Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On October 1, the Federal Reserve Board extended certain temporary actions that are designed to increase the availability of intraday credit to mitigate the impact of Covid-19. The temporary actions were previously announced on April 23 (previously covered here), and include: (1) suspending uncollateralized intraday credit limits and waiving overdraft fees for eligible institutions; (2) permitting a streamlined procedure to request collateralized intraday credit; and (3) suspending two collections of information that are used to calculate net debit caps. The actions are extended to March 31, 2021.
On October 1, 2020, the U.S. Department of Housing and Urban Development issued Mortgagee Letter 20-33, which extends interim procedures regarding site access issues related to Section 232 mortgage insurance applications during the Covid-19 pandemic (previously covered here and here). The guidance provides temporary modifications pertaining to third-party site inspections for Section 232 FHA-insured healthcare facilities effective through December 31, 2020. The letter also provides guidance on other aspects relating to Section 232 properties, including regarding lender underwriter site visits, appraisals, and inspections on new construction, among other things.
On September 30, the HUD, Office of the Inspector General (HUD OIG) issued a follow-up study examining the information on mortgage loan servicers’ websites about the CARES Act loan forbearance provisions. As previously covered by InfoBytes, in April, HUD OIG issued consumer guidance noting that among the top 30 FHA mortgage servicers, information on forbearance options under the CARES Act was found to be incomplete, outdated, inconsistent, or unclear. On August 11, HUD OIG reviewed the “readily available” Covid-19 pandemic information on the websites of the same top 30 FHA mortgage servicers, noting that some of the servicers still provided misleading forbearance information. Among other things, HUD OIG found that certain mortgage servicers (i) did not offer clear information on the length of the initial forbearance period; (ii) did not make it clear that borrowers could qualify for forbearance extensions after the initial 180 day period; and (iii) did not clearly state that forbearance is an option for borrowers.
On September 30, the Federal Reserve Board announced it would extend measures previously instituted to ensure that large banks maintain a high level of capital resilience in light of uncertainty introduced by the Covid-19 outbreak. The measures were extended for an additional quarter. Large banks (i.e. banks with more than $100 billion in total assets) will be prohibited from making share repurchases. Additionally, dividend payments will be capped and tied to a formula based on recent income. The announcement notes that the Board will conduct a second stress test later this year to further test the resiliency of large banks.
DOJ: Lender allegedly violated FIRREA, False Claims Act by forging certifications and using unqualified underwriters
On September 25, the DOJ filed a complaint against a lender alleging that it forged certifications and used unqualified underwriters to approve FHA-insured Home Equity Conversion Mortgages (HECMs) to increase its loan production in violation of the Financial Institutions Reform, Recovery and Enforcement Act and the False Claims Act. In addition, the DOJ claims that, because the lender allegedly did not employ enough direct endorsement underwriters to review each HECM loan endorsed for FHA mortgage insurance, it bypassed FHA’s underwriter requirements and (i) allowed “unqualified temporary contractors to underwrite, approve, and sign certifications for HECM loans”; (ii) “[f]orged signatures of qualified underwriters on certifications for other HECM loans” to create the appearance that they had been reviewed and approved by a qualified underwriter; (iii) pre-signed blank certifications representing that appraisals had been reviewed and approved; and (iv) used these forms and certifications to insure HECM loans that did not meet the underwriting requirements. The DOJ alleges that, accordingly, the FHA insured overvalued and underwater properties, which increased borrower expenses and raised the chances of default. The DOJ also asserts that the lender’s purported false claims for FHA mortgage insurance payments were material, as it led to the government making payments it would otherwise not have been required to make.
On September 29, FinCEN Director Kenneth A. Blanco spoke at the Association of Certified Anti-Money Laundering Specialists (ACAMS) virtual AML conference, noting that FinCEN has received over 91,000 suspicious activity reports (SARs) referencing Covid-19 and the federal stimulus programs under the CARES Act. Blanco stated that the vast majority (about 71 percent) of the Covid-19 SARs have come from depository institutions, while 17 percent have come from credit unions and five percent have come from the Money Services Business (MSB) industry. The securities and casino industries account for the final three percent. Blanco urged financial institutions to be “as specific as possible” when filling out their Covid-19-related SARs to ensure it gets to the right investigative team expeditiously. Blanco noted that “vague references to ‘stimulus’ or ‘CARES Act’ or ‘benefit,’” hinders the agency’s ability to get the SAR to the right team. Additionally, Blanco emphasized FinCEN’s advisories and guidance related to Covid-19 fraud (covered by InfoBytes here, here, and here) and encouraged the audience to review the agency’s dedicated Covid-19 webpage.
On September 25, the FDIC released a list of administrative enforcement actions taken against banks and individuals in August. During the month, the FDIC issued 13 orders, consisting of “one consent order under 8(b), four orders of prohibition under 8(e), and eight Section 19 orders.” The consent order, issued against a Kansas-based bank, relates to alleged violations of the Bank Secrecy Act (BSA). Among other things, the bank was ordered to (i) terminate all activity related to its foreign financial institution customers, including such activity as funds transfers, remote deposit capture, money service business remittances, Automated Clearing House transfers, and funds transfers to or from any foreign central bank accounts; (ii) establish a directors’ BSA/anti-money laundering (AML) compliance committee; (iii) implement a revised BSA compliance program to address BSA/AML deficiencies, including incorporating internal controls to assure ongoing compliance, as well as training for appropriate personnel; (iv) maintain a BSA/AML internal control structure, including suspicious activity monitoring and reporting, risk assessment, and customer due diligence; (v) contract with a third-party consulting firm to conduct an independent test of the bank’s BSA/AML compliance program; (vi) implement an effective, comprehensive BSA training program for appropriate personnel regarding specific compliance responsibilities; and (vii) conduct a look-back review to ensure certain reportable transactions and suspicious activities were appropriately identified and reported.
California AG, former FTC chairs argue about federal privacy law preemption during Senate committee hearing
On September 23, the Senate Committee on Commerce, Science, and Transportation held a hearing titled, “Revisiting the Need for Federal Data Privacy Legislation.” The hearing examined the current state of consumer data privacy and legislative efforts to provide baseline data protections for American consumers, and examined the lessons learned from the EU’s Global Data Protection Regulation (GDPR) and recently enacted state privacy laws. Witnesses included a number of former chairs and commissioners of the FTC, along with California Attorney General Xavier Becerra.
Becerra discussed the California Consumer Privacy Act (CCPA), which sets forth various requirements for businesses that collect, transfer, or sell a consumer’s personal information, and provides California residents several rights, including the right to know what data companies have collected on them and the right to ask to delete data or opt-out of its sale. (See continuing InfoBytes coverage on the CCPA here.) Concerning future federal privacy legislation, Becerra stressed that any such legislation should not preempt the work happening at the state level, and he urged the Committee “to favor legislation that sets a federal privacy-protection floor rather than a ceiling,” in order to allow states the opportunity to provide tailored protections for their residents. Becerra also stressed that the ideal federal legal framework would “recognize that privacy protections must keep pace with innovation,” and further addressed the need for a meaningful enforcement regime that respects the work undertaken by the states.
Former FTC chairs Jon Leibowitz and Maureen Ohlhausen, however, argued (see here and here) in favor of federal preemption. They suggested that a single national comprehensive privacy standard would be stronger and more comprehensive than existing regimes such as the CCPA and GDPR, and could better serve consumers even if it replaces state regulations. Both stressed that preempting state laws should not mean weakening protections for consumers. Moreover, both Leibowitz and Ohlhausen emphasized that federal privacy legislation should be technology- and industry-neutral, with rigorous standards backed by tough enforcement. Leibowitz also urged Congress to provide the FTC with the ability to impose civil penalties on violators for first-time offenses, and recommended that the FTC be granted the primary authority to administer the law and be given continued authority to provide redress directly to consumers. Former chair William Kovacic presented a different approach, which would establish a domestic privacy network to promote cooperation and coordination between federal and state privacy regulators to improve policy formation.
Other topics covered in the hearing included Chairman Roger Wicker’s (R-MS) recently introduced bill (S. 4626), known as the SAFE DATA Act, which would require businesses to be more transparent about their data collection, processing, and transfer activities, and give consumers more choices and control over their data. Among other things, the bill would preempt privacy laws in California and other states, except in regard to data breaches, and would not include a private right of action allowing consumers to sue over privacy violations.
On September 23, the FDIC issued FIL-92-2020 to provide regulatory relief to financial institutions and help facilitate recovery in areas of Alabama affected by Hurricane Sally starting on September 14. In the guidance, the FDIC notes that, in supervising institutions affected by the hurricane, the FDIC will consider the unusual circumstances those institutions face. The guidance suggests that institutions work with impacted borrowers to, among other things, (i) extend repayment terms; (ii) restructure existing loans; or (iii) ease terms for new loans to those affected by the severe weather, provided the measures are “done in a manner consistent with sound banking practices.” Additionally, the FDIC notes that institutions may receive Community Reinvestment Act consideration for community development loans, investments, and services in support of disaster recovery. The FDIC states it will also consider relief from certain reporting and publishing requirements.
On September 25, the FTC announced a settlement with a Rhode Island-based company and its owner (defendants), resolving allegations that the defendants violated the FTC Act by claiming to be an approved lender for the Small Business Administration’s (SBA) Paycheck Protection Program (PPP) even though the defendants are neither affiliated with the SBA nor an SBA-authorized lender. As previously covered by InfoBytes, the FTC filed an action against the defendants in April, alleging that the defendants made deceptive statements on their websites, such as “WE ARE A DIRECT LENDER FOR THE PPP PROGRAM!,” and directly contacted small businesses claiming to represent the SBA in order to solicit loan applications on behalf of the businesses’ banks. The settlement prohibits the defendants from engaging in the conduct subject to the action, including misrepresenting that they are affiliated with the SBA and that they are authorized to accept or process applications on behalf of the SBA. Moreover, the defendants are prohibited from disclosing or benefitting from consumer information obtained prior to the settlement without express, informed consent from the consumer, and are subject to certain reporting and recordkeeping requirements.
- Thomas A. Sporkin to discuss "Managing internal investigations and advanced government defense" at the Securities Enforcement Forum
- Jeffrey P. Naimon to discuss "2021 - A new beginning/what's to come" at the QuestSoft Lending Compliance & Risk Management Virtual Conference
- H Joshua Kotin to discuss "Mortgage servicing in a recession: Early intervention, loss mitigation and more" at the NAFCU Virtual Regulatory Compliance Seminar
- Daniel R. Alonso to discuss "Independent monitoring in the United States" at the World Compliance Association Peru Chapter IV International Conference on Compliance and the Fight Against Corruption
- Jonice Gray Tucker to discuss "Cyber security, incident response, crisis management" at the Legal & Diversity Summit
- Jonice Gray Tucker to discuss "The future of fair lending" at the Mortgage Bankers Association Regulatory Compliance Conference
- Michelle L. Rogers to discuss "Major litigation" at the Mortgage Bankers Association Regulatory Compliance Conference
- Kathryn L. Ryan to discuss "Pandemic fallout – Navigating practical operational challenges" at the Mortgage Bankers Association Regulatory Compliance Conference
- Jonice Gray Tucker to discuss "Consumer financial services" at the Practising Law Institute Banking Law Institute
- Daniel P. Stipano to discuss "BSA/AML - Covid impact and regulatory/guidance roundup" at an NAFCU webinar