InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OCC Releases Semiannual Risk Perspective Report
On December 16, the OCC released its Semiannual Risk Perspective report to provide an overview of supervisory concerns for the federal banking system, including operational and compliance risks. According to the report, which covers data through June 30, 2015, risks relating to strategic, compliance, and interest rates remain unchanged, but risks connected to underwriting and cybersecurity continue to grow. Notable findings in the report reveal that (i) the low interest rate environment has led banks to reevaluate risk tolerance and extend their reach for yield; and (ii) banks are responding to competitive pressures and growth objectives by adopting a more relaxed approach toward credit underwriting standards and practices, particularly in high-growth loan segments, such as indirect auto, commercial and industrial, and multifamily.
The report emphasizes cyber threats and Bank Secrecy Act (BSA) and anti-money laundering (ALM) risks as growing concerns, commenting that “[c]yber attacks against cybersecurity products and services further increase risk to banks because of the release or sale of malware and zero-day vulnerabilities,” and “BSA/AML risks remain high, as technological developments that benefit customers through enhanced products and greater access to financial services may be vulnerable to criminals who exploit such innovations.”
OCC Releases Quarterly Mortgage Metrics Report Showing Continued Improvement through Third Quarter of 2015
On December 14, the OCC released its quarterly Mortgage Metrics Report. The report shows continued improvement of the mortgage performance of first-lien mortgages during the third quarter of 2015. 93.9% of mortgages included in the report were current and performing at the end of the quarter, compared to last year’s 93%. In addition, 30 to 59 days past due mortgages made up 2.3% of the portfolio, representing a 4.4% decrease from a year earlier, and 60 or more days past due mortgages made up 2.6%, representing a 16.1% decrease. The report also highlights a decline in both foreclosure activity and the need for other loss mitigation actions. The OCC’s report reflects performance data on first-lien residential mortgages serviced by eight national banks maintaining large mortgage-servicing portfolios.
OCC Updates Risk Assessment Guidance
On December 3, the OCC revised its Comptroller’s Handbook to include updated guidance regarding its risk assessment system (RAS). The RAS guidance clarifies the relationship between RAS and the Uniform Financial Institutions Rating System known as CAMELS. In addition, the guidance revises the definition of banking risk and applies a single definition – “the potential that events will have an adverse effect on a bank’s current or projected financial condition and resilience” – to all categories. Finally, the guidance expands the quality of risk management assessment to include a category of “insufficient,” between the already existing categories of “satisfactory” and “weak,” and also expands the assessment of strategic and reputation risk to consider both quantity of risk and quality of risk management.
Agencies Announce Final EGRPRA Outreach Meeting
On November 13, the OCC, the FDIC, and the Federal Reserve announced that the final outreach meeting to review regulations under the Economic Growth and Regulatory Paperwork Reduction Act will be held on December 2 at the FDIC’s headquarters in Arlington, VA. In addition to panel presentations by bankers, consumer groups and community groups, the following persons are scheduled to attend the meeting: FDIC Chairman Martin J. Gruenberg; OCC Comptroller Thomas J. Curry; Federal Reserve Governor Daniel K. Tarullo; DC Department of Insurance, Securities and Banking’s Acting Commissioner, Stephen C. Taylor; and the Virginia Bureau of Financial Institution’s Commissioner, E. Joseph Face, Jr.
FFIEC Issues Joint Statement Regarding Cyber Attacks Involving Extortion
On November 3, the FFIEC issued a statement notifying financial institutions of the increasing frequency and severity of cyber attacks involving extortion. The joint statement urges financial institutions to take steps to ensure effective risk management programs, including but not limited to the following: (i) conducting ongoing information security risk assessments; (ii) performing security monitoring, prevention, and risk mitigation; (iii) implementing and regularly testing controls around critical systems; and (iv) participating in industry information-sharing forums. The statement identifies resources financial institutions can refer to for assistance in mitigating cyber attacks involving extortion.
The OCC also published a bulletin alerting all OCC-supervised institutions of the FFIEC’s joint statement.
OCC Updates Floor Plan Lending Guidance
On October 27, the OCC issued an updated Floor Plan Lending booklet of the Comptroller’s Handbook. The revised booklet (i) summarizes the basics of floor plan lending for examiners, including a description of indirect dealer lending and the regulatory and legal foundation for floor plan lending; (ii) provides banks with sound risk management practices and describes regulatory risk rating guidelines; and (iii) includes an expanded examination procedures section with examples of risk rating cases and factors for determining the quantity of credit risk and the quality of credit risk management. The updated booklet replaces a similarly titled booklet issued in March 1990, as well as section 216 of “Floor Plan and Indirect Lending” issued in January 1994 as part of the former Office of Thrift Supervision’s Examination Handbook.
Federal Banking Regulators Schedule EGRPRA Outreach Meeting in Chicago
On September 28, the Federal Reserve, the FDIC, and the OCC announced that the latest outreach meeting under the Economic Growth and Regulatory Paperwork Reduction Act (EGRPRA) will be held on October 10 in Chicago, Illinois. The meeting will feature panel presentations from industry insiders and consumer advocates. Senior officials from the Federal Reserve, OCC, and FDIC are also scheduled to attend. This meeting will be the fifth of six outreach meetings focused on identifying outdated or burdensome regulatory requirements imposed on financial institutions. The sixth and final meeting is expected to take place on December 2 in Washington, D.C. Previous InfoBytes coverage on EGRPRA can be found here.
Legislation Seeking Better Transparency in Federal Agency Settlements Passes Unanimously in U.S. Senate
On September 21, Senate Bill 1109, the Truth in Settlements Act, passed in the U.S. Senate with amendments by unanimous consent and has now been referred to the U.S. House of Representative’s Committee on Oversight and Government Reform for consideration. Originally introduced in January 2014 and sponsored by Elizabeth Warren (D-MA), the Truth in Settlements Act would require federal agencies to post online, in a searchable format, a list of each covered settlement agreement, criminal or civil, with payments totaling $1 million or more. The list would entail, among other things, (i) the names of the settling parties and the amount each must pay; (ii) a description of the claims each party settled; (iii) whether a portion of the settlement amount is tax-deductible; and (iv) any actions the settling parties must take under the settlement agreement in lieu of payment. If enacted, the bill would require agencies to publicly explain via written statement why confidentiality is justified for certain instances. The bill, co-sponsored by Senators James Lankford (R-OK) and Tammy Baldwin (D-WI), aims to provide greater transparency and oversight regarding settlements reached by federal enforcement agencies.
SCRA Compliance, Cybersecurity, and Responsible Innovation Remain Top Priorities at OCC
On August 31, Grovetta Gardineer, the OCC’s Deputy Comptroller for Compliance Operations and Policy, delivered remarks at the Association of Military Bankers of America annual workshop in Leesburg, VA. Throughout her presentation, Gardineer highlighted issues affecting financial institutions focused primarily on lending to servicemembers. Gardineer discussed the OCC’s ongoing efforts to identify and correct deficiencies within bank and thrift compliance practices and noted improved Servicemembers Civil Relief Act (“SCRA”) compliance by regulated institutions. Specifically, Gardineer observed that in 2014, the OCC cited sixty-five SCRA violations among large, midsized, and community institutions. For the first quarter of 2015, however, Gardineer reported that OCC examiners cited only seven SCRA violations. Gardineer also referenced recent amendments to the Military Lending Act (“MLA”) which expanded consumer protections to both open-end and closed-end consumer credit for servicemembers; she emphasized that banks should be proactive in updating their internal policies and procedures to reflect the MLA’s changes. Reiterating the OCC’s commitment to cybersecurity, Gardineer advised that OCC examiners intend to use the cybersecurity assessment tool “to supplement exam work to gain a more complete understanding of an institution’s inherent risk, risk management practices, and controls related to cybersecurity.” Finally, Gardineer discussed innovation within the industry, such as the emergence of various mobile payments transfer systems and peer-to-peer lending. She stressed that the OCC intends to facilitate a responsible regulatory environment that will encourage innovative financial products and services while also implementing regulations to ensure adequate consumer protections.
CFPB, FDIC, and OCC Order Large Financial Institution and Subsidiaries to Pay Nearly $40 Million for Deposit Discrepancies
On August 12, in coordinated enforcement actions, the CFPB, FDIC, and OCC ordered a large financial institution and two of its banking subsidiaries to pay nearly $40 million in fines and restitution for failing to credit consumers the full amounts of their deposited funds. The regulators allege that, from 2008 through 2013, the bank entities (i) failed to credit consumers the full amount of their deposits when the amount scanned on the deposit slip was less than the amount of the checks and cash deposited; and (ii) falsely claimed that they would verify the deposits. The CFPB consent order requires the bank entities to pay approximately $11 million in restitution and a $7.5 million civil money penalty. The FDIC order requires one of the banking subsidiaries to pay nearly $5.8 million in restitution and a $3 million civil money penalty, while the OCC consent order assessed a $10 million civil money penalty on the other banking subsidiary.