SIPPS Archives - Page 13 of 21

CFPB Summary re: Credit Card Penalty Fees Proposal

12 CFR Part 1026

The Consumer Financial Protection Bureau (CFPB) issues this proposal to amend Regulation Z, which implements the Truth in Lending Act (TILA) to better ensure that the late fees charged on credit card accounts are “reasonable and proportional” to the late payment as required under TILA. The proposal would adjust the safe harbor dollar amount for late fees to $8 and eliminate a higher safe harbor dollar amount for late fees for subsequent violations of the same type; provide that the current provision that provides for annual inflation adjustments for the safe harbor dollar amounts would not apply to the late fee safe harbor amount; and provide that late fee amounts must not exceed 25 percent of the required payments.

Comments must be received by May 3, 2023. The proposal can be found here.

Summary:

The Bureau is proposing to amend provisions in Section 1026.52(b) and its accompanying commentary as they relate to credit card late fees. Currently, under this section, a card issuer must not impose a fee for violating the terms or other requirements of a credit card account under an open-end consumer credit plan, such as a late payment, exceeding the credit limit or returned payments, unless the issuer has determined that the dollar amount of the fee represents a reasonable proportion of the total costs incurred by the issuer for that type of violation as set forth in Section 1026.52(b)(1) or complies with the safe harbor provisions set forth in Section 1026.52(b)(1)(ii). Section 1026.52(b)(ii) currently sets forth a safe harbor of $30 generally for penalty fees, except that it sets forth a safe harbor of $41 for each subsequently violation of the same type that occurs during the same billing cycle or in one of the next six billing cycles.

The Bureau’s proposal is limited to late fees at this time. The proposal would amend Section 1026.52 and its accompanying commentary to ensure that late fees are reasonable and proportional. Specifically, it would:

Amend the section to lower the safe harbor dollar amount for late fees to $8 and to no longer apply to late fees a higher safe harbor dollar amount for subsequent violations of the same type that occur during the same billing cycle or in one of the next six billing cycles.
The proposal would remove the annual inflation adjustments for the safe harbor late fee dollar amounts.
The proposal would amend the section to provide that late fee amounts must not exceed 25 percent of the required payment; currently, late fee amounts must not exceed 100 percent.
The proposal would also amend the commentary to revise current examples of late fee amounts to be consistent with the proposed $8 safe harbor late fee amount discussed.

Comments Requested:

The Bureau seeks comment on the following:

Whether card issuers should be prohibited from imposing late fees on consumers that make the required payment within 15 calendar days following the due date.
Whether, as a condition of using the safe harbor for late fees, it may be appropriate to require card issuers to offer automatic payment options or to provide notification of the payment due date within a certain number of days prior to the due date or both.
Whether the same or similar changes should be applied to other penalty fees such as over the limit fees, returned-payment fees and declined access check fees or in the alternative, whether the Bureau should finalize the proposed safe harbor for late fees and eliminate the safe harbors for other penalty fees.
Whether instead of revising the safe harbor provisions in Section 1026.52 (as they apply to late fees), the Bureau should instead eliminate the safe harbor provisions in Section 1026.52 for late fees or should instead eliminate the safe harbor for all penalty fees, including late fees, over the limit fees, returned payment fees and declined access check fees.
Whether or not the cost analysis provisions found in Section 1026.52, would need to be amended, and if so, how?
All aspects of these proposed amendments to the commentary to Section 1026.52 including comment on what additional amendments may be needed to help to ensure clarity and compliance certainty.
The proposed clarification of the commentary to Section 1026.52(b)(1)(i), including comment on whether any additional clarification may be needed.
Whether there are other specific clarifications that should be made to the provisions of the commentary providing guidance on how to perform a cost analysis under the rule.
Whether potential revisions to the cost analysis provisions are relevant to both retaining the safe harbor provisions as proposed or eliminating the safe harbor provisions for late fees.
What additional guidance, if any, should be added to the commentary concerning the specific costs and other factors that card issuers may take into account in determining late fee amounts, including any relevant data or information.
Whether and to what extent to rely on the Bureau’s analysis of data related to collection costs, deterrence, and consumer conduct, as discussed above, in making any revisions to the cost analysis provisions.
What additional requirements related to card issuer’s internal processes and procedures for calculating and documenting costs, if any, the Bureau should adopt to ensure compliance.
Whether to eliminate the safe harbor for all other credit card penalty fees, including fees for returned payments, over the limit transactions, and fees charged when payment on a check that accesses a credit card account is declined.
What guidance, if any, should be added to the cost analysis provisions in Section 1026.52 or related commentary concerning the specific costs and other factors that card issuers may take into account in determining that fee amounts are reasonable and proportional to the costs of the specific violations.
Potential future monitoring or other approaches to ensure that the late fee amount is consistent with the reasonable and proportional standard.
Whether automatic annual adjustments to reflect changes in the CPI should be eliminated for all other penalty fees subject to Section 1026.52 including over the limit fees, returned payment fees, and declined access check fees.
Whether Section 1026.52 should be amended to provide for a courtesy period which would prohibit late fees imposed within 15 calendar days after each payment date.
Whether, if a 15 day courtesy period is required, the courtesy period should be applicable only to late fees assessed if the card issuer is using the late fee safe harbor amount or, alternatively, if the courtesy period should be applicable generally (regardless of whether the card issuer assesses late fees pursuant to the safe harbor amount set forth in Section 1026.52.
Whether a courtesy period of fewer or greater than 15 days may be appropriate

Whether a 15 day courtesy period should apply to the other penalty fees that are subject to Section 1026.52 including the over the limit fees and returned payment fees and if so, why?
Whether the dollar amount associated with the other penalty fees covered by Section 1026.52 should be limited to 25 percent of the dollar amount associated with the violation.
Whether the late fee amounts of $35 in the sample forms/clauses, as applicable, should be revised to set forth late fee amounts of $8, and whether the maximum late fee amounts of “up to $35” in these sample forms or clauses should be revised to set forth a maximum late fee amounts and maximum late fee amounts in the examples are consistent with the proposed $8 late fee safe harbor.
Whether to restrict card issuers from imposing a late fee on a credit card account unless the consumer has not made the required payment within 15 calendar days following the due date.
Effective ways to help ensure that consumers understand that a 15-day courtesy period only relates to the late fee, and not to other possible consequences of paying late, such as the loss of a grace period or the application of a penalty rate.
Whether the $8 safe harbor threshold amount that is being proposed for late fees should also apply to other penalty fees, including over the limit fees and returned-payment fees.
Whether the Bureau should revise the maximum amount of the over the credit limit fees and returned payment fees should on these forms to be “up to $8.”
Whether the 15-day courtesy period should be provided with respect to all penalty fee, including the over the credit limit fees and returned payment fees. If the Bureau were to adopt the 15-day courtesy period to all penalty fees, the Bureau solicit comment on the 15-day courtesy period should be disclosed in the five sample forms discussed.

Summary – CFPB Compliance Bulletin and Policy Guidance 2023-01: Unfair Billing and Collection Practices After Bankruptcy Discharges of Certain Student Loan Debts

12 CFPB Chapter X

The Consumer Financial Protection Bureau issued this Compliance Bulletin and Policy Guidance to address the treatment of certain private student loans following bankruptcy discharge.

The bulletin becomes effective upon publication in the Federal Register and can be found here.

Summary:

In order to secure a discharge of “qualified education loans” in bankruptcy, borrowers must demonstrate that the loans would impose an undue hardship if not discharged. Qualified education loans receive special treatment under Section 523(a)(8) of the Bankruptcy Code. In practice, the majority of student loans meet at least one of the criteria for “special treatment” under the Bankruptcy Code and therefore, are not eligible for discharge by a general order of discharge.

However, some loans for educational purposes that borrowers may think of as “private student loans” are not exempt from the general order of discharge. These include:

Loans made to attend non-Title IV schools;
Loans made to cover fees and living expenses incurred while studying for the bar exam or other professional exams;
Loans made to cover fees, living expenses incurred while studying for the bar exam or other professional exams;
Loans made to cover fees, living expenses, and moving costs associated with medical or dental residency;
Loans made in amounts in excess of the cost of attendance,
Loans to students attending school less than half-time; and
Other loans made for non-qualified higher education expenses.

Any private student loans in these categories are discharged by standard bankruptcy discharge orders, just like most other unsecured consumer debts. In addition to not fitting the definition of “qualified education loan” these loans are not made, insured or guaranteed by a governmental unit, and are not educational benefits, scholarships or stipends. The obligations at issue here are originated as loans requiring repayment; educational benefits, scholarships, and stipends. In contrast are grants, where repayment is only triggered if the student fails to meet a condition of the grant.

CFPB examiners found that servicers of various types of student loans failed to maintain policies/procedures for distinguishing between loan types that are discharged in the regular course of a bankruptcy proceeding (generally, non-qualified education loans) and loan types that require consumers to initiate an adversarial proceeding and meet the “undue hardship” standard to receive bankruptcy relief. Examiners determined that student loan servicers engaged in an unfair act or practice, in violation of the Dodd Frank Act, when they resumed collection of debts that were discharged by bankruptcy courts for non-qualified education loans.

The CFPB’s supervisory observations and consumers complaints show that servicers continued to make collection attempts on student loans that were discharged through bankruptcy in many instances. This violates Federal consumer financial law. The CFPB expects servicers to proactively identify student loans that are discharged without an undue hardship showing and permanently cease collections following a standard bankruptcy discharge order.

The CFPB is prioritizing student loan servicing oversight work in the coming year, including a focus on evaluating whether lenders and servicers cease collection of applicable student loans once they have been discharged. The CFPB plans to play particular attention to:

Whether student loan servicers continue to collect on loans that are discharged by a bankruptcy discharge order;
Whether servicers and loan holders have adequate policies and procedures to identify loans that are discharged by a bankruptcy discharge order and loans that require the borrower to go through an adversarial proceeding to demonstrate that they meet the undue hardship standard; and
Whether servicers provide accurate information to borrowers about the status of their loans and the protections that bankruptcy offers.

Notice of Proposed Rulemaking and Request for Comment
NCUA: Chartering and Field of Membership

NASCUS Legislative and Regulatory Affairs Department

On February 28, 2023, the NCUA published a notice of proposed rulemaking that would amend its chartering and field of membership (FOM) rules. If finalized the proposal would provide amendments to:

Expand financial services to low- and moderate-income communities;
Expand membership eligibility to family members after the death of a member
Streamline requirements for community-based FOM applications and clarify procedures.

The proposed amendments result from the agency’s experience in addressing FOM issues relating to community charters and service to underserved areas, along with its study of FOM issues through the Board’s Advancing Communities through Credit, Education, Stability, and Support (ACCESS) initiative. Additionally, the Board is seeking feedback about several aspects of FOM issues for consideration with respect to future policy refinements.

Due to the scope and complexity of the proposed changes and additional issues presented for feedback, the Board has issued the proposal with a 90-day comment period.

The proposed rule can be found here. Comments are due May 30, 2023.

Summary

The proposed rule would make nine changes to the NCUA’s Chartering and Field of Membership Manual (Manual) to enhance consumer access to financial services while reducing duplicative or unnecessary paperwork and administrative requirements. The NCUA states the goal of the proposed changes is to eliminate unnecessary burdens while enhancing the agency’s focus on the core principles of credit union membership. The proposed changes cover underserved areas, community-based FOMs, and some more broadly applicable FOM provisions.

Underserved Area Additions

The Federal Credit Union Act (FCUA) currently permits only multiple common bond FCUs to add underserved areas to their FOM beyond the common bond requirements specified in the FCUA. [1]

Currently, if a multiple common bond FCU seeks to add an underserved area to its FOM as an investment area it must satisfy the CDFI Fund’s economic distress criteria.[2] Based on feedback from the industry surrounding these criteria and the requirements of the current Manual the NCUA Board is proposing four changes to the requirements that apply to multiple common bond FCUs that seek to serve underserved areas.

The proposed changes would accomplish the following:

Clarify the Board’s intent to provide flexibility to multiple common bond FCUs serving underserved areas based on rural districts;
Clarify how the NCUA applies the CDFI Fund’s economic distress criteria as the FCUA requires;
Eliminate census block groups as a geographic unit for composing underserved areas, in adherence to a regulatory change that the CDFI Fund has adopted; and
Simplify and reduce the burden for FCUs on the required statement of unmet needs that must accompany a request to serve an underserved area.

Community Charter Conversions and Expansions

The proposed rule would make three changes to reduce the regulatory burden for community charter applications or conversions. Specifically, the proposed rule would:

Establish a simplified business and marketing plan for community charter applications;
Provide a standardized, fillable application for community charter conversion or expansion requests; and
Eliminate the requirement for Federally Insured State Chartered Credit Unions (FISCUs) applying to convert to a federal community charter to submit a business and marketing plan under certain conditions.

After studying the existing requirements and considering its “substantial experience in processing and reviewing various applications” the Board is proposing targeted relief in this area. The agency feels the changes would not undermine the goals that the plans serve and would instead reduce or eliminate paperwork requirements while “sharpening the agency’s focus on the substantive merits of each application.”

Simplified Business and Marketing Plan

Currently, credit unions are required to provide a description of the current and proposed office/branch structure, including a general description of the location(s), parking availability, public transportation availability, drive-through service, lobby capacity, or any other service feature illustrating community access.

Under the proposed rule, the credit union would be required to provide branch details including how many service facilities are in the area, whether the credit union participates in shared branching, the number of ATMs (owned and shared), any new branches planned, use of electronic delivery channels, and how the credit union will sign up low- and moderate-income individuals. By eliminating the need for providing granular details about the branch structure, the NCUA hopes to encourage applicants to spend more time determining how to best meet the evolving needs of their members and considering innovative service delivery channels like virtual banking.

Standardized Fillable Application for Community Charter Requests

The proposed rule would require the use of a fillable, standardized application for all community charter actions. The standardized application should better focus credit unions on critical requirements and ensure uniform NCUA reviews across applications. The use of the standardized application form should reduce the number of follow-up requests from the NCUA for additional information. The proposed form is available for review within the Regulations.gov docket for this notice of proposed rulemaking.

Requirements for Community-Based State-Chartered Credit Unions Converting to an FCU

The proposed rule would amend the Manual’s business and marketing plan requirements for FISCUs that already serve the community applying to become a federal community charter. In place of the plan’s current requirements,[3] the proposed rule would require a FISCU to submit a statement addressing the following topics:

Does the existing community consist of a portion of a Core Based Statistical area or a Combined Statistical area? If so, please explain the credit union’s basis for selecting its service area.
Describe products and services you offer or plan to offer to low- and moderate-income and underserved members.
How will you market to the low-and moderate-income, and underserved (economically distressed) people, and those with unique needs, in the community?

This proposed change would NOT apply to single or multiple common bond FISCUs converting to an FCU community charter. These credit unions would have to submit a business and marketing plan. This change would also not apply to non-federally insured credit unions.

Groups Sharing a Common Bond with Community Areas

The Board is also proposing a targeted addition to the affinity groups eligible for membership in community-based FCUs. The manual currently defines an affinity as a relationship on which a community charter is based outlining four types of affinity groups eligible for membership in FCUs serving communities or rural districts, primarily persons who live, work, worship, or attend school in the community or rural district.[4]

To address the increasing trends in telecommuting and decentralized workspaces, the Board is proposing to add a fifth affinity to include a paid employee for a legal entity headquartered in the community, neighborhood, or rural district. The NCUA believes this proposed change will help FCUs adapt to serve everyone with ties to a community by providing employees access to a community credit union with which they have a bond through their employer, even if they do not physically work in the well-defined local community or rural district.

Eligibility of Immediate Family Members of Decedents

The NCUA is also proposing an update to the groups of persons who may join an FCU based on a common bond with its members or the FCU. Under the current options available for FCUs to enroll secondary members, immediate family or household members of decedents are not eligible for membership unless the person was a spouse of a person who died while within the field of membership of the credit union.

The proposal would amend the Manual to update the definition of secondary members for each common bond type to include every member of a decedent’s immediate family or household for a 6-month period following the decedent’s passing.

Updated References for Review of Prospective Management and Officials

Finally, the proposed rule would make a technical clarification and correction to the Manual provision regarding the agency’s evaluation and disapproval of directors and other management officials for applicants for NCUSIF coverage. The goal of the change is to reduce confusion for applicants and provide a clearer explanation of which authorities govern this review process.

Comments

The NCUA Board is seeking feedback on all elements of the proposed rule. Comments can be submitted electronically via regulations.gov or via the NCUA website: https://www.ncua.gov/regulation-supervision/rulemakings-proposals-comment. Following the instructions for submitting comments.

[1] 12 U.S.C. 1759(b)

[2] 12 CFR 1805.101

[3] 12 U.S.C. 1771; Manual, Chapter 4, Section II

[4] 12 U.S.C 1771; Manual, Chapter 2, Section V.A.1.

Summary re: CFPB Review/Request for Comment: Regulation Z Mortgage Loan Originator Rules Review Pursuant to the Regulatory Flexibility Act

12 CFR Part 1026

The Consumer Financial Protection Bureau (CFPB) issued a notice and request for comments regarding a review of Regulation Z’s Mortgage Loan Originator Rules pursuant to Section 610 of the Regulatory Flexibility Act.

Comments must be received by May 1, 2023, and the notice can be found here.

Summary:

Regulation Z, implements the Truth in Lending Act, among other things, imposes certain requirements on: loan originator compensation; qualification of; and registration or licensing of, loan originators; compliance procedures for depository institutions; mandatory arbitration; and the financing of single premium credit insurance. As part of the review, the Bureau is seeking comment on the economic impact of the loan originator rules on small entities. These comments may assist the Bureau in determining whether the loan originator rules should be continued without change or amended or rescinded to minimize any significant economic impact of the rules upon a substantial number of such small entities, consistent with the stated objectives of applicable Federal statutes.

Section 610 provides that the purpose of the review is to determine whether such rules should be continued without change, or should be amended or rescinded, consistent with the stated objectives of applicable statutes, to minimize any significant economic impact of the rules upon a substantial number of such small entities. In each review, agencies must consider several factors:

The continued need for the rule;
The nature of public complaints or comments on the rule;
The complexity of the rule;
The extent to which the rule overlaps, duplicates, or conflicts with Federal, State, or other rules; and
The time since the rule was evaluated or the degree to which technology, market conditions, or other factors have changed the relevant market.

Request for Comment:

The Bureau asks the public to comment on the impact of Regulation Z’s Mortgage Loan Originator Rules on small entities by reviewing the following factors. Where possible, please submit detailed comments, data, and other information to support any submitted positions.

The continued need for the Rules based on the stated objectives of applicable statutes and the Rules;
The complexity of the Rules;
The extent to which the Rules overlap, duplicate or conflict with other Federal rules, and, to the extent feasible, with State and local governmental rules;
The degree to which technology, market conditions, or other factors have changed the relevant market since the rule was evaluated, including:
How the impacts of the Rules as a whole, and of major components or provisions of the Rules, may differ by origination channel, product type, or other market segment;
The current scale of the economic impacts of the Rules as a whole, and of major components or provisions of the Rules, on small entities; and
Other current information relevant to the factors that the Bureau considers in completing a Section 610 review under the RFA, as described above.

NCUA Final Rule Summary: Cyber Incident Notification Requirements for Federally Insured Credit Unions

NASCUS Legislative and Regulatory Affairs Department
March 7, 2023

At the February 16, 2023, meeting, the NCUA Board approved a final rule amending Part 748 of its regulations to require federally insured credit unions (FICUs) to report an incident to NCUA as soon as possible, but no later than 72 hours after a FICU reasonably believes it has experienced a reportable cyber incident. The notification requirement is intended to be an “early alert” to the NCUA and will not require a FICU to provide a detailed incident assessment within the 72-hour time frame.

The effective date of the final rule is September 1, 2023. The final rule can be found here.

Summary

Background

In July 2022, the Board approved a proposed rule that would require a FICU to notify NCUA of a cyber incident that rises to the level of a reportable cyber incident. The proposed rule would require this notification as soon as possible but no later than 72 hours after a FICU reasonably believes that a reportable cyber incident has occurred.

Shortly before the Board issued the proposed rule, Congress enacted the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (Cyber Incident Reporting Act), requiring covered entities to report covered cyber incidents to the Cybersecurity and Infrastructure Security Agency (CISA) not later than 72 hours after the entity reasonably believes that a covered cyber incident has occurred.

While CISA has until 2025 to publish its final rule, the NCUA Board believed “it would be imprudent in light of the increasing frequency and severity of cyber incidents to postpone a notification requirement until after CISA promulgates a final rule.” The Board intends to coordinate with CISA on any future credit union cyber incident reporting to avoid duplicate reporting to both NCUA and CISA.

Final Rule

Definition – Reportable Cyber Incident

The final rule defines a “reportable cyber incident” as any substantial cyber incident that leads to one or more of the following:

A substantial loss of confidentiality, integrity, or availability of a network or member information system that results from the unauthorized access to or exposure of sensitive data, disrupts vital member services, or has a serious impact on the safety and resiliency of operational systems and processes.
A disruption of business operations, vital member services, or a member information system resulting from a cyberattack or exploitation of vulnerabilities.
A disruption of business operations or unauthorized access to sensitive data facilitated through, or caused by, a compromise of a credit union service organization, cloud service provider, or other third-party data hosting provider or by a supply chain compromise.

A “reportable cyber incident” does not include any event where the cyber incident is performed in good faith by an entity in response to a specific request by the owner or operators of the system. For example, contracting with a third-party to conduct penetration testing or e-mail spoofing testing.

Reporting Process

If a reportable cyber incident occurs, Part 748 will now require FICUs to notify the “appropriate NCUA-designated point of contact of the occurrence via email, telephone, or other similar methods that the NCUA may prescribe. NCUA must receive this notification as soon as possible but no later than 72 hours after a FICU reasonably believes that it has experienced a reportable cyber incident, or within 72 hours of being notified by a third-party with whom the credit union has a contractual relationship with, whichever is sooner.

NCUA has indicated additional information will be issued prior to the September 1, 2023, effective date, including more detailed reporting guidance. NCUA also intends to coordinate with state regulators as much as possible.

NASCUS will provide updates as additional information becomes available.

NCUA Letter 23-CU-02 Summary
Expansion of Permissible CUSO Activities and Associated risks

NASCUS Legislative and Regulatory Affairs Department
February 7, 2023

Summary

On November 26, 2021, a final rule amending NCUA Regulation Part 712 – Credit Union Service Organizations (CUSOs)[1] became effective. NASCUS’ summary of the NCUA rule[2] outlines its expansion of the list of permissible activities and services for CUSOs. The expanded list includes the origination of any type of loan that a Federal Credit Union (FCU) may originate and grants NCUA additional flexibility to approve permissible activities and services.

NCUA Letter 23-CU-02 reminds the industry of published guidance that broadly outlines the responsibility of a credit union to address primary related risks with CUSO relationships, including the various ways the relationship between the CUSO and credit union impacts the risk profile and to ensure consumer financial protection risks from CUSO originated loans are properly addressed.

NCUA guidance published includes:

The CUSO provisions of the NCUA Examiners Guide[3];
The CUSO Activities portion of the NCUA’s website[4]; and
NCUA Rules and Regulations Part 712.5[5] outlining preapproved activities and services for CUSOs.

The relevant guidance found in the NCUA Examiner’s Guide outlines the statutory definition of a CUSO, the impact of CUSO to credit union relationships, investment, and loan limitations, maintenance of entity legal separation, authorized CUSO services, the CUSO registry, associated primary risks, the impact on earnings and net worth of the credit union, appropriate risk management practices and CUSO review procedures.

The CUSO Activities portion on the NCUA website outlines the approval process for requesting additional preapproved CUSO activities that, once approved, will be added to the webpage to authorize any CUSO which desires to engage in those activities with no further NCUA approval necessary. Currently, no “newly authorized activities” are listed outside those found within Part 712.5.

[1] Available at www.govinfo.gov/content/pkg/FR-2021-10-27/pdf/2021-23322.pdf

[2] Available at https://www.nascus.org/summaries/final-rule-summary-fcu-cusos/

[3] Available at https://publishedguides.ncua.gov/examiner/Content/ExaminersGuide/CUSOs/IntroCUSO.htm

[4] Available at https://www.ncua.gov/regulation-supervision/cuso-activities

[5] Available at https://www.ecfr.gov/current/title-12/chapter-VII/subchapter-A/part-712/section-712.5

NCUA Risk Alert: 23-RA-01 Change to HMDA’s Closed-End Loan Reporting Threshold

NASCUS Legislative and Regulatory Affairs Department
February 3, 2023

On February 2, 2023, the NCUA Board issued Risk Alert 23-RA-01. The alert addresses a September 23, 2022, order issued by the U.S. District Court for the District of Columbia that vacated a portion of the CFPB’s 2020 HMDA Final Rule that had established a reporting threshold of 100 closed-end mortgage loans.

The decision by the court reverts the threshold for reporting data on closed-end mortgage loans to 25 loans in each of the two preceding calendar years, the threshold previously established by the 2015 HMDA Final Rule.

The NCUA states they recognize credit unions affected by this change may need time to implement or adjust policies, procedures, systems, and operations to achieve compliance with the reporting requirements. Therefore, the NCUA intends to take a flexible supervisory and enforcement approach, similar to that of the CFPB, and not issue enforcement actions or citations for closed-end mortgage loan data collected in 2020, 2021, or 2022. Credit unions can find additional information on HMDA reporting requirements here, including a Reference Chart for HMDA Data Collected in 2022.

Summary re: CFPB Request for Information Regarding Consumer Credit Card Market

Docket No. CFPB-2023-0009

Section 502(a) of the Credit Card Accountability Responsibility and Disclosure Act of 2009 (CARD Act or Act) requires the Consumer Financial Protection Bureau (CFPB) to conduct a review of the consumer credit card market, within limits of its existing resources available for reporting purposes. In connection with conducting that review, and in accordance with Section 502(a) of the Act, the CFPB is soliciting information from the public about a number of aspects of the consumer credit card market.

Comments must be received no later than April 24, 2023. The RFI can be accessed here.

Summary:

The CARD Act was signed into law in May 2009. The Act was intended to “establish fair and transparent practices related to the extension of credit” in the credit card market.

Section 502(a) of the CARD act requires the CFPB to conduct a review, within the limits of its existing resources available for reporting purposes, of the consumer credit market every two years. The CFPB published its last review in September 2021. To inform its next review, the CFPB invites members of the public, including consumers, credit card issuers, industry analysts, consumer groups and other interested parties to submit information and other comments relevant to the questions posed as well as any additional information they believe is relevant to a review of the credit card market.

The CFPB seeks information from members of the public about how the credit card market is functioning. Specifically, the CFPB seeks comments on the experiences of consumers and credit card issuers in the credit card market as well as the overall health of the market. The Bureau is seeking responses to the specific questions listed below but welcomes commenters to provide any additional information they believe is relevant.

Terms of credit card agreements and the practices of credit card issuers:

How have the substantive terms and conditions of credit card agreements or the length and complexity of such agreements changed over the past two years?
How have issuers changed their pricing, marketing, underwriting, or other practices?
How are the terms of, and practices related to, major supplementary credit card features (such as credit card rewards, deferred interest promotions, balanced transfers, and cash advances) evolving? What are the terms of, practices related to, and prevalence of emerging supplementary credit card features (such as credit card installment plans)?
How have issuers’ marketing practices changed since the CFPB reported on the credit card market in 2021? Has this impacted consumers’ ability to comparison shop? If so, in what ways?
What practices of credit card issuers may uniquely affect special populations (such as servicemembers and their dependents, low and moderate-income consumers, old Americans, and students)? What are the effects of protections specific to special populations (for example, the Servicemembers Civil Relief Act or the Military Lending Act)? How are these changing and what, if any, trends are evolving?
How have practices related to collecting on delinquent and charged-off credit card debt changed over the past two years?
Has the use of electronic communication (e.g., email or SMS) by creditors and debt collectors in connection with credit card debt grown or otherwise evolved? If so, in what ways?
How are the terms of, and practices related to, partnerships between credit card issuers and merchant partners (such as hospitality, airline, healthcare, and/or retail companies) evolving?

The effectiveness of disclosure of terms, fees, and other expenses of credit card plans

How effective are current disclosures of rates, fees, and other cost terms of credit card accounts in conveying to consumers the costs of credit card plans?
What further improvements in disclosure, if any, would benefit consumers and what costs would card issuers or others incur in providing such disclosures?
How well are current credit card disclosure rules and practices adapted to the digital environment? What adaptations to credit card disclosure regimes in the digital environment would better serve consumers or reduce industry compliance burden?

The adequacy of protections against unfair, deceptive, or abusive acts and practices relating to credit cards plans

What unfair, deceptive, or abusive acts and practices exist in the credit card market? How prevalent are those acts and practices and what effect do they have? With regard to any unfair, deceptive, or abusive acts and practices that exist in the credit card market, how might any such conduct be prevented and at what cost?

The cost and availability of consumer credit cards

How have the cost and availability of consumer credit cards (including with respect to non-prime borrowers) changed since the CFPB reported on the credit card market in 2021?
What is responsible for changes (or absence of changes) in cost and availability? Has the impact of the CARD Act on cost and availability changed over the past two years?
How, if at all, are the characteristics of consumers with lower credit scores changing? How are groups of consumers in different score tiers faring in the market? How do other factors relating to consumer demographics or financial lives affect consumers’ ability to successfully obtain and use credit cards?

The safety and soundness of credit card issuers

What, if any, safety and soundness risks related to the credit cycle are present or growing in this market, and which entities are disproportionately affected by these risks? Has the impact of the CARD Act on safety and soundness changed over the past two years?
How have current dynamics related to funding sources (such as asset-backed securities or deposits) for credit card receivables affected issuers’ profitability and lending operations?
What changes, if any, in capital markets for credit cards have there been since the last biennial report? How do capital requirements for different types of institutions affect competition in the credit card market or consumer’s access to and cost of credit? How might these trends positively or negatively impact consumers?

The use of risk-based pricing for consumer credit cards

How has the use of risk-based pricing for consumer credit cards changed since the CFPB reported on the credit card market in 2021? What has driven those changes or lack of changes? Has the impact of the CARD Act on risk-based pricing changed over the past two years?
How have CARD Act provisions relating to risk-based pricing impacted (positively or negatively) the evolution of practices in this market?

Consumer credit card product innovation and competition

How has credit card product innovation changed since the CFPB reported on the credit market in 2021? What has driven those changes or lack of changes? Has the impact of the CARD Act on product innovation changed over the past two years?
How is the competition in the credit card market changing? How has the CARD Act (positively or negatively) impacted competition between credit card issuers? How, if at all, do these changes and impacts relate to the cost or availability of consumer credit cards?
What barriers to entry, if any, exist in the consumer credit market? What obstacles may smaller financial institutions face when launching a credit card product? How are these impediments changing and what, if any, trends are evolving? To what extent are financial institutions adopting “credit card-as-a-service” offerings? How might these changes affect competition, promote innovation, or introduce risk, if at all?
How have broader innovations in finance, such as (but not limited to) new products and entrants offering unique features (like rewards redemption for cryptocurrency, environmental causes, and other categories beyond cash-back or points), evolving digital tools, greater availability of and new applications for consumer data, and new technological tools (like machine learning), impacted the consumer credit card market, either directly or indirectly? In what ways do CARD Act provisions encourage or discourage innovation? In what ways do innovations increase or decrease the impact of certain CARD Act provisions, or change the nature of those impacts?
How do innovations by firms offering other consumer financial products and services (such as buy-now-pay-later credit, mobile payments, or non-card point-of-sale loans) compete with credit cards, and to what extent do consumers view them as effective alternatives to or substitutes for credit cards?

The Consumer Financial Protection Bureau issued a circular that asked if “persons” that engage in negative option marketing practices violate the prohibition on unfair, deceptive, or abusive acts or practices in the Consumer Financial Protection Act (CFPA).

The circular was issued on January 19, 2023 and can be accessed here.

Summary

The Bureau answered the question affirmatively and noted the circular was issued to reiterate that covered persons and service providers who engage in negative option marketing are required to comply with the Consumer Financial Protection Act (CFPA)’s prohibition on unfair, deceptive, and abusive acts or practices.

The Bureau further emphasizes that its approach to negative option marketing is generally in alignment with the FTC’s approach to Section 5 of the FTC Act as set forth in its recent policy statement. According to the circular, the phrase “negative option” refers to a term or condition under which a seller may interpret a consumer’s silence, failure to take an affirmative action to reject a product or service, or failure to cancel an agreement as acceptance or continued acceptance of the offer. The circular notes that negative option programs can cause harm to consumers who do not wish to receive the products/services for which they are charged. Harm is “most likely to occur when sellers mislead consumers about terms and conditions, fail to obtain consumers’ informed consent or make it difficult to consumers to cancel.”

The Bureau notes that a seller offering a negative option program risks violating the law if the seller (i) misrepresents or fails to clearly and conspicuously disclose the material terms of a negative option program; (ii) fails to obtain consumers’ informed consent; (iii) misleads consumers who want to cancel, erects unreasonable barriers to cancellation, or fails to honor cancellation requests that comply with its promised cancellation procedures.

Failure to Disclose

Sellers may violate the CFPA’s prohibition on deceptive acts or practices if they misrepresent or fail to clearly and conspicuously disclose the material terms of an offer for a product/service with a negative option feature. Under the CFPA, a representation or omission is deceptive if it is likely to mislead a reasonable consumer and is material. A “material” representation or omission “involves information that is important to consumers and, hence is likely to affect their choice of, or conduct regarding, a product.”

Consent

Sellers engaged in negative option marketing would likely violate the CFPA where they fail to obtain the consumer’s informed consent before charging the consumer. Consent will generally not be informed if, for example, a seller mischaracterizes or conceals the negative option feature, provides contradictory or misleading information, or otherwise interferes with the consumer’s understanding of the agreement.

Enforcement

The Bureau has used its authority under the CFPA’s UDAAP provisions to halt a variety of harmful negative option practices. The Bureau has also relied on other Federal consumer financial laws (such as the Electronic Fund Transfer Act (EFTA) and Regulation E) that it enforces to address certain harmful negative option marketing practices.

Letter to Credit Unions 23-CU-01
NCUA’s 2023 Supervisory Priorities

NASCUS Legislative and Regulatory Affairs Department
January 19, 2023

On January 18, the NCUA issued Letter to Credit Unions 23-CU-01 outlining the agency’s Supervisory Priorities for 2023. The letter also includes updates to the agency’s examination program for 2023. Not unexpectedly the letter indicates the agency’s focus will be on the areas posing the highest risk to credit union members, the credit union industry, and, the National Credit Union Share Insurance Fund (NCUSIF). The letter also includes links to various NCUA resources applicable to each area of supervisory focus.

NCUA will continue a hybrid examination posture in which examiners will be both onsite and offsite, as appropriate with some examination activity remaining offsite as long as it can be completed “efficiently and effectively at credit unions that can accommodate offsite work. The extended examination cycle for certain credit unions will also continue in 2023. Eligibility criteria for an extended exam cycle can be found here. NCUA will also continue its Small Credit Union Exam Program in most federal credit unions with assets under $50 million.

Summary

NCUA has indicated the following areas of supervisory focus for 2023.

Interest Rate Risk

As to be expected Interest Rate Risk (IRR) is at the top of the list. Due to the significant rise in interest rates in 2022 and the addition of the Sensitivity “S” component to the CAMELS rating system, NCUA has formalized a focus on IRR as a specific rating category, separate from liquidity risk. Examiners will be reviewing credit unions’ IRR program for the following risk management and controls:

Key assumptions and related data sets are reasonable and well-documented.
The credit union’s overall level of IRR exposure is properly measured and controlled.
Results are communicated to decision-makers and the board of directors.
Proactive action is taken to remain within safe and sound policy limits.

Liquidity Risk

Higher interest rates and the significant increase in share balances from 2020 – 2022. Because of these and other factors, examiners will evaluate the adequacy of a credit union’s liquidity risk management framework relative to the size, complexity, and risk profile of the credit union as well as evaluation of the following:

The potential effects of changing interest rates on the market value of assets and borrowing capacity.
Scenario analysis for liquidity risk modeling.
Scenario analysis for changes in cash flow projections for an appropriate range of relevant factors.
The appropriateness of contingency funding plans to address any unexpected liquidity shortfalls.

Credit Risk

Due to high inflation and rising interest rates putting financial pressure on credit union members credit risk is a priority for 2023. Examiners will review:

The soundness of existing lending programs;
Adjustments a credit union has made to loan underwriting standards; and
Portfolio monitoring practices and loan workout strategies for borrowers facing financial hardship.

Examiners will consider all factors in evaluating credit unions’ efforts to provide relief to borrowers, including whether the efforts were reasonable and conducted with proper controls and management oversight.

Fraud Prevention and Detection

The NCUA remains concerned with fraud risks, particularly given the remote posture of examinations since 2020. Due to this concern, NCUA will continue efforts to review internal controls and separation of duties. New for 2023, the agency will be implementing a management questionnaire designed to enhance the identification of fraud red flags, material supervisory concerns, or other potential new risks to which a credit union may be exposed.

The questionnaire will be sent to credit unions as part of the pre-examination planning stage for ALL full-scope exams along with the Items Needed List. This will also be included in joint exams with State Supervisory Authorities (SSAs). Credit unions will only need to complete one questionnaire per examination. If an SSA uses a similar questionnaire NCUA indicates the federal and state examiners will coordinate to decide which questionnaire will be completed. The questionnaire will be sent through MERIT’s survey function, completed by the credit union CEO or senior executive, and returned through the survey function. The scope of the examination may be refined based on the responses received.

Information Security (Cybersecurity)

Cybersecurity remains an examination priority for the NCUA. Examiners will be evaluating whether credit unions have established adequate information security programs to protect members and the credit union. The agency has developed and tested updated Information Security Examination procedures tailored to credit unions of varying size and complexity.

Credit unions are encouraged to utilize the Automated Cybersecurity Evaluation Toolbox in preparation for examinations.

Consumer Financial Protection

The agency will continue to review compliance with applicable consumer financial protection laws and regulations for federal credit unions that the NCUA has under its consumer financial protection supervisory authority. Examiners will review credit unions for compliance with:

Flood Disaster Protection Act including disclosure requirements, as the agency continues to evolve its understanding of the impact of climate-related financial risks on the industry and the NCUSIF;
Overdraft programs, including a review of how these programs are advertised, how account balances are calculated, and transaction settlement;
Fair lending, including the review of residential real estate appraisals for any bias, and review of policy and procedures with a focus on steering and possible price discrimination;
The Truth in Lending Act, specifically disclosures for auto loans for credit unions that have experienced high auto loan growth in the past year;
The Fair Credit Reporting Act, specifically accuracy in data reported, risk-based pricing, and consumer rights disclosures.

Other Updates

Current Expected Credit Loss Implementation

Examiners will evaluate the adequacy of credit union Allowance for Credit Losses (ACL) on loans and leases by reviewing:

ACL policies and procedures;
Documentation of ACL reservation methodology
Adherence to Generally Accepted Accounting Principles (GAAP) (if applicable).

Federally Insured State Chartered Credit Unions (FISCUs) should refer to state law on GAAP requirements and CECL standard applicability (those requirements may be more restrictive).

Succession Planning

In 2023 examiners will be requesting information about a credit union’s approach to succession planning for executive leadership, including written succession plans. The plans will not be considered beyond the current process in assigning the Management “M” component of the CAMELS rating and no Examiner’s Findings or Document of Resolution will be issued if the credit union has not conducted succession planning or the planning is not adequate unless the credit union is in violation of its own policy.

Support for Small and Minority Depository Institutions

The NCUA is committed to continuing its support of Small and Minority Depository Institutions (MDIs) through its support program. The program focuses on providing training and guidance to these institutions and their leadership. The agency expects the program benefits to also include:

Greater awareness of the unique needs of small credit unions and MDIs and their role in serving underserved communities.
Expanded opportunities for these credit unions to receive support through NCUA grants, training, and other initiatives.
Furthering partnerships with organizations and industry mentors that can support small credit unions and MDIs.

The NCUA has also developed MDI-specific exam procedures to assist examiners in their supervision of MDIs.

Post-Examination Survey

The NCUA will continue to gather feedback on examinations through the post-examination survey process. Also of note, federal credit unions may record their exam exit meetings provided they comply with applicable laws and regulations for recording and provide a copy of the recording to the NCUA. These recordings can be useful to both credit unions and the NCUA. NCUA examiners will agree to the recording of the exam exit meetings, and the NCUA will monitor how often exam exit meetings are recorded.

Final Rule Summary
Federal Reserve: Regulation D – Reserve Requirements of Depository Institutions

NASCUS Legislative and Regulatory Affairs Department
January 17, 2023

The Board of Governors of the Federal Reserve System (Board) has adopted final amendments to Regulation D (Part 204) revising the rate of interest paid on balances (IORB) maintained at Federal Reserve Banks by or on behalf of eligible institutions[1]. The IORB is now 4.40 percent, a 0.50 percentage point increase from the prior level. The final rule states the amendment is intended to “enhance the role of IORB in maintaining the federal funds rate in the target range established by the Federal Open Market Committee (FOMC).

The amendment took effect on January 13, 2023.

Summary

On December 14, 2022, the Board voted unanimously to raise the interest rate paid on balances to 4.40 percent as a result the Board is amending §204.10(b)(1) of Regulation D to establish the new rate.

Section 19 of the Federal Reserve Act[2] imposes reserve requirements on certain types of deposits and other liabilities of depository institutions. Regulation D implements Section 19 and requires that a depository institution meet reserve requirements by holding cash in its vault or by maintaining a balance in an account at a Federal Reserve Bank.[3] Section 19 also provides balances maintained by eligible institutions in an account at a Federal Reserve Bank are eligible to receive earnings on balances held. Finally, Section 19 permits the Board may prescribe regulations concerning the payment of earnings on these balances. Prior to this latest amendment, the IORB was 3.90 percent.

The amendment to the IORB was not subject to notice and comment under the Administrative Procedures Act[4], as the Board determined that good cause existed for finding that a notice, public comment, and delayed effective date provisions were unnecessary, impracticable, or contrary to public interest.

The final rule indicates that the rate change for IORB was made to accommodate commerce and business and “with regard to their bearing upon the general credit situation of the country.” The Board determined that notice, public comment, and a delayed effective date would “create uncertainty about the finality and effectiveness of the Board’s action and undermine the effectiveness of that action.”

[1] 12 CFR 204.1(c)(1)(i-v)

[2] 12 U.S.C. 461(b)

[3] 12 CFR 204.5(a)(1)

[4] 12 U.S.C. 551

Notice of Proposed Rulemaking and Request for Comment
FinCEN: Beneficial Ownership Information Access and Safeguards, and Use of FinCEN Identifiers for Entities

NASCUS Legislative and Regulatory Affairs Department
January 13, 2023

On December 16, 2022, FinCEN issued a notice of proposed rulemaking (NPRM) and request for comment and an accompanying Fact Sheet regarding access by authorized recipients to beneficial ownership information (BOI) that will be reported to FinCEN pursuant to Section 6403 of the Corporate Transparency Act (CTA)[1], enacted under the Anti-Money Laundering Act of 2020 (AML Act). This proposed rule is the second rulemaking under the CTA addressing BOI and would implement protocols on security and confidentiality required by the CTA in order to protect personally identifiable information (PII) reported to FinCEN as required under the BOI final rule. NASCUS summary of the BOI final rule can be found here.

The NPRM explains the circumstances in which specific recipients (financial institutions for example) would have access to BOI and outlines data protection protocols and oversight mechanisms applicable to each category of those who will have access to BOI. The NPRM will also specify when and how reporting companies can use FinCEN identifiers to report the BOI of entities.

The intent of the proposed regulation is to ensure:

Only authorized users have access to BOI;
Authorized access only for purposes permitted by the CTA; and
Authorized users only re-disclose BOI in ways that balance protection of the security and confidentiality of the BOI with furtherance of the CTA’s objective of making BOI available for purposes specified in the CTA.

The proposed rule and request for comment can be found here.

Comments are due on or before February 14, 2023

Summary

The CTA imposes strict confidentiality on the storage, access, and use of BOI, restricting FinCEN disclosure to a statutorily defined group of governmental authorities and financial institutions under limited circumstances. It further defines that such information is to be maintained in a secure, nonpublic database.

The CTA authorizes five categories of “recipients” (users) who may receive BOI from FinCEN.

Federal, State, local, and Tribal government agencies.
- Agencies engaged in national security, intelligence, or law enforcement activity.
- Federal agency access is “activity-based” meaning a Federal functional regulator may be engaged in “law enforcement activity” and therefore still request BOI from FinCEN
- State, local, and Tribal law enforcement agencies may also obtain BOI, if “a court of competent jurisdiction” has authorized the agency to seek the information.
Foreign law enforcement agencies, judges, prosecutors, central authorities, and competent authorities.
- Requests must come through an intermediary Federal agency.
- Must meet certain criteria and are made under;
  - An international treaty, agreement, or convention
  - Via a request made by law enforcement, judicial, or prosecutorial authority in a trusted foreign country.
Financial Institutions (FI) using BOI to facilitate compliance with Customer Due Diligence (CDD) requirements under applicable law.
- FI requesting the BOI has the reporting company’s consent for such disclosure.
Federal functional regulators and other appropriate regulatory agencies acting in a supervisory capacity assessing FIs for compliance with CDD.
- These agencies may access the BOI that the FIs they supervise received from FinCEN.
U.S. Department of Treasury
- CTA provides “unique” access to BOI tied to an officer or employee’s official duties requiring BOI inspection or disclosure, particularly tax information.

Access Capabilities

Access by Federal, State, and local Tribal government agencies:

FinCEN expects three types of domestic agency users to be able to access and query the beneficial ownership IT system directly: (1) Federal agencies engaged in national security, intelligence, and law enforcement activity; (2) Treasury officers and employees who require access to BOI to perform their official duties or for tax administration; and (3) State, local, and Tribal law enforcement agencies. This access would permit authorized individuals within an authorized “recipient” agency to log in, run queries using multiple search fields, and review results returned immediately. These agencies will be required to submit a justification to FinCEN for the respective searches and would be subject to FinCEN oversight and audit.

State, local, and Tribal law enforcement would be required to upload court documents authorizing the search for FinCEN’s review and approval. As part of the IT system protocols, each agency would need to enter into a memorandum of understanding (MOU) with FinCEN before being allowed access to the system.

The remaining authorized “recipient” categories will NOT have access to the broad search capabilities discussed above.

Access by Financial Institutions and Regulatory Agencies for CDD Compliance

Financial institutions and their regulators (Federal functional regulators and other appropriate regulatory agencies, when assessing FI’s compliance with CDD requirements) would both have direct access to BOI contained in the beneficial ownership IT system. However, it would be more limited than that of federal agencies and others as previously discussed.

Financial Institutions

The CTA permits FinCEN to only disclose a reporting company’s BOI to an FI if the disclosure facilitates the FI’s compliance with CDD requirements and only if the reporting company has provided consent prior to accessing the information.

FinCEN is not planning to permit FIs to run broad or open-ended searches in the beneficial ownership IT system or receive multiple search results. Instead, FinCEN anticipates, with the consent of the reporting company, that an FI would submit identifying information specific to the reporting company and receive an electronic transcript with the entity’s BOI. FinCEN does not want to open greater search capabilities and access due to the potential number of FIs requesting BOI on a reporting company.

Additionally, FIs would be permitted to only search the consenting entity customer and not individual beneficial owners.

Under the proposed rule, an FI would be responsible for obtaining the reporting company’s consent to access their BOI information in the IT system. Additionally, the proposal would define “customer due diligence under applicable law” to mean FinCEN’s CDD regulations, requiring FIs to identify and verify beneficial owners of legal entity customers. Of particular note, the proposed rule would NOT permit FIs to request BOI access for other BSA compliance purposes, such as compliance with relation to Customer (Member) Identification (CIP) requirements. Additionally, this limitation would mean that many FIs subject to the Bank Secrecy Act but not subject to the CDD, such as money service businesses (MSBs), would not have access to the BOI database.

Request for comment

FinCEN believes this approach will be easier to administer, however, they are seeking comments specifically as to whether a broader reading of the phrase “customer due diligence requirements” is warranted under the framework of the CTA, and, if so, how customer due diligence requirements should be defined in order to provide regulatory clarity, protect the security and confidentiality of BOI, and minimize the risk of abuse.

Regulators

Similar access limitations are permitted for Federal functional regulators and other appropriate supervisory agencies. Federal and state agencies may request BOI from FinCEN that the FIs they supervise have already obtained. The information may only be requested for assessing an FI’s compliance with CDD requirements under applicable law.

FinCEN is still developing this access model but expects regulators to be able to retrieve any BOI that their supervised institutions received from FinCEN during a particular period, as opposed to data that might reflect subsequent updates. Therefore, regulators would receive the same BOI that FIs received for purposes of their CDD reviews.

FinCEN also expects that Federal functional regulators responsible for bringing civil enforcement actions also will be able to obtain BOI under “activity-based” access. The NPRM proposes that an agency that is not traditionally understood as a “law enforcement” agency, such as a Federal functional regulator (e.g., NCUA), may receive BOI because “law enforcement activity” may encompass civil law enforcement by the agency, including civil forfeiture and administrative proceedings.

Verification of Beneficial Ownership Information

The proposed rule indicates that FinCEN “continues to evaluate options for verifying reported BOI.” “Verification” means confirming that the reported BOI submitted to FinCEN is accurately associated with a particular individual, creating doubt for FIs and regulators about they ability to rely upon the information in the system.

Request for Comment

FinCEN is seeking feedback on 30 specific requests for comment under six subheadings.

Understanding the Rule
Disclosure of Information
Use of Information
Security and Confidentiality Requirements
Outreach
FinCEN Identifiers

The complete list of specific comments can be found on page 77425 of the NPRM found here.

Of particular note under the subheading of “Disclosure of Information” FinCEN is seeking comments on the following:

(7) FinCEN requests comments discussing how State, local, and Tribal law enforcement agencies are authorized by courts to seek information in criminal and civil investigations. Among the particular issues that FinCEN is interested in are: how State, local, and Tribal authorities gather evidence in criminal and civil cases; what role a court plays in each of these mechanisms, and whether in the commenter’s opinion it rises to the level of court “authorization”; what role court officers (holders of specific offices, not attorneys as general-purpose officers of the court) play in these mechanisms; how grand jury subpoenas are issued and how the court officers issuing them are “authorized” by a court; whether courts of competent jurisdiction, or officers thereof, regularly authorize subpoenas or other investigative steps via court order; and whether there are any evidence-gathering mechanisms through which State, local, or Tribal law enforcement agencies should be able to request BOI from FinCEN, but that do not require any kind of court?

(11) FinCEN proposes that FIs be required to obtain the reporting company’s consent in order to request the reporting company’s BOI from FinCEN. FinCEN invites commenters to indicate what barriers or challenges FIs may face in fulfilling such a requirement, as well as any other considerations.

(12) FinCEN proposes to define “customer due diligence requirements under applicable law” to mean the bureau’s 2016 CDD Rule, as it may be amended or superseded pursuant to the AML Act. The 2016 CDD Rule requires FIs to identify and verify beneficial owners of legal entity customers. Should FinCEN expressly define “customer due diligence requirements under applicable law” as a larger category of requirements that includes more than identifying and verifying beneficial owners of legal entity customers? If so, what other requirements should the phrase encompass? How should the broader definition be worded? It appears to FinCEN that the consequences of a broader definition of this phrase would include making BOI available to more FIs for a wider range of specific compliance purposes, possibly making BOI available to more regulatory agencies for a wider range of specific examination and oversight purposes and putting greater pressure on the demand for the security and confidentiality of BOI. How does the new balance of those consequences created by a broader definition fulfill the purpose of the CTA?

(13) If FinCEN wants to limit the phrase “customer due diligence requirements under applicable law” to apply only to requirements like those imposed under its 2016 CDD Rule related to FIs identifying and verifying beneficial owners of legal entity customers, are there any other comparable requirements under Federal, State, local, or Tribal law? If so, please specifically identify these requirements and the regulatory bodies that supervise for compliance with or enforce them.

(14) Are there any State, local, or Tribal government agencies that supervise FIs for compliance with FinCEN’s 2016 CDD Rule? If so, please identify them.

Also, of particular note under the category of “Use of Information” FinCEN is seeking comment on:

(19) Could a State regulatory agency qualify as a “State, local, or Tribal law enforcement agency” under the definition in proposed 31 CFR 1010.955(b)(2)(ii)? If so, please describe the investigation or enforcement activities involving potential civil or criminal violations of law that such agencies may undertake that would require access to BOI.

NASCUS would also like feedback on a handful of other items not specifically addressed in the NPRM including whether an FI is obligated to access the BOI database for purposes of CDD Rule compliance, or may it choose to do so and what an FI should do if there is a discrepancy between the BOI it received from an entity customer under the CDD Rule and the BOI it receives from FinCEN under the CTA?

[1] 31 U.S.C. 5336

Credit Card Penalty Fees Proposal

Notice of Proposed Rulemaking and Request for Comment NCUA: Chartering and Field of Membership

NCUA Final Rule Summary: Cyber Incident Notification Requirements for Federally Insured Credit Unions

Notice of Proposed Rulemaking and Request for Comment
NCUA: Chartering and Field of Membership