InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB releases new No-Action Letter policy and new product sandbox
On December 10, the CFPB released a new proposed policy on No-Action Letters (NAL) and a new federal product sandbox. The new NAL proposal, which would replace the 2016 NAL policy, is “designed to increase the utilization of the Policy and bring certain elements more in line with similar no-action letter programs offered by other agencies.” The proposal consists of six sections. Highlights include:
- Description of No-Action Letters. The letter would indicate to the applicant, that subject to good faith, substantial compliance with the terms of the letter, the Bureau would not bring a supervisory or enforcement action against the recipient for offering or providing the described aspects of the product or service covered by the letter.
- Submitting Applications. The proposal includes a description of the items an application should contain and invites applications from trade associations on behalf of their members, and from service providers and other third parties on behalf of their existing or prospective clients.
- Assessment of Applications. The Bureau intends to grant or deny an application within 60 days of notifying the applicant that the application is deemed complete.
- Issuing No-Action Letters. NALs will be signed by the Assistant Director of the Office of Innovation or other members in the office, and will be duly authorized by the Bureau. The Bureau may revoke a NAL in whole or in part, but before the Bureau revokes a NAL, recipients will have an opportunity to cure a compliance failure within a reasonable period.
- Regulatory Coordination. In order to satisfy the coordination requirements under Dodd-Frank, the Bureau notes it is interested in partnering with state authorities that issue similar forms of no-action relief in order to provide state applicants an alternative means of also receiving a letter from the Bureau.
- Disclosure of Information. The Bureau intends to publish NALs on its website and in some cases, a version or summary of the application. The Bureau may also publish denials and an explanation of why the application was denied. The policy notes that disclosure of information is governed by the Dodd-Frank Act, FOIA and the Bureau’s rule on Disclosure of Records and Information, which generally would prohibit the Bureau from disclosing confidential information.
Notable changes from the 2016 NAL policy include, (i) NALs no longer have a temporal duration—under the new proposal, there is no temporal limitation except in instances of revocation; (ii) applicants are no longer are required to commit to sharing data about the product or service covered by the application; and (iii) the letters are no longer staff recommendations, but issued by authorized officials in the Bureau to provide recipients greater assurance of the relief.
The proposal also introduces the Bureau’s “Product Sandbox,” which offers substantially the same relief as the NAL proposal but also includes: (i) approvals under one or more of three statutory safe harbor provisions of TILA, ECOA, or the EFTA; and (ii) exemptions by order from statutory provisions of ECOA, HOEPA, and FDIA, or regulatory provisions that do not mirror statutory provisions under rulemaking authority. The proposal notes that two years is the expected duration for participation in the Sandbox, but similar to the no-action relief above, the no-action relief from the Sandbox program can be of unlimited duration—if approved under the sandbox program, “the recipient would be immune from enforcement actions by any Federal or State authorities, as well as from lawsuits brought by private parties.”
Comments on the proposals are due within 60 days of publication in the Federal Register.
NYDFS and international bank enter into second supplemental consent order over BSA/AML compliance deficiencies
On November 21, NYDFS and an international bank entered into a second supplemental consent order covering its settlement over alleged deficiencies in the bank’s Bank Secrecy Act/anti-money laundering and Office of Foreign Assets Control (OFAC) compliance program controls. As previously covered by Infobytes, in 2012, the bank agreed to engage an independent on-site monitor for 24 months to evaluate the New York branch’s BSA/AML and OFAC compliance programs and operations and was issued a $340 million civil money penalty. In 2014 NYDFS issued a subsequent consent order outlining the monitor’s findings, including reports of significant failures in the bank’s transaction monitoring. The 2014 order extended the engagement of the monitor for another two years, outlined remedial measures to address continued deficiencies, and required the bank to pay an additional $300 million civil money penalty. In April 2017, NYDFS and the bank entered into the first supplemental consent order to modify the 2012 and 2014 orders, acknowledging the bank made significant improvements in its BSA/AML compliance program but extended the monitor through December 2018 with all the other terms and conditions of the 2012 and 2014 consent orders remaining in full effect.
Now, beginning January 1, 2019, the second supplemental order issued by NYDFS requires the bank to engage an independent consultant, selected by the regulator, for a period of up to one year, with a possible extension of one additional year, to provide guidance for completing remediation called for in the 2012 and 2014 consent orders. In response to the second supplemental order, the bank stated it remained “committed to completing the remaining tasks necessary for that remediation.”
FDIC releases September enforcement actions, including breaches of fiduciary duty and BSA violations
On October 26, the FDIC announced a list of administrative enforcement actions taken against banks and individuals in September. Included among the actions is a removal and prohibition and civil money penalty assessment issued against a bank’s president, CEO and board chairman (in his individual capacity as an institution-affiliated party) of a Florida-based bank for allegedly engaging in unsafe or unsound practices and breaches of fiduciary duty while employed by the bank. Among other claims, the respondent allegedly created a conflict of interest when he operated a consumer finance company, which he personally owned, out of one of the bank's branches. The FDIC contends that the respondent (i) operated the company through the utilization of bank property and staff without reimbursing the bank; (ii) issued loans to bank customers through the company; (iii) repaid the company using overdraft funds from customers’ bank accounts; and (iv) “caused the release and sale of bank collateral without full repayment to the bank when a portion of the sale proceeds were being used to pay on a finance company loan.” According to the FDIC, the respondent failed to disclose his actions to the bank’s board of directors as required by state law and a consent order the bank entered into in July 2010.
Additionally, a consent order was issued to a South Carolina bank related to alleged weaknesses in its Bank Secrecy Act (BSA) compliance program. The bank was ordered to, among other things, (i) revise and implement internal controls and policies and procedures for BSA compliance, including suspicious activity monitoring and reporting and customer due diligence procedures; (ii) perform an enhanced risk assessment of the bank’s operations; and (iii) take necessary steps to correct or eliminate all cited violations, such as conducting independent testing and implement effective BSA training programs.
There are no administrative hearings scheduled for November 2018. The FDIC database containing all 24 enforcement decisions and orders may be accessed here.
Federal Reserve enters into written compliance agreement with Oklahoma state bank
On October 22, the Federal Reserve Board (Board) entered into a written agreement with an Oklahoma state chartered bank, which outlines a compliance proposal to “maintain the financial soundness” of the bank. The agreement requires the bank to submit, within 60 days, written plans to improve various aspects of the bank’s functions including, but not limited to, (i) internal controls; (ii) credit risk management; (iii) liquidity and funds management; (iv) interest rate risk management; (v) information technology/cybersecurity; and (vi) BSA/AML compliance. The agreement also prevents the bank from extending, renewing, or restructuring any credit for any borrower whose loans or other extensions of credit were part of the Board’s examination critiques, without prior approval from the board of directors, who are required to document the reasons for the credit extension and certify its compliance with the terms of the agreement.
State banking supervisors ask congressional leaders for marijuana banking services clarity
On August 24, 13 state banking supervisors sent a letter asking congressional leaders “to consider legislation that creates a safe harbor for financial institutions to serve state-compliant [marijuana] business, or entrusts sovereign states with the full oversight and jurisdiction of marijuana-related activity.” According to the letter, while 31 states, the District of Columbia, and two territories have legalized medical and/or recreational marijuana use as of August 1, many financial institutions choose not serve marijuana businesses due to a perceived threat of asset forfeitures or criminal penalties. The letter notes that this results in inadequate regulation, cash transactions that are difficult to track, “a diminished ability to identify operators acting to circumvent federal and state licensing and regulatory frameworks,” and concerns for public safety. In addition, according to the state regulators, the rescission of the 2013 “Cole Memo”—which outlined the DOJ’s marijuana enforcement priorities and was relied upon by a limited number of financial institutions—has led to greater uncertainty for banks that serve marijuana businesses. The letter also discusses the Financial Crimes Enforcement Network’s 2014 guidance—which clarifies expectations under the Bank Secrecy Act for financial institutions providing services to marijuana businesses—and further stresses that “the Rohrabacher amendment prohibiting federal funds being used to inhibit state medicinal marijuana programs [is] an impermanent approach that requires a permanent resolution.”
In July, and as previously covered in InfoBytes, the New York Department of Financial Services (NYDFS) issued guidance which encouraged New York state chartered banks and credit unions to consider establishing relationships with regulated and compliant medical marijuana and industrial hemp-related businesses operating in New York. NYDFS stated it will not impose any regulatory action on a New York financial institution that establishes a relationship with a regulated marijuana business as long as the institution also complies with other applicable guidance and regulations.
CFPB Succession: Bureau reportedly no longer examining for MLA compliance
According to reports citing “internal agency documents,” acting Director of the CFPB Mick Mulvaney intends to cease supervisory examinations of the Military Lending Act (MLA), contending the law does not explicitly prescribe the Bureau the authority to examine financial institutions for compliance with the MLA. In 2013, amendments to the MLA granted enforcement authority to the same agencies with administrative enforcement power under TILA, including the Bureau, but these amendments did not also provide these same agencies with the statutory authority to supervise institutions for compliance with the MLA. The Bureau currently includes the MLA in the statutory- and regulation-based procedures section of the Supervision and Examination Manual and has not released a formal statement in response to reports of this supervisory change.
CFPB updates “workpapers” section of Supervision and Examination Manual
In August, the CFPB released an updated version of the Supervision and Examination Manual, which includes minor changes to the workpapers section of the examination process and an updated scope summary template. According to the manual, workpapers are the records documenting the review conducted by examiners to reach conclusions about the financial institution’s compliance with federal consumer protection laws. The manual emphasizes that “[a]ll information collected and all records created during the review that are used to support findings and conclusions could potentially be included in the workpapers” and all workpapers must be reviewed and signed off by the examiner in charge. The Bureau requires all workpapers and related documentation to be maintained in electronic form.
Washington state updates mortgage provisions of Consumer Loan Act
On July 24, the Washington Department of Financial Institutions adopted new mortgage-related provisions of the state’s Consumer Loan Act (CLA). In addition to technical changes and certain definition modifications, the rulemaking, among other things, (i) adds a requirement that if electronic records are stored using a closed service, the service must be located in the U.S. or its territories; (ii) prohibits certain servicing activities, such as receiving payments and collection activities, from being conducted outside the U.S. or its territories; and (iii) requires servicers to maintain a compliance management system with the functionalities that are described in the CFPB’s Supervision and Examination Manual. The rulemaking is effective September 1.
NYDFS encourages New York state chartered financial institutions to establish relationships with medical marijuana businesses
On July 3, the New York Department of Financial Services (NYDFS), at the direction of Governor Andrew Cuomo, released guidance encouraging New York state chartered banks and credit unions to consider establishing relationships with regulated and compliant medical marijuana and industrial hemp-related businesses operating in New York. According to the guidance, these businesses often rely solely on cash to conduct transactions, because of a lack of access to traditional financial services. The press release announcing the guidance cites to the New York Compassionate Care Act, enacted in 2014, which provides medical patients suffering from “debilitating symptoms and diseases” access to, under strict requirements, medical marijuana. NYDFS is encouraging New York financial institutions to form appropriate banking relationships with these business, because “[p]roviding access to regulated banking services is an essential part of taking the legal cannabis industry out of the shadows and establishing it as a transparent, regulated, tax-paying part of our economy, and a necessary part of fulfilling the goal of relieving the suffering of seriously ill patients.”
NYDFS will not impose any regulatory action on a New York financial institution that establishes a business relationship with legal medical marijuana and industrial hemp-related businesses, as long as the institution also complies with other applicable guidance and regulations, such as the Financial Crimes Enforcement Network’s 2014 guidance—which clarifies expectations under the Bank Secrecy Act (BSA) for financial institutions providing services to these businesses.
Comptroller Otting discusses regulatory priorities during congressional testimonies
On June 13 and 14, Comptroller of Currency Joseph Otting appeared before the House Financial Services Committee and the Senate Committee on Banking, Housing, and Urban Affairs to discuss his priorities as Comptroller. As highlighted in the identical press releases for both House and Senate hearings, Otting testified about the OCC’s achievements and efforts since being sworn in as Comptroller in November 2017. Among other things, Otting discussed the agency’s efforts to (i) modernize the Community Reinvestment Act (CRA); (ii) promote compliance with the Bank Secrecy Act and anti-money laundering regulations (BSA/AML); and (iii) simplify the Volcker Rule, particularly for small and mid-size banks. Otting emphasized in his written testimony that his priority is to reduce the regulatory burden on financial institutions, specifying that the CRA requirements have become "too complex, outdated, cumbersome, and subjective." To that end, Otting stated that the OCC, in coordination with other federal agencies, is preparing an advance notice of proposed rulemaking to gather information on potential CRA updates, which, in Otting’s view, should include (i) expanding the types of activities that are eligible for CRA credit; (ii) changing assessment areas so they are not based solely on where the bank has a physical presence; and (iii) providing clearer metrics. As for BSA/AML, Otting noted this was his “number two issue” behind reforming the CRA and the working group—the OCC, FinCEN, the FDIC, the Federal Reserve, and NCUA— will likely address key issues like de-risking and improvement of transparency over the next three to six months. Otting noted his pleasure with the Volcker Rule changes in the Economic Growth, Regulatory Relief, and Consumer Protection Act (S.2155/ P.L. 115-174) but cautioned that fine-tuning may be necessary as the OCC proceeds with implementation.