Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On October 20, the CFPB released a new report titled “Project Catalyst report: Promoting consumer-friendly innovation-Innovation Insights.” The report provides an overview of Project Catalyst’s work to promote “consumer-friendly innovation and entrepreneurship,” and outlines the importance of ensuring that consumer protections are built into emerging products and services from the outset. The CFPB released the report in conjunction with remarks given by Director Cordray at Money 20/20, an industry conference focused on payments and financial services innovation.
The report emphasizes the CFPB’s “very sensitive” approach to new technologies, such as its “active role in the push for faster payments systems,” as well as its more general efforts “to identify innovative trends in the marketplace to inform our work.” Throughout the report, the CFPB highlights its efforts to establish “effective communication channels” with “innovators,” including the agency’s pilot program with a credit card company to evaluate the effectiveness of certain practices to encourage prepaid card users to develop regular saving behavior. In its last section, the report discusses various “marketplace developments that may hold the potential for consumer benefits.”
The report similarly summarizes ongoing efforts to coordinate with state, federal, and international regulators, cautioning that the agency “will take action as necessary to protect consumers from innovations that may be unfair, deceptive, abusive, or discriminatory.” In addressing industry members, both the report and Director Cordray at Money 20/20 discuss the CFPB’s authority to provide greater latitude for companies to test alternatives to standard disclosures over time – using as an example, the CFPB’s trial disclosure waiver policy and its no-action letter policy through which the Bureau “can reduce regulatory uncertainty for consumer-friendly innovations.” The report and Director Cordray call for industry participants to propose alternative means of disclosure to consumers.
On October 25, CFPB Director Richard Cordray delivered remarks to the Mortgage Bankers Association (MBA). Cordray highlighted the CFPB's role in helping the housing economy to recover, including regulatory actions from 2014 to the present. Director Cordray also advised industry participants that they should expect more regulation and oversight over the coming year, explaining that the cost of compliance, though burdensome, was "inevitable" in light of the "far-reaching" effects of the financial crisis that Congress was trying to fix.
Director Cordray revealed three priority areas for enforcement and supervision in the next year: (i) consumer complaints, explaining that the CFPB will now require underperforming servicers to document the technology and process changes used to implement the agency’s recently released servicing regulations, because, among other reasons, the Bureau considers monitoring and addressing the process through which complaints are handled part of "a basic component" of any compliance effort; (ii) redlining, noting that the Bureau has identified “redlining” as a target for its supervisory work in the coming year, and has teamed up with the DOJ to bring “major enforcement actions” against institutions found to be discriminatory in their lending practices; (iii) RESPA violations, announcing that the CFPB will continue to adhere to its 2015 bulletin regarding marketing servicing agreements despite the recent PHH ruling. He further noted that the PHH case "is not final at this point" and that the Bureau "respectfully disagrees" with the finding.
A Brazilian aircraft manufacturer, will pay more than $205 million to the SEC and the DOJ to resolve alleged FCPA violations stemming from payments made through its third-party agents to officials in the Dominican Republic, Saudi Arabia, and Mozambique that allegedly resulted in more than $83 million in profits for the company. Pursuant to a Deferred Prosecution Agreement with DOJ, the Brazilian company must pay a penalty of more than $107 million and must retain an independent corporate compliance monitor for three years. The company will also pay more than $98 million in disgorgement and interest to the SEC, but it may receive a credit of up to a $20 million depending on the amount of disgorgement it pays in a parallel civil proceeding in Brazil. Additional FCPA Scorecard coverage of the company's investigation can be found here, here, and here.
A Swedish telecommunications company disclosed in its Third Quarter Interim Report that it has set aside $1.45 billion to settle investigations conducted by Dutch and U.S. authorities regarding alleged bribery in Uzbekistan. The company disclosed that the authorities have proposed a global resolution that includes a financial sanction of $1.45 billion, although the company noted that further discussion and negotiation is necessary; the timing and amount of payment is uncertain at this time.
On October 26, the OCC announced plans to establish an Office of Innovation (Office) with staff located in Washington, New York, and San Francisco. The OCC simultaneously published a paper titled “Recommendations and Decisions for Implementing a Responsible Innovation Framework,” which provides an overview of the financial services landscape and the OCC’s innovation initiatives. With the expectation to begin operations in first quarter 2017, the new Office will implement certain aspects of the OCC’s responsible innovation framework, including: (i) creating an outreach and technical assistance program; (ii) conducting awareness and training activities for OCC staff, such as implementing an “internal web page that provides OCC staff a ‘one-stop-shop’ to access information on industry trends and innovative products, services, and processes”; (iii) encouraging coordination and facilitation among the regulatory community and industry stakeholders; (iv) conducting industry innovation research; and (v) promoting coordination with other agencies, particularly those with overlapping jurisdictions. Beth Knickerbocker will head the Office as acting Chief Innovation Officer.
The OCC noted that its “assessment of granting a special purpose national bank charter to nonbank financial technology companies, and under what conditions, continues.” Later in 2016, the OCC plans to publish a paper to address issues related to a potential special purpose charter.
On October 25, FinCEN issued advisory bulletin FIN-2016-A005 reminding financial institutions of their Bank Secrecy Act (BSA) obligations to report certain cyber-events and cyber-enabled crime. The advisory highlights the importance of (i) reporting cyber-events and cyber-enabled crime through Suspicious Activity Reports (SARs); (ii) including cyber-related information such as IP addresses with timestamps, virtual-wallet information, device identifiers, and cyber-event information, in SAR reporting; (iii) collaborating with BSA/AML, cybersecurity, and other in-house units to facilitate “a more comprehensive threat assessment and develop appropriate risk management strategies to identify, report, and mitigate cyber-events and cyber-enabled crime”; and (iv) sharing cyber-related information – including specific malware signatures, IP addresses and device identifiers, and virtual currency addresses that seem anonymous – amongst financial institutions for the “purpose of identifying and, where appropriate, reporting money laundering or terrorist activities.” Importantly, the advisory distinguishes between mandatory SAR reporting of cyber-events, providing three specific examples, and voluntary reporting of cyber-events. Per the advisory, “[c]yber-events targeting financial institutions that could affect a transaction or series of transactions would be reportable as suspicious transactions because they are unauthorized, relevant to a possible violation of law or regulation, and regularly involve efforts to acquire funds through illegal activities.”
FinCEN simultaneously issued FAQs to supplement advisory bulletin FIN-2016-A005. The FAQs, which supersede 2001 FAQs regarding computer intrusion, provide answers to a set of nine questions. The FAQs address, among other things, (i) when cyber-related SAR reports should be filed; (ii) the type of information that should be included in cyber-related SARs; and (iii) cyber-event and cyber-enabled crime information sharing, pursuant to Section 314(b) of the USA PATRIOT Act, between financial institutions.
On October 26, the FHA released Mortgagee Letter 2016-15 announcing its decision to lower the owner-occupancy requirement on condominiums to as low as 35 percent. The letter follows a September announcement in which the FHA stated that, pursuant to the Housing Opportunity through Modernization Act of 2016, or H.R. 3700, it was required to “issue guidance regarding the percentage of units within an approved condominium development that must be owner occupied.” The guidance outlined in Mortgagee Letter 2016-15 is “effective immediately for all condominium project approval applications, recertification applications, annexation applications or reconsideration applications submitted for review.”
On October 27, the FCC adopted privacy rules regulating consumers’ use of broadband internet services. As previously covered in InfoBytes, the FCC issued revised proposed privacy rules for broadband internet service providers (ISPs) in early October to provide consumers with “increased choice, transparency and security online.” Like the proposed rules, the adopted rules (i) require ISPs to obtain confirmative consent to use and share sensitive information; and (ii) permit ISPs to share non-sensitive information unless a customer opts-out.
Because the scope of the rules is limited to broadband service providers and other telecommunication carriers, the FTC maintains its authority over the privacy practices of websites and other “edge services.” In support of the newly adopted FCC rules, FTC Chairwoman commented that “[t]he rules will provide robust privacy protections, including protecting sensitive information such as consumers’ social security numbers, precise geolocation data, and content of communications, and requiring reasonable data security practices.”
On October 17, the CFPB Student Loan Ombudsman (Ombudsman) released a report on student loan complaints related to debt collection and servicing issues submitted to the CFPB between September 1, 2015 and August 31, 2016. During the period covered in the report, the CFPB received approximately 5,500 private student loan - and 2,300 debt collection - related complaints. Following an August 18 CFPB report that focused primarily on student loan complaints regarding income-driven repayment (IDR) plans, the Ombudsman’s recently issued report emphasizes alleged breakdowns in the “rehabilitation” process: “The majority of borrowers who cure a default and seek to enroll in IDR do so by first rehabilitating their defaulted debt. However, these borrowers describe a range of communication, paperwork processing, and customer service breakdowns at every stage of the default-to-IDR transition.” According to the report, borrowers attempting to enroll in IDR plans face issues such as: (i) delays, do-overs, and dead ends when working with debt collectors to establish and verify income-driven rehabilitation payment amounts; (ii) communication gaps between debt collectors and servicers when transferring a borrower out of default and into an IDR plan; and (iii) servicers failing to “proactively take the steps necessary to help them understand how to access IDR and quickly enroll,” in some cases leading to subsequent delinquency and re-default. The report recommends that policy makers and industry stakeholders reform the default-to-IDR transition process by, among other things, (i) streamlining and simplifying its structure; (ii) improving borrower communication; and (iii) reevaluating the economic incentives currently in place for debt collectors and student servicers to encourage long-term borrower success, rather than focusing on short-term borrower outcomes.
On October 20, the FDIC released a report on the use of the traditional banking system in the United States. According to the FDIC’s executive summary of the report, the percentage of U.S. households in which no one had a checking or savings account (the “unbanked”) dropped to 7.0 in 2015. This is the lowest unbanked percentage since 2009, the year the FDIC began conducting an annual survey of unbanked and underbanked households. The FDIC cited several reasons why some households remain unbanked, the most common of which was the cost of maintaining an account, with an estimated 57.4% of respondents citing it as a factor in their decision not to maintain an account, and 37.8% of respondents citing it as the main reason underlying their decision not to maintain an account. Consistent with past survey results, the report notes that unbanked and underbanked rates are higher among lower-income households, less-educated households, younger households, minority households, and working-age disabled households. Additional findings highlighted in the report include: (i) a 1.9% increase from 2013-2015 in the use of prepaid cards; (ii) rapid growth (31.9% of users in 2015 compared to 23.2% in 2013) in the use of mobile and online banking, reflecting “promising opportunities to use the mobile platform to increase economic inclusion”; and (iii) an opportunity for banks to meet the credit needs of some households with an “unmet demand” for credit by “promoting the importance of building credit history, incorporating nontraditional data into underwriting, and increasing households’ awareness of personal credit products.”
- Buckley Webcast: CRA modernization — All eyes turn to the Fed
- Daniel R. Alonso to discuss "How to become an AUSA" at the New York City Bar Association Minorities in the Courts Committee “How To” series
- Michelle L. Rogers and Kathryn L. Ryan to discuss “Fintech U.S. expansion” at the Tech Nation 3.0 cohort meeting
- Melissa Klimkiewicz to discuss "Flood insurance basics" at the NAFCU Virtual Regulatory Compliance School