Last month, the Massachusetts Division of Banks (DOB) issued an advisory opinion addressing whether an oral request by a debtor for certain records to validate a debt (pursuant to 209 CMR 18.18(3)) triggers a debt collector’s obligation to provide such documents within five business days. The DOB advised that a debt collector’s receipt of an oral request for such records from a consumer (or a consumer’s attorney) is sufficient to trigger the debt collector’s obligation and may serve to commence the five business day period in which the required response must be returned to the consumer.
On August 11, FinCEN issued Advisory FIN-2014-A007 to provide guidance regarding BSA/AML compliance programs. Specifically, the guidance recommends that institutions create a “culture of compliance” by ensuring that: (i) leadership actively supports and understands compliance efforts; (ii) efforts to manage and mitigate BSA/AML deficiencies and risks are not compromised by revenue interests; (iii) relevant information from the various departments within the organization is shared with compliance staff to further BSA/AML efforts; (iv) the institution devotes adequate resources to its compliance function; (v) the compliance program is effective by, among other things, ensuring that it is tested by an independent and competent party; and (vi) leadership and staff understand the purpose of the institution’s BSA/AML efforts. The guidance follows numerous public remarks by FinCEN Director Jennifer Shasky Calvery and other financial regulators and enforcement authorities calling for stronger compliance cultures, particularly with regard to BSA/AML compliance. Director Shasky Calvery reinforced that message in an August 12, 2014 speech in which she asserted that, in the enforcement matters she has seen, a culture of compliance “could have made all the difference.” In the same speech, Ms. Shasky Calvery criticized—as Comptroller of the Currency Thomas Curry also did earlier this year—financial institutions which may be “de-risking” by preventing certain categories of businesses from accessing banking services. She stressed that “just because a particular customer may be considered high risk does not mean that it is ‘unbankable’,” and called on banks to develop programs to manage high risk customer relationships.
On August 6, the CFPB’s Student Loan Ombudsman, Rohit Chopra, published a blog post addressing the financial arrangements between financial institutions and institutions of higher education that market financial products to students. Last year, the CFPB urged banks to disclose any agreements with colleges and universities to market debit, prepaid, and other products to students and warned that “[t]he CFPB prioritizes its supervisory examinations based on the risks posed to consumers” and “[failing to make] college financial product arrangements transparent to students and their families . . . increase[s] such risks.” In this latest review, the CFPB assessed the Big Ten schools and found that at least 11 have established banking partners to market financial products to students. Of those 11, the CFPB found only four contracts on the bank websites, and it characterized three of those four contracts as “partial”—i.e. in the CFPB’s view, the disclosed agreements “did not contain important information, such as how much they pay schools to gain access to students in order to market and sell them financial products and services.” Concurrent with the blog post, the CFPB sent letters to schools asserting that “their bank partner has not yet committed to transparency when it comes to student financial products.”
On August 4, the OCC issued Bulletin 2014-37, which provides new guidance on the application of consumer protection requirements and safe and sound banking practices to consumer debt-sale arrangements with third parties—e.g. debt buyers—that intend to pursue collection of the underlying obligations. The guidance goes well beyond the set of “best practices” the OCC provided last summer as an attachment to written testimony submitted to a U.S. Senate committee. For example, the new guidance establishes requirements to: (i) notify the consumer that a debt has been sold, the dollar amount of the debt transferred, and the name and address of the debt buyer; (ii) perform due diligence on the debt buyer down to the consumer complaint level; and (iii) provide the debt buyer with the signed debt contract and a detailed payment history. The bulletin also requires sale contracts to include limitations on the debt buyer’s ability to litigate on an account and “minimum-service-level agreements” that apply whether or not debt buyers conduct the collection activities or employ other collection agents. The Bulletin specifies that certain types of debt are “not appropriate for sale,” such as: (i) debt of borrowers who have sought or are seeking bankruptcy protection; (ii) accounts eligible for Servicemembers Civil Relief Act protections; (iii) accounts in disaster areas; and (iv) accounts close to the statute of limitations.
On August 5, FinCEN issued an advisory, FIN-2014-A006, which provides guidance to financial institutions for reviewing their obligations and risk-based approaches with respect to certain jurisdictions. The Financial Action Task Force (FATF) recently updated its lists of jurisdictions that appear in two documents: (i) jurisdictions that are subject to the FATF’s call for countermeasures or Enhanced Due Diligence as a result of the jurisdictions’ Anti-Money Laundering/Counter-Terrorist Financing (AML/CFT) deficiencies; and (ii) jurisdictions identified by the FATF as having AML/CFT deficiencies. The advisory notice (i) summarizes the changes made by the FATF; (ii) provides specific guidance regarding jurisdictions listed in each category including when Enhanced Due Diligence is required; and (iii) reiterates that if a financial institution knows, suspects, or has reason to suspect that a transaction involves funds derived from illegal activity or that a customer has otherwise engaged in activities indicative of money laundering, terrorist financing, or other violation of federal law or regulation, the financial institution must file a Suspicious Activity Report.
On August 1, FinCEN and its Mexican counterpart announced a series of reporting initiatives designed to improve the transparency of cross-border cash movements. To address U.S. and Mexican law enforcement’s concerns about potential misuse of exemptions and incomplete or inaccurate reports filed by armored car services (ACS) and other common carriers of currency, FinCEN issued a Geographic Targeting Order (GTO) that requires enhanced cash reporting by these businesses at the San Ysidro and Otay Mesa Ports of Entry in California. FinCEN also issued updated guidance concerning detailed and proper filing of Currency and Monetary Instruments Reports (CMIRs), which are filed when $10,000 or more in currency is moved across the U.S. border.
On July 24, Illinois Governor Pat Quinn signed HB 5342, which amends numerous provisions of state law applicable to state banks and credit unions, including requiring the Illinois Secretary of Financial and Professional Regulation to adopt formal rules that guarantee consistency and due process during the examination process of state-chartered banks. The bill also allows the Secretary to establish guidelines “that (i) define the scope of the examination process and (ii) clarify examination items to be resolved.” In addition, the bill provides that an existing loan secured by an interest in real estate shall not, under certain circumstances, require a new appraisal of the collateral during renewal, refinancing, or restructuring. The changes became effective immediately.
On July 30, FinCEN released a proposed rule that would amend BSA regulations to clarify and add customer due diligence (CDD) obligations for banks and other financial institutions, including brokers or dealers in securities, mutual funds, futures commission merchants, and introducing brokers in commodities. The rule would not cover other entities subject to FinCEN regulations that are not already required to have a customer identification program (CIP)—e.g money services businesses—but FinCEN may extend CDD requirements in the future to these, and potentially other types of financial institutions. The proposed rule states that as part of the existing regulatory requirement to have a CIP, covered institutions are already obligated to identify and verify the identity of their customers. The proposed rule would add to that base CDD requirement, new requirements to: (i) understand the nature and purpose of customer relationships; and (ii) conduct ongoing monitoring to maintain and update customer information and to identify and report suspicious transactions. The proposed rule also would add a so-called beneficial ownership requirement, which would require institutions to know and verify the identities of any individual who owns at least 25% of a legal entity, or who controls the legal entity.
FinCEN emphasizes that nothing in the proposal is intended to limit the due diligence expectations of the federal functional regulators or in any way limit their existing regulatory discretion. To that end, the rule would incorporate the CDD elements on nature and purpose and ongoing monitoring into FinCEN’s existing AML program requirements, which generally provide that an AML program is adequate if, among other things, the program complies with the regulation of its federal functional regulator governing such programs. FinCEN does not believe that the new CDD requirements will require covered institutions to perform any additional activities or operations, but acknowledges the rule may necessitate revisions to written policies and procedures. FinCEN also recognizes that financial institutions will be required to modify existing customer onboarding processes to incorporate the beneficial ownership requirement. As such, FinCEN proposes an effective date of one year from the date the final rule is issued. Comments on the proposal are due 60 days from publication of the proposal in the Federal Register.
On July 28, the FDIC issued FIL-41-2014 to clarify its supervisory approach to bank relationships with third-party payment processors (TPPPs). In short, the letter removes the FDIC’s list of examples of merchant categories from its existing guidance and informational article. That list, which identified potential “high-risk” businesses, including firearms and ammunition merchants, coin dealers, and payday lenders, among numerous others, has been scrutinized and challenged by members of Congress in recent months. The new guidance explains the “lists of examples of merchant categories have led to misunderstandings regarding the FDIC’s supervisory approach to TPPPs, creating the misperception that the listed examples of merchant categories were prohibited or discouraged.” The FDIC’s letter continues to defend the list as “illustrative of trends identified by the payments industry at the time the guidance and article were released” and reasserts that it is the FDIC’s policy that insured institutions that properly manage customer relationships are neither prohibited nor discouraged from providing services to any customer operating in compliance with applicable law.
On July 23, Thomas Baxter, General Counsel for the New York Federal Reserve Bank, in public remarks at a risk management conference, questioned the FCPA’s “exception for ‘facilitating or expediting payments’ made in furtherance of routine government action.” Mr. Baxter stated that “official corruption is a problem that some U.S. financial institutions have found challenging during the last year,” and suggested that those problems could derive from an organizational value system undermined by the facilitating payments exception. Mr. Baxter acknowledged that the exception “is grounded in a practical reality,” but expressed his preference for a zero tolerance standard. He explained that “when an organizational policy allows some types of official corruption . . ., this diminishes the efficacy of compliance rules that are directed toward stopping official corruption.” He urged U.S. financial institutions to foster organizational value systems that “go beyond black-letter U.S. law” with regard to official corruption. Mr. Baxter made these comments in the context of a broader speech on organizational culture and its impact on compliance in which he also suggested that foreign banks’ recent sanctions and tax evasion compliance woes could be explained by a difference in the corporate values of foreign and U.S. banks and their employees when it comes to laws designed to support broader U.S. public policy.
On July 31, the CFPB released its latest assessment of overdraft data it has collected from large banks. The report provides the following summary findings:
- Overdraft and non-sufficient funds (NSF) fees constitute the majority of the total checking account fees that consumers incur. For opted-in consumers, overdraft and NSF fees account for about 75% of their total checking account fees and average over $250 per year.
- Most overdraft fees are paid by a small fraction of bank customers—8% of customers incur nearly 75% of all overdraft fees.
- Opted-in accounts are three times as likely to have more than 10 overdrafts per year as accounts that are not opted in. And opted-in accounts have seven times as many overdrafts that result in fees as accounts that are not opted in.
- Transactions that lead to overdrafts tend to be small—for debit card transactions, the median amount that leads to an overdraft fee is $24 and the median amount of a transaction that leads to an overdraft fee for all types of debits is $50.
- Most consumers who overdraft bring their accounts positive quickly.
- Younger customers tend to overdraft more than older customers.
Over the past week, members of Congress from both parties have sent several letters to the Department of Education (DOE or ED) regarding its ongoing rulemaking related to the ways higher education institutions request, maintain, disburse, and otherwise manage federal student aid disbursements. As part of that rulemaking, the DOE is considering changes that would, among other things, clarify permissible disbursement practices and agreements between education institutions and entities that assist in disbursing student aid, and increase consumer protections governing the use of prepaid cards and other financial instruments. In general, the letters from Congress express concern that the draft rule is too broad and will limit student access to financial services. For example, in a July 17 letter from Congressman Luetkemeyer (R-MO), Senator Hoeven (R-ND), and 40 other lawmakers, including six Democrats, the members expressed concern that the DOE proposal could cover any account held by a student or a parent of a student if the financial institution had any arrangement, however informal, with a school and regardless of when or why the account was opened. The members support efforts to protect students from abuses made in disbursing student aid, but ask the DOE to tailor the rule such that it could not be construed so broadly as to restrict students’ access to financial services. Earlier this year, another group of lawmakers called on the DOE to “mandate contract transparency, prohibit aggressive marketing, and ban high fees when colleges partner with banks to sponsor debit cards, prepaid cards, or other financial products used to disburse student aid.”
On July 24, the OFAC released a settlement agreement with a large bank to resolve apparent violations of narcotics sanctions regulations. The settlement agreement states that during separate periods from September 2005 through March 2009, the bank allowed transactions to be processed for certain individuals designated under the narcotics sanctions regulations, and failed to timely file blocked property reports regarding accounts owned by other designated individuals. The bank did not admit to any allegation made or implied by the apparent violations, but agreed to pay approximately $16.5 million to resolve the matter. The agreement explains that most of the apparent violations were disclosed by the bank to OFAC as a result of remedial action designed to correct a screening deficiency giving rise to the apparent violations, but that such disclosures do not qualify as voluntarily self-disclosed to OFAC within the meaning of OFAC’s Economic Sanctions Enforcement Guidelines because they were substantially similar to apparent violations of which OFAC already was aware.
On July 23, the FDIC proposed a rule to revise its assessments regulation. Specifically, the FDIC proposes changing the ratios and ratio thresholds for capital evaluations used in its risk-based deposit insurance assessment system to conform the assessments to the prompt corrective action capital ratios and ratio thresholds adopted by the prudential regulators. The proposal also would (i) revise the assessment base calculation for custodial banks to conform to the asset risk weights adopted by the prudential regulations; and (ii) require all highly complex institutions to measure counterparty exposure for deposit insurance assessment purposes using the Basel III standardized approach credit equivalent amount for derivatives and the Basel III standardized approach exposure amount for other securities financing transactions. The FDIC explains the changes are intended to accommodate recent changes to the federal banking agencies’ capital rules that are referenced in portions of the assessments regulation.Comments are due by September 22, 2014.
On July 18, FinCEN published SAR Stats—formerly called By the Numbers—an annual compilation of numerical data gathered from the Suspicious Activity Reports (SARs) filed by financial institutions using FinCEN’s new unified SAR form and e-filing process. Among other things, the new form and process were designed to allow FinCEN to collect more detailed information on types of suspicious activity. As such, FinCEN describes the data presented in this first SAR Stats issue as “a new baseline for financial sector reporting on suspicious activity.” The primary purpose of the report is to provide a statistical overview of suspicious activity developments, including by presenting SAR data arranged by filing industry type for the more than 1.3 million unique SARs filed between March 1, 2012 and December 31, 2013. In addition, the redesigned annual publication includes a new SAR Narrative Spotlight, which focuses on “perceived key emerging activity trends derived from analysis of SAR narratives.” The inaugural Spotlight examines the emerging trend of Bitcoin related activities within SAR narrative data. It states that FinCEN is observing a rise in the number of SARs flagging virtual currencies as a component of suspicious activity, and provides for potential SAR filers an explanation of virtual currencies and the importance of SAR data in assessing virtual currency transactions.