Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • OCC Updates Comptroller's Handbook to Include New Corporate and Risk Governance Booklet

    Consumer Finance

    On July 29, the OCC released the “Corporate and Risk Governance” booklet to update, consolidate, and rescind various booklets in the Comptroller’s Handbook. The new booklet is intended to provide examiners with a summary of corporate and risk governance, related risks, the board’s and management’s respective roles and responsibilities in corporate and risk governance, and examination procedures. The new booklet identifies the following as the primary risk categories associated with corporate and risk governance: (i) strategic; (ii) reputation; (iii) compliance; and (iv) operational. The booklet advises banks to maintain corporate and risk governance structures and practices that align with their changes in size, risk profile, and complexity. According to the booklet, an effective corporate and risk governance framework is key to the safe and sound operation of a financial institution and stimulates public confidence in the financial system.

    Examination OCC Risk Management Comptroller's Handbook

  • OCC Releases Semiannual Risk Perspective Report

    Privacy, Cyber Risk & Data Security

    On July 11, the OCC released its Semiannual Risk Perspective for Spring 2016, which generally provides an overview of supervisory concerns for the federal banking system and specifically presents data as of December 31, 2015 in the following areas: (i) operating environment; (ii) bank performance; (iii) key risk issues; and (iv) regulatory actions. Similar to the fall 2015 report, the current report identifies cybersecurity, third-party vendor management, business continuity planning, TRID, and BSA/AML compliance, among other things, as key areas of potential operational and compliance risk. Further, the report highlights the new Military Lending Act rule, effective October 3, 2016, as a new key potential risk. According to the report, the OCC’s supervisory priorities for the next twelve months will generally remain the same; moreover, the outlook for the OCC’s Large Bank Supervision and Midsize and Community Bank Supervision operating units will remain broadly similar.

    OCC Anti-Money Laundering Bank Secrecy Act Bank Supervision Military Lending Act Risk Management TRID Vendor Management Privacy/Cyber Risk & Data Security

  • OCC to Host Risk Governance and Credit Workshops

    Consumer Finance

    On August 16, the OCC will host a Risk Governance workshop intended to provide directors of national community banks and federal savings associations with information to measure and manage risk. On August 17, the OCC will also host a Credit Risk workshop. Each workshop will take place in Kansas City, Missouri and will be limited to 35 registrants.

    OCC Risk Management

  • OCC Updates Comptroller's Handbook to Include New Student Lending Booklet

    Consumer Finance

    On May 9, the OCC updated its Comptroller’s Handbook to include a new booklet titled “Student Lending.” Despite banks having to alter their private student lending strategies as a result of the 2008 financial crisis, the OCC’s booklet maintains that banks can still benefit from the wider array of consumer products and the broader business model that the private student lending industry offers. The new booklet contains information related to banks’ participation in the private student lending industry, including, but not limited to:

    • Inherent credit, interest rate, liquidity, price, operational, compliance, strategic, and reputation risks in the industry.
    • Unique aspects of private student loans, such as the “significant time lag between loan advances and repayment, and the student borrower’s lack of certainty in finding a stable, reliable primary source of repayment after graduation.”
    • Regulatory expectations for safe and sound operations, cautioning that banks should adhere to the credit underwriting and documentation standards as stated in 12 CFR 30, appendix A, “Safety and Soundness Standards.”
    • Risk management practices, reminding banks that use third parties to market, solicit, or originate private student loans to have in place risk management frameworks that include due diligence in selecting third parties, written contracts that have been vetted for duties, obligations, and responsibilities of all parties (compensation parameters included), and ongoing monitoring and quality assurance programs.

    Designed for examiners to use in their examination and supervision of banks involved in the private student lending industry, the booklet outlines two sets of examination procedures: (i) primary examination, when an examiner’s objective is to “assess risk level, evaluate the quality of risk management, and determine the aggregate level and direction of risk of the bank’s student lending activities”; and (ii) supplemental examination, when examiners “determine whether student lending marketing activities are consistent with the bank’s business plans, strategic plans, and risk appetite, and that appropriate controls and systems are in place before the bank rolls out new products or new-product marketing initiatives.” Finally, the booklet advises examiners reviewing banks’ student lending activities to “remain alert for lending practices and product terms that could indicate discriminatory, unfair, deceptive, abusive, or predatory issues.”

    Examination OCC Student Lending Comptroller's Handbook Risk Management

  • FFIEC Updates IT Examination Handbook

    Fintech

    On April 29, the FFIEC updated its IT Examination Handbook, revising its Retail Payment Systems booklet to include an Appendix E, Mobile Financial Services. The Retail Payment Systems booklet consists of guidance intended to help examiners evaluate financial institutions’ and third-party providers’ management of risks associated with retail payment systems. Appendix E is designed to address risk management associated with mobile financial services (MFS): “Appendix E contains guidance pertaining to [MFS] risks that supplements existing booklet guidance on other retail payment topics, such as electronic payments related to credit cards and debit cards, remote deposit capture and changes in technology or retail payment systems.” Appendix E outlines risk management practices for the following MFS technologies: (i) short message service/text messaging; (ii) mobile-enabled web sites and browsers; (iii) mobile applications; and (iv) wireless payment technologies. In addition to MFS technologies, Appendix E also addresses management strategies related to (i) risk identification; (ii) risk measurement; (iii) risk mitigation; and (iv) monitoring and reporting.

    Examination FFIEC Mobile Payment Systems Risk Management Vendor Management

  • OCC Releases Risk Appetite Statement

    Consumer Finance

    On April 12, the OCC released its Risk Appetite Statement (Statement) summarizing the agency’s largely conservative approach toward managing risks to the OCC’s mission, the financial system, and consumers. The Statement sets forth the OCC’s risk management principles and risk tolerance levels – low, medium, or high – pertaining to the following interrelated categories: (i) supervision; (ii) human capital; (iii) strategic; (iv) reputation; (v) technology; (vi) operational; (vii) legal; (viii) external; and (ix) financial. Significantly, the Statement notes that the OCC maintains a “low [risk] appetite for supervisory processes that do not ensure bank management soundly manages risk, provides fair access to financial services, treats consumers fairly, and complies with applicable laws and regulations.” By contrast, according to the Statement, the OCC has a moderate risk appetite with respect to allowing its staff to exercise flexibility in supervisory judgment, supervisory plan execution, and inter- and intra-agency collaboration, in an effort to “remain nimble in meeting the challenges of an evolving banking landscape.”

    OCC Risk Management

  • FDIC Provides Commentary on Responsibilities and Duties of Banks' Boards of Directors

    Consumer Finance

    On April 5, the FDIC issued a special Corporate Governance Edition of its Supervisory Insights publication titled, “21st Century Reflections on the FDIC Pocket Guide for Directors.” The new edition provides guidance to community bank boards of directors as well as an expanded, community bank-focused commentary on the FDIC Pocket Guide for Directors, which was issued in 1988. It covers a range of topics, such as the proper roles of directors and officers, as well as objectives for the development of policies and procedures for risk management and strategic planning. While the existing version of the Pocket Guide remains unchanged, this edition of Supervisory Insights incorporates more recent guidance and resources that the FDIC has provided since 1988. For example, the FDIC emphasizes that, “[i]n addition to covering areas outlined in the Pocket Guide and Safety and Soundness Standards, community bank directors should ensure that senior management has established appropriate risk management policies and procedures in Bank Secrecy Act (BSA)/Anti-Money Laundering (AML) compliance, information technology and cyber risk, and compliance with Community Reinvestment Act and consumer protection laws and regulations.”

    FDIC Anti-Money Laundering Bank Secrecy Act Community Banks Risk Management

  • SEC Announces Senior Staff Changes; New Office of Risk and Strategy

    Securities

    On March 8, the SEC announced a change in senior leadership, naming Robert M. Fisher the Managing Executive of the Office of Compliance Inspections and Examinations (OCIE). Succeeding Peter B. Driscoll, Fisher will be responsible for overseeing the OCIE’s business operations, technology servicers, examiner training, and Tips, Complaints and Referrals programs. The SEC also announced a new Office of Risk and Strategy within its Office of Compliance and Inspections and Examinations, naming Driscoll as its Chief Risk and Strategy Officer. The new office is intended to “consolidate and streamline the OCIE’s risk assessment, market surveillance, and quantitative analysis teams and provide operational risk management and organizational strategy for OCIE.” In his new role as Chief Risk and Strategy Officer, Driscoll will lead the Washington, D.C.-based Investment Adviser/Investment Company examination staff.

    In a separate March 10 announcement, the SEC named Anthony S. Kelly Co-Chief of the Enforcement Division’s Asset Management Unit (Unit). Succeeding Julie Riewe, Kelly joins Marshall Sprung to lead the Unit, which focuses on misconduct by investment advisers, investment companies, and private funds.

    Examination SEC Risk Management

  • OCC to Host Credit and Compliance Risks Workshops

    Consumer Finance

    On March 22, the OCC will host a Credit Risk workshop for directors of national community banks and federal savings associations. The workshop will focus on credit risk within the loan portfolio, including identifying trends and recognizing problems. In addition, the workshop will address (i) the board and management’s roles; (ii) how to stay informed of changes in credit risk; and (iii) how to effect change. On March 23, the OCC will host a separate Compliance Risk workshop that will include lectures, discussions, and exercises on key elements of a robust compliance risk management system. Topic discussions will include the BSA, Community Reinvestment Act, and the TRID rule. Both workshops will take place in Santa Ana, California; capacity is limited to the first 35 registrants.

    OCC Bank Compliance Community Banks Risk Management

  • FDIC Updates Videos on Interest Rate Risk

    Consumer Finance

    On February 3, the FDIC issued FIL-10-2016 announcing the release of updated videos on interest rate risk. The new videos are intended to provide directors, management, and staff of financial institutions with a better understanding of interest rate risk and how to manage it. The FDIC previously released an interest rate video made specifically for directors, and a series of more technical videos tailored to management and staff responsible for interest rate risk management. The FDIC’s updated videos (i) reflect recent industry data and expand on relevant topics; (ii) emphasize the FDIC’s expectation that institutions prudently manage interest rate risk; and (iii) address industry trends, board and management responsibilities, types of interest rate risk, various risk measurement systems, key modeling assumptions, internal controls, and independent review. Finally, according to the FDIC, “[f]inancial institution balance sheets continue to reflect a heightened mismatch between asset and funding maturities that, coupled with tighter net interest margins, have left financial institutions more vulnerable to rising interest rates.”

    FDIC Risk Management

Pages

Upcoming Events