On October 30, five federal agencies – the FCA, FDIC, NCUA, OCC and the Fed – issued a proposed rule regarding flood insurance. The proposed rule will amend regulations relating to loans secured by property located in special flood hazard areas. Specifically, the proposed rule would (i) establish requirements in connection with the escrow of flood insurance payments; (ii) provide certain borrowers with the option to escrow flood insurance premiums and fees; and (iii) eliminate the HFIAA requirement “to purchase flood insurance for a structure that is part of a residential property located in a special flood hazard area if that structure is detached from the primary residential structure and does not also serve as a residence.” Comments on the proposed rule are due by December 29, 2014.
On November 5, the OCC, FDIC, and the Fed announced that they will hold an outreach meeting on December 2 to review regulations under the Economic Growth and Regulatory Paperwork Reduction Acts of 1996 (EGRPRA). This is the first of a series of outreach meetings and will be held at the LA branch of the Federal Reserve Bank of San Francisco. Under the EGRPRA, the FFIEC and the previously mentioned agencies must review their regulations at least every 10 years to identify any unnecessary or outdated regulations. The December 2 meeting will feature panel presentations by industry participants and consumer and community groups.
On October 27, the OCC announced the appointment of Darrin Benhart as Deputy Comptroller for Supervision Risk Management and Bethany Dugan as Deputy Comptroller for Operational Risk. Mr. Benhart will assume the position of full-time chair of the agency’s National Risk Committee, responding to a recommendation from a peer review that the agency create such a role. Mr. Benhart’s position is intended to strengthen the OCC’s ability to address risk in the national banking system. Prior to his appointment, Mr. Benhart served as the Deputy Comptroller for Credit and Market Risk. In her new role, Ms. Dugan will oversee the policy and examination procedures developments, specifically those that address operational risk issues.
On October 22, coordinated by the Department of Treasury, six federal agencies – the Board of Governors, HUD, FDIC, FHFA, OCC, and SEC – approved a final rule requiring sponsors of securitized transactions, such as asset-backed securities (ABS), to retain at least 5 percent of the credit risk of the assets collateralizing the ABS issuance. The final rule, which largely mirrors the proposed rule issued in August 2013, defines a “qualified residential mortgage” (QRM) and exempts securitized QRMs from the new risk retention requirement. Government-controlled Fannie and Freddie are exempt from the rule. Most notably, the final rule’s definition of a QRM parallels with that of a qualified mortgage as defined by the CFPB. Further, initially part of the proposed rule, the final rule does not include down payment provisions for borrowers. The final rule will be effective one year after publication in the Federal Register for residential mortgage-backed securities, and two years after publication for all other types of securitized assets.
On October 3, the OCC appointed Kathy Murry to serve as its Senior Deputy Comptroller for Management and Chief Financial Officer. Ms. Murry had served as the Deputy Comptroller and the Chief Accountant since 2009, and has been serving as the agency’s acting Senior Deputy Comptroller for Management and Chief Financial Officer since June 2014. In her new role, Ms. Murry will serve on the OCC Executive Committee and oversee the OCC’s financial management, human resources, continuing education, information technology, security, workplace services, and performance improvement.
On September 24, the CFPB announced a consent order with a large national bank to address alleged unfair practices related to add-on identity theft protection products marketed by the bank and sold and administered by a third-party service provider to the bank’s customers from 2003–2012. Specifically, the CFPB alleged that customers were unfairly billed by the service provider for certain products that offered credit monitoring and credit report retrieval services without receiving the full benefit of the services. Customers who enrolled in these add-on identity theft products were required to provide sufficient written authorization and personal verification before the customers’ credit bureau reports could be accessed. However, according to the Bureau, in many instances time passed before a customer’s authorization was obtained or a customer’s authorization was never obtained. In other instances, the credit bureau could not match the customer’s identification information with its records. Although the bank’s vendor, rather than the bank itself, was directly responsible for selling and administering the products, the CFPB found that the bank’s compliance monitoring, service provider management, and quality assurance functions had failed to prevent, identify, and correct the unfair practices, resulting in substantial injury to more than 420,000 consumers. According to the CFPB’s order, this injury was not reasonably avoidable by consumers, and was not outweighed by any countervailing benefit to consumers or competition, and, therefore, the bank engaged in unfair practices. Read more…
On September 8, the OCC, the FDIC, and the Federal Reserve Board released proposed revisions to the Interagency Questions and Answers Regarding Community Reinvestment. Specifically, the agencies propose to revise three questions and answers that address alternative systems for delivering retail banking service and provide additional examples of innovative or flexible lending practices. In addition, the proposal would revise three questions and answers addressing community development-related issues and add four new questions and answers – two of which address community development services, and two of which provide general guidance on responsiveness and innovativeness. Comments on the proposal are due by November 10, 2014.
On September 3, the OCC, the FDIC, and the Federal Reserve Board released a final rule establishing a minimum liquidity requirement for large and internationally active banking organizations. The rule will require banking organizations with $250 billion or more in total consolidated assets or $10 billion or more in on-balance sheet foreign exposure, and such banking organizations’ subsidiary depository institutions that have assets of $10 billion or more, to hold high quality, liquid assets (HQLA) that can be converted easily into cash in an amount equal to or greater than its projected cash outflows minus its projected cash inflows during a 30-day stress period. The ratio of the institution’s HQLA to its projected net cash outflow is its “liquidity coverage ratio,” or LCR. The Federal Reserve Board also is adopting a modified LCR for bank holding companies and savings and loan holding companies that do not meet these thresholds, but that have $50 billion or more in total assets. Bank holding companies and savings and loan holding companies with substantial insurance or commercial operations are not covered by the final rule. Relative to the proposal issued in October 2013, the final rule includes changes to the range of corporate debt and equity securities included in HQLA, a phasing-in of daily calculation requirements, a revised approach to address maturity mismatch during a 30-day period, and changes in the stress period, calculation frequency, and implementation timeline for the bank holding companies and savings and loan companies subject to the modified LCR. Covered U.S. firms will be required to be fully compliant with the rule by January 1, 2017. Specifically, covered institutions will be required to maintain a minimum LCR of 80% beginning January 1, 2015. From January 1, 2016, through December 31, 2016, the minimum LCR would be 90%. Beginning on January 1, 2017, and thereafter, all covered institutions would be required to maintain an LCR of 100%.
On September 3, the OCC, the FDIC, and the Federal Reserve Board released a final rule that modifies the definition of the denominator of the supplementary leverage ratio in a manner consistent with recent changes agreed to by the Basel Committee. The revisions to the supplementary leverage ratio apply to all banking organizations subject to the advanced approaches risk-based capital rule. The final rule modifies the methodology for including off-balance sheet items, including credit derivatives, repo-style transactions, and lines of credit, in the denominator of the supplementary leverage ratio. The final rule also requires institutions to calculate total leverage exposure using daily averages for on-balance sheet items and the average of three month-end calculations for off-balance sheet items. Certain public disclosures required by the final rule must be made starting in the first quarter of 2015, and the minimum supplementary leverage ratio requirement using the final rule’s denominator calculations is effective January 1, 2018.
On August 28, the OCC issued Bulletin 2014-43, which announces the issuance of a revised “Electronic Fund Transfer Act” booklet of the Comptroller’s Handbook. This booklet replaces the similarly titled booked issued in October 2011, and provides updated guidance to examiners and bankers relevant to recent changes made to Regulation E regarding remittance transfers. Specific updates address: (i) the transfer of rulemaking authority for the EFTA from the Board of Governors of the Federal Reserve System to the CFPB; (ii) Dodd-Frank’s amendments to the EFTA, which create a new system of consumer protections for remittance transfers; and (iii) the issuance of the CFPB’s final rule that restructures Regulation E and provides specific requirements for remittance service providers in new subpart B.
On September 2, the OCC published its final guidelines to purportedly strengthen the governance and risk management practices of large financial institutions. The guidelines provide that covered institutions should establish and adhere to a written risk governance framework to manage and control risk-taking activities. The guidelines also provide minimum standards for the institutions’ boards of directors to oversee the risk governance framework. The covered institutions include insured national banks, insured federal savings associations, and insured federal branches of foreign banks with $50 billion or more in average total consolidated assets. The guidelines also apply to OCC-regulated institutions with less than $50 billion in average total consolidated assets if the institution’s parent company controls at least one other covered institution. The size of the covered institution’s average total consolidated assets determines when that institution is expected to begin complying with the new guidelines following publication in the Federal Register, with the largest institutions (and their qualifying subsidiaries) being expected to comply sooner (or even immediately) than smaller ones.
AABD Makes Suggestions to Regulatory Agencies Regarding The Burdens Placed On America’s Bank Directors
On September 2, David Baris, President of the American Association of Bank Directors (AABD) and a Partner at BuckleySandler LLP, and Richard Whiting, Executive Director of the AABD, submitted a comment letter to the Nation’s federal bank regulatory agencies in connection with the OCC, the Board of Governors of the Federal Reserve System, and the FDIC’s (the Agencies) request for public comment on their review of “regulations to identify outdated, unnecessary or unduly burdensome regulations for insured depository institutions.” In 2006, the Agencies completed a similar review and the AABD determined it was an “unsatisfactory and flawed process,” and wants to ensure that the same mistakes are not made during this review. Specifically, the AABD urged that during this review, the Agencies should “review regulatory guidance in light of the practical effect of such guidance on the behavior of both bank board of directors and the Agencies.” On behalf of the AABD, Baris stated in a press release that the current laws, regulations and guidance “create a huge and counterproductive impact on bank directors that causes them to divert their attention away from the essential job of being a bank director – that is meeting their duty of care and loyalty by overseeing the institution.” In an effort to address the effects of the “current regulatory system on the Nation’s bank board of directors,” the AABD’s letter included the following recommendations to the Agencies: (i) review current regulations and written guidance to determine their effect on bank directors; (ii) incorporate into their current procedures a requirement that “future regulatory actions consider the impact of proposed rules and guidance on bank directors and not add new burdens unless the benefits of the proposed action clearly outweighs the burdens place[d] on bank directors”; (iii) identify, consolidate, and clarify the provisions that place burdens on bank directors; and (iv) implement rules that allow the board of directors to “delegate management duties to management and rely reasonably on management.”
On August 22, the CFPB and the federal banking agencies (Fed, OCC, FDIC and NCUA) issued interagency guidance regarding unfair or deceptive credit practices (UDAPs). The guidance clarifies that “the repeal of the credit practices rules applicable to banks, savings associations, and federal credit unions is not a determination that the prohibited practices contained in those rules are permissible.” Notwithstanding the repeal of these rules, the agencies preserve supervisory and enforcement authority regarding UDAPs. Consequently, the guidance cautions that “depending on the facts and circumstances, if banks, savings associations and Federal credit unions engage in the unfair or deceptive practices described in the former credit practices rules, such conduct may violate the prohibition against unfair or deceptive practices in Section 5 of the FTC Act and Sections 1031 and 1036 of the Dodd-Frank Act. The Agencies may determine that statutory violations exist even in the absence of a specific regulation governing the conduct.” The guidance also explains that the FTC Rule remains in effect for creditors within the FTC’s jurisdiction, and can be enforced by the CFPB against creditors that fall under the CFPB’s enforcement authority.
On August 18, in a speech to the Association of Military Banks of America, Deputy Comptroller for Compliance Policy Grovetta Gardineer described the OCC’s increasing supervisory and enforcement focus on SCRA compliance. Ms. Gardineer explained that given the significant risks presented by a bank’s failure to comply with the SCRA, the OCC has “stepped up its focus on compliance” and “now requires . . . examiners to include evaluation of SCRA compliance during every supervisory cycle”—even though this closer scrutiny is not required by statute. Ms. Gardineer also highlighted the OCC’s concern regarding potential unfair and deceptive practices associated with overdraft and other administrative fees, especially when “poorly worded disclosures about fees” are contained in “page after page of legal notices and disclaimers.” And while Ms. Gardineer stated that the OCC itself is willing to take enforcement actions where necessary, she also stressed the importance of coordination between regulators to more effectively implement rules and help create a “culture that encourages . . . financial readiness” among servicemembers.
On August 20, the OCC issued Bulletin 2014-41, which announces a new “Merchant Processing” booklet of the Comptroller’s Handbook. This booklet replaces the booklet of the same name issued in December 2001 and provides updated guidance to examiners and bankers on assessing and managing the risks associated with merchant processing activities. Specific updates address: (i) the selection of third-party organizations and due diligence; (ii) technology service providers; (iii) on-site inspections, audits, and attestation engagements, including the “Statement on Standards for Attestation Engagement” (SSAE 16) and the “International Standard on Assurance Engagements” (ISAE 3402); (iv) data security standards in the payment card industry for merchants and processors; (v) the Member Alert to Control High-Risk Merchants (MATCH) list; (vi) BSA/AML compliance programs and appropriate policies, procedures, and processes to monitor and identify unusual activity; and (vii) appropriate capital for merchant processing activities.