Bank Regulatory News and Trends
This regular publication from DLA Piper focuses on helping banking and financial services clients navigate the ever-changing federal and state regulatory landscape.
In this edition:
- FinCEN releases proposed rule on beneficial ownership access.
- OCC releases bank supervision operating plan.
- OCC announces new fintech office.
- FDIC proposes rule on signage and advertising requirements.
- Arizona Attorney General opinion on earned wage access.
- OCC warns banks on cyber, crypto, climate and other risks.
- OCC issues bulletin on expectations for protecting non-public information.
- Senate confirms FDIC nominees.
- Laws in three states regarding commercial financing providers take effect, with a fourth state pending.
- CFPB asks Supreme Court to rule on constitutionality of its funding, as AGs from red and blue states weigh in – for differing reasons.
- Goolsbee takes the helm at the Chicago Fed.
FinCEN releases proposed rule on beneficial ownership access. The Financial Crimes Enforcement Network (FinCEN) on December 15 issued a Notice of Proposed Rulemaking that would establish the standards for financial institutions and government entities to access beneficial ownership information (BOI) reported to FinCEN. The proposed rule, the second of three steps in creating a national registry of beneficial ownership information, would implement the BOI access and safeguard provisions of the Corporate Transparency Act (CTA), which became law two years ago. The regulations would establish who may request BOI that will be reported to FinCEN beginning in 2024, who may receive it, how recipients may use the information, how they must secure it and the penalties for failing to follow applicable requirements. FinCEN’s proposed rulemaking also discusses aspects of the secure, non-public information technology system that FinCEN is building to store BOI and manage disclosures. It also proposes rules specifying when and how reporting companies may report FinCEN identifiers tied to entities.
Authorized recipients would fall under five general categories, each subject to unique requirements, restrictions and penalties for improper disclosures:
- US federal, state, local and tribal government agencies requesting BOI for specified purposes
- Foreign law enforcement agencies, judges, prosecutors, central authorities and competent authorities
- Financial institutions using BOI to facilitate compliance with customer due diligence (CDD) requirements under applicable law
- Federal regulatory agencies acting in a supervisory capacity assessing financial institution for compliance with CDD requirements and
- The US Department of the Treasury itself.
The first rulemaking under the CTA was the BOI Reporting Rule finalized on September 30, 2022, discussed in greater detail in this DLA Piper publication on FinCEN’s rulemaking under the CTA. The third rulemaking in the trio will revise FinCEN’s CDD rule no later than one year after the effective date of the BOI Reporting Rule, on January 1, 2024.
- Written comments on the proposed rule may be submitted on or before February 14.
OCC releases bank supervision operating plan. The Office of the Comptroller of the Currency (OCC) on October 6 released its fiscal year 2023 operating plan. The OCC’s Committee on Bank Supervision provides an annual overview of its supervision priorities and objectives for the national banks, federal savings associations, federal branches, federal agencies and technology service providers that it oversees. The plan for FY 2023, which began October 1 and runs through September 20, 2023, aligns with the OCC’s Strategic Plan, Fiscal Years 2023–2027, which was announced in September, and the National Risk Committee’s priorities, most recently updated in its Semiannual Risk Assessment released in June.
The operating plan provides guidance for the OCC’s supervisory managers and staff in implementing the agency’s goals, strategies and priorities. Key areas of heightened focus for FY 2023 include:
- Strategic and operational planning
- Operational resiliency
- Third parties and related concentrations
- Credit risk management
- Allowances for credit losses
- Interest rate risk
- Liquidity risk management
- Consumer compliance
- Bank Secrecy Act
- Fair lending
- Community Reinvestment Act
- New products and services, including payments and digital assets
- Climate-related financial risks
OCC announces new fintech office. Seeking to adapt to a rapidly changing banking landscape, the OCC is planning to establish an Office of Financial Technology in the new year. In its October 27 announcement, the agency said the new fintech office will build on and incorporate the Office of Innovation, which the OCC established in 2016 to coordinate agency efforts to support responsible financial innovation. The office will be led a by a Chief Financial Technology Officer, who will be a Deputy Comptroller reporting to the Senior Deputy Comptroller for Bank Supervision Policy, the director of the OCC’s fintech oversight activities. “Financial technology is changing rapidly and bank-fintech partnerships are likely to continue growing in number and complexity,” said Acting Comptroller of the Currency Michael J. Hsu, adding, “The establishment of this office will enable us to be more agile and to promote responsible innovation, consistent with our mission.” Hsu warned in a September 7 speech at The Clearing House and Bank Policy Institute’s annual conference that the rise of fintech services and digital banking could spur financial risks and potentially a crisis over the long term.
FDIC proposes rule on signage and advertising requirements. The Federal Deposit Insurance Corporation at its December 13 meeting approved a notice of proposed rulemaking to modernize and amend the rules “governing use of the official FDIC sign and insured depository institutions’ (IDIs’) advertising statements to reflect how depositors do business with IDIs today, including through digital and mobile channels.” The proposal, which applies to all FDIC-insured institutions, would amend part 328 of the agency’s regulations to clarify rules regarding misrepresentations of deposit insurance coverage. It also prevents entities that are not insured depository institutions from misrepresenting their status or creating confusion as to FDIC coverage. The proposed rule addresses specific scenarios where consumers may be misled as to whether they are doing business with an insured depository institution and whether their funds are protected by deposit insurance. FDIC-associated terms or images would not be permitted to be used in marketing and advertising materials to imply or represent that any uninsured financial product is insured or guaranteed by the FDIC.
The rulemaking is intended to extend the certainty and confidence provided by the FDIC sign that has been posted at traditional branch teller windows for nearly 90 years “to the evolving digital channels through which depositors are increasingly handling their banking needs today.”
Institutions are also reminded to use signs and disclosures that differentiate insured deposits from non-deposit products across banking channels and provide disclosures to consumers alerting them to when certain financial products are not insured by the FDIC, are not considered deposits and may lose value. Insured depository institutions would be provided with additional flexibility for satisfying official sign and advertising statement requirements, including permitting the use of electronic media to satisfy sign display requirements. The FDIC last made major amendments to the official sign and advertising statement rules in 2006.
Arizona Attorney General opinion on earned wage access. On December 18, Arizona Attorney General Mark Brnovich published an opinion concerning whether earned wage access (as described) is a consumer loan under state law. The Attorney General concluded the earned wage access product is not a loan, driven primarily by the facts that the product described had (i) no recourse to the employee for nonpayment and (ii) no interest, though it did allow for the provider to charge employees some fees.
Unlike some state laws, the decision in Arizona does not require employer integration for the product to not be a loan, meaning the employee can enroll directly with the earned wage access provider. The provider can be repaid through an employer’s payroll distribution or by debiting the employee’s bank account. Further, an earned wage access provider can “receive revenue through services ancillary to providing an EWA product, such as a fee to expedite access to earned wages and voluntary tipping/gratuity “without converting the earned wage access product into a ‘loan.’”
OCC warns banks on cyber, crypto, climate and other risks. The OCC is urging financial institutions to be vigilant in the face of significant risks facing the federal banking system, including cyberattacks during a time of heightened geopolitical tensions. In its Semiannual Risk Perspective, released December 8 and covering the first half of the year, the OCC says banks face elevated operational and compliance risks as they function in in an increasingly complex environment, with expanded use of innovative technology for product and service delivery, imposition of sanctions related to Russia’s invasion of Ukraine and other international sanctions regimes, and adjustments to work environments. The agency notes that banks are continuing to adjust their products and services in response to the pandemic and industry changes, while expanding their partnerships with third parties, such as fintech firms, creating new due diligence challenges. Of particular concern for the OCC, cyber threats continue to evolve, targeting the financial services industry with ransomware and other attacks. An entire section of the report is devoted to the emerging risks posed by crypto-assets, including high volatility, high-risk lending and leverage within crypto-asset markets, a high degree of inter-connectedness and concentration within the crypto industry, and a lack of consistent or comprehensive regulation. The report also discusses banks’ efforts to integrate climate-related financial risks into their risk management frameworks. The OCC announced in September the appointment of Dr. Yue (Nina) Chen as Chief Climate Risk Office to head up the Office of Climate Risk.
The report is the work of the OCC’s National Risk Committee, which monitors the condition of the federal banking system and identifies key risks, emerging threats to the system’s safety and soundness, and ability to provide fair access to financial services. The committee’s members include senior agency officials who supervise banks of all sizes and develop bank supervisory policy.
OCC issues bulletin on expectations for protecting non-public information. In a September 7 bulletin to banks and other financial institutions, including community banks, the OCC summarized its expectations for protecting non-public OCC information shared on video teleconferencing (VTC) services that are operated or managed by an institution or any other party. Banks and other parties in possession of non-public information are prohibited by regulation from disclosing such information without the OCC’s prior approval except in very limited circumstances, a prohibition that extends to the disclosure of information displayed, processed, stored or transmitted by non-OCC information systems, including VTC services. The bulletin explains legal requirements for protecting non-public OCC information, how VTC services can be secured to prevent disclosure of non-public OCC information, the types of non-public OCC information covered in the bulletin and the OCC’s requirements for protecting non-public OCC information. Under the security measures required for OCC personnel to participate in meetings hosted by an institution subject to OCC examination, the non-OCC VTC service must support an encrypted connection that protects transmission confidentiality with end-point devices used to access the service. The agency stated that its own VTC systems meet the encryption and other security requirements for protecting non-public information that it expects from institutions under its supervision.
Senate confirms FDIC nominees. The Senate on December 19 confirmed President Joe Biden’s nominees to lead the Federal Deposit Insurance Corporation (FDIC).
- Martin Gruenberg, who served as chair of the FDIC Board of Directors from 2012 to 2018, and who has been serving as acting chair since former chair Jelena McWilliams resigned in February 2022, was approved for another full five-year term as chair by a voice vote. He was also concurrently confirmed for an additional six-year term as a member of the Board in a 45-39 roll call vote, with 16 senators not voting.
- Senator Pat Toomey (R-PA), the outgoing ranking member of the Banking Committee, and Senator Roy Blunt (R-MO), who is also retiring, joined with the Democrats in the otherwise party-line vote.
- The Senate confirmed, by voice votes, the nominations of Travis Hill and Jonathan McKernan as members of the Board. Hill was also confirmed to serve as vice-chair. Biden had nominated the two Republicans to the Board, as no more than three members can be from the same political party.
- Hill, a top aide to former Chair McWilliams, was approved for a full six-year term to the Board.
- McKernan, who has served as senior counsel at the Federal Housing Finance Agency and a member of the Banking Committee staff, was tapped to serve out the remainder of McWilliams’s term, which expires May 31, 2024.
- The confirmations give the FDIC Board its full complement of members for the time since 2015. The Board is intended to have five members, two of whom are the Comptroller of the Currency and the director of the Consumer Financial Protection Bureau (CFPB). Grunberg, Acting Comptroller Michael Hsu and CFPB Director Rohit Chopra are Democrats.
Laws in three states regarding commercial financing providers take effect, with a fourth state pending. In the last six months, state laws and regulations that require a broad class of commercial financing providers, including those providing merchant cash advances and factoring, to provide consumer-like disclosures to financing recipients have taken effect in California, Utah and Virginia. In Utah and Virginia, certain providers are also required to register with the applicable state agency. Additionally, New York state regulators are finalizing regulations for the law enacted in 2020 requiring providers of commercial financing to provide consumer-like disclosures similar to that of California.
California. Beginning December 9, 2022, persons providing commercial financing (including small business loans and merchant cash advances) to borrowers “whose business is principally directed or managed from California” are required to provide borrowers with consumer-like disclosures, after the California Department of Financial Protection and Innovation (DFPI) issued final regulations on June 15 to implement SB 1235, otherwise known as the California Commercial Financing Disclosure Law (CCFDL). While the CCFDL was signed into law in 2018, it could not take effect until the DFPI issued final regulations and those regulations took effect. We previously summarized the CCFDL and its implementing regulations in the June 27, 2022 edition of Bank Regulatory News and Trends.
Utah. Governor Spencer Cox signed the Commercial Financing Registration and Disclosure Act (CFRDA) into law on March 24, 2022. Pursuant to the CFRDA, commercial financing providers (those who make more than five commercial financing transactions in Utah in any calendar year) must register with the Utah Department of Financial Institutions and provide certain disclosures, effective January 1, 2023. The CFRDA explicitly states that a “commercial financing transaction” includes a commercial loan, a commercial open-end credit plan and an accounts receivable purchase transaction, and excludes commercial financing transactions exceeding $1 million. Utah’s requirement applies to both providers and brokers of commercial financial products offered in Utah.
Virginia. Virginia became the second state to adopt registration requirements applicable to merchant cash advance providers, when, on April 11, 2022, Governor Glenn Youngkin signed House Bill 1027 into law. Unlike the laws of Utah and California which apply broadly to many forms of commercial financing, Virginia’s new law is narrowly focused on providers of sales-based (ie, merchant cash advance) financing. The law defines sales-based financing as a “transaction that is repaid by the recipient to the provider, over time, as a percentage of sales or revenue, in which the payment amount may increase or decrease according to the volume of sales made or revenue received by the recipient.” The term also includes transactions with a “true-up mechanism where the financing is repaid as a fixed payment but provides for a reconciliation process that adjusts the payment to an amount that is a percentage of sales or revenue.” The new law requires providers to register with the Virginia State Corporation Commission beginning November 1, 2022, and annually thereafter.
New York. New York passed a law in 2020 requiring providers of commercial financing to provide consumer-like disclosures. However, New York’s requirement will not take effect until the New York Department of Financial Services (NYDFS) finalizes implementing rules and regulations. Most recently, in September 2022, NYDFS published proposed rules that propose a compliance date for the disclosures would be six months after the date of publication of the Notice of Adoption of the final regulations in the New York State Register.
CFPB asks Supreme Court to rule on constitutionality of its funding, as AGs from red and blue states weigh in – for differing reasons. Following a ruling last fall by a federal appeals court that the funding method for the Consumer Financial Protection Bureau is unconstitutional, the CFPB is fighting back. A three-judge panel of the US Court of Appeals for the Fifth Circuit in New Orleans on October 19 issued its decision as part of a ruling on an appeal of a case challenging the validity of the CFPB’s 2017 payday lending rule, which regulates higher-interest rate lenders. The court found that “Congress’ decision to abdicate its appropriations power under the Constitution, i.e., to cede its power of the purse to the bureau, violates the Constitution’s structural separation of powers.” On November 15, the CFPB filed a certiorari petition with the US Supreme Court – rather than appealing to the full circuit court – seeking review of the lower court’s decision on an expedited basis, arguing that a delay in resolving the case beyond the current court term “would severely prejudice the CFPB, consumers, and the entire financial industry.” The CFPB petition notes the appeals court itself recognized that every other court to consider the agency’s funding structure, including the DC Circuit and at least six district courts, has deemed it constitutionally sound.
- Attorneys general from a majority of the 50 states have joined in calling on the Supreme Court to review the constitutionality question, though the two coalitions have distinctly different reasons for doing so. On one side is a group of 22 Democratic state and district Attorneys General who filed an amicus brief supporting the CFPB and its funding method. On the other side is a group of 16 Republican state Attorneys Generals who filed a friend of the court brief calling for the appeals court’s ruling to be upheld.
- The Supreme Court, in a 5-4 decision issued in June 2020, ruled that part of the structure of the CFPB violated the constitutional separation of powers. The high court determined that the president does indeed have the authority to remove the bureau’s director at will, but the justices rejected the argument that the court should strike down the rest of the Dodd-Frank law that established the bureau (as discussed in the July 14, 2020 edition of Bank Regulatory News and Trends).
- The underlying case is Community Financial Services Association of America v Consumer Financial Protection Bureau. Community Financial Services’ opposition brief is due on January 13, and the CFPB has indicated that it will respond on January 25.
Goolsbee takes the helm at the Chicago Fed. Austan Goolsbee, a former economic adviser to President Barack Obama, has been named the next president and CEO of the Federal Reserve Bank of Chicago. In its December 1 announcement, the Chicago Fed said Goolsbee will become a voting member of the Federal Open Market Committee upon taking office. Previously a professor at the University of Chicago’s Booth School of Business, Goolsbee was chairman of the Council of Economic Advisers from 2009 through 2011 and was a member of the President’s cabinet.