Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On January 29, Fannie Mae issued a new fraud alert to mortgage lenders warning them of 15 new potentially fictitious employers that have recently been appearing on mortgage applications. As previously covered in InfoBytes, Fannie Mae’s mortgage fraud program has issued several prior alert bulletins to the mortgage industry regarding active and potentially fraudulent schemes, all of which have identified fake employers in California. This new alert adds 15 additional California companies to that list, which now includes 65 potentially fake companies. The GSE alert offers “red flags” for lenders to be aware of when processing loan applications, including high starting salaries and paystubs that lack common withholdings for such things as health insurance and 401(k). Additionally, the alert bulletin suggests that lenders verify the existence of employers listed on borrower applications, and practice careful due diligence in the entire application process.
On January 29, OCC Comptroller Joseph Otting testified at a hearing held by the House Financial Services Committee to discuss the OCC’s Community Reinvestment Act (CRA) modernization proposal. (See Buckley Special Alert covering the joint notice of proposed rulemaking issued last December by the OCC and FDIC.) Committee Chairwoman Maxine Waters (D-CA) expressed concerns with the NPR, arguing that the proposal “runs contrary to the purpose of the CRA and would lead to widespread bank disinvestment from low- and moderate-communities throughout the country.” Waters cited additional concerns with the NPR, including what she believes are efforts by the OCC “to deregulate megabanks” and “greenlight rent-a-bank schemes that allow lenders to skirt state usury caps.”
In his written testimony, Otting reiterated that the NPR is intended to strengthen and modernize CRA regulations and that the proposal does not permit redlining. “Nothing in this proposal changes the agencies’ authority to enforce fair lending laws to prevent discrimination and redlining. The regulations implementing the Fair Housing Act and the Equal Credit Opportunity Act prohibit discrimination and redlining,” Otting stressed in his oral statement. “These regulations are not changed in any way by this proposal.” (Emphasis in the original.) Otting also defended several of the proposed amendments that would, among other things, (i) remove uncertainty that discourages investments; (ii) focus on a bank’s sustained commitment to meeting a community’s credit needs and rewarding long-term investment; and (iii) accommodate banks of different sizes and business models by allowing small banks with less than $500 million in total assets to choose between the existing and the proposed revised framework for their evaluations. During the hearing, Otting also refuted the perception that the NPR employs the use of a single metric to determine a bank’s CRA rating, stating “there is no one ratio in this proposal. . .the average regional bank will have 502 measurement points so every community would be measured by units and dollars and at the top of the house it would be dollars.”
When Congressman Brad Sherman (D-CA) asked about the OCC’s recent request for bank-specific data to inform the NPR (previously covered by InfoBytes here) questioning why the agencies “want to adopt a rule on such a quick timetable when [they] still don’t have the information,” Otting responded that the additional information requested from the banks is meant to help validate the OCC’s analysis and conclusions. However, when the discussion turned to whether Congress could access the data and analysis used to create the NPR, Otting stated that he would be happy to discuss the data and analysis in person but that the information should not be publicly distributed. Waters stated Congress would subpoena the information if necessary. Otting also confirmed that the 60-day comment period of the NPR (which closes March 9) would not be extended, and that the goal would be to finalize the rule within 60 to 70 days after the comment period ends. With respect to the Federal Reserve’s decision not to join in the notice of proposed rulemaking, Otting said, “We have thousands of rules, regulations and guidance that differ amongst the agencies. So no…I do not see it as an impediment at all.” As previously covered by InfoBytes, earlier this month Federal Reserve Governor Lael Brainard discussed the Fed’s approach to the CRA modernization process and explained why the Fed chose not to join in the NPR.
On January 24, the FDIC issued Financial Institution Letter FIL-4-2020 to provide regulatory relief to financial institutions and help facilitate recovery in areas of Puerto Rico affected by a recent series of earthquakes. In the letter, the FDIC encourages institutions to consider, among other things, (i) extending repayment terms; (ii) restructuring existing loans; or (iii) easing terms for new loans to borrowers affected by the earthquakes. Additionally, the FDIC notes that institutions may receive Community Reinvestment Act consideration for community development loans, investments, and services in support of disaster recovery. The FDIC states it will also consider regulatory relief from certain filing and publishing requirements.
Find continuing InfoBytes coverage on disaster relief guidance here.
On January 23, the OCC issued a notice of charges against five former senior executives for allegedly failing to adequately ensure a national bank’s incentive compensation plans regarding sales practices operated in accordance with bank policy. (See previous InfoBytes coverage here.) The relief sought by the OCC against these individuals could include a lifetime prohibition from participating in the banking industry, a personal cease and desist order, and/or civil money penalties. Under federal law, the individuals may request a hearing to challenge the allegations and relief sought by the OCC. The same day, the OCC also announced settlements with the bank’s former chairman/CEO, its former chief administrative officer and director of corporate human resources, and its former chief risk officer for their alleged roles in the bank’s sales practices misconduct. According to the OCC, the actions serve to, among other things, reinforce the agency’s expectations that management and employees of regulated entities comply with applicable laws and regulations.
On January 21, the OCC assessed a nearly $18 million civil money penalty against a national bank lender for alleged violations of the Flood Disaster Protection Act (FDPA). According to the OCC, the bank allegedly maintained FDPA policies and procedures which allowed the bank’s third-party servicer to extend the 45-day period after notification to the borrower that the flood insurance did not adequately cover the collateral. The OCC alleged that this resulted in the “untimely force placement of flood insurance” on loans secured by buildings or mobile homes located in special flood hazard areas. The bank agreed to pay the penalty without admitting or denying any wrongdoing.
On January 17, the FTC announced it had reached settlements with a number of defendants alleged to have operated “an unlawful credit repair scam that has deceived consumers across the country.” According to the FTC’s complaint, the defendants purportedly made false representations to consumers regarding their abilities to improve credit scores, falsely promised to remove any negative entries on the consumers’ credit reports, illegally collected upfront fees from consumers before the services were fully performed, and used threats and coercion to intimidate consumers from disputing charges. The FTC alleged these misleading statements and illegal actions violated TILA, the FTC Act, the Telemarketing Act, and the Credit Repair Organizations Act, among other things. Additionally, the FTC claimed that the defendants “routinely engage in electronic fund transfers from consumers’ bank accounts without obtaining proper authorization, and use remotely created checks to pay for credit repair services they have offered through a telemarketing campaign, in violation of the TSR.” The defendants, without admitting or denying the allegations, agreed to settlements that ban the defendants from offering credit repair services through “advertising, marketing, promoting, offering for sale, or selling,” impose a total monetary penalty of nearly $14 million, and require several defendants to turn over the contents of bank and merchant accounts as well as investment and cryptocurrency accounts. See the settlements here, here, and here.
On January 16, Democratic members of the House Financial Services Committee sent a letter to the Government Accountability Office (GAO) inquiring about the benefits and drawbacks of using alternative data in mortgage lending, as well as the federal government’s role in overseeing the use of alternative data credit reporting agencies (CRAs) and lenders. The letter notes that while alternative data can be useful in helping lenders identify creditworthy potential borrowers who cannot be scored by CRAs through traditional measures, questions remain about how the use of alternative data may affect compliance with fair lending laws, including the Equal Credit Opportunity Act and Fair Housing Act. “While some alternative data, such as rental payment history, may provide an objective measure of creditworthiness, others might enable discrimination on the basis of a protected class, or infringe upon consumer privacy,” the letter cautions. The letter asks GAO to study the use of alternative data in expanding access to credit, with a particular focus on mortgage credit, and poses the following questions:
- How have different entities used alternative data to expand access to mortgage credit? Specifically, can alternative data determine consumer creditworthiness and whether a consumer is able to repay a mortgage? Additionally, are there certain alternative data sources that are better at predicting creditworthiness or some that are more likely to raise concerns about correlations with discriminatory factors? Furthermore, what federal activity has there been in this space?
- What are the potential benefits and risks associated with using alternative data and financial technology for access to mortgage credit, and are there variations in these benefits and risks across different groups, including minorities and younger borrowers?
- What potential risks does alternative data pose to fair lending compliance, and are the regulatory and enforcement agencies that govern the credit-granting system equipped to manage and prepare for an increased use of alternative data in mortgage lending?
- How do the benefits and trade-offs of other options for expanding access to mortgage credit compare to the use of alternative data in credit scoring?
On January 16, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. The new enforcement actions include formal agreements, prohibition orders, and terminations of existing enforcement actions against individuals and banks. Included among the actions is a formal agreement issued against an Illinois-based bank on December 18 for alleged unsafe or unsound practices relating to, among other things, consumer compliance. The agreement requires the bank to (i) establish a compliance committee to monitor the bank’s progress in complying with the agreement’s provisions; (ii) report such progress to the bank’s board on a quarterly basis; and (iii) implement a written consumer compliance program. This program must also include a policies and procedures manual that covers all consumer protection laws, rules, and regulations to which the bank should adhere, an independent audit program, and training of bank personnel in the consumer protection laws, rules, and regulations as appropriate.
On January 16, the FDIC and the OCC announced (FDIC FIL-3-2020, OCC Bulletin 2020-5) the issuance of a joint statement on risk management of current heightened cybersecurity risks. The statement reminds supervised financial institutions to maintain preventative controls and update and test incident response and business continuity plans. It also sets out best practices in these areas for supervised financial institutions.
The bulletin lists six “key controls” including:
- Response, resilience and recovery capabilities. Maintain system backups and segment data to prevent spread of malicious activity across the network and to increase recovery capabilities. Incident and business resilience plans should set out cyber attack response and business continuity procedures and a data backup program should be set up and regularly tested. Cyber insurance coverage may further mitigate cyber risk exposure.
- Identity and access management. Implement identity and access management controls to combat phishing attacks and prevent theft of login credentials. Incorporate risk-based authentication, limit user permissions, and continually monitor user accounts.
- Network configuration and system hardening. Configure networks with appropriate security settings that are regularly updated. Update anti-malware and routinely test network technology for vulnerabilities.
- Employee training. Provide continuous training to keep cybersecurity program employees abreast of new cyber threats and evolving social engineering tactics.
- Security tools and monitoring. Maintain competent cybersecurity staff or service providers to monitor for the most current “threat and vulnerability information,” regularly review audit logs, and establish and test ability to “detect and respond to attacks.”
- Data protection. Encrypt “sensitive and critical data,” which should also be accurately classified to ensure ease in identification.
On December 23, 2019, the New York Department of Financial Services issued an “Industry Letter” requesting that each NYDFS-regulated institution submit the institution’s plan for addressing the transition away from Libor-based credit, derivative, and securities exposures. The NYDFS letter has spurred additional focus by financial institutions in the issue, and not only by those regulated by NYDFS. This Client Alert summarizes the current state of play in Libor transition, and outlines some key considerations for developing a Libor transition plan.
* * *
Click here to read the full special alert.
If you have any Libor-related questions please contact a Buckley attorney with whom you have worked in the past.
- Daniel P. Stipano to moderate "Washington update" at the Puerto Rican Symposium of Anti Money Laundering
- Melissa Klimkiewicz to discuss "Private flood insurance updates" at the Mortgage Bankers Association Servicing Solutions Conference & Expo
- Jonice Gray Tucker and H Joshua Kotin to discuss regulatory compliance issues in the fintech industry at Protiviti's Risk & Compliance Innovation Roundtable
- APPROVED Checkpoint Webcast: CFL overview
- Amanda R. Lawrence and Sherry-Maria Safchuk to discuss "California privacy rule" on an NAFCU webinar
- Sasha Leonhardt to discuss "MLA & SCRA" on a NAFCU webinar
- Daniel P. Stipano to discuss "Pathway of the SARs: Tracking trajectories of suspicious activity reports from alerts to prosecution" at the ACAMS International AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Which bud’s for you? A deep-dive into evolving marijuana laws" at the ACAMS International AML & Financial Crime Conference
- Brandy A. Hood to discuss "RESPA 8 (TRID applied compliance)" at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference
- Michelle L. Rogers to discuss "Major litigation" at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference
- John P. Kromer to discuss "Navigating the multi-state fintech regulatory regime" at the American Conference Institute Legal, Regulatory and Compliance Forum on Fintech & Emerging Payment Systems
- Jonice Gray Tucker to discuss "Leveraging big data responsibly" at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference
- Hank Asbill to discuss "Critique of direct examination; Questions and answers" at the American Bar Association Section of Litigation Anatomy of a Trial: Murder Trial of Ziang Sung Wan
- Hank Asbill to discuss "What judges want from trial lawyers" at the American Bar Association Section of Litigation Anatomy of a Trial: Murder Trial of Ziang Sung Wan
- Steven R. vonBerg to speak at the "Conference super session" at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference