Mortgage Banking Update - January 5, 2023
In This Issue:
- CFPB Proposes Creation of Registration System for Nonbanks Subject to Agency or Court Orders Involving Alleged Violations of Federal, State, or Local Consumer Protection Laws
- Federal Reserve Board Issues Final Rule on Benchmark Replacements for Contracts That Use LIBOR
- Fannie Mae and Freddie Mac Announce LIBOR Replacement Indices
- FHA issues Mortgagee Letter Modifying Conflict of Interest and Dual Employment Policies
- CFPB Annual CARD Act, HOEPA, QM Adjustments Do Not Include Credit Card Penalty Fees Safe Harbors
- CFPB Adjusts HMDA and HPML Asset Exemption Thresholds
- 2022 Fair Lending Interagency Webinar Looks at Redlining, Appraisal Bias, Special Purpose Credit Programs
- CFPB and FHFA Publish Updated Data From National Survey of Mortgage Originations
- NLRB Adds Consequential Damages to Standard Remedy for Unfair Labor Practices
- Podcast: A Close Look at Earned Wage Access (EWA) products, With Molly Jones, Vice President for Government Affairs, PayActiv
- New CFPB Report Proactively Encourages Creditors To Apply SCRA Interest Rate Benefits
- CFPB Moves To Dismiss Chamber’s Lawsuit Challenging UDAAP Update To Exam Manual and Opposes Chamber’s Motion for Summary Judgment
- State AGs File Amicus Briefs Urging Supreme Court To Grant CFPB’s Petition for Certiorari Seeking Review of Fifth Circuit Ruling That CFPB’s Funding Is Unconstitutional
- CFPB Issues Updated HELOC Booklet
- CFPB Addresses Mortgage Financing Options in a Higher Rate Environment
- NYDFS Releases Virtual Currency Guidance for Banking Organizations
- Proposed Rule Continues FDIC Focus on Use and Misuse of FDIC Name and Logo; CFPB Director Chopra Applauds
- Privacy, Cybersecurity and Access to Beneficial Ownership Information: FinCEN Issues Notice of Proposed Regulations Under the Corporate Transparency Act
- Money Laundering Watch: 2022 Year in Review
- Arizona AG Issues Opinion Concluding That No-Interest, Non-Recourse Earned Wage Access Products Are Not ‘Consumer Lender Loans’ Requiring a ‘Consumer Lender” License
- Washington Department of Financial Institutions Issues Regulations On Work From Home Effective December 31, 2022
For the latest updates on the COVID-19 pandemic visit the Ballard Spahr COVID-19 Resource Center
On December 12, 2022, the CFPB released a proposed rule that would require certain “covered nonbanks” to register with and submit information to the CFPB when they become subject to certain orders from local, state, or federal agencies and courts involving violations of certain consumer protection laws. The CFPB has further proposed to make the registration information publicly available, including by publishing it on the Bureau’s website.
According to the Bureau, the registry will allow it to more effectively monitor and reduce the risks to consumers posed by “repeat offenders.” In issuing the proposal, the Bureau relies on its authority under Consumer Financial Protection Act (CFPA) sections 1022(b) and (c) and 1024(b). Comments on the proposal will be due no later than 60 days after the date the proposal is published in the Federal Register.
CFPA section 1022(b) authorizes the Bureau to prescribe rules “as may be necessary or appropriate to enable the Bureau to administer and carry out the purposes and objectives of the Federal consumer financial laws, and to prevent evasions thereof.” CFPA section 1022(c) authorizes the Bureau to prescribe rules to collect information from covered persons for purposes of monitoring for risks to consumers in the offering or provision of consumer financial products or services, including “rules regarding registration requirements applicable to a covered person, other than an insured depository institution, insured credit union, or related person.” Section 1022(c) also authorizes the Bureau to publicly release information obtained pursuant to section 1022, subject to limitations specified therein.
Key aspects of the proposal include the following:
Covered nonbanks. The CFPB’s proposal would define a “covered nonbank” to mean any person that is not one of the following: an insured depository institution (or related person); insured credit union (or related person); a state; a natural person; a motor vehicle dealer that is predominantly engaged in the sale and servicing of motor vehicles except to the extent the dealer engages in certain functions not exempt from CFPB’s rulemaking; or a person that is excluded from the Bureau’s rulemaking authority but engages in activities to which the exclusion does not apply. A “covered nonbank” that is identified by name as a party subject to a “covered order” would be required to register with the CFPB and submit the required information no later than 90 days after the effective date of a “covered order.”
Covered orders. A “covered order” would be defined to mean a final, public order, issued by an agency or court (whether or not issued upon consent), that, among other requirements, was issued at least in part in any action or proceeding brought by any federal, state, or local agency, contains public provisions imposing obligations on the covered nonbank to take certain actions or to refrain from taking certain actions, imposes such obligations on the covered nonbank based on an alleged violation of a “covered law,” and has an effective date on or later than January 1, 2017, and remains in effect as of the date of the Bureau’s rule establishing the registration requirement .
Covered law. A “covered order” must involve an alleged violation of a “covered law.” The proposal would define a “covered law” as any of the following to the extent the alleged violation of law arises out of conduct in connection with the offering or provision of a consumer financial product or service: a Federal consumer financial law or any other law as to which the CFPB has enforcement authority; the FTC Act’s UDAP prohibition; a state law prohibiting unfair, deceptive, or abusive acts or practices (which is identified in Appendix A to the proposal); or a rule or order issued by a state agency for the purpose of implementing a UDAAP prohibition contained in such a state law.
Annual reporting requirement for supervised entities. The proposal would impose an additional annual reporting requirement on a nonbank entity that is subject to the CFPB’s supervisory authority and that is subject to a “covered order,” with certain exceptions. Accordingly, the nonbanks to whom the annual reporting requirement would apply include: mortgage companies, mortgage servicers, payday lenders, and private education lenders; entities considered a “larger participant” under the CFPB’s larger participant rules for consumer reporting, consumer debt collection, student loan servicing, auto financing, and international money transfers; and entities as to whom the CFPB has invoked risk-based supervision. The proposal includes exemptions for a service provider that is subject to CFPB supervision solely in its capacity as a service provider, motor vehicle dealers predominantly engaged in the sale and servicing of motor vehicles except to the extent a dealer engages in certain functions not exempt from CFPB’s rulemaking, and an entity with less than $1 million in annual receipts from offering or providing consumer financial products or services.
A supervised entity subject to the annual reporting requirement would be required to annually designate an “attesting executive” for each covered order to which it is subject and for all related submissions to the CFPB. The attesting executive must be the entity’s highest-ranking senior executive officer or an individual charged with managerial or oversight responsibility for the entity whose duties include ensuring the entity’s compliance with Federal consumer financial laws and who has knowledge of the entity’s systems and procedures for complying with the covered order and control over the entity’s compliance efforts. By March 31 of each calendar year, the entity would be required to submit to the registration system a written statement signed by an attesting executive with respect to each covered order with an effective date on or after the date the registration system is implemented. In the statement, the attesting executive must describe the steps that the executive has taken to review and oversee the entity’s activities subject to the covered order for the preceding calendar year and attest whether, to the executive’s knowledge, the entity during the preceding calendar year identified any violations or other instances of noncompliance that were imposed in a public provision of the covered order based on a violation of a covered law.
Industry has raised serious concerns about the Bureau’s proposed registry, including that it seems more like a “name and shame” tactic rather than a useful tool. In our view, the registry bears great similarity to the CFPB’s disclosure of unverified, anecdotal complaint data in its consumer complaint database. Since the creation of the database, a primary concern of industry (and one which we have often noted) has been that because complaints are often invalid, they do not serve as reliable evidence that the complained about conduct occurred. The proposed rule would require registration of consent orders as well as final litigated orders. In most consent orders, the company does not admit any wrongdoing. Indeed, enforcement actions are very often resolved through consent orders not because the company has engaged in the wrongful conduct alleged but because enforcement actions are very costly to defend and can drain a company’s resources.
Given the significant concerns raised by the Bureau’s proposal, the only thing about it that we find praiseworthy is that the CFPB has decided to comply with the Administrative Procedure Act requirements for adopting a regulation rather than attempt to implement this initiative by fiat of the Director.
The Federal Reserve Board issued a final rule last week that establishes default rules for benchmark replacements in certain contracts that use the London Interbank Offered Rate (LIBOR) as a reference rate. LIBOR will be discontinued in June 2023. The rule implements the Adjustable Interest Rate (LIBOR) Act, which was enacted in March 2022. The final rule will be effective 30 days after the date it is published in the Federal Register.
In response to the discontinuation of LIBOR, Congress enacted the LIBOR Act to provide a uniform, nationwide solution for replacing references to LIBOR in existing contracts with no or inadequate fallback provisions, meaning no or inadequate contract provisions for determining an alternative reference rate. For these contracts, the final rule replaces references to LIBOR in the contracts with the applicable Board-selected replacement rate after June 30, 2023. The rule identifiesfive separate Fed-selected replacement reference rates for different types of contracts, including consumer credit transactions. As required by the LIBOR Act, each replacement reference rate is based on the Secured Overnight Financing Rate (SOFR).
The CFPB addressed the discontinuation of LIBOR through Regulation Z and Official Staff Commentary amendments issued in December 2021. The final rule became effective on April 1, 2022, with the exception of certain changes to two post-consummation disclosure forms that become effective on October 1, 2023. The mandatory compliance date for revisions to Regulation Z change-in-terms notice requirements was October 1, 2022, and the mandatory compliance date for all other provisions of the final rule was April 1, 2022.
Before the amendments, Regulation Z’s open-end credit provisions only allowed HELOC creditors and card issuers to change an index and margin used to set the APR on a variable-rate account when the original index “becomes unavailable” or “is no longer available” and certain other conditions are met. Having determined that all parties would benefit if creditors and issuers could replace a LIBOR-based index before LIBOR becomes unavailable, the CFPB’s final rule added a new provision that allows HELOC creditors and card issuers (subject to contractual limitations) to replace a LIBOR-based index with a replacement index and margin on or after April 1, 2021, including an index based on the SOFR. However, in connection with the final Regulation Z rule, the CFPB reserved judgment on whether it would identify a SOFR-based index as comparable to the 1-year LIBOR index, indicating that it would consider whether to issue a supplemental final rule on replacements to the 1-year LIBOR index after reviewing the Alternative Reference Rates Committee’s recommendations for a replacement rate. In May 2022, the ARRC recommended the use of the 12-month SOFR term rate to replace 12-month LIBOR rates.
For closed-end credit, Regulation Z provides that a refinancing subject to new disclosures results if a creditor adds a variable-rate feature to a closed-end credit product but that a variable-rate feature is not added when a creditor changes the index to one that is “comparable.” The CFPB’s final rule added new commentary that provides examples of the types of factors to be considered in determining whether a replacement index is a “comparable” index to a particular LIBOR-based index.
For consumer loans subject to Regulation Z that give the creditor or card issuer authority to replace a LIBOR-based index with a new index that is not based on LIBOR, the LIBOR Act would not require the creditor or card issuer to use a SOFR-based replacement index. However, pursuant to the LIBOR Act and the Fed’s final rule, the Fed-selected SOFR-based index will automatically replace a LIBOR-based index if the creditor or card issuer has not selected a replacement index by the earlier of the date LIBOR is discontinued or the latest date for selecting a replacement index under the terms of the credit contract.
The LIBOR Act provides a number of safe harbor provisions that protect a creditor that selects the SOFR-based rates designated in the Fed’s final rule as a replacement for a LIBOR-based index. In response to comments on its proposed rule, the Fed added a new section to the final rule that expressly states that the LIBOR Act’s safe harbor protections apply to any LIBOR contract for which a Fed-selected replacement rate becomes the replacement rate pursuant to the provisions of the final rule. Also in response to comments, the Fed affirmed in its discussion of the final rule that, consistent with the LIBOR Act, the final rule does not affect any requirements imposed by any provision of Federal consumer financial law.
For more recent closed-end adjustable-rate notes that use a LIBOR-based index, Fannie Mae and Freddie Mac have adopted fallback language that would require the noteholder to replace a LIBOR-based index with the SOFR-based index designated in the Fed’s final rule. Even if not required by the LIBOR Act, Regulation Z, or contract to replace a LIBOR-based index with a SOFR-based index, HELOC lenders and card issuers should consider whether to take advantage of the LIBOR Act’s safe harbor provisions when selecting a replacement index. In addition, the safe harbor provisions should also be considered by noteholders or other creditors before selecting a replacement index for closed-end adjustable-rate mortgages or other closed-end variable-rate credit products that do not contractually require use of a SOFR-based replacement index.
Following the adoption by the Federal Reserve Board of a final rule under the Adjustable Interest Rate (LIBOR) Act, Fannie Mae and Freddie Mac have announced replacement indices for their legacy London Interbank Offered Rate (LIBOR)-based loans and securities.
For single family mortgage loans and related mortgage-backed securities, as expected, Fannie Mae and Freddie Mac have selected the relevant tenor of the spread adjusted CME Term Secured Overnight Financing Rate (SOFR). The transition to the replacement indices will occur the day after June 30, 2023. June 30, 2023, is scheduled to be the last date on which the Intercontinental Exchange, Inc. (ICE) Benchmark Administration Limited will publish a representative rate for all remaining tenors of U.S. dollar LIBOR. The full transition to the spread adjusted CME Term SOFR indices will occur over one year. Values for the spread adjusted CME Term SOFR indices will be available from Refinitiv Limited.
The Fannie Mae and Freddie Mac announcements also address replacement indices for multifamily loans and related mortgage-backed securities, single family and multifamily collateralized mortgage obligations and credit risk transfer securities, and derivatives.
In Mortgagee Letter 2022-22 dated December 15, 2022, the FHA announced updates to its Single Family Housing Policy Handbook (HUD Handbook 4000.1) that modifies its policies governing conflicts of interest and dual employment. The modifications both narrow the employees who are subject to the conflicts of interest policies, and subjects those employees to what appear to be more significant restrictions. Further, the modifications removed the dual employment policy language from HUD Handbook 4000.1. The modifications became effective upon issuance and may present difficulties for some FHA mortgage lenders.
With regard to conflicts of interest, the Mortgagee Letter removes the following language from HUD Handbook 4000.1:
“Employees are prohibited from having multiple roles in a single FHA-insured transaction. Employees are prohibited from having multiple sources of compensation, either directly or indirectly, from a single FHA-insured transaction.”
The section of the Handbook that contained the conflicts of interest language now provides that an FHA lender’s “employees will be subject to FHA’s Conflict of Interest policy.” The new Conflicts of Interest policy includes the following provisions:
“Participants that have a direct impact on the mortgage approval decision are prohibited from having multiple roles or sources of compensation, either directly or indirectly, from a single FHA-insured transaction. These participants are:
Indirect compensation includes any compensation resulting from the same FHA-insured transaction, other than for services performed in a direct role. Examples include, but are not limited to:
- Compensation resulting from an ownership interest in any other business that is a party to the same FHA-insured transaction; or
- Compensation earned by a spouse, domestic partner, or other Family Member that has a direct role in the same FHA-insured transaction.”
Under the modified policies, only underwriters, appraisers, inspectors and engineers are subject to the Conflicts of Interest Policy. However, those parties are subject to what appear to be significant restrictions on compensation, even with regard to compensation of a spouse, domestic partner, or family member with a direct role in the same transaction.
The HUD glossary of terms for HUD Handbook 4000.1 includes the following definition of “family member,” which applies for purposes of the Conflict of Interest policy:
“Family Member is defined as follows, regardless of actual or perceived sexual orientation, gender identity, or legal marital status:
- child, parent, or grandparent;
- a child is defined as a son, stepson, daughter, or stepdaughter;
- a parent or grandparent includes a stepparent/grandparent or foster parent/grandparent;
- spouse or domestic partner;
- legally adopted son or daughter, including a child who is placed with the Borrower by an authorized agency for legal adoption;
- foster child;
- brother, stepbrother;
- sister, stepsister;
- aunt; or
- son-in-law, daughter-in-law, father-in-law, mother-in-law, brother-in-law, or sister-in-law of the Borrower.”
The Mortgagee Letter also deleted the HUD Handbook 4000.1 dual employment provisions, which had read as follows:
“The Mortgagee must require its employees to be its employees exclusively, unless the Mortgagee has determined that” the employee’s other outside employment, including any self-employment, does not create a prohibited conflict of interest.”
The existing policies addressing compensation for underwriting and quality control staff, the reporting structure for underwriters, and conflicts of interest for home equity conversion mortgage (HECM) originators remain unchanged.
FHA lenders should take a careful look at the parties subject to the new policies to assess if any changes in operations are necessary or appropriate.
On December 23, the CFPB published a final rule in the Federal Register regarding various annual adjustments it is required to make under provisions of Regulation Z (TILA) that implement the CARD Act, HOEPA, and the ability to repay/qualified mortgage provisions of Dodd-Frank. The adjustments reflect changes in the Consumer Price Index (CPI) in effect on June 1, 2022 and will take effect January 1, 2023.
In addition to not including adjustments to the credit card penalty fees safe harbor, the 2023 adjustments are notable for the lateness of their publication by the CFPB. By way of comparison, the CFPB published the adjustments for 2022 in the Federal Register on November 2, 2021. Given the systems and operational changes that the adjustments require mortgage lenders to have in place by their January 1 effective date, the CFPB’s delay in publishing the 2023 adjustments is inexcusable.
CARD Act. Regulation Z provides for the CFPB to annually adjust (1) the minimum interest charge threshold that triggers disclosure of the minimum interest charge in credit card applications, solicitations and account opening disclosures, and (2) the penalty fees safe harbor amounts.
In the notice, the CFPB announced that the calculation did not result in a change for 2023 to the current minimum interest charge threshold (which requires disclosure of any minimum interest charge above $1.00). (An increase in the minimum interest charge requires the change in the CPI to cause an increase in the minimum charge of at least $1.00.)
The notice does not mention the credit card penalty fees safe harbors, which are set forth in Regulation Z Section 1026.52(b)(1)(ii)(A) and (B). Section 1026.52(b)(1)(ii)(D) provides that that these amounts “will be adjusted annually by the Bureau to reflect changes in the Consumer Price Index.” For purposes of determining whether to make an adjustment in the minimum interest charge threshold, the CFPB used the CPI for Urban Wage Earners and Clerical Workers (CPI–W), which increased by 8.9 percent over the relevant period. Since the CFPB has also used the CPI-W when making past adjustments to the penalty fees safe harbor amounts, an adjustment for 2023 to the safe harbor amounts using the CPI-W presumably would reflect an 8.9 percent increase.
In June 2022, the CFPB issued an Advance Notice of Proposed Rulemaking (ANPR) regarding credit card late fees. The issuance of the ANPR followed the CFPB’s release of a report on late fees in March 2022. Both the CFPB’s press release about the report and its press release about the ANPR contained comments from Director Chopra regarding the amount of revenues that credit card issuers generate from late fees and concerns about fee “hikes” based on inflation. Director Chopra has also identified the CARD Act rules on credit card late fees as needing a “fresh look” from the CFPB. It would seem that the CFPB’s delay in announcing adjustments to the credit card penalty safe harbor amounts for 2023 is tied to these developments. Until an adjustment is made, the current safe harbor penalty fees of $30 for a first violation and $41 for a subsequent violation remain in effect.
HOEPA. Regulation Z provides for the CFPB to annually adjust the total loan amount and fee thresholds that determine whether a transaction is a high cost mortgage. In the final rule, for 2023, the CFPB increased the total loan amount threshold to $24,866, and the current points and fees threshold to $1,243. As a result, in 2023, a transaction will be a high-cost mortgage (1) if the total loan amount is $24,866 or more and the points and fees exceed 5 percent of the total loan amount, or (2) if the total loan amount is less than $24,866 and the points and fees exceed the lesser of $1,243 or 8 percent of the total loan amount.
Ability to repay/QM rule. The CFPB’s ability to repay/QM rule provides for the CFPB to annually adjust the points and fees limits that a loan cannot exceed to satisfy the requirements for a QM. The CFPB must also annually adjust the related loan amount limits. In the final rule, the CFPB increased these limits for 2023 to the following:
- For a loan amount greater than or equal to $124,331, points and fees may not exceed 3 percent of the total loan amount;
- For a loan amount greater than or equal to $74,599 but less than $124,331, points and fees may not exceed $3,730;
- For a loan amount greater than or equal to $24,866 but less than $74,599, points and fees may not exceed 5 percent of the total loan amount;
- For a loan amount greater than or equal to $15,541 but less than $24,866, points and fees may not exceed $1,243; and
- For a loan amount less than $15,541, points and fees may not exceed 8 percent of the total loan amount.
The CFPB recently issued a final rule increasing the asset exemption threshold under the Home Mortgage Disclosure Act (HMDA) and a final rule increasing the asset exemption threshold for the Truth in Lending Act (TILA) requirement to maintain an escrow account for a higher-priced mortgage loan (HPML).
Banks, savings associations and credit unions are not subject to HMDA for a calendar year if their assets as of December 31, of the prior calendar year did not exceed an asset threshold. The asset threshold is subject to annual adjustment based on inflation. The asset threshold for calendar year 2022 HMDA data collection and reporting is $50 million. The final rule increases the asset threshold for calendar year 2023 HMDA data collection and reporting to $54 million. As a result, banks, savings associations, and credit unions with assets of $54 million or less as of December 31, 2022, are exempt from collecting and reporting HMDA data for 2023 activity.
Regulation Z, which implements the TILA, generally requires creditors to maintain an escrow account for the payment of taxes and insurance on a first lien HPML. There are two creditor-based exemptions to the escrow account requirement. The original exemption is for creditors with assets below a certain threshold that also meet additional criteria, which include (among other criteria) extending a first lien loan subject to the Regulation Z ability to repay rule (a “covered loan”) in a rural or underserved area and having a covered loan volume, with affiliates, at or below a certain level. The asset threshold is subject to annual adjustment based on inflation. For purposes of the asset threshold, a creditor’s assets include the assets of any affiliate that regularly extends covered loans. The asset threshold for 2022 is $2.336 billion. The final rule increases the asset threshold for 2023 to $2.537 billion. As a result, if a creditor’s assets, together with the assets of its applicable affiliates, are less than $2.537 billion on December 31, 2022, and the creditor satisfies the additional criteria, the creditor will be exempt from the escrow account requirement for HPMLs in 2023. Additionally, based on a grace period in the HPML rule, such a creditor will also be exempt from such requirement for purposes of any loan consummated in 2024 if the application was received before April 1, 2024.
The asset size threshold for purposes of the original exemption from the HPML escrow account requirement also is one of the criteria that determines whether a creditor qualifies under the ability to repay rule to make loans based on the small creditor portfolio, and small creditor balloon payment, qualified mortgage loan provisions. As a result, for 2023 the $2.537 billion threshold will apply for purposes of determining if a creditor is a small creditor under such provisions.
The Economic Growth, Regulatory Relief, and Consumer Protection Act, adopted in 2018, required the CFPB to add an additional exemption from the HPML escrow account requirements for insured depository institutions and insured credit unions. The additional exemption applies to insured depository institutions and insured credit unions with assets at or below a certain threshold that also meet additional criteria, which include (among other criteria) extending a covered loan in a rural or underserved area and having a covered loan volume, with affiliates, at or below a certain level, that is lower than the level under the original exemption. The asset threshold for 2022 is $10.473 billion. The final rule increases the asset threshold for 2023 to $11.374 billion. As a result, if an insured depository institutions or insured credit union’s assets are $11.374 billion or less on December 31, 2022, and the entity satisfies the additional criteria, the entity will be exempt from the escrow account requirement for HPMLs in 2023. Additionally, based on a grace period in the HPML rule, such an insured depository institution or insured credit union will also be exempt from such requirement for purposes of any loan consummated in 2024 if the application was received before April 1, 2024.
The Federal Reserve System, through its Consumer Compliance Outlook platform, recently hosted its annual Fair Lending Interagency Webinar. During the session, a variety of fair lending topics were discussed, including redlining, appraisal bias, and Special Purpose Credit Programs (SPCPs), as well as supervision and enforcement-related updates. Presenters included representatives from the following federal agencies: Consumer Financial Protection Bureau (CFPB), Department of Housing and Urban Development (HUD); Department of Justice (DOJ); Federal Deposit Insurance Corporation (FDIC); Federal Housing Finance Agency (FHFA); Federal Reserve Board (FRB); National Credit Union Administration (NCUA); and Office of the Comptroller of the Currency (OCC).
The CFPB and HUD both focused much of their discussion on appraisal bias and the joint work being done to address discrimination in valuations. Both agencies are leading initiatives through the Property Appraisal and Valuation Equity (PAVE) Taskforce. The CFPB and HUD are working to create guidance on ECOA’s application to the appraisal industry, and develop updated examination guidance to ensure lenders are taking appropriate steps to identify and reduce the risks of discriminatory appraisal practices. The agencies also urge lenders to review and update their policies for reconsideration of value, and that lenders be prepared to provide borrowers with clear, actionable information about how to raise concerns with an appraisal if they believe a home was undervalued. Further, the CFPB commented on the joint rulemaking efforts focused on automated valuation models (AVMs), and solicited feedback from the industry on how AVMs are used and what safeguards would help reduce the risk of digital redlining. We previously reported on the CFPB addressing the issue of algorithmic bias in home valuations in connection with the joint rulemaking.
The FHFA, along with Freddie Mac and Fannie Mae, has extensively studied appraisal bias and disparities over the past few years. The FHFA discussed a recent blog post on appraisal bias based on aggregate statistics from its Uniform Appraisal Dataset (UAD). The agency found minority neighborhoods had a difference of over 40 percent more appraisals coming in under contract price in 2021, when compared to appraisals in white neighborhoods. (We previously discussed the FHFA’s use of the UAD to assess appraisal bias.) The UAD standardizes various data elements regarding an appraisal and is a valuable tool for comparing the valuation of homes across neighborhoods and cities.
During the webinar, the OCC took time to encourage banks to use SPCPs. The agency reiterated HUD’s guidance from last year that SPCPs that comply with Equal Credit Opportunity Act (ECOA) do not violate the Fair Housing Act. For banks over the $10 billion threshold for CFPB supervision, the OCC encouraged discussing the plan with the CFPB. The OCC commented on experiences they have with lenders that are hesitant or have drafted inappropriate plans. For example, some lenders have attempted to create plans with less favorable terms than mainstream products (i.e. higher pricing). The agency is working with lenders to create more helpful plans that will expand access to credit using modified credit policies and more comparable loan terms.
The NCUA remarked on the two letters to credit unions issued this year – one letter supporting the use of SPCP’s and one letter addressing fair lending violations that the agency has found during recent examinations. The agency shared that over 100 fair lending violations have been found in 2022, mostly consisting of Regulation B notification violations. It was noted that the increase in recent findings was due, in part, to the NCUA’s transactions testing, which began in 2019.
The FDIC focused on issues that are referred to the Department of Justice and recent trends in referrals. Over the last two years, FDIC examiners have found violations related to redlining, pricing, and underwriting. The agency also noted an increase in fair lending issues associated with third party activity, including improper use of marital status on online platforms and pricing discrimination through indirect auto lending. The agency described situations in which it “must” refer violations to the DOJ for further investigation. For example, in one disparate impact case against a student loan lender, the FDIC took the position that a referral was required to be made because the bank was allegedly discouraging or denying applications from students attending historically Black colleges and universities. Further, the agency explained the factors it considers during redlining investigations, which include branching, marketing and outreach efforts, and the demographics of the bank’s Community Reinvestment Act assessment area.
The FRB and DOJ discussed redlining issues and trends in enforcement. Examiners and investigators consider all facts and circumstances, including trends over time or past fair lending issues with a particular lender. The agencies will also take into account updated census data, which provide demographic information about different census tracts. The DOJ touched on a number of recent redlining enforcement actions, including a case where a bank was found to have focused its lending and marketing efforts based on geographical boundaries that excluded Black and Hispanic neighborhoods.
Ultimately, all participating regulators expressed concern with fair lending risks across the banking and housing industries and are working to resolve these issues. Regarding redlining risk, the agencies have and will continue to use HMDA data to compare the applications received by, and lending level of, creditors in minority areas, and lenders with lower levels of applications and loans are at risk of a redlining examination. We note that it is important for lenders to conduct assessments using HMDA data to determine if they need to alter their practices.
Finally, the CFPB stated it will rely on UDAAP authority to go after appraisal bias and other forms of discrimination if the discriminatory actions fit within the UDAAP framework. Other agencies commented that they will coordinate with the CFPB and work to ensure institutions under their supervision follow CFPB guidance relating to fair lending issues.
The CFPB and Federal Housing Finance Agency (FHFA) recently published for public use updated loan level data from the National Survey of Mortgage Originations (NSMO). The data also provide updated mortgage performance and credit information for a nationally representative sample of mortgage borrowers from 2013 to 2020. The NSMO public use file may be accessed here.
In releasing the updated data, the CFPB and FHFA highlight certain changes from 2019 to 2020. In 2020, mortgage refinance volume was historically high given the very low interest rates at the time, and the mortgage industry also had to cope with health safety issues presented by COVID-19. The CFPB and FHFA set forth the following “key highlights”:
- The percentage of mortgage borrowers who reported that using a paperless online mortgage process was important to them increased from 42 percent in 2019 to 48 percent in 2020.
- The percentage of mortgage borrowers who reported that the mortgage closing did not occur as originally scheduled increased from 17 percent in 2019 to 21 percent in 2020.
- The percentage of mortgage borrowers who rated themselves very familiar with available interest rates increased from 55 percent in 2019 to 69 percent in 2020.
- The percentage of mortgage borrowers who reported being very satisfied that they got the lowest interest rate for which they could qualify increased from 67 percent in 2019 to 75 percent in 2020.
- Borrowers who refinanced in 2020 were more well off financially than those who refinanced in 2019. Specifically, the percentage of mortgage borrowers who reported:
- That their household income was $175,000 or higher increased from 20 percent in 2019 to 29 percenet in 2020.
- That they owned stocks, bonds, or mutual funds increased from 43 percent in 2019 to 53 percent in 2020.
- The percentage of mortgage borrowers who refinanced their loan and reported that they were not at all concerned about qualifying for the new loan increased from 66 percent in 2019 to 76 percent in 2020.
The NSMO is part of the National Mortgage Database (NMDB). The CFPB and FHFA describe the NMDB as “the first comprehensive repository of detailed mortgage loan information designed to support policymaking and research efforts and to help regulators better understand emerging mortgage and housing market trends.”
Employers that violate the National Labor Relations Act (NLRA) will have to pay workers additional damages under a recently issued precedential decision from the National Labor Relations Board (NLRB or Board).
In Thryv, Inc., the NLRB ruled 3-2 that the Board’s standard remedy for make-whole relief should include consequential damages. The Board now will “expressly order that the respondent compensate affected employees for all direct or foreseeable pecuniary harms suffered as a result of the respondent’s unfair labor practice” to more fully realize the concept of “make-whole relief” under Section 10(c) of the NLRA.
These damages may include “out-of-pocket medical expenses, credit card debt, or other costs simply in order to make ends meet.” Any relief under the decision must be “specifically calculated.” The Board will require the General Counsel to present evidence demonstrating the amount of pecuniary harm, the direct or foreseeable nature of that harm, and why that harm is due to the employer’s unfair labor practice. In response, the employer can present evidence challenging the amount of money claimed, argue that the harm was not direct or foreseeable, or that the damages would have occurred regardless of the unfair labor practice.
Applying these new principles to the case under review, the Board ordered the respondent to compensate the employees for “reasonable search-for-work and interim employment expenses” as a result of the employees’ unlawful layoff. In addition, the Board ordered the respondent to compensate the employees for the adverse tax consequences of receiving a lump-sum back pay award.
The Board will pursue these damages in all cases, not just egregious cases, because the remedies should be restorative and not punitive, according to the Board. In addition, the Board will apply this decision retroactively to pending cases.
The Board’s dissenting members (both Republicans) argued that the new standard is too broad and will lead to speculative damages that exceed the Board’s authority. Legal challenges to the expanded remedy are likely. The expanded remedies also may lead to more appeals of Board decisions that include such make-whole relief.
Ballard Spahr’s Labor and Employment Group regularly advises clients on navigating the shifting landscape of NLRB decisions and regulations, including defense of unfair labor practice charges.
Shannon D. Farmer & Kyle I. Platt
PayActiv, which as the first EWA provider began an EWA program about 13 years ago, partners with employers to offer their employees EWA. We first discuss what EWA is, the structure of the employer model used by PayActiv and other EWA providers, and how employers participate in and employees access their wages in the employer model. We next look at the structure of direct consumer advance EWA products, the fee structures of employer model and direct consumer advance products, employee usage and benefits of EWA, the CFPB’s advisory opinion on EWA, PayActiv’s participation in the CFPB’s sandbox program, and tax issues raised by EWA. We conclude with a discussion of federal and state regulatory activity directed at EWA and the future outlook for EWA.
Molly is our third podcast guest to come to our attention through the database created by Devina Khanna, a Congressional staffer, that identifies women in the financial services area (lawyers and non-lawyers) who are interested in speaking opportunities. Devina’s database has been a vital component of our new initiative to feature more women as guests on weekly episodes of our Consumer Finance Monitor Podcast.
Alan Kaplinsky, Senior Counsel in Ballard Spahr’s Consumer Financial Services Group, hosts the conversation.
To listen to the episode, click here.
On December 7, 2022, the CFPB issued a report recommending that creditors proactively provide Servicemember Civil Relief Act (SCRA) interest rate benefits to eligible customers, bypassing the statute’s requirements of a written request from the servicemember and proof of military service. The report, titled “Protecting Those Who Protect Us: Evidence of activated Guard and Reserve servicemembers’ usage of credit protections under the Servicemembers Civil Relief Act,” highlights the underutilization of the SCRA’s interest rate benefit by eligible servicemembers.
The SCRA, 50 USC § 3901 et seq, provides a number of important financial benefits and protections to active duty servicemembers. Although not officially classified as such within the statute, SCRA provisions can generally be categorized as either “protections” or “benefits.” Examples of protections under the SCRA include provisions preventing foreclosure (§ 3953), eviction (§ 3951), and repossession (§ 3952) – these are actions which cannot be taken against an active duty servicemember and the onus is on the creditor to ensure it identifies servicemembers entitled to those protections in order to comply with the law. Benefits, on the other hand, are available to eligible servicemembers on request but are not automatically required, such as the 6 percent interest rate cap on credit originated before active duty commences (§ 3937) and early lease termination rights (§ 3955). The SCRA explicitly requires a servicemember to provide a written notice to the creditor, along with a copy of the military orders calling them to military service (or other acceptable proof of service) in order to implement the interest rate limitation. 50 USC § 3937(b)(1). As a result, not every servicemember eligible for the SCRA’s interest rate cap requests or receives it.
Examining a data set of more than 23,000 individuals in the CFPB’s Consumer Credit Panel who were activated as Guard or Reservists between 2007 and 2018, the CFPB researchers performed a statistical analysis on automobile and personal loan data and also reviewed credit card and mortgages loan data during periods of military activation, as verified through the Defense Manpower Data Center (DMDC) database. The CFPB analysis concludes that:
- Between 2007 and 2018, data indicate that fewer than 10 percent of auto loans and 6 percent of personal loans received a reduced interest rate,
- In addition to an estimated $100 million of foregone benefits on auto and personal loans, members of the reserve component also infrequently benefit from interest rate reductions for credit cards and mortgage loans,
- For longer periods of activation, when an interest rate reduction would be most beneficial, the utilization rate continues to be low.
Underutilization of the SCRA interest rate cap has been an issue for years. In 2012, the Honoring America’s Veterans and Caring for Camp Lejeune Families Act included a mandate that the Government Accountability Office (GAO), among other things, assess the partnerships established by the Secretary of Defense to provide servicemembers with financial education and counseling. Pub. L. No. 112-154, § 710(e). The resulting GAO Report examined data from three mortgage servicers and concluded that many eligible borrowers did not take advantage of the benefit. At one servicer, 82 percent of those who could benefit were not receiving interest rate relief under the SCRA. The report concluded that DOD’s SCRA education efforts could be improved.
Perhaps recognizing that low SCRA utilization is generally not the result of compliance failures, the focus subsequent to this GAO Report shifted away from DOD’s education efforts to ways that creditors could increase utilization amongst their servicemember customers. In that regard, the report is just the latest in a long line of efforts by federal agencies to push creditors to go beyond the statutory requirements. In August 2014, the Department of Education (ED) issued a Dear Colleague Letter (GEN-14-16) directed
its federal student loan servicers to check the DMDC database in order to provide similar outreach. In the same month, President Obama announced a voluntary partnership in which several national banks and mortgage servicers committed to proactively identify SCRA eligible servicemembers through quarterly checks of the DMDC database, proactive outreach to customers identified through those searches to notify them that they were eligible for benefits, and a simplified application process in place of the SCRA’s written notice requirement. In 2016, ED required commercial FFEL loan servicers to perform a proactive eligibility check. In November 2016, the GAO issued another report, this time focused on student loans, which found utilization markedly increased as a result of ED’s requirements to conduct proactive checks instead of requiring a written request and military orders. While the increase in SCRA utilization is a laudable goal, none of this is required under the SCRA.
In 2018, the SCRA was amended to allow – but not require – a creditor to check the DMDC database in order to obtain information that a customer is on active duty in lieu of requiring written notice and orders. This allowed (but did not require) servicers of certain loans to proactively apply benefits in situations where, for example, an investor’s servicing guidelines (e.g. on a mortgage loan) require compliance with the law and would not previously allow the rate cap without an actual request as outlined in the statute.
The other recommendation from the report is for creditors to apply the SCRA rate cap to all accounts a customer may have with them when the rate cap is requested on a single account. For example, if a servicemember calls their bank to request the interest rate cap on their mortgage loan, the bank should also apply the rate cap to that customer’s credit card or auto loan if they also have those account relationships. While some creditors have been doing this for years, this recommendation also goes beyond what is actually required by the SCRA, where a request for the interest rate cap is specific to an “obligation or liability” of a servicemember. Beyond the requirement of a request, the same customer may not be eligible for the interest rate cap on all of their products with the same institution. For example, a customer who originates a mortgage loan, is then called to active duty, and then finances a car purchase while on active duty would be entitled to the interest rate cap on their mortgage loan but not their car loan since the interest rate cap only applies to credit originated prior to active duty.
While increased SCRA utilization is a laudable goal, the CFPB report further widens the gap between regulatory rhetoric and actual legal requirements.
The CFPB has filed a motion to dismiss, or in the alternative for summary judgment in, the lawsuit filed by the U.S. Chamber of Commerce in September 2022 challenging the CFPB’s update to the Unfair, Deceptive, or Abusive Acts or Practices (UDAAP) section of its examination manual to include discrimination. The other plaintiffs in the lawsuit, which was filed in a Texas federal district court, are American Bankers Association, Consumer Bankers Association, Independent Bankers Association of Texas, Longview Chamber of Commerce, Texas Association of Business, and Texas Bankers Association. The CFPB’s motion also includes its opposition to the plaintiffs’ motion for summary judgment.
As an initial matter, the CFPB argues that dismissal is warranted because the plaintiffs have not established either their standing to sue or that venue is proper in the Eastern District of Texas. According to the CFPB, the plaintiffs have failed to satisfy the requirement for associational standing that they identify their members who have been injured by the manual update. In addition, because the basis for the plaintiffs’ choice of venue is the Texas location of the Longview Chamber of Commerce and Longview has not identified a particular member with standing, the CFPB argues that the plaintiffs have not met their burden of establishing that Longview resides in the Eastern District and dismissal for improper venue is appropriate.
As an alternative grounds for dismissal, the CFPB argues that the court lacks jurisdiction because the exam manual update is not final agency action and final agency action is a prerequisite to review under the Administrative Procedure Act (APA). Citing U.S. Supreme Court precedent indicating that for agency action to be deemed final, it “must be one by which rights or obligations have been determined, or from which legal consequence flow,” the CFPB asserts that the manual “does not fix regulated parties’ rights or obligations, or carry legal consequences.” According to the CFPB, “while the Manual identifies for examiners the kinds of evidence to collect and what kinds of preliminary factual determinations to make, it does not bind examiners’ assessment of whether any particular conduct should be cited as an unfair practice.”
The CFPB argues that the manual update does not impose any new obligations because it “does not change the legal status of the parties, including by authorizing new topics of examination.” Noting that the Dodd-Frank unfairness prohibition pre-dates the manual, the CFPB asserts that “[t]here has never been an unstated, atextual exception to the prohibition on unfairness for discrimination, just as there is not an unstated exception to unfairness for conduct that happens on Leap Day.” According to the CFPB, the update merely “provide[s] a roadmap of additional preliminary factual assessments for examiners to make…but examiners could have made those preliminary assessments without the updates [because it is Dodd-Frank rather than the manual that provides the source of authority for the examinations.]”
In response to the plaintiffs’ argument that the update is final agency action because it binds examiners to a particular method of investigation, the CFPB attempts to distinguish a requirement for its examiners to follow certain procedures from a requirement that they take certain legal positions. According to the CFPB, the manual “provides direction on the procedures that examiners should follow and preliminary factual assessments they should make…but it does not bind the agency or its personnel to a legal position regarding whether an unfair practice has taken place in any particular situation….”
In response to the plaintiffs’ argument that they are entitled to summary judgment based on the Fifth Circuit panel decision in Community Financial Services Association of America Ltd. v. CFPB that held the CFPB’s funding mechanism violates the Appropriations Clause of the U.S. Constitution, the CFPB argues that the Dodd-Frank provision establishing the Bureau’s funding mechanism satisfies the Appropriations Cause. Nevertheless, the CFPB acknowledges that “CFSA is binding on this Court, and the application of its rationale to this case requires the Court (if it disagrees with the Bureau about Plaintiffs’ standing and this Court’s jurisdiction) to rule for Plaintiffs on their constitutional claim and vacate the [manual update.]” It argues that, as a result, the court does not need to reach the plaintiffs’ non-constitutional claims and a decision on those claims would be an impermissible advisory opinion.
The CFPB argues further that even if the court finds there is no constitutional impediment to reaching the plaintiffs’ non-constitutional claims, it should decline to decide those claims because it would require the court to review actions taken by the Executive Branch (i.e., the update) and to determine the scope of an Act of Congress (i.e., Dodd-Frank). The CFPB suggests that if the court decides that it has jurisdiction, it could also take a “wait-and-see approach” by awarding temporary relief in favor of the plaintiffs on their constitutional claim and staying the remainder of the case pending final resolution of CFSA. Once CFSA is resolved, the court could then determine if permanent relief is appropriate on the plaintiffs’ constitutional claims and whether there is a need to decide the non-constitutional claims.
In addition to the above arguments made by the CFPB for why the update is not a final agency rule requiring notice-and-comment under the APA, the CFPB makes the following arguments for why the manual update did not violate the APA:
- The update does not exceed the CFPB’s UDAAP authority in the Dodd-Frank Act because such authority is broad enough to encompass discrimination. The CFPB argues:
“What Congress did not recognize [when enacting Dodd-Frank] is a discrimination exception to unfairness. Nowhere does the Act say anything to the effect of ‘otherwise unfair conduct is not unfair if it is also discriminatory.’ Congress’s failure to create an exception to unfairness for discrimination comports not only with common sense, but with the broad definition of unfairness that Congress has adopted….The absence of a discrimination exception also comports with public policy, which Congress has concluded is a relevant factor in the identification of unfair conduct. Thus, the Bureau did not exceed the statute, but followed it, by recognizing that discriminatory conduct that satisfies the statutory standard for unfairness can be unfair.” (citations omitted).
- The update is not “arbitrary and capricious” because there is no relevant history of the FTC Act that the Bureau failed to consider. The CFPB asserts:
Plaintiffs identify no historical evidence demonstrating that there is a discrimination exception to unfairness as used in the FTC Act; they simply provide evidence for the general proposition that Congress codified a general definition of unfairness. But even if that codified definition excludes certain conduct that previously had been considered unfair, Plaintiffs provide no support for the distinct proposition that there exists an atextual exception to unfairness for conduct that satisfies the codified definition. (citations omitted, emphasis provided).
The CFPB also asserts that the Supreme Court’s Inclusive Communities decision was not relevant to the update, and the Bureau had no obligation to consider it, because “liability for unfairness under Dodd-Frank is [not] the same thing as disparate-impact liability under an anti-discrimination statute.”
With regard to the injunctive relief sought by the plaintiffs, the CFPB argues that although the plaintiffs would be entitled to a declaration that the CFPB’s funding is unconstitutional and vacatur of the update, they have not established that they are entitled to the injunctive relief they seek. Plaintiffs are seeking an injunction that forbids the CFPB from pursuing any examinations or enforcement actions based on its interpretation of its UDAAP authority in the manual. In addition to arguing that the APA does not contemplate injunctive relief, the CFPB argues that the plaintiffs have not satisfied the legal standard for injunctive relief, including that, if vacatur is granted, the injunctive relief would have a meaningful practical effect independent of vacatur. The CFPB also asserts that the plaintiffs have not adequately explained what their requested injunction would prohibit, such as whether it would mean that “the Bureau cannot bring an enforcement action for an unfair practice without first satisfying itself that the conduct is not also discriminatory.”
Two groups of state attorneys general have filed amicus briefs in the U.S. Supreme Court urging the Court to grant the CFPB’s certiorari petition seeking review of the Fifth Circuit panel decision in Community Financial Services Association of America Ltd. v. CFPB. In that decision, the panel held the CFPB’s funding mechanism violates the Appropriations Clause of the U.S. Constitution and, as the remedy for the violation, vacated the CFPB’s challenged payday lending rule.
One amicus brief was filed by a group of 22 Democratic state AGs. While the AGs argue that the Fifth Circuit erred in holding that the CFPB’s funding violates the Appropriations Clause for the reasons stated by the CFPB in its petition, they urge the court to grant the petition even if it disagrees that the merits of the Appropriations Clause issue are worthy of certiorari. According to the AGs, the Court should grant the petition “at least to review the question of whether the court of appeals erred in vacating a regulation promulgated during a time when the CFPB received allegedly unconstitutional funding.” They assert that the Fifth Circuit’s “sweeping remedy…threatens substantial harm to the States” because “[t]he States and their residents could stand to lose the benefits of the CFPB’s critical enforcement, regulatory, and informational functions if the decision below stands and is interpreted to impair the CFPB’s ongoing operations.” They contend that “the court of appeals’ reasoning could jeopardize many of the CFPB’s actions from across its decade-long existence, to the detriment of both consumers protected by those actions and financial-services providers that rely on them to guide their conduct.”
Among the arguments made by the AGs for why the Fifth Circuit’s remedy is inappropriate is that there is no indication that if the CFPB’s funding had come from the Treasury rather than the Federal Reserve, the CFPB would have altered its behavior as to the payday lending rule. They assert that former Director Kraninger’s ratification and reissuance of the rule “is strong evidence that the CFPB would have issued the same regulation once again, after any constitutional defect was corrected.”
The other amicus brief was filed by a group of 16 Republican state AGs. While they also urge the Supreme Court to grant the CFPB’s petition, they ask the Court to affirm the Fifth Circuit decision. They assert that a prompt answer to the Appropriations Clause issue is needed because “as co-regulators, States are left to wrestle over how to engage with an agency whose constitutionality is a matter of open dispute.” They also contend that if the Supreme Court does not provide an answer soon, “States will have to litigate the same issue in other districts and circuits over and over.” The AGs claim that the appropriations process “makes the federal government more accountable to the states.” They assert that the Fifth Circuit’s decision on the Appropriations Clause issue is correct and that the Fifth Circuit “was right to vacate a rule enacted without constitutional funding.”
The Supreme Court granted the unopposed request of the Community Financial Services Association for a 30-day extension until January 13, 2023, to file its brief in opposition to the CFPB’s certiorari petition. In its extension request, CFSA indicated that it is also planning to file a cross-petition for certiorari to ask the Supreme Court to review the Fifth Circuit’s rejection of its other challenges to the CFPB’s payday loan rule. It stated that it will file its cross-petition on January 13, the same day it files its opposition to the CFPB cert petition. The CFPB has indicated that it will respond to CFSA’s cross-petition on January 25. To facilitate the Court’s ability to consider both petitions at the February 17 conference, CFSA agreed to waive the 14-day waiting period under Rule 15.5 for distributing the cross-petition and the CFPB’s brief in opposition to the Court, which will allow distribution to the Justices on February 1. The CFPB is seeking to have the Supreme Court hear and decide the case this term.
CFPB Issues Updated HELOC Booklet
The CFPB recently published a notice advising of the availability of an updated version of the What You Should Know about Home Equity Lines of Credit booklet. The updated booklet is dated August 2022, and replaces the January 2014 version of the booklet.
The updated booklet is considerably shorter than the prior version of the booklet—11 pages instead of 19 pages. The CFPB took a similar approach when it updated the Consumer Handbook on Adjustable Rate Mortgages (CHARM) booklet and issued the Your home loan toolkit: A step-by-step guide to replace the settlement cost booklet. The updated versions of those disclosures were shorter than the prior versions. Also, as noted by the CFPB, the updated HELOC booklet has the look and feel of the other two disclosures.
The CFPB advised that it “is updating the HELOC booklet so that it aligns with the Bureau’s educational efforts, to be more concise, and to improve readability and usability.” The CFPB notes that new features of the updated booklet include clear instructions on how consumers can use the booklet to explore their options, a comparison table with examples of loans that utilize home equity and other sources of financing a consumer might consider (including closed-end credit), and expanded tables for consumers to compare three estimates of HELOCs.
At the end of the notice, the CFPB states that “[i]n January 2021, [the] CFPB released a statement encouraging financial institutions to make financial products and services available to consumers with limited English proficiency. One of the tenets of that statement is that financial institutions provide consumers with clear disclosures in languages other than English.” The CFPB issued a Spanish language version of the updated booklet, which is available here.
CFPB Addresses Mortgage Financing Options in a Higher Rate Environment
The CFPB recently addressed mortgage financing options in view of the current higher mortgage loan interest rate environment. The CFPB comments on adjustable rate mortgage (ARM) loans, temporary buydowns, home equity lines of credit (HELOCs) and home equity loans, loan assumptions, and alternative financing options. While the CFPB notes the availability and features of the different financing options, it also warns consumers of potential risks.
The CFPB notes that consumers may be “wary of ARMs because of their role in the housing crisis and 2008 recession.” However, the CFPB states that, while ARM loans are not risk-free, “ARMs today look very different than those of the earlier era. Before the 2008 recession, many ARMs had fixed-rate periods of three years or less. Today most ARMs have fixed periods of five, seven, or even 10 years.”
The CFPB also addresses the general qualified mortgage loan requirement under the ability to repay rule that a lender assess the consumer’s ability to repay based on the maximum loan payment that may be required during the five year period from the due date of the first mortgage payment. The CFPB then states that “[a]s a result [of this requirement], today’s ARMs are much less volatile than the ARMs made in the years leading up to the Great Recession, and thus much less likely to lead to payment shock.” The CFPB also advises that “ARMs may provide a good option for certain consumers by offering a lower interest rate as compared to a fixed rate mortgage while providing initial rate stability.”
The CFPB explains a temporary buydown arrangement, noting that the arrangement often provides for a lower payment than would otherwise be required “for the first year or two in exchange for an up-front fee or a higher interest rate later.” For example, in a common 2-1 buydown arrangement, for the first year of a mortgage loan the payment is based on an interest rate that is two percentage points lower than the note rate, and the payment for the second year is based on an interest rate that is one percentage point lower than the note rate. The CFPB advises that “[w]hen considering a temporary buydown, consumers should compare the costs for loans with and without the temporary reduced rate to determine the best product for their needs over time.”
With regard to HELOCs and home equity loans, the CFPB advises that “[n]early a million consumers borrowed against their home equity using home equity loans or lines of credit in Q2 2022. This represents a 37 percent increase from Q2 of the previous year but well below the highs seen in 2005.”
After briefly addressing the features of HELOCs and home equity loans, the CFPB states that “[h]ome equity lending may be a good option for homeowners seeking to leverage the equity they have in their home without having to replace an existing low interest rate mortgage with a higher interest rate cash-out refinance.”
With regard to loan assumptions, the CFPB advises that most single family mortgage loans under the Federal Housing Administration, Department of Veterans Affairs, U.S. Department of Agriculture loan programs are assumable by a consumer buying a home secured by one of the loans. The CFPB explains that because the purchaser takes over the remaining balance on the existing loan, “[t]his would allow a purchaser to take over a fixed rate mortgage with a rate far below the current market, providing large savings on interest and the related payment.”
The CFPB notes that a loan assumption may not always be feasible because of the need of many purchasers to find secondary financing for the remainder of the purchase price not covered by the existing loan balance and down payment. As a result, the CFPB states that “it may be easier for higher-income and higher-wealth borrowers who can make larger cash down payments to take advantage of the assumability of the existing low-interest mortgage.”
Finally, the CFPB addresses alternative financing arrangements, which the CFPB notes include contract-for-deeds or land contracts, rent-to-own arrangements, and equity-sharing arrangements. The CFPB states that “[t]hese unorthodox financing arrangements often have features that can impact consumers’ finances down the road, such as a balloon payment or a requirement to share future proceeds from the sale of the house.” The CFPB also warns that many of these products “lack the protections of traditional mortgages, including the ability to build and access home equity, foreclosure protections, or even basic disclosures that allow for comparison shopping.”
NYDFS Releases Virtual Currency Guidance for Banking Organizations
On December 15, 2022, the New York Department of Financial Services (NYDFS) published an Industry Letter detailing the Department’s guidance regarding banking organizations that wish to engage in virtual currency-related activities. In addition to reminding banks, trust companies, private bankers, savings banks, safe deposit companies, savings and loan associations, credit unions, investment companies, branches, and agencies of foreign banking organizations licensed by the NYDFS (together, “Banking Organizations”) of their preexisting obligation to seek approval from the NYDFS before engaging in new or significantly different virtual currency-related activity in New York or with a New York resident, the guidance describes the process and types of information that the NYDFS considers in connection with its approval process.
While a license is normally required to conduct virtual currency business activity, 23 NYCRR Part 200.3(c)(1) provides an exemption for any “persons that are chartered under the New York Banking Law and are approved by the superintendent to engage in virtual currency business activity.” Pursuant to the new NYDFS guidance, a Banking Organization should inform the NYDFS of its intention to engage in any new or significantly different virtual currency-related activity at least 90 days before the Banking Organization intends to commence the activity.
The guidance notes that “virtual currency-related activity” includes all “virtual currency business activity,” as well as the direct or indirect offering or performance of any other product, service, or activity involving virtual currency that may raise safety and soundness concerns for the Banking Organization or that may expose New York customers or other users of the product or service to risk of harm. 23 NYCRR § 200.2(q) defines “virtual currency business activity” to mean the conduct of any of the following activities involving New York or a New York resident:
- Receiving virtual currency for transmission or transmitting virtual currency, except where the transaction is undertaken for non-financial purposes and does not involve the transfer of more than a nominal amount of virtual currency;
- Storing, holding, or maintaining custody or control of virtual currency on behalf of others;
- Buying and selling virtual currency as a customer business;
- Performing exchange services as a customer business; or
- Controlling, administering, or issuing a virtual currency.
In the Industry Letter, the NYDFS provided the following examples of activities it considers to be virtual currency-related activities:
[O]ffering digital wallet services to customers, whether the services are in fact provided by the Covered Institution or by a third party with which the Covered Institution has contracted; lending activities collateralized by virtual currency assets; activities in which a Covered Institution facilitates its own customers’ participation in virtual currency exchange or trading, including by carrying fiat currency on behalf of customers (e.g., in an omnibus account); services related to stablecoins, including providing stablecoin reserve services for stablecoin issuers; engaging in traditional banking activities involving virtual currency through the use of new technology that exposes the Covered Institution to different types of risk (e.g., underwriting a loan, debt product, or equity offering effected partially or entirely on a public blockchain).
A Banking Organization that has previously received approval to conduct virtual currency-related activity must seek a new approval from the NYDFS to offer a new virtual currency-related activity or make a significant change to an existing activity. For purposes of the guidance, a new or significantly different virtual currency-related activity includes a new virtual currency-related product or service or a proposed change to an existing virtual currency-related product or service that: (1) may raise a legal or regulatory issue about the permissibility of the product, service, or change; (2) may raise safety and soundness or operational concerns; or (3) may cause the product or service to be significantly different from that previously approved.
When a Banking Organization seeks approval from the NYDFS to engage in a new or significantly different virtual currency-related activity, the guidance mandates that sufficient information be provided that would allow the NYDFS to assess the scope of the Banking Organization’s proposal and any impact on the institution’s safety and soundness. Specifically, the following are provided as examples of information that would allow the NYDFS to properly assess a Banking Organization’s proposal:
- Business Plan: A written plan covering the proposed virtual currency-related activity, including any contemplated phases, the business rationale for the activity, the activity’s relationship with the institution’s strategic initiatives and enterprise-wide risk management framework, and alignment with the institution’s legal and compliance framework.
- Risk Management: The enterprise-wide risk-management framework used to identify, measure, monitor, and control all risks arising from, or related to, the proposed virtual currency-related activity, in line with the Banking Organization’s board-approved risk appetite.
- Corporate Governance and Oversight: A description of the corporate governance framework applicable to the proposed activity.
- Consumer Protection: An analysis of whether and to what extent the proposed virtual currency-related activity will have any impact on customers and other users, including where they interact with a third-party service provider engaged by the Banking Organization, rather than with the Banking Organization directly.
- Financials: An explanation of the expected impacts of the proposed activity on the Banking Organization’s capital and liquidity.
- Legal and Regulatory Analysis: An analysis of the permissibility of the proposed activity and key legal risks and mitigants.
To avoid unnecessary duplication, Banking Organizations may cross-reference or incorporate by reference any information response to each topic. The Industry Letter contains a Supplemental Checklist as an appendix, which is intended to assist preparation of a complete written submission. The NYDFS also indicates in the Industry Letter that the information it contains “is not intended to be exhaustive, and the Department may update it from time to time for any reason, including, for example, in response to new information, evolving markets, or additional experience.”
Proposed Rule Continues FDIC Focus on Use and Misuse of FDIC Name and Logo; CFPB Director Chopra Applauds
On December 13, 2022, the FDIC issued a request for comment on a proposal to modernize the regulations governing use of the FDIC’s official signage and advertising of FDIC-insured status by insured depository institutions (IDIs), and to clarify regulations issued earlier in 2022 regarding misrepresentations of deposit insurance coverage. The proposed rule was published in the Federal Register on December 21, 2022, and comments are due no later than February 21, 2023.
The proposed rule is the FDIC’s latest pronouncement on topics the agency has focused on repeatedly in recent months: use and misuse of the FDIC name, logo and official signage, and misrepresentation of insured status. A final rule issued by the FDIC on May 17, 2022, expanded the scope of the previously existing official signage and advertising rules by adding more detail about prohibitions against engaging in false advertising or making misrepresentations about deposit insurance. (Click here to listen to our podcast episode about the final rule.) The CFPB chimed in at that time to support the FDIC rule, asserting that such misrepresentations would violate the CFPA’s prohibition on deceptive conduct. Shortly after issuing that final rule, the FDIC quickly followed with advisory guidance to IDIs, and began pursuing investigations and enforcement actions against a number of fintechs in connection with alleged misrepresentations about insured status, in particular fintechs offering crypto-related products.
The FDIC’s stated policy objectives to be achieved by the rule now being proposed include bringing “the certainty and confidence historically provided by the FDIC sign at traditional IDI branch teller windows to the varied and evolving digital channels through which depositors are increasingly handling their banking needs today.” The agency proposes to accomplish this by means including signage requirements that would apply to all banking channels, would more clearly distinguish between insured deposits and non-deposit products, and would better distinguish IDIs from non-bank fintechs that offer options for accessing banking products and services.
The proposed rule further would amend the FDIC’s recent regulation addressing misrepresentations of deposit insurance coverage: “In particular, the FDIC is concerned that certain business relationships between IDIs and non-banks may be confusing to consumers, and proposes to require clear disclosures that would better inform consumers as to when their funds are protected by FDIC deposit insurance.”
The proposed rule includes a complete rewrite of Subpart A of 12 CFR Part 328, with extensive changes, and material changes to Subpart B. The regulation would continue to require FDIC signage at physical bank premises, with certain changes to the current requirements some of which are intended to add a level of flexibility, such as by permitting use of electronic signs subject to certain limitations. New requirements for banks added by the proposed rule would mandate display of a digital FDIC sign on banks’ digital deposit-taking channels, such as online banking websites and mobile applications, display of FDIC signage on ATM screens, and use of a “non-deposit sign” to clarify when a non-insured product is offered at the same banking location or through the same banking channel as an insured deposit.
The FDIC also is proposing limited changes to its official advertising statement requirements, adding an option for a shortened statement.
The proposed regulations include more detail about what the agency would consider misuse of FDIC-associated terms and images by non-banks: “For example, a non-bank’s use of the ‘Member FDIC’ logo on its website or in its marketing materials would be a misrepresentation unless that logo is next to the name of one or more IDIs.” The proposal also warns against practices that would constitute a material omission prohibited by the regulation, such as failure to disclose that a person is a non-bank when a statement is made regarding deposit insurance, and failure to state that non-deposit products are not insured by the FDIC when a statement is made regarding deposit insurance.
Reflecting the agency’s ongoing concerns about crypto-related products, the proposed rule would explicitly include crypto-assets in the regulation’s definition of “non-deposit product.”
CFPB Director Rohit Chopra, a member of the FDIC Board of Directors, issued a statement in support of the proposed rule, noting that due to significant evolution in the financial sector including online and mobile banking, increased offerings of uninsured financial products, and “convoluted” bank-nonbank partnerships, this update to the regulations is long overdue.
We encourage banks, fintechs, and industry trade groups to carefully review this proposal and take the opportunity to provide thoughtful input to the FDIC, including with regard to the operational burdens and costs (initial and ongoing) that may be imposed by the proposed rule if adopted, and what might be a reasonable date by which compliance would be mandatory.
Privacy, Cybersecurity and Access to Beneficial Ownership Information: FinCEN Issues Notice of Proposed Regulations Under the Corporate Transparency Act
A Deep Dive Into FinCEN’s Latest Proposals Under the CTA
On December 16, the Financial Crimes Enforcement Network (FinCEN) issued a 54-page notice of proposed rulemaking (NPRM) regarding access by authorized recipients to beneficial ownership information (BOI) that will be reported to FinCEN under the Corporate Transparency Act (CTA).
The CTA requires covered entities – including most domestic corporations and foreign entities registered to do business in the U.S. – to report BOI and company applicant information to a database created and run by FinCEN upon the entities’ creation or registration within the U.S. This database will be accessible by U.S. and foreign law enforcement and regulators, and to U.S. financial institutions (FIs) seeking to comply with their own Customer Due Diligence (CDD) compliance obligations, which requires covered FIs to obtain BOI from many entity customers when they open up new accounts.
In regards to this NPRM, FinCEN’s declared goal is to ensure that
(1) only authorized recipients have access to BOI; (2) authorized recipients use that access only for purposes permitted by the CTA; and (3) authorized recipients only redisclose BOI in ways that balance protection of the security and confidentiality of the BOI with furtherance of the CTA’s objective of making BOI available to a range of users for purposes specified in the CTA.
Further, FinCEN has indicated that, “[c]oincident with the protocols described in this NPRM, FinCEN is working to develop a secure, non-public database in which to store BOI, using rigorous information security methods and controls typically used in the Federal government to protect non-classified yet sensitive information systems at the highest security levels.”
The comment period for the NPRM is 60 days. The NPRM proposes an effective date of January 1, 2024, consistent with when the final BOI reporting rule at 31 C.F.R. § 1010.380 becomes effective. The proposed BOI access regulations will be set forth separately at 31 C.F.R. § 1010.955, rather than existing 31 C.F.R. § 1010.950, which governs the disclosure of other Bank Secrecy Act (“BSA”) information.
This NPRM relates to the second of three sets of regulations which FinCEN ultimately will issue under the CTA. As we have blogged (here and here), FinCEN already has issued regulations regarding the BOI reporting obligation itself.
FinCEN still must issue proposed regulations on “reconciling” the new BOI reporting regulations and the existing CDD regulations applicable to covered FIs for obtaining BOI from their own entity customers.
As we discuss, the lengthy NPRM suggests answers to some questions, but it of course also raises other questions. Although domestic and even foreign government agencies will have generally broad access to the BOI database, assuming that they satisfy various requirements, the NPRM’s proposed access for FIs to the BOI database is relatively limited.
Access to the BOI Database
The CTA authorizes FinCEN to disclose BOI to five categories of recipients:
- Federal, State, local and Tribal government agencies;
- Foreign law enforcement agencies, judges, prosecutors, central authorities, and competent authorities;
- FIs using BOI to facilitate compliance with their own CDD requirements and who have received the reporting company’s prior consent;
- Federal functional regulators and other appropriate regulatory agencies acting in a supervisory capacity assessing FIs for compliance with CDD requirements; and
- U.S. Department of Treasury, which has “relatively unique access” to BOI tied to an officer or employee’s official duties requiring BOI inspection or disclosure, including – importantly – for tax administration.
Generally, the CTA expressly restricts access to BOI to only those authorized users at a requesting agency: (1) who are directly engaged in an authorized investigation or activity; (2) whose duties or responsibilities require access to BOI; (3) who have undergone appropriate training or use staff to access the system who have undergone appropriate training; (4) who use appropriate identity verification to obtain access to the information; and (5) who are authorized by agreement with the Secretary to access BOI. The CTA also requires each requesting agency to establish and maintain a secure system to store BOI, establish privacy and data security protocols, certify compliance to FinCEN on an initial and then semi-annual basis, and conduct an annual audit, available to FinCEN on request, as to proper access, use and maintenance of BOI. (To read our blog post on a recent European Union court decision striking down public access to BOI, see here.)
FinCEN will retain sole discretion to decline to provide BOI to any requesting agency or FI that fails to comply with any requirement under the proposed regulations, or if the information is being requested for an “unlawful purpose,” or if “other good cause exists to deny the request.” FinCEN also may suspend or debar requesters. The NPRM reiterates the statutory penalties for violating the CTA, which include up to $500 a day for each civil violation, as well as up to five years in prison for a criminal violation, or up to 10 years in prison for an “aggravated” violation.
Federal, State, Local and Tribal government agencies
The NPRM provides that FinCEN may disclose BOI to agencies engaged in national security, intelligence, or law enforcement if the BOI is for use in furtherance of such activities. These agencies will have broad access to the BOI database and will be able to conduct searches using multiple search fields.
Federal agency access will be “activity-based.” Accordingly, the NPRM proposes that an agency that is not traditionally understood as a “law enforcement” agency, such as a Federal functional regulator, nonetheless may receive BOI because “law enforcement activity” may encompass civil law enforcement by the agency, including civil forfeiture and administrative proceedings. Such agencies would include the Securities and Exchange Commission and other regulatory agencies.
FinCEN also may disclose BOI to State, local and Tribal law enforcement agencies if “a court of competent jurisdiction” has authorized the law enforcement agency to seek the BOI in a criminal or civil investigation. The NPRM does not define what it means for a court to “authorize” such disclosure, and seeks input on whether it should include state or local grand jury subpoenas, which sometimes, depending on the jurisdiction, can be signed by a prosecutor, not a court.
Federal government agencies requesting access to the BOI database will have to submit brief justifications to FinCEN for their searches, and these justifications will be subject to oversight and audit by FinCEN under future guidance that FinCEN will issue. State, local and Tribal and law enforcement agencies will be required to upload the court document authorizing the agency to seek BOI from FinCEN, which will review the authorization for sufficiency before approving. Every domestic agency seeking BOI will need to enter into a memorandum of understanding, or MOU, with FinCEN before being allowed to access the database.
Foreign law enforcement agencies
Foreign requesters will not have direct access to the BOI database. Instead, they will submit their requests for BOI to Federal intermediary agencies, which will need to be identified. If the foreign request is approved, then the Federal agency intermediary will retrieve the BOI from the system and transmit it to the foreign requester. Federal agency intermediaries will need to ensure that they have secure systems for BOI storage and enter into MOUs with FinCEN. However, the NPRM proposes that FinCEN will directly receive, evaluate, and respond to BOI requests from foreign financial intelligence units.
The NPRM provides that a BOI request from a foreign requester would have to derive from a law enforcement investigation or prosecution, or from national security or intelligence activity, authorized under the foreign country’s laws. Foreign requests for BOI will need to be either requests made pursuant to an international treaty, agreement, or convention, or official requests by a law enforcement, judicial, or prosecutorial authority of a trusted foreign country where there is no international treaty, agreement, or convention that governs. The NPRM does not propose imposing any audit requirements on foreign requesters, but invites comments on that proposal.
FIs Using BOI To Comply With the CDD Rule
Access by FIs is more limited. The CTA authorizes FinCEN to disclose a reporting company’s BOI to an FI only to the extent that such disclosure facilitates the FI’s compliance with the CDD Rule, and only if the reporting company first consents. Each BOI request by a FI must be in writing and must certify that the request seeks to facilitate compliance with the CDD Rule, is made with the consent of the customer, and that the FI otherwise has complied with the CTA.
The NPRM interprets the phrase “financial institution subject to customer due diligence requirements under applicable law,” to mean that FIs may request access to the BOI database only when attempting to comply with the CDD rule. Although FinCEN is requesting comment on this proposal, this would mean that FIs may not request BOI access for other efforts to comply with the BSA, such as compliance with the related Customer Identification Program, or CIP, requirements – or, presumably, determining whether to file a Suspicious Activity Report. Likewise, this would mean that the many FIs subject to the BSA but not subject to the CDD Rule – such as money services businesses – never will have access to the BOI database.
Another important limitation on BOI access by FIs is that a FI, when attempting to comply with the CDD rule, may search only the consenting entity customer. Unlike government agencies, FIs cannot do multiple searches, such as searches building off of the results of prior searches. Moreover, FIs cannot do searches tied to individual beneficial owners – only to an entity. So, although an FI may be able to determine that X, Y and Z are the beneficial owners of Company A, a FI will not be able to determine if X is the beneficial owner of Companies A, B and C.
The NPRM contains another proposal that likely will frustrate FIs: BOI information can only be accessed by, or shared with, FI directors, officers, employees, contractors and agents physically within the U.S. This means that the offshore compliance teams maintained by many FIs will be rendered useless for CDD compliance if this proposal is included in the final regulations.
Each FI must develop and implement safeguards reasonably designed to protect the security, confidentiality and integrity of BOI received from FinCEN, consistent with procedures that the FI already has established to satisfy the requirements of section 501 of the Gramm-Leach-Bliley Act (GLBA) in regards to protecting its customers nonpublic personal information. If the FI is not covered by the GLBA, then it must apply safeguards required under applicable Federal or State law and which are at least as protective as procedures that satisfy section 501 of the GLBA.
The NPRM does not address several other important questions involving FIs, such as: is a FI obligated to access the BOI database for purposes of CDD Rule compliance, or may it choose to do so? If the FI may choose, are there any rules regarding how that choice should be made? Further, what should an FI do if there is a discrepancy between the BOI it received from an entity customer under the CDD Rule and the BOI it receives from FinCEN under the CTA? As noted, FinCEN will issuing a third set of proposed regulations under the CTA regarding reconciling the CTA regulations and the existing CDD Rule, which presumably will involve expanding the obligations of the CDD Rule. Regardless, FinCEN may address these questions at that time.
Finally, there may be some contradictions between state law disclosure requirements for FIs in regards to individuals whose BOI has been submitted under the CDD Rule, and the prohibitions in the CTA and the NPRM regarding disclosure of BOI. This is a complex issue turning on the particulars of state law and potential exemptions, so we merely note the potential issue here.
Federal functional regulators supervising FIs for CDD Rule compliance
Federal functional regulators generally will have limited access to the database if requesting BOI for the purpose of ascertaining CDD compliance by a supervised FI. The NPRM identifies these regulators as the Securities and Exchange Commission, the Office of the Comptroller of the Currency, the Federal Deposit Insurance Corporation, the Federal Reserve System, the National Credit Union Administration, and the Commodities Futures Trading Commission.
The NPRM states that FinCEN is still developing this access model and accompanying functionality, but expects federal functional regulators to be able to retrieve any BOI that the FIs they supervise received from FinCEN during a particular period, but not BOI that might reflect subsequent updates. Thus, regulators would receive the same BOI that FIs received for purposes of their CDD reviews. FinCEN expects that Federal functional regulators responsible for bringing civil enforcement actions also will be able to obtain BOI under the “activity-based” access permitted for “law enforcement,” described above. Finally, the NPRM proposes that financial self-regulatory organizations that are registered with or designated by a federal functional regulator pursuant to Federal statute – such as the Financial Industry Regulatory Authority, or FINRA – may obtain BOI not directly from FinCEN, but instead from the FIs they supervise. The NPRM states that, “[w]ithout this level of access, these organizations would not be able to effectively evaluate an FI’s CDD compliance.” The NPRM refers to such organizations as SROs, and provides that they also may receive BOI from a Federal functional regulator for examination of CDD compliance by a supervised FI.
U.S. Department of Treasury
The NPRM states that “FinCEN envisions Treasury components using BOI for appropriate purposes, such as tax administration, enforcement actions, intelligence and analytical purposes, use in sanctions designation investigations, and identifying property blocked pursuant to sanctions, as well as for administration of the BOI framework, such as for audits, enforcement, and oversight.” Further, “FinCEN will work with other Treasury components to establish internal policies and procedures governing Treasury officer and employee access to BOI.”
The NPRM invites comments on the proposed scope of the term “tax administration.” This likely will be an important and controversial question, given the potential scope of IRS activity.
Verification of BOI
Verification of BOI is an important and thorny issue. FinCEN states that it “continues to evaluate options for verifying reported BOI. ‘Verification,’ as that term is used here, means confirming that the reported BOI submitted to FinCEN is actually associated with a particular individual.” This means that FinCEN is focusing on weeding out mismatches – intentional or unintentional – and fabricated persons. What FinCEN is not focusing on is ensuring that a listed, real person is actually a beneficial owner of the reporting entity (or, conversely, identifying true beneficial owners who have not been reported). Such a level of verification presumably would be incredibly resource-intensive and likely impossible on a broad scale.
This level of verification is equivalent to the verification obligations of FIs obtaining BOI from entity customers under the CDD rule: FIs do not have to verify that a listed person is in fact a beneficial owner of the entity, and instead may rely on the customer’s reporting form listing beneficial owners in the absence of any red flags to the contrary.
The fact that FinCEN will not undertake to verify BO status confirms that one of the primary functions of the CTA and the BOI database – and probably the primary function – is to serve as a source of information for downstream law enforcement and regulatory inquiries. That is, the database will not serve as a source of leads to initiate investigations, but instead will provide information once an investigation or inquiry into specific persons and entities already has begun.
FinCEN Identifiers for Entities
A FinCEN identifier is a unique identifying number that FinCEN will issue to individuals who have provided FinCEN with their BOI and to reporting companies that have filed initial BOI reports. The NPRM observes that the use of an intermediate company’s FinCEN identifier can create issues if a reporting company’s ownership structure involves multiple beneficial owners and/or intermediate entities. Thus, the NPRM proposes to permit a reporting company to use an intermediate entity’s FinCEN identifier only if the two entities have the same beneficial owners.
Specific Requests for Comment
The NPRM sets forth 30 specific requests for comment, under the six subheadings of (i) Understanding the Rule; (ii) Disclosure of Information; (iii) Use of Information; (iv) Security and Confidentiality Requirements; (v) Outreach; and (vi) FinCEN Identifiers.
Of particular interest, and consistent with the above discussion, the NPRM requests comments regarding the following issues:
- [C]omments discussing how State, local, and Tribal law enforcement agencies are authorized by courts to seek information in criminal and civil investigations . . . [and] whether there are any evidence-gathering mechanisms through which State, local, or Tribal law enforcement agencies should be able to request BOI from FinCEN, but that do not require any kind of court?
- Is requiring a foreign central authority or foreign competent authority to be identified as such in an applicable international treaty, agreement, or convention overly restrictive? If so, what is a more appropriate means of identification?
- Should FinCEN expressly define “customer due diligence requirements under applicable law” as a larger category of requirements that includes more than identifying and verifying beneficial owners of legal entity customers? . . . . It appears to FinCEN that the consequences of a broader definition of this phrase would include making BOI available to more FIs for a wider range of specific compliance purposes, possibly making BOI available to more regulatory agencies for a wider range of specific examination and oversight purposes, and putting greater pressure on the demand for the security and confidentiality of BOI.
- Could a State regulatory agency qualify as a “State, local, or Tribal law enforcement agency” under the definition in proposed 31 CFR 1010.955(b)(2)(ii)? If so, please describe the investigation or enforcement activities involving potential civil or criminal violations of law that such agencies may undertake that would require access to BOI.
- Because security protocol details may vary based on each agency’s particular circumstances and capabilities, FinCEN believes individual MOUs are preferable to a one-size-fits all approach of specifying particular requirements by regulation. FinCEN invites comment on this MOU-based approach, and on whether additional requirements should be incorporated into the regulations or into FinCEN’s MOUs.
- Are the procedures FIs use to protect non-public customer personal information in compliance with section 501 of Gramm-Leach-Bliley sufficient for the purpose of securing BOI disclosed by FinCEN under the CTA? If not, is there another set of security standards FinCEN should require FIs to apply to BOI?
Impact of the NPRM and Number of Entities with Access to the Database
The NPRM contains over 27 pages, under the heading of “Regulatory Analysis,” devoted to FinCEN’s analysis of the anticipated impact of the NPRM in regards to costs and benefits. This section contains a lot of numbers, purported cost/benefit discussions, and among other things, estimates of hours (of potentially dubious accuracy) that FIs will need to spend to establish the institutional safeguards, customer consents, written certificates and training necessary to comply with the regulations in order to access the BOI database as part of the FIs’ CDD rule compliance. This section is beyond the scope of this blog post. Instead, we simply will set forth two tables contained in the NPRM, which provide some clear and interesting statistics regarding the estimated number of private and public entities which will be accessing the database.
Here is Table 1, entitled “Affected Financial Institutions.” Recall that this table only pertains to FIs covered by the CDD rule, rather than all FIs subject to the BSA. The column entitled “Small Count” refers to FinCEN’s determination that most FIs are “small” entities, defined as having total annual receipts less than the Small Business Association (SBA) small entity size standard for the FI’s particular industry. For example, the SBA currently defines a commercial bank, savings institution or credit union as “small” if it has less than $750 million in total assets.
Here is Table 2, entitled “Affected Entities,” which includes government entities:
These tables underscore the paramount need for FinCEN to maintain very strong cybersecurity protections for the BOI database, which surely will be the target of would-be data breaches by bad actors (some of whom may perceive themselves as whistleblowers and white knights seeking information for global publication). There will be many points of access – i.e., points of potential vulnerability – for the database. As we previously blogged, the database will contain an enormous amount of information: FinCEN estimates that over 32 million initial BOI reports will be filed in the first year of the final regulations taking effect, and that approximately 5 million initial BOI reports and over 14 million updated reports will be filed every year thereafter.
These tables also underscore the daunting logistical hurdles facing FinCEN, a small agency, in the establishment and maintenance of the BOI database. As context, FinCEN notes in the NPRM that it currently fields approximately 13,000 inquiries a year through its Regulatory Support Section. But if only 10 percent of reporting companies have questions for FinCEN in the first year of the reporting requirement, FinCEN will face over three million inquiries.
Money Laundering Watch: 2022 Year in Review
Farewell to 2022, and welcome 2023. As we do every year, let’s look back.
We highlight 12 of our most-read blog posts from 2022, which address many of the key issues we’ve examined during the past year: the Corporate Transparency Act (CTA) and beneficial ownership reporting; sanctions — particularly sanctions involving Russia; cryptocurrency and digital assets; BSA/AML compliance and its tension with de-risking; and implementation of the AML Act:
- FinCEN Issues Final Rule on Beneficial Ownership Reporting Requirements
- FinCEN Final Rule for Beneficial Ownership Reporting: The “Substantial Control” Prong
- Privacy, Cybersecurity and Access to Beneficial Ownership Information: FinCEN Issues Notice of Proposed Regulations Under the Corporate Transparency Act
- Russian Agent’s Beverly Hills Condominiums Subject to Forfeiture Based on Alleged Violations of Bank Fraud, Money Laundering, and U.S. Sanctions Statutes
- Russian Sanctions Redux: FinCEN Issues Guidance on Suspicious Transactions and Evasion Using High-Value Assets
- OFAC and FinCEN Settle with Bittrex in Parallel Virtual Currency Enforcements
- OFAC Sanctions Virtual Currency “Mixer” Tornado Cash and Faces Crypto Backlash
- NYDFS Releases Virtual Currency Guidance for Banking Organizations
- U.S. Treasury Releases 2022 Strategy for Combatting Terrorist and Other Illicit Financing
- A Paradox: “De-Risking” Can Increase AML/CFT Risks By Driving People into the “Shadow Banking System”
- FinCEN and Federal Functional Regulators Issue Coded Warnings Against De-Risking
- Implementation of the AMLA and the CTA by Financial Institutions: A Podcast
We now move on to 2023. This year also will be an important and interesting year for BSA/AML and money laundering issues: criminal and civil enforcement cases continue to unfold across industries, crypto is undergoing intense scrutiny, and FinCEN must issue final regulations under the CTA and AML Act — and, possibly, as to the real estate industry. We look forward to keeping you informed throughout 2023 on these and other developments.
We also want to thank our many readers around the world who continue to makethis blog such a success. The feedback we receive from financial industry professionals, compliance officers, in-house and external lawyers, BSA/AML consultants, government personnel, journalists, and others interested in this field is invaluable, and we hope you will continue to share your perspectives with us. We pride ourselves on providing in-depth discussions of the important developments in this ever-evolving area.
Peter D. Hardy, Beth Moskow-Schnoll, Terence M. Grugan, Michael Robotti, Lisa Lanham, Philip N. Yannella, Siana Danch, Sarah B. Dannecker, Andrew N. D'Aversa, John Georgievski, Nikki A. Hatza, Brian N. Kearney, Kelly A. Lenahan-Pfahlert, Alexa L. Levy, James Mangiaracina, Shauna Pierson & Kaley Schafer
Arizona AG Issues Opinion Concluding That No-Interest, Non-Recourse Earned Wage Access Products Are Not ‘Consumer Lender Loans’ Requiring a ‘Consumer Lender” License
Mark Brnovich, the Arizona Attorney General, recently issued an opinion regarding whether earned wage access (EWA) products are “consumer lender loans” under the state’s Consumer Lenders Act (CLA) such that a person who makes, procures, or advertises an EWA product must be licensed as a “consumer lender.” The AG concluded that an EWA product offered as a no-interest and non-recourse product is not a “consumer lender loan” under the CLA.
The AG stated that an EWA product is a payment of wages already earned by the employee and, for purposes of the opinion, is “non-recourse” if the EWA provider retains no legal or contractual right to repayment against the consumer, does not engage in debt collection activities with regard to any unpaid balance, does not sell any unpaid balance to a third party, and does not report nonpayment to a consumer reporting agency. Applying the Black’s Law Dictionary definition of “loan,” the AG concluded that a non-recourse EWA product is not a “loan” because it is neither for the employee’s “temporary use” nor is there a “condition that it shall be returned, or its equivalent in kind.” Instead, an EWA product permanently provides an employee with already-earned funds which the employee therefore does not need to return to the EWA provider.
The AG described the “primary function” of an EWA product as a means “to accelerate the payment of funds that have already been earned as if the employer had shortened the pay period.” The AG also noted that while the EWA provider, if it is working directly with the employer, has the right to directly receive a portion of a consumer’s paycheck or, where the employer is not directly involved, to debit the consumer’s bank account on or after the date on which the next payments is to be deposited, the EWA provider has no legal or contractual right to repayment against the consumer. The AG concluded that a “non-recourse” EWA product does not qualify as a loan under the CLA and an EWA provider is therefore not required to obtain a license from the state’s Department of Insurance and Financial Services.
An alternative reason given by the AG for why a non-recourse, no-interest EWA product is not a loan is that it there is no “finance charge” imposed within the meaning of the CLA because the obligation to repay principal does not fall within the CLA definition of “finance charge.” Moreover, even if an EWA provider charges a fee to consumers, the fee would not be “finance charge” as long as it falls within the fees that the CLA excepts from the finance charge. By way of example, the AG noted that excepted fees include a loan origination fee of not more than five percent of a closed-end consumer loan and not more than $150.
The AG also indicated that an EWA provider can receive revenues through services ancillary to providing an EWA product without converting the product into a “loan” under the CLA so long as the EWA provider does not condition providing an EWA product on receipt of any ancillary revenue or impose a fee falling within the CLA’s “finance charge” definition. Examples of permitted ancillary fees given by the AG are a voluntary gratuity requested by the provider, a fee for an expedited transfer of an EWA payment, or interchange revenue earned by the provider from money spent by the consumer using a payment card.
In November 2020, the CFPB issued an advisory opinion (AO) on EWA programs. The AO addressed whether an EWA program with the characteristics set forth in the AO was covered by Regulation Z. Such characteristics included the absence of any requirement by the provider for an employee to pay any charges or fees in connection with the transactions associated with the EWA program and no assessment by the provider of the credit risk of individual employees. The AO set forth the Bureau’s legal analysis on which it based its conclusion that the EWA program did not involve the offering or extension of “credit” within the scope of Regulation Z. In the AO, the CFPB observed that there may be EWA programs with nominal processing fees that nonetheless do not involve the offering or extension of “credit” under Regulation Z and advised that providers of such programs can request clarification about a specific fee structure.
In January 2022, then CFPB Acting General Counsel (and now General Counsel) Seth Frotman indicated that due to “repeated reports of confusion” caused by the AO, he planned to recommend to Director Chopra “that the CFPB consider how to provide greater clarity on these types of issues.” While acknowledging that the AO had left open the possibility that an EWA product with nominal processing fees might not be “credit” under Regulation Z, Mr. Frotman suggested that possibility was remote. More specifically, he noted that the CFPB had expressly limited the AO’s application to EWA programs meeting all of the characteristics set forth in the AO and stated that “products that include the payment of any fee, voluntary or not, are excluded from the scope of the advisory opinion and may well be TILA credit.” Mr. Frotman also noted that the AO does not speak to whether EWA products would be “credit” under federal laws other than the TILA, such as the CFPA or the ECOA, or under state law. Mr. Frotman’s comments were made in a letter responding to a letter sent to him by consumer advocacy groups regarding proposed New Jersey legislation on EWA products.
We recently released a podcast episode, “A Close Look At Earned Wage Access Products,” for which our special guest was Molly Jones, PayActiv’s Vice President for Government Affairs. PayActiv is a prominent EWA provider. To listen to the episode, click here.
Washington Department of Financial Institutions Issues Regulations On Work From Home Effective December 31, 2022
The Washington Department of Financial Institutions has adopted regulations effective December 31, 2022 to implement amendments to the Consumer Loan Act permitting licensed companies to allow licensed mortgage loan originators to work from their residence without licensing the residence as a branch.
Among various amendments and clarifications to the regulations is new WAC § 208-620-660, which provides:
What is required for a Washington licensed loan originator to work from their residence without licensing the residence as a branch?
A licensed company may permit a sponsored and licensed loan originator to work from the loan originator’s residence without licensing it as a branch location under RCW 31.04.075 and subject to the following conditions:
- The company must have written policies and procedures that include appropriate risk-based monitoring and oversight processes for the supervision of loan originators working from their residence without licensing it as a branch location. The loan originator must comply with the licensee’s policies and procedures.
- Access to the company platforms and customer information must be in accordance with the licensee’s comprehensive written information security plan, as required by WAC 208-620-571, which must include safeguards that protect borrower information.
- Communications that contain a customer’s protected personal information must be in compliance with federal and state information security requirements, including the applicable provisions under the Gramm-Leach-Bliley Act and the Safeguards Rule. See WAC 208-620-571 and 208-620-572 for more information.
- The loan originator’s residence may not be held out in any manner, directly or indirectly, as a licensed main or branch location unless it is licensed as a main or branch location. The following is not allowed at the loan originator’s residence unless it is licensed as a main or branch location:
(a) Conducting in-person customer interactions;
(b) Storing physical records containing customer information;
(c) Receiving physical records containing customer information; and
(d) Advertising the location as a licensed main or branch office.
- The NMLS record of the loan originator must designate the licensed main office headquarters or a licensed branch office as their registered location.
- The loan originator must use their registered location from NMLS in the “loan originator information” section on residential mortgage loan applications.
The amended regulations also make clear that a licensed loan originator may originate loans from any licensed location or their residence, whether located in Washington or not, so long as the sponsoring company is licensed to do business in Washington. See WAC § 208-620-700 (11) (effective 12/31/2022).
The full text of the amended regulation is available here.
Subscribe to Ballard Spahr Mailing Lists
Copyright © 2023 by Ballard Spahr LLP.
(No claim to original U.S. government material.)
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, including electronic, mechanical, photocopying, recording, or otherwise, without prior written permission of the author and publisher.
This alert is a periodic publication of Ballard Spahr LLP and is intended to notify recipients of new developments in the law. It should not be construed as legal advice or legal opinion on any specific facts or circumstances. The contents are intended for general informational purposes only, and you are urged to consult your own attorney concerning your situation and specific legal questions you have.