On March 5, a group of 16 Democratic U.S. House members sent letters to the leaders of the Federal Reserve Board, the OCC, the FDIC, and the NCUA requesting that the agencies issue guidance that would provide legitimate marijuana businesses access to the federal banking system. Last November, those agencies declined to provide such guidance, stating that the DOJ and FinCEN first needed to agree on a framework to apply BSA/AML provisions to banks seeking to serve marijuana businesses. With FinCEN and DOJ having recently issued such guidance, the lawmakers renewed their push for legitimate marijuana businesses—now operating in 20 states and the District of Columbia—to have “equal access to banking services as other licensed businesses.”
On March 5, the Federal Reserve Board, the OCC, and the FDIC issued final guidance for stress tests conducted by banking institutions with more than $10 billion but less than $50 billion in total consolidated assets. Under Dodd-Frank Act-mandated regulations adopted in October 2012, such firms are required to conduct annual stress tests. The guidance discusses (i) supervisory expectations for stress test practices, (ii) provides examples of practices that would be consistent with those expectations, and (iii) offers additional details about stress test methodologies. Covered institutions are required to perform their first stress tests under the Dodd-Frank Act by March 31, 2014.
On March 4, Comptroller of the Currency Thomas Curry addressed the annual meeting of the Independent Community Bankers Association where he stressed the need for banks to effectively manage risk presented by the outsourcing of data security and information technology. The Comptroller explained that “[t]hird parties can be the weak link in [a bank’s] information systems security and resiliency; and especially where that third party is providing security services.” Referencing guidance the OCC issued last year, the Comptroller described the OCC’s due diligence expectations for banks’ third-party relationships as “substantial” and stressed that a bank’s due diligence needs to cover not only the vendor, but the vendor’s own third-party relationships. Mr. Curry also focused on other concerns he has about third-party relationships, including: (i) consolidation of service providers, which can increase the number of banks impacted when deficiencies occur at a single vendor; (ii) increased reliance by banks on foreign-based service providers; and (iii) third parties’ access to “large amounts of sensitive bank or customer data.”
On March 5, the U.S. District Court for the Eastern District of New York held that the named plaintiffs lack standing to bring claims in a multidistrict class action alleging illegal overdraft practices by a national bank. In re HSBC Bank, USA, N.A., Debit Card Overdraft Fee Litigation, No. 13-md-2451, 2014 WL 868827 (E.D.N.Y. Mar. 5, 2014). The three consolidated actions are similar to numerous actions filed against national banks across the country in which bank customers have alleged, generally, that banks manipulated debit card transactions to increase the number of overdraft fees charged to customers by re-ordering daily transactions from highest to lowest dollar amount, resulting in a higher number of individual overdraft transactions. On the bank’s motion to dismiss in this case, the court held that the named plaintiffs never lived or conducted business in 10 of the 12 states where the allegations arose and therefore lacked standing under the applicable state statutes giving rise to the claims. The court added that if the plaintiffs sought to add representatives from the other states, it would be difficult for the court to adjudicate the claims given the discrepancies between state laws. The court dismissed numerous claims under the laws of the two remaining states (California and New York), but allowed the plaintiffs breach of implied covenant and good faith and fair dealing claims under both New York and California law, and claims under California’s Unfair Competition Law and False Advertising Law, to proceed.
On March 4, SWIFT, the bank member-owned cooperative based in Belgium, announced that it signed a Memorandum of Understanding with six of its major member banks to develop a central utility for the collection and distribution of standard information required by banks as part of their know your customer (KYC) due diligence processes. The KYC registry is intended to help banks manage KYC compliance challenges and reduce associated costs by providing bank users centralized access to details on their counterparties, while allowing participating banks to retain ownership of their own information and maintain control over which other institutions can view their data. SWIFT states that an initial working group will establish processes for providing information to the registry and documentation necessary to fulfill KYC requirements across multiple jurisdictions. The group expects more banks to join in the coming months.
On March 4, the UK FCA released the results of its most recent review of sales incentives at retail financial firms. The FCA’s review revealed that retail banks have made progress in changing their financial incentive structures in response to the FCA’s supervisory focus on the issue starting in September 2012, which led to new guidance issued in January 2013. The FCA’s initial focus on the issue derived from its concerns about incentive structures that, among other things, allegedly fueled the sale of payment protection plans and other add-on products. Despite the broad progress, the FCA reports that roughly one in 10 firms with sales teams had higher-risk incentive scheme features where it appeared they were not managing the risk properly at the time of the FCA’s assessment. It believes firms should concentrate on, among other things (i) checking for spikes or trends in the sales patterns of individuals to identify areas of increased risk; (ii) better monitoring behavior in face-to-face sales conversations; and (iii) managing risks in discretionary incentive schemes and balanced scorecards, including the risk that discretion could be misused. The FCA states that given the progress made, it is not proposing any rule changes at this time, but it intends to keep financial incentives on its agenda for 2014.
On February 27, Federal Reserve Board Chairman Janet Yellen made her first appearance as Chair before the Senate Banking Committee. During the course of the question and answer session, Ms. Yellen responded to a recent letter from Senator Elizabeth Warren (D-MA) and Representative Elijah Cummings (D-MD) that encouraged the Federal Reserve Board to play a larger role in major supervisory and enforcement decisions, as opposed to delegating most examination and settlement responsibilities to staff. Chairman Yellen generally agreed that the Board itself should play a larger part in supervision and enforcement and stated that she “fully expects” the Board to make changes to its policies. She added that with regard to legislation recently introduced by Senators Elizabeth Warren and Tom Coburn (R-OK) that would require greater transparency in federal settlements, the Federal Reserve Board intends to look carefully at what it discloses about enforcement actions and settlements and will try to provide more disclosure. Among the numerous other topics covered during the hearing, Chairman Yellen also addressed virtual currency issues, stating the Federal Reserve Board currently has no authority to oversee virtual currency. Her comments followed a letter sent on February 26, 2014 by Banking Committee member Joe Manchin (D-WV) to federal financial and enforcement authorities asking for a complete ban on Bitcoin in the United States. Ms. Yellen stated that while Congress should consider the appropriate legal framework for virtual currency, “there’s no intersection at all in any way between Bitcoin and banks that the Federal Reserve has the ability to supervise and regulate. So the Federal Reserve simply does not have authority to supervise or regulate Bitcoin in any way.”
On February 26, Senators Jeff Merkley (D-OR), Elizabeth Warren (D-MA), and other Democratic Senators, together with Representatives Elijah Cummings (D-MD), Maxine Waters (D-CA), and other Democratic House members, sent a letter to Attorney General Eric Holder encouraging the DOJ to “continue a vigorous review of potential payment fraud, anti-money-laundering violations, and other illegal conduct involving payments by banks and third-party payment processors.” The lawmakers highlighted a number of specific issues on which the DOJ should focus: (i) know-your-customer obligations, which they believe should include a review of whether a lender holds all required state licenses and follows state lending laws; (ii) use of lead generators, including those that auction consumer data; (iii) high rates of returned, contested, or otherwise failed debits or the regular use of remotely created checks, which they state may indicate payment fraud; and (iv) lenders’ failure to incorporate or maintain a business presence in the U.S., which they assert can be indicative of fraud and other payment system violations, including money-laundering.
On February 27, the Senate Permanent Subcommittee on Investigations (PSI) issued a report and held a hearing related to its multi-year investigation of offshore tax evasion and the DOJ’s efforts to pursue Swiss banks who allegedly aid U.S. citizens in evading taxes. The hearing and report focused on one Swiss bank alleged to have facilitated tax evasion and criticized the DOJ for its supposedly “lax enforcement” approach towards numerous Swiss banks. The report states that U.S. law enforcement authorities have failed to prosecute more than a dozen Swiss banks the PSI staff believes facilitated U.S. tax evasion, and failed to take action against the thousands of U.S. citizens who have been revealed as tax evaders. The report also criticizes Swiss officials who the PSI alleges have worked to preserve Swiss bank secrecy by intervening in U.S. criminal investigations and hampering progress. The PSI report urges the DOJ to “use all available U.S. legal means” to obtain the names of alleged tax evaders, and to hold accountable “tax haven banks that aided and abetted” in the alleged evasion. The report also states that U.S. banking regulators should “institute a probationary period of increased reporting requirements for, or to limit the opening of new accounts by, tax haven banks that enter into deferred prosecution agreements, non-prosecution agreements, settlements, or other concluding actions with law enforcement for facilitating U.S. tax evasion, taking into consideration repetitive or cumulative misconduct.” Finally, the subcommittee recommended that the Senate promptly ratify a pending U.S.-Switzerland tax treaty that would allow for increased sharing of information by the Swiss.
Federal Reserve Plans Regular Reporting On Bank Applications, Outlines Common Issues Resulting In Application Withdrawals
On February 24, the Federal Reserve Board announced in SR 14-2 that it will start publishing a semi-annual report to provide certain information on bank applications and notices filed with the Federal Reserve. The Board stated that the report will include statistics on the length of time taken to process various applications and notices and the overall volume of approvals, denials, and withdrawals. The report also will provide the primary reasons for withdrawals. The first report will be released in the second half of 2014 and will include filings acted on from January through June 2014. The letter also describes common issues identified by the Federal Reserve that have led to recent withdrawal of applications, including (i) less-than-satisfactory supervisory rating(s) for safety and soundness, consumer compliance, or CRA; (ii) inadequate compliance with the Bank Secrecy Act; and (iii) concerns regarding the financial condition or management of the proposed organization.
On February 21, the U.S. District Court for the Southern District of New York held that the Dodd-Frank Act’s whistleblower protection provisions could not be applied retroactively to an alleged retaliation that occurred before the effective date of the statute. Ahmad v. Morgan Stanley & Co., Inc., No. 13-6394, 2014 WL 700339 (S.D.N.Y. Feb. 21, 2014). A former employee of a financial institution filed suit against his former employer under Dodd-Frank, alleging that he had been harassed and intimidated for his attempts to raise concerns during audits of loans made by the institution. Although the alleged retaliation occurred before the effective date of Dodd-Frank, the employee argued that the statute’s whistleblower provisions—which broadly prohibit employers from discriminating, harassing, terminating or otherwise punishing employee whistleblowers for their lawful conduct—were merely technical revisions to whistleblower protections that already existed under the Sarbanes-Oxley Act of 2002, and therefore the Dodd-Frank act protections apply retroactively. The court disagreed and held that the Dodd-Frank created an “entirely new whistleblower cause of action,” distinct from that provided by Sarbanes-Oxley. In particular, the court pointed to the plain text of Dodd-Frank, which identifies the relevant provisions as a “cause of action,” and allows plaintiffs to seek double back-pay for retaliation, a remedy not available under Sarbanes-Oxley. The court dismissed the former employee’s suit with prejudice.
On February 20, in remarks to the Florida International Bankers Association Anti-Money Laundering Conference, FinCEN Director Jennifer Shasky Calvery reviewed FinCEN’s key initiatives over the past year and outlined priorities going forward. She discussed FinCEN’s efforts with regard to virtual currency risks and stated that it is important for financial institutions that deal in virtual currency to put effective AML/CFT controls in place. She noted that it is also important for all stakeholders to keep virtual currency concerns in perspective given the relatively small size of the market. FinCEN is growing increasingly concerned with third party money launderers who layer transactions, create or use shell or shelf corporations, use political influence to facilitate financial activity, or engage in other schemes to infiltrate financial institutions and circumvent AML controls. FinCEN intends to pursue such actors regardless of where they are located. Director Shasky Calvery also reiterated concerns about securities firms that offer services similar to banks, and promised continued focus on threats posed by trade-based money laundering. With regard to its policy initiatives, FinCEN intends to engage stakeholders in a discussion of “balancing the policy motivations behind data privacy and secrecy laws in different jurisdictions with the need for an appropriate level of transparency to combat money laundering and terrorist financing.” The Director noted that this issue is particularly critical in the area of correspondent banking.
Federal Reserve Board Finalizes Enhanced Prudential Standards For Large Bank Holding Companies, Foreign Banks
On February 18, the Federal Reserve Board issued a final rule that incorporates elements of two previously proposed rules related to U.S. bank holding companies with assets of $50 billion or more and foreign banking organization with assets of $50 billion or more. For covered domestic bank holding companies, the final rule (i) incorporates as an enhanced prudential standard previously-issued capital planning and stress testing requirements; and (ii) imposes enhanced risk-management, including liquidity risk-management standards. The rule further imposes a 15-1 debt-to-equity limit for companies that pose a grave threat to U.S. financial stability, as determined by the FSOC. For covered foreign banking organizations, the rule (i) implements enhanced risk-based and leverage capital requirements, liquidity requirements, risk-management requirements, stress testing requirements, and the debt-to-equity limit for FSOC-designated companies; and (ii) requires foreign banking organizations with U.S. non-branch assets of $50 billion or more to form a U.S. intermediate holding company (IHC) and imposes the same enhanced requirements on the IHC. The rule also establishes enterprise-wide risk-committee requirements for publicly traded domestic bank holding companies with total consolidated assets of $10 billion or more and for publicly traded foreign banking organizations with total consolidated assets of $10 billion or more, and implements stress-testing requirements for foreign banking organizations and foreign savings and loan holding companies with total consolidated assets of more than $10 billion. The final rule does not apply to non-bank financial firms designated as systemically important by the FSOC. The rule takes effect on June 1, 2014, but covered U.S. bank holding companies have until January 1, 2015 to comply. Foreign banking organizations must submit an implementation plan by January 1, 2015, but have until July 1, 2016 to comply. The final rule generally defers application of the leverage ratio to IHCs until 2018.
On February 14, FinCEN issued guidance to clarify BSA expectations for financial institutions seeking to provide services to marijuana-related businesses in states that have legalized certain marijuana-related activity. The guidance was issued in coordination with the DOJ, which provided updated guidance to all U.S. Attorneys. The FinCEN guidance reiterates the general principle that the decision to open, close, or refuse any particular account or relationship should be made by each financial institution based on its particular business objectives, an evaluation of the risks associated with offering a particular product or service, its ability to conduct thorough customer due diligence, and its capacity to manage those risks effectively. The guidance details the necessary elements of a customer due diligence program, including consideration of whether a marijuana-related business implicates one of the priorities in the DOJ memorandum or violates state law. FinCEN notes that the obligation to file a SAR is unaffected by any state law that legalizes marijuana-related activity and restates the SAR triggers. The guidance identifies the types of SARs applicable to marijuana-related businesses and describes the conditions under which each type should be filed.
On February 14, the OCC issued Bulletin 2014-02, which clarifies supervisory expectations for national banks and federal savings associations regarding secured consumer debt discharged in Chapter 7 bankruptcy proceedings. The guidance describes (i) the analysis necessary to “clearly demonstrate and document that repayment is likely to occur,” which would preclude any charge-off as required by the Uniform Retail Credit Classification and Account Management Policy; and (ii) when a bank may consider post-discharge payment performance as evidence of collectability and when this performance demonstrates both capacity and willingness to repay the full amounts due. The OCC states that the repayment analysis should document (i) the existence of orderly repayment terms for structured collection of the debt without the existence of undue payment shock or the need to refinance the balloon amount; (ii) a history of payment performance that demonstrates the borrower’s ongoing commitment to satisfy the debt; and (iii) the consideration of post-discharge capacity to make future required payments. The guidance provides standards for post-discharge repayment capacity. Further, the guidance allows a bank to consider post-discharge payment performance as evidence of collectability, and states that the analysis can be conducted at a pool or individual level provided the bank considers whether (i) monthly payment includes both principal and interest that fully amortizes the remaining debt; (ii) sustained performance demonstrates ongoing capacity and willingness to repay post-discharge; and (iii) collateral levels indicate the bank is likely to recover the full amount due even if payments cease.