Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • BAFT Issues Comments on Proposed AML/CFT Guidance Revisions

    Financial Crimes

    On February 22, the Bankers Association for Finance and Trade (BAFT), an international financial services association for organizations engaged in international transaction banking, together with the Institute of International Finance (IIF) issued a letter to the Basel Committee on Banking Supervision (BCBS) with comments on BCBS’ proposed revisions to its risk management guidance related to anti-money laundering and counter-terrorism financing. In the letter, BAFT and IFF note that, while both associations are “particularly pleased with [BCBS’] recognition that not all correspondent banking relationships bear the same level of risk and [BCBS’] acknowledgment of the difference between inherent and residual risk,” they do summarize several areas where enhancements would assist with the “general usefulness” of the final guidance:

    • BCBS should “design guidance that explicitly permits a correspondent bank to rely upon appropriate utilities for the vast majority of cases rather than simply permitting a correspondent bank to use a utility as another source of information supporting the due diligence process” with the purpose of “establishing international standards or sound practices for such utilities to create greater assurance of achieving official ALM/CFT goals.”
    • BCBS should adopt “regulatory practices [that] include standards for ‘verification’ that national authorities could administer or supervise.”

    The “[s]tandardization of information requirements (or templates) for utilities could also be extended to include [the] international standardization of basic due diligence information and ‘enhanced due diligence’ information for higher-risk relationships.” A “basic standardization would give both parties a ground of expectations to build upon in making judgments about how to do business. It could [also] eliminate a degree of unnecessary duplication of effort and costs.”

    Financial Crimes Agency Rule-Making & Guidance International BAFT BCBS IIF Risk Management Anti-Money Laundering Combating the Financing of Terrorism

  • IRS Releases Annual Criminal Investigations Report for FY2016

    Financial Crimes

    On February 27, the IRS announced the release of its Annual Criminal Investigation Report (“Report”), discussing the significant accomplishments and criminal enforcement actions taken by the IRS in fiscal year 2016. Highlights in the Report include case examples on a range of matters, including money laundering, public corruption, terrorist financing and narcotics trafficking financial crimes, as well as a discussion of a drop in the number of agents and professional staff at the IRS, and a drop in the total number cases brought for the third consecutive year.

    Financial Crimes IRS Anti-Money Laundering

  • D.C. Circuit: Investors Can’t Challenge Agreement Distributing Fannie/Freddie Net Worth to Treasury

    Courts

    On February 21, the U.S. Court of Appeals for the District of Columbia Circuit held that stockholders of Fannie Mae and Freddie Mac (the Companies) could not challenge dividend-allocating terms that FHFA negotiated on behalf of the Companies because the Housing and Economic Recovery Act (HERA) strictly limits judicial review of actions authorized thereunder. Perry Capital LLC v. Mnuchin, No. 14-5243, 2017 WL 677589 (D.C. Cir. Feb. 21, 2017).

    In 2008, Fannie and Freddie were placed into conservatorship with FHFA, which then entered into a stock purchase agreement with Treasury to obtain emergency capital for Fannie and Freddie. In exchange, Treasury received preferred shares of stock from Fannie and Freddie that provided for a quarterly dividend of 10 percent of the total funds drawn from Treasury. After Fannie and Freddie began routinely borrowing from Treasury to pay the dividends, FHFA and Treasury amended the stock purchase agreement in 2012 so that repayment would be based on the Companies’ profits rather than mandatory dividends. The stockholder-plaintiffs in this action sought to challenge the 2012 amendment–in particular, arguing that the 2012 amendment exceeded the authority granted to FHFA under HERA and constituted “arbitrary and capricious conduct” in violation of the Administrative Procedure Act. One class of stockholders also argued that the amendment constituted a breach of fiduciary duty and certain terms and covenants of the Companies’ stock certificates. The district court had dismissed both complaints on the motions of FHFA and Treasury.

    The D.C. Circuit opinion noted that Section 4617(f) of HERA expressly states that “no court may take any action to restrain or affect the exercise of powers or functions of the Agency as a conservator or a receiver.” The court interpreted this language to prohibit any court from “wielding [its] equitable relief to second-guess either the dividend-allocating terms . . . or FHFA’s business judgment.” And although an exception to this bar on judicial review has been recognized where an agency is found to have exceeded or violated its statutory powers or functions, the court determined that FHFA’s actions were within its statutory powers or functions.

    Although the majority of the stockholders’ claims were rejected, the stockholders’ contract-based claims regarding liquidation preferences and dividend rights were remanded to the district court for further proceedings.

    Courts Banking Fannie Mae FHFA Freddie Mac HERA Department of Treasury

  • GOP Lawmakers Reintroduce House Version of the “TAILOR” Act

    Federal Issues

    On February 22, Congressman Scott Tipton (R-CO) and eight GOP cosponsors reintroduced the Taking Account of Institutions with Low Operation Risk (TAILOR) Act (H.R. 1116), a bill intended to “provide smaller community banks and credit unions relief from onerous regulatory compliance burdens” by “requiring federal regulatory agencies to tailor regulations to fit the business model and risk profile of institutions instead of imposing one-size-fits-all mandates across the board.” According to Rep. Tipton, the various provisions contained within the measure are ultimately intended to provide a means of reducing “often unworkable” compliance costs that community and independent banks and credit unions face when forced to adhere to "regulations designed and intended for big banks.” 

    In a February 17 press release, the American Bankers Association (ABA) “strongly supported” the bill, which it anticipates would effectively “address the huge flow of new regulations that have made it more difficult for banks to meet the needs of consumers and small businesses as well as local and regional economies.”

    The TAILOR Act received bipartisan support when it was previously introduced before the 114th Congress. The June 2015 version of the bill—which was substantially similar to the current iteration—received bipartisan support and was twice approved by the House Financial Services Committee. And, as previously covered on InfoBytes, a companion Senate-version of the TAILOR Act (S. 366) was introduced earlier this month by Sen. Mike Rounds (R-SD).

    Federal Issues Agency Rule-Making & Guidance ABA Congress House Financial Services Committee TAILOR Act

  • FTC Reaches Settlement in Mortgage Relief Scheme with Final Defendant

    Courts

    On February 23, the FTC announced that it had reached a settlement with the final defendant facing charges originally brought against six mortgage relief operations in 2014. The FTC had alleged that the defendants preyed on distressed homeowners by claiming to be able to lower mortgage payments and interest rates or prevent foreclosures, while illegally charging advance fees. The stipulated order requires the defendant to pay $105,487, which represents the amount of money he received from the scam, and imposes a total judgment of more than $1.7 million which will become due immediately if it is found that the defendant misrepresented his finances. The defendant was also banned from the mortgage and debt relief business. Certain other defendants reached settlements in 2016, which, in addition to imposing a judgment of more than $1.7 million, also prohibited them from participating in the mortgage and debt relief business.

    Courts Lending FTC Mortgage Fraud

  • FinCEN Renews GTOs for Title Insurance Companies in Six Major Metropolitan Areas Upon Finding that GTOs Provide ‘Valuable Data’

    Agency Rule-Making & Guidance

    On February 23, the Financial Crimes Enforcement Network (FinCEN) announced the renewal of its existing GTOs Geographic Targeting Orders (GTOs), each of which temporarily require U.S. title insurance companies to identify the natural persons behind shell companies used to pay “all cash” for high-end residential real estate in six major metropolitan areas. Generally, the GTOs require all title insurance companies in the targeted cities to file a FinCEN Form 8300 within 30 days of closing a covered transaction, identifying the buyer, any beneficial owner of the buyer, and the individual primarily responsible for representing the buyer in an “all-cash” purchase of high-end residential real estate. Covered businesses must also retain their records for at least five years after the GTO expires.   

    Notably, the decision to continue the GTO program for another 180 days—beginning on February 24, 2017—was based largely on FinCEN’s finding that the first GTOs issued back in July are producing “valuable data” that is assisting both law enforcement and FinCEN’s efforts to address money laundering through real estate transactions. Nearly one-third of the targeted transactions covered by the July GTOs ended up involving a beneficial owner or representative who is already the subject of a previous suspicious activity report. The results appear to validate the concerns underlying FinCEN’s rationale for issuing GTOs in the first place, namely the use of shell companies to buy luxury real estate in all-cash transactions. 

    The targeted geographic areas and corresponding closing price thresholds include: (i) Manhattan ($3 million) and all other boroughs of New York City ($1.5 million); (ii) Miami-Dade, Broward, and Palm Beach counties ($1 million); (iii) Los Angeles County ($2 million); (iv) San Francisco, San Mateo, and Santa Clara counties ($2 million); (v) San Diego County ($2 million); and (vi) Bexar County, Texas, which includes San Antonio ($500,000). In targeting the above-listed metropolitan areas, FinCEN clarified that “GTOs do not imply any derogatory finding by FinCEN with respect to the covered companies.” Rather, as explained by FinCEN Acting Director Jamal El-Hindi, “Money laundering and illicit financial flows involving the real estate sector is something that we have been taking on in steps to ensure that we continue to build an efficient and effective regulatory approach.”

    For additional information concerning GTO compliance, FAQs released by FinCEN in August 2016 are available here.

    Agency Rule-Making & Guidance Financial Crimes FinCEN GTO Title Insurance

  • Industry Groups Submit Letters in Response to CFPB’s Request for Input on Comment Letter

    Consumer Finance

    As previously covered in InfoBytes, on November 17 the CFPB launched an inquiry into the benefits and risks associated with consumers authorizing third-parties to access their financial and account information held by financial service providers. In response to the Bureau’s Request for Information (Dkt No. CFPB-2016-0048), consumer and industry groups have offered their thoughts and positions concerning the issue. A summary of several comment letters is included below:

    American Bankers Association (ABA). The ABA submitted a comment letter in which it noted that “technology is fundamentally changing the way financial services are being delivered,” but urged the CFPB, subject to certain enumerated regulatory limitations, to “fairly address[] both the opportunities and risks” in order to “give consumers innovative services that they can trust.” Among other things, the ABA discussed the need for the Bureau to clarify data aggregator responsibility for maintaining the privacy and security of consumer financial data. Specifically, the ABA recommended that the CFPB: (i) impose breach notification obligations; (ii) confirm liability assignments under Regulation E; (iii) subject larger data aggregators to supervisory oversight; and (iv) educate consumers about the choices, responsibilities, and risks presented.

    Financial Services Roundtable (FSR). FSR and its technology policy division responded with a letter highlighting the importance of innovation and collaboration and outlining five core elements the group believes should be considered in assessing this "evolving ecosystem." These elements are: (i) security and privacy; (ii) data access and use transparency; (iii) clarity of liability; (iv) customer choice and control; and (v) technology neutrality. FSR also encouraged the CFPB to avoid unnecessary rulemaking or standard-setting that would “blunt innovation.”

    Independent Community Bankers of America (ICBA). The ICBA urged the CFPB, subject to certain enumerated regulatory limitations, to carefully consider the privacy, regulatory burden, data security, and legal implications posed by third-party account access. Among other things, the ICBA expressed concern that “non-bank entities” do not take the same care in protecting consumer privacy and data as community banks and stated that community banks “must be able to protect customer data without having to meet new regulatory mandates which increase the risk of breach and/or consumer loss.” ICBA’s letter also stated that consumers’ rights to have access to their own information should be balanced with ensuring that consumer privacy is not needlessly threatened.

    Americans for Financial Reform (AFR). AFR and a coalition of consumer groups set forth the organizations’ position that “the digital economy should ensure consumers can access and use records about themselves, and that consumers can choose to authorize third-parties to access such data on their behalf to support their financial health and facilitate competition among financial services providers.” Among other things, the letter stressed the need for “standards to enforce compliance with Section 1033 to benefit consumers who utilize online data aggregation and other applications.” Additionally, the letter urged the CFPB to confirm that consumers “retain their legal protections vis-a-vis account-holding institutions if unauthorized charges are made to their accounts when they use data aggregation services.”

    Financial Innovation Now (FIN). FIN expressed the organization’s belief that regulation of permissioned access to consumer financial account data is “not necessary at this time.” Rather, FIN argued for “standards for permissioned access to consumer financial account data,” which could be “developed by industry, regularly reviewed and updated.” Ultimately, FIN pushed for consumer access to consumer financial account data “securely and easily, using whatever secure application or technology they wish, without charges or restrictions that unreasonably favor any one application or technology over another.”

    Consumer Finance Privacy/Cyber Risk & Data Security CFPB

  • CFPB Will Renew Four Advisory Councils

    Agency Rule-Making & Guidance

    On February 23, the CFPB published four notices in the Federal Register to renew three advisory councils and one advisory board for an additional two year period, covering the Academic Research Council, Community Banker Advisory Council, Consumer Advisory Board, and Credit Union Advisory Council. According to each respective notice, these entities have been reestablished for the purposes of providing information and recommendations in accordance with provisions of the Federal Advisory Committee Act. Each notice is effective as of its publication date and charters filed for each entity are set to expire two years after the filing date unless renewed again.

    • The Academic Research Council provides the CFPB’s Office of Research with “advice and feedback on research methodologies, framing research questions, data collection, and analytic strategies.”
    • The Community Banker Advisory Council provides information and recommendations concerning the Bureau’s exercise of its authority under the federal consumer financial laws “as they pertain to banks or thrifts with total assets of $10 billion or less.”
    • The Consumer Advisory Board provides information and recommendations concerning the Bureau’s policy development, rulemaking, and enforcement functions, including on “emerging practices in the consumer financial products or services industry, including regional trends, concerns, and other relevant information.”
    • The Credit Union Advisory Council provides information and recommendations concerning the “Bureau’s policy development, rulemaking, and engagement functions as they relate to credit unions.”

    Agency Rule-Making & Guidance Consumer Finance Advisory Board Advisory Council CFPB Federal Register

  • DOJ Fraud Section Unveils New Guidelines on Corporate Compliance Programs

    Financial Crimes

    The DOJ’s Fraud Section recently published an “Evaluation of Corporate Compliance Programs.”  The guidelines were released on February 8 without a formal announcement.  Their stated purpose is to provide a list of “some important topics and sample questions that the Fraud Section has frequently found relevant in evaluating a corporate compliance program.”  The guidelines are divided into 11 broad topics that include dozens of questions.  The topics are:

    1. Analysis and Remediation of Underlying Conduct
    2. Senior and Middle Management
    3. Autonomy and Resources
    4. Policies and Procedures
    5. Risk Assessment
    6. Training and Communications
    7. Confidential Reporting and Investigation
    8. Incentives and Disciplinary Measures
    9. Continuous Improvement, Periodic Testing and Review
    10. Third Party Management
    11. Mergers & Acquisitions

    According to the Fraud Section, many of the topics also appear in, among other sources, the United States Attorney’s Manual, United States Sentencing Guidelines, and FCPA Resource Guide published in November 2012 by the DOJ and SEC.  While the content of the guidelines is not particularly groundbreaking, it is nonetheless noteworthy as the first formal guidance issued by the Fraud Section under the Trump administration and new Attorney General Jeff Sessions.  By consolidating in one source and making transparent at least some of the factors that the Fraud Section considers when weighing the adequacy of a compliance program, the guidelines are a useful tool for companies and their compliance officers to understand how the Fraud Section and others at the DOJ may proceed in the coming months and years. 

    However, while the guidelines may give some indication of what the DOJ views as a best practices compliance program, they caution that the Fraud Section “does not use any rigid formula to assess the effectiveness of corporate compliance programs,” recognizes that “each company’s risk profile and solutions to reduce its risks warrant particularized evaluation,” and makes “an individualized determination in each case.”

    Financial Crimes Federal Issues Securities DOJ SEC

  • NYDFS Landmark Cybersecurity Rule Set to Take Effect on March 1

    State Issues

    On February 16, New York Governor Andrew Cuomo announced that with the New York Department of Financial Services’ (NYDFS) publication of a Final Regulation, New York’s “First-in-the-Nation Cybersecurity Regulation” is set to take effect on March 1.  As discussed previously in InfoBytes, the regulation—which requires banks, insurance companies, and other financial services institutions regulated by NYDFS to establish and maintain a cybersecurity program designed to protect consumers’ private data—imposes broad and, in some cases proscriptive, data security and cybersecurity requirements on Covered Entities that venture into new territory for both state and federal financial regulators. Indeed, as described by Governor Cuomo, the regulation reflects New York’s efforts to “lead[] the nation” through “decisive action to protect consumers and our financial system from serious economic harm that is often perpetrated by state-sponsored organizations, global terrorist networks, and other criminal enterprises.”  

    Moreover, as detailed in a follow-up InfoBytes Special Alert, NYDFS issued a updated proposed regulation on December 28 in response to over 150 comments and testimony presented at a hearing before New York State lawmakers. Though the updated proposed regulation did not differ drastically from the original, the revised proposed regulation provided for somewhat greater flexibility in how covered entities could go about implementing the requirements. Among other things, the December 28 revisions provided for: (i) longer timeframes for compliance with its requirements; (ii) more flexibility for compliance with certain requirements and acknowledgement that some requirements may not be applicable to all financial institutions; and (iii) clarifications to certain key definitions.

    The newly released Final Regulation retains the revisions incorporated in the December 28 revision, but also contains the following notable revisions:

    • Record retention requirements for audit trail materials relating to Cybersecurity Events were reduced from five years to three years.
    • Clarification that Covered Entities’ policies and procedures for reporting by Third Party Service Providers of Cybersecurity Events only apply to the Covered Entity’s Nonpublic Information.
    • The limited exemption for small businesses to certain requirements of the rule has been narrowed by including a Covered Entity’s New York affiliates when calculating its number of employees and annual revenue.
    • Further clarification on the exemptions for companies regulated under New York’s Insurance Law.

    With the expiration of the 30-day comment period and the publication of the Final Rule, New York’s Cybersecurity regulation is officially cleared to become effective upon publication in the New York State Register on March 1.

    InfoBytes will continue to monitor the rollout of this pioneering regulation as it progresses.

    State Issues Agency Rule-Making & Guidance Bank Regulatory NYDFS Privacy/Cyber Risk & Data Security Vendor Management 23 NYCRR Part 500

Pages

Upcoming Events