InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OCC Updates Guidance on Federal Branch Supervision and Enforcement Action Policies and Procedures
On October 27, the OCC issued Bulletin 2017-46, updating guidance related to federal bank branch supervision and licensing. The OCC issued a revised version of its “Federal Branches and Agencies” booklet, which clarifies the process for reviewing and evaluating license conversion applications by a state-licensed branch or agency operated by a foreign bank to a federal branch or agency. Bulletin 2017-46 also replaced the 2014 agency paper entitled, The OCC’s Approach to Federal Branch and Agency Supervision. The paper outlines the OCC’s framework and considerations related to (i) the regulatory approach and supervision process for large and complex federal branches and agencies (not community banks), and (ii) the general overview of the filing requirements for applications, notices, and licenses, as well as the review and decision process.
On October 31, the OCC issued Bulletin 2017-48 to update its policies and procedures regarding bank enforcement actions. The updates are designed to provide more clarity and consistency in the implementation, communication and monitoring of enforcement actions. In particular, the updates are intended to, among other things, better describe the relationship between violations, concerns identified in matters requiring attention, and enforcement actions, emphasize communication with bank management and personnel and OCC supervisors, and enhance standard processes for tracking and resolving corrective actions. The updates are effective December 1, and are reflected in its “Bank Supervision Process,” “Community Bank Supervision,” “Federal Branches and Agencies Supervision,” and “Large Bank Supervision” booklets of the Comptroller’s Handbook.
Trade Groups Lobby for Exemption of Small Independent Mortgage Lenders from CFPB Examinations
On September 18, the Community Home Lenders Association and the Community Mortgage Lenders of America sent a joint letter to Treasury Secretary Mnuchin urging relief for smaller independent mortgage bankers from CFPB supervision, enforcement, and vender management audits. Specifically, the trade groups requested support for legislation that would help eliminate the risk of enforcement actions from the CFPB for smaller nonbanks. The letter cites the conclusions drawn in the Treasury Report on financial regulations, released in June (this report was a product of the February Executive Order, covered by a Buckley Sandler Special Alert). Of particular interest from the trade groups was the report’s conclusion that Congress should repeal the CFPB’s supervisory authority and return the supervision of nonbanks to state regulators.
OIG Report: Potential for Improvement Within CFPB Examiner Commissioning and On-the-Job Training Programs
On September 20, the Office of Inspector General (OIG) for the CFPB issued findings in a report entitled The CFPB Can Enhance the Effectiveness of Its Examiner Commissioning Program and On-the-Job Training Program (the Report) stemming from an evaluation to assess the Bureau’s effectiveness when designing, implementing, and executing these two programs.
Examiner Commissioning Program (ECP). The Report found that, despite efforts to enhance the program since it began in 2014, the CFPB's Supervision Learning and Development Division (SL&D)—which is responsible for examiner training—presented several areas in need of improvement, including: (i) where examiners appeared to pursue commissioning before being fully prepared or required multiple attempts to pass commissioning components, which in turn affected the number of examiners available for examinations; (ii) where examiners commenced components of the ECP, despite inadequate training, developmental opportunities, or exposure to certain internal processes; (iii) findings that SL&D lacked a formal method for evaluating and updating the ECP, thus reducing opportunities to identify potential areas for improvement; (iv) inconsistent delivery of ECP requirements to prospective employees; and (v) a lack of clarity on when the start of the five-year time requirement begins for examiners trying to obtain their commissioning, which can create the risk of examiners moving through the ECP before being ready.
On-the-Job Training Program (OJT). The OIG also identified areas for improvement in the CFPB’s implementation of the OJT program. Specifically, the OIG found that due to inconsistent implementation of the OJT program, examiners are unable to clearly understand the program’s requirements and expectations.
Recommendations. The OIG presented the following recommendations: (i) issue guidance documenting an examiner’s readiness, including recommendations from regional management; (ii) update ECP guidance to better prepare examiners in understanding the program’s requirements, including the starting point of the five-year requirement; (iii) implement a formal method to evaluate the ECP program; (iv) develop guidelines for applicants of the ECP program; and (v) reassess the OJT program timeline for module development, communicate guidelines effectively at all regional offices, and develop guidelines for OJT program expectations.
GAO Publishes Study Examining Fintech Industry Regulation
On April 19, the U.S. Government Accountability Office (GAO) published a study examining four “subsectors” within the fintech industry—marketplace lenders, mobile payments, digital wealth management platforms, and distributed ledger technology (also known as blockchain)—and highlighting the types of products and services offered and how they are regulated. The report, Financial Technology – Information on Subsectors and Regulatory Oversight, is the first in a series of planned reports on fintech, following a request by Congress for a review of issues related to the industry. From July 2016 to April 2017, GAO reviewed agency publications, guidance, final rulemakings, initiatives, and enforcement actions, and also conducted interviews with representatives from the federal prudential regulators, state supervision agencies, and trade associations in order to compile the findings in the report. The report provides an overview of the technologies associated with each subsector, identifies primary users of the products and services, notes potential benefits and risks, and highlights industry trends and current regulations and oversight. Notably, GAO stated it made no recommendations in this report.
Fed Extends Post-Employment Restrictions for Senior Examiners
In a press release on November 18, the Fed announced revised post-employment restrictions that more than double the number of senior staff examiners barred from leaving a Federal Reserve Bank and going right to work for a bank they had supervised. By law, senior bank examiners are prohibited for one year from accepting paid work from a financial institution that they had primary responsibility for examining in their last year of Reserve Bank employment. This post-employment restriction has previously applied only to central points of contacts (CPCs) at firms with more than $10 billion in assets. The revised policy expands this post-employment restriction to deputy CPCs, senior supervisory officers (SSOs), deputy SSOs, enterprise risk officers, and supervisory team leaders, which has the effect of more than doubling the number of senior examiners covered. The policy—which takes effect January 2, 2017—does not apply to senior examiners responsible for multiple unaffiliated banks.
In addition, another new Fed policy prohibits former Fed Bank officers from representing financial institutions and other third parties in matters before the Fed for one year after leaving their Federal Reserve position. This policy takes effect on December 5.
FFIEC Revises Information Security Booklet
On September 9, the FFIEC updated its Information Security booklet, a key element of its Information Technology Examination Handbook. The booklet is intended to provide examiners with guidance on assessing a financial institution’s information security operations, and is divided into the following four main sections: (i) Governance of the Information Security Program; (ii) Information Security Program Management; (iii) Security Operations; and (iv) Information Security Program Effectiveness. In addition to offering technology-centric recommendations such as encryption, the booklet advises firms to create security processes and risk assessment “commensurate with their operational complexities.” It also advises financial institutions to “have strong board and senior management support, promote integration of security activities and controls throughout the institution’s business processes, and establish clear accountability for carrying out security responsibilities.” As expected, the booklet highlights the importance of implementing effective oversight of third-party service providers. Pursuant to sub-section II.C.20, in order to ensure effective oversight of third-party service providers, management should, among other things, determine when third-parties identify, measure, mitigate, monitor, and report cyber risks so as to “facilitate a comprehensive understanding of the institution’s exposure to third-party cyber threats.”
FDIC Advises Bank Management to Maintain Ongoing Communication with Examination Staff
On July 29, the FDIC issued FIL-51-2016 to remind and encourage bank management to maintain open communications with FDIC personnel regarding supervisory findings. FIL-51-2016 is a re-issuance of and update to the March 1, 2011 FIL-13-2011, and emphasizes that “open dialogue with bank management is critical to ensuring the supervisory process is effective in promoting an institution’s strong financial condition and safe-and-sound operation.” If an institution has concerns about FDIC examination findings, the letter advises the institution to (i) discuss the issues with the FDIC examiner-in-charge, or contact the field or regional office representative; (ii) utilize the FDIC’s formal appeals process for material supervisory determinations; or (iii) contact the FDIC Office of the Ombudsman for “confidential, neutral, and independent” information and assistance if disagreements were not resolved informally at the Division-level. According to the letter, FDIC policy prohibits any retaliation, abuse, or retribution by any FDIC examiner or other personnel against an institution. The letter further emphasizes that “[s]uch behavior against an institution constitutes unprofessional conduct and will subject the examiner or other personnel to appropriate disciplinary or remedial action.”
OCC Updates Comptroller's Handbook to Include New Corporate and Risk Governance Booklet
On July 29, the OCC released the “Corporate and Risk Governance” booklet to update, consolidate, and rescind various booklets in the Comptroller’s Handbook. The new booklet is intended to provide examiners with a summary of corporate and risk governance, related risks, the board’s and management’s respective roles and responsibilities in corporate and risk governance, and examination procedures. The new booklet identifies the following as the primary risk categories associated with corporate and risk governance: (i) strategic; (ii) reputation; (iii) compliance; and (iv) operational. The booklet advises banks to maintain corporate and risk governance structures and practices that align with their changes in size, risk profile, and complexity. According to the booklet, an effective corporate and risk governance framework is key to the safe and sound operation of a financial institution and stimulates public confidence in the financial system.
CFPB's Summer Edition of Supervisory Highlights Discloses Issues across Various Financial Markets
On June 30, the CFPB released its twelfth edition of Supervisory Highlights providing supervisory observations from its examiners in the areas of auto origination, debt collection, mortgage origination, small-dollar lending, and fair lending. In the area of auto origination, examiners determined that one or more institutions engaged in deceptive advertising practices related to the benefits of gap coverage products and the effects of payment deferrals, and failed to implement adequate compliance management systems. In the area of debt collection, examiners found that debt sellers sold thousands of debts that were unsuitable for sale because: (i) the accounts were in bankruptcy; (ii) the debts were the product of fraud; or (iii) the accounts had been paid in full. CFPB examiners further observed violations of the Fair Debt Collection Practices Act (FDCPA), determining that at least one collector falsely represented to consumers that a down payment was necessary in order to establish a repayment arrangement, when no such down payment was required by the collectors’ policies and procedures. For mortgage origination, CFPB examiners focused on compliance with provisions of CFPB’s Title XIV rules, the Truth in Lending Act (TILA), as implemented by Regulation Z, and the Real Estate Settlement Procedures Act (RESPA), as implemented by Regulation X, disclosure provisions, and other applicable consumer financial laws. According to the report, CFPB examiners found that one or more institutions violated TILA by miscalculating loan financing amounts, which resulted in a negative finance charge and an amount financed that was greater than the stated loan amount. The report also highlights (i) violations of RESPA’s prohibition against improper referral arrangements; (ii) failure to implement policies and procedures and to provide sufficient training related to the Fair Credit Reporting Act’s requirement to provide consumers with notice of any adverse action, such as denial of credit; (iii) failure to properly disclose interest on interest-only loans in violation of TILA; and (iv) weak oversight of compliance management systems. In the area of small dollar lending, CFPB examiners assessed compliance with the Electronic Fund Transfer Act (Regulation E), and found that the installment loan agreements of one or more entities failed to set out an acceptable range of amounts to be debited because they contained ambiguous or undefined terms in their descriptions of the upper and lower limits of the range. Finally, regarding fair lending, the report covers violations relating to the Home Mortgage Disclosure Act (Regulation C) and the Equal Credit Opportunity Act (Regulation B).
According to the report, the CFPB’s supervisory resolutions from January 2016 through April 2016 resulted in more than 257,000 consumers receiving approximately $24.5 million in restitution.
CFPB Releases Special Edition Supervisory Highlights with Focus on Mortgage Servicing
On June 22, the CFPB released its eleventh issue of Supervisory Highlights specifically to address recent supervisory examination observations of the mortgage servicing industry. According to the report, mortgage servicers continue to face compliance challenges, particularly in the areas of loss mitigation and servicing transfers. The report attributes compliance weaknesses to outdated and deficient servicing technology, as well as the lack of proper training, testing, and auditing of technology-driven processes. Notable findings outlined in the report include the following: (i) multiple violations related to servicing rules that require loss mitigation acknowledgment notices, observing deficiencies with timeliness and content of acknowledgement notices; (ii) violations regarding servicer loss mitigation offer letters and other related communications, including unreasonable delay in sending letters; (iii) failure to state the correct reason(s) in letters to borrowers for denying a trial or permanent loan modification option; (iv) failure to implement effective servicing policies, procedures, and requirements; and (v) heightened risks to consumers when transferring loans during the loss mitigation process. Although the report focuses largely on mortgage servicers’ continued violations, it acknowledged that certain servicers have significantly improved over the past several years by, in part, “enhancing and monitoring their servicing platforms, staff training, coding accuracy, auditing, and allowing for great flexibility in operations.”
In addition to outlining Supervision’s examination observations of the mortgage servicing industry, the report also notes that the CFPB’s Supervision and Examination Manual was recently updated to reflect regulatory changes, technical corrections, and updated examination priorities in the mortgage servicing chapter.