InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
EU and U.S. release statement on Joint Financial Regulatory Forum
On September 29 and 30, EU and U.S. participants, including officials from the Treasury Department, Federal Reserve Board, CFTC, FDIC, SEC, and OCC, participated in the U.S. – EU Joint Financial Regulatory Forum to continue their ongoing financial regulatory dialogue. Matters discussed focused on six different themes: “(1) market developments and current assessment of financial stability risks, (2) sustainable finance, (3) multilateral and bilateral engagement in banking and insurance, (4) regulatory and supervisory cooperation in capital markets, (5) financial innovation, and (6) anti-money laundering and countering the financing of terrorism (AML/CFT).”
While acknowledging that both the EU and U.S. are experiencing “robust economic recoveries,” participants cautioned that the uncertainty around the Covid-19 pandemic and the economic outlook has not dissipated. “[C]ooperative international engagement to mitigate financial stability risks remains essential,” participants warned. Participants also explored issues concerning climate-related challenges for the financial sector and mandates for addressing climate-related financial risks, and touched upon the EU’s strategy for financing its transition to a sustainable economy. Regarding financial innovation, participants discussed potential central bank digital currencies and exchanged views on topics such as new types of digital payments, crypto-assets, and stablecoins, with all participants recognizing the “benefits of greater international supervisory cooperation” and “promot[ing] responsible innovation globally.” In addition, participants discussed progress made in strengthening their respective AML/CFT frameworks, “exchanged views on the opportunities and challenges arising from financial innovation in the AML/CFT area and explored potential areas for enhanced cooperation to combat money laundering and terrorist financing bilaterally and in the framework of [the Financial Action Task Force].”
CSBS responds to regulators’ request on emerging technologies
On September 27, the Conference of State Bank Supervisors (CSBS) sent a letter to Ranking Member of the Senate Banking Committee Senator Pat Toomey (R-PA) detailing state bank regulators’ role in supervising money transmission and virtual currencies, in addition to recommending an activities-based approach to regulation. The letter is in response to a request by Senator Toomey for input on the regulation of financial technologies earlier this year. In Senator Toomey’s August 26 letter, he requested collection of public comments on proposed legislative language, among other things, to regulate emerging technologies. The Senator also requested that each proposal have a brief description that includes “how it will encourage the growth of cryptocurrency and blockchain technology” in the U.S. According to the letter from CSBS, state bank regulators are encouraging “Congress and federal regulators to focus on the activities at issue and making clarifications in existing laws, regulations, and interpretations,” and believe that “[a]n activities-based approach must be performed with collaboration from all stakeholders or risk one regulatory view overextending into areas where it would hurt innovation and consumers.” CSBS also points out that the Money Transmission Modernization Act established a regulatory baseline and represents a critical step in enhancing multistate harmonization in the money transmission industry. CSBS further discussed Networked Supervision, a strengthened collaboration which permits states to operate as a network. According to the letter, earlier this year, CSBS approved public priorities, which highlighted efforts that states will take to advance Networked Supervision focused on money services businesses. CSBS states that these priorities “emphasize the states’ commitment to harmonization, collaboration, and innovation throughout the state regulatory system.”
FDIC issues QBP for 2Q 2021
On September 24, the FDIC released the second quarter 2021 Quarterly Banking Profile for FDIC-insured institutions, reporting an aggregate net income of $70.4 billion in the second quarter 2021, which is an increase of $51.9 billion (281 percent) from the same quarter a year ago. The FDIC emphasized, among other things, that community banks reported year-over-year quarterly net income growth of $1.9 billion (28.7 percent) in second quarter 2021, despite a narrower net interest margin. In addition, the FDIC noted that the Deposit Insurance Fund totaled $120.5 billion at the end of second quarter 2021, an increase of $1.2 billion from the previous quarter. The featured article, The Importance of Technology Investments for Community Bank Lending and Deposit Taking During the Pandemic, reported that community banks that invested more in technology generally noted quicker loan and deposit growth in 2020 than banks with less technology investment did. Faster loan growth for community banks with greater technology investment stemmed from participation in the Paycheck Protection Program, according to the article.
OCC says digital asset innovators must avoid another financial crisis
On September 21, acting Comptroller of the Currency Michael J. Hsu spoke before the Blockchain Association to discuss similarities between the current growth of cryptocurrencies and decentralized finance (DeFi) and credit default swaps in the early 2000s. In prepared remarks, Hsu emphasized that while innovation is exciting and presents the opportunity for unlocking great potential—especially in areas relating to blockchain, distributed ledger technologies and DeFi—innovators and leaders have a responsibility to learn from the past to avoid repeating mistakes that led to the 2008 financial crisis. Noting that many people believe crypto/DeFi “can dramatically increase financial inclusion,” Hsu pointed to a poll showing that should it be proven that there is “fool’s gold” within the cryptocurrency space, the underbanked and non-Whites will bear the burden the most as they reportedly own more cryptocurrency than other consumers. Hsu instructed innovators to make sure financial innovation is anchored in purpose and actually serves to expand access to banking services and credit. He also highlighted the importance of speaking up and raising difficult and inconvenient questions to “help ensure better and more sustained innovation in the long term,” as well as having a straightforward explanation for how money is made and lost in the crypto/DeFi space. Hsu’s observations may signal increased scrutiny by the OCC of digital assets, including in the areas of risk management and safety, and soundness generally.
House fintech task force discusses consumer data privacy
On September 21, the House Financial Services Committee’s Task Force on Financial Technology held a hearing titled, “Preserving the Right of Consumers to Access Personal Financial Data,” to discuss developments in fintech sharing and consumers’ right to control their own financial data. Task Force Chair, Stephen Lynch (D-MA), opened the hearing by expressing his concerns about the “uncertainty given the transformational technology and advancements as well as changing relationships and customer preferences.” He also noted that while the Committee is in agreement regarding the importance of protecting consumers’ control over their own financial data, “there’s a question whether both regulators and policymakers alike are moving fast enough to address the uncertainties.” The committee memorandum focused on recent developments in the data sharing fintech ecosystem discussed during the hearing, which included the following, among other things:
- Consumer Data Market Participants. The task force reported that new technologies have led financial service providers to utilize consumer-authorized data, such as data aggregators and payment processors. The task force also noted data privacy advocates have concerns that consumers may authorize the use of their data for purposes beyond what is understood by the consumer, and stated that the CFPB may consider the need for regulatory guidance on data use limitations, including possible time restrictions, in its rulemaking.
- Regulatory Structure Over Consumer Data. The task force discussed federal and state laws that cover data privacy, such as the Gramm-Leach-Bliley Act, FCRA, ECOA, and EFTA and their respective purposes in protecting consumer data through privacy and security.
- Screen Scraping, Application Program Interface (API), and Open Banking. The task force noted that many data aggregators have transitioned to using a structured data feed or API, instead of credential sharing and screen scraping. However, the task force expressed concerns that these methods may “lack adequate consumer protections and privacy protections, and face cybersecurity weaknesses.”
- DFA 1033 Rulemaking, Executive Order 14036, and Other Recent Developments. The task force discussed regulatory guidance and the need for clarity on consumer data sharing between financial institutions. The task force noted that some concerns from consumer advocates may involve the burden of liability or risk shifting to the consumer when consumers provide consent to financial institutions.
- International Data Sharing Landscape. The task force mentioned that several foreign countries promote consumer-permissioned data sharing access through APIs, due to cybersecurity concerns. For example, the United Kingdom requires large banks to adopt open API banking standards and the European Union’s General Data Protection Regulation established a set of rules regarding personal data throughout the EU.
Task force members heard concerns from witnesses regarding tighter legal and regulatory measures around data-sharing among financial institutions and third parties, in addition to requests for more robust, informed consent from consumers when their information is aggregated and allocated. Congressman Davidson (R-OH) expressed hope that the CFPB will find that individuals have a property right in their own data, and called for regulators to continue to “provide [a] consumer-focused, principle-based framework that will allow for innovation and competition.” He also found it encouraging that the “CFPB [is] continuing to make progress towards rulemaking under Section 1033 of the Dodd-Frank Act.”
New Jersey, Texas flag company for crypto practices
On September 17, the New Jersey Bureau of Securities (Bureau) announced a cease and desist order against a blockchain-based marketplace company for allegedly selling unregistered securities in the form of interest-earning crypto-asset accounts that raised approximately $14 billion. According to the Bureau, the company funded its cryptocurrency lending operations and proprietary trading partially through unregistered securities sales, in violation of the New Jersey Securities Law. The company allegedly solicited investments by depositing certain eligible cryptocurrencies into investors’ accounts at the company and pooling these cryptocurrencies together to fund its income generating activities, including lending and trading operations. According to the order, the company’s website fails to disclose that its product is not currently registered with any federal or state securities regulator, even though it is subject to such requirements. The Bureau also notes that this is the “second time in less than two months that the Bureau has taken action against a cryptocurrency firm for selling unregistered securities in New Jersey.” (Covered by InfoBytes here.)
The same day, the Texas State Securities Board issued a notice of hearing to determine whether to issue a proposal for decision for the entry of a cease and desist order against the company for allegedly violating the Securities Act by offering and selling securities in Texas without being registered as dealers or agents, among other things.
OCC’s Hsu discusses priorities for safeguarding trust in banking
On September 15, acting Comptroller of the Currency Michael J. Hsu spoke before the Exchequer Club to discuss several agency priorities relating to reducing inequality, adapting to digitization, acting on climate change, and guarding against complacency. In prepared remarks, Hsu stressed the importance of safeguarding trust in banking. While he acknowledged the value of strong rules and regulations, Hsu cautioned that rules “are not adaptive to emerging risks” and “cannot perceive and respond to trends and developments that may erode or threaten trust.” He further emphasized that regulators must coordinate efforts to ensure stability and fairness, and pointed to the growth of cryptocurrency and decentralized finance as areas where it is imperative that regulators work together to ensure activities taking place within the banking system or those that are facilitated by banks are trustworthy. “Innovation is important, but safeguarding trust is paramount,” Hsu stressed. Additionally, Hsu noted that “coordination among all financial regulators will also be needed in the future to ensure a level playing field and limit regulatory arbitrage and to keep shadow banking at a safe distance from the regulated financial system. These goals cannot be achieved if the financial regulatory agencies, including state banking supervisors, do not work together. Public trust in bank regulators will rise or fall depending on our ability to do so.”
Agencies extend comment period on proposed third-party relationship risk management guidance
On September 10, the OCC, Federal Reserve Board, and FDIC extended the comment period on the regulators’ proposed interagency guidance designed to aid banking organizations in managing risks related to third-party relationships, including relationships with fintech-focused entities. The deadline has been extended to October 18 and interested parties may submit comments until the deadline.
As previously covered by InfoBytes, the proposed guidance addresses key components of risk management, such as (i) planning, due diligence and third-party selection; (ii) contract negotiation; (iii) oversight and accountability; (iv) ongoing monitoring; and (v) termination. Coupled with the release of a Federal Reserve Board paper describing community bank and fintech partnerships, as well as interagency guidance to help community banks evaluate fintech relationships (covered by InfoBytes here), the federal bank regulators are demonstrating continued and increased focus on third-party risk management issues.
Fed describes landscape of community banks and fintech partnerships
On September 9, the Federal Reserve Board published a paper describing the landscape of community banks and fintech partnerships. The paper, Community Bank Access to Innovation through Partnerships, is not guidance but is intended to promote and support “responsible innovation” through access and understanding to financial technology, as well as appropriate third-party risk management and compliance guardrails. The paper follows interagency guidance released last month by the Fed, OCC, and FDIC, which addressed several key due diligence topics for community banks considering relationships with prospective fintech companies, as well as interagency proposed guidance on third party risk management—signals of the regulators’ continued and increased focus on third-party relationships. (Covered by InfoBytes here and here.) The paper provides anecdotal observations shared with the Fed by outreach participants and discusses the benefits and risks of different broad partnership types (operational technology partnerships, customer-oriented partnerships, and front-end fintech partnerships), and key considerations for engaging in such partnerships. According to the report, outreach participants presented a general belief that “fintech partnerships were most effective when three elements were present: a commitment to innovation across the community bank; alignment of priorities and objectives of the community bank and its fintech partner; and a thoughtful approach to establishing technical connections between key parties, including the bank, fintech, and the bank’s core services provider.”
CSBS releases Uniform Money Transmission Modernization Act
On September 9, the Conference of State Bank Supervisors (CSBS) released the Uniform Money Transmission Modernization Act as part of states’ broader effort for modernizing the state financial regulatory system. The act, also referred to as the Money Transmitter Model Law, is intended to replace 50 sets of state-specific money transmitter laws and rules with a single set of nationwide standards and requirements designed by state and industry experts. According to CSBS, the law is a result of continuing discussion among state regulators and industry that began under CSBS’ “Vision 2020”, which convened a Fintech Industry Advisory Panel to determine pain points in the state system (previously covered by InfoBytes here). Among other things, the law: (i) “[p]rovides regulators with the tools needed to regulate money transmitters of all sizes, including those that operate globally or small businesses operating locally”; (ii) standardizes definitions, exemptions, the licensing process, the change in control process, and requirements regarding safety and soundness; (iii) enables multistate licensing and multi state supervision; and (iv) “[f]acilitates the development of technology and data analytics necessary to supervise at scale with local accountability.” CSBS also notes that the law will benefit customers of companies that offer digital wallets, prepaid cards, money orders and cash or virtual currency transmissions by establishing a common regulatory floor and standardized and risk-based requirements. In addition to the law, CSBS released Money Transmitter Model Law FAQs and Fintech Industry Advisory Panel Recommendations.