While most websites of businesses, including banks and financial services providers, should be accessible to individuals with disabilities, questions exist as to how this requirement is enforced.  On September 25, 2018, the U.S. Department of Justice issued a letter to a member of the U.S. House of Representatives in which it took the position that “noncompliance with a voluntary technical standard for website accessibility does not necessarily indicate noncompliance with the ADA.”  The DOJ’s position, significantly, does not require conformance with the voluntary Web Content Accessibility Guidelines (WCAG) 2.0 to comply with the ADA in all instances.  The DOJ expressly allows for flexibility in how individuals with disabilities are provided access to digital and online content, but does not provide guidance in the implementation of such flexibility.

The DOJ’s letter responds to a June 2018 inquiry from House members of both parties that asked the DOJ to “state publicly that private legal action under the ADA with respect to websites is unfair and violates basic due process principles” absent clear guidance from the DOJ on website accessibility.  In its response, the DOJ noted that for more than 20 years, the DOJ has interpreted the ADA to apply to websites of places of public accommodation.  The DOJ’s response also clarified that the absence of a specific regulation does not mean that websites are not subject to the ADA’s accessibility requirements.  The DOJ indicated in its letter a willingness to work with Congress on legislative action to address the increased website accessibility litigation risk faced by businesses.

The flexible approach to website accessibility expressed by the DOJ may provide businesses with the ability to take the position that the ADA does not necessarily require conformance with the WCAG and that businesses may have the flexibility to provide substantially equivalent access to online information through means other than meeting the WCAG criteria.

Five U.S. regulatory agencies—the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, the Office of the Comptroller of the Currency, and the U.S. Department of Treasury’s Financial Crimes Enforcement Network (“FinCEN”)—released on October 3, 2018 an Interagency Statement on Sharing Bank Secrecy Act Resources (“Statement”).  This guidance addresses instances in which certain banks and credit unions can enter into “collaborative arrangements” to share resources to manage their Bank Secrecy Act (“BSA”) and anti-money laundering (“AML”) obligations more efficiently and more effectively.

The Statement contemplates banks sharing resources such as internal controls, independent testing, and AML/BSA training (but does not apply to collaborative arrangements formed for information sharing among financial institutions under Section 314(b) of the U.S. Patriot Act.)  Such resource sharing contemplates reducing costs and increasing efficiencies in the ways banks manage their BSA and AML obligations.  The Statement clearly is addressed primarily to community banks, for which the costs of AML/BSA compliance can be significant, and which presumably engage in “less complex operations [and have] lower risk profiles for money laundering or terrorist financing.”  The Statement potentially represents another step in an ongoing AML reform process, which increasingly acknowledges the costs of AML compliance to industry.

The term “collaborative arrangement” is defined by the Statement as two or more banks with the objective of participating in a common activity or pooling resources to achieve a common goal.  Such resources include human and technological resources, and goals include reducing costs, increasing operational efficiencies, and leveraging specialized expertise.  The Statement elaborates on three, non-exhaustive examples of appropriate resources to share.

First, the Statement suggests that banks can jointly conduct internal control functions, including the drafting and updating of BSA/AML policies and procedures, developing risk-based customer identification and account monitoring processes, and tailoring monitoring systems and related reports regarding the risks.

Second, the Statement suggests that banks can share independent compliance testing personnel: “[t]he shared resource may, for example, be utilized in the scoping, planning, and performance of the BSA/AML compliance program independent test with appropriate safeguards in place to ensure the confidentiality of sensitive business information.”  Further, any shared resource must be qualified and not involved in other AML/BSA functions at the bank being reviewed.

Third, the Statement suggests that banks may share the cost of BSA/AML training personnel, particularly because it may be “challenging” and/or “cost prohibitive” in “some communities” to attract a qualified BSA/AML trainer.

The Statement suggests that the sharing of a BSA/AML officer is possible but could be problematic, given the confidential nature of SAR reporting and potential challenges posed to effective communication between the officer and each bank’s board of directors and senior management.  The clear import of the Statement is that such arrangements should be struck only with great care.

The Statement also generally observes the risks involved in a collaborative arrangement, and suggests that such an arrangement is not appropriate for every bank.  “Ultimately,” the Statement warns, “each bank is responsible for ensuring compliance with BSA requirements.  Sharing resources in no way relieves a bank of this responsibility.  Nothing in this [Statement] alters a bank’s existing legal and regulatory requirements.”  In other words, each bank in a collaborative arrangement is equally responsible for managing the quality of services performed under the arrangement.

Not surprisingly, the Statement counsels that any arrangement – i.e., contract – with a third party should be documented; set forth precisely-defined scope, rights and responsibilities; have a framework for protecting customer data and other confidential information; and set forth a framework for managing the risks of shared resources.  A bank also should provide periodic reports “as appropriate” to senior management and the board of directors regarding the functioning of the arrangement.  Banks and credit unions that wish to enter into a collaborative agreement should refer to existing guidance regarding third-party relationships, such as the OCC’s 2015 publication An Opportunity for Community Banks: Working Collaboratively Together, and remain cognizant of their obligations to maintain confidential information and screen conflicts of interests implicated by a collaborative arrangement with a competitor.

It is unclear how this Statement to share resources will be received and implemented over time.   It is relatively simple to declare in principle that AML resources may be shared, “as appropriate,” but effectively carrying out the details of such sharing may be difficult in practice.  Presumably community banks and credit unions will welcome this opportunity to reduce their AML/BSA compliance costs, but obviously will have to be thoughtful in implementing such arrangements.

(This blog post was also published in Ballard’s Money Laundering Watch, a blog focused on covering the latest trends and developments in enforcement, compliance, and policy involving money laundering, fraud, and other criminal activity.  Click here to subscribe to Money Laundering Watch.)

The FDIC has issued a request for information that seeks comment on how the FDIC can make its communications with insured depository institutions (IDIs) “more effective, streamlined, and clear.”  Concerned that the amount of information the FDIC provides to IDIs can create challenges for banks, particularly community banks, the FDIC is soliciting input “on how to maximize efficiency and minimize burden associated with obtaining information on FDIC laws, regulations, policies, and other materials relevant to RDIs.”  In addition to IDIs and other financial institutions and companies, the FDIC encourages comments from individual depositors and consumers, consumer groups, and other members of the financial services industry.

The RFI contains specific questions on which the FDIC seeks input that address three topics: efficiency, ease of access, and content.  Comments must be received by the FDIC by December 4, 2018.

 

The Federal Banking Agencies (“FBAs”) — collectively the Office of the Comptroller of the Currency (“OCC”); the Board of Governors of the Federal Reserve System (“Federal Reserve”); the Federal Deposit Insurance Corporation (“FDIC”); and the National Credit Union Administration (“NCUA”) — just issued with the concurrence of FinCEN an Order granting an exemption from the requirements of the customer identification program (“CIP”) rules imposed by the Bank Secrecy Act (“BSA”) under 31 U.S.C. § 5318(l) for certain premium finance loans. The Order applies to “banks” — as defined at 31 C.F.R. § 1010.100(d) — and their subsidiaries which are subject to the jurisdiction of the OCC, Federal Reserve, FDIC, or NCUA.

The Order generally describes the CIP rules of the BSA, which at a very high level require covered financial institutions to implement a CIP “that includes risk-based verification procedures that enable the [financial institution] to form a reasonable belief that it knows the true identify of its customers.” This process involves gathering identifying information and procedures for verifying the customer’s identity. Further observing that, under 31 C.F.R. § 1020.220(b), a FBA with the concurrence of the Secretary of the Treasury may exempt any bank or type of account from these CIP requirements, the Order proceeds to exempt loans extended by banks and their subsidiaries from the CIP requirements when issued to commercial customers (i.e., corporations, partnerships, sole proprietorships, and trusts) to facilitate the purchases of property and casualty insurance policies, otherwise known as premium finance loans or premium finance lending.

The key to the exemption — similar to other narrow exemptions previously issued by FinCEN in regards to the related beneficial ownership rule (as we have blogged, see here and here) — is that these transactions are perceived as presenting a “low risk of money laundering.” This finding is repeated throughout the Order, and is rooted in arguments made in letters submitted to FinCEN and the FBAs by a “consortium of banks.”

More specifically, the Order explains that premium finance loans present a low risk of money laundering, and therefore are exempt from the CIP rules, because of the following considerations and “structural characteristics,” raised either by the consortium of banks and/or the government itself:

  • The process for executing a premium finance loan is highly automated, because “most . . . loan volume is quoted and recorded electronically.”
  • These loans typically are submitted, approved and funded within the same business day and are conducted through insurance agents or brokers with no interaction between the bank and borrower — which means that this process renders it difficult for banks to gather CIP-related information efficiently.  These practical problems are exacerbated by the frequent reluctance of insurance brokers and agents — driven by data privacy concerns — to collect personal information.
  • Property and casualty insurance policies have no investment value.
  • Borrowers cannot use these accounts to purchase merchandise, deposit or withdraw cash, write checks or transfer funds.
  • FinCEN previously exempted financial institutions that finance insurance premiums from the general requirement to identify the beneficial owners of legal entity customers.
  • FinCEN previously exempted financial institutions that finance insurance premiums that allow for cash refunds from the beneficial ownership requirements.
  • FinCEN previously exempted commercial property and casualty insurance policies from the general BSA compliance program rule for insurance companies.
  • The exemption “is consistent with safe and sound banking.”

Although this exemption is narrow and somewhat technical, it represents yet another step in an apparent trend by FinCEN and the FBAs to ease the regulatory demands, albeit in a very targeted fashion, imposed under the BSA.  Clearly, the key argument to be made by other financial institutions seeking similar relief is that the particular kind of financial transaction at issue presents a “low risk of money laundering.”

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. To learn more about Ballard Spahr’s Anti-Money Laundering Team, please click here.

On this week’s podcast, Ballard Spahr attorneys Bo Ranney, Chris Willis, and Reid Herlihy discuss the significant takeaways from the CFPB’s new report—the first edition of Supervisory Highlights issued under Acting Director Mick Mulvaney. Mr. Ranney, former Examiner-in-Charge at the CFPB, and Mr. Willis, who chairs Ballard Spahr’s Consumer Financial Services Litigation Group, discuss the CFPB’s findings regarding debt collection, payday loans, automobile servicing, and small business lending. They also identify potential areas where the CFPB might focus in future examinations and offer recommendations for addressing the operational concerns raised by the report. Mr. Herlihy, a partner in Ballard Spahr’s Mortgage Banking Group, discusses the high-priority, mortgage-related topics identified in the Bureau’s report, lessons the mortgage industry can learn from the Bureau’s findings, and how the CFPB’s approach in this new report differs from its approach under prior leadership.

To listen and subscribe to the podcast, click here.

Last Wednesday the Federal Reserve published approved final amendments to Regulation CC (Availability of Funds and Collections of Checks) which update the liability provisions of Reg. CC to address the nearly-complete conversion of the nation’s check collection system from a paper to an electronic environment.

Historically, when banks disputed which party should be responsible for the liability arising from an unauthorized check, the risks were split in two.  The paying bank (the bank that would pay on a check associated with an account it held) was responsible for forged checks; it would have a signature specimen from its customers, and be able to examine the signature of a presented check against the specimen signature; it would also know if the entire check was forged, since it was the bank’s check.  If the signatures didn’t match, or the check wasn’t an original check from the paying bank, yet the paying bank paid and there was a subsequent loss by the customer, the paying bank would be responsible for that loss, because it was in the best place to detect the forgery.

The depositary bank (the bank holding the account where check funds would be deposited) was responsible for altered checks; it was deemed to be in the best place to determine whether, for example, the amount of the check had been changed from $100 to $10,000.  This division of risk is old, originally established in 18th Century English law (in the case of Price v. Neal, 97 Eng. Rep. 871 (1762)), and enshrined in the U.S. under UCC Articles 3-407 and 3-417.  It also assumes the presentment and receipt of paper checks.

Virtually all checks presented in 2018 within the US are not presented in paper form.  Instead, an image of the check is taken, the original check is destroyed, and the depositary bank presents this check image (a truncated check) to the paying bank.  Notwithstanding the dramatic increase in settlement speed and dramatic reduction in processing costs, electronic images of checks create a potential problem in the event of a bank dispute over whether a check has been forged or altered.  The original check is destroyed, making it impossible to examine the original check to determine whether the check was altered, or whether it was a forgery.  Regulation CC currently does not provide any presumptions as to whether a check is altered or forged.

The new amendment provides this guidance, adding a new presumption of liability for substitute and electronic checks.  If there is a dispute between the paying bank and the depositary bank as to whether a substitute or electronic check is an altered or a forgery (now described as “derived from an original check that was issued with an unauthorized signature of the drawer”), the presumption is that the substitute/electronic check contains an alteration.  This generally shifts liability on fraudulent checks to depositary banks; this presumption may be overcome if a preponderance of the evidence proves the substitute or electronic check does not contain an alternation, or that it was a forgery.  The presumption does not apply if there is an original check to examine.

It’s a reasonable allocation of risk; the depositary bank is receiving, imaging and destroying the check, and then presenting the image to the paying bank.  If there is a later dispute over the fraudulent nature of the check, then the party that destroyed the original check, and was in the best place to preserve the check as evidence, should bear the risk associated with evidentiary questions.

The amendment goes into effect January 1, 2019.

In what seems to be a response to the Government Accountability Office’s (“GAO”) determination that the Consumer Financial Protection Bureau’s indirect auto finance bulletin (the “Bulletin”) was a rule subject to the Congressional Review Act (“CRA”) and a rebuke to the Bureau’s prior approach of “rulemaking by enforcement,” the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, National Credit Union Administration, Office of the Comptroller of the Currency and the Bureau (collectively, the “agencies”) this week issued an Interagency Statement Clarifying the Role of Supervisory Guidance (the “Interagency Statement”). The Interagency Statement’s stated purpose is to “explain the role of supervisory guidance and to describe the agencies’ approach to supervisory guidance.”

The Interagency Statement begins by clarifying the agencies’ position as to the difference between supervisory guidance and laws or regulations and provides: “Unlike a law or regulation, supervisory guidance does not have the force and effect of law, and the agencies do not take enforcement actions based on supervisory guidance.” As set forth in its 2017 letter to Senator Patrick Toomey, a significant factor in the GAO’s determination that the Bulletin was a “rule” subject to the CRA was the Bureau’s use of the Bulletin to advise the public prospectively of the manner in which the Bureau proposed to exercise its discretionary enforcement power. The Interagency Statement clarifies that supervisory guidance is meant to outline supervisory expectations or priorities and articulate a general view regarding appropriate practices but should not serve as the basis for enforcement actions. And, while the agencies indicate that they may continue to seek public comment on supervisory guidance in order to improve their understanding of a given issue, any such guidance is not intended to be a regulation or have the force and effect of law.

The agencies state that they will aim to reduce the issuance of multiple supervisory guidance documents on the same topic and will seek to limit the use of numerical thresholds or other “bright-line” tests (numerical thresholds will generally be used as exemplars only). Finally, the Interagency Statement also provides that the agencies will limit examination and supervisory citations to violations of law, regulation or compliance with enforcement orders or other enforceable conditions and that their examiners will not criticize supervised financial institutions for a “violation” of supervisory guidance. Supervisory guidance may, however, be referenced as an example of safe and sound conduct in an examination finding.

What does this mean going forward? The Interagency Statement suggests that instead of issuing supervisory guidance to set forth expectations to be used as a “sword” if not followed by supervised entities, the agencies intend to use supervisory guidance to identify compliant practices. As a result, supervised entities may be better able to rely on supervisory guidance as a potential “safe-harbor” or “shield” from agency criticism when structuring their compliance programs. Additionally, existing supervisory guidance issued by the agencies such as supervision manuals and supervisory highlights and including the Bureau’s newly-released Summer 2018 edition of Supervisory Highlights should be viewed as helpful guidance, without precedential effect, in light of the Interagency Statement. Finally, Congress’ override of the Bulletin following the GAO’s determination that the Bulletin was a “rule” subject to the CRA may serve as a deterrent to any attempt by an agency to use its supervisory guidance in a way that is inconsistent with the Interagency Statement.

Webinar. On October 10, 2018, from 12 p.m. to 1 p.m. ET, Ballard Spahr attorneys will hold a webinar, “Key Takeaways from the CFPB’s Summer 2018 Supervisory Highlights” where the Interagency Statement will also be addressed. The webinar registration form is available here.

On September 12th, the Conference of State Bank Supervisors (CSBS) announced that it would again pursue litigation in opposition to the OCC’s recent decision to accept applications from non-depository financial technology firms for a special purpose national bank (SPNB) charter.

While it announced that its Board of Directors had approved renewing litigation against the OCC at an August 28 meeting, the CSBS did not indicate when it plans to file the lawsuit.  The lawsuit would represent the second time that the CSBS has pursued litigation challenging the OCC’s authority to issue a SPNB charter to fintech companies.  On April 30, 2018, a D.C. federal district court dismissed the first lawsuit filed by the CSBS challenging the OCC’s authority to grant SPNB charters on the grounds that the CSBS had failed to establish any injury in fact necessary for Article III standing and that the case was not ripe for judicial review.  In its initial filing, the CSBS argued that the OCC’s 2017 proposal to issue SBNB charters to fintech companies exceeded the authority granted to the OCC by Congress under the National Bank Act (NBA) and other federal banking laws to charter institutions that engage in the “business of banking.”  The CSBS argued that to engage in the “business of banking,” the NBA requires an institution, at a minimum, to receive deposits.

The New York Department of Financial Services (DFS) also previously filed a lawsuit challenging the OCC’s authority to issue SPNB charters.  That lawsuit, which was filed in a New York federal district court, was dismissed in December, 2017 on similar grounds.  While the DFS has not announced whether it will renew its litigation against the OCC, DFS Superintendent Maria Vullo stated in a July 31 press release that “DFS believes that this [OCC] endeavor, which is also wrongly supported by the Treasury Department, is clearly not authorized under the National Bank Act.  As DFS has noted since the OCC’s proposal, a national fintech charter will impose an entirely unjustified federal regulatory scheme on an already fully functional and deeply rooted state regulatory landscape.”

We recently blogged about the announcement by Varo Bank, N.A., a fintech bank, that it had received preliminary approval from the OCC of its application for a full-service national bank charter.  We do not expect the CSBS or the DFS to challenge the preliminary approval since there would not appear to be any basis to challenge the OCC’s authority to issue a full-service national bank charter to Varo assuming it satisfies the standard conditions for obtaining such a charter.

In July 2018, in Collins v. Mnuchin, a Fifth Circuit panel found that the Federal Housing Finance Agency (FHFA) is unconstitutionally structured because it is excessively insulated from Executive Branch oversight.  It determined that the appropriate remedy for the constitutional violation was to sever the provision of the Housing and Economic Recovery Act of 2008 (HERA) that only allows the President to remove the FHFA Director “for cause” while “leav[ing] intact the remainder of HERA and the FHFA’s past actions.”

Both the plaintiffs and the FHFA have filed petitions for rehearing en banc.  The plaintiffs, shareholders of two of the housing government services enterprises (GSEs), sought to invalidate an amendment to a preferred stock agreement between the Treasury Department and the FHFA as conservator for the GSEs.  Their petition for rehearing en banc seeks reconsideration of the panel’s rulings that the FHFA acted within its statutory authority in entering into the agreement and that the FHFA’s unconstitutional structure did not impact the agreement’s validity.

The FHFA’s petition for rehearing en banc seeks reconsideration of the Fifth Circuit’s ruling that the FHFA’s structure is unconstitutional.  It argues that the plaintiffs did not have Article III standing to bring a separation of powers challenge and that the Fifth Circuit’s constitutionality ruling conflicts with U.S. Supreme Court precedent and the D.C. Circuit’s en banc PHH decision.

The issue of the CFPB’s constitutionality is currently before the Fifth Circuit in the interlocutory appeal of All American Check Cashing from the district court’s ruling upholding the CFPB’s constitutionality.  As we have observed, the Fifth Circuit’s decision in Collins could influence how another Fifth Circuit panel might approach the CFPB’s constitutionality.  Indeed, in its Unopposed Petition for Initial Hearing En Banc asking the Fifth Circuit to hear its interlocutory appeal en banc as an initial matter, All American Check Cashing argues that hearing its appeal through the normal panel process “could be a waste [of] judicial resources, especially if this Court votes to rehear Collins en banc.”  It also argues that initial consideration of its appeal en banc “would eliminate any possibility of intra-circuit inconsistency and guarantee that the Fifth Circuit speaks with one voice regarding the constitutionality of [the FHFA’s and the CFPB’s] structures.”

 

Having lost the battle to prohibit class action waivers in consumer arbitration agreements, consumer advocates have embarked on a new crusade.  Their new crusade is a misguided attempt to persuade the Securities and Exchange Commission (SEC) not to approve initial public offerings by companies whose corporate charters or bylaws require individual arbitration of shareholder disputes. They also argue that the amendment of existing charters or bylaws to add an individual arbitration requirement should not be permitted.

In a letter dated August 21, 2018, to SEC Chairman Jay Clayton, a coalition of 133 public advocacy groups called “Secure Our Savings” (SOS)—spearheaded by Paul Bland, Executive Director of Public Justice, a national nonprofit legal advocacy organization—argued that forcing allegedly defrauded shareholders to arbitrate their claims individually would eliminate the deterrent effect of class action shareholder lawsuits and the opportunity for investors to recover their losses.  According to the letter, “the issues in a typical case of financial fraud are too complex, and the costs of discovery and expert testimony are too high, for these claims to be dealt with effectively through individual arbitration.”

Moreover, the letter states, private securities class actions “serve as an essential supplement to Commission action.”  At the same time, the Consumer Federation of America, one of the signatories to the SEC letter, issued a report arguing that mandatory shareholder arbitration is against the law and the public interest.

If these arguments sound familiar, it is because they are recycled from the efforts of Public Justice and many of the other SOS participants to persuade the CFPB to prohibit class action waivers in consumer arbitration agreements.  Although the CFPB issued a final rule in July 2017 containing such a prohibition, Congress repealed the rule under the Congressional Review Act in October 2017—before the rule’s effective date.

As explained more fully in our legal alert, consumer advocates are likely to fail in this initiative because the securities laws are preempted by the Federal Arbitration Act and the underlying policy arguments made by consumer advocates are flawed.  Based on the legal authority we discuss, the SEC would have a solid legal and policy basis for permitting arbitration provisions with class action waivers to be used in corporate charters or bylaws.