Skip to main content
Menu Icon Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations


Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • OCC revises civil money penalty manual

    On November 29, the OCC announced revisions to its civil money penalty (CMP) manual. Specifically, the OCC revised the CMP matrix, which is a tool used to guide the OCC’s decision making in assessing CMPs. The revised CMP matrix, applicable to OCC-regulated institutions, allows for sufficient differentiation among varying levels of misconduct or by institution size, and includes updated mitigating factors to provide a stronger incentive for banks to fully address underlying deficiencies. The OCC also announced a revised Policies and Procedures Manual (PPM) for assessing CMPs. This version replaces the November 13, 2018, version conveyed by OCC Bulletin 2018-41, “OCC Enforcement Actions: OCC Enforcement Action Policies and Procedures Manuals.” Highlights of the PPM include, among other things; (i) revised mitigating factors of self-identification, remediation or corrective action, and restitution: (ii) increased scoring weight of mitigating factors; and (iii) a revised table titled “Suggested Action Based on Total Matrix Score and Total Assets of Bank.” The OCC further noted that the CMP matrix is not a substitute for sound supervisory judgment, and said the OCC may depart from the matrix suggestions when appropriate and when based on the specific facts and circumstances of each matter. The OCC will begin using the revisions on January 1, 2023.

    Bank Regulatory Federal Issues OCC Civil Money Penalties Enforcement

    Share page with AddThis
  • CSBS says FDIC board nominees lack state bank regulatory expertise

    Federal Issues

    On November 29, the Conference of State Bank Supervisors sent a letter to Senator Sherrod Brown (D-OH), Chairman of the Senate Banking Committee, and Rep. Pat Toomey (R-PA), Ranking Member of the House Financial Services Committee, to express their disappointment that none of the nominees to the FDIC Board of Directors have state bank supervisory experience. Last month, President Biden nominated Martin Gruenberg, who has been serving as acting chairman, to serve as chair and member of the board, and in September, Travis Hill and Jonathan McKernan were nominated to fill the board’s two vacant seats (covered by InfoBytes here and here). At the time of the announcement, CSBS President and CEO James M. Cooper issued a statement encouraging the U.S. Senate to ask nominees how they intend to work with state bank regulators. Cooper reiterated in his follow-up letter that the FDI Act requires that at least one board member have state bank supervisory experience, especially since having the Comptroller of the Currency seated on the board represents the interest of national banks. According to Cooper, fulfilling this statutory requirement “can only be met by a person who has worked in state government as a supervisor of state-chartered banks, and as the legislative history notes, [is] someone with ‘state bank regulatory expertise and sensitivity to the issues confronting the dual banking system.’” Cooper asked that the slate of nominees confirmed by the Senate includes at least one individual who fulfills this requirement.

    The following day, during the Senate Banking Committee’s nomination hearing, Republican senators questioned Gruenberg’s role in a dispute between Democratic board members and former Chairwoman Jelena McWilliams related to a joint request for information seeking public comment on revisions to the FDIC’s framework for vetting proposed bank mergers. McWilliams eventually announced her resignation at the end of last year (covered by InfoBytes here). Senator Pat Toomey (R-PA) called Gruenberg’s participation in the dispute “very disturbing,” and expressed concerns that his actions, along with some of his colleagues, “really undermines the [] FDIC and could have lasting implications.” Gruenberg countered that under the FDI Act, “the authority of the agency explicitly is vested in the board of directors, and the majority of the board has the authority to place items before the board.”

    Some Republican senators also raised concerns with Gruenberg’s past involvement in Operation Choke Point, with Senator Steve Daines (R-MT) requesting that Gruenberg commit to actively preventing FDIC employees from “criticizing, discouraging or prohibiting banks from lending or doing business with any industries or customers that are operating in accordance with the law.” Gruenberg agreed to do so, saying this has been the FDIC’s policy. The FDIC’s current approach to cryptocurrency was also addressed, while Senator Cynthia Lummis (R-WY) took issue with the fact that none of the board nominees fulfill the Biden administration’s push for diversity and inclusion.

    Federal Issues State Issues Senate Banking Committee CSBS FDIC Biden

    Share page with AddThis
  • FTC takes action against debt relief operation

    Federal Issues

    On November 30, the FTC announced an action against three individuals and their affiliated companies (collectively, “defendants”) for allegedly participating together in a credit card debt relief scheme since 2019. The FTC alleged in its complaint that the company violated the FTC Act and the Telemarketing Sales Rule (TSR) by using telemarketers to call consumers and pitch their deceptive scheme, falsely claiming to be affiliated with a particular credit card association, bank, or credit reporting agency and promising they could improve consumers’ credit scores after 12 to 18 months. The defendants also allegedly misrepresented that the upfront fee, which in some cases was as high as $18,000, was charged to consumers’ credit cards as part of the overall debt that would be eliminated, and therefore consumers would not actually have to pay this fee. The District Court for the Middle District of Tennessee granted the Commission’s request to temporarily shut down the scheme operated by the defendants and froze their assets. The complaint requests, among other things, a permanent injunction to prevent future violations of the FTC Act and the TSR by the defendants.

    Federal Issues Courts FTC Act Debt Collection Enforcement TSR Consumer Protection Credit Scores FTC Consumer Finance

    Share page with AddThis
  • Senators demand answers on collapsed cryptocurrency exchange; NYDFS seeks tougher crypto approach

    Federal Issues

    On November 16, Senator Elizabeth Warren (MA-D) and Senator Richard Durbin (IL-D) sent a letter to the ex-CEO and his successor of a cryptocurrency exchange that filed for bankruptcy. In the letter, the senators requested a series of files from the cryptocurrency exchange, including copies of internal policies and procedures regarding the relationship between the firm and its affiliated crypto hedge fund. The senators stated that the cryptocurrency exchange’s customers and Americans “fear that they will never get back the assets they trusted to [the cryptocurrency exchange] and its subsidiaries.” Additionally, the senators argued that “the apparent lack of due diligence by venture capital and other big investment funds eager to get rich off crypto, and the risk of broader contagion across the crypto market that could multiply retail investors’ losses, ‘call into question the promise of the industry.’” The senators emphasized that “the public is owed a complete and transparent accounting of the business practices and financial activities leading up to and following the cryptocurrency lending firm's collapse and the loss of billions of dollars of customer funds.” Among other things, the senators asked the cryptocurrency exchange to provide requested information by November 28, including: (i) complete copies of all the firm’s and its subsidiaries’ balance sheets, from 2019 to the present; (ii) an explanation of how “a poor internal labeling of bank-related accounts” resulted in the firm’s liquidity crisis; (iii) a list of all the firm’s transfers to its affiliated crypto hedge fund; (iv) copies of all written policies and procedures regarding the relationship between the firm and its affiliated crypto hedge fund; and (v) an explanation of the $1.7 billion in the firm’s customer funds that were allegedly reported missing.

    The same day, NYDFS Superintendent Adrienne Harris participated in a “fireside chat” before the Brooking Institute’s event, Digital asset regulation: The state perspective - Effective regulatory design and implementation for virtual currency. During the chat, Harris expressed her support for a national framework similar to what New York has because she believes that “it is proving itself to be a very robust and sustainable regime.” Harris also discussed NYDFS priorities regarding digital assets for the future, stating that crypto companies can expect more guidance on a number of key regulatory issues. Specifically, Harris disclosed that NYDFS will “have more to say on capitalization,” and “on consumer protection, disclosures, advertising … [and] complaints, making sure these companies have an easy way for consumers to complain.” She also warned that NYDFS will “bolster and broaden” its authority, adding that there is “lots of work for us to do to make clear the expectations that we have already, and to make sure that the things we have on the books equip us well to keep up with this marketplace.”

    Senators Warren and Sheldon Whitehouse (D-RI) also sent a letter to the DOJ asking that the former CEO and any complicit company executives be held personally accountability for wrongdoing following the cryptocurrency exchange’s collapse. 

    On December 13, the House Financial Services Committee will hold a hearing to discuss the cryptocurrency exchange’s collapse and the possible implications for other digital asset companies.

    Federal Issues Digital Assets State Issues Fintech Cryptocurrency NYDFS Bank Regulatory U.S. Senate DOJ House Financial Services Committee

    Share page with AddThis
  • FDIC releases October enforcement actions

    On November 25, the FDIC released a list of administrative enforcement actions taken against banks and individuals in October. During the month, the FDIC made public ten orders consisting of “one consent order; one amended and restated consent order; one personal cease and desist order; three orders to pay civil money penalties; two Section 19 orders; and two orders terminating consent orders.” Among the orders is an order to pay a civil money penalty imposed against a Mississippi-based bank related to 128 alleged violations of the Flood Disaster Protection Act. Among other things, the FDIC claimed that the bank failed to obtain the required flood insurance or obtain an adequate amount of insurance coverage, at or before loan origination, for all structures in a flood zone. The order requires the payment of a $320,500 civil money penalty.

    The FDIC also issued a consent order to a New York-based bank, which alleged that the bank had unsafe or unsound banking practices relating to weaknesses in the Bank’s Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) Program. The bank neither admitted nor denied the alleged violations but agreed to, among other things, increase its supervision, direction, and oversight of AML/CFT personnel and its AML/CFT program.

    Bank Regulatory Federal Issues Financial Crimes FDIC Enforcement Flood Disaster Protection Act Mortgages Anti-Money Laundering Combating the Financing of Terrorism Bank Secrecy Act

    Share page with AddThis
  • OCC releases enforcement actions

    On November 17, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. Included is a cease and desist order against a New York-based bank for allegedly engaging in unsafe or unsound banking practices related to its board and management oversight and funds management practices, and for violating the bank’s October 2018 Formal Agreement with the OCC. According to the OCC, the bank’s board and management failed to address certain regulatory concerns outlined in the 2018 Formal Agreement. Among other things, the OCC asserted that the bank engaged “in unsafe or unsound practices, including those related to strategic planning and implementation, management and board oversight, audit, risk management, and mortgage banking activities.” The order requires the bank to, among other things, establish a compliance committee, develop a written strategic plan, and establish capital in accordance with 12 C.F.R. Part 3: (a) a total capital ratio at least equal to thirteen percent; and (b) a leverage ratio greater than nine percent.

    Bank Regulatory Federal Issues OCC Enforcement

    Share page with AddThis
  • CFPB sets 2023 FCRA asset threshold

    Federal Issues

    On November 22, the CFPB announced the annual adjustment to the maximum amount that consumer reporting agencies are permitted to charge consumers for making a file disclosure to a consumer under the FCRA. According to the rule, the ceiling on allowable charges under Section 612(f) of the FCRA will increase to $14.50, which is a $1.00 increase from the ceiling on allowable charges for 2022. The rule is effective January 1, 2023.

    Federal Issues Agency Rule-Making & Guidance CFPB FCRA Consumer Finance Consumer Reporting Agency

    Share page with AddThis
  • OCC, SEC comment on digital assets

    Federal Issues

    On November 17, acting Comptroller of the Currency Michael J. Hsu delivered remarks at the Financial Literacy and Education Commission’s public meeting, where he commended the “quiet trustworthiness of banks” amid the recent volatility in the cryptocurrency market. Hsu pointed to the OCC’s “careful and cautious” approach to crypto activities by national banks, and noted that this approach “helped mitigate the risk of contagion from crypto to the banking system.” Reforms stemming from the 2008 financial crisis have strengthened the banking system, Hsu added, which has made it “more resilient, more fair, and more trustworthy” and has “proven valuable with the rapid rise and fall of crypto this past year.”

    Earlier in the week, SEC Commissioner Jaime Lizárraga spoke before the Brooklyn Law School where he issued a reminder that it does not fall on the SEC to provide legal advice or analysis to digital asset market participants, but rather the responsibility lays with the issuer or the intermediary and their attorneys “to determine whether their products, business practices, or assets require compliance with the federal securities laws.” Lizárraga refuted arguments that the SEC engages in “regulation by enforcement,” stating that the “laws are well-established, and the cases brought to date have clear applications, as has been apparent in court rulings on these issues.” He also challenged assertions that the SEC has not provided guidance to the industry on whether digital assets qualify as securities. “The reality is that there’s an abundance of guidance, from the DAO Report, to the SEC FinHub Framework for ‘Investment Contract’ Analysis of Digital Assets, and multiple no-action letters issued by the staff of the Division of Corporation Finance,” Lizárraga said, explaining that it is not so much “a lack of guidance but more that the existing guidance may not be what many market participants want to hear.” He warned anyone considering purchasing or investing in digital assets to be as informed as possible about potential risks. 

    Federal Issues Digital Assets Bank Regulatory SEC OCC Cryptocurrency

    Share page with AddThis
  • Senators urge FTC to investigate social media company’s privacy compliance

    Federal Issues

    On November 17, seven Democratic senators sent a letter to FTC Chair Lina Khan requesting that the Commission investigate whether recent changes made to a global social media company will impact the company’s compliance with privacy and security regulations. The senators also encouraged Khan to investigate any breach of the company’s 2011 consent order, which prohibits misrepresentation and requires the company to maintain a comprehensive information security program. The FTC was already alerted to allegations made by a former security employee concerning the company’s supposedly inadequate security practices even prior to the company’s recent acquisition, the senators said, adding that the company also previously agreed to pay a $150 million penalty to the FTC and DOJ to settle allegations that it violated the FTC Act and the 2011 consent order related to misleading claims about its privacy and security practices. (Covered by InfoBytes here.) The senators urged the FTC “to vigorously oversee its consent decree with [the company] and to bring enforcement actions against any breaches or business practices that are unfair or deceptive, including bringing civil penalties and imposing liability on individual [company] executives where appropriate.”

    Separately, Senator Charles E. Grassley (R-IA) sent a letter to the company’s CEO expressing concerns with its security practices. Citing an unanswered request for information sent to the former head of security related to alleged security failures, Grassley asked the current CEO to perform a threat assessment of the company’s security protocol to ensure user data and privacy is protected and requested that findings be submitted to the Senate Judiciary Committee.

    Federal Issues Privacy, Cyber Risk & Data Security FTC U.S. Senate

    Share page with AddThis
  • DOJ, FTC, Wisconsin AG sue timeshare scammers

    Federal Issues

    On November 22, the DOJ, FTC, and the Wisconsin attorney general announced a civil enforcement action against 16 defendants for allegedly using deceptive sales practices to sell timeshare “exit services” to consumers, mostly involving senior citizens. The complaint, which was filed in the U.S. District Court for the Eastern District of Missouri, alleged that the defendants failed to assist consumers in exiting their timeshare contracts while collecting large fees for the incomplete service. The complaint also alleged that the defendants deceived consumers into registering for timeshare exit services by, among other things, falsely claiming that consumers could not exit timeshare contracts on their own, and that the defendants were affiliated with legitimate companies. The complaint further alleged that the defendants failed to notify consumers of their rights under federal and state law to cancel their contracts with defendants within three business days. The complaint noted that the defendants allegedly deceived consumers into paying over $90 million to the defendant companies for services that were not delivered. The complaint also stated that the defendants’ actions violated the FTC Act, the FTC’s rule concerning the cooling-off period for sales made at home or other locations, and certain Wisconsin state laws concerning fraudulent misrepresentations and direct marketing. The complaint seeks monetary relief, civil penalties, and injunctive relief. According to the DOJ, the defendants’ timeshare exit services are also the subject of lawsuits filed by the Alaska and Missouri attorneys general in June 2022.

    Federal Issues Courts DOJ FTC State Attorney General State Issues Wisconsin Deceptive Enforcement FTC Act

    Share page with AddThis