On November 18, at an American Bar Association/American Bankers Association conference on the Bank Secrecy Act/Anti-Money Laundering (BSA/AML), Deputy Attorney General (Deputy AG) James Cole challenged financial institutions’ compliance efforts and outlined the DOJ’s financial crimes enforcement approach. Noting that compliance within financial institutions is of particular concern to the DOJ, based in part on recent cases of “serious criminal conduct by bank employees,” the nation’s second highest ranking law enforcement official detailed DOJ’s approach to investigating and deciding in what manner to pursue potential violations. The Deputy AG included among his examples of serious misconduct recent BSA/AML, RMBS, mortgage False Claims Act, and LIBOR cases. He explained that the DOJ is particularly concerned about incentives that encourage excessive risk taking, and stated that “too many bank employees and supervisors value coming as close to the line as possible, or even crossing the line, as being ‘competitive’ or ‘aggressive.’” Read more…
On November 22, the CFPB released findings of a study the Bureau conducted on the impact of certain deposit regulations on the day-to-day operations of banking institutions, focusing on compliance costs related to checking accounts, traditional savings accounts, debit cards, and overdraft programs. The study collected information from seven banks about activities related to compliance with regulations implementing the Truth in Savings Act, the Electronic Fund Transfer Act, the financial privacy requirements of the Gramm-Leach-Bliley Act, and the Fair Credit Reporting Act (Regulations DD, E, P, and V, respectively), as well as FCRA’s adverse action requirements, which are not implemented by regulation. According to the Bureau, compliance costs were concentrated in the Operations, Information Technology, Human Resources, Compliance, and Retail functions, and banks incurred the most substantial costs complying with rules related to authorization rights, error resolution requirements, disclosure mandates, and advertising standards.
The report identifies the compliance-related activities that entailed the highest costs across business functions and suggests that “authorization rights” (i.e., opt-ins and opt-outs) and error-resolution requirements are the most costly to administer. The report also discusses the potential for the study—which the Bureau characterizes as representing “some of the most rigorous information currently available” on compliance costs—to advance research on the cost of compliance, influence the ultimate understanding of regulatory impacts on consumers and markets, and inform the CFPB’s ongoing efforts to avoid unnecessary compliance costs. The Bureau states that estimating the operational effects of consumer financial services regulation alone has “limited value to policymaking” and is mainly helpful in determining the impact of a specific regulation on product pricing and availability or market structure and competition. The Bureau concluded that research on the effects of regulations will remain an ongoing priority, but it will nevertheless continue to address problems observed in the marketplace — “mindful that, whatever the costs of regulation, the costs of not regulating adequately can be even larger.”
The full report, Understanding the Effects of Certain Deposit Regulations on Financial Institutions’ Operations: Findings on Relative Costs for Systems, Personnel, and Processes at Seven Institutions, is available here.
On November 17, the Comptroller of the Currency, Thomas Curry, delivered remarks at the American Bar Association/American Bankers Association BSA/AML conference in which he identified common BSA/AML compliance risks and failures, and identified steps industry participants and regulators should take to improve compliance. The Comptroller explained that successful BSA/AML compliance is dependent not only on “the strength of the institution’s technology and monitoring processes, and the effectiveness of its risk management,” but also on strong corporate governance processes and management’s willingness to commit adequate resources. Comptroller Curry called on banks to commit sufficient resources and take a “holistic approach” toward BSA/AML compliance, for example, by dispersing accountability throughout the organization instead of concentrating compliance in a single unit. Noting that this is particularly important in the M&A context, the Comptroller stated that it is vital that due diligence go beyond a target’s credit portfolio to include a review of the target’s BSA/AML program. In addition to lack of compliance resources, the Comptroller identified as risk trends: (i) poor management of international activities—foreign correspondent banking, cross-border funds transfers, bulk cash repatriation, and embassy banking; (ii) third-party relationships and payment processors; and (iii) emerging payment technologies, including virtual currencies. He stressed the importance of information sharing among institutions and between institutions and their regulators, and called for (i) legislation that would encourage the filing of SARs by strengthening the statutory safe harbor from civil liability for filing financial institutions, (ii) broadening the Patriot Act safe harbor for institutions that share information with each other about potential crimes and suspicious transactions, and (iii) exploring ways government can provide more robust and granular information about money laundering schemes and typologies to institutions in a more timely way.
On November 20, the OCC announced in Bulletin 2013-34 that as part of its ongoing implementation of the Dodd-Frank Act’s mandate that the OCC integrate Office of Thrift Supervision (OTS) policies with existing OCC policies, the OCC is rescinding the OTS compliance documents listed in an appendix provided with the announcement. A second appendix lists OCC policy guidance that the OCC is applying to federal savings associations in cases where policy guidance did not already exist. The announcement does not cover OTS policies and guidance related to the FCRA, the CRA, UDAP, or mortgage regulations, which the OCC plans to address at a later date.
On November 12, the FDIC released the economic scenarios that will be used by certain financial institutions with total consolidated assets of more than $10 billion for stress tests required under the Dodd-Frank Act. Each scenario includes key variables that reflect economic activity, including unemployment, exchange rates, prices, income, interest rates, and other salient aspects of the economy and financial markets. The baseline scenario represents expectations of private sector economic forecasters; the adverse and severely adverse are hypothetical scenarios designed to assess the strength and resilience of financial institutions and their ability to continue to meet the credit needs of households and businesses under stressed economic conditions. The FDIC release follows the recent release of stress test scenarios by the Federal Reserve Board and the OCC. The Federal Reserve Board also recently issued a final policy statement that describes the process by which it will develop future stress test scenarios.
On November 5, the Federal Reserve Board announced the annual indexing of the amounts used in determining reserve requirements of depository institutions and deposit reporting panels effective in 2014. The Board amended Regulation D to (i) set the amount of total reservable liabilities of each depository institution that is subject to a zero percent reserve requirement in 2014 at $13.3 million (from $12.4 million in 2013) and (ii) set the amount of net transaction accounts at each depository institution (over the reserve requirement exemption amount) that is subject to a three percent reserve requirement in 2014 at $89.0 million (from $79.5 million in 2013). These are known as the reserve requirement exemption amount and the low reserve tranche, respectively. The new exemption amount and low reserve tranche will apply to the 14-day reserve maintenance period that begins January 23, 2014. For depository institutions that report deposit data weekly, this maintenance period corresponds to the 14-day computation period that begins Tuesday, December 24, 2013. For depository institutions that report deposit data quarterly, this maintenance period corresponds to the seven-day computation period that begins Tuesday, December 17, 2013. The Board also announced changes in the nonexempt deposit cutoff level and the reduced reporting limit, which are used to determine the frequency with which depository institutions must submit deposit reports.
On November 6, the OCC issued two bulletins to announce an addition and revisions to the Comptroller’s Handbook. The OCC also rescinded certain Handbook provisions. Bulletin OCC 2013-30 adds to the Handbook the “Qualified Thrift Lender” (QTL) booklet, which includes the “Qualified Thrift Lending Test,” issued June 2002 as part of the Office of Thrift Supervision’s Examination Handbook. The revisions are statutory in nature and include, among other things, new language pursuant to the Dodd–Frank Act regarding QTL failure and the violation of HOLA section 5 and additional limitations in the payment of dividends. Bulletin OCC 2013-31 updates the “Insider Activities” booklet and provides guidance for examiners and bankers on how national banks and federal savings associations may legally and prudently engage in transactions with insiders. The booklet explains how to implement risk management processes that provide for the appropriate control and monitoring of insider activities and how examiners review and assess insider activities during the supervisory process.
On October 30, the OCC issued Bulletin 2013-29 to update guidance relating to third-party risk management. The Bulletin, which rescinds OCC Bulletin 2001-47 and OCC Advisory Letter 2000-9, requires banks and federal savings associations (collectively “banks”) to provide comprehensive oversight of third parties, including joint ventures, affiliates or subsidiaries, and payment processors. It is substantially more prescriptive than CFPB Bulletin 2012-3, and incorporates third-party relationship management principles underlying recent OCC enforcement actions.
The Bulletin warns that failure to have in place an effective risk management process commensurate with the risk and complexity of a bank’s third-party relationships “may be an unsafe and unsound banking practice.” It outlines a “life cycle” approach and provides detailed descriptions of steps that a bank should consider taking at five important stages: Read more…
Prudential Regulators Issue Joint Agreement On Classification And Appraisal Of Securities Held By Financial Institutions
On October 29, the FDIC, the Federal Reserve Board, and the OCC issued a joint agreement to update and revise the 2004 Uniform Agreement on the Classification of Assets and Appraisal of Securities Held by Banks and Thrifts. The updated agreement reiterates the importance of a robust investment analysis process and the agencies’ longstanding asset classification definitions. It also replaces references to credit ratings with alternative standards of creditworthiness consistent with sections 939 and 939A of the Dodd-Frank Act, which directed the agencies to remove any reference to or requirement of reliance on credit ratings in the regulations and replace them with appropriate standards of creditworthiness. The agencies adopted those new standards in 2012 (see, e.g., the OCC’s final rule). The joint agreement provides examples to demonstrate the appropriate application of the new standards to the classification of securities.
On October 24, the Federal Reserve Board issued a proposed rule it developed with the OCC and the FDIC to establish a minimum liquidity coverage ratio (LCR) consistent with the Basel III LCR, with some modifications to reflect characteristics and risks of specific aspects of the U.S. market and U.S. regulatory framework. The proposal would create for the first time a minimum liquidity requirement for certain large or systemically important financial institutions. The covered institutions would be required to hold (i) minimum amounts of high-quality, liquid assets such as central bank reserves and government and corporate debt that can be converted easily and quickly into cash, and (ii) liquidity in an amount equal to or greater than its projected cash outflows minus its projected cash inflows during a short-term stress period. The requirements would apply to all internationally active banking organizations—i.e., those with $250 billion or more in total consolidated assets or $10 billion or more in on-balance sheet foreign exposure—and to systemically important, non-bank financial institutions designated by the FSOC. The proposal also would apply a less stringent, modified LCR to bank holding companies and savings and loan holding companies that are not internationally active, but have more than $50 billion in total assets. The regulators propose various categories of high quality, liquid assets and also specify how a firm’s projected net cash outflows over the stress period would be calculated using common, standardized assumptions about the outflows and inflows associated with specific liabilities, assets, and off-balance-sheet obligations. Comments on the proposed rule must be submitted by January 31, 2013.
On August 8, the CFPB released an updated small business guide for the remittance transfer rule it finalized last year and revised in May 2013. The updated guide summarizes the remittance rule and discusses the new requirements, which take effect on October 28, 2013. The CFPB also issued technical corrections to the May 2013 amendments, and released a video that provides an overview of the rule and the recent changes, as well as implementation guidance.
On August 1, the California Supreme Court held that the federal Truth in Savings Act (TISA), which does not provide a private right of action, does not similarly bar state law claims derived from alleged TISA violations. Rose v. Bank of Am., N.A., No. S199074, 2013 WL 3942612 (Cal. Aug. 1, 2013). In this case, a putative class filed suit claiming a bank violated the state’s Unfair Competition Law (UCL) when it failed to provide certain disclosures required by TISA. The trial and appellate courts held that because Congress amended TISA in 2001 to remove its private right of action, before the borrowers filed their TISA-based class claims, those claims were barred. The appellate court explained that Congress’s repeal of the private right of action reflected its intent to bar any private action to enforce TISA. The Supreme Court disagreed and held that Congress’s decision to leave TISA’s savings clause in place explicitly allowed for the enforcement of state laws relating to the disclosures at issue here, except to the extent that those laws are inconsistent with the relevant TISA provision. The court rejected the bank’s argument that the UCL may not be employed to borrow directly from a federal statute where Congress has not provided a private right of action, holding instead that “when Congress permits state law to borrow the requirements of a federal statute, it matters not whether the borrowing is accomplished by specific legislative enactment or by a more general operation of law.” The court reversed the appeals court’s judgment.
On July 30, the OCC, the FDIC, and the Federal Reserve Board proposed guidance for stress tests conducted by institutions with more than $10 billion but less than $50 billion in total consolidated assets. Under Dodd-Frank Act mandated regulations adopted by the regulators last October, such firms are required to conduct annual company-run stress tests starting in October 2013. The guidance discusses supervisory expectations for stress test practices, provides examples of practices that would be consistent with those expectations, and offers additional details about stress test methodologies. It also underscores the importance of stress testing as an ongoing risk management practice that supports a company’s forward-looking assessment of its risks and better equips the company to address a range of macroeconomic and financial outcomes. Comments on the proposed guidance are due by September 25, 2013.
On July 12, FinCEN issued a ruling to exempt financial institutions from collecting data about certain armored car transactions required for Currency Transaction Reports (CTR). Under a 2009 ruling, FinCEN clarified that when a financial institution customer hires an armored car service (ACS) to conduct business on its behalf, the customer’s financial institution is subject to the same CTR requirements as it would be with any other third-party facilitating a transaction for a customer. FinCEN now recognizes that the 2009 ruling created practical issues in application – financial institutions have had difficulty differentiating transactions conducted by a given ACS on behalf of the institution from those the ACS conducted on behalf of a customer, and have had trouble obtaining drivers’ personal information required for the CTR. With its current ruling, FinCEN authorized an exception to the CTR data collection and aggregation requirements that applies only to deposits or withdrawals conducted by an ACS employee pursuant to instructions from the financial institution’s customer or from a third party.
On July 15, the Electronic Payments Association (NACHA), the organization that manages the ACH Network, issued a bulletin that describes the provisions of NACHA’s operating rules regarding the “reinitiation” of returned ACH debit entries and the collection of return fees. With respect to the “reinitiation” of returned ACH debit entries the bulletin outlines the limited circumstances under which the rules permits originators and originating depository financial institutions (ODFIs) to reinitiate returned entries. First, an originator or an ODFI may reinitiate a returned entry up to two times if the entry was returned for reasons of insufficient or uncollected funds. Second, an originator or an ODFI may reinitiate a returned entry for reason of stop payment, but only if the receiver of the entry reauthorized the reinitiation after the return of the original entry. Finally, unless authorization has been revoked, an originator or an ODFI may reinitiate an entry returned for any other reason, as long as the originator or ODFI has corrected or remedied the reason for the return. In instances where authorization has been revoked, an originator or ODFI may not be reinitiated. Additionally, in order for a reinitiation of a returned entry to take place within the ACH Network, it must take place within 180 days of the settlement date of the original entry. With respect to the collection of return fees, the bulletin explains that (i) a return fee entry may be initiated only to the extent permitted by applicable law, and only for an entry that was returned for reasons of insufficient or uncollected funds; (ii) originators and ODFIs must provide specific prior notice prior to charging return fees; (iii) return fees must be specifically labeled as return fees in any entry description; (iv) only one return fee may be assessed with respect to any returned entry; and (v) a return fee may not be assessed with respect to the return of a return fee entry (i.e., no “fees on fees”).