InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FinCEN Issues Advisories Regarding Anti-Money Laundering and Counter-Terrorist Financing Risks Identified by FATF
Recently, FinCEN published Advisory FIN-2012-A012, which informs financial institutions operating in the United States about certain money laundering and terrorist financing risks identified by the intergovernmental Financial Action Task Force (FATF). On October 19, 2012, the FATF called on its members to apply counter-measures to protect the international financial system from the on-going and substantial money laundering and terrorist financing risks emanating from Iran and the Democratic People’s Republic of Korea. The FATF announcement also detailed anti-money laundering and counter-terrorist financing deficiencies in 17 jurisdictions that have not made sufficient progress in addressing the deficiencies or have not committed to an action plan to address the deficiencies. The FATF called for enhanced due diligence to address risks arising from the deficiencies associated with each jurisdiction. FinCEN separately published Advisory FIN-2012-A011 to advise institutions of an FATF statement regarding 22 jurisdictions with strategic deficiencies in their anti-money laundering and counter-terrorist financing, but for which each jurisdiction has provided a high-level political commitment to address the strategic AML/CFT deficiencies.
California Cautions Lenders Regarding Vendor Vetting and Management
On December 5, the California Department of Corporations issued Bulletin No: 001-12 to caution lenders and other institutions about the vetting and management of third-party service providers. The bulletin explains that in response to guidance from the CFPB earlier this year regarding supervision of vendors, third-party risk management companies have emerged to pre-screen potential vendors for bank and nonbank financial service providers. The bulletin generally advises lenders to be cautious about delegating vendor vetting to third-parties and mindful of their ultimate responsibilities for such vendors. The bulletin specifically (i) reminds escrow agents of the prohibition in California Financial Code section 17420 against the payment of referral fees for soliciting escrow accounts, (ii) advises lenders that mandating the use of a particular service provider on a third-party risk management company’s list, or prohibiting the use of a service provider not appearing on such list, may be violating the California Buyer’s Choice Act, and (iii) highlights potential RESPA violations and unfair business practices.
Sixth Circuit Affirms Dismissal of Suit Challenging MBS Ratings by Major Credit Reporting Agencies
On December 3, the U.S. Court of Appeals for the Sixth Circuit affirmed the dismissal of claims brought by Ohio public employee pension funds against major credit-rating agencies related to the sale of mortgage-backed securities. Ohio Police & Fire Pension Fund v. Standard & Poor’s Financial Services LLC, No. 11-4203, 2012 WL 5990337 (6th Cir. Dec. 3, 2012). The pension funds claim to have suffered estimated losses of $457 million from investments in MBS made between 2005 and 2008 allegedly caused by their reasonable reliance on the agencies’ false and misleading MBS ratings. The court affirmed the district court’s dismissal and held that the funds’ allegations lacked the requisite specificity to establish either a violation of Ohio’s “blue sky” laws or common-law negligent misrepresentation. Because the agencies’ fees were fixed rather than contingent on the success or proceeds of the sale, the court held that the agencies did not profit from the sale of MBS under the plain language of the statute. The court also rejected the claim that the Agencies either aided or participated in securities fraud because (i) the pension funds offered no facts from which it was possible to conclude that an entity other than the Agencies engaged in securities fraud, and (ii) the pension funds did not adequately plead that the Agencies themselves made affirmative misrepresentations as to the MBS. In addition, the court affirmed the dismissal of the funds’ common-law negligent misrepresentation claims, determining that under both New York and Ohio law the agencies did not have a relationship with the funds that would establish a duty of care. Finally, the court found that the agencies’ MBS ratings were predictive opinions rather than affirmative false statements, and that the funds failed to adequately allege, beyond general criticism of their business practices, that the agencies did not believe the correctness of their ratings.
FinCEN Releases Summaries of Customer Due Diligence Roundtable Meetings
This week, FinCEN published summaries of a series of roundtable meetings held to obtain stakeholder feedback on the agency’s proposed rulemaking on customer due diligence. The meetings, held in September and October in Los Angeles, New York, and Chicago, provided a forum to discuss key issues regarding the proposed rulemaking, including (i) the definition of “beneficial ownership,” (ii) practices to obtain and verify beneficial ownership, and (iii) challenges associated with specific products, services, and relationships.
President, Congress Extend Cross-Border Fraud Enforcement Law
On December 4, President Obama signed a bill, H.R. 6131, that extends through December 2020, a law that enhances the FTC’s ability to address cross-border fraud, and particularly to fight spam, spyware, and Internet fraud and deception. Originally passed in December 2006 and set to expire in December 2013, the U.S. SAFE WEB Act amended the FTC Act to include within the definition of "unfair or deceptive acts or practices" certain acts or practices involving foreign commerce. Further, the law authorizes the FTC to (i) disclose certain privileged or confidential information to foreign law enforcement agencies, and (ii) provide investigative assistance to a foreign law enforcement agency pursuing violations of laws prohibiting fraudulent or deceptive commercial practices or other practices substantially similar to practices prohibited by laws administered by the FTC without requiring that the conduct identified constitute a violation of U.S. laws.
IRS Ready to Accept Electronic Signatures on the 4506-T
Recently, the Internal Revenue Service issued Electronic Signature Requirements that will allow applicants to electronically sign and submit IRS Forms 4506-T and 4506T-EZ (4506-T) beginning January 7, 2013. IRS regulations permit taxpayers to order a tax transcript using a form 4506-T through the IRS Income Verification Express Services (IVES). Under the Requirements, IVES participants may accept and submit an electronically signed 4506-T if the electronic signature process includes: (i) a structure that places creation of the signature under the signer’s sole control; (ii) a signature technology that permits the signature to be verified, either through the use of software algorithms or forensic analysis; (iii) the ability to establish that the signature was created by a specific individual; (iv) a signature block on the document with a symbol, logically associated with the 4506-T, that allows validation of the signer’s name against the name listed on the 4506-T; (v) a process flow or communication with the signer establishing the intent to sign and the purpose of the signature; and (vi) application of the signature in a tamper-evident manner. In addition, the process used to present and sign the 4506-T must include each of the following: (i) authentication, (ii) consent, (iii) tamper-proofing, and (iv) an audit log. Each IVES participant accepting electronically signed 4506-Ts must determine that the electronic signature process adheres to the Requirements, and must also retain a copy of each signed 4506-T and accompanying audit log for at least two years. Such participants also must implement a third-party audit program and comply with specific monthly and annual third-party audit and reporting requirements. BuckleySandler’s Electronic Signatures and Records Team has substantial experience assisting entities seeking to comply with electronic signature requirements.
California Publishes Summary of New Mortgage Foreclosure Laws
On December 4, the California Department of Corporations published Release No. 65-FS regarding implementation of key parts of the Homeowner Bill of Rights that established new foreclosure requirements. The Release details how the new requirements apply to different groups of servicers depending on the number of foreclosures conducted in the prior year, and identifies and summarizes the requirements that take effect January 1, 2013 and those that are not operative until January 1, 2018. The Release also provides a summary of the key elements of other foreclosure laws enacted in 2012, including those related to enhanced protections for servicemembers, restrictions on loan modification fees, and language requirements for certain default servicing obligations.
District Court Declines to Find Implied Contract to Adhere to Payment Industry Standards
On November 20, the U.S. District Court for the Northern District of California dismissed a putative class action that claimed, among other allegations, that Google violated an implied contract to handle certain users’ credit card information in accordance with the Payment Card Industry Security Standards. Frezza v. Google, Inc., Case No. 12-CV-00237-RMW, 2012 WL 5877587 (N.D. Ca. Nov. 20, 2012). The named plaintiffs alleged that they submitted credit card information when they bought Google Tags, which display advertisements in search results as part of a promotion. The plaintiffs claim that entering their credit card information into Google’s billing system established an implied contract requiring that Google handle such information responsibly, which the plaintiffs allege is in accordance with the Data Security Standards promulgated by the Payment Card Industry Security Standards Council. The court found that Google did not make any indication that it adopted the DSS recommendations when dealing with plaintiffs, and that Google had not violated any implied contract to handle its customers’ credit card information responsibly when it retained credit card data after the plaintiffs cancelled their subscriptions to Google Tags. The court also dismissed the plaintiffs’ breach of contract claims and other claims made under California statutes.
UN Commission Publishes Report of Working Group on Electronic Commerce
Recently, the United Nations Commission on International Trade Law (UNCITRAL) published the Report of Working Group IV (Electronic Commerce), reflecting the group’s work during its forty-sixth session, held in late October and early November. The report describes the Working Group’s continued efforts to explore issues related to electronic transferable records and to address the need for an international regime to facilitate the cross-border use of such records. During this most recent session, the Working Group considered in detail the legal issues relating to the use of electronic transferrable records, and developed parameters for a set of rules to address those issues. Working Group members expressed broad support for a draft model law that would incorporate the parameters identified, while allowing for flexibility when addressing differences in national substantive laws. Some members also expressed support for the preparation of guidance texts, such as a legislative guide, and Working Group members discussed the possible consideration of a binding instrument, such as a treaty, to establish a legal framework for the cross-border transfer of electronic records. The Working Group will follow up on these issues during its forty-seventh session to be held in New York from May 13-17, 2013.
CFPB Warns Specialty Consumer Reporting Agencies about FCRA Compliance
On November 29, the CFPB issued a bulletin to nationwide specialty consumer reporting agencies (NSCRAs) reminding such firms of their obligation under FCRA to facilitate the process by which consumers may obtain a free annual consumer report. The CFPB also announced that its enforcement team issued warning letters to several NSCRAs that may be violating FCRA, based on reviews conducted under the CFPB’s new authority to examine certain CRAs. According to Bulletin 2012-09, the CFPB expects every NSCRA to (i) enable consumers to request a free annual consumer report by a toll-free telephone number that is published as specified, (ii) ensure that its streamlined process for obtaining a free annual consumer report has adequate capacity to accept requests, (iii) collect only as much personal information from a consumer requesting a free annual consumer report as is reasonably necessary to identify the consumer properly, (iv) provide clear and easily understandable information and instructions to consumers, (v) comply with Regulation V when using or disclosing personally identifiable information collected from a consumer in connection with the consumer’s request for any FCRA-required disclosure, and (vi) accept requests for free annual consumer reports from consumers who use methods other than the streamlined process or instruct such consumers on how to use the streamlined process. The sample warning letter released by the CFPB cites possible violations of the requirements outlined in the Bulletin and urges recipients to review practices and procedures to ensure compliance.