Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On October 4, the CFPB announced a consent order against a nonbank remittance provider for allegedly failing to accurately disclose prepayment information such as money transfer fees, current exchange rates, and when the funds would be available. According to a Bureau investigation following a 2020 examination, the nonbank remittance provider, among other things, failed to (i) disclose proper, specified terms within its disclosures; (ii) provide disclosures in English and other required foreign languages; (iii) refund fees after senders submitted proper error resolution requests; (iv) obtain consumer consent before providing receipts in electronic form on its mobile application and website platforms; (v) implement and maintain error resolution policies and procedures or retain evidence showing compliance with error resolution requirements; and (vi) include proper waiver of consumer rights under the EFTA in disclosures sent to consumers. The Bureau alleges these practices violated the Consumer Financial Protection Act, EFTA, and Subpart B of implementing Regulation E, commonly known as the Remittance Transfer Rule. Under the terms of the consent order, the nonbank remittance provider is required to pay a $950,000 civil money penalty and must implement several measures to improve its policies and procedures to ensure compliance with the Remittance Transfer Rule and EFTA, including developing and maintaining an error resolution process and record retention system, maintaining a compliance management system, conducting trainings, and developing audit and monitoring functions to uncover deficiencies.
Recently, the Biden administration’s Office of Science and Technology Policy released a Blueprint for an AI Bill of Rights. The blueprint’s proposed framework identifies five principles for guiding the design, use, and deployment of automated systems to protect the public as the use of artificial intelligence grows. The principles center around topics related to stronger safety measures, such as (i) ensuring systems are safe and effective; (ii) implementing proactive protections against algorithmic discrimination; (iii) incorporating built-in privacy protections, including providing the public control over how data is used and ensuring that the data collection meets reasonable expectations and is necessary for the specific context in which it is being collected; (iv) providing notice and explanation as to how an automated system is being used, as well as the resulting outcomes; and (v) ensuring the public is able to opt out from automated systems in favor of a human alternative and has access to a person who can quickly help remedy problems. According to the announcement, the proposed framework’s principles should be incorporated into policies governing systems with “the potential to meaningfully impact” an individual or community’s rights or access to resources and services related to education, housing, credit, employment, health care, government benefits, and financial services, among others.
On October 4, FHA announced a request for information (RFI) seeking input on ways to facilitate greater origination of small balance mortgages for FHA insurance. FHA will use feedback received in response to the RFI to help identify barriers to the origination of small mortgages in its program. The agency will also consider the development of policies and programs to better support and expand affordable homeownership opportunities in underserved markets with lower housing prices and to close the racial homeownership gap. According to the announcement, the RFI seeks input on topics related to “the current availability of small mortgage financing, barriers and disincentives to small mortgage lending transactions, changes to policies or processes that would encourage origination of more FHA-insured small balance mortgages, and considerations regarding liquidity provided through securitization.” Comments on the RFI are due December 5.
In conjunction with the RFI, HUD released a report assessing factors that limit the supply of small mortgage loans and highlighting challenges facing borrowers who need loans to purchase lower-priced homes. The report, titled Financing Lower-Priced Homes: Small Mortgage Loans, found that mortgage loans having an original principal obligation of $70,000 or less represent less than 3.5 percent of originations in 2020. Many of these loans secure properties valued at more than $70,000—an indication that the purchases included substantial down payments, HUD said. Among other things, the report also found that FHA disproportionately insures loans for lower-priced homes compared to the rest of the mortgage market and has loan insurance programs for financing property improvements and manufactured homes that are particularly targeted to lower loan amounts. Additionally, the report flagged the fixed costs of loan origination and servicing as a significant barrier to small mortgage lending, noting that this makes small mortgage loans less profitable and may necessitate additional incentives for lenders, such as reducing costs or providing additional lender or loan originator compensation.
On September 29, the Federal Reserve Board announced that six of the nation’s largest banks will participate in a pilot climate scenario analysis exercise intended to enhance the ability of supervisors and firms to measure and manage climate-related financial risks. The Fed noted that the scenario analysis, in which the resilience of banks is assessed under different hypothetical climate scenarios, is an emerging tool for assessing climate-related financial risks. The Fed further noted that the process is exploratory in nature and that “there will be no capital or supervisory implications from the pilot.” Over the course of the exercise, the participating banks will analyze the impacts of hypothetical climate scenarios on specific portfolios and business strategies. The climate analysis will be separate and distinct from bank stress tests, which are designed to assess whether large banks have enough capital to continue lending to households and businesses during a severe recession. The Fed noted that the climate scenario analysis "can assist firms and supervisors in understanding how climate-related financial risks may manifest and differ from historical experience.”
On September 29, Senator Edward J. Markey (D-MA), along with three other Congressional Democrats, sent a letter to FTC Chair Lina Khan requesting that the Commission update its regulations under the Children’s Online Privacy Protection Act (COPPA). The Senators encouraged the FTC to use its regulatory authority to update COPPA to implement additional protections addressing online threats to children as their use of technology increases. They laid out several areas for the FTC’s consideration, including (i) “expanding the definition of ‘personal information’ covered under COPPA”; (ii) “implementing rules to effectuate COPPA’s prohibition on conditioning a child’s participation in an online activity on the child sharing more data than is reasonably necessary”; (iii) “implementing rules to effectuate COPPA’s requirement that platforms protect the confidentiality, security, and integrity of children’s data”; (iv) “ensuring that COPPA’s requirements protect children on the platforms they actually use by updating COPPA’s regulations defining platforms that are directed to children and updating regulations defining platforms that have actual knowledge they are collecting data from children”; (v) “implementing regulatory protections that reflect the increased use of online platforms for educational purposes”; and “(vi) implementing regulatory protections that reflect changes in online advertising practices.”
The Senators also applauded the FTC’s recently issued advanced notice of proposed rulemaking requesting feedback on questions related to a wide range of concerns about commercial surveillance practices (covered by InfoBytes here), including those involving children and teens, and advised the Commission to closely review and consider expert responses when crafting its rules aimed at the protection of children’s privacy.
On October 3, the Federal Reserve Board adopted a final rule amending Regulation II, which implements Section 920 of the EFTA, to require that each debit card transaction, including “card-not-present” transactions, must be able to be processed on at least two unaffiliated payment card networks. The final rule, which is substantially similar to the Fed’s notice of proposed rulemaking issued in May 2021 (covered by InfoBytes here), also clarified that the debit card issuer is responsible for ensuring at least two unaffiliated networks have been enabled to process a debit card transaction, and standardizes and clarifies the use of certain terminology in the Fed’s Official Board Commentary on Regulation II. The Fed noted that when the rule was initially issued in 2011, the market had not yet developed solutions to broadly support multiple networks for card-not-present debit card transactions. Claiming technology has since evolved to address these challenges, the Fed said the final rule includes changes to make it easier for debit card issuers to determine whether they are in compliance and encourages competition between networks. The Fed noted, however, that the final rule does not modify interchange fee requirements. The agency said it will continue to review these requirements in light of recently collected debit card industry cost data, and may propose to modify these requirements in the future. The final rule is effective July 1, 2023.
Federal Reserve Governor Michelle W. Bowman voted against adopting the final rule. “During the public comment process, community banks raised substantial concerns with the proposal,” she said. “Although the Board has attempted to identify the likely effects of the proposed rule based on available information, I believe that significant questions remain about how the rule will affect banks, and particularly community banks, with respect to both fraud and the cost of compliance. Given this continued uncertainty, I do not support the final rule.”
On September 30, the FDIC and Federal Reserve Board jointly announced that resolution plan guidance for Category II and Category III banking organizations is forthcoming. Large banks that fall withing these categories are generally those with more than $250 billion in total assets but that are not global systemically important banks (G-SIBs). “Larger and more complex banks are already subject to guidance from the agencies,” the agencies said, explaining that Category II and III banks have not received resolution plan guidance yet. These plans—commonly known as “living wills”—outline a bank’s strategy for rapid and orderly resolution under bankruptcy in the event of financial distress or failure. An opportunity for public comment on the guidance will be provided before it is finalized.
On October 3, the Financial Stability Oversight Council (FSOC) released its Report on Digital Asset Financial Stability Risks and Regulation. As called for by Executive Order 14067, “Ensuring Responsible Development of Digital Assets” (covered by InfoBytes here), the report reviewed financial stability risks and regulatory gaps posed by various types of digital assets and provided recommendations to address such risks. Among other things, the report noted three gaps in the existing cryptocurrency regulatory framework: (i) limited direct federal oversight of the spot market for crypto-assets that are not securities; (ii) opportunities for regulatory arbitrage; and (iii) whether vertically integrated market structures can or should be accommodated under existing laws and regulations. The report stated that FSOC recommended that Congress pass legislation that would create “a comprehensive prudential framework for stablecoin issuers that also addresses the associated market integrity, investor and consumer protection and payments system risks, including for entities that perform services critical to the functioning of the stablecoin arrangement.” FSOC further recommended that the member agencies should follow several guiding principles, including “same activity, same risk, same regulatory outcome,” and “technology neutrality.” The report also requested that agencies consider whether “vertical integration” or other business models where retail customers can directly access markets instead of going through a broker-dealer “can or should be accommodated.” The report noted that if banks “scale up their participation in the crypto-asset ecosystem, such activity could potentially entail much greater access to the crypto-asset market by a broad range of institutional investors, corporations, and retail customers than currently exists.” The U.S. Treasury Department released a Fact Sheet summarizing the report’s key findings and recommendations.
Treasury Secretary Janet Yellen noted in a statement that the “report adds to analysis of digital asset issues that have been covered in other recent reports, including on the future of money and payments; consumers and investor protection; illicit finance; and a framework for international engagement.” Acting Comptroller of the Currency Michael J. Hsu released a statement supporting the report, emphasizing that “it is critical for the Council and Congress to prioritize Recommendation 4 regarding interagency coordination, Recommendation 5 regarding a federal prudential framework for stablecoin issuers, and Recommendation 6 regarding regulatory visibility and authorities over all of the activities of crypto-asset entities.” SEC Chair Gary Gensler also expressed his support in a statement, noting that he looks “forward to working with Congress to achieve our public policy goals, consistent with maintaining the regulation of crypto security tokens and related intermediaries at the SEC.” Texas Banking Commissioner and FSOC state banking representative Charles G. Cooper released a statement of support through the Conference of State Bank Supervisors saying that the report should “inform the work that we do as individual agencies and on an interagency basis to balance responsible innovation with safeguarding our financial markets and consumers.”CFPB Director Rohit Chopra released a statement, noting that “agencies have already taken steps to address discrete issues related to deposit insurance misrepresentation and to lay groundwork to address concerns related to fraud, hacks, and scams,” and emphasized the need “to tackle broader risks to the financial system.”
On September 30, the FDIC released a list of administrative enforcement actions taken against banks and individuals in August. During the month, the FDIC made public seven orders consisting of “one consent order, one order terminating consent order, two orders of prohibition from further participation and three orders granting permission to file application and approving application for consent to participate in the conduct of the affairs of any insured depository institution.” Among the orders is a consent order imposed against a Mississippi-based bank by the FDIC and the Mississippi Department of Banking and Consumer Finance, which alleged that the bank engaged in unsafe or unsound banking practices or violations of law relating to the Bank Secrecy Act (BSA). While the bank consented to the action, it did so without admitting or denying any charges. Under the consent order, the bank must, among other things: (i) develop, adopt, and implement a written customer due diligence program; (ii) develop and establish a system of internal controls; and (iii) establish and maintain an independent testing program for compliance with the BSA and its implementing rules and regulations. The bank must also “conduct a lookback review all transactions of $3M or more starting with July 1, 2020, through February 28, 2022, to ensure all suspicious activity is identified, investigated and/or a SAR filed or a documented decision not to file is completed.”
On September 28, the CFPB updated the education loan examination procedures in its Supervision and Examination Manual. According to the Bureau, the update to the education loan servicing examination procedures clarifies that when determining its authority to supervise a private student lender, the Bureau “look[s] only to the definition of private education loan in the Truth in Lending Act and not also to Regulation Z.” The Bureau noted that depending on the scope of an examination, “and in conjunction with the compliance management system and consumer complaint response review procedures,” an examination will cover at least one of the following modules: (i) advertising, marketing, and lead generation; (ii) customer application, qualification, loan origination, and disbursement; (iii) student loan servicing; (vi) borrower inquiries and complaints; (v) collections, accounts in default, and credit reporting; (vi) information sharing and privacy; and (vii) examination conclusion and wrap-up.
- Jedd R. Bellman to provide an “Attorney exemption/medical debt update” at the North American Collection Agency Regulatory Association annual conference
- Kathryn L. Ryan to discuss “What should crypto regulation look like: Legislation, regulation and consumer issues” at WCL's First Annual Virtual Currency Law Institute
- Elizabeth E. McGinn to discuss “How to mitigate and manage third-party risks: Leveraging tools and best practices” at The Knowledge Group’s webcast
- Elizabeth E. McGinn, Benjamin W. Hutten, and James C. Chou to discuss “The evolving regulatory landscape: Third-party and cyber risk management” at the 2022 mWISE Conference
- Jeffrey P. Naimon to discuss “Truth in lending” at ABA’s Consumer Financial Services Basics 2022 virtual conference
- Sherry-Maria Safchuk to discuss “For your eyes only: Privacy updates for 2022-2023” at CCFL’s Annual Consumer Financial Services Conference
- James T. Parkinson to present a “Global anti-corruption update” at IBA’s annual conference