Agencies Release CRA Asset-Size Threshold Adjustments

On December 22, the Federal Reserve, the OCC, and the FDIC jointly announced the adjusted thresholds for asset-size used to define small and intermediate small banks and savings associations under the Community Reinvestment Act. Effective January 1, 2016, a small bank or savings association will be defined as an institution that, as of December 31 of either of the past two calendar years, had assets of less than $1.216 billion. An intermediate small bank or intermediate small savings association will be defined as an institution with at least $304 million and less than $1.216 billion in assets as of December 31 of either of the past two calendar years. The agencies published the annual adjustments in the Federal Register on December 29, 2015.

LinkedInFacebookTwitterGoogle+Share
COMMENTS: Comments Off
TAGS: , , ,
POSTED IN: Banking, Federal Issues

Vendor Management in 2015 and Beyond

Jon-Langlois caption ASValerie-Hletko caption 2With evolving regulatory expectations and increased enforcement exposure, financial institutions are under more scrutiny than ever. Nowhere is this more evident than in the management and oversight of service providers. When service providers are part of an institution’s business practice, understanding the expectations of regulators, investors, and counterparties for compliance with consumer financial laws is critical.

Jeff-Naimon caption AS Chris-Witeck caption ASCFPB Guidance

In 2012, the CFPB issued Bulletin 2012-03, which outlines the CFPB’s expectations regarding supervised institutions’ use of third party service providers. Banks and nonbanks alike are expected to maintain effective processes for managing the risks presented by service providers, including taking the following steps:

  • Conducting thorough due diligence of the service provider to ensure that the service provider understands and is capable of complying with federal consumer financial law
  • Reviewing the service provider’s policies, procedures, internal controls, and training materials
  • Including clear expectations in written contracts
  • Establishing internal controls and on-going monitoring procedures
  • Taking immediate action to address compliance issues

Implementing consistent risk-based procedures for monitoring third party service provider relationships is an extremely important aspect of meeting the CFPB’s expectations and mitigating risk to the institution. Read more…

LinkedInFacebookTwitterGoogle+Share

OCC Releases Semiannual Risk Perspective Report

On December 16, the OCC released its Semiannual Risk Perspective report to provide an overview of supervisory concerns for the federal banking system, including operational and compliance risks. According to the report, which covers data through June 30, 2015, risks relating to strategic, compliance, and interest rates remain unchanged, but risks connected to underwriting and cybersecurity continue to grow. Notable findings in the report reveal that (i) the low interest rate environment has led banks to reevaluate risk tolerance and extend their reach for yield; and (ii) banks are responding to competitive pressures and growth objectives by adopting a more relaxed approach toward credit underwriting standards and practices, particularly in high-growth loan segments, such as indirect auto, commercial and industrial, and multifamily.

Read more…

LinkedInFacebookTwitterGoogle+Share

OCC Releases Quarterly Mortgage Metrics Report Showing Continued Improvement through Third Quarter of 2015

On December 14, the OCC released its quarterly Mortgage Metrics Report. The report shows continued improvement of the mortgage performance of first-lien mortgages during the third quarter of 2015. 93.9% of mortgages included in the report were current and performing at the end of the quarter, compared to last year’s 93%. In addition, 30 to 59 days past due mortgages made up 2.3% of the portfolio, representing a 4.4% decrease from a year earlier, and 60 or more days past due mortgages made up 2.6%, representing a 16.1% decrease. The report also highlights a decline in both foreclosure activity and the need for other loss mitigation actions. The OCC’s report reflects performance data on first-lien residential mortgages serviced by eight national banks maintaining large mortgage-servicing portfolios.

LinkedInFacebookTwitterGoogle+Share

OCC Updates Risk Assessment Guidance

On December 3, the OCC revised its Comptroller’s Handbook to include updated guidance regarding its risk assessment system (RAS). The RAS guidance clarifies the relationship between RAS and the Uniform Financial Institutions Rating System known as CAMELS. In addition, the guidance revises the definition of banking risk and applies a single definition – “the potential that events will have an adverse effect on a bank’s current or projected financial condition and resilience” – to all categories. Finally, the guidance expands the quality of risk management assessment to include a category of “insufficient,” between the already existing categories of “satisfactory” and “weak,” and also expands the assessment of strategic and reputation risk to consider both quantity of risk and quality of risk management.

LinkedInFacebookTwitterGoogle+Share
COMMENTS: Comments Off
TAGS: ,
POSTED IN: Banking, Federal Issues

Agencies Announce Final EGRPRA Outreach Meeting

On November 13, the OCC, the FDIC, and the Federal Reserve announced that the final outreach meeting to review regulations under the Economic Growth and Regulatory Paperwork Reduction Act will be held on December 2 at the FDIC’s headquarters in Arlington, VA. In addition to panel presentations by bankers, consumer groups and community groups, the following persons are scheduled to attend the meeting: FDIC Chairman Martin J. Gruenberg; OCC Comptroller Thomas J. Curry; Federal Reserve Governor Daniel K. Tarullo; DC Department of Insurance, Securities and Banking’s Acting Commissioner, Stephen C. Taylor; and the Virginia Bureau of Financial Institution’s Commissioner, E. Joseph Face, Jr.

LinkedInFacebookTwitterGoogle+Share
COMMENTS: Comments Off
TAGS: , ,
POSTED IN: Banking, Federal Issues

FFIEC Issues Joint Statement Regarding Cyber Attacks Involving Extortion

On November 3, the FFIEC issued a statement notifying financial institutions of the increasing frequency and severity of cyber attacks involving extortion. The joint statement urges financial institutions to take steps to ensure effective risk management programs, including but not limited to the following: (i) conducting ongoing information security risk assessments; (ii) performing security monitoring, prevention, and risk mitigation; (iii) implementing and regularly testing controls around critical systems; and (iv) participating in industry information-sharing forums. The statement identifies resources financial institutions can refer to for assistance in mitigating cyber attacks involving extortion.

The OCC also published a bulletin alerting all OCC-supervised institutions of the FFIEC’s joint statement.

LinkedInFacebookTwitterGoogle+Share

OCC Updates Floor Plan Lending Guidance

On October 27, the OCC issued an updated Floor Plan Lending booklet of the Comptroller’s Handbook. The revised booklet (i) summarizes the basics of floor plan lending for examiners, including a description of indirect dealer lending and the regulatory and legal foundation for floor plan lending; (ii)  provides banks with sound risk management practices and describes regulatory risk rating guidelines; and (iii) includes an expanded examination procedures section with examples of risk rating cases and factors for determining the quantity of credit risk and the quality of credit risk management. The updated booklet replaces a similarly titled booklet issued in March 1990, as well as section 216 of “Floor Plan and Indirect Lending” issued in January 1994 as part of the former Office of Thrift Supervision’s Examination Handbook.

LinkedInFacebookTwitterGoogle+Share

Federal Banking Regulators Schedule EGRPRA Outreach Meeting in Chicago

On September 28, the Federal Reserve, the FDIC, and the OCC announced that the latest outreach meeting under the Economic Growth and Regulatory Paperwork Reduction Act (EGRPRA) will be held on October 10 in Chicago, Illinois. The meeting will feature panel presentations from industry insiders and consumer advocates. Senior officials from the Federal Reserve, OCC, and FDIC are also scheduled to attend. This meeting will be the fifth of six outreach meetings focused on identifying outdated or burdensome regulatory requirements imposed on financial institutions. The sixth and final meeting is expected to take place on December 2 in Washington, D.C. Previous InfoBytes coverage on EGRPRA can be found here.

LinkedInFacebookTwitterGoogle+Share

Legislation Seeking Better Transparency in Federal Agency Settlements Passes Unanimously in U.S. Senate

On September 21, Senate Bill 1109, the Truth in Settlements Act, passed in the U.S. Senate with amendments by unanimous consent and has now been referred to the U.S. House of Representative’s Committee on Oversight and Government Reform for consideration. Originally introduced in January 2014 and sponsored by Elizabeth Warren (D-MA), the Truth in Settlements Act would require federal agencies to post online, in a searchable format, a list of each covered settlement agreement, criminal or civil, with payments totaling $1 million or more. The list would entail, among other things, (i) the names of the settling parties and the amount each must pay; (ii) a description of the claims each party settled; (iii) whether a portion of the settlement amount is tax-deductible; and (iv) any actions the settling parties must take under the settlement agreement in lieu of payment. If enacted, the bill would require agencies to publicly explain via written statement why confidentiality is justified for certain instances. The bill, co-sponsored by Senators James Lankford (R-OK) and Tammy Baldwin (D-WI), aims to provide greater transparency and oversight regarding settlements reached by federal enforcement agencies.

LinkedInFacebookTwitterGoogle+Share

SCRA Compliance, Cybersecurity, and Responsible Innovation Remain Top Priorities at OCC

On August 31, Grovetta Gardineer, the OCC’s Deputy Comptroller for Compliance Operations and Policy, delivered remarks at the Association of Military Bankers of America annual workshop in Leesburg, VA. Throughout her presentation, Gardineer highlighted issues affecting financial institutions focused primarily on lending to servicemembers. Gardineer discussed the OCC’s ongoing efforts to identify and correct deficiencies within bank and thrift compliance practices and noted improved Servicemembers Civil Relief Act (“SCRA”) compliance by regulated institutions. Specifically, Gardineer observed that in 2014, the OCC cited sixty-five SCRA violations among large, midsized, and community institutions. For the first quarter of 2015, however, Gardineer reported that OCC examiners cited only seven SCRA violations. Gardineer also referenced recent amendments to the Military Lending Act (“MLA”) which expanded consumer protections to both open-end and closed-end consumer credit for servicemembers; she emphasized that banks should be proactive in updating their internal policies and procedures to reflect the MLA’s changes. Reiterating the OCC’s commitment to cybersecurity, Gardineer advised that OCC examiners intend to use the cybersecurity assessment tool “to supplement exam work to gain a more complete understanding of an institution’s inherent risk, risk management practices, and controls related to cybersecurity.” Finally, Gardineer discussed innovation within the industry, such as the emergence of various mobile payments transfer systems and peer-to-peer lending. She stressed that the OCC intends to facilitate a responsible regulatory environment that will encourage innovative financial products and services while also implementing regulations to ensure adequate consumer protections.

LinkedInFacebookTwitterGoogle+Share

CFPB, FDIC, and OCC Order Large Financial Institution and Subsidiaries to Pay Nearly $40 Million for Deposit Discrepancies

On August 12, in coordinated enforcement actions, the CFPB, FDIC, and OCC ordered a large financial institution and two of its banking subsidiaries to pay nearly $40 million in fines and restitution for failing to credit consumers the full amounts of their deposited funds. The regulators allege that, from 2008 through 2013, the bank entities (i) failed to credit consumers the full amount of their deposits when the amount scanned on the deposit slip was less than the amount of the checks and cash deposited; and (ii) falsely claimed that they would verify the deposits. The CFPB consent order requires the bank entities to pay approximately $11 million in restitution and a $7.5 million civil money penalty. The FDIC order requires one of the banking subsidiaries to pay nearly $5.8 million in restitution and a $3 million civil money penalty, while the OCC consent order assessed a $10 million civil money penalty on the other banking subsidiary.

LinkedInFacebookTwitterGoogle+Share
COMMENTS: Comments Off
TAGS: , , ,
POSTED IN: Banking, Federal Issues

OCC Comptroller Talks Future of Financial Services, Eyes FinTech Industry

On August 7, OCC Comptroller Thomas Curry delivered remarks at the Federal Home Loan Bank of Chicago, which was hosting a conference highlighting the future of financial services. Specifically, Curry discussed innovation in the emerging financial technology industry, or “fintech,” noting the risks and benefits associated with mobile payments, virtual currency, and peer-to-peer lending products within the U.S. banking system. With respect to virtual currency, Curry stressed how important it is for financial institutions to implement adequate procedures to deter money laundering and terrorist financing. Curry also recognized that the OCC is “still early in the process” of evaluating a regulatory framework to examine some new and innovative products and services. Rounding out his remarks, Curry expressed his growing concerns with so called “neobanks,” which operate primarily online but provide similar services to brick and mortar retail branch banks, including the heightened privacy risks that neobanks present in light of recent cybersecurity attacks.

LinkedInFacebookTwitterGoogle+Share

Comptroller Talks Interest Rate, Compliance, and Cybersecurity Risks Facing Financial Institutions

On July 24, OCC Comptroller Curry delivered remarks before the New England Council in Boston, MA regarding the risks that financial institutions face today. Rising interest rates and regulatory compliance were two of the three risks discussed. Curry emphasized that the inevitable rise in interest rates could greatly affect loan quality, particularly loans that were not carefully underwritten to begin with, and that ”[l]oans that are typically refinanced, such as leveraged loans,” would be particularly severely affected. Recognizing the impact that Dodd-Frank continues to have on banks, Curry said that financial institutions face two categories of risk from new regulations: (i) “banks run afoul of the new regulations, possibly damaging their reputations and subjecting themselves to regulatory penalties”; and (ii) banks devote their time and money to regulatory compliance, rather than putting those resources toward serving their customers and communities. The final and “perhaps the foremost risk facing banks today,” according to Curry, is cyber threats. Curry outlined the agency’s efforts to curtail cyber intrusion in the banking industry, highlighting the June 30 release of its Semiannual Risk Assessment and the creation of a Cybersecurity and Critical Infrastructure Working Group, which was designed to (i) increase cybersecurity awareness; (ii) promote best practices; and (iii) strengthen regulatory oversight of cybersecurity readiness. Curry noted, however, that information-sharing is just as important as self-assessment and supervisory oversight: “We strongly recommend … that financial institutions of all sizes participate in the Financial Services Information Sharing and Analysis Center, a non-profit information-sharing forum established by financial services industry participants to facilitate the sharing of physical and cyber threat and vulnerability information.” Collaboration among banks of all sizes and non-bank providers, Curry stated, can be a “game-changer” in more ways than one: “By promoting the discovery of common interests and common responses to the risks that you face in your businesses and we all face together, you provide an invaluable service to New England and to the United States.”

LinkedInFacebookTwitterGoogle+Share

CFPB Reaches $700 Million Settlement to Resolve Credit Card Ancillary Products Investigation

On July 21, the CFPB announced a nearly $700 million settlement against a leading financial institution and its subsidiaries.  According to the consent order, the Bureau alleges that the entities engaged in deceptive marketing, billing, and collection practices related to various credit card ancillary products, including debt protection and credit monitoring services. Specifically, the Bureau alleges that the institution or its vendors marketing practices, consisting of telemarketing calls, online enrollment, point-of-sale application, and direct enrollment at retailers, mislead consumers into enrolling for certain ancillary products. The Bureau further alleges that, in some instances, telemarketers failed to accurately disclose the cost and fees associated with the ancillary products. With respect to the unfair billing allegations, the Bureau contends that the institution or its vendors improperly charged consumers, without authorization, for services that were not rendered, and failed to provide full product benefits of the services marketed to consumers. In addition, the Bureau alleges that the institution misrepresented payment fee information to consumers by failing to disclose the actual purpose of the fee associated with making payments by phone on delinquent credit card accounts. Under terms of the settlement, the institution and its subsidiaries agreed to (i) provide $479 million in consumer relief related to its marketing practices; (ii) pay roughly $220 million in restitution related to its payments collection practices and for consumers not receiving the full benefits of services promised; and (iii) pay a $35 million civil money penalty.

In a parallel enforcement action, the OCC imposed a separate $35 million civil money penalty against the institution for engaging in similar practices, and requires the institution to strengthen its oversight of third-party vendors and develop a comprehensive risk management program for ancillary products marketed or sold by the bank.

LinkedInFacebookTwitterGoogle+Share