Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On June 27, the Federal Reserve Board announced the final timeline and implementation details for the adoption of the International Organization for Standardization’s (ISO) 20022 message format for its Fedwire Funds Service—a real-time gross settlement system owned and operated by the Federal Reserve Banks that enables businesses and financial institutions to quickly and securely transfer funds. (See notice here.) The final details are “broadly similar” to the Fed’s proposal issued last October (covered by InfoBytes here). The Fed confirmed that ISO 20022 will be adopted on a single day as previously proposed instead of in three separate phases. Additionally, the Fed extended the implementation timeframe from a target date of November 2023 to March 10, 2025, based on comments received in response to the initial proposal. The Fed also provided information concerning its revised testing strategy and backout strategy, as well as other details concerning the implementation of the new message format.
On June 27, the OCC released its quarterly mortgage metrics report, which presents performance data for the first quarter of 2022 for loans that reporting banks own or service for others as a fee-based business. The first-lien mortgages included in the OCC’s quarterly report comprise 22 percent of all residential mortgage debt outstanding in the U.S., or approximately 12.2 million loans totaling $2.6 trillion in principal balances. The report, among other things, found that the performance of first-lien mortgages in the federal banking system improved during the first quarter of 2022. According to the report, 96.9 percent of mortgages were current and performing at the end of the quarter. The percentage of seriously delinquent mortgages was 1.8 percent in the first quarter of 2022, compared to 2.3 percent in the prior quarter. However, foreclosures increased compared to the prior quarter and a year earlier as pandemic-related accommodations wound down, with servicers initiating 19,524 new foreclosures in the first quarter of 2022.
On June 24, the FDIC released a list of 14 public enforcement actions taken against banks and individuals in May. These orders consist of “two consent orders, one modification of an 8(e) prohibition order, three orders to pay civil money penalty, three orders of prohibition, two section 19 orders, and one order of prohibition from further participation and order to pay, one order terminating amended supervisory prompt corrective action directive, and one order of termination of insurance.” Included is an order to pay a civil money penalty imposed against a Texas-based bank related to alleged violations of the Flood Disaster Protection Act. Among other things, the FDIC claimed that the bank failed “to obtain flood insurance or obtain an adequate amount of insurance coverage, at or before loan origination, for all structures in a flood zone, including multiple structures,” and failed “to force-place flood insurance, after loan origination, when the insurance on buildings securing the loan” was insufficient or nonexistent. The order assessed a $2,000 civil money penalty.
The FDIC also issued a consent order against a Utah-based bank based on alleged unsafe or unsound banking practices relating to the Bank Secrecy Act. The bank neither admitted nor denied the alleged violations but agreed to, among other things, “increase its oversight of the Bank's compliance with the BSA” and “conduct a comprehensive assessment of BSA/AML staffing needs.”
On June 27, the FTC and the Florida attorney general filed a complaint against a Florida-based grant funding company and its owner (collectively, “defendants”) alleging that the defendants violated the Consumer Protection Act, the FTC Act, and the Florida Deceptive Unfair Trade Practices Act. According to the complaint, the defendants deceptively marketed grant writing and consulting services to minority-owned small businesses by, among other things, (i) promising grant funding that did not exist and/or was never awarded; (ii) misleading customers about the status of grant awards; and (iii) failing to honor a “money-back guarantee” and suppressing customer complaints. The complaint also alleged that the owner relied on funds that she acquired through the federal Paycheck Protection Program Covid-19 stimulus program to start the company. The U.S. District Court for the Middle District of Florida issued a restraining order with asset freeze, appointment of a temporary receiver, and other equitable relief order against the defendants, which also prohibits them from engaging in grant funding business activities.
On June 24, Fannie Mae and Freddie Mac issued additional guidance related to a coding issue that impacted approximately 12 percent of credit scores earlier this year. As previously covered by InfoBytes, a consumer reporting agency informed lenders and industry members that it experienced a coding issue when it changed some of the technology to its legacy online model platform.
After making a determination that the underlying credit report data errors resulting from the coding issue “are not considered to be material erroneous credit data errors under Selling Guide B3-2-09,” Fannie Mae issued LL-2022-02 to provide requirements applicable specifically to impacted loans. Specifically, lenders are not required to obtain an updated credit report and re-underwrite the impacted loan “by resubmitting the loan to Desktop Underwriter® (DU® )” nor are they required to “re-assess the underwriting decision for non-DU loans, based solely on this issue.” An inaccurate credit score used at the time of underwriting will not render the loan ineligible for purchase, Fannie Mae stated, adding that a “repurchase request will not be issued based solely on this issue.” Guidance related to obtaining corrected credit scores and making data corrections, as well as information concerning loan-level price adjustments, post-closing quality control review, and representation and warranty relief is also provided in the lender letter.
Freddie Mac issued Bulletin 2022-14 to provide similar guidance to sellers about their credit reporting and data correction responsibilities, and stated that it will also “not issue a repurchase based solely on an inaccurate credit score used in the underwriting of a mortgage.”
The guidance is effective immediately.
On June 23, the OCC released its Semiannual Risk Perspective for Spring 2022, which reports on key risks threatening the safety and soundness of national banks, federal savings associations, and federal branches and agencies. The OCC reported that as “banks continue to navigate the operational- and market-related impacts of the pandemic along with substantial government stimulus, current geopolitics have tightened financial conditions and increased downside risk to economic growth.” However, the OCC noted that banks’ financial conditions remain strong and that banks are well-positioned to “deal with the economic headwinds arising from geopolitical events, higher interest rates and increased inflation.”
The OCC highlighted operational, compliance, interest rate, and credit risks as key risk themes in the report. Observations include: (i) operational risk, including evolving cyber risk, is elevated, with an observed increase in attacks on the financial services industry given current geopolitical tensions; (ii) compliance risk remains heightened as banks navigate the current operational environment, regulatory changes, and policy initiatives; and (iii) credit risk remains moderate, with banks facing certain areas of weakness and potential longer-term implications resulting from the Covid-19 pandemic, inflation, and direct and indirect effects of the war in Ukraine. Staffing challenges among banks also present risks, with challenges posed by “strong competition” in the labor market.
The report also discussed the importance of appropriate due diligence of new digital asset products and services. The OCC said that it “continues to engage on an interagency basis to analyze various crypto-asset use cases,” and is looking to “provide further clarity on legal permissibility, as well as safety and soundness and compliance considerations related to crypto-assets” in the banking industry.
The OCC further stated it “will continue to monitor the development of climate-related financial risk management frameworks at large banks,” and reported that “OCC large-bank examination teams will integrate the examination of climate-related financial risk into supervision strategies and continue to engage with bank management to better understand the challenges banks face in this effort, including identifying and collecting appropriate data and developing scenario analysis capabilities and techniques.”
On June 23, the FTC issued a notice of proposed rulemaking (NPRM) to ban “junk fees” and “bait-and-switch” advertising tactics related to the sale, financing, and leasing of motor vehicles by dealers. Specifically, the NPRM would prohibit dealers from making deceptive advertising claims to entice prospective car buyers. According to the FTC’s announcement, deceptive claims could “include the cost of a vehicle or the terms of financing, the cost of any add-on products or services, whether financing terms are for a lease, the availability of any discounts or rebates, the actual availability of the vehicles being advertised, and whether a financing deal has been finalized, among other areas.” The NPRM would also (i) prohibit dealers from charging junk fees for “fraudulent add-on products” and services that—according to the FTC—do not benefit the consumer; (ii) require clear, written, and informed consent (including the price of the car without any optional add-ons); and (iii) require dealers to provide full, upfront disclosure of costs and conditions, including the true “offering price” (the full price for a vehicle minus only taxes and government fees), as well as any optional add-on fees and key financing terms. Dealers would also be required to maintain records of advertisements and customer transactions. Comments on the NPRM are due 60 days after publication in the Federal Register.
The FTC noted that in the past 10 years, the Commission has brought more than 50 auto-related enforcement actions and helped lead two nationwide law enforcement sweeps including 181 state-level enforcement actions in this space. Despite these efforts, the FTC reported that automobile-related consumer complaints are among the top ten complaint types submitted to the Commission.
On June 23, the FHA announced FHA INFO 2022-64 to issue the following temporary partial waivers to its Home Equity Conversion Mortgage (HECM) policies for senior homeowners impacted by the Covid-19 pandemic who continue to experience significant financial difficulties. Specifically, the first temporary partial waiver concerns Mortgagee Letter 2015-11. The FHA notes that its waiver “allows mortgagees to offer repayment plans to HECM borrowers with unpaid property charges regardless of their total outstanding arrearage." The second waiver—concerning Mortgagee Letter 2016-07—“permits mortgagees to seek assignment of a HECM immediately after using their own funds to pay property taxes and insurance on or after March 1, 2020, by temporarily eliminating the three-year waiting period for such assignments.” Both waivers are effective through December 31.
On June 24, the FTC announced a final decision and order against two limited liability companies (respondents) accused of allegedly failing to secure consumers’ sensitive personal data and covering up a major breach. As previously covered by InfoBytes, the respondents—former and current owners of an online customized merchandise platform—allegedly violated the FTC Act by, among other things, misrepresenting that they implemented reasonable measures to protect customers’ personal information against unauthorized access and misrepresenting that appropriate steps were taken to secure consumer account information following security breaches. The complaint further alleged that respondents failed to apply readily available protections against well-known threats or adequately respond to security incidents, which resulted in the respondents’ network being breached multiple times. Under the terms of the final settlement, one of the respondents is required to pay $500,000 to victims of the data breaches. The other respondent is required to provide notice to consumers impacted by a 2019 data breach. Among other things, the order prohibits respondents from misrepresenting their privacy and security measures and requires that respondents implement comprehensive information security programs that are assessed by an independent third party.
On June 6, the CFPB updated its Civil Penalty Fund Frequently Asked Questions (FAQs). The FAQs, among other things: (i) present the Civil Penalty Fund Allocation Schedule; (ii) clarify basic definitions related to CFPB civil money penalties; (iii) clarify when the Bureau will begin to distribute funds; and (iv) explain redress and its difference from payments to victims from the Civil Penalty Fund.
- Jedd R. Bellman to discuss “The CFPB’s crackdown on collection junk fees and the growing anti-CFPB rhetoric” at an Accounts Recovery webinar
- Benjamin W. Hutten to discuss “Latest on AML regulations and impact of economic sanctions” at a Mortgage Bankers Association webinar
- Benjamin W. Hutten to discuss “Fundamentals of financial crime compliance” at the Practicing Law Institute
- Benjamin W. Hutten to discuss “Ongoing CDD: Operational considerations” at NAFCU’s Regulatory Compliance & BSA Seminar