InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OCC Announces May 2017 Enforcement Actions
On June 16, the OCC released a list of new enforcement actions taken against national banks, federal savings associations, and former institution-affiliated parties as well as a list of existing enforcement actions that were terminated in May. The actions include cease and desist, civil money penalties (CMP), and removal/prohibition orders. Among the actions, a senior loan originator of an Illinois bank was ordered to cease and desist and pay a CMP of $8,000 due to breaches of fiduciary duty and unsafe or unsound practices involving the transfer via unencrypted email of confidential consumer financial information.
Senate Banking Committee Seeks Perspectives of Midsized, Regional, and Large Institutions, Regulators on Economic Growth
On June 15, the Senate Committee on Banking, Housing, and Urban Affairs (Committee) held a hearing entitled, “Fostering Economic Growth: Midsized, Regional and Large Institution Perspective”. This is the third in a series of hearings to address economic growth. Frequent topics of discussion in the hearing included stress testing and capital planning—specifically the Federal Reserve’s Comprehensive Capital Analysis and Review stress test. Also discussed was the Systemically Important Financial Institution designation and costs incurred as a result, as well as the Volcker Rule.
Sen. Mike Crapo (R-Idaho), Chairman of the Committee, remarked in his opening statement that the current regulatory framework is “insufficiently tailored for many of the firms subject to it.”
Sen. Sherrod Brown (D-Ohio) – ranking member of the Committee—released an opening statement in which he stated “Let me be clear: proposals to weaken oversight of the biggest banks have no place in this committee’s process. . . Having said that, I am optimistic that there is room for agreement on a modified regime for overseeing regional banks.”
The June 15 hearing—a video of which can be accessed here—included testimony from the following witnesses:
- Mr. Harris Simmons, Chief Executive Officer and Chairman of Zions Bancorporation, on behalf of the Regional Bank Coalition (prepared statement)
- Mr. Greg Baer, President of The Clearing House Association (prepared statement)
- Mr. Robert Hill, Chief Executive Officer of South State Corporation, on behalf of the Midsize Bank Coalition of America (prepared statement)
- Ms. Saule Omarova, Professor of Law at Cornell University Law School (prepared statement)
On June 22, the Senate Banking Committee held another hearing entitled “Fostering Economic Growth: Regulator Perspective, the fourth in its series of hearings focusing on economic growth. The hearing is available via webcast here.
OCC to Host Operational Risk Workshop, Will Hold Innovation "Office Hours"
On July 25, the OCC will host an operational risk workshop in Charleston, WV for directors of national community banks and federal savings associations supervised by the OCC. The workshop will focus on the key components of operational risk, governance, third-party risk, vendor management, and cybersecurity.
Additionally, on July 24 through the 26, the OCC’s Office of Innovation will hold “Office Hours” in New York City for national banks, federal savings associations, and fintech companies to provide an opportunity for attendees to discuss matters related to financial technology, new products and services, bank or fintech partnerships, as well as other items related to financial innovation. Meeting requests are due by July 5.
OCC, Fed Supervisory Guidance on Model Risk Management Followed by FDIC
On June 7, the FDIC issued Financial Institution Letter FIL-22-2017 announcing that, in order to provide consistency across institutions and agencies, it is adopting the 2011 model risk management supervisory guidance that was issued by the Federal Reserve (SR 11-7 ) and the OCC (OCC Bulletin 2011-12) thereby making the guidance applicable to certain FDIC-supervised institutions, namely those with $1 billion or more in total assets. The FDIC guidance defines the term “model” as “a quantitative method, system, or approach that applies statistical, economic, financial, or mathematical theories, techniques, and assumptions to process input data into quantitative estimates.” The FDIC indicated that banks’ heavy reliance on models in financial decision-making can come with costs, especially when the decisions are “based on models that are incorrect or misused.”
According to the FIL, the guidance contains “technical conforming changes” that make it relevant to institutions that are regulated by the FDIC, such as a “revised definition of 'banks' to reflect the FDIC's supervisory authority.”
Among other things, the FIL highlights that an effective model risk management framework should include the following:
- “disciplined and knowledgeable development that is well documented and conceptually sound”;
- “controls to ensure proper implementation”;
- “processes to ensure correct and appropriate use”;
- “effective validation processes”; and
- “strong governance, policies, and controls.”
For institutions with assets totaling less than $1 billion, the guidance will only apply in certain circumstances, such as when “the institution's model use is significant, complex, or poses elevated risk to the institution.”
House Subcommittee on Digital Commerce and Consumer Protection Holds Hearing to Discuss Consumer Fintech Needs
On June 8, the House Energy and Commerce Committee’s Subcommittee on Digital Commerce and Consumer Protection held a hearing to discuss financial products and services offered by the fintech industry to meet consumer needs. (See previous InfoBytes coverage here.) Committee Chairman Rep. Bob Latta (R-Ohio) opened the hearing asserting, “There are serious opportunities for companies to reach consumers with new products to help them create a rainy-day fund for the first time, pay their mortgage securely, rebuild their credit, budget and manage multiple income streams, and invest their earnings . . . Cybersecurity [specifically] is an ongoing challenge, and one the Energy and Commerce Committee is tackling head on.” The June 8 hearing included testimony and recommendations from the following witnesses:
- Ms. Jeanne Hogarth, Vice President at Center for Financial Services Innovation (CFSI) (statement). Hogarth stated that nearly three out of five American face financial health struggles and spoke about challenges fintech entrepreneurs may face when trying to help consumers, such as (i) “facilitat[ing] interstate and regulatory comity that enables consumers to access and use fintech products and service that promote financial health”; (ii) “support[ing] consumers’ access to their own data”; and (iii) “creat[ing] opportunities for pilot testing of both financial products and services and financial services regulations.” Hogath also detailed CFSI’s Financial Solutions Lab, which identifies financial health challenges faced by consumers and encourages companies to develop ways to address these issues.
- Mr. Javier Saade, Managing Director at Fenway Summer Ventures (statement). Saade—whose venture capital firm backs emerging fintech companies—stressed the importance of understanding and mitigating associated risks as financial innovation continues to expand. Growth is supported and encouraged, he noted, provided entrepreneurs understand that the “’fail fast and often’ approach, typical of tech-driven startups in other sectors, may not be well suited for the financial services industry.” Furthermore, Saade stated that because “nearly 30 million U.S. households either have no access to financial products or obtain products outside of the banking system . . . even modest strides in achieving economic inclusion present the single largest addressable opportunity in fintech.”
- Ms. Christina Tetreault, Staff Attorney at Consumer Union (statement). Tetreault, speaking on behalf of Consumer Union (the policy division of Consumer Reports), stated that while financial technology such as virtual currencies, digital cash, and distributed ledgers have the “potential to increase consumer access to safe financial products and return a measure of control to consumers,” safeguards devised between lawmakers and providers must be implemented with appropriate federal and state financial regulator oversight.
- Mr. Peter Van Valkenburgh, Research Director at Coin Center (statement). Coin Center is a non-profit organization, which focuses on “public policy ramifications of digital currencies and open blockchain networks.” Van Valkenburgh emphasized the need for Congress to (i) create a nationwide federal money transmission license as an alternative to “state by state licensing,” which, in his opinion, emphasizes the needs of individual states rather than addressing the health and risk profile as a whole; and (ii) create a federal safe harbor to “protect Americans developing open blockchain infrastructure.” Van Valkenburgh also encouraged the Office of the Comptroller of the Currency to establish federal “fintech charters” to promote a unified approach to regulating blockchain companies.
Special Alert: OCC Issues Supplement to Third-Party Oversight Guidance, Emphasizes Bank Responsibilities in Managing Risks in Fintech Relationships
On June 7, the Office of the Comptroller of the Currency (OCC) issued Bulletin 2017-21 as a supplement to Bulletin 2013-29, the OCC’s 2013 risk management guidance related to third-party relationships. The OCC’s latest release answers 14 frequently asked questions (FAQs) and marks the second supplement issued this year to Bulletin 2013-29. Previously, on January 24, 2017, the OCC issued Bulletin 2017-7 to advise national banks, federal savings associations, and technology service providers of examination procedures the OCC would follow during supervisory examinations.
As previously summarized in Buckley Sandler’s Special Alert, Bulletin 2013-29 requires banks and federal savings associations (collectively “banks”) to provide comprehensive oversight of third parties, and warns that failure to have in place an effective risk management process commensurate with the risk and complexity of a bank’s third-party relationships “may be an unsafe and unsound banking practice.” Bulletin 2013-29 outlined a “life cycle” approach and provided detailed descriptions of steps that a bank should consider taking at five important stages of third-party relationships: (i) planning; (ii) due diligence and third-party selection; (iii) contract negotiation; (iv) ongoing monitoring; and (v) termination. Consistent with the life cycle approach established in Bulletin 2013-29, the examination procedures set forth in Bulletin 2017-7 identify steps examiners should take in requesting information relevant to assessing the banks’ third-party relationship risk management at each phase of the life cycle.***
Click here to read full special alert.If you have questions about the ruling or other related issues, visit our Vendor Management and FinTech practice pages for more information, or contact a Buckley Sandler attorney with whom you have worked in the past.
OCC Supplement Answers Frequently Asked Questions Covering Third-Party Relationships: Risk Management Guidance
On June 7, the OCC released Bulletin 2017-21, which provides answers to frequently asked questions from national banks and federal saving associations concerning third-party procedure guidance. The Bulletin, issued to supplement Bulletin 2013-29, “Third-Party Relationships: Risk Management Guidance” released October 30, 2013, highlights the OCC’s responses to the following topics:
- defines third-party relationships and provides guidance on conducting due diligence and ongoing monitoring of service providers;
- provides insight on how to adjust risk management practices specific to each relationship;
- discusses ways to structure third-party risk management processes;
- discusses advantages and disadvantages to collaboration between multiple banks when managing third-party relationships;
- outlines bank-specific requirements when using collaborative arrangements;
- provides information-sharing forums that offer resources to help banks monitor cyber threats;
- discusses how to determine whether a fintech relationships is a “critical activity” and covers risks associated with engaging a start-up fintech company;
- addresses ways in which banks and fintech companies can partner together to serve underbanked populations;
- covers criteria to consider when entering into a marketplace lending arrangement with a nonbank entity;
- clarifies whether OCC Bulletin 2013-29 applies when a bank engages a third-party to provide mobile payments options to consumers;
- outlines the OCC’s compliance management requirements;
- discusses banks’ rights to access interagency technology service provider reports; and
- answers whether a bank can rely on the accuracy of a third-party’s risk management report.
As previously covered in InfoBytes, the OCC released a supplement (Bulletin 2017-7) to Bulletin 2013-29 in January of this year identifying steps prudential bank examiners should take when assessing banks’ third-party relationship risks.
OCC Issues Updated Procedures for Termination of Federal Charters
On June 7, the OCC released Bulletin OCC 2017-20 announcing a revised booklet covering termination of federal bank charters. The booklet, part of its Comptroller’s Licensing Manual, replaces “Termination of National Bank Status,” issued in April, 1998, and applies to all national banks and federal savings associations. According to the Bulletin, these are the highlights of the revised booklet:
- “provides an overview of policy considerations and evaluative factors that the OCC considers when reviewing notices to terminate a bank”;
- “outlines requirements and procedures that a bank should follow when completing the process to terminate, either through a merger, conversion, or liquidation, including completing related filings and notices”;
- “lists references and links to informational resources, sample forms, and documents that a bank may find useful during the termination process”;
- “incorporates revised regulatory requirements for terminating a bank.”
Updates include termination procedures and requirements from after July, 21 2011, when the Office of Thrift Supervision and the OCC were integrated.
OCC, Federal Reserve Issue Flood Insurance Violations; Reauthorization of National Flood Insurance Program Discussions Continue
During the month of May, the OCC and the Board of Governors of the Federal Reserve (Board) took action against certain banks for violations of the Flood Disaster Protection Act (FDPA) and National Flood Insurance Act (NFIA). Concurrently, House Financial Services Subcommittee Republicans circulated a package of draft legislation to reform and reauthorize the National Flood Insurance Program (NFIP), which expires at the end of September.
OCC Action. On May 19, as part of its monthly listing of enforcement actions taken against national banks, federal savings associations, and former institution-affiliated parties, the OCC announced that it had fined a Texas-based federal savings association $87,500 in April for violations of the FDPA. According to the consent order, the bank allegedly failed to “ensure the timely notification and force-placement of the requisite amounts of flood insurance on property securing loans in a special flood hazard area in which flood insurance is available under the NFIA.”
Federal Reserve Action. On May 25, the Board announced an enforcement action against a Georgia-based bank for violations of the NFIA. Although the consent order fines the bank $1.5 million, it does not specify how many violations there were or what they related to. However, the maximum civil money penalty under that law is $2,000 per violation. The NFIA has a number of requirements for banks, which include ensuring that a borrower has adequate flood insurance before originating a loan for a property in a special flood hazard area and providing notice to the borrower in a reasonable time before closing that they are required to have flood insurance.
National Flood Insurance Program Discussion. As previously covered in InfoBytes, several committees—including the Senate Committee on Banking, Housing, and Urban Affairs and the House Financial Services Committee—are discussing the reauthorization of the NFIP. On May 25, Rep. Sean Duffy (R-Wis.), Chairman of the House Financial Services Subcommittee, issued a series of reauthorization discussion drafts and summaries. The six bills (see below) included in the package would (i) reauthorize the NFIP for five years; (ii) limit annual premium increases; (iii) authorize states to voluntary create flood insurance affordability programs; (iv) eliminate the mandatory purchase requirement for commercial properties; (v) establish a private market for flood insurance; (vi) reform the flood zone mapping process to increase accuracy and fairness in mapping; (vii) require covered flood prone areas to develop plans to mitigate flood risks if they have repeated structure losses; and (viii) address fraud in the claims process.
- National Flood Insurance Program Policyholder Protection and Information Act of 2017—Discussion Draft and Summary;
- Private Flood Insurance Market Development Act of 2017—Discussion Draft and Summary;
- National Flood Insurance Program Mapping Fairness Act of 2017—Discussion Draft and Summary;
- Flood Risk Mitigation Act of 2017—Discussion Draft and Summary;
- National Flood Insurance Program Integrity Improvement Act of 2017—Discussion Draft and Summary; and
- National Flood Insurance Program Administrative Reform Act of 2017—Discussion Draft and Summary.
Duffy noted, “We’re releasing this discussion draft so that all sides can continue to provide input into protecting the program integrity of the NFIP.” He added, “The ideas stemming from this open process will ensure that everyone who needs flood insurance will have access to it while ensuring that the NFIP does not fall further into debt.”
Financial Agencies Issue Advisory Addressing Appraiser Availability
On May 31, the FDIC, the Board of Governors of the Federal Reserve, the OCC, and the NCUA issued FIL-19-2017 to discuss two possible methods for addressing appraiser shortages: (i) temporary practice permits and (ii) temporary waivers. The resulting Interagency Advisory addresses concerns raised pursuant to the Economic Growth and Regulatory Paperwork Reduction Act process regarding the shortage of certified and licensed appraisers, particularly in rural areas. The advisory states that “[t]emporary practice permits could allow state certified or licensed appraisers to provide their services in states where they are not certified or licensed, including those experiencing a shortage of appraisers.” The advisory further states that temporary waivers may also be granted thus improving the timeliness of appraisals in those areas. The advisory applies to all FDIC-supervised institutions.