A foreign bank has agreed to pay $1.1 billion to settle lawsuits brought in Kansas and California in 2011 by the National Credit Union Administration Board (NCUA) as the liquidating agent for two corporate credit unions. The lawsuit centered on claims that the bank sold faulty mortgage-backed securities, contributing to the failures of the two credit unions during the financial crisis.
On October 20, the FDIC, OCC, Federal Reserve, Farm Credit Administration, and National Credit Union Administration issued a proposed rule intended to develop further the private flood insurance marketplace by implementing certain provisions of the 2012 Biggert-Waters Flood Insurance Reform Act (Biggert-Waters Act). Notably, the proposed rule would “require regulated lending institutions to accept policies that meet the statutory definition of private flood insurance in the Biggert-Waters Act and permit regulated lending institutions to accept flood insurance provided by private insurers that does not meet the statutory definition of ‘private flood insurance’ on a discretionary basis, subject to certain restrictions.” Comments on the proposal are due 60 days after it is published in the Federal Register.
On August 30, the Department of the Treasury, along with the OCC, FDIC, Federal Reserve and NCUA, issued a joint fact sheet on foreign correspondent banking. The fact sheet provides a summary of the agencies’ (i) expectations for BSA/AML and OFAC risk management at U.S. depository institutions; (ii) risk-based approach to the supervisory examination process; and (iii) use of enforcement as an “extension of the supervisory process.” As highlighted in a corresponding blog post, the fact sheet explains that about “95% of BSA/OFAC compliance deficiencies identified by the [Federal Banking Agencies], FinCEN, and OFAC are corrected by the institution’s management without the need for any enforcement action or penalty.” The fact sheet notes that, under existing regulations there is no general requirement for depository institutions to conduct due diligence on an individual customer of a foreign financial institution (FFI). But it also notes that “[i]n determining the appropriate level of due diligence necessary for an FFI relationship, U.S. depository institutions should consider the extent to which information related to the FFI’s markets and types of customers is necessary to assess the risks posed by the relationship, satisfy the institution’s obligations to detect and report suspicious activity, and comply with U.S. economic sanctions. This may require U.S. depository institutions to request additional information concerning the activity underlying the FFI’s transactions in accordance with the suspicious activity reporting rules and sanctions compliance obligations.”
FFIEC Issues Cybersecurity Statement, Comments on Recent Attacks on Interbank Messaging and Payment Networks
On June 7, the FFIEC issued a statement on behalf of its members (the OCC, Federal Reserve, FDIC, NCUA, CFPB, and State Liaison Committee) advising financial institutions to “actively manage the risks associated with interbank messaging and wholesale payment networks.” According to the statement, recent cyber attacks against interbank networks and wholesale payment systems have demonstrated the ability to: (i) bypass information security controls and compromise a financial institution’s wholesale payment origination environment; (ii) “obtain and use valid operator credentials with the authority to create, approve, and submit messages”; (iii) make use of sophisticated understanding of funds transfer operations and operational controls; (iv) disable security logging and reporting by using highly customized malware, as well as conceal and delay detection of fraudulent transactions with the use of other operational controls; and (v) quickly transfer stolen funds across multiple jurisdictions. Read more…
CFPB, Federal Banking Agencies, and NCUA Issue Interagency Guidance Regarding Deposit Reconciliation Practices
On May 18, the CFPB, the Federal Reserve, the OCC, the FDIC, and the NCUA issued interagency guidance on supervisory expectations regarding customer account deposit reconciliation practices. According to the guidance, banks create a “credit discrepancy” if they credit a customer a different amount than the total of the items the customer tried to deposit into an account. In further explaining what constitutes a credit discrepancy, the guidance states, “the customer may deposit $110 to an account, but may indicate on the deposit slip that only $100 has been tendered. In this case, the financial institution may credit $100 to the customer’s account as indicated on the deposit slip without reconciling the $10 discrepancy.” According to the guidance, some financial institutions fail to correct the inconsistencies between the dollar value of items deposited to the customer’s account and the amount actually credited to that same account. This is a potential violation of (i) the Expedited Funds Availability Act’s, as implemented by Regulation CC, requirement to make deposited funds available for withdrawal within prescribed time limits; (ii) the FTC Act’s ban of unfair or deceptive acts or practices; and (iii) the Dodd-Frank Act’s prohibition of unfair, deceptive, or abusive acts or practices. In addition to reminding financial institutions of their obligations to comply with the aforementioned applicable laws, the guidance stresses that financial institutions are expected to “adopt deposit reconciliation policies and practices that are designed to avoid or reconcile discrepancies, or designed to resolve discrepancies such that customers are not disadvantaged.”