The CFPB and the federal banking agencies—the FDIC, Fed, and OCC— remain open during the government shutdown as their funding does not come from congressional appropriations.  However, the shutdown has resulted in the closing of the FTC.

Also closed during the shutdown are many HUD operations and activities.  Certain lending-related operations will continue during the shutdown such as the endorsement of FHA-insured loans (with the exception of Home Equity Conversion Mortgages and Title I loans) and Ginnie Mae will continue to operate.  Other federal lending programs impacted by the shutdown include those administered by the Small Business Administration which is closed during the shutdown.

 

 

 

Attorneys for defendants, U.S. Comptroller and the Office of the Comptroller of the Currency (together “the OCC”), in the pending Southern District of New York lawsuit, Vullo v. OCC, submitted a letter to the court announcing their intent to move to dismiss the complaint brought by New York’s Superintendent of the Department of Financial Services (“DFS”). This is the second lawsuit brought by Superintendent Vullo against the OCC and mirrors the litigation being pursued by the Conference of State Bank Supervisors (CSBS) in the District of Columbia. DFS’s lawsuit alleges that the OCC’s decision to accept applications for “Special Purpose National Bank Charters” (or “fintech charters”) from non-fiduciary institutions that do not accept deposits exceeds the OCC’s authority under the National Banking Act (“NBA”) and would violate the Tenth Amendment by removing such institutions from state regulatory oversight. The first lawsuit, Vullo v. OCC et al. (“Vullo I”), was dismissed without prejudice last December when Southern District of New York Judge Buchwald ruled that DFS lacked standing to assert its claims, which were unripe for judicial determination.

In its letter, the OCC announced its intention to file a motion to dismiss the latest DFS complaint on substantially identical grounds to those it advanced in Vullo I. The OCC intends to argue that: (1) DFS lacks sanding to bring these claims as it has not suffered an injury in fact; (2) the OCC interpretation of the ambiguous term “business of banking” in the NBA is reasonable, and the OCC therefore has authority under the NBA to issue fintech charters; (3) DFS’s challenge is barred by the applicable statute of limitations; and (4) the OCC’s decision to issue fintech charters would not violate the Tenth Amendment because of the Supremacy Clause and the authority granted to the OCC by the NBA. While DFS had tried to cure its standing issues in the most recent complaint by emphasizing the OCC’s decision to issue fintech charters was the “agency’s final decision,” the OCC has signaled in its letter that it believes the DFS complaint remains premature. The OCC’s letter emphasizes that while “it will accept applications for fintech charters, [the agency] has not actually received any such applications, let alone granted one.” Accordingly, the OCC will argue that any harm DFS describes in its complaint or in its response to the motion to dismiss remains “future-oriented and speculative.”

DFS filed its own letter in response, announcing not only DFS’s strategy for overcoming the OCC’s anticipated motion to dismiss, but also its intent to file a motion for preliminary injunction in order to prevent the OCC from issuing any fintech charters while the lawsuit is pending. DFS focused on the reasoning of Judge Buchwald’s Vullo I opinion and highlighted several subsequent changes to the regulatory landscape that should change the result. In particular, DFS noted that at the time Judge Buchwald found DFS’s claims unripe: (1) the OCC had not yet announced its intent to accept applications from non-depository institutions; (2) the relevant supplement to the OCC licensing manual was still in “draft” form; and (3) the Comptroller at the time was a nominee who had made no public statements regarding whether to offer charters to non-depository institutions. In contrast, presently the OCC has announced that it is accepting fintech charter applications, the manual detailing procedures for the process has been finalized, and the then-nominee-now-Comptroller has made several public statements regarding the OCC’s intent to issue fintech charters. DFS will argue that, based on these changes to the facts underpinning Judge Buchwald’s determination, DFS now has standing to make its claims against the OCC.

DFS also strongly implied that the OCC had been less-than-forthright with the court in its letter when the OCC stated that DFS lacked standing (in part) because the OCC had not actually received, much less granted, any applications for fintech charters. DFS cited to reports that the OCC has already singled-out the first entity to receive a fintech charter, and characterized the OCC’s representation to the Court that no fintech charters were currently being considered as “brutishly inconsistent” and duplicitous.

Regarding the merits of the claims (on which DFS will have to prove a substantial likelihood of success if it does indeed seek a preliminary injunction), DFS signaled in its letter that it intends to focus primarily on the history of the NBA, the OCC’s traditional deference to congressional authority when regulating non-depository institutions, and the degree to which the OCC’s actions in the realm of offering fintech charters has no precedent. In emphasizing the need for a preliminary injunction, DFS characterized the OCC’s “unprecedented issuance” of fintech charters as “destructive to New York and New Yorkers” insofar as it would preempt state laws that “powerfully protect” consumers from the industry’s “well-known abuses.”

The OCC anticipates filing its motion to dismiss in early December, though the court has neither ruled on the parties’ jointly proposed briefing schedule, nor DFS’s request for a pre-motion conference or briefing schedule on the motion for preliminary injunction.

While the OCC’s position that the DFS lawsuit is not yet ripe for adjudication because the OCC has not yet approved a fintech charter may have some merit, it is important to the industry that the legal question of the OCC’s authority to issue such a charter get resolved expeditiously. Until that happens, there is likely to be limited interest on the part of the industry in pursuing such a charter.

On November 20, the Federal Reserve Board (FRB) and CFPB jointly proposed amendments to Reg. CC, which implements the Expedited Funds Availability Act (EFA Act), and also reopened for public comment various amendments that the FRB had proposed in March of 2011. This new proposal is in addition to the amendments to Reg. CC’s liability provisions that the FRB approved in September, which involved provisions that remain within the FRB’s sole rulemaking authority. In contrast, this more recent proposal relates to EFA Act sections for which the FRB and CFPB have joint rulemaking authority.

First, the FRB/CFPB Reg. CC proposal sets forth a methodology for adjusting a variety of dollar amounts in the EFA Act every five years by the aggregate annual percentage increase in the Consumer Price Index for Wage Earners and Clerical Workers rounded to the nearest multiple of $25. This would implement a statutory requirement under the EFA Act, which was introduced by section 1086(f) of the Dodd-Frank Act, and the proposed effective dates are April 1, 2020 for the first set of adjustments, April 1, 2025 for the next set, and then April 1 every fifth year thereafter. The change would affect various dollar amounts, including the minimum amount of deposited funds that banks must make available for withdrawal by opening of business on the next day, the amount of funds deposited by certain checks in a new account that are subject to next-day availability, and the civil liability amounts for failing to comply with the EFA Act, among others.

Second, the proposal seeks to implement the Economic Growth, Regulatory Relief, and Consumer Protection Act (EGRRCPA) amendments to the EFA Act, which include extending coverage to American Samoa, the Commonwealth of the Northern Mariana Islands, and Guam. The EGRRCPA amendments subject banks in these jurisdictions to the EFA Act’s requirements related to funds availability, payment of interest, and disclosures. Among other things, the proposed amendments would treat each of these jurisdictions as “states” for purposes of Reg. CC.

Finally, the proposed amendments would make various other technical changes to Reg. CC, including a clarification in the regulation that the FRB and CFPB have joint rulemaking authority under certain provisions of the EFA Act.

As noted above, the FRB and CFPB are also reopening for public comment amendments that that the FRB proposed in 2011. That proposal included changes aimed at encouraging banks to clear and return checks electronically, new provisions governing electronic items cleared through the check-collection system, a shorter safe harbor period for exception holds on deposited funds, and new model disclosure forms. Last week’s announcement states that “there may have been important changes in markets, technology, or industry practice since the public submitted comments seven years ago in response to the Board’s 2011 Funds Availability Proposal,” and notes that now the FRB and CFPB have “assumed joint rulemaking authority with respect to some of those proposed amendments.” Previously submitted comments will remain part of the rulemaking docket.

While most websites of businesses, including banks and financial services providers, should be accessible to individuals with disabilities, questions exist as to how this requirement is enforced.  On September 25, 2018, the U.S. Department of Justice issued a letter to a member of the U.S. House of Representatives in which it took the position that “noncompliance with a voluntary technical standard for website accessibility does not necessarily indicate noncompliance with the ADA.”  The DOJ’s position, significantly, does not require conformance with the voluntary Web Content Accessibility Guidelines (WCAG) 2.0 to comply with the ADA in all instances.  The DOJ expressly allows for flexibility in how individuals with disabilities are provided access to digital and online content, but does not provide guidance in the implementation of such flexibility.

The DOJ’s letter responds to a June 2018 inquiry from House members of both parties that asked the DOJ to “state publicly that private legal action under the ADA with respect to websites is unfair and violates basic due process principles” absent clear guidance from the DOJ on website accessibility.  In its response, the DOJ noted that for more than 20 years, the DOJ has interpreted the ADA to apply to websites of places of public accommodation.  The DOJ’s response also clarified that the absence of a specific regulation does not mean that websites are not subject to the ADA’s accessibility requirements.  The DOJ indicated in its letter a willingness to work with Congress on legislative action to address the increased website accessibility litigation risk faced by businesses.

The flexible approach to website accessibility expressed by the DOJ may provide businesses with the ability to take the position that the ADA does not necessarily require conformance with the WCAG and that businesses may have the flexibility to provide substantially equivalent access to online information through means other than meeting the WCAG criteria.

Five U.S. regulatory agencies—the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, the Office of the Comptroller of the Currency, and the U.S. Department of Treasury’s Financial Crimes Enforcement Network (“FinCEN”)—released on October 3, 2018 an Interagency Statement on Sharing Bank Secrecy Act Resources (“Statement”).  This guidance addresses instances in which certain banks and credit unions can enter into “collaborative arrangements” to share resources to manage their Bank Secrecy Act (“BSA”) and anti-money laundering (“AML”) obligations more efficiently and more effectively.

The Statement contemplates banks sharing resources such as internal controls, independent testing, and AML/BSA training (but does not apply to collaborative arrangements formed for information sharing among financial institutions under Section 314(b) of the U.S. Patriot Act.)  Such resource sharing contemplates reducing costs and increasing efficiencies in the ways banks manage their BSA and AML obligations.  The Statement clearly is addressed primarily to community banks, for which the costs of AML/BSA compliance can be significant, and which presumably engage in “less complex operations [and have] lower risk profiles for money laundering or terrorist financing.”  The Statement potentially represents another step in an ongoing AML reform process, which increasingly acknowledges the costs of AML compliance to industry.

The term “collaborative arrangement” is defined by the Statement as two or more banks with the objective of participating in a common activity or pooling resources to achieve a common goal.  Such resources include human and technological resources, and goals include reducing costs, increasing operational efficiencies, and leveraging specialized expertise.  The Statement elaborates on three, non-exhaustive examples of appropriate resources to share.

First, the Statement suggests that banks can jointly conduct internal control functions, including the drafting and updating of BSA/AML policies and procedures, developing risk-based customer identification and account monitoring processes, and tailoring monitoring systems and related reports regarding the risks.

Second, the Statement suggests that banks can share independent compliance testing personnel: “[t]he shared resource may, for example, be utilized in the scoping, planning, and performance of the BSA/AML compliance program independent test with appropriate safeguards in place to ensure the confidentiality of sensitive business information.”  Further, any shared resource must be qualified and not involved in other AML/BSA functions at the bank being reviewed.

Third, the Statement suggests that banks may share the cost of BSA/AML training personnel, particularly because it may be “challenging” and/or “cost prohibitive” in “some communities” to attract a qualified BSA/AML trainer.

The Statement suggests that the sharing of a BSA/AML officer is possible but could be problematic, given the confidential nature of SAR reporting and potential challenges posed to effective communication between the officer and each bank’s board of directors and senior management.  The clear import of the Statement is that such arrangements should be struck only with great care.

The Statement also generally observes the risks involved in a collaborative arrangement, and suggests that such an arrangement is not appropriate for every bank.  “Ultimately,” the Statement warns, “each bank is responsible for ensuring compliance with BSA requirements.  Sharing resources in no way relieves a bank of this responsibility.  Nothing in this [Statement] alters a bank’s existing legal and regulatory requirements.”  In other words, each bank in a collaborative arrangement is equally responsible for managing the quality of services performed under the arrangement.

Not surprisingly, the Statement counsels that any arrangement – i.e., contract – with a third party should be documented; set forth precisely-defined scope, rights and responsibilities; have a framework for protecting customer data and other confidential information; and set forth a framework for managing the risks of shared resources.  A bank also should provide periodic reports “as appropriate” to senior management and the board of directors regarding the functioning of the arrangement.  Banks and credit unions that wish to enter into a collaborative agreement should refer to existing guidance regarding third-party relationships, such as the OCC’s 2015 publication An Opportunity for Community Banks: Working Collaboratively Together, and remain cognizant of their obligations to maintain confidential information and screen conflicts of interests implicated by a collaborative arrangement with a competitor.

It is unclear how this Statement to share resources will be received and implemented over time.   It is relatively simple to declare in principle that AML resources may be shared, “as appropriate,” but effectively carrying out the details of such sharing may be difficult in practice.  Presumably community banks and credit unions will welcome this opportunity to reduce their AML/BSA compliance costs, but obviously will have to be thoughtful in implementing such arrangements.

(This blog post was also published in Ballard’s Money Laundering Watch, a blog focused on covering the latest trends and developments in enforcement, compliance, and policy involving money laundering, fraud, and other criminal activity.  Click here to subscribe to Money Laundering Watch.)

The FDIC has issued a request for information that seeks comment on how the FDIC can make its communications with insured depository institutions (IDIs) “more effective, streamlined, and clear.”  Concerned that the amount of information the FDIC provides to IDIs can create challenges for banks, particularly community banks, the FDIC is soliciting input “on how to maximize efficiency and minimize burden associated with obtaining information on FDIC laws, regulations, policies, and other materials relevant to RDIs.”  In addition to IDIs and other financial institutions and companies, the FDIC encourages comments from individual depositors and consumers, consumer groups, and other members of the financial services industry.

The RFI contains specific questions on which the FDIC seeks input that address three topics: efficiency, ease of access, and content.  Comments must be received by the FDIC by December 4, 2018.

 

The Federal Banking Agencies (“FBAs”) — collectively the Office of the Comptroller of the Currency (“OCC”); the Board of Governors of the Federal Reserve System (“Federal Reserve”); the Federal Deposit Insurance Corporation (“FDIC”); and the National Credit Union Administration (“NCUA”) — just issued with the concurrence of FinCEN an Order granting an exemption from the requirements of the customer identification program (“CIP”) rules imposed by the Bank Secrecy Act (“BSA”) under 31 U.S.C. § 5318(l) for certain premium finance loans. The Order applies to “banks” — as defined at 31 C.F.R. § 1010.100(d) — and their subsidiaries which are subject to the jurisdiction of the OCC, Federal Reserve, FDIC, or NCUA.

The Order generally describes the CIP rules of the BSA, which at a very high level require covered financial institutions to implement a CIP “that includes risk-based verification procedures that enable the [financial institution] to form a reasonable belief that it knows the true identify of its customers.” This process involves gathering identifying information and procedures for verifying the customer’s identity. Further observing that, under 31 C.F.R. § 1020.220(b), a FBA with the concurrence of the Secretary of the Treasury may exempt any bank or type of account from these CIP requirements, the Order proceeds to exempt loans extended by banks and their subsidiaries from the CIP requirements when issued to commercial customers (i.e., corporations, partnerships, sole proprietorships, and trusts) to facilitate the purchases of property and casualty insurance policies, otherwise known as premium finance loans or premium finance lending.

The key to the exemption — similar to other narrow exemptions previously issued by FinCEN in regards to the related beneficial ownership rule (as we have blogged, see here and here) — is that these transactions are perceived as presenting a “low risk of money laundering.” This finding is repeated throughout the Order, and is rooted in arguments made in letters submitted to FinCEN and the FBAs by a “consortium of banks.”

More specifically, the Order explains that premium finance loans present a low risk of money laundering, and therefore are exempt from the CIP rules, because of the following considerations and “structural characteristics,” raised either by the consortium of banks and/or the government itself:

  • The process for executing a premium finance loan is highly automated, because “most . . . loan volume is quoted and recorded electronically.”
  • These loans typically are submitted, approved and funded within the same business day and are conducted through insurance agents or brokers with no interaction between the bank and borrower — which means that this process renders it difficult for banks to gather CIP-related information efficiently.  These practical problems are exacerbated by the frequent reluctance of insurance brokers and agents — driven by data privacy concerns — to collect personal information.
  • Property and casualty insurance policies have no investment value.
  • Borrowers cannot use these accounts to purchase merchandise, deposit or withdraw cash, write checks or transfer funds.
  • FinCEN previously exempted financial institutions that finance insurance premiums from the general requirement to identify the beneficial owners of legal entity customers.
  • FinCEN previously exempted financial institutions that finance insurance premiums that allow for cash refunds from the beneficial ownership requirements.
  • FinCEN previously exempted commercial property and casualty insurance policies from the general BSA compliance program rule for insurance companies.
  • The exemption “is consistent with safe and sound banking.”

Although this exemption is narrow and somewhat technical, it represents yet another step in an apparent trend by FinCEN and the FBAs to ease the regulatory demands, albeit in a very targeted fashion, imposed under the BSA.  Clearly, the key argument to be made by other financial institutions seeking similar relief is that the particular kind of financial transaction at issue presents a “low risk of money laundering.”

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. To learn more about Ballard Spahr’s Anti-Money Laundering Team, please click here.

On this week’s podcast, Ballard Spahr attorneys Bo Ranney, Chris Willis, and Reid Herlihy discuss the significant takeaways from the CFPB’s new report—the first edition of Supervisory Highlights issued under Acting Director Mick Mulvaney. Mr. Ranney, former Examiner-in-Charge at the CFPB, and Mr. Willis, who chairs Ballard Spahr’s Consumer Financial Services Litigation Group, discuss the CFPB’s findings regarding debt collection, payday loans, automobile servicing, and small business lending. They also identify potential areas where the CFPB might focus in future examinations and offer recommendations for addressing the operational concerns raised by the report. Mr. Herlihy, a partner in Ballard Spahr’s Mortgage Banking Group, discusses the high-priority, mortgage-related topics identified in the Bureau’s report, lessons the mortgage industry can learn from the Bureau’s findings, and how the CFPB’s approach in this new report differs from its approach under prior leadership.

To listen and subscribe to the podcast, click here.

Last Wednesday the Federal Reserve published approved final amendments to Regulation CC (Availability of Funds and Collections of Checks) which update the liability provisions of Reg. CC to address the nearly-complete conversion of the nation’s check collection system from a paper to an electronic environment.

Historically, when banks disputed which party should be responsible for the liability arising from an unauthorized check, the risks were split in two.  The paying bank (the bank that would pay on a check associated with an account it held) was responsible for forged checks; it would have a signature specimen from its customers, and be able to examine the signature of a presented check against the specimen signature; it would also know if the entire check was forged, since it was the bank’s check.  If the signatures didn’t match, or the check wasn’t an original check from the paying bank, yet the paying bank paid and there was a subsequent loss by the customer, the paying bank would be responsible for that loss, because it was in the best place to detect the forgery.

The depositary bank (the bank holding the account where check funds would be deposited) was responsible for altered checks; it was deemed to be in the best place to determine whether, for example, the amount of the check had been changed from $100 to $10,000.  This division of risk is old, originally established in 18th Century English law (in the case of Price v. Neal, 97 Eng. Rep. 871 (1762)), and enshrined in the U.S. under UCC Articles 3-407 and 3-417.  It also assumes the presentment and receipt of paper checks.

Virtually all checks presented in 2018 within the US are not presented in paper form.  Instead, an image of the check is taken, the original check is destroyed, and the depositary bank presents this check image (a truncated check) to the paying bank.  Notwithstanding the dramatic increase in settlement speed and dramatic reduction in processing costs, electronic images of checks create a potential problem in the event of a bank dispute over whether a check has been forged or altered.  The original check is destroyed, making it impossible to examine the original check to determine whether the check was altered, or whether it was a forgery.  Regulation CC currently does not provide any presumptions as to whether a check is altered or forged.

The new amendment provides this guidance, adding a new presumption of liability for substitute and electronic checks.  If there is a dispute between the paying bank and the depositary bank as to whether a substitute or electronic check is an altered or a forgery (now described as “derived from an original check that was issued with an unauthorized signature of the drawer”), the presumption is that the substitute/electronic check contains an alteration.  This generally shifts liability on fraudulent checks to depositary banks; this presumption may be overcome if a preponderance of the evidence proves the substitute or electronic check does not contain an alternation, or that it was a forgery.  The presumption does not apply if there is an original check to examine.

It’s a reasonable allocation of risk; the depositary bank is receiving, imaging and destroying the check, and then presenting the image to the paying bank.  If there is a later dispute over the fraudulent nature of the check, then the party that destroyed the original check, and was in the best place to preserve the check as evidence, should bear the risk associated with evidentiary questions.

The amendment goes into effect January 1, 2019.

In what seems to be a response to the Government Accountability Office’s (“GAO”) determination that the Consumer Financial Protection Bureau’s indirect auto finance bulletin (the “Bulletin”) was a rule subject to the Congressional Review Act (“CRA”) and a rebuke to the Bureau’s prior approach of “rulemaking by enforcement,” the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, National Credit Union Administration, Office of the Comptroller of the Currency and the Bureau (collectively, the “agencies”) this week issued an Interagency Statement Clarifying the Role of Supervisory Guidance (the “Interagency Statement”). The Interagency Statement’s stated purpose is to “explain the role of supervisory guidance and to describe the agencies’ approach to supervisory guidance.”

The Interagency Statement begins by clarifying the agencies’ position as to the difference between supervisory guidance and laws or regulations and provides: “Unlike a law or regulation, supervisory guidance does not have the force and effect of law, and the agencies do not take enforcement actions based on supervisory guidance.” As set forth in its 2017 letter to Senator Patrick Toomey, a significant factor in the GAO’s determination that the Bulletin was a “rule” subject to the CRA was the Bureau’s use of the Bulletin to advise the public prospectively of the manner in which the Bureau proposed to exercise its discretionary enforcement power. The Interagency Statement clarifies that supervisory guidance is meant to outline supervisory expectations or priorities and articulate a general view regarding appropriate practices but should not serve as the basis for enforcement actions. And, while the agencies indicate that they may continue to seek public comment on supervisory guidance in order to improve their understanding of a given issue, any such guidance is not intended to be a regulation or have the force and effect of law.

The agencies state that they will aim to reduce the issuance of multiple supervisory guidance documents on the same topic and will seek to limit the use of numerical thresholds or other “bright-line” tests (numerical thresholds will generally be used as exemplars only). Finally, the Interagency Statement also provides that the agencies will limit examination and supervisory citations to violations of law, regulation or compliance with enforcement orders or other enforceable conditions and that their examiners will not criticize supervised financial institutions for a “violation” of supervisory guidance. Supervisory guidance may, however, be referenced as an example of safe and sound conduct in an examination finding.

What does this mean going forward? The Interagency Statement suggests that instead of issuing supervisory guidance to set forth expectations to be used as a “sword” if not followed by supervised entities, the agencies intend to use supervisory guidance to identify compliant practices. As a result, supervised entities may be better able to rely on supervisory guidance as a potential “safe-harbor” or “shield” from agency criticism when structuring their compliance programs. Additionally, existing supervisory guidance issued by the agencies such as supervision manuals and supervisory highlights and including the Bureau’s newly-released Summer 2018 edition of Supervisory Highlights should be viewed as helpful guidance, without precedential effect, in light of the Interagency Statement. Finally, Congress’ override of the Bulletin following the GAO’s determination that the Bulletin was a “rule” subject to the CRA may serve as a deterrent to any attempt by an agency to use its supervisory guidance in a way that is inconsistent with the Interagency Statement.

Webinar. On October 10, 2018, from 12 p.m. to 1 p.m. ET, Ballard Spahr attorneys will hold a webinar, “Key Takeaways from the CFPB’s Summer 2018 Supervisory Highlights” where the Interagency Statement will also be addressed. The webinar registration form is available here.