Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OCC reaches $17 million settlement with former executive over account openings
On March 15, the OCC announced a $17 million civil money penalty and prohibition order against a former senior executive who served as head of a national bank’s community banking division for her role in the bank’s incentive compensation sales practices. As previously covered by InfoBytes, in January 2020, the OCC announced charges against the former general counsel and other executives, seeking a lifetime prohibition from participating in the banking industry, a personal cease and desist order, and/or civil money penalties. The 2020 announcement included settlements with three of the executives. The OCC settled with three others in September 2020, as well as with the bank’s former general counsel in January 2021 (covered by InfoBytes here and here). In addition to the $17 million penalty, the former senior executive entered a plea agreement admitting to one count of obstructing a bank examination.
OCC releases enforcement actions
On March 17, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. Included is a cease and desist order against a New York-based bank for allegedly engaging in unsafe or unsound practices related to its information technology security and controls, as well as its information technology risk governance and board of director/management oversight of its corporate risk governance processes. The OCC also found alleged deficiencies (including unsafe or unsound practices) in the bank’s Bank Secrecy Act (BSA)/anti-money laundering risk management controls in the following areas: “internal controls, BSA officer, customer identification program, customer due diligence, enhanced due diligence,  beneficial ownership,” and suspicious activity monitoring and reporting. The order requires the bank to, among other things, maintain a compliance committee, develop a corporate governance program to ensure appropriate board oversight, establish a written strategic plan and conduct an internal audit to assess the sufficiency of the bank’s internal controls program, implement information technology governance and security programs, and adopt an automated clearing house risk management program. The bank is also required to appoint a BSA officer to ensure adherence to the bank’s BSA/AML internal controls, conduct a suspicious activity review lookback, implement a customer information program that is reasonably designed to identify and verify beneficial owners of legal entity customers, and develop and adopt a BSA/AML model risk management process.
Hsu presses for global supervision of crypto
On March 6, acting Comptroller of the Currency Michael J. Hsu commented that the collapse of a major cryptocurrency exchange has underscored a need for consolidated supervision of global cryptocurrency firms. Speaking before the Institute for International Banker’s Annual Washington Conference, Hsu offered thoughts on how to build and maintain trust in global banking. “To be trustworthy, global crypto firms need a lead regulator who has authority and responsibility over the enterprise as a whole,” Hsu said. “Until that is done, crypto firms with subsidiaries and operations in multiple jurisdictions will be able to arbitrage local regulations and potentially play shell games using inter-affiliate transactions to obfuscate and mask their true risk profile.” Hsu pointed out that in order to conduct business in the U.S. foreign banks must be supervised by a home country via “a lead regulator with visibility and authority over the entirety of the bank’s global activities.” In contrast, not a single crypto firm is currently subject to consolidated supervision, Hsu said.
Hsu drew comparisons between a now-defunct international bank that led to significant changes in how global banks are supervised and the collapsed crypto exchange, arguing that there are “striking similarities” between the two, including that both (i) “faced fragmented supervision by a combination of state, federal, and foreign authorities”; (ii) “lacked a lead or ‘home’ regulator with authority and responsibility for developing a consolidated and holistic view of the firms”; (iii) “operated across jurisdictions where there was no established framework for regulators to share information on the firms’ operations and risk controls”; and (iv) “used multiple auditors to ensure that no one could have a holistic view of their firms.” To close the gap in the crypto sector, Hsu said action “will have to take place outside of bank regulatory channels,” but noted that the Financial Stability Board and other international bodies have already “recognized the need for a comprehensive global supervisory and regulatory framework for crypto participants.”
Republican lawmakers ask about risks of customers’ digital assets on balance sheets
On March 2, Senator Cynthia M. Lummis (R-WY) and Representative Patrick McHenry (R-NC) sent a letter to the Federal Reserve Board, FDIC, OCC, and NCUA requesting input on SEC guidance issued last year that directs cryptocurrency firms to account for customers’ digital assets on their balance sheets. Last April, the SEC issued Staff Accounting Bulletin No. 121 (SAB 121), covering obligations for safeguarding crypto-assets held by entities for platform users. Among other things, SAB 121 clarified that entities should track customer assets as a liability on their balance sheets. “[A]s long as Entity A is responsible for safeguarding the crypto-assets held for its platform users, including maintaining the cryptographic key information necessary to access the crypto-assets, the staff believes that Entity A should present a liability on its balance sheet to reflect its obligation to safeguard the crypto-assets held for its platform users,” SAB 121 explained.
Claiming that SAB 121 “purports to require banks, credit unions and other financial institutions to effectively place digital assets on their balance sheets,” the lawmakers argued that this “would trigger a massive capital charge,” and in turn would likely prevent regulated entities from engaging in digital asset custody. Rather, regulators should encourage regulated financial institutions to offer digital asset services, since they are subject to the highest level of oversight, the letter said. Among other things, the letter asked the regulators whether the SEC contacted them prior to issuing the guidance, and if they have directed regulated financial institutions to comply with SAB 121. The lawmakers also inquired whether the regulators “agree that SAB 121 potentially weakens consumer protection by preventing well-regulated banks, credit unions, and other financial institutions from providing custodial services for digital assets[.]” The letter pointed to the bankruptcy case of a now-defunct crypto lender, which classified all customers as unsecured creditors, as an example of the legal risk of requiring customer custodial assets be placed on an entity’s balance sheet. “SAB 121 places customer assets at greater risk of loss if a custodian becomes insolvent or enters receivership, violating the SEC’s fundamental mission to protect customers,” the lawmakers wrote.
Agencies warn banks of crypto-asset liquidity risks
On February 23, the FDIC, Federal Reserve Board, and OCC released a joint statement addressing bank liquidity risks tied to crypto-assets. The agencies warned that using sources of funding from crypto-asset-related entities may expose banks to elevated liquidity risks “due to the unpredictability of the scale and timing of deposit inflows and outflows.” The agencies addressed concerns related to deposits placed by crypto-asset-related entities for the benefit of end customers where the deposits may be influenced by the customer’s behavior or crypto-asset sector vulnerabilities, rather than the crypto-asset-related entity itself, which is the bank’s direct counterparty. The agencies warned that the “uncertainty and resulting deposit volatility can be exacerbated by end customer confusion related to inaccurate or misleading representations of deposit insurance by a crypto-asset-related entity.” The agencies also addressed issues concerning deposits that constitute stablecoin-related reserves, explaining that the stability of these types of deposits may be dependent on several factors, including the “demand for stablecoins, the confidence of stablecoin holders in the stablecoin arrangement, and the stablecoin issuer’s reserve management practices,” and as such, may “be susceptible to large and rapid outflows stemming from, for example, unanticipated stablecoin redemptions or dislocations in crypto-asset markets.”
The agencies’ statement reminded banking organizations to apply effective risk management controls when handling crypto-related deposits, commensurate with the associated liquidity risk of those deposits. The statement suggested certain effective risk management practices, which include: (i) understanding the direct and indirect drivers of potential deposit behavior to ascertain which deposits are susceptible to volatility; (ii) assessing concentrations or interconnectedness across crypto deposits, as well as the associated liquidity risks; (iii) incorporating liquidity risks or funding volatility into contingency funding planning; and (iv) performing robust due diligence and ongoing monitoring of crypto-asset-related entities that establish deposit accounts to ensure representations about these types of deposit accounts are accurate. The agencies further emphasized that banks are required to comply with applicable laws and regulations, including brokered deposit rules, as applicable, and Call Report filing requirements. The joint statement also reminded banks that they “are neither prohibited nor discouraged from providing banking services to customers of any specific class or type, as permitted by law or regulation.”
As previously covered by InfoBytes, the agencies issued a statement in January highlighting key risks banks should consider when choosing to engage in cryptocurrency-related services.
Agencies propose Call Report revisions
On February 22, the FDIC, Federal Reserve Board, and the OCC announced the publication of a joint notice and request for comment proposing changes to three versions of the Call Report (FFIEC 031, FFIEC 041, and FFIEC 051), as well as changes to the Report of Assets and Liabilities of U.S. Branches and Agencies of Foreign Banks (FFIEC 002), as applicable. Section 604 of the Financial Services Regulatory Relief Act of 2006 mandates agency review of information collected in the Call Reports “to reduce or eliminate any requirement to file certain information or schedules if the continued collection of such information or schedules is no longer necessary or appropriate.” The proposed changes would eliminate and consolidate certain items in the Call Reports based on an evaluation of responses to a user survey addressing the Call Report schedules. The agencies are also requesting comments on certain technical clarifications made last year concerning the reporting of certain debt securities issued by Freddie Mac and proposed Call Report process revisions. The proposed changes if approved, will take effect as of the June 30, 2023, report date. Comments are due April 24.
OCC revises guidance on change in bank control
On February 16, the OCC released an updated version of the “Change in Bank Control” booklet of the Comptroller’s Licensing Manual. According to OCC Bulletin 2023-7, the revised licensing booklet—which outlines OCC policies and procedures regarding filings by persons who wish to acquire control of a national bank or federal savings association “through the purchase, assignment, transfer, pledge, exchange, succession, or other disposition of voting stock”—removes references to outdated guidance, provides current references to relevant guidance, and makes other minor modifications and corrections throughout. The booklet applies to all national banks, federal savings associations, and federal branches and agencies of foreign banking organizations.
Agencies reiterate illegality of appraisal discrimination
On February 14, CFPB Fair Lending Director Patrice Ficklin joined senior leaders from the FDIC, HUD, NCUA, Federal Reserve Board, DOJ, OCC, and FHFA in submitting a joint letter to The Appraisal Foundation (TAF) urging the organization to further revise its draft Ethics Rule for appraisers to include a detailed statement of federal prohibitions against discrimination under the Fair Housing Act (FHA) and ECOA.
This is the second time the agencies have raised concerns with TAF. As previously covered by InfoBytes, last February, the agencies sent a joint letter in response to a request for comments on proposed changes to the 2023 Appraisal Standards Board Ethics Rule and Advisory Opinion 16, in which they noted that while provisions prohibit an appraiser from relying on “unsupported conclusions relating to characteristics such as race, color, religion, national origin, sex, sexual orientation, gender, marital status, familial status, age, receipt of public assistance income, disability, or an unsupported conclusion that homogeneity of such characteristics is necessary to maximize value,” the “provisions do not prohibit an appraiser from relying on ‘supported conclusions’ based on such characteristics and, therefore, suggest that such reliance may be permissible.” The letter noted that the federal ban on discrimination under the FHA and ECOA is not limited only to “unsupported” conclusions, and that any discussions related to potential appraisal bias should be consistent with all applicable nondiscrimination laws.
In their second letter, the agencies said that the fourth draft removed a detailed, unambiguous summary covering nondiscrimination standards under the FHA and ECOA, and instead substituted “a distinction between unethical discrimination and unlawful discrimination.” The letter expressed concerns that the term “unethical discrimination” is not well established in current law or practice, and could lead to confusion in the appraisal industry. Moreover, the letter noted that “the term ‘ethical’ discrimination, and reference to the possibility of a protected characteristic being ‘essential to the assignment and necessary for credible assignment results,’ appears to resemble the concept of ‘supported’ discrimination that the agencies previously disfavored and whose removal and replacement with a summary of the relevant law significantly improved the draft Ethics Rule.” The agencies further cautioned that “[s]uggesting that appraisers avoid ‘bias, prejudice, or stereotype’ as general norms” would grant individual appraisers wide discretion in applying these norms and likely yield inconsistent results. The agencies advised TAF to provide a thorough explanation of these legal distinctions.
Agencies cite need to update bank merger evaluation framework
On February 10, OCC Senior Deputy Comptroller and Chief Counsel Ben W. McDonough spoke before the OCC Banker Merger Symposium about the future of bank merger policy. Acting Comptroller of the Currency Michael J. Hsu’s prepared remarks, which were delivered on his behalf by McDonough, stressed the need to update the framework used for analyzing bank mergers. Hsu commented that without necessary enhancements, “there is an increased risk of approving mergers that diminish competition, hurt communities, or present systemic risks,” but cautioned that imposing a moratorium on bank mergers would inhibit growth and improvements that could benefit communities and increase competition. Hsu observed that “many experts have raised questions about the ongoing suitability of the current bank merger standards at a time of intense technological and societal change.” He noted that federal bank regulators currently use the Herfindahl–Hirschman Index (HHI) to assess market concentration—which, while transparent, empirically proven, and efficient—may not be as relevant since the bank merger guidelines were last updated in 1995. Hsu reflected that HHI—which is based solely on deposits—may now be “a less effective predictor of competition across product lines” due to the offering of other banking products, including online and mobile banking. Hsu also said that “the current framework for assessing the financial stability risks of bank mergers bears examining,” as “there is a resolvability gap for large regional banks in that our resolution tools may not be up to the task.” Additionally, Hsu pointed out that it is also critical to analyze a merger’s effects on the communities a bank serves, and that assessing each bank’s Community Reinvestment Act performance and ratings are just a starting point.
Separately, Federal Reserve Governor Michelle W. Bowman touched upon the topic of bank mergers during a speech before the American Bankers Association Community Banking Conference. Bowman discussed topics related to the Fed’s independence in bank regulation, predictability in bank merger applications, and tailoring of regulations and supervision. Among other things, Bowman commented that while the bank merger review framework is the same for all applications, each case varies widely, which “necessitates an in-depth review of each transaction on its own merits.” According to Bowman, “these reviews are most effective when the expectations of the regulators are clear in advance and the parties can reasonably anticipate the application review process.” She pointed to a recent increase in average processing times in the merger review process and expressed concerns about how delays may lead to increased operation risk, as well as fears that “the increase in average processing times will become the new normal.” Bowman said she believes that transparency between regulators and applicants can help to ensure clear expectations about certain potential delays.
Agencies release hypothetical scenarios for 2023 bank stress tests
On February 9, the Federal Reserve Board and the OCC released hypothetical economic scenarios for use in the upcoming stress tests for covered institutions. The Fed released supervisory scenarios, which include baseline and severely adverse scenarios. According to the Fed, the stress test evaluates large banks’ resiliency by estimating losses, net revenue, and capital levels under hypothetical recession scenarios that extend two years into the future. The Fed’s stress test also features for the first time “an additional exploratory market shock to the trading books of the largest and most complex banks” to help the agency better assess the potential of multiple scenarios in order to capture a wider array of risks in future stress test exercises. The OCC also released the agency’s scenarios for covered banks and savings associations, which will be used during supervision and will assist in the assessment of a covered institution’s risk profile and capital adequacy.
- Keisha Whitehall Wolfe to discuss “Tips for successfully engaging your state regulator” at the MBA's State and Local Workshop
- Max Bonici to discuss “Enforcement risk and trends for crypto and digital assets (Part 2)” at ABA’s 2023 Business Law Section Hybrid Spring Meeting
- Jedd R. Bellman to present “An insider’s look at handling regulatory investigations” at the Maryland State Bar Association Legal Summit