InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB asks tech workers to report AI lending discrimination
On December 15, the CFPB released a blog post calling on technology workers to report potential violations of federal consumer financial laws, including related to artificial intelligence (AI), as part of the Bureau’s efforts to adapt to the evolving financial landscape. According to the Bureau, AI has become a part of nearly every consumer financial market, creating the potential for intentional and unintentional discrimination within the decision-making process. As an example, while algorithmic mortgage underwriting has the potential to reduce discrimination, the Bureau warned that “researchers found discriminatory effects of these new technologies, as Black and Hispanic families have been more likely to be denied a mortgage compared to similarly situated white families.” The Bureau asked tech workers, including engineers, data scientists, and others with detailed knowledge of these algorithms and technologies, to report potential discrimination or other misconduct to the Bureau to help ensure these technologies are not being misused or abused. “Tech workers may have entered the field to change the world for the better, but then discover their work being misused or abused for unlawful ends,” CFPB Chief Technologist Erie Meyer stated. The Bureau updated its whistleblower webpage to provide additional information on the whistleblower submission process, and noted that fair lending experts and technologists will review submitted whistleblower tips. The webpage also describes the type of information the Bureau is seeking, and outlines whistleblower protections.
NY Fed launches center to study fintech and central banking
On November 29, the Federal Reserve Bank of New York announced the launch of the New York Innovation Center (NYIC), which is intended to advance the partnership with the Bank for International Settlements (BIS) Innovation Hub. According to the announcement, the NYIC will aim to, among other things: (i) identify and develop insights on financial technology trends associated to central banks; (ii) examine the development of public goods to increase the global financial system function; and (iii) “advance and support expertise in the area of central bank innovation.” According to the announcement, to inform the activities of the NYIC, the New York Fed will focus on five opportunity areas, which include “Supervisory and Regulatory Technology, Financial Market Infrastructures, Future of Money, Open Finance, and Climate Risk.” The announcement also noted that, “[t]his work will be based on the venture development process, drawing on principles from entrepreneurship, venture capital, and corporate innovation to produce high-impact solutions.”
Freddie says cryptocurrency can’t be used for mortgage qualification
On December 1, Freddie Mac released Bulletin 2021-36 to Freddie Mac sellers to provide guidance on selling updates. The bulletin provides guidance on, among other things: (i) 2022 conforming loan limits; (ii) extension of the guarantee fee obligation; (iii) affordable lending; (iv) credit underwriting; and (v) document custody. In order to address uncertainty regarding the treatment of cryptocurrency in mortgage underwriting, the bulletin specifically addresses requirements related to cryptocurrency’s use in the mortgage qualification process. These requirements include, among other things, that income paid to the borrower in cryptocurrency cannot be utilized to qualify for a mortgage and that “[c]ryptocurrency may not be included in the calculation of assets as a basis for repayment of [the] obligation.” Unless otherwise noted, the changes issues in the bulletin are effective immediately.
OCC gives guidance on cryptocurrency, trust bank chartering
On November 23, the OCC issued Interpretive Letter 1179, which clarified and expanded on prior interpretive letters concerning bank engagements in cryptocurrency activities. Interpretive Letter 1179 also addressed the OCC’s authority to charter national trust banks. According to the OCC, national banks and federal savings associations may engage in certain cryptocurrency activities discussed in Interpretive Letters 1170, 1172, and 1174, provided a bank is able to “demonstrate, to the satisfaction of its supervisory office, that it has controls in place to conduct the activity in a safe and sound manner.” Legally permissible activities include those pertaining to (i) cryptocurrency custody services; (ii) the holding of dollar deposits to serve as “reserves backing stablecoin in certain circumstances”; (iii) acting “as nodes on an independent node verification network” to verify customer payments; and (iv) bank engagements with distributed ledger technology to facilitate payment transactions for certain stablecoin activities. A bank intending to engage in such activities must first notify its supervisory office and should not engage in any activity until it receives permission. Supervisory offices must assess whether a bank’s risk management systems and controls are sufficiently adequate for engagement in such activities. “Today’s letter reaffirms the primacy of safety and soundness. Providing this clarity will help ensure that these cryptocurrency, distributed ledger, and stablecoin activities will be conducted by national banks and federal savings associations in a safe and sound manner,” acting Comptroller Michael Hsu stated in an agency press release. “Because many of these technologies and products present novel risks, banks must be able to demonstrate that they have appropriate risk management systems and controls in place to conduct them safely. This will provide assurance that crypto-asset activities taking place inside of the federal regulatory perimeter are being conducted responsibly.”
The Interpretive Letter also addressed OCC standards for chartering national bank trusts, as previously discussed in Interpretive Letter 1176. The OCC reiterated that it “retains discretion to determine if an applicant’s activities that are considered trust or fiduciary activities under state law are considered trust or fiduciary activities for purposes of applicable federal law.” The OCC further emphasized that the OCC’s chartering authority does not expand or modify current responsibilities under 12. C.F.R. Part 9 for national banks that have already been granted fiduciary powers, and that “national banks currently conducting activities in a non-fiduciary capacity that are not subject to Part 9 have not, and will not, become subject to 12 C.F.R. Part 9 because of the letter.”
Agencies discuss crypto-asset next steps
On November 23, the FDIC, OCC, and Federal Reserve Board issued a joint statement summarizing a recent series of interagency “policy sprints” focused on crypto-assets. During the policy sprints, the agencies conducted preliminary analysis on issues related to banking organizations’ potential involvement in crypto-asset-related activities, and identified and assessed key risks related to safety and soundness, consumer protection and compliance. The agencies also, among other things, analyzed the applicability of existing regulations and guidance on this space and identified several areas where additional public clarity is needed. Throughout 2022, the agencies intend to provide greater clarity on whether certain crypto-asset-related activities conducted by banking organizations are legally permissible. The agencies also plan to expand upon their safety and soundness expectations related to: (i) crypto-asset safekeeping and traditional custody services; (ii) ancillary custody services; (iii) facilitation of customer purchases and the sale of crypto-assets; (iv) loans collateralized by crypto-assets; (v) issuance and distribution of “stablecoins”; and (vi) activities involving a bank’s holding of crypto-assets on its balance sheet. The joint statement, which does not alter any current regulations, also states that the agencies plan to “evaluate the application of bank capital and liquidity standards to crypto-assets for activities involving U.S. banking organizations” and that the agencies will continue to monitor developments in this space as the market evolves.
OCC calls for modernization of financial regulatory perimeter as fintechs/crypto firms increase
On November 16, acting Comptroller of the Currency Michael J. Hsu told attendees at the Federal Reserve Bank of Philadelphia’s Fifth Annual Fintech Conference that the federal banking agencies are “approaching crypto activities very carefully and with a high degree of caution” and “expect banks to do the same.” Hsu pointed out what while changes to the financial regulatory perimeter generally occur as a response to crises and failures, regulatory agencies need to take proactive modernization measures given the astounding growth and expansion of fintechs and cryptocurrencies. Hsu highlighted several important questions that agencies must consider, including whether fintech and crypto firms will start to function like banks and whether bringing them into the bank regulatory perimeter would be the proper solution. He also stated that regulatory agencies must consider whether the risks faced by banks and fintech/crypto firms are the same and, subsequently, whether agencies need to modernize or maintain their status quo. Hsu focused on two specific areas of concern: (i) synthetic banking, or fintechs, operating outside the bank regulatory perimeter but that offer a range of services, including extending various forms of credit and offering interest on cash held in accounts (emphasizing the importance of fintech-bank partnerships); and (ii) the fragmented supervision of universal crypto firms, where Hsu asserted that gaps in supervision are driven by the fact that crypto firms are not subject to comprehensive consolidated supervision.
Hsu announced that the agencies will soon issue a statement conveying results from a recent interagency “crypto sprint,” and that the OCC will also provide clarity on its recently concluded review of crypto-related interpretive letters. Hsu explained that “safety and soundness is paramount” when banks engage in crypto activities and that the agencies’ clarifications “should not be interpreted as a green light or a solid red light, but rather as reflective of a disciplined, deliberative, and diligent approach to a novel and risky area.”
FTC releases draft strategic plan for FY 2022 - 2026
On November 12, the FTC released a preliminary draft of the Strategic Plan for Fiscal Years 2022 to 2026 for public review and comment. Recognizing that protecting the public from unfair or deceptive acts or practices in the marketplace is a key FTC strategic goal, the draft Strategic Plan outlines several objectives guiding the Commission’s work in this area including (i) identifying, investigating, and taking enforcement action to deter these types of harm; (ii) providing consumers and businesses with guidance and tools to prevent harm; (iii) engaging in domestic and international collaboration efforts to enhance consumer protections, including those related to telemarketing, internet fraud, and privacy violations; and (iv) advancing measures to support underserved and marginalized communities. Recognizing that consumers cannot always identify whether unfair or deceptive practices have occurred, the FTC reports it will continue to identify consumer protection violations and collaborate with law enforcement partners to identify trends and targets and enforce consumer protection laws. These efforts will include safeguarding consumer privacy and litigating cases involving privacy risks.
Additional goals outlined within the draft Strategic Plan focus on marketplace competition, anticompetitive mergers, antitrust issues, resource management and workforce protections, and climate readiness. The draft Strategic Plan notes the importance of “cross-training staff on both consumer protection and competition issues” and of “grasping market realities” as “the economy becomes increasingly digitized.” According to the FTC, the “agency plans to be especially attentive to next-generation technologies, innovations, and nascent industries across sector.” Comments on the draft plan may be submitted through November 30.
U.S. and Israel form partnership to combat ransomware; U.S. enters cybersecurity initiative with France
On November 14, the U.S. Treasury Department announced the establishment of a bilateral partnership with the Israeli Ministry of Finance as part of the Biden Administration’s efforts to crackdown on ransomware. The partnership is part of the U.S.-Israeli Task Force on Fintech Innovation and Cybersecurity, which was launched the same day. During the launch of the partnership, Treasury Department Deputy Secretary Wally Adeyemo and Israeli counterparts affirmed their commitment for encouraging robust fintech innovation and reinforced the importance of working together to combat cyber threats posed by nation-state and criminal actors to the global economy. The Task Force will take several measures, including immediately developing a Memorandum of Understanding that will support “(1) permissible information sharing related to the financial sector, including cybersecurity regulations and guidance, cybersecurity incidents, and cybersecurity threat intelligence; (2) staff training and study visits to promote cooperation in the area of cybersecurity and the financial system; and, (3) competency-building activities such as the conduct of cross-border cybersecurity exercises linked to global financial institutions financial and investment flows.” The Task Force also plans to launch a series of expert technical exchanges to support fintech innovation and examine ways cyber-analytics firms and fintech/regtech innovations are developing new measures to combat illicit finance risk and enhance public sector analytical and enforcement activities. According to Adeyemo, international cooperation is vital for addressing virtual currency abuses and disrupting the ransomware business model.
Separately, on November 10, Vice President Kamala Harris announced, among other initiatives, an international cybersecurity initiative with France to combat cyber threats. Harris stated that the U.S. will support the Paris Call for Trust and Security in Cyberspace, which the White House described as “a voluntary commitment to work with the international community to advance cybersecurity and preserve the open, interoperable, secure, and reliable internet.” According to the announcement, the U.S. “looks forward to continued partnership with France and other governments, private sector, and civil society around the world to advance and promote norms of responsible behavior in cyberspace.” Harris’ announcement builds on recent counter-ransomware actions taken to increase international cooperation to combat cybercrime. (Covered previously by InfoBytes here.)
DFPI addresses several MTA licensing exemptions
Recently, the California Department of Financial Protection and Innovation (DFPI) released several new opinion letters covering aspects of the California Money Transmission Act (MTA) related to virtual currency and agent of payee rules. Highlights from the redacted letters include:
- Cryptocurrency and Agent of Payee Exemption. The redacted opinion letter reviewed whether MTA licensure is required for a company’s proposal to offer payment processing services that would enable merchants to receive payments in U.S. dollars from buyers of goods and services, automatically exchange these payments into dollar-denominated tokens on a blockchain network, and to store the tokens in a custodial digital wallet. DFPI currently does not require licensure for companies to receive U.S. dollars from a buyer for transfer to a merchant’s wallet as dollar tokens. DFPI explained that even if it did regulate this activity, the structure of the company’s payment processing services satisfies the requirements of the agent-of-payee exemption, wherein the company acts as the agent of the merchant pursuant to a preexisting written contract and the company’s receipt of payment satisfies the buyer’s obligation to the merchant for goods or services. DFPI further explained that while storing dollar tokens in a custodial digital wallet or making subsequent transfers out of a wallet do not currently require licensure under the MTA, DFPI may later determine the activities are subject to regulatory supervision.
- Asset-Backed Tokens and Other Cryptocurrency. The redacted opinion letter asked DFPI whether an MTA license is required to (i) provide technical services to enable owners of metal to create digital assets representing interests in that metal; (ii) facilitate trading in these digital assets; or (iii) provide digital wallets to customers. The company intends to create a platform to facilitate the creation, sale, and trading of metal asset-backed tokens, whereby a customer purchases metal asset-backed tokens (ABTs) or currency tokens using fiat currency stored in an FBO account. Customers will not be allowed to transmit fiat currency to each other except to facilitate the purchase of ABTs or currency tokens, to receive proceeds from ABTs, or to pay platform fees. DFPI explained that while issuing stored value is generally considered money transmission, “[p]roviding technical services to assist in the creation of a [m]etal ABT and [i]ndustrial [t]okens and issuing a digital wallet holding the [m]etal ABT does not require licensure.” DFPI noted that the company is not itself issuing the ABT or industrial tokens. DFPI further concluded that the company does not need an MTA license to issue a digital wallet holding metal ATBs because the digital wallet is not stored value nor can the wallet’s contents be redeemed for money or monetary value or be used as payment for goods or services. DFPI separately indicated that a license is not currently required to facilitate the sale of ABTs, nor the issuance and sale of currency tokens. However, DFPI warned the company that the opinion only pertains to MTA, and that the company should be aware that metal ABTs and industrial tokens “could be considered a commodity and California Corporations Code section 29520 generally prohibits the sale of a commodity, unless an exception applies.”
- Cryptocurrency-to-Precious Metals Dealer. The redacted opinion letter reviewed whether an online cryptocurrency-to-precious metals dealer, which accepts a variety of different cryptocurrencies in exchange for precious metals and also purchases precious metals from customers using different cryptocurrencies, requires MTA licensure. The company referenced a 2016 decision where DFPI determined that a company operating a software technology platform to facilitate the purchase and sale of gold was not engaged in money transmission, that gold and other precious metals were not payment instruments, that the transactions did not represent selling or issuing stored value, and that “the activity did not constitute receiving money for transmission because the sale or repurchase of gold was a bargained-for-exchange and did not involve transmission to a third party.” The company argued that purchasing and selling precious metals with cryptocurrency is similar and should not trigger MTA’s licensing requirement. DFPI agreed that the company’s business activities do not meet the definition of money transmission because precious metals are not payment instruments, and as such, purchasing and selling precious metals for cryptocurrency does not represent the sale or issuance of a payment instrument. Additionally, DFPI concluded that the company is not selling or issuing stored value, nor do the transactions “involve the receipt of money or monetary value for transmission within or outside the U.S.”
- Virtual Currency Wallet. The redacted opinion letter asked whether an MTA license is required to operate a platform that will provide customers with an account to store and transfer virtual currencies. The company will also provide customers access to an exchange where they can facilitate the purchase or sale of virtual currencies in exchange for other virtual currencies. Fiat currency will not be used on the platform. DFPI stated that it does not currently require companies to obtain an MTA license to operate a platform that provides customers with an account to store and transfer virtual currencies. DFPI further stated that a license is not required to operate a platform that gives customers access to an exchange to purchase or sell virtual currencies in exchange for other virtual currencies.
- Purchase of Cryptocurrency. The redacted opinion letter examined whether a company that offers clients a direct opportunity to buy cryptocurrency in exchange for fiat currency requires MTA licensure. The company explained, among other things, that there is no transmission of cryptocurrency to third parties and that it does not offer money transmission services. DFPI concluded that because the company’s activities are limited to directly selling cryptocurrency to clients, it “does not require an MTA license because it does not involve the sale or issuance of a payment instrument, the sale or issuance of stored value, or receiving money for transmission.”
DFPI reminded the companies that its determinations are limited to the presented facts and circumstances and that any change could lead to different conclusions. Moreover, the letters do not relieve the companies from any FinCEN or federal regulatory obligations.
SEC proposes amendments to electronic filing requirements
On November 4, the SEC announced two proposed amendments (Updating EDGAR Filing Requirements and Electronic Submission of Applications for Orders under the Advisers Act and the Investment Company Act, Confidential Treatment Requests for Filings on Form 13F, and Form ADV-NR; Amendments to Form 13F), which update electronic filing requirements. These proposed amendments are intended to increase efficiency, transparency, and operational resiliency by modernizing how information is submitted to the SEC and disclosed. The proposed rule and form amendments would require, among other things, certain forms to be filed or submitted electronically and would make technical amendments to certain forms to require structured data reporting and eliminate outdated references. According to the SEC, the Commission currently allows, and at times requires, certain forms to be filed or submitted in paper format. The SEC also noted that publicly filed electronic submissions would be more readily accessible to the public and would be available in a searchable format on the SEC’s website. The public comment period will be open for 30 days after publication in the Federal Register.
The same day, the SEC published a fact sheet clarifying, among other things, how the rule applies and what is required under the proposed amendments. According to a statement released by SEC Chair Gary Gensler, “just as we are hoping to update our rules for market participants in the face of rapidly changing technology, it’s also important that we update our rules to make filing obligations more efficient.”