InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Yellen cites crypto market risks
On November 16, Treasury Secretary Janet Yellen issued a statement addressing recent crypto market developments. “The recent failure of a major cryptocurrency exchange and the unfortunate impact that has resulted for holders and investors of crypto assets demonstrate the need for more effective oversight of cryptocurrency markets,” Yellen said, stressing that existing regulations must be rigorously enforced against those who operate in the crypto-asset space. Acknowledging recent actions taken by federal regulators to address crypto risks in response to President Biden’s Executive Order on Digital Assets (covered by InfoBytes here), Yellen cautioned that it is imperative for the federal government, including Congress, to move quickly to address regulatory gaps in this space. She warned that while spillovers from recent events in the crypto markets “have been limited,” the interconnections between the traditional financial system and the crypto markets “could raise broader financial stability concerns.”
Senate Banking grills regulators on crypto
On November 15, the Senate Committee on Banking, Housing, and Urban Affairs held a hearing entitled “Oversight of Financial Regulators: A Strong Banking and Credit Union System for Main Street” to hear from federal financial regulators about growing risks related to bank mergers, bailouts, climate change, crypto assets, and cyberattacks, among other topics. Committee Chairman Sherrod Brown (D-OH) opened the hearing by emphasizing that Congress “must stay vigilant and empower regulators with the tools to combat these growing risks,” and said that banks and credit unions must be able to partner with third parties in a manner that enables competition but without risking consumer money. He also warned that big tech companies and shadow banks should not be allowed to “play by different rules because of special loopholes.” In his opening statement, Ranking Member Patrick J. Toomey (R-PA) challenged the regulators to “not stray beyond their mandates into politically contentious issues or establish unnecessary new regulatory burdens,” pointing to the participation of the Federal Reserve Board, FDIC, and OCC in the Network for the Greening the Financial System as an example of politicizing financial regulation.
Testifying at the hearing were the Fed’s Vice Chair for Supervision Michael S. Barr, NCUA Chair Todd M. Harper, acting FDIC Chairman Martin J. Gruenberg, and acting Comptroller of the Currency Michael J. Hsu. Cryptocurrency concerns were a primary focus during the hearing, where Toomey asked the regulators why they still have not provided public clarity on banks’ involvement in crypto activities, such as providing custody services or issuing stablecoins.
Pointing to a major cryptocurrency exchange’s recent major collapse, Toomey pressed Hsu on whether the OCC “discourages banks from providing custody services” for crypto assets. Toomey speculated, “it seems to me if people had access to custody services provided by a wide range of institutions, including regulated financial institutions, they might be able to sleep more comfortably knowing that those assets are unlikely to be used for some completely inappropriate purpose.” Answering that the OCC discourages banks from engaging in activities that are not safe, sound, and fair, Hsu acknowledged that there are underlying fundamental issues and questions about what it means to control crypto through a custody “which have not been fully worked out.” Toomey emphasized that part of the obligation rests on the OCC to provide clarity on how banks could provide these services in a safe, sound, and fair manner, and stressed that currently these activities are operating in a space outside the regulatory perimeter. Barr agreed that it would be useful for the Fed to provide guidance to banks on how to safely custody crypto assets and said it is something he plans to work on with his colleagues.
Toomy further noted that Congress’s failure “to pass legislation in this space and the failure of regulators to provide clear guidance has created ambiguity that has driven developers and entrepreneurs overseas where regulations are often lax at best.” Senator Bill Haggerty (R-TN) cautioned that lawmakers should not resort to a “heavy-handed” regulatory response to the cryptocurrency exchange’s collapse. “No amount of poorly considered, knee-jerk over-regulation here in the U.S. would have prevented a foreign-domiciled company like [the collapsed cryptocurrency exchange] from doing what it did,” Haggerty said. “The fact of the matter is that crypto, much like all of finance, isn’t beholden to a specific country or a specific legal system, and by not acting and by failing to provide legal clarity here in the United States, Congress only incentivizes activity to migrate outside of our country’s borders,” Haggerty stated, adding that it is “important to recognize that whatever happened with a bad actor running a centralized exchange and defrauding customers” has “nothing to do with the technology underpinning crypto itself.” When asked by Sen. John Kennedy (R-LA) which regulator was responsible for watching the collapsed cryptocurrency exchange, Gruenberg said “I think in the first instance, you’d probably want to engage with the market regulators, the SEC and the CFTC, to talk about the activities and the authorities in this area.”
The regulators also discussed efforts to mitigate cybersecurity risks and strengthen information security within the banking industry. Hsu stressed during the hearing that “the greatest risk is the risk of complacency,” while noting in his prepared remarks that the OCC is aware of the risks associated with cybersecurity and has “encouraged banks to stay abreast of new technology and threats.” Barr pointed to the importance of operational resilience in his prepared remarks, noting that “technology-based failures, cyber incidents, pandemics, and natural disasters,” combined with the growing reliance on third-party service providers, expose banks to a range of operational risks that are often challenging to anticipate. Harper commented in his prepared remarks that the NCUA continues to provide guidance for credit unions to reinforce their ability to withstand potential cyberattacks, and recommends that credit unions report cyber incidents to the NCUA, the FBI, and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. In his prepared remarks, Gruenberg pointed to recent examination findings revealing that banks that have dedicated resources for implementing appropriate controls are better at defending against cyberattacks, and said the FDIC is “piloting technical examination aids that will help [] examiners focus on the controls [] found to be most effective in defending against these attacks.”
The House Financial Services Committee also held a hearing later in the week that focused on similar topics with the regulators. Chair Maxine Waters (D-CA) and Rep. Patrick McHenry (R-NC) also announced that the committee will hold a hearing in December to investigate the aforementioned cryptocurrency exchange’s collapse and understand the broader consequences the collapse may have on the digital asset ecosystem.
CFPB issues fall supervisory highlights
On November 15, the CFPB released its fall 2022 Supervisory Highlights, which summarizes its supervisory and enforcement actions between January and June 2022 in the areas of auto servicing, consumer reporting, credit card account management, debt collection, deposits, mortgage origination, mortgage servicing, and payday lending. Highlights of the findings include:
- Auto Servicing. Bureau examiners identified instances of servicers engaging in unfair, deceptive, or abusive acts or practices connected to add-on product charges, loan modifications, double billing, use of devices that interfered with driving, collection tactics, and payment allocation. For instance, examiners identified occurrences where consumers paid off their loans early, but servicers failed to ensure consumers received refunds for unearned fees related to add-on products.
- Consumer Reporting. The Bureau found deficiencies in credit reporting companies’ (CRCs) compliance with FCRA dispute investigation requirements and furnishers’ compliance with FCRA and Regulation V accuracy and dispute investigation requirements. Examples include: (i) NCRCs that failed to report the outcome of complaint reviews to the Bureau; (ii) furnishers that failed to send updated information to CRCs following a determination that the information reported was not complete or accurate; and (iii) furnishers’ policies and procedures that contained deficiencies related to the accuracy and integrity of furnished information.
- Credit Card Account Management. Bureau examiners identified violations of Regulation Z related to billing error resolution, including instances where creditors failed to (i) resolve disputes within two complete billing cycles after receiving a billing error notice; (ii) conduct reasonable investigations into billing error notices due to human errors and system weaknesses; and (iii) provide explanations to consumers after determining that no billing error occurred or that a different billing error occurred from that asserted. Examiners also identified Regulation Z violations where credit card issuers improperly mixed original factors and acquisition factors when reevaluating accounts subject to a rate increase, and identified deceptive acts or practices related to credit card issuers’ advertising practices.
- Debt Collection. The Bureau found instances of FDCPA violations where debt collectors engaged in conduct that harassed, oppressed, or abused the person with whom they were communicating. The report findings also discussed instances where debt collectors communicated with a person other than the consumer about the consumer’s debt when the person had a name similar or identical to the consumer, in violation of the FDCPA.
- Deposits. The Bureau discussed how it conducted prioritized assessments to evaluate how financial institutions handled pandemic relief benefits deposited into consumer accounts. Examiners identified unfairness risks at multiple institutions due to policies and procedures that may have resulted in, among other things, (i) garnishing protected economic impact payments funds in violation of the Consolidated Appropriations Act of 2021; or (ii) failing to apply the appropriate state exemptions to certain consumers’ deposit accounts after receiving garnishment notice.
- Mortgage Origination. Bureau examiners identified Regulation Z violations and deceptive acts or practices prohibited by the CFPA. An example of this is when the settlement service had been performed and the loan originator knew the actual costs of those service, but entered a cost that was completely unrelated to the actual charges that the loan originator knew had been incurred, resulting in information being entered that was not consistent with the best information reasonably available. The Bureau also found that the waiver language in some loan security agreements was misleading, and that a reasonable consumer could understand the provision to waive their right to bring a class action on any claim in federal court.
- Mortgage Servicing. Bureau examiners identified instances where servicers engaged in abusive acts or practices by charging sizable fees for phone payments when consumers were unaware of those fees. Examiners also identified unfair acts or practices and Regulation X policy and procedure violations regarding failure to provide consumers with CARES Act forbearances.
- Payday Lending. Examiners found lenders failed to maintain records of call recordings necessary to demonstrate full compliance with conduct provisions in consent orders generally prohibiting certain misrepresentations.
CFPB highlights tenant background check problems
On November 15, the CFPB issued two reports discussing issues related to the tenant background check industry. The Consumer Snapshot: Tenant Background Checks bulletin outlines difficulties that prospective renters encounter in connection with a landlord’s use of a tenant screening report, based on complaints submitted to the CFPB and CFPB-commissioned qualitative research. The Tenant Background Checks Market Report is based on data from industry research, legal cases, academic research, the CFPB’s market monitoring, and other third-party sources, and focuses on publicly available information from a sample of 17 tenant screening companies that offer services to landlords across the U.S. According to the Bureau, the reports describe how errors in these background checks contribute to rising costs and barriers to quality rental housing. The Bureau’s analysis of over 24,000 complaints highlights renter challenges associated with the industry’s failure to remove wrong, old, or misleading information or to conduct adequate investigations of disputed information.
Highlights of Consumer Snapshot: Tenant Background Checks include:
- More than 17,200 of the approximately 26,700 complaints related to tenant screening received by the Bureau from January 2019 through September 2022 were related to incorrect information appearing on a prospective renter's report.
- Renters who submitted complaints about tenant screening reports described difficulties finding stable and secure housing due to negative information that was inaccurate, misleading, or obsolete.
- The experiences of most applicants who encountered inaccurate or misleading information about evictions and rental debt in their reports indicate that the presence of eviction records has a high likelihood of leading to outright denials of rental housing.
- Inaccuracies in criminal records may have an outsized impact on Native American, Black, and Hispanic communities as they are disproportionally represented in the criminal justice system.
Highlights of the Tenant Background Checks Market Report include:
- The coverage of rental payment history in the consumer reporting system is estimated to range between 1.7 percent to 2.3 percent of U.S. renters.
- Approximately 68 percent of renters pay application fees when applying for rental housing, which are often used to cover the cost of tenant screening.
- Market incentives generally value comprehensiveness of derogatory information at the expense of accurate information.
- There may be a significant possibly that tenant screening reports overstate the risk of renting to any given applicant.
NY Fed to participate in proof-of-concept shared ledger project
On November 15, the Federal Reserve Bank of New York announced that the New York Innovation Center (NYIC) will participate in a proof-of-concept project to explore the feasibility of an interoperable network of central bank wholesale digital money and commercial bank digital money operating on a shared multi-entity distributed ledger. As previously covered by InfoBytes, the NYIC was launched in 2021 to advance the partnership with the Bank for International Settlements (BIS) Innovation Hub. The NYIC is intended to, among other things: (i) identify and develop insights on financial technology trends associated to central banks; (ii) examine the development of public goods to increase the global financial system function; and (iii) “advance and support expertise in the area of central bank innovation.” According to the recent announcement, the U.S. proof-of-concept project is exploring the concept of a regulated liability network and will “test the technical feasibility, legal viability, and business applicability of distributed ledger technology to settle the liabilities of regulated financial institutions through the transfer of central bank liabilities.” The New York Fed noted that the NYIC will coordinate with private sector organizations to provide a public contribution to the body of knowledge on the application of new technology to the regulated financial system as part of the 12-week project. The New York Fed also noted that the project will be conducted in a test environment, and the results of the pilot project will be released to the public.
FTC extends compliance on some Safeguards provisions
On November 15, the FTC announced that covered financial institutions now have until June 9, 2023, to comply with certain updated Safeguards Rule requirements. The Commission issued this extension based on reports, including a letter from the SBA’s Office of Advocacy, that a shortage of qualified personnel to implement financial institutions’ information security programs and supply chain issues could delay security system upgrades.
As previously covered by InfoBytes, in October 2021, the FTC issued a final rule updating the Safeguards Rule to strengthen data security protections for consumer financial information following widespread data breaches and cyberattacks. Among other things, the final rule added specific criteria financial institutions and other entities, such as mortgage brokers, motor vehicle dealers, and payday lenders, must undertake when conducting a risk assessment and implementing an information security program. Among other requirements, these include implementing provisions related to access controls, data inventory and classification, authentication, encryption, disposal procedures, and incident response. The final rule also added measures to ensure employee training and service provider oversight are effective and expanded the definition of “financial institution” to include “entities engaged in activities that the Federal Reserve Board determines to be incidental to financial activities.” Included in the definition are “finders” (i.e. companies that bring together buyers and sellers of products or services that fall within the scope of the Safeguards Rule). While many provisions of the Safeguards Rule became effective 30 days after publication in the Federal Register, certain other provisions, including requirements applicable to covered financial institutions, were set to take effect December 9, 2022.
OCC senior deputy comptroller discusses fair lending
On November 14, Senior Deputy Comptroller for Bank Supervision Policy Grovetta Gardineer delivered remarks on behalf of acting Comptroller Michael J. Hsu before the CRA & Fair Lending Colloquium to discuss the agency’s ongoing efforts to ensure its regulated institutions provide fair and equitable credit services. Among other topics, Gardineer mentioned the agency’s initiatives to identify and address discriminatory lending practices, including addressing fair lending in advanced analytics and reducing barriers to financial inclusion. Noting that the banking industry has evolved “rapidly,” Gardineer stated that the OCC has “remained focused on the solid foundation of our mission,” and identified “three strategic goals: (1) agility and learning; (2) credibility and trust; and (3) leadership in supervision.”
She also said that the OCC is enhancing its risk-based supervisory approach by, among other things, “[r]ecognizing our strategic goal for ‘agility and learning,’” and by “conducting fair lending risk assessments during every supervisory cycle for each bank that engages in retail lending.” Regarding the agency’s efforts to reduce inequality in banking, Gardineer stated that the OCC has taken an active role on the Interagency Task Force on Property Appraisal and Valuation Equity, or PAVE, which is an initiative to evaluate the causes, extent, and consequences of appraisal bias. As previously covered by InfoBytes in March, the thirteen member agencies and offices of the PAVE Task Force came together in an extraordinary interagency effort to issue the Action Plan to Advance Property Appraisal and Valuation Equity, which represents “the most wide-ranging set of reforms ever put forward to advance equity in the home appraisal process.”
Gardineer also disclosed that the OCC is developing other internal measures to enhance credibility and trust, including measures to “improv[e] supervisory methods for identifying potential discrimination in property valuations.” In regard to addressing fair lending in advanced analytics, Gardineer warned that “the growing use of advanced analytics such as artificial intelligence or machine learning offers both the opportunity to help reduce inequality and to address safety, soundness, and fairness risks,” and emphasized that the agency “supports fair, ethical, responsible, and transparent adoption of advanced analytics, including artificial intelligence and machine learning, in the financial sector.”
In terms of the future, she highlighted that “the OCC is focused on strengthening our supervision processes and resources devoted to compliance with fair lending laws, while enhancing our ability to remain agile and successfully execute our mission to ensure that national banks and federal savings associations operate in a safe and sound manner, provide fair access to financial services, treat customers fairly, and comply with applicable laws and regulations..”
Biden nominates Gruenberg for FDIC chair
On November 14, President Biden announced his intention to nominate Martin Gruenberg to serve as chair and member of the FDIC Board of Directors. Following the resignation of the FDIC’s former chair, Jelena McWilliams (covered by InfoBytes here), Gruenberg has been acting chairman. Since joining the FDIC Board of Directors in 2005, Gruenberg has served as vice chairman, chairman, and acting chairman. Prior to joining the FDIC, Gruenberg served on the staff of the Senate Banking Housing and Urban Affairs Committee as Senior Counsel of the full Committee, and as staff director of the Subcommittee on International Finance and Monetary Policy.
CSBS President and CEO James M. Cooper issued a statement following the announcement: “Today’s announcement from the White House means that none of the nominees to the FDIC Board will meet the requirement for state bank supervisory experience. This requirement is not only the law but also a great benefit for consumers and the banking sector when the dual-banking system is fully represented on the FDIC Board. We encourage Senators, in their role in the confirmation process, to ask nominees how they will work with state bank regulators to benefit from their experience sitting closer to citizens and local economies.”
OCC announces Tropical Storm Nicole disaster relief
On November 9, the OCC issued a proclamation permitting OCC-regulated institutions, at their discretion, to close offices affected by Tropical Storm Nicole in Florida, Georgia, North Carolina, and South Carolina “for as long as deemed necessary for bank operation or public safety.” The proclamation directs institutions to OCC Bulletin 2012-28 for further guidance on actions they should take in response to natural disasters and other emergency conditions. According to the OCC, only bank offices directly affected by potentially unsafe conditions should close, and institutions should make every effort to reopen as quickly as possible to address customers’ banking needs.
CFPB finalizes nonbank supervisory rule
On November 10, the CFPB announced a final rule finalizing changes to a nonbank supervision procedural rule issued in April. As previously covered by InfoBytes, the Bureau announced earlier this year that it was invoking a “dormant authority” under the Dodd-Frank Act to conduct supervisory examinations of fintech firms and other nonbank financial services providers based upon a determination of risk. Specifically, the Bureau said it intends to use a provision under Section 1024 of Dodd-Frank that allows it to examine nonbank financial entities, upon notice and an opportunity to respond, if it has “reasonable cause” to determine that consumer harm is possible. Concurrently, the Bureau issued a request for public comment on an updated version of a procedural rule that implements its statutory authority to supervise nonbanks “whose activities the CFPB has reasonable cause to determine pose risks to consumers,” including potentially unfair, deceptive, or abusive acts or practices. Provisions outlined in the procedural rule would exempt final decisions and orders by the Bureau director from being considered confidential supervisory information, thus allowing the Bureau to publish the decisions on its website. Subject companies would be given an opportunity seven days after a final decision is issued to provide input on what information, if any, should be publicly released, the Bureau said.
After reviewing public comments received on the procedural rule, the Bureau incorporated certain changes to clarify the standard that the agency will apply when deciding what information is appropriate for public release, in whole or in part. The Bureau explained that information falling within Freedom of Information Act Exemptions 4 and 6 (which protect confidential commercial information and personal privacy) will not be published. Additionally, the Bureau said it may also choose to withhold information if the director determines there is other good cause to do so. The final rule also extends the deadline from seven to ten business days for nonbanks to submit input about what information should be released. The final rule will take effect upon publication in the Federal Register.
Notably, the Bureau emphasized that the “amended procedures only relate to the initial decision to extend supervision to a nonbank entity” and “do not affect the confidentiality of any ensuing supervisory examination or any other aspect of the supervisory process.”