Compliance Monthly Newsletter

November 2020 Compliance Newsletter

The Fair Lending and HMDA Conundrum
Earlier this year, many smaller institutions were elated at the prospect that they
would no longer be subject to the HMDA data collection and report rules as of July 1,
2020.

On April 16, 2020, the Consumer Financial Protection Bureau (Bureau) issued a final
rule amending Regulation C. This final rule adjusted Regulation C’s institutional and
transactional coverage thresholds for closed-end mortgage loans and open-end lines
of credit.

• Effective July 1, 2020, the final rule permanently raises the closed-end coverage
threshold from 25 to 100 closed-end mortgage loans in each of the two
preceding calendar years.

• Effective January 1, 2022, when the temporary threshold of 500 open-end lines
of credit expires, the final rule sets the permanent open-end threshold at 200
open-end lines of credit in each of the two preceding calendar years.

October 2020 Compliance Newsletter

CFPB Highlights Regulatory Observations

In its Summer edition of Supervisory Highlights, the CFPB has highlighted regulatory observations in several areas. These observations resulted from examination activity during the fourth quarter of 2019.

As you prepare for 2021, it is a great time to review internal policies and practices regarding the highlighted topics to ensure that we are meeting the spirit and intent of the regulatory requirements. Training programs should be enhanced to incorporate these observations as well as focusing on the specific regulatory requirements that have been mentioned. Also, review your compliance monitoring programs and internal audit programs to ensure that the scope of testing is sufficiently detailed to detect instances noncompliance or compliance weaknesses.

September 2020 Compliance Newsletter

Have you Kicked the Tires on Your Overdraft Program Lately?

In light of the recent TD Bank Consent Order concerning its overdraft activities, it may be a good time to revisit your institution’s overdraft program.  Overdraft programs continue to be a major focus of the regulators and are on Accume’s compliance “hot topics” honor roll!

So, what did TD Bank do wrong?  The CFPB examination disclosed the following violations regarding TD’s overdraft program, deeming it to have “deceptive” enrollment practices:

• Failure to obtain the consumers’ affirmative consent to enroll in its overdraft-protection service and subsequently charging those consumers overdraft fees regarding that service;
• Engaging in abusive acts or practices while offering the program to consumers in person; deceptive acts or practices while offering DCA to consumers in person, over the phone, and through mailed solicitations;
• Failure to establish and implement reasonable written policies and procedures concerning the accuracy and integrity of information the Bank furnished to consumer reporting agencies; and
• Failure to conduct timely investigations of indirect disputes concerning consumer reporting agency furnishing.

August 2020 Compliance Newsletter

Pandemic Frauds, Scams, and Other Schemes

Over the past few months, FinCEN, the FTC and other regulatory agencies have been alerting financial institutions to various frauds, schemes and other illegal activity brought about by the COVID-19 pandemic. This article highlights some of the recent scams.

Impostor Scams. In impostor scams, criminals impersonate organizations such as government agencies, non-profit groups, universities, or charities to offer fraudulent services or otherwise defraud victims. While impostor scams can take multiple forms, the basic methodology involves an actor (1) contacting a target under the false pretense of representing an official organization, and (2) coercing or convincing the target to provide funds or valuable information, engage in behavior that causes the target’s computer to be infected with malware, or spread disinformation. These scams are used to defraud and deceive the vulnerable, including the elderly and unemployed, through the solicitation of payments (such as digital payments and virtual currency), donations, or personal information via email, robocalls, text messages, etc.

Red Flags to be alert to:

• Contact from a person claiming to represent a government agency by phone, or electronic means for personal or bank account information to verify, process, or expedite EIPs, unemployment insurance, or other benefits.
• Receipt of a document that appears to be a check or a prepaid debit card from the U.S. Treasury for less than anticipated EIP with instructions to contact a fraudulent agency to gain personal information.
• Unsolicited communications from purported trusted sources or government programs related to COVID-19 requiring the viewer to click on a link to provide personal information or E-mails addresses that do not match the name of the sender.
• Donation solicitations from organizations that are not associated or affiliated with reputable charities.
• Charities that do not have a history, IRS returns or financial statements.

Read more below.

July 2020 Compliance Newsletter

OCC Issues Updated Booklet “Unfair or Deceptive Acts or Practices and Unfair, Deceptive, or Abusive Acts or Practices“

On June 29, 2020, the OCC released its updated examination procedures concerning the  UDAP/UDAAP booklet. The booklet provides expanded procedures to assist examiners in evaluating UDAP and UDAAP risks and in assessing associated risk management (including evaluating a bank’s CMS). This booklet is structured consistent with inter-agency consumer compliance and is a good guide for updating and establishing a UDAP/UDAAP risk management program for your institution.

The risks associated with UDAP and UDAAP are compliance, credit, operational, strategic, and reputation. The consequences of engaging in UDAP or UDAAP can include litigation, enforcement actions (including civil money penalties [CMP]), and monetary restitution.

Some of the UDAP/UDAAP red flags discussed in the booklet include:

• Customer complaints. Complaints can reveal a weakness in a particular product or service or can identify customers’ dissatisfaction with or lack of understanding of products or services, including products offered or services performed by third parties.
• Whistleblower referrals. Examples of whistleblower referrals that would indicate increased UDAP or UDAAP risk or the likelihood of potential UDAP or UDAAP issues include those that focus on the institution’s marketing or sales practices or disclose the failure of the institution to deliver products or services as promised.

Read more about the UDAP/UDAAP red flags below.

June 2020 Compliance Newsletter

HMDA Changes Are Coming…What Does it Mean?

On April 16, 2020, the Consumer Financial Protection Bureau (Bureau) issued a final rule amending Regulation C. This final rule adjusts Regulation C’s institutional and transactional coverage thresholds for closed-end mortgage loans and open-end lines of credit. Effective July 1, 2020, the final rule permanently raises the closed-end coverage threshold from 25 to 100 closed end mortgage loans in each of the two preceding calendar years. Effective January 1, 2022, when the temporary threshold of 500 open-end lines of credit expires, the final rule sets the permanent open-end threshold at 200 open-end lines of credit in each of the two preceding calendar years.

Closed-End Coverage Threshold Facts

The final rule permanently raises the closed-end coverage threshold from 25 to 100 closed-end mortgage loans in each of the two preceding calendar years, effective July 1, 2020. This threshold applies to both depository and non-depository institutions.  If you are newly impacted, read the June Compliance Newsletter to find out what the changes may mean for you.

May 2020 Compliance Newsletter

Regulation D Limitations Suspended…What Does it Mean?

On Friday, April 24th, the Board of Governors of the Federal Reserve System published the amended Regulation D (Reserve Requirements of Depository Institutions) to eliminate transaction limitations on certain kinds of transfers and withdrawals that may be made each month from “savings deposits.” The amendments are intended to allow depository institution customers more convenient access to their funds and to simplify account administration for depository institutions.

There are no mandatory changes to deposit reporting associated with the amendments. The effective date was April 23, 2020. Regulation D distinguishes between reservable “transaction accounts” and non-reservable “savings deposits” based on the ease with which the depositor may make transfers (payments to third parties) or withdrawals (payments directly to the depositor) from the account. Prior to this interim final rule, Regulation D limited the number of certain convenient kinds of transfers or withdrawals that an account holder may make from a “savings deposit” to not more than six per month (six transfer limit).

March 2020 Compliance Newsletter

Military Lending Act Limitations on Terms of Consumer Credit Extended to Service Members and Dependents

In July 2015, the DOD issued a final rule amending its regulation implementing the Military Lending Act (MLA)  primarily for the purpose of extending the protections of the MLA to a broader range of closed-end and open-end credit products, rather than the limited credit products that had been defined as “consumer credit.”  Among other amendments, the July 2015 Final Rule modified provisions relating to the optional mechanism a creditor may use when assessing whether a consumer is a “covered borrower,” modified the disclosures that a creditor must provide to a covered borrower and implemented the enforcement provisions of the MLA.

The DOD has received requests to clarify its interpretation of points from the July 2015 Final Rule with an Interpretive Rules issued August 2016 and December 2017.   The February 2020  Interpretive Rule amends and seeks to answer the following questions:

February 2020 Compliance Newsletter

CFPB’s Statement of Policy Regarding Prohibition on Abusive Acts of Practices

On January 27, 2020, the CFPB issued a Policy Statement to provide more clarity about how it intends to approach its use of the “abusiveness” standard in its supervision and enforcement matters going forward.

The Policy Statement is intended to provide information regarding the CFPB’s general plans to exercise its discretion and does not impose any legal requirements on external parties, nor does it create or confer any substantive rights on external parties that could be enforceable in any administrative or civil proceeding. In addition, the Policy Statement does not impose any new or revise any existing record-keeping, reporting, or disclosure requirements on covered entities.

January 2020 Compliance Newsletter

Nacha Third Party Sender Registration

This rule requires Originating Depository Financial Institutions (ODFIs) to identify and register their Third-Party Sender customers. The registration process promotes consistent customer due diligence among all ODFIs, and serves as a tool to support Nacha’s continuing efforts to maintain ACH Network quality. This requirement became effective on March 1, 2018.

As a result of recent audit’s, Accume Partner’s has become aware of an ongoing issue concerning Nacha requirements. Financial institutions have been receiving a notice regarding failure to register their Third Party Sender status as well as re-registering their direct access status required since March 1, 2018.

Nacha considers this a Class 2 Rules violation and subject to fines up to $100,000 at the discretion of the Nacha panel referenced notice received.  Per contacts at Nacha, Accume has been informed that Nacha is aggressively pursuing financial institutions that haven’t registered as required. Registration (confirming or denying) is required for ALL originators.