On November 4, Federal Reserve Chair Janet Yellen testified before the House Committee on Financial Services. The topic of Chair Yellen’s testimony was “the lessons of the financial crisis and how we have transformed our regulatory and supervisory approach.” She explained that, prior to the crisis, the Fed’s “primary goal was to ensure the safety and soundness of individual financial institutions” and that, since the crisis, the Fed’s aim has been to regulate and supervise “in a manner that promotes the stability of the financial system as a whole.” Yellen went on to explain that the regulatory approaches adopted to address both large financial institutions and companies and community banks have been different. According to Yellen, with respect to the large financial institutions, the Fed’s approach is “oriented toward both the safety and soundness of the individual firms, and the stability of the financial system as a whole.” With respect to community banks, Chair Yellen noted that the Fed’s supervisory approach is risk based: “[i]n supervising these institutions, we follow a risk-focused approach that aims to target examination resources to higher-risk areas of each bank’s operations and to ensure that banks maintain risk-management capabilities appropriate to their size and complexity.”
On November 9, the New York DFS sent a letter to federal regulators and other interested parties, including the CFPB, Federal Reserve Board, and the OCC, regarding potential new regulations aimed at increasing cybersecurity efforts within the financial sector. The letter references recent DFS reports that covered key findings from surveys given to regulated banking organizations on their cybersecurity programs, costs, and future plans. The reports raised the following concerns: (i) the speed of technological change and the increasingly sophisticated nature of threats; (ii) third-party service providers tend to have access to sensitive information and companies’ IT systems, providing potential hackers with a point of entry; and (iii) the “scale and breadth of the most recent breaches and incidents.” In light of these concerns, the DFS asserts that it would be beneficial to coordinate with state and federal regulators to “develop a comprehensive [cybersecurity] framework that addresses the most critical issues, while still preserving the flexibility to address New York-specific concerns.” According to the letter, the DFS expects to propose regulations requiring entities to set specific requirements in areas such as: (i) cybersecurity policies and procedures; (ii) third-party service provider management; (iii) cybersecurity personnel and intelligence, including implementing mandatory cybersecurity training programs; and (iv) notice of cybersecurity breaches.
U.S. House of Representatives Passes Several Financial Regulatory Relief Bills, Including TRID Safe Harbor
On October 7, the U.S. House of Representatives (U.S. House) passed several pieces of bipartisan legislation aimed at providing regulatory relief to lenders and strengthening consumer protection. This legislation included H.R. 3192, the Homebuyers Assistance Act, which was approved by a 303-121 vote, which seeks to provide a formal four-month safe harbor for lenders who in “good faith” work to comply with the CFPB’s new TRID Rule, which went into effect on October 3. The U.S. House also unanimously approved H.R. 1553, the Small Bank Exam Cycle Reform Act, and H.R. 1839, the Reforming Access for Investments in Startup Enterprises (RAISE) Act. The Small Bank Exam Cycle Reform Act would allow well-managed banks with assets under $1 billion to qualify for an 18-month examination cycle, rather than the current 12-month cycle. The RAISE Act is intended to promote a liquid secondary market for shareholders seeking to sell private securities and encourage startups and private companies to raise capital to grow their businesses. This legislation will now go to the U.S. Senate for consideration.
On September 28, the Federal Reserve, the FDIC, and the OCC announced that the latest outreach meeting under the Economic Growth and Regulatory Paperwork Reduction Act (EGRPRA) will be held on October 10 in Chicago, Illinois. The meeting will feature panel presentations from industry insiders and consumer advocates. Senior officials from the Federal Reserve, OCC, and FDIC are also scheduled to attend. This meeting will be the fifth of six outreach meetings focused on identifying outdated or burdensome regulatory requirements imposed on financial institutions. The sixth and final meeting is expected to take place on December 2 in Washington, D.C. Previous InfoBytes coverage on EGRPRA can be found here.
On July 16, 2015, the Consumer Financial Protection Bureau (“CFPB” or “Bureau”) launched the first in a new series of monthly complaint reports highlighting key trends from consumer complaints submitted to the CFPB. Importantly, its monthly report provides significant detail on the complaints the CFPB has received, including the names of the companies that received the largest number of complaints.
Currently, the most-complained-about companies are also the largest bank and nonbank financial institutions in the country. Since these institutions have the highest numbers of customers, it is only natural that they have received the highest number of complaints. On the same day as the monthly report’s release, CFPB Director Richard Cordray provided remarks at an Americans for Financial Reform event in Washington, D.C. Director Cordray noted that in future monthly reports, the CFPB hopes to “normalize” its consumer complaint data by accounting for financial institutions’ respective size and volume. To that end, the CFPB issued a Request for Information seeking input on ways to enable the public to more easily understand company-level complaint information and make comparisons. The comment period closes August 31, 2015. Read more…