office, which is an outgrowth of FINRA’s Innovation Outreach Initiative (previously covered by InfoBytes here), will collaborate with various FINRA teams as well as regulators, investors, and other stakeholders to encourage the use of fintech in a way that strengthens market integrity and protects investors. The new office also will incorporate FINRA’s existing Office of Emerging Regulatory Issues, which focuses on analyzing new and emerging risks and trends related to the securities market.
On April 25, the CFPB issued a Request for Information (RFI) on two aspects of the Remittance Rule, which took effect in 2013, and requires financial companies handling international money transfers, or remittance transfers, to disclose to individuals transferring money information about the exact exchange rate, fees, and the amount expected to be delivered. The RFI seeks feedback on (i) whether to propose changing the number of remittance transfers a provider must make to be governed by the rule, as well as the possible introduction of a small financial institution exception; and (ii) a possible extension of a temporary exemption to the Rule set to expire July 21, 2020, that allows certain insured institutions to estimate exchange rates and certain fees they are required to disclose (the RFI states that the EFTA section 9191 expressly limits the length of the temporary exemption and does not authorize the CFPB to extend the term beyond the July 21 expiration date unless Congress changes the law). The RFI also seeks feedback on the Rule’s scope of coverage, including whether the Bureau should change a safe harbor threshold that allows persons providing 100 or fewer remittance transfers in the previous and current calendar year to be outside of the Rule’s coverage. Additionally, the RFI includes a consideration of issues discussed in the Bureau’s assessment of the Rule, which examined if the Rule had been effective in achieving its goals. Comments on the RFI are due 60 days after publication in the Federal Register.
Separately, on April 24, the CFPB released a revised assessment report of its Remittance Rule to “correct an understatement of the dollar volume of remittance transfers by banks in the original report,” which increases the share of the remittance dollars transferred by banks. The Bureau notes that the correction does not affect the report’s conclusions. (See previous InfoBytes coverage of the October 2018 assessment report here.)
On April 16, the SEC’s Office of Compliance Inspections and Examinations issued a Risk Alert to discuss compliance issues related to Regulation S-P—the SEC’s primary rule regarding privacy notices and safeguard policies—and to provide assistance to registered investment advisors and broker-dealers (registrants) when issuing compliant privacy and opt-out notices. Regulation S-P requires registrants to provide customers with a clear and conspicuous notice accurately reflecting its privacy policies and practices, plus any options to opt out of sharing certain non-public personal information with nonaffiliated third parties. The notice must be sent annually throughout the duration of the customer relationship. Regulation S-P also requires registrants to implement written policies and practices reasonably designed to ensure that customer records and information are secure and protected against unauthorized access. The Risk Alert provides examples of common Regulation S-P compliance deficiencies and weaknesses, and advises registrants to “review their written policies and procedures, including implementation of those policies and procedures, to ensure that they are compliant with Regulation S-P.”
On April 9, Senators Elizabeth Warren (D-Mass) and Sherrod Brown (D-Ohio) released responses to inquiries sent last month to the Federal Reserve Board, the OCC, and the CFPB, which expressed, among other things, concern about the level of response taken by a national bank regarding its auto-lending practices, as well as the bank’s remediation plans and compliance risk management efforts. In response, the regulators individually discussed the bank’s progress to satisfy its obligations under existing consent orders.
Federal Reserve Chairman Jerome Powell wrote that the asset cap imposed on the bank will remain in place until the bank has implemented—to the Board’s satisfaction—remedies to address risk management breakdowns. Powell noted that the bank and the Board are comprehensively addressing the progress.
OCC Comptroller Joseph Otting emphasized that the agency continues “to monitor the bank’s work to remediate deficiencies” identified in previously issued orders, and commented that while the OCC is disappointed with the bank’s current corporate governance and risk management programs, it “is fully engaged and prepared to bring [the bank’s] matters to resolution.”
CFPB Director Kathy Kraninger stated that “while the Bureau is working with [the bank] to ensure its compliance with the consent order, I am not satisfied with the [b]ank’s progress to date and have instructed staff to take all appropriate actions to ensure the [b]ank complies with the consent order and [f]ederal consumer financial law.”
CFPB and Federal Reserve update HMDA examination procedures; CFPB updates ECOA baseline review procedures
On April 1, the CFPB and the Federal Reserve Board (Federal Reserve) issued revisions to the HMDA examination procedures covering data collected since January 1, 2018, under the HMDA amendments issued by the Bureau in October 2015 and August 2017, as well as section 104(a) of the Economic Growth, Regulatory Relief, and Consumer Protection Act (implemented and clarified by the 2018 HMDA Rule, which was covered by InfoBytes in August 2018 here.) According to the Federal Reserve’s CA 19-5, the HMDA examination updates include, (i) Narrative, Examination Objectives, and Examination Procedure sections that were developed by the Task Force on Consumer Compliance of the FFIEC; (ii) Review of Compliance Management System, Examination Conclusions and Wrap-Up, and Examination Checklist sections that were developed in consultation with the FDIC and the OCC; and (iii) sampling, verification, and resubmission procedures. With regard to HMDA data collected prior to January 1, 2018, institutions will continue to be examined according to the interagency HMDA examination procedures “transmitted with CA 09-10 and the HMDA sampling and resubmission procedures transmitted with CA 04-4.”
Additionally, in April, the CFPB also released updated ECOA baseline review procedures. The procedures consist of five modules: (i) Fair Lending Supervisory History; (ii) Fair Lending Compliance Management System (CMS); (iii) Fair Lending Risks Related to Origination; (iv) Fair Lending Risks Related to Servicing; and (v) Fair Lending Risks Related to Models. According to the Bureau, all exams will cover the Fair Lending CMS module and additional modules will be assigned depending on the scope of examination.
In March, the CFPB updated its examination procedures for short-term, small-dollar lending (payday lending) in its Supervision and Examinations Manual. The procedures are comprised of modules and each examination will cover one more module. Prior to using the procedures, examiners will complete a risk assessment and examination scope memorandum, which will assist in determining which of the five modules the exam will cover: (i) marketing; (ii) application and origination; (iii) payment processing and sustained use; (iv) collections, accounts in default, and consumer reporting; and (v) service provider relationships. The examinations will review for potential violations of TILA, EFTA, FDCPA, FCRA, ECOA, UDAAP, and Gramm-Leach-Bliley Act (GLBA), all of which apply to payday lending.
- Buckley Webcast: Hot topics in debt collection — An analysis of recent federal FDCPA litigation
- Jonice Gray Tucker to discuss "How to succeed in law school" at the SEO Law DC Panel Discussions
- Amanda R. Lawrence to discuss "Navigating the challenges of the latest data protection regulations and proven protocols for breach prevention and response" at the ACI National Forum on Consumer Finance Class Actions and Government Enforcement
- Sasha Leonhardt and John B. Williams to discuss "Privacy" at the National Association of Federally-Insured Credit Unions Summer Regulatory Compliance School
- Warren W. Traiger to discuss "CRA modernization" at the National Association of Industrial Bankers and the Utah Association of Financial Services Annual Convention
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program
- Henry Asbill to discuss "Ethical guidance in conducting internal investigations – The intersection of Yates an Upjohn" at the American Bar Association Southeastern White Collar Crime Institute
- Brandy A. Hood to discuss "RESPA Section 8/referrals: How do you stay compliant?" at the New England Mortgage Bankers Conference
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference