BCLP Banking Blog

Bank Bryan Cave

Bank Regulations

Main Content

CSBS Streamlines Exam Process for Payments Firms

On September 15, 2020, the Conference of State Bank Supervisors (“CSBS”) announced the launch of a new program intended to streamline the exam process required by state regulatory agencies for the nation’s payments firms and money transmitters.  Known as the MSB Networked Supervision, the state-initiated program seeks to make the examination process more predictable and consistent for the nation’s largest payments and cryptocurrency companies—whose transactions total more than $1 trillion each year.  The initiative was an outcome of the CSBS Fintech Industry Advisory Panel, which fielded suggestions from those in the industry who collectively called for multistate examination coordination of the nation’s payment firms and money transmitters.    

By making the exam protocol consistent among the more than forty member states, regulators will be able to better understand the risks associated in each company’s payments model and address compliance issues as they arise.  Increased state cooperation will decrease the likelihood of perpetual compliance pitfalls, as all regulators will be kept apprised of a payment firm’s regulatory status.  The single exam will be led by one state that will oversee a group of examiners sourced from regulatory bodies across the country. 

Read More

FinCEN Clarifies Customer Due Diligence Requirements

The Financial Crimes Enforcement Network (FinCEN) of the U.S. Treasury Department recently issued clarifications of requirements for Customer Due Diligence (CDD) under the Customer Due Diligence Requirements for Financial Institutions (CDD Rule) and related Bank Secrecy Act regulations. The guidance, FIN-2020-G002, was issued August 3, 2020 and includes three Frequently Asked Questions. These new FAQs supplement prior comprehensive FAQs issued in advance of the May 2018 CDD Rule compliance effective date. April 2018 and July 2016 FAQs answered 37 and 26 questions respectively (See FIN-2018-G001 and FIN-2016-G003).

The CDD Rule requires that, among other things, covered institutions identify information about customers to assess potential financial crime risks, including identifying the beneficial owners (natural persons) of legal entity customers who own, control or profit from companies’ accounts. Both 25% entity owners and entity controlling persons must be identified, subject to certain limited exceptions. In addition to requiring effective written policies and procedures to identify and verify customers and beneficial owners, the CDD Rule requires covered institutions to develop customer risk profiles and to monitor and report on suspicious transactions.  Earlier this year in April 2020, the FFIEC released updates to a number of sections of the Bank Secrecy Act / Anti-Money Laundering (BSA/AML) Examination Manual clarifying mandatory requirements or supervisory expectations, including highlighting customer risk profile development and testing relating to potential customer money laundering, terrorist financing and other illicit financial activities. (SR 2011).

Read More

CFPB Requests Information on Fair Lending Practices

On July 28, 2020, the Consumer Financial Protection Bureau (“CFPB” or “Bureau”) issued a request for information (“RFI”) seeking public and industry input related to the Equal Credit Opportunity Act (“ECOA”) and Regulation B.  The CFPB submitted this RFI in an effort to create a regulatory regime that expands consumer access to credit while ensuring that consumers remain protected from credit transaction discrimination.  The RFI signals a renewed regulatory focus on fair lending in the wake of the broader societal focus on racial equality in the U.S. 

The Bureau presented 10 questions in its RFI related to: disparate impact; Limited English Proficiency products, special purpose credit programs; affirmative advertising to disadvantaged groups; small business lending; sexual orientation and gender identity discrimination; scope of federal preemption of state law; public assistance income; the use of artificial intelligence and machine learning; and ECOA adverse action notices.  We have chosen to highlight a select few below. 

The CFPB’s first question asked whether the Bureau should “provide any additional clarity regarding its approach to disparate impact analysis under ECOA and Regulation B.”  The Supreme Court’s decision in Texas Dept. of Housing and Comm. Affairs v. Inclusive Comm. Project, Inc., 135 S. Ct. 2507 (2015), in which the Court affirmed the cognizability of disparate impact theory under the Fair Housing Act (“FHA”), did not address ECOA.  Likewise, the contours of the Court’s limits on the disparate impact claims left open questions for industry and regulators alike.  Guidance on whether disparate impact theory is cognizable under ECOA and if so what limits might apply would have significant impacts on creditors’ fair lending obligations going forward.        

Read More

New York, California and Illinois Sue OCC to Block “Valid When Made” Rule

Just two months ago, the Office of Comptroller of the Currency (“OCC”) addressed the “valid when made” doctrine and held that interest rates established on bank-originated loans remain valid even after the loan is transferred to a non-bank partner.  On July 29, the attorneys general of New York, California, and Illinois sued the OCC alleging federal overreach that undermines state-preemption regarding usury rate caps.  Specifically, the AGs allege the OCC’s rule is “arbitrary and capricious” in violation of the Administrative Procedures Act.  In the complaint, the AGs allege “[t]he rule is beyond the OCC’s power to issue, is contrary to statute and would facilitate predatory lending through sham ‘rent-a-bank’ partnerships designed to evade state law.”

Those tuned into the debate surrounding the “valid when made” rule saw this court battle coming.  The OCC has recently worked to clarify disputed rules regarding privileges afforded to banks under the National Bank Act.  Under the National Bank Act, national banks that are under the supervision of the OCC are permitted to charge interest on loans at the maximum rate permitted by their home state—even in instances where that interest rate would violate state usury laws.  While federal law carves out this exception for federally regulated banks, it does not extend the same exemption to non-banks.  Accordingly, the attorneys general have asked the Northern District of California to declare the rule invalid and hold that the OCC exceeded the authority granted to it by the National Bank Act and the Dodd-Frank Act. 

Read More

Crypto Goes Mainstream: OCC Says Banks Can Provide Crypto Custody Services

On Wednesday, July 22, 2020, Acting Comptroller of the Currency Brian Brooks reaffirmed his interest in being seen as an agent of modernization in a letter clarifying the authority of national banks and federal savings associations to provide cryptocurrency services for customers.

The letter from the Office of the Comptroller of the Currency (“OCC”) discusses the increasing acceptance of cryptocurrency, and especially Bitcoin, as a method of payment and form of investment. It acknowledges a correlating growing demand for “safe places, such as banks, to hold unique cryptographic keys associated with cryptocurrencies on behalf of customers and to provide related custody services.” Three reasons – a safe way to hold cryptocurrency keys; a secure storage service; and custodian services for assets managed by investment advisors – are cited in the letter as driving the demand for cryptocurrency custody services.

The safekeeping services are described as a modernization of special deposit and safe deposit boxes, falling within “longstanding authorities to engage in safekeeping and custody activities.” Thus, “the authority to provide safekeeping services extends to digital activities and, specifically, that national banks may escrow encryption keys used in connection with digital certificates because a key escrow service is a functional equivalent to physical safekeeping.”

Read More

OCC Proposes True Lender Rule

On July 20, 2020, the Office of the Comptroller of the Currency (“OCC”) issued a notice of proposed rulemaking that would determine the “true lender” of a national bank or federal savings association loan in the context of a partnership between a bank and a third party.  The proposed rule states that a bank is a true lender of a loan “if, as of the date of origination, it is named as the lender in the loan agreement or funds the loan” and would apply to all national banks and federal savings associations.  Most recently, the OCC addressed the related “valid when made” doctrine and held that interest rates established on bank-originated loans remain valid even after the loan is transferred to a non-bank partner.  This final rule, however, did not address the true lender question, and this week’s proposed rule does just that.     

The OCC proposed this rule in response to the “increasing uncertainty” surrounding the legal principles that apply to the loans made in the course of bank and third party relationships.  Courts are not unified in their analysis and have looked to both “the form of the transaction” and a battery of fact-intensive tests to determine the true lender of a loan.  While federal rulemaking addresses many relationships between banks and third parties such as making payments and taking deposits, there is not much guidance on these relationships as it relates to lending.  See e.g., 12 CFR 5.20(e).  Per the OCC’s proposed rule, this uncertainty “may discourage banks and third parties from entering into relationships, limit competition, and chill the innovation that results from these partnerships.”  Taken together, these unintended consequences would restrict consumer access to affordable and available credit. 

Read More

OCC Continues Digital Banking Modernization

The Office of the Comptroller of the Currency’s (“OCC”) attention to modernizing regulation to better accommodate innovative products and industries is continuing full steam ahead since our recent post about a potential payments charter. In the weeks since we posted that article, Brian Brooks has become the acting Comptroller of the Currency, so it should come as no surprise that his goals are garnering some attention.

On Thursday, June 6, the OCC issued a notice of proposed rulemaking seeking public comment to update its rules for national bank and federal savings association activities and operations and an advance notice of proposed rulemaking seeking comment on rules on national banks’ and federal savings associations’ (banks) digital activities. These releases confirm that the agency is “reviewing its regulations on bank digital activities to ensure that its regulations continue to evolve with developments in the industry.”

As part of a substantial modification of the regulatory system, the OCC seeks comment on additional flexibility for banks with respect to permissible derivatives activities, tax equity finance transactions, corporate governance, anti-takeover provisions, capital stock issuances and repurchases, and participation in financial literacy programs.

In addition, the OCC seeks comment on a significant number of banking issues related to digital technology and innovation. The OCC asks whether current legal standards are sufficient flexible, whether they create undue hurdles, and whether there are other areas they should cover. Their requests for comments also touch on current questions, namely whether the pandemic has brought any concerns to light and what issues are unique to smaller institutions – which performed well with the rollout of the SBA’s Paycheck Protection Program, but may encounter hard times to come.

Read More

OCC Releases Final Rule on Permissible Interest Rates, Addressing Madden Debate

On June 1, 2020, the Office of the Comptroller of the Currency (“OCC”) released a final rule on permissible interest on loans that are sold, assigned, or transferred, and effectively reversed the Second Circuit’s 2015 decision in Madden v. Midland Funding, LLC, 786 F.3d 246 (2d Cir. 2015).[1]  In our post on the OCC’s advanced notice of proposed rulemaking (“ANPR”) from November 2019, we discussed how this holding contradicted the “valid when made” doctrine, whereby an obligation is considered valid under the law that applied at the time of origination.  Effectively, a loan’s interest rate was no longer valid when resold to an entity in a state with a lower interest rate cap than where the loan was originally issued.  This week’s final published rule is the first step in addressing the tension between the Second Circuit and the federal powers granted to national banks and federal thrifts.      

An example of the Madden glitch...
An example of a Madden glitch, and visual representation as to why a fix was needed.

Adopted in the form in which it was initially proposed, the OCC’s final rule provides that “[i]nterest on a loan that is permissible under sections 85 and 1463(g)(1), [national banks and federal thrifts] respectively, shall not be affected by the sale, assignment, or other transfer of the loan.”  Published in yesterday’s Federal Register and effective sixty days from now, the final rule reverses the Madden rule and reaffirms the “valid when made” doctrine.  Whereas the Madden decision held that subjecting credit assignees to state usury laws did not significantly interfere with the execution of a national bank’s powers, the OCC disagreed and viewed the decision as an affront to the inherent powers afforded to national banks.[2]  Credit lenders and others in the industry view the OCC final rule as an important and welcomed step in easing the uncertainty created by the Madden rule, citing the rule’s limiting of access to credit markets and propensity for instigating litigation. 

Read More

Coming Up: A National Non-Depository Payments Charter?

Brian Brooks, Chief Operating Officer of the Office of the Comptroller of the Currency (“OCC”) said on Monday that he believes the OCC should investigate the viability and utility of a non-depository payments charter: “One of the things I think we have to ask ourselves as an agency is, if it makes sense to have a non-depository lending charter, which was the original fintech concept, would it also make sense to have a non-depository payments charter?”

In his talk, given as part of the Consensus: Distributed virtual conference, Brooks focused on cross-border concerns that are particularly salient to crypto companies. He notes that we may have come to a point where the traditional state-federal divisions of licensing and oversight authority are less relevant, particularly in the crypto space. Brooks says there is an argument that “crypto looks a lot like banking for the twenty-first century,” in which case a single national license may provide modern update to the current patchwork of laws, which is burdensome and time-consuming for both payments companies and state regulators.

Brooks said “one of [his] missions at the OCC . . . is to investigate the extent to which over time it makes sense to think of crypto companies like banks and to think of charter types that might be appropriate for crypto companies.” While Brooks’ comments focused on crypto in mentioning a payments charter, he noted Stripe and PayPal as non-blockchain payments companies, which would presumably also be covered by such a payments charter.

Read More

Survey of Banks’ Privacy Practices

To help identify trends in privacy representations, Bryan Cave Leighton Paisner LLP reviewed the websites and privacy notices of Fortune 500 companies identified as primarily engaged in the banking and financial service sectors.

The following summarizes current industry trends: 

  • The vast majority of companies updated their privacy notices to account for the California Consumer Privacy Act (CCPA).
  • Financial institutions are complying with some, but not all, of the enumerated category disclosures required by the CCPA.
  • While only one financial institution stated that they sold personal information, one in five financial institutions failed to clearly articulate whether they did, or did not, sell data.
  • The vast majority of bank and financial institution websites do not include a “Do Not Sell” option.
  • The single financial institution that disclosed that it sold information did comply with the CCPA’s requirement to provide a “Do Not Sell” option.
  • Most banks and financial service companies offered access and deletion rights.
  • The average quantity of behavioral advertising cookies on a bank / financial service company homepage is 10.6.
  • Only one in twelve banks and financial institutions are deploying a cookie notice that seeks opt-in consent.
  • Increased use of adtech cookies negatively correlates to the deployment of an opt-in cookie notice.
Read More
The attorneys of Bryan Cave Leighton Paisner make this site available to you only for the educational purposes of imparting general information and a general understanding of the law. This site does not offer specific legal advice. Your use of this site does not create an attorney-client relationship between you and Bryan Cave LLP or any of its attorneys. Do not use this site as a substitute for specific legal advice from a licensed attorney. Much of the information on this site is based upon preliminary discussions in the absence of definitive advice or policy statements and therefore may change as soon as more definitive advice is available. Please review our full disclaimer.