NCUA 2024 FINAL Budget Summary

 NCUA Final 2024 Budget Summary

NASCUS Legislative and Regulatory Affairs Department
December 19, 2023

The NCUA Board approved a $394.5 million 2024 proposed budget[1] posted on October 26, 2023.  NASCUS provided a summary[2], and both written[3] and oral[4] testimony related to the issue.  On December 14, 2023, the NCUA Board unanimously passed[5] a modified budget of $385.7 million representing an $8.8 million decrease from the initial proposal.  The modifications made to the finalized budget are summarized here.

SUMMARY OF FINAL BUDGET APPROVED:

The funding levels recommended in the 2024 combined final budget were reduced by a net of $8.8 million, for a revised total of $385.7 million.  The revision reflects an offset of $24.5 million unspent prior-year budget surpluses, up $6.5 million from the staff draft budget.  The resulting recommended 2024 funding level is 7.0 percent higher than the Board-approved 2023 budget, down from the 9.5 percent increase originally proposed.  Staffing in 2024 would be reduced by one position from the original staff draft.

CHANGES FROM THE PROPOSED BUDGET:

Specific changes to the staff draft operating budget include:

  • An additional $5.3 million in expected surplus projected for 2023, for a total of $23.3 million in carryforward funding in the operating budget. This amount has been used to lower the overall level of new operating budget funding for 2024.
  • The budget for agency travel expenses reduced by $2 million, reflecting use of examination efforts conducted off-site by NCUA examiners, and other efficiencies.
  • One position requested for the Office of Ethics Counsel was eliminated.
  • The recommended final budget eliminates two new positions and related funding requested to establish a new Office of the Executive Secretary.
  • One new position was added to the Office of External Affairs and Communications to lead implementation of the 21st Century Integrated Digital Experience Act and other requirements newly established for Federal Government websites. The new writer-editor position proposed in the staff draft for the Office of External Affairs and Communications was eliminated.
  • Funding for one position in the Office of Human Resources that is authorized within the NCUA staffing plan but currently unfunded was moved from 2024 to 2025.
  • One new position was added to the Office of the Chief Information Officer to reflect information security management needs. The recommended final budget eliminates funding proposed in the staff draft for one position in the Office of the Chief Information Officer that is authorized within the NCUA staffing plan but currently unfunded.
  • One new position for the Office of the Ombudsman was moved from 2024 to 2025.
  • Four additional examiner positions, for a total of nine when including the five additional positions proposed in the staff draft, were added to the regions to reflect updates to the NCUA’s examination and supervision program needs for 2024.
  • Additional budget amounts for 2024 totaling $0.1 million net, were added to several offices to account for revised estimates for various contract support costs. Some additional, immaterial adjustments were made to funding levels in the staff draft for technical corrections and to reflect updated information that was not available at the time the staff draft was published.

The recommended final 2024 capital budget is reduced by approximately $1.2 million from the staff draft.  Balances for several completed capital projects were identified to lower the overall level of new capital budget funding in 2024.  The recommended final 2025 capital budget is unchanged from the staff draft.

The recommended final 2024 and 2025 Share Insurance Fund administrative expenses budgets represent increases from the staff draft by $6,000 and $131,000, respectively, due to re-estimated administrative expenses.

[1] Available at https://ncua.gov/files/publications/budget/budget-justification-proposed-2024-2025.pdf

[2] Available at https://www.nascus.org/summaries/ncua-2024-proposed-budget-summary/

[3] Available at www.nascus.org/wp-content/uploads/2023/11/NASCUS-COMMENTS-ON-DOCKET-NCUA-2023-0117.pdf

[4] Available at https://www.nascus.org/pressroom/nascus-testifies-during-ncua-board-2024-budget-briefing/

[5] Available at https://ncua.gov/news/board-meetings-agendas-results/board-agenda-december-14-2023-meeting

FinCEN Alert on COVID-19 Employee Retention Credit Fraud
FIN-2023-Alert007

NASCUS Legislative and Regulatory Affairs Department
December 5, 2023

On November 22, 2023, FinCEN, in coordination with the IRS Criminal Investigation (CI), issued an alert to financial institutions, FIN-2023-Alert007, on fraud schemes related to the COVID-19 Employee Retention Credit (ERC) and is urging financial institutions to identify and report related suspicious activity.

IRS CI has identified ongoing fraud and other scams related to the ERC which have resulted in 323 investigations involving more than $2.8 billion of potentially fraudulent ERC claims throughout tax years 2020 – 2023. These fraudulent claims disrupted the IRS’s ERC claim review process and created significant backlog and delays in the processing of legitimate ERC claims filed by eligible businesses.

The alert includes an overview of the trends and typologies associated with ERC fraud and scams, identifies select red flags to assist financial institutions in identifying and reporting suspicious activity, and reminds financial institutions of their reporting requirements under the Bank Secrecy Act (BSA).

Trends and Typologies of ERC-Related Financial Crimes

IRS CI and other law enforcement agencies have identified several methods in which fraudsters and scammers have utilized the ERC to obtain funds. Cases have identified individuals who have filed fraudulent ERC claims using shell companies or existing, but ineligible, businesses and, in some cases, abused the program to pay for lavish purchases and personal expenses upon receipt of the credit. Additionally, IRS CI has identified cases in which many businesses have been duped into filing ERC claims by third parties.

Filing of Fraudulent Claims

Use of Fabricated and Dormant Entities

The alert indicates that some individuals have fraudulently filed ERC claims with the IRS using fabricated and dormant entities. In the case of a dormant entity, the entity typically had an EIN but did not have any activity and then filed taxes for at least one tax period during the claim period.

Ineligible Businesses

Ineligible businesses included business owners who knowingly applied for the ERC hoping they could obtain the credit even though they are not eligible, including those who had received a Paycheck Protection Program (PPP) loan, who then amended their tax returns misrepresenting their eligibility.

Third-Party Promoters

These “promotors” are also referred to as “ERC mills” that deploy aggressive marketing tactics, including mailing notices designed to look like official IRS communications. They also present themselves as “ERC experts” or tax professionals. Promotion scams are likely to target established businesses to avoid IRS scrutiny. ERC mills neglect to inform businesses of eligibility requirements and avoid signing the ERC return prepared.  Promotors typically charge an upfront fee (sometimes 30 to 40% of the expected ERC) or a contingent fee depending on the amount of the tax credit. They may submit claims on behalf of businesses without their knowledge or use stolen information or use the taxpayer’s personal information to use in other identity theft schemes.

Fraudulent Receipt and Use of ERC Funds

The alert also highlights the following trends related to fraudulent receipt and use of ERC funds:

  • Funds are deposited into a business account that is funded solely by the ERC or to an account with limited transactions;
  • Fraudsters have used the ill-gotten funds for personal purposes including the purchase of luxury goods and vacations;
  • Fraudsters may attempt to conceal receipt of the funds by transferring the funds using a peer-to-peer (“P2P) service;
  • Recipients may attempt to deposit an altered check, closely resembling an ERC Treasury-issued check.

Red Flag Indicators of ERC Fraud

The alert also includes ten “red flag” indicators to assist financial institutions in determining if a transaction is indicative of ERC fraud.

NCUA Final Rule Summary: Charitable Donation Accounts

NASCUS Legislative and Regulatory Affairs Department
December 4, 2023

Summary

In December 2013, the NCUA Board approved the current CDA rule which permits Federal credit unions (FCUs) to fund a CDA, which may hold investments that are otherwise impermissible for Federal credit unions, for use as a charitable contribution or donation under their incidental powers authority. This rule defined a CDA as a hybrid charitable and investment vehicle that FCUs may fund to provide charitable contributions and donations to a qualified charity, defined as a charitable organization or other non-profit recognized as tax-exempt under section 501(c)(3) of the Internal Revenue Code.

Because CDAs can be funded with impermissible investments the Board believes it is necessary to keep in place distinct limits on groups that are beneficiaries of a CDA. Therefore, any group the Board considers adding as a “qualified charity” must be both non-profit and organized for a charitable purpose.

At the May 2023 NCUA Board meeting, the Board issued a proposed rule to amend the CDA rule permitting veterans’ organizations recognized as tax-exempt under section 501(c)(19). According to the IRS website, veterans’ organizations must meet numerous requirements.

Final Rule

At the November 2023 Board meeting, the NCUA issued a final rule amending the charitable donation accounts (CDAs) section of the NCUA’s incidental powers rule.

The amendment adds “a post or organization of past or present members of the Armed Forces of the United States, or an auxiliary unit or society of, or a trust or foundation for, any such post or organization recognized as exempt from taxation under section 501(c)(19) of the Internal Revenue Code (veterans’ organizations)” to the definition of “qualified charity” that a Federal credit union may contribute to using a CDA.

The final rule is effective December 21, 2023.

IRS Lookup for 501(c)(19) Entities

To confirm if an entity is a “qualified charity” for purposes of the final rule there are two methods to identify tax-exempt status under 501(c)(19).

  1. An entity may be searched by utilizing the IRS Online Tax-Exempt Search Tool; or
  2. IRS bulk download, which is available by state and found here Exempt Organizations Business Master File Extract (EO BMF)

Final Rule Summary
FinCEN: Beneficial Ownership Information Reporting Deadline Extension for Reporting Companies Created or Registered in 2024

NASCUS Legislative and Regulatory Affairs Department
November 30, 2023

Background

On September 30, 2022, FinCEN published the final Beneficial Ownership Information (BOI) Reporting Rule (Reporting Rule), with an effective date of January 1, 2024. NASCUS summarized the final rule here.

On September 28, 2023, FinCEN issued a proposal that would amend the Reporting Rule by extending the period for new entities to file their BOI reports. FinCEN proposed this extension based on comments received from multiple entities including trade associations, non-profits, and other key stakeholder organizations. As explained in the extension, extending the deadline for reporting companies registered on or after January 1, 2024, and before January 1, 2025, would give those entities additional time to:

  1. Understand and comply with the Reporting Rule;
  2. Obtain the information necessary to complete their initial BOI reports; and
  3. Resolve questions that may arise in the process of completing the initial BOI reports.

Summary

On November 30, 2023, FinCEN issued a final rule amending the Reporting Rule extending the filing deadline for certain BOI reports. Under the Reporting Rule before this amendment, business entities created or registered on or after the rule’s effective date, January 1, 2024, would have been required to file initial BOI reports with FinCEN within 30 calendar days of notice of their creation or registration.

This amendment to the final rule extends the filing deadline from 30 calendar days to 90 calendar days for entities created or registered on or after January 1, 2024, and before January 1, 2025, as initially proposed.

Entities created or registered on or after January 1, 2025, will continue to have 30 calendar days to file their BOI reports with FinCEN.

FinCEN believes this extension will afford entities the time to understand and comply with the reporting requirements as well as obtain the information needed to complete their initial BOI reports.

Update on the Beneficial Ownership Access and Safeguards Proposed Rule

As for access to the BOI database, including how financial institutions should obtain customer consent to access the database, these issues fall under FinCEN’s proposed Access Rule and the forthcoming final rule on beneficial ownership access and safeguards. BOI obtained from the database will also be addressed in future rulemaking of revisions to the 2016 CDD Rule as required

[1] See CTA, Section 6304(d)

Notice of Proposed Rulemaking and Request for Comment
NCUA Parts 701, 741, 746, 748, and 752: Fair Hiring in Banking

NASCUS Legislative and Regulatory Affairs Department
November 30, 2023

The National Credit Union Administration (NCUA) has published a notice of proposed rulemaking and request for comment seeking to incorporate its “Second Chance” Interpretive Ruling and Policy Statement 19-1 (IRPS 19-1) and the Fair Hiring in Banking Act (FHBA) into its regulations. Currently, section 205(d) of the Federal Credit Union Act (FCUA) prohibits, except with the Board’s prior written consent, any person who has been convicted of certain criminal offenses involving dishonesty or breach of trust (a covered offense), or who has entered into a pretrial diversion or similar program in connection with a prosecution for such offense (program entry), from participating in the conduct of the affairs of an insured credit union.

Comments on the proposed rule are due January 8, 2024.

Summary

The proposal would update NCUA’s regulations to reflect recent statutory changes that provide greater employment opportunities for individuals with prior minor criminal offenses while still restricting participation in credit union affairs by individuals who pose undue risks.

The proposal also details the revised consent application process under Section 205(d) and would incorporate Interpretive Ruling and Policy Statement (IRPS) 19-1 as well as the Fair Hiring in Banking Act into NCUA’s regulations.

Section 752.1 What is Section 205(D) of the FCU Act?

The proposed changes would require credit unions to make a reasonable inquiry regarding an applicant’s history to ensure that a person who is subject to the prohibition provision of Section 205(d) is not hired or permitted to participate in the conduct of credit unions’ affairs without the written consent of the NCUA. It would also set out that insured credit unions would be permitted to make conditional offers of employment to prospective applicants.  Finally, it would address the need for a consent application and establish the standard for an application’s approval. The burden would be upon the applicant to establish their application warrants approval.

Section 752.2 Who is covered by Section 205(D)?

Those covered under Section 205(d) of the proposed rule would include:

  • Institution Affiliated Parties (IAPs)[1]
    • Certain IAPs (e.g., independent contractors, are covered depending upon the degree of influence or control over the management or affairs of an insured credit union.
  • Volunteer and de facto employees
  • Directors and officers of affiliates, or joint ventures, would also be covered if they participate in the conduct of affairs of the insured credit union or are able to influence or control the management or affairs of the insured credit union.

Section 752.3 Which offenses qualify as “Covered Offenses” under Section 205(D)?
Conviction or program entry must have been for a criminal offense involving dishonesty or breach of trust.

  • The FHBA defines “criminal offense involving dishonesty” as “an offense under which an individual, directly or indirectly, cheats or defrauds or wrongfully takes property belonging to another in violation of a criminal statute.” The FHBA further provides that the term includes an offense that federal, state, or local law defines as dishonest or for which dishonesty is an element of the offense.
  • The term does not include a misdemeanor criminal offense committed more than 1 year before the date on which an individual files a consent application, excluding any period of incarceration, or an offense involving the possession of controlled substances.
  • Breach of trust would mean a wrongful act, use, misappropriation, or omission with respect to any property or fund that has been committed to a person in a fiduciary or official capacity, or the misuse of one’s official or fiduciary position to engage in a wrongful act, use, misappropriation, or omission.

Section 752.4 What constitutes a conviction under Section 205(D)?

This section would state there must have been a conviction of record for section 205(d) to apply, and that section 205(d) would not apply to arrests, pending cases not brought to trial (unless the person has a program entry as set out in § 752.5), or any conviction reversed on appeal unless the reversal was for the purpose of re-sentencing. The Board notes, however, that covered offenses that have been pardoned—and which are not otherwise excluded by § 752.8—would still require a consent application.

This section also addresses expunged convictions and exclusions for “youthful offender” judgments.

Section 752.5 What constitutes a pretrial diversion or similar program under Section 205(D)?

A pretrial diversion or similar program is a program characterized by a suspension or eventual dismissal or reversal of charges or criminal prosecution upon agreement by the accused to restitution, drug or alcohol rehabilitation, anger management, or community service. The FHBA establishes this definition.

Section 752.6 What are the types of consent applications that can be filed?

The proposed rule would provide that the NCUA will accept applications from an individual or an insured credit union applying on behalf of an individual.

Additionally, the proposal would provide that an individual consent application or a credit union-sponsored consent application may be filed separately or contemporaneously with the appropriate NCUA Regional Office or ONES.

Section 752.7 When must a consent application be filed?

A consent application would not be considered by the NCUA until all sentencing requirements associated with a conviction have been met or all requirements of the program entry have been completed.

Forms and instructions will be made available on the NCUA’s website or at the NCUA’s regional offices in accordance with the FHBA’s statutory mandate.

Section 752.8 De minimis offenses.

The proposed rule would retain the de minimis offenses detailed in IRPS 19-1 and would amend the factors to reflect the FHBA.

  • An individual who has been convicted of 2 or fewer covered offenses need not file if the individual could have been sentenced to a term of confinement in a correctional facility of 3 years or less and/or a fine of $2,500 or less, and the individually actually served 3 days or less of jail time for each including additional factors.
  • A consent application would not be required if there are two convictions or programs entries for a covered offense, and the actions that resulted in both convictions all occurred when the individuals was 21 years of age or younger and the convictions were entered at least 18 months prior to the date of consent application.
  • A consent application would not be required for convictions of writing “bad” checks under certain terms, including if the amount were $2,000 or less and no insured depository institution or credit union was a payee on the checks; and the individual has no more than one other de minimis offense.
  • Convictions on the simple theft of goods, services, or currency would be considered de minimis under certain conditions as outlined in the proposed rule.

Section 752.9 How to file a consent application.

Consent applications filed by a credit union should be filed with the NCUA’s Regional Office where the credit union’s home office is located (or with ONES for credit unions that office supervises.

Consent applications filed by an individual should be filed with the NCUA’s Regional Office where the person lives.

Upon issuance of a final rule the NCUA Board will delegate authority related to consent applications. Regional Directors and the ONES Director will have authority to act on both individual and credit union-sponsored applications. The Board will retain the authority to approve/disapprove individual applications.

Section 752.10 How a consent application is evaluated.

This section will address the factors the NCUA would assess to determine the level of risk the applicant poses to an insured credit union and whether the NCUA would consent to the person’s participation in the credit union’s affairs. It outlines the review process, what is required for review, the determining factors in assessing an application, considerations the NCUA would evaluate when conducting an individualized assessment, and requirements for fidelity bond coverage.

Section 752.11 What will the NCUA do if the consent application is denied?

The NCUA would provide a written denial summarizing or citing the relevant factors from the proposed § 752.10. Paragraph (b) would provide that the applicant can file a written request for reconsideration or appeal under the process contained in 12 CFR part 746, subpart B. That subpart includes uniform procedures by which petitioners may appeal initial agency determinations to the Board.

Prior to submitting an appeal to the Board, the petitioner may make a written request to the appropriate Regional Office or ONES, to reconsider an initial agency determination within thirty calendar days of the date of that determination. Within sixty calendar days of the date of an initial agency determination or, as applicable, a determination by the Regional Office or, if appropriate, ONES, on any request for reconsideration, a petitioner may file an appeal seeking review of the determination by the Board.

Proposed Amendments to § 701.14 on Change in Official or Senior Executive Officer in Credit Unions That Are Newly Chartered or Are in Troubled Condition

Section 701.14 requires that insured credit unions that are newly chartered or troubled file notice with the NCUA before adding, replacing, or changing the duties of a board or committee member or a senior executive officer.

First, the proposed rule would clarify when notice is required and would specify that a credit union must provide notice when adding or replacing any member of its board of directors or committees, employing any person as a senior executive officer of the credit union, or changing the responsibilities of a board member, committee member, or a senior executive officer so that the person would assume a different position.

Second, the proposed rule would increase the amount of time the NCUA has to initially review a notice. The current 10-day notification requirement is not specified in the statute, and NCUA staff has found the 10-day timeframe difficult to meet, as additional information to analyze the request may be required. The Board does not believe that an additional five calendar days would unduly delay the start or change in the position of board members, committee members, or senior executive officers.

Finally, the proposed rule would explicitly state that the notice of disapproval will identify the reason(s) for the denial.

Request for Comments

The Board is seeking comments on all aspects of the proposed rule and is seeking specific comments on eight questions addressing the following.

  1. Scope of the final rule and whether it should include additional information on who may fall within the scope of section 205(d), including persons who participate in the conduct of the affairs of an insured credit union.
  2. Date of offense: Is the Board’s interpretation of the phrases “offense occurred” and “offense committed” as the “last date of underlying misconduct” appropriate, or are there other interpretations the Board should consider? What support do commenters have for other interpretations given the language of the statute?
  3. “Sentencing occurred.” The FHBA exempts offenses committed by individuals 21 years of age or younger if it has been more than 30 months since the sentencing occurred. [43] However, the statute does not define the phrase “sentencing occurred.” The Board proposes to interpret “sentencing occurred” to mean the date on which a court imposed the sentence, not the date on which all conditions of sentencing were completed. The Board seeks public comment on the following topic: Is the Board’s proposed interpretation of the phrase “sentencing occurred” appropriate?
  4. Foreign Convictions. Does section 205(d) encompass foreign convictions and pretrial diversions? What support do commenters have for their position?
  5. Expungements, sealings, and dismissals. The Board seeks public comment on the following topic: Given the new statutory exemption for expunged offenses, is the Board’s more expansive proposed interpretation of expungement—which term includes records that have been expunged by application of law—appropriate?
  6. Offenses involving controlled substances. The Board seeks public comment on the following topic: Is the Board’s interpretation of “offense[s] involving the possession of controlled substances” as applying, at a minimum, to simple possession and possession with intent to distribute appropriate?
  7. De minimis offenses. The Board seeks public comment on the following topic: Is the Board’s current approach to de minimis offenses appropriate? Are there additional offenses that the Board should consider de minimis under section 19? Commenters should provide support for such a designation.
  8. Conforming changes. The Board also requests comments on other conforming changes or updates that it should make to its regulations or guidance to implement the new statutory provisions.

[1] 12 U.S.C. 1786(r)

Summary re: CFPB Proposed Rule on Defining Larger Participants of a Market for General-Use Digital Consumer Payment Applications

12 CFR Part 1090

The Consumer Financial Protection Bureau (CFPB) proposes a rule to define a market for general-use digital consumer payment applications.  The proposed market would cover providers of funds transfer and wallet functionalities through digital applications for consumers’ general use in making payments to other persons for personal, family or household purposes.  Larger participants of this market would be subject to the Bureau’s supervisory authority under the Consumer Financial Protection Act (CFPA).

Comments must be received by January 8, 2024.  The proposed rule can be found here.

Summary

The proposed rule would implement Section 1024 of the CFPA gives the CFPB supervisory authority over all nonbank covered entities participating in a market for “general use digital consumer payment applications.” The proposed market would include providers of funds transfers and wallet functionalities through digital applications for consumers’ general use in marking payments to other persons for personal, family or household purposes. The Bureau is authorized to supervise nonbank covered persons (subject to CFPA Section 1024) for purposes of (i) assessing compliance with Federal consumer financial law; (ii) obtaining information about such persons activities and compliance systems or procedures; and (iii) detecting and assessing risks to consumers and consumer financial markets.  The rule is the sixth in a series of CFPB rulemakings to define larger participants of markets for consumer financial products/services for purposes of CFPA Section 1024(a)(1)(B).

Important Definitions

Consumer Payment Transactions:

The proposed rule defines “consumer payment transactions” to include payments to other persons for personal, household, or family purposes excluding certain transactions.

  • The first component of the consumer payment transaction is that the transaction must result in a transfer of funds by or on behalf of the consumer. The focus is on the sending of the payment and not on the receipt of the payment.
  • The second component of the consumer payment transaction definition is that the consumer must be physically located in a State. This is satisfied when the consumer uses a general use digital consumer payment application on a personal computing device or at a point of sale that is physically located in a State.  By contrast, if a consumer is physically located outside of any State at the time of engaging in a payment transaction, then the payment transaction would not be a consumer payment transaction covered by the proposed rule.
  • The third component of the proposed consumer payment transaction definition is that the funds transfer must be made to another person besides the consumer.
  • The fourth component of the proposed consumer payment transaction definition is that the funds transfer must be primarily for personal, family, or household purposes.

In addition, the proposed definition of “consumer payment transaction” excludes four types of transfers:

  • International money transfers
  • Transfers by consumers (i) that are linked to the consumer’s receipt of a different form of funds (such as a transaction for foreign exchange) or (ii) that is excluded from the definition of “electronic fund transfer” under Section 1005.3(c)(4) of this chapter
  • Payment transactions conducted by a person for the sale or lease of goods/services that a consumer selected from an online or physical store or marketplace operated prominently in the name of such person or its affiliated company.
  • Extensions of consumer credit that are made using a digital application provided by the person who is extending the credit or that person’s affiliated company.

Digital Applications

Payment transactions would be made via “digital applications.”  Under the proposed rule, a “digital application” is defined as a software program accessible to a consumer through a personal computing device such as a mobile phone, smart device, tablet, laptop or desktop computer, etc. The proposed definition is inclusive of software programs:

  • whether downloaded to a personal computing device,
  • accessible from a personal computing device via a website or
  • activated from a personal computing device using an internet browser or from a personal computing device using the consumer’s biometric identifier (fingerprint, palmprint, face, eye or voice).

General Use

The proposed rule defines the term “general use” to mean the absence of significant limitations on the purpose of consumer payment transactions facilitated by the covered payment functionality provided through the digital consumer payment application.  Digital payment applications with general use can serve broad functions for consumers such as sending funds to friends/family, buying a wide range of goods/services at different stores or both.  The definition would clarify that digital consumer payment applications that would facilitate person to person, or peer to peer transfers of funds would qualify as having general use.

The rule would set forth a test to determine whether a nonbank covered person is a larger participant of the general use digital consumer payment applications market.  A nonbank covered person would be a larger participant if it satisfies two criteria:

  • the nonbank covered person (together with its affiliated companies) must provide general use digital consumer payment applications with an annual volume of at least five million consumer payment transactions and
  • the nonbank covered person must not be a small business concern based on the

applicable Small Business Administration (SBA) size standard.

Covered Payment Functionality

The proposed rule specifies two types of covered payment functionalities: funds transfer functionality and wallet functionality.  A nonbank covered person would be participating in the proposed market if its market activity included one or both of these functionalities.  The terms are defined as follows:

  • Funds Transfer Functionality: a consumer payment transaction that is: (1) receiving funds for the purpose of transmitting them; or (2) accepting and transmitting payment instructions. These two types of funds transfer functionalities generally describe how nonbanks help to transfer a consumer’s funds to other persons, sometimes referred to as P2P transfers.  The nonbanks either already hold or receive the consumer’s funds for the purpose of transferring them, or it transmits the consumers payment instructions to another person who does so.
  • Wallet Functionality: a product/service that (1) stores account or payment credentials, including in encrypted or tokenized form; and (2) transmits, routes, or otherwise processes such stored account or payment credentials to facilitate a consumer payment transaction.

If finalized, the Bureau proposes that the rule become effective 30 days after publication in the Federal Register. 

Comments Requested:

While the CFPB is seeking feedback on all aspects of the proposal, they specifically posed the following:

  • The Bureau is seeking comment on the proposed definition of funds transfer functionality. Whether it should be modified and, if so, why?
  • The Bureau is requesting comment on the proposed definition of the term wallet functionality. Whether it sufficiently encompasses digital wallets in the market today; whether it should be modified, and if so, how and why?
  • The Bureau is requesting comment on the proposed definition of digital application. Whether it should be modified, and, if so, how and why?

Final Rule Summary
FinCEN: Use of FinCEN Identifiers in Beneficial Ownership Information Reporting

NASCUS Legislative and Regulatory Affairs Department
November 28, 2023

On November 7, 2023, FinCEN issued a final rule that specifies the circumstances in which a reporting company may report an entity’s FinCEN identifier in lieu of information about an individual beneficial owner.

Summary

A FinCEN identifier is a unique number that FinCEN will issue upon request after receiving the required information. Although there is no requirement to obtain a FinCEN identifier, doing so can simplify the reporting process and allow entities or individuals to provide the required information directly to FinCEN.

The final rule amends FinCEN’s final Beneficial Ownership Information (BOI) Reporting Rule. The amendments specifically respond to concerns from commenters that the reporting of entity FinCEN identifiers could obscure the identities of beneficial owners in a manner that might result in greater secrecy or misleading disclosures. To address this concern, the final rule provides clear criteria that must be met in order for a reporting company to report an intermediate entity’s FinCEN identifier in lieu of information about the individual beneficial owner.

Specifically, the final rule adopts the following changes:

  1. To consistently refer to the entity whose FinCEN identifier the reporting company may use as “another entity” or “the other entity” rather than simply “the entity,” in order to avoid confusion with the reporting company itself; and
  2. To make clear that it is an individual’s ownership interest in another entity that allows the reporting company to report the other entity’s FinCEN identifier in lieu of the individual’s information.

The final rule will be effective January 1, 2024, to align with the effective date of the BOI Reporting Rule.

Notice of Proposed Rulemaking and Request for Comment
FinCEN: Proposal of Special Measure Regarding Convertible Virtual Currency Mixing, as a Class of Transactions of Primary Money Laundering Concern

NASCUS Legislative and Regulatory Affairs Department
November 6, 2023

FinCEN has issued a notice of proposed rulemaking (NPRM) and request for comment, pursuant to Section 311 of the USA PATRIOT Act. The NPRM would require domestic financial institutions, including credit unions, and domestic financial agencies, to implement certain recordkeeping and reporting requirements when the institution “knows, suspects, or has reason to suspect” that the transaction involves convertible virtual currency (CVC) mixing.

Comments on the NPRM are due by January 22, 2024.

Summary

Section 311 of the USA PATRIOT Act grants the Secretary of the Treasury authority, which has been delegated to FinCEN, to require domestic financial institutions and agencies to take certain “special measures” if FinCEN finds that reasonable grounds exist for concluding that one or more classes of transactions within or involving a jurisdiction outside of the United States are of “primary money laundering concern.”

FinCEN’s implementation of Section 311 in this NPRM is FinCEN’s first-ever action under Section 311 authority to target a “class of transactions” of primary money laundering concern.

The NPRM will primarily impact CVC exchanges that deal directly with CVC and operate as money service businesses (MSBs) under the Bank Secrecy Act (BSA).  Financial institutions that deal directly with CVCs will also need to comply. The immediate effect of FinCEN’s action is that covered entities will need to begin reviewing mixing activity, understanding that the US government now deems this class of transactions to represent a heightened financial crime risk.

Definitions

The NPRM defines a CVC mixer as “any person, group, service, code, tool, or function that facilitates CVC mixing.”

CVC mixing is then defined as “the facilitation of CVC transactions in a manner that obfuscates the source, destination, or amount involved in one or more transactions, regardless of the type of protocol or service used,” including those conducted through the following six specific methods:

  • Pooling or aggregating CVC from multiple persons, wallets, addresses, or accounts;
  • Using programmatic or algorithmic code to coordinate, manage, or manipulate the structure of a transaction;
  • Splitting CVC for transmittal and transmitting the CVC through a series of independent transactions;
  • Creating and using single-use wallets, addresses, or accounts, and sending CVC through such wallets, addresses, or accounts through a series of independent transactions;
  • Exchanging between types of CVC or other digital assets; or
  • Facilitating user-initiated delays in transactional activity.

The NPRM also contains a proposed exception to the definition of CVC mixing. The definition would exclude “the use of internal protocols or processes to execute transactions by banks, broker-dealers, or money service businesses, including virtual asset service providers (VASPs) that would otherwise constitute CVC mixing, provided these financial institutions preserve records of the source and destination of CVC transactions when using such internal protocols and processes, and provide such records to regulators and law enforcement, where required by law.”

Recordkeeping and Reporting Requirements

The NPRM proposes FinCEN would seek to collect the following information:

  • The amount of any so-called CVC transferred, in both CVC and its US dollar equivalents, when the transaction was initiated.
  • The type of CVC.
  • The CVC mixer used, if known.
  • The CVC wallet address associated with the mixer.
  • The CVC wallet address associated with the customer.
  • Transaction hash.
  • The date of the transaction.
  • IP addresses and time stamps associated with the covered transaction.
  • Narrative

The proposal also requires that reportable information regarding the customer associated with the covered transaction would also necessarily be collected, including:

  • Customer’s full name;
  • Customer’s date of birth;
  • Address;
  • Email address associated with all accounts from which or to which the CVC was transferred; and
  • Unique identifying number.

Request for Comment

The NPRM includes several categories of specific questions in which they are seeking industry feedback. These categories include:

  1. CVC Mixing as a Class of Transactions of Primary Money Laundering Concern;
  2. Proposed Definitions;
  3. Potential Alternatives;
  4. Recordkeeping and Reporting; and
  5. Burden and Other Impacts of the Proposed Rule
NCUA: 2024 Proposed Budget Summary

NASCUS Legislative and Regulatory Affairs Department
November 8, 2023

A $394.5 million 2024 proposed budget[1] was posted on October 26, 2023, by NCUA; a public briefing is set for November 16.  Interested parties may provide comments on the budget, as published in the Federal Register[2], until November 21, 2023.  While NASCUS refrains from commenting on a peer regulatory budget, concerns continue regarding the development and implementation of the Overhead Transfer Rate (OTR) which will be addressed in its own review process.

According to NCUA, its operating budget for next year is 11% or approximately $38 million higher than the previous year’s approval. These increases do not include approximately $18 million of unspent funds to be reallocated from the 2023 budget toward contracted services.  Budget increases represent, almost exclusively, increases related to the NCUA’s Operating Budget, with a $4 million decline forecasted in the Capital Budget to $7.3 million and Share Insurance Fund Administrative Budget increases of $180,000 to $5.1 million.

Material components of the increased budget include:

  • Employee related increase of $26.2 million, or a 9.8 percent increase compared to the 2023 budget for salaries and related benefits, which includes an increase of 28 positions or 2.3% staffing increase. These expenses make up approximately 76.7 percent of the annual NCUA operating budget.
  • A $10.7 million, or 25.7% increase in spending on contractual services used to support the NCUA’s supervision framework, including tools used to identify and address risk concerns such as interest rate risk, credit risk and industry concentration risk. The 2024 budget of $70.1 million is forecasted to be offset by $18 million of unspent 2023 funds, to net a 2024 budget impact of $52.1 million.
  • A $800,000 or 13% increase in spending in rent, communications, and utilities to stand up new disaster recovery and continuity of operations sites due to the decommission of current locations at the end of 2023.

NCUA lowered the OTR, the percentage of their budget funded by the Share Insurance Fund, 60 basis points to 61.8%, which means 61.8% of the NCUA budget is funded by the Share Insurance Fund with the remainder funded by the operating fees paid by FCUs or the $18 million unspent surplus from the previous budget.   While NASCUS supports a decline in the OTR, it should be acknowledged that with the increase in the budget, the decline in the OTR is estimated to represent a $15 million increase in the Share Insurance Fund contribution to the overall budget from the previous year.  Further, while a decline was initiated this year, the OTR remains 50 basis points higher than that of 2020.

NASCUS continues to believe that while improvements in the methodology to apply expenses to the NCUSIF through the OTR have been instituted, there remains legitimate talking points regarding further improvements to ensure the appropriateness of the allocation of expenses between the two programs.  NASCUS staff will be providing comments at the November 16, 2023, NCUA Budget Briefing as well as written comments by November 21, 2023.

[1] Available at https://ncua.gov/files/publications/budget/budget-justification-proposed-2024-2025.pdf

[2] 88 FR 75040

CFPB Summary re: Consumer Information Requests to Large Banks/Credit Unions

12 CFR Chapter X

The Consumer Financial Protection Bureau (CFPB) issued this Advisory Opinion regarding Section 1034(c) of the Consumer Financial Protection Act (CFPA), which requires large banks and credit unions to comply in a timely manner with consumer requests for information concerning their accounts for consumer financial products/services, subject to limited exceptions.

The Advisory Opinion became effective on October 16, 2023, and can be found here.

Summary:

Section 1034 (c) of the CPFA requires large financial institutions to comply with consumer requests for information concerning their accounts in a timely manner.  The Advisory Opinion interprets this provision for the purpose of highlighting the obligations it imposes upon large financial institutions.

Section 1034 (c) applies to insured depository institutions and credit unions that offer or provide consumer financial products/services and that have total assets of more than $10 billion, as well as their affiliates.  In accordance with Section 1034 (c), subject to certain exceptions, applicable institutions must “in a timely manner, comply with a consumer request for information in the control or possession of such covered person concerning the consumer financial product/service that the consumer obtained from such covered person, including supporting written documentation, concerning the account of the consumer.”  According to the opinion, Congress added Section 1034(c) to the CFPA to establish a direct channel for consumers to request information from institutions without having to route their inquiry through the CFPB or another government entity.

Information Requests under Section 1034(c)  

Section 1034(c) requires institutions to respond to a consumer’s request for information regarding their consumer financial product/service in a “timely manner.”  This requirement applies in instances where the information request is in the control or possession of the entity and does not fall into an enumerated exception.

The Bureau notes that a “consumer financial product or service” includes several types of financial products or services that consumers may obtain from an institution, including deposit and saving accounts, credit products such as mortgage loans and credit cards, and loan servicing.  The Bureau provided examples of the type of information that might be requested:

  • Information from periodic statements or online account information
  • Bill payments information
  • Deposit account balances, credit card and/or loan account interest rates, etc.
  • Terms/conditions of accounts including fee schedules
  • Information about the status of a lien on property

In addition, the Bureau notes that complying with Section 1034(c) information request requirements could include the provision of supporting, written documentation.  For example, this could include the provision of account statements or check images.

Exceptions to Section 1034(c)

Section 1034(c) does not apply to consumer’s request for information that is not specifically related to a consumer’s account, such as information regarding an institution’s internal operating procedures, financial performance, marketing strategies or employee training programs.  In addition, the opinion specifies the following information is exempt from Section 1034(c) requirements.

  • Confidential commercial information, including an algorithm used to derive credit scores or other risk scores or predictors;
  • Information collected for the purpose of preventing fraud or money laundering, or detecting or making any report regarding other unlawful or potentially unlawful conduct;
  • Information required to be kept confidential by any other provision of law; any
  • Nonpublic or confidential information, including confidential supervisory information.

Unreasonable barriers to consumer information requests

 The Bureau notes that the language of Section 1034 (c) provides that institutions “shall” provide the relevant requested information in a timely manner and interprets this language to mean that institutions are required to comply with consumer requests for information.  The Bureau also notes that institutions that cannot impose “unreasonable” conditions on consumer requests that would results in barriers to consumers being able to get their requests met.

Fees

An institution that imposes conditions that would “unreasonably impede” a consumer’s ability to request and receive account information would violate Section 1034(c) requirements.  For example, institutions that require a consumer to pay a fee or charge to request account information are likely to be found to have interfered with the consumer’s ability to exercise the right provided. The following examples of problematic fees were provided:

  • Fees related to consumer inquiries regarding their deposit account balances
  • Fees related to consumer inquiries seeking the amount necessary to pay a loan balance
  • Fees related to a request for a specific type of supporting document, such as a check image or an original account agreement
  • Fees related to time spent on consumer inquiries seeking information and supporting documents regarding an account.

However, the Bureau notes there are instances fees would be appropriate.  The opinion notes it would generally not violate Section 1034 (c) for an entity to impose a fee or charge in certain limited circumstances.  For example, the Bureau notes that an entity that charges a consumer who repeatedly requested/received the same information regarding their account would be permissible.

Applying conditions to information requests

An entity may also violate Section 1034 (c) by imposing other conditions or obstacles that unreasonably impede consumers’ ability to make an information request.  For example, problematic conditions/obstacles could include forcing consumers to endure excessively long wait times to submit an information request; requiring consumers to interact with a chatbot that can’t adequately respond to information requests; or directing consumers to obtain information the institution possesses from a third party instead.

Timely Compliance with Consumer Information Requests

Section 1034 (c) provides that institutions “shall, in a timely manner, comply” with consumer requests for information.  The regulation does not specify a time limit for responding that applies to all information requests.  The Bureau will consider the specific circumstances and nature of a particular request to determine compliance.

Bureau notes whether a response is considered timely may depend on the complexity of the request and/or the difficulty of responding.  What constitutes a timely response may also be informed by the timing requirements of other Federal laws and regulations with which large banks/credit unions must comply.

Accuracy and Completeness of Responses to Consumer Information Requests

 Section 1034(c) contemplates institutions will provide consumers with the information they request to the extent it is in their control or possession.  An entity would violate the regulation if it provided incomplete or inaccurate information in response to a consumer’s information request.

The Bureau notes the advisory opinion is intended to serve as a simplified survey and reference tool for large banks/credit unions.  In addition, the opinion clarifies that as a matter of prosecutorial discretion, the Bureau does not intend to seek monetary relief for potential violations of Section 1034(c) that occur prior to February 1, 2024.

NCUA Letter to Credit Unions 23-CU-08
Resumption of Federal Student Loan Payments

NASCUS Legislative and Regulatory Affairs Department
October 12, 2023

With federal student loan payments slated to resume this month, on October 11, the NCUA issued Letter to Credit Unions 2023-CU-08.  In this letter, the NCUA encourages credit unions to work with borrowers who may be negatively impacted by the increase in total repayment obligations. It also notes that credit unions will not be criticized for their efforts to provide relief to borrowers when such efforts are conducted in a “reasonable manner with proper controls and management oversight consistent with consumer financial protection requirements.

To ensure credit unions remain safe and sound and operate in a fair manner, the NCUA is providing the industry with the following strategies when evaluating exposure to borrowers facing payment stress associated with federal student loan repayment.

Risk Management Principles

The NCUA’s 2023 Supervisory Priorities indicate NCUA examiners will review the safety and soundness of existing lending programs at credit unions, adjustments to underwriting standards, portfolio monitoring practices, and loan workout strategies. Examiners will also review policies and procedures related to the Allowance for Credit Losses.

Risk Assessment

The letter indicates credit unions should assess aggregate exposure to borrowers with federal student loans and provides recommendations for analysis including:

  • Identifying borrowers with large student loan balances relative to income;
  • Reviewing borrowers’ credit bureau information;
  • Querying member transaction history prior to the repayment pause with payments from their credit union account; or
  • Considering other indicators such as the number of members with private student loan payments.

Borrower Outreach

The letter encourages credit unions to consider contacting borrowers to inform them about the credit union’s eligibility standards and processes for requesting loan modifications. It also provides credit unions with various resources to provide borrowers, including researching repayment obligations and applying for loan forgiveness. 

Underwriting and Modifications

The letter states that credit unions should apply prudent underwriting and loss mitigation strategies for borrowers experiencing financial difficulty and struggling to make their loan payments. It encourages credit unions to use well-structured and sustainable loan modifications that are in the best interest of both the credit union and the member.

Portfolio Monitoring

Credit unions should identify and monitor higher-risk portfolio segments and update the board on any relevant risk exposure in the following areas, including, but not limited to:

  • Private Student Loans;
  • Credit card balances or other debt obligations that increased during the student loan repayment pause or that increased after the repayment period resumed;
  • Adjustable-rate loans that have similar payment reset time frames; or
  • Elevated debt-to-income ratios or low credit scores.

Allowance for Credit Losses

Finally, credit unions need to consider whether the risk associated with federal student loan repayment is adequately captured in the Allowance for Credit Losses, as detailed in Accounting Standards Codification Topic 326.

Please select a valid form
The Legislative & Regulatory Affairs Committee (L&R Committee)

Our largest committee, consisting of over 70 members, is comprised of individuals from various segments of our membership, including regulators, credit unions, leagues, and associate members. This committee convenes on the first Wednesday of each month at 3 pm (EST) for a one-hour session to address significant issues facing our system. Additionally, this committee holds in-person meetings during our Annual NASCUS State System Summit (S3).

Furthermore, the committee plays a vital role in reviewing NASCUS comment letters, providing an open forum where any member can raise concerns or issues, and organizing special calls on topics like litigation trends and cryptocurrencies. Importantly, there is no limit on committee membership, and multiple individuals from the same credit union are welcome to participate.

The CDFI, MDI, and LICU Issues Committee

This committee, which is open to all NASCUS members, concentrates on raising awareness about the unique designations within the credit union sector, namely Community Development Financial Institution (CDFI), Minority Depository Institution (MDI), and Low-Income Credit Union (LICU). It also aims to identify advocacy objectives that NASCUS can pursue to enhance the significance of these special designations. The CDFI/MDI/LICU Issues Committee convenes every other month.

The Education Committee

This committee supervises NASCUS’s programs related to professional development, training, and education. It plays a crucial role in suggesting the educational requirements of the credit union system. It assesses NASCUS’s continuous professional development initiatives by examining program agendas, post-conference evaluations, and financial aspects of events. While membership on the Education Committee is available to all membership categories, it is limited to a maximum of eight participants.

If you have additional questions on how to participate with NASCUS Committees, please contact Shellee Mitchell.