InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
NCUA releases 2020 supervisory priorities
In January, the NCUA issued a letter to board of directors and chief executive officers at federally insured credit unions outlining the agency’s 2020 supervisory priorities. Top supervisory priorities include:
- Bank Secrecy Act/Anti-Money Laundering (BSA/AML). Examinations will continue to focus on customer due diligence and beneficial ownership requirements. The NCUA will also collaborate with law enforcement and banking regulators on initiatives such as updates to the FFIEC’s BSA/AML examination manual and enforcement guidelines, guidance concerning politically exposed persons, and measures for improving suspicious activity and currency transaction report filing procedures.
- Consumer Financial Protection. Based on a rotating regulation review cycle, NCUA examiners will review compliance (at a minimum) with the following regulations: the Electronic Fund Transfer Act, Fair Credit Reporting Act, Gramm-Leach-Bailey (Privacy Act), Payday Alternative Lending and other small dollar lending, Truth in Lending Act, Military Lending Act, and the Servicemembers Civil Relief Act.
- Cybersecurity. In 2020 the NCUA will continue conducting cybersecurity maturity assessments for credit unions with assets over $250 million and will begin to assess those with assets over $100 million. In addition, the NCUA intends to pilot new procedures—scaled to an institution’s size and risk profile—to evaluate critical security controls during examinations between maturity assessments.
- LIBOR Cessation Planning. Examiners will assess credit unions’ planning related to the discontinuation of LIBOR. According to the NCUA, credit unions should “proactively transition away from instruments using LIBOR as a reference rate.”
Other areas of focus include credit risk, current expected credit losses, liquidity risk, and modernization updates. The extended examination cycle will continue to apply to qualifying credit unions.
CFPB issues Supervisory Highlights special edition on consumer reporting
On December 9, the CFPB released a special edition of its fall 2019 Supervisory Highlights, focusing on recent supervisory findings in the areas of consumer reporting and information furnishing to consumer reporting companies (CRCs). This is the second special edition to focus on consumer reporting issues, and follows a report that the Bureau released in March 2017 covered by InfoBytes here. According to the Bureau, recent supervisory reviews of FCRA and Regulation V compliance have identified new violations as well as compliance management system (CMS) weaknesses at CFPB-supervised institutions. However, the Bureau noted that examiners have also observed significant improvements, such as continued investment in FCRA-related CMS.
Highlights of the supervisory findings include:
- Recent examples of CMS weaknesses and FCRA/Regulation V violations (where corrective action has either been taken or is currently being taken) in which one or more (i) mortgage loan furnishers did not maintain policies and procedures “appropriate to the nature, size, complexity, and scope of the furnisher’s activities”; (ii) auto loan furnishers’ policies and procedures failed to provide sufficient guidance for investigating indirect disputes containing allegations of identity theft; (iii) debt collection furnishers’ policies and procedures failed to differentiate between FCRA disputes, FDCPA disputes, or validation requests, leading to a lack of consideration for applicable regulatory requirements when handling these matters; and (iv) deposit account furnishers lacked written policies and procedures for furnishing or validating the information provided to specialty CRCs.
- Examiners found that one or more furnishers provided information they knew, or had reasonable cause to believe, was inaccurate. Examples include inaccurate derogatory status codes due to coding errors and unclear addresses for consumers to submit disputes.
- Examiners discovered several instances where furnishers failed to send prompt notifications to CRCs after determining that information previously furnished was inaccurate, including situations where furnishers failed to promptly update or correct information after consumers paid charged-off balances in full or discharged them in bankruptcy.
- Examiners found that some furnishers reported the incorrect date of the first delinquency in connection with their responsibility to provide notice of delinquent accounts to CRCs.
- Examiners found several instances where furnishers failed to investigate disputes, complete investigations in a timely manner, or notify consumers of certain determinations related to “frivolous or irrelevant” disputes.
The Bureau also discussed supervisory observations concerning CRC compliance with FCRA provisions, and commented that CRCs continue to (i) improve procedures concerning the accuracy of information contained in consumer reports; (ii) implement improvements to prevent consumer reports from being furnished to users who lack a permissible purpose; (iii) strengthen procedures to “block information that a consumer has identified as resulting from an alleged identity theft”; and (iv) investigate and respond to consumer disputes.
HUD revises proposed FHA mortgage lender certification
On August 14, HUD published revisions in the Federal Register to the Federal Housing Administration’s (FHA) lender certification requirements originally issued in May. (Previously covered by InfoBytes here.) In response to comments received on its initial proposal, HUD released a proposed streamlined FHA Annual Lender Certification, which removes a broad statement regarding lenders certifying compliance with all HUD requirements in order to maintain FHA approval. Commenters generally recommended HUD: “(1) Rescind the annual certification statements since the National Housing Act does not require certification of compliance with FHA eligibility requirements or completion of an annual certification; or (2) revise the annual certification statements to a general acknowledgement of the existence of policies and procedures that are reasonably designed to ensure material compliance.” Comments are due September 13.
CFPB updates advisory on elder financial exploitation
On July 17, the CFPB issued an updated advisory to financial institutions with information on the financial exploitation of older Americans and recommendations on how to prevent and respond to such exploitation. The update urges financial institutions to report to the appropriate authorities whenever they suspect that an older adult is the target or victim of financial exploitation, and recommends that they also file Suspicious Activity Reports (SARs) with the Financial Crimes Enforcement Network (FinCEN). The update builds on an advisory that was previously released by the Bureau in March 2016 (covered by InfoBytes here), which included recommended best practices to help prevent and respond to elder financial exploitation, such as (i) establish protocols for ensuring staff compliance with the Electronic Fund Transfer Act; (ii) train staff to detect the warning signs of financial exploitation and respond appropriately to suspicious events; and (iii) maintain fraud detection systems that provide analyses of the types of products and account activity associated with elder financial exploitation. With the release of the update, Director Kraninger noted that, “[t]he Bureau stands ready to work with federal, state and local authorities and financial institutions to protect older adults from abusive financial practices that rob them of their financial security.”
As previously covered by InfoBytes, in February, the CFPB’s Office of Financial Protection for Older Americans, released a report studying the financial abuse reported in SARs, discussing key facts and trends revealed after the Bureau analyzed 180,000 elder exploitation SARs filed with the FinCEN from 2013 to 2017. Key findings of the report included, (i) SARs filings on elder financial abuse quadrupled from 2013 to 2017, with 63,500 SARs reporting the abuse in 2017; (ii) the average amount of loss to an elder was $34,200, while the average amount of loss to a filer was $16,700; and (iii) more than half of the SARs involved a money transfer.
SEC, FINRA address digital asset securities compliance requirements
On July 8, the SEC and the Financial Industry Regulatory Authority (FINRA) issued a joint statement in response to compliance questions received from broker-dealer participants who handle digital asset securities. While recognizing that the application of federal securities law and FINRA rules to digital asset securities, as well as related innovative technologies, “raise novel and complex regulatory and compliance questions and challenges,” the joint statement encourages “reasonably practicable” efforts to address these issues. Among other things, the guidance emphasizes that broker-dealer participants who try to maintain custody of clients’ digital asset securities must comply with the SEC’s Customer Protection Rule to safeguard customers’ assets and prevent investor loss or harm. In situations involving noncustodial digital asset securities activities, relevant laws, rules, and requirements must also be followed, even if these activities generally do not raise the same level of concern. The SEC and FINRA also acknowledge that compliance with these rules may be challenging as technological enhancements and situations unique to digital asset securities continue to develop, and emphasize that they will continue to engage with broker-dealer participants as the marketplace evolves.
Agencies adopt final rules excluding community banks from the Volcker Rule; simplify regulatory capital rules
On July 9, the Federal Reserve Board (Fed), CFTC, FDIC, OCC, and SEC adopted a final rule implementing sections of the Economic Growth, Regulatory Relief, and Consumer Protection Act to grant an exclusion for community banks from the Volcker Rule, which generally restricts banking entities from engaging in proprietary trading and from owning, sponsoring, or having certain relationships with hedge funds or private equity funds. Qualifying financial institutions must have fewer than $10 billion in total consolidated assets and total trading assets, as well as liabilities that are equal to or less than five percent of their total consolidated assets. The rule also permits, under certain circumstances, a hedge fund or private equity fund organized and offered by a banking entity to share a name with a banking entity that is its investment advisor that is not an insured bank or bank holding company. The rule will take effect upon publication in the Federal Register.
The same day, the Fed, FDIC, and OCC also finalized a rule “intended to simplify and clarify a number of the more complex aspects of the agencies’ existing regulatory capital rules” for banks with less than $250 billion in total consolidated assets and less than $10 billion in total foreign exposure. Among other changes, the rule alters the capital treatment for mortgage servicing assets, certain deferred tax assets, as well as investments in the capital instruments of unconsolidated financial institutions. The final rule will be effective as of April 1, 2020, for the amendments to simplify capital rules, and as of October 1, 2019 for revisions to the pre-approval requirements for the redemption of common stock and other technical amendments.
CFPB updates Payday Rule Small Entity Compliance Guide
On June 28, the CFPB updated its Small Entity Compliance Guide for the Payday Lending Rule, which covers the payment-related requirements of the Rule. In addition to technical corrections, the update reflects the delayed compliance date for the mandatory underwriting provisions of the Rule. As previously covered by InfoBytes, on June 6, the Bureau released a final rule to delay the August 19, 2019 compliance date for the mandatory underwriting provisions of the Rule. Compliance with these provisions is now required by November 19, 2020.
23 states agree to streamline money service licensing process for fintech companies
On June 24, the Conference of State Bank Supervisors (CSBS) announced that financial regulators from 23 states have now agreed to a multi-state compact that will offer a streamlined licensing process for money services businesses (MSB), including fintech firms. As previously covered by InfoBytes, in February 2018, the original agreement included seven states. According to the announcement, 15 companies are currently involved in the initiative, and as of June 20, they have received 72 licenses. The 23 states participating in the MSB licensing agreement are: California, Connecticut, Georgia, Iowa, Idaho, Illinois, Kansas, Kentucky, Louisiana, Massachusetts, Mississippi. North Carolina, North Dakota, Nebraska, Ohio, Rhode Island, South Dakota, Texas, Tennessee, Utah, Vermont, Washington, and Wyoming.
OCC extends Dodd-Frank stress test compliance date
On June 4, the OCC extended the deadline for national banks and federal savings associations (FSAs) with consolidated assets between $100 billion and $250 billion to comply with the Dodd-Frank stress test (DFAST) requirements to November 25. In December 2018, the OCC issued a letter noting that prior DFAST exams and OCC supervision have indicated that qualifying banks with consolidated assets within these thresholds have adopted effective stress testing programs and integrated them into their general risk management tools, and as such, “requiring DFAST submissions for these banks in 2019 would provide limited supervisory value.” According to the OCC, the extension is consistent with the Economic Growth, Regulatory Relief, and Consumer Protection Act’s goal of reducing regulatory burden for applicable national banks and FSAs.
HUD proposes changes to FHA lender certification
On May 9, HUD announced several proposed revisions to the Federal Housing Administration’s (FHA) lender certification requirements in an effort to provide lenders and servicers “greater certainty in how to satisfy the agency’s compliance requirements.” HUD stated that the revisions are in response to the White House’s March Memorandum on Federal Housing Finance Reform, which included a directive that FHA work to diversify the network of FHA-approved lenders. (Covered by InfoBytes here.) The proposed changes include:
- Loan-Level Certifications. FHA released proposed changes to the Addendum to the Uniform Residential Loan Application (Form 92900-A), reorganizing the Form in a “logical, easy to read, and understandable format” and eliminating “duplicative information collected elsewhere.”
- Annual Lender Certification Statements. FHA released proposed changes to the Annual Lender Certification Statements, including a side-by-side comparison of the current and proposed changes. The changes are intended to “better align [the certifications] with National Housing Act standards while continuing to hold lenders accountable for compliance with HUD eligibility requirements.” The proposed changes include deleting redundancies and replacing handbook references with a general certification to compliance with the requirements of 24 CFR § 202.5.
- Defect Taxonomy. FHA released proposed changes to the Defect Taxonomy. The draft of the Defect Taxonomy Version 2 includes (i) changes to the Severity Tier definitions; (ii) potential remedies that align with each Severity Tier; (iii) revised sources and causes in certain defect areas; (iv) new defect areas for servicing loan reviews; and (v) HUD policy references.
All proposals are posted on the FHA’s Drafting Table for 30-day feedback through June 8.