On July 1, the OCC, the Federal Reserve Board, the FDIC, the NCUA, and the Conference of State Bank Supervisors issued interagency guidance on home equity lines of credit (HELOCs) nearing their end-of-draw periods. The guidance states that as HELOCs transition from their draw periods to full repayment, some borrowers may have difficulty meeting higher payments resulting from principal amortization or interest rate reset, or renewing existing loans due to changes in their financial circumstances or declines in property values. As such, the guidance describes the following “core operating principles” that the regulators believe should govern oversight of HELOCs nearing their end-of-draw periods: (i) prudent underwriting for renewals, extensions, and rewrites; (ii) compliance with existing guidance, including but not limited to the Credit Risk Management Guidance for Home Equity Lending and the Interagency Guidelines for Real Estate Lending Policies; (iii) use of well-structured and sustainable modification terms; (iv) appropriate accounting, reporting, and disclosure of troubled debt restructurings; and (v) appropriate segmentation and analysis of end-of-draw exposure in allowance for loan and lease losses estimation processes. The guidance also outlines numerous risk management expectations, and states that institutions with a significant volume of HELOCs, portfolio acquisitions, or exposures with higher-risk characteristics should have comprehensive systems and procedures to monitor and assess their portfolios, while less-sophisticated processes may be sufficient for community banks and credit unions with small portfolios, few acquisitions, or exposures with lower-risk characteristics.
On July 14, the DOJ, the FDIC, and state authorities in California, Delaware, Illinois, Massachusetts, and New York, announced a $7 billion settlement of federal and state RMBS civil claims against a large financial institution, which was obtained by the RMBS Working Group, a division of the Obama Administration’s Financial Fraud Enforcement Task Force. Federal and state law enforcement authorities and financial regulators alleged that the institution misled investors in connection with the packaging, marketing, sale, and issuance of certain RMBS. They claimed, among other things, that the institution received information indicating that, for certain loan pools, significant percentages of the loans reviewed as part of the institution’s due diligence did not conform to the representations provided to investors about the pools of loans to be securitized, yet the institution allowed the loans to be securitized and sold without disclosing the alleged failures to investors. The agreement includes a $4 billion civil penalty, described by the DOJ as the largest ever obtained under FIRREA. In addition, the institution will pay a combined $500 million to settle existing and potential claims by the FDIC and the five states. The institution also agreed to provide an additional $2.5 billion in borrower relief through a variety of means, including financing affordable rental housing developments for low-income families in high-cost areas. Finally, the institution was required to acknowledge certain facts related to the alleged activities.
On June 5, the FDIC and a Delaware bank entered a consent order that prohibits the bank from entering into any new relationships with third-party prepaid card processors or prepaid card program managers until the FDIC approves a written report from the bank that details the steps taken by the bank to (i) implement new BSA compliance policies and procedures; (ii) improve staff training; (iii) implement controls sufficient to mitigate BSA and safety and soundness risk associated with prepaid card, credit card merchant acquiring, and ACH activities; and (iv) perform a BSA risk assessment. The order similarly restricts the bank’s activities related to credit card merchant acquiring and ACH merchant payment processing. The order does not prohibit the bank from issuing prepaid cards through existing distribution channels under existing contracts with third-parties, but does restrict certain activities related to existing credit card and ACH processing activities. In addition, the bank must (i) retain and designate BSA and OFAC officers; (ii) conduct a suspicious activity reporting look-back review; and (iii) submit periodic progress reports. Finally, the order requires increased board supervision of the bank’s BSA compliance program and mandates the creation of a board-level BSA committee.
On June 12, the Federal Reserve Board and the OCC separately released proposed rules that would push back by 90 days the start date of the stress test cycles and the deadlines for submitting stress test results. The regulators propose making the new schedules effective beginning with the 2015-2016 cycles. On June 13, the FDIC proposed a rule to similarly shift the stress test cycles. In addition, the Federal Reserve’s proposed rule would (i) modify the capital plan rule to limit a large bank holding company’s ability to make capital distributions to the extent that its actual capital issuances were less than the amount indicated in its capital plan; (ii) clarify the application of the capital plan rule to a large bank holding company that is a subsidiary of a U.S. intermediate holding company of a foreign banking organization; and (iii) make other technical clarifying changes. Comments on the Federal Reserve’s proposal are due by August 11, 2014. Comments on the OCC’s and the FDIC’s proposals are due 60 days after their publication in the Federal register.
On June 5, the Community Financial Services Association and one of its short-term, small dollar lender members filed a lawsuit in the U.S. District Court for the District of Columbia claiming the FDIC, the OCC, and the Federal Reserve Board have participated in Operation Choke Point “to drive [the lenders] out of business by exerting back-room pressure on banks and other regulated financial institutions to terminate their relationships with payday lenders.” The complaint asserts that the operation has resulted in over 80 banking institutions terminating their business relationships with CFSA members and other law-abiding payday lenders. The lenders claim that the regulators are using broad statutory safety and soundness authority to establish through agency guidance and other means broad requirements for financial institutions, while avoiding the public and judicial accountability the regulators would otherwise be subject to if they pursued the same policies under the Administrative Procedures Act’s (APA) notice and comment rulemaking procedures. The lenders assert that in doing so, the regulators have violated the APA by (i) failing to observe its rulemaking requirements; (ii) exceeding their statutory authority; (iii) engaging in arbitrary and capricious conduct; and (iv) violating lenders’ due process rights. The lenders ask the court to declare unlawful certain agency guidance regarding third-party risk and payment processors and enjoin the agencies from taking any action pursuant to that guidance or from applying informal pressure on banks to encourage them to terminate business relationships with payday lenders.
On June 9, Darrell Issa (R-CA), Chairman of the House Oversight Committee, and Jim Jordan (R-OH), an Oversight subcommittee chairman, sent a letter to FDIC Chairman Martin Gruenberg that seeks information regarding the FDIC’s role in Operation Choke Point and calls into question prior FDIC staff statements about the agency’s role. The letter asserts that documents obtained from the DOJ and recently released by the committee demonstrate that, contrary to testimony provided by a senior FDIC staff member, the FDIC “has been intimately involved in Operation Choke Point since its inception.” The letter also criticizes FDIC guidance that institutions monitor and address risks associated with certain “high-risk merchants,” which, according to the FDIC, includes firearms and ammunition merchants, coin dealers, and payday lenders, among numerous others. The letter seeks information to help the committee better understand the FDIC’s role in Operation Choke Point and its justification for labeling certain businesses as “high-risk.” For example, the letter seeks (i) all documents and communications between the FDIC and the DOJ since January 1, 2011; (ii) all FDIC documents since that time that refer to the FDIC’s 2012 guidance regarding payment processor relationships; and (iii) all documents referring to risks created by financial institutions’ relationships with firearms or ammunition businesses, short-term lenders, and money services businesses.
On May 30, the OCC, the FDIC, the Federal Reserve Board, the NCUA, and the Farm Credit Administration issued an interagency statement regarding the increased maximum amount of flood insurance available for “Other Residential Buildings” (i.e., non-condominium residential buildings designed for use for five or more families) beginning June 1, 2014. The statement explains that the maximum amount of flood insurance available under the NFIP for Other Residential Buildings increased from $250,000 to $500,000 per building, which may affect the minimum amount of flood insurance required for both existing and future loans secured by Other Residential Buildings. The statement also informs institutions that FEMA instructed insurers to notify Other Residential Building policyholders—which potentially could include notice to lenders on those policies—of the new limits before June 1, 2014. The agencies state that “[i]f a financial institution or its servicer receives notification of the increased flood insurance limits available for an Other Residential Building securing a designated loan, the agencies expect supervised institutions to take any steps necessary to determine whether the property will require increased flood insurance coverage.” According to the statement, lenders are not required to perform an immediate full file search, but, for safety and soundness purposes, lenders may wish to review their portfolios in light of the availability of increased coverage to determine whether additional flood insurance coverage is required for the affected buildings. If, as a result of this increase, a lender or its servicer determines on or after June 1 that an Other Residential Building is covered by flood insurance in an amount less than required by law, then it should take steps to ensure the borrower obtains sufficient coverage, including lender-placing insurance.
On June 4, the Federal Reserve Board, the FDIC, and the OCC published a notice of regulatory review and request for comments to identify outdated, unnecessary, or unduly burdensome regulations imposed on insured depository institutions. The review is required by the Economic Growth and Regulatory Paperwork Reduction Act of 1996, and this is the first of four requests for comments that will be issued over the next two years. The request seeks comments on regulations in three specific categories: (i) applications and reporting; (ii) powers and activities; and (iii) international operations. The agencies ask commenters to specifically consider, among other things: (i) the need for statutory change; (ii) the need and purpose of the regulations; (iii) the effect on competition; (iv) reporting, recordkeeping, and disclosure requirements; and (v) the burden on small institutions, including community banks. Comments are due September 2, 2014.
On May 22, House Financial Services Committee Chairman Jeb Hensarling (R-TX) sent letters to the Federal Reserve Board, the OCC, the FDIC, and the NCUA asking the regulators to explain their use of “reputational risk,” and citing Operation Choke Point as an example of the potential for “reputation risk” to become “a pretext for the advancement of political objectives, which can potentially subvert both safety and soundness and the rule of law.” Congressman Hensarling asked each regulator to explain (i) whether it consider reputation risk in its supervision of depositories, and, if so, to explain the legal basis for such consideration and why it is appropriate; (ii) what data are used to analyze reputational risk and why such data are not already accounted for under CAMELS; and (iii) whether a poor reputation risk rating could be sufficient to warrant recommending a change in a depository’s business practices notwithstanding strong ratings under CAMELS.
On May 19, the Senate Banking Committee’s chairman and ranking member, Senators Tim Johnson (D-SD) and Mike Crapo (R-ID), sent a letter to the leaders of the Treasury Department, the SEC, the CFTC, the OCC, the FDIC, and the Federal Reserve Board regarding recent developments in the use of virtual currencies and their interaction with the global payment system. The Senators ask the regulators a series of questions related to the role of virtual currencies in the U.S. banking system, payment system, and trading markets, and the current role of federal regulators in developing local, national, and international enforcement policies related to virtual currencies. The Senators also seek the agencies’ expectations on virtual currency firms’ BSA compliance, and ask whether an enhanced regulatory framework for virtual currencies is needed.
On April 24, the FDIC hosted a meeting of its Advisory Committee on Economic Conclusion, during which FDIC staff presented a white paper on the potential for mobile financial services (MFS) to reach unbanked and underbanked consumers. The Committee meeting also covered an update on the FDIC’s safe accounts project, and included panels on youth financial literacy and consumer demand for small dollar credit. The white paper concludes that, in the short run, “MFS is best positioned to have an economic inclusion impact through its ability to meet day‐to‐day financial services needs of underbanked consumers as well as consumers at risk of account closure,” while also helping “the underserved gain access to the banking system and grow their financial capability.” The white paper encourages banks, service providers, and regulators to (i) integrate MFS into broader economic inclusion strategies; (ii) integrate MFS with other delivery channels and incorporate one-on-one interactions; (iii) “fine-tune” risk management strategies to match MFS expansion and underbanked strategies; (iv) improve convenience and speed of MFS through infrastructure enhancements; (v) enable additional mobile functionalities; (vi) develop case studies to demonstrate profitable implementation of MFS for economic inclusion; and (vii) bridge MFS with traditional payment services.
On April 18, the OCC, FDIC, and Federal Reserve Board released revised Community Reinvestment Act (CRA) examination procedures applicable to institutions with total assets greater than $1.202 billion as of December 31 of either of the previous two calendar years. The procedures incorporate revisions to the CRA interagency questions and answers issued in November 2013. Those revisions generally were intended to: (i) clarify how the agencies consider community development activities that benefit a broader statewide or regional area that includes an institution’s assessment area; (ii) provide guidance related to CRA consideration of, and documentation associated with, investments in nationwide funds; (iii) clarify the consideration of certain community development services, such as service on a community development organization’s board of directors; (iv) address the treatment of loans or investments to organizations that, in turn, invest those funds and use only a portion of the income from their investment to support a community development purpose; and (v) clarify that community development lending performance is always a factor considered in a large institution’s lending test rating.
On April 8 the House Financial Services Committee held a hearing with the general counsels of the federal banking agencies regarding, among other things, Operation Choke Point, the federal enforcement operation reportedly intended to cut off from the banking system certain lenders and merchants allegedly engaged in unlawful activities. Numerous committee members from both sides of the aisle raised concerns about Operation Choke Point, as well as the federal government’s broader pressure on banks over their relationships with nonbank financial service providers, including money service businesses, nonbank lenders, and check cashers. Committee members asserted that the operation is impacting lawful nonbank financial service providers, who are losing access to the banking system and, in turn, are unable to offer needed services to the members’ constituents. The FDIC’s Richard Osterman repeatedly stated that Operation Choke Point is a DOJ operation and the FDIC’s participation is limited to providing certain information and resources upon request. Mr. Osterman also asserted that the FDIC is not attempting to, and does not intend to, prohibit banks from offering products or services to nonbank financial service providers operating within the law, and that the FDIC’s guidance is clear that banks are neither prohibited from nor encouraged to provide services to certain businesses, provided they properly manage their risk. Similarly, the OCC’s Amy Friend stated that the OCC wants to ensure that banks conduct due diligence and implement appropriate controls, but that the OCC is not prohibiting banks from offering services to lawful businesses. She stated the OCC has found that some banks have made a business decision to terminate relationships with some nonbank providers rather than implement additional controls.
On April 8, the Federal Reserve Board, the FDIC, and the OCC adopted a final rule, effective January 1, 2018, requiring certain top-tier U.S. bank holding companies (BHCs) to maintain a minimum supplementary leverage ratio buffer of 2% above the minimum supplementary leverage ratio requirement of 3%. The final rule applies to BHCs with more than $700 billion in total consolidated assets or more than $10 trillion in assets under custody (Covered BHCs), and to insured depository institution subsidiaries of those BHCs (Covered Subsidiaries). A Covered BHC that fails to maintain the supplemental leverage buffer would be subject to restrictions on capital distributions and discretionary bonus payments. Covered Subsidiaries must also maintain a supplementary leverage ratio of at least 6% to be considered “well capitalized” under the agencies’ prompt corrective action framework. The final rule is substantially similar to the rule the agencies proposed in July 2013. Concurrent with the final rule, the agencies also (i) proposed a rule that would modify the denominator calculation for the supplementary leverage ratio in a manner consistent with recent changes agreed to by the Basel Committee, which would apply to all internationally active banking organizations, including those subject to the enhanced supplementary leverage ratio final rule; and (ii) proposed a technical correction to the definition of “eligible guarantee” in the agencies’ risk-based capital rules. The agencies are accepting comments on both proposals through June 13, 2014. Separately, the FDIC Board adopted as final its Basel III interim final rule, which is substantively identical to the final rules adopted by the Federal Reserve Board and the OCC in July 2013.
On April 7, the FDIC reissued, as attachments to FIL-13-2014, three technology outsourcing resources. The documents, which the FDIC describes as containing “practical ideas for banks to consider when they engage in technology outsourcing” are titled: (i) Effective Practices for Selecting a Service Provider; (ii) Tools to Manage Technology Providers’ Performance Risk: Service Level Agreements; and (iii) Techniques for Managing Multiple Service Providers. The FDIC advises that the resources are informational only and do not substitute for official examination guidance. On April 10, the FDIC urged financial institutions to utilize existing resources to identify and help mitigate potential cyber-related risks. The FDIC advised institutions to ensure that their information security staff are aware of and subscribe to reliable and recognized resources that can help quickly identify emerging cyber risks, including the following governmental resources: (i) the Department of Homeland Security’s United States Computer Emergency Readiness Team (US-CERT); (ii) U.S. Secret Service Electronic Crimes Task Force (ECTF); (iii) FBI InfraGard; (iv) financial services sector regional coalitions; and (v) Information Sharing and Analysis Centers (ISACs).