Interagency Guidance on Reconsiderations of Value of Residential Real Estate Valuations

Proposed Interagency Guidance with Request for Comment
Interagency Guidance on Reconsiderations of Value of Residential Real Estate Valuations

NASCUS Legislative and Regulatory Affairs Department
July 25, 2023

On July 21, 2023, the Federal Reserve Board, CFPB, FDIC, OCC, and NCUA (the Agencies) issued proposed guidance highlighting risks associated with deficient residential real estate valuations. The guidance also describes how financial institutions may incorporate reconsiderations of value (ROV) processes and controls into existing risk management functions. The proposed guidance also highlights examples of policies and procedures that a financial institution may choose to establish to help identify, address, and mitigate the risk of discrimination impacting residential real estate valuations.

Comments on the proposed guidance are due on or before September 19, 2023.

Summary

The Federal Reserve Board, FDIC, OCC, and NCUA issued guidance in 2010 that describes actions financial institutions may take to correct deficiencies identified in collateral valuations. The current guidance includes ordering a second appraisal or evaluation or resolving the deficiency through the original appraiser or preparer of the evaluation.

The agencies do not have existing guidance specific to ROV processes and have received questions from financial institutions and other industry stakeholders on ROVs, highlighting the uncertainty in the industry on how ROVs intersect with appraisal independence requirements and compliance with consumer protection laws, including those related to non-discrimination.

A financial institution’s use of third parties in the valuation review process does not diminish its responsibility to comply with applicable laws and regulations.

Description of Proposed ROV Guidance

The proposed guidance addresses the following:

  1. Describes the risks of deficient collateral valuations;
    • Prevent individuals, families, and neighborhoods from building wealth through homeownership;
    • Prevent prospective buyers from purchasing homes;
    • Make it harder for homeowners to sell or refinance their homes and increase the risk of default.
  2. Outlines applicable statutes, regulations, and existing guidance that govern ROVs and collateral valuations;
    • Fair Housing Act
    • Equal Credit Opportunity Act
    • Truth in Lending Act
  3. Explains how ROV processes and controls can be incorporated into existing risk management functions such as appraisal review and complaint management; and
    • Financial institutions can capture feedback regarding potential deficiencies through existing complaint resolution processes.
    • Data collected can be an important indicator of potential risks and risk management weaknesses.
  4. Provides examples of ROV policies, procedures, and controls that financial institutions may choose to adopt that:
    • Consider ROVs as a possible resolution for consumer complaints related to residential property valuations.
    • Consider whether any information or other process requirements related to a consumer’s request for a financial institution to initiate an ROV create unreasonable barriers or discourage consumers from requesting an ROV.
    • Establish a process that provides for the identification, management, analysis, escalation, and resolution of valuation-related complaints across all relevant lines of business, from various channels and sources (such as letters, phone calls, in-person, regulators, third-party service providers, emails, and social media).
    • Establish a process to inform consumers how to raise concerns about the valuation sufficiently early enough in the underwriting process for any errors or issues to be resolved before a final credit decision is made. This may include suggesting to consumers the type of information they may provide when communicating with the financial institution about potential valuation deficiencies.
    • Identify stakeholders to clearly outline each business unit’s roles and responsibilities for processing an ROV request;
    • Establish risk based ROV systems that route the request to the appropriate business unit;
    • Establish standardized processes to increase the consistency of consideration of requests for ROVs;
      1. Use clear, plain language in notices to consumers of how they may request the ROV;
      2. Use clear, plain language in ROV policies that provide a consistent process for the consumer, appraiser, and internal stakeholders.
      3. Establish guidelines for the information the financial institution may need to initiate the ROV process
      4. Establish timelines in the complaint or ROV process for when milestones need to be achieved
      5. Establish guidelines for when a second appraisal could be ordered and who assumes the cost; and
      6. Establish protocols for communicating the status of the complaint or ROV and results to consumers.
    • Ensure relevant lending and valuation-related staff, including third parties (e.g., appraisal management companies, fee-appraisers, mortgage brokers, and mortgage servicers) are trained to identify deficiencies (inclusive of prohibited discriminatory practices) through the valuation process.

Request for Comment

The agencies are seeking comments on all aspects of the proposed guidance as well as specific comments on the following:

  1. To what extent does the proposed guidance describe suitable considerations for a financial institution to take into account in assessing and potentially modifying its current policies and procedures for addressing ROVs?
    • What, if any, additional examples of policies and procedures related to ROVs should be included in the guidance?
    • Which, if any, of the policies and procedures described in the proposed guidance could present challenges?
  2. What model forms, or model policies and procedures, if any, related to ORVs would be helpful for the agencies to recommend?
  3. What other guidance may be helpful to financial institutions regarding the development of ROV processes?
  4. To what extent, if any, does the proposed ROV guidance conflict, duplicate, or complement the existing Interagency Appraisal Evaluation Guidelines or a financial institution’s policies and procedures to implement those Guidelines?

Additional comments are invited on:

  • Whether the collections of information are necessary for the proper performance of the agencies’ functions, including whether the information has practical utility;
  • The accuracy of the estimate of the burden of the information collections, including the validity of the methodology and assumptions used;
  • Ways the enhance the quality, utility and clarity of the information to be collected;
  • Ways to minimize the burden of the information collections on respondents, including through the use of automated collection techniques or other forms of information technology; and
  • Estimates of capital or start-up costs and costs of operation, maintenance, and purchase of services to provide information.
Minority Depository Institution Preservation Program Proposed Interpretive Ruling and Policy Statement
National Credit Union Administration

NASCUS Legislative and Regulatory Affairs Department
July 28, 2023

In 2015, the NCUA Board approved IRPS 13-1 establishing the Minority Depository Institution Preservation Program (MDI program), to encourage the preservation of MDIs as well as the establishment of new MDI credit unions.  On June 22, 2023, the NCUA Board issued proposed revisionstoInterpretive Ruling and Policy Statement (IRPS) 13-1, regarding the agency’s Minority Depository Institution Preservation Program for credit unions

In 2018 the Board restructured the Agency. This restructuring included establishing the Office of Credit Union Resources and Expansion (CURE). CURE subsequently assumed administration of the MDI Program from the agency’s Office of Minority and Women Inclusion.

The proposed changes to IRPS 13-1 summarized below are intended to reflect the changes in NCUA’s structure, provide several updates to the MDI program’s features, and clarify the requirements for a credit union to receive and maintain an MDI designation.

Comments are due to NCUA on the proposed changes on or before August 28, 2023.

Summary

The NCUA is proposing the following amendments to IRPS 13-1.

  1. Incorporate recent program initiatives such as the consulting and support program for MDIs, and provide examples of technical assistance an MDI may receive. Technical assistance includes:
    • Providing guidance in resolving examination concerns;
    • Helping MDIs locate new sponsors, mentors, or merger partners;
    • Assisting with field of membership expansions;
    • Supporting management in setting up new programs and services;
    • Attempting to preserve the minority character of failing institutions during the resolutions process; and
    • Assisting groups that are interested in chartering a new MDI.
  2. Include subsections on engagement with MDIs, technical assistance, examination of MDIs, Community Development Revolving Loan Fund grants and loans, training and education, and preservation of MDIs.
    • The NCUA expects examiners to recognize the distinctive characteristics and differences in core objectives of each financial institution and consider these when evaluating. Examiners can evaluate an MDI using peer metrics such as through the FPR.
    • MDIs without the low-income designation are now eligible for CDRLF grants and loans.
  3. Establish a new standard for MDIs to assess their designation. The standard states, a credit union is eligible to receive the MDI designation if it meets all the following criteria:
    • A majority (greater than 50%) of its current members are from any eligible minority groups;
    • A majority of the members of its board of directors are from any of the eligible minatory groups; and
    • A majority of the community it services, as designated in its field of membership, are from any of the eligible minority groups.

A credit union defined as a “small credit union” [1]by NCUA may self-certify greater than 50% representation among current members, within the community it serves (potential members), based solely on knowledge of those members. A credit union not defined as a “small credit union” by the NCUA may rely on one of the following methods to determine the minority composition of its current membership.

    • Demographic data from the U.S. Census Bureau
    • Home Mortgage Disclosure Act (HMDA) data
    • Collect data from members who voluntarily choose to participate in such collection about their racial identity and the use of the data to determine minority representation among the credit union’s members; or
    • Any other reasonable form of data, such as membership address lists or an employer’s demographic analysis of employees.

An MDI credit union must assess whether it continues to meet the required definition of an MDI whenever there is a significant change in its board of directors, or it changes its field of membership and update its designation, if necessary, in the NCUA Credit Union Profile.

  1. Update how the NCUA will review an MDI’s designation status to reflect it will be part of the examination process.
  2. Simplify “community it services, as designated in its charter” to refer to an MDI’s field of membership.
  3. Specify that “Asian American” includes Native Hawaiian or Other Pacific Islander, and “Native American” includes American Indian and Alaskan Natives.
  4. Clarify that “small entity” means a “small credit union” as defined by the NCUA, and the simplified process for a small credit union to determine whether it qualifies as an MDI.
  5. Add new sections that address comments to the agency, the agency’s annual congressional reporting on MDIs, and the availability of the list of MDIs from the NCUA’s website.

NCUA invites comments on all aspects of the proposed amendments to the IRPS. Additionally, the agency is seeking comments on any other aspects of the IRPS and what additional information the agency could provide to help MDIs, and how best to deliver the information.

[1] [1] 80 FR 57512: Under the Regulatory Flexibility Act, NCUA currently defines a small credit union as a credit union with total assets of less than $100 million.

CFPB Summary re: Interagency proposal on quality control standards for automated valuation models

The OCC, Board, FDIC, NCUA, CFPB, and FHFA invite comment on a proposed rule to implement the quality control standards mandated by the Dodd-Frank Wall Street Reform and Consumer Protection Act for the use of automated valuation models (AVMs) by mortgage originators and secondary market issuers in determining the collateral worth of a mortgage secured by a consumer’s principal dwelling.  Under the proposal, the agencies would require institutions that engage in certain credit decisions or securitization determinations to adopt policies, practices, procedures, and control systems to ensure that AVMs used in these transactions to determine the value of mortgage collateral adhere to quality control standards designed to ensure a high level of confidence in the estimates produced by AVMs; protect against the manipulation of data; seek to avoid conflicts of interest; require random sample testing and reviews; and comply with applicable nondiscrimination laws.

Comments must be received by August 21, 2023, and the proposal can be found here.

Summary

Section 1473(q) of the Dodd-Frank Act amended Title XI of FIRREA to add new section 1125 relating to the use of automated valuation models (AVMs) in valuing real estate collateral securing mortgage loans.  The proposal would require that mortgage originators and secondary market issuers adopt policies, practices, procedures, and control systems to ensure that AVMs used in certain credit decisions or covered securitization determinations adhere to quality control standards designed to meet specific quality control factors.

The proposed rule would not set specific requirements for how institutions are to structure these policies, practices, procedures and control systems.

Scope of the Proposed Rule

The proposal would implement the statute by applying the quality control standards when an AVM is being used to make a determination of collateral value, as opposed to other uses such as monitoring value over time or validating an already completed valuation.

The agencies are proposing that the rule would not cover the use of AVMs in the development of an appraisal by a certified or licensed appraiser, nor in the review of the quality of already completed determinations of collateral value.  The proposed rule would cover the use of AVMs in preparing evaluations required for certain real estate transactions that are exempt from the appraisal requirements under the appraisal regulations issued by the OCC, Board, FDIC, and NCUA, such as transactions that have a value below the exemption thresholds in the appraisal regulations.

Section 1125 defines an AVM as “any computerized model used by mortgage originators and secondary market issuers to determine the collateral worth of a mortgage secured by a consumer’s principal dwelling.  The quality control standards proposed in this rule are applicable only to AVMs used in connection with making credit decisions or covered securitization determinations regarding a mortgage as defined in the proposal.

Section 1125 directs the agencies to promulgate regulations to implement quality control standards regarding AVMs. Section 1125 requires that AVMs as defined in the statute, adhere to quality control standards designed to (i) ensure a high level of confidence in the estimates produced by AVMs; (ii) protect against the manipulation of data; (iii) seek to avoid conflicts of interest; (iv) require random sample testing and reviews; and (v) account for any other such factor that the agencies determine to be appropriate.  The agencies consulted with the staff of the Appraisal Subcommittee (ASC) and the Appraisal Standards Board of the Appraisal Foundation (ASB) as part of promulgating this rule.

Section 1125(c)(1) provides that compliance with regulations issued under Section 1125 shall be enforced “with respect to a financial institution, or subsidiary owned and controlled by a financial institution and regulated by a Federal financial institution regulatory agency, the Federal financial institution regulatory agency acts as the primary Federal supervisor of such financial institution or subsidiary.” Section 1125(c)(1) applies to a subsidiary of a financial institution only if the subsidiary is (i) owned and controlled by a financial institution, and (2) regulated by a Federal financial institution regulatory agency.

Application to use of AVMs

The proposed rule would apply to AVMs used in connection with making a credit decision.  The rule would define a “credit decision” in part to include a decision regarding whether and under what terms to originate, modify, terminate or make other changes to a mortgage.   The scope of the proposal would include decisions regarding originating a mortgage, modifying the terms of an existing loan or renewing the terms of an existing loan, or renewing, increasing or terminating a line of credit.  The use of AVMs solely to monitor a creditor’s mortgage portfolio would not be a credit decision under the proposed rule because the lending institution has already made the credit decision.

The language of Section 1125 includes not only mortgage originators but also secondary market issuers.  Given that the statute refers to secondary market issuers and the primary business of secondary market issuers is to securitize mortgage loans and to sell those mortgage-backed securities to investors, the proposed rule would cover AVMs used in securitization determinations.

The proposed rule would define “covered securitization determination” to include determinations regarding, among other things, whether to waive an appraisal requirement for a mortgage origination.  Under the proposal, a secondary market issuer that used AVMs in connection with making appraisal waiver decisions would be required to have policies, practices, procedures, and control systems in place to ensure that the AVM supporting those appraisal waiver decisions adheres to the rule’s quality control standards.

The proposed rule would not cover the use of an AVM by a certified or licensed appraiser in developing an appraisal. While appraisers may use AVMs in preparing appraisals, they must achieve credible results in preparing an appraisal under the Uniform Standards of Professional Appraisal Practice (USPAP) and its interpreting opinions.

The proposal would not cover AVMs used in reviews of completed collateral value determinations, given that the underlying appraisal or evaluation determines the value of the collateral.

  • Covered Securitization Determination
    • The proposed rule would define “covered securitization determination” to mean a determination regarding (1) whether to waive an appraisal requirement for a mortgage origination in connection with its potential sale or transfer to a secondary market issuer, or (2) structuring, preparing disclosures for, or marketing initial offerings of mortgage-backed securitizations.
  • Secondary Market Issuer
    • The agencies are proposing to define a secondary market issuer as any party that creates, structures, or organizes a mortgage-backed securities transaction. The agencies propose to define a secondary market issuer in this manner due to the statutory focus in Section 1125 on “issuers” and “determining the collateral worth” of a mortgage.  This type of determination would typically take place in the secondary market in connection with the creation, structuring, and organization of a mortgage-backed security.

Proposed Implementation Period

The agencies propose an effective date of the first day of a calendar quarter following the 12 months after publication in the Federal Register of any final rule based on this proposal.  This extended effective date would give institutions time to come into compliance with the rule.

Request for Comments:

The agencies invite comments on all aspects of the proposed rulemaking.  The agencies have also specified a number of questions throughout the proposal requesting feedback on a number of topics, such as:

  • The quality control factor on nondiscrimination
  • The implementation period
  • Loan modifications under the proposal
  • Appraisal Waivers
  • Secondary Market Issuers
  • AVM uses covered and not covered by the rule
  • Reviews of completed collateral valuation determinations
  • Control Systems
  • Covered Securitization Determinations
  • Credit Decisions
  • Mortgages/Mortgage Originators

NASCUS Legislative and Regulatory Affairs Department
July 10, 2023

On, June 29, 2023, the National Credit Union Administration (NCUA) issued Letter to Credit Unions 23-CU-05: Commercial Real Estate Loan Accommodations and Workouts announcing a jointly published interagency Policy Statement on Prudent Commercial Real Estate Loan Accommodations and Workouts[1] (Statement).  The joint statement was issued by NCUA, OCC, FRB, and the FDIC in consultation with state bank and credit union regulators (FFIEC SLC).

The Statement was published on July 6, 2023.

Summary

On October 30, 2009, the agencies and the FFIEC SLC adopted the Policy Statement on Prudent Commercial Real Estate Loan Workouts[2] (2009 Statement).  While the 2009 Statement was useful for outlining regulatory expectations on appropriate risk management and accounting practices for Commercial Real Estate (CRE) loan workouts at that time, recent policy and accounting changes necessitated updates to the 2009 Statement. The 2023 Statement is a principles-based resource for credit unions with commercial real estate borrowers experiencing financial difficulties and replaces the 2009 Statement.  The 2023 Statement includes a new section on short-term loan accommodations, updated information on changes in CRE loan workouts (related to changes in GAAP applicable due to adoption of Current Expected Credit Losses (CECL)[3] methodology), and regulatory guidance issued since 2009.

Overview of the Final Statement

Risk management principles outlined in the 2023 Statement are generally consistent with the 2009 Statement and with GAAP, noting the importance of financial institutions working constructively with CRE borrowers experiencing financial difficulty.[4]  The 2023 Statement addresses supervisory expectations for appropriate loan accommodations and workout matters, including:

  1. risk management,
  2. loan classification,
  3. regulatory reporting, and
  4. accounting considerations.

The Statement also includes updated references to supervisory guidance and revised language to incorporate current industry terminology and reaffirms two key principles from the 2009 Statement:

  1. Financial institutions that implement prudent CRE loan accommodation and workout arrangements after performing a comprehensive review of a borrower’s financial condition will not be subject to criticism for engaging in these efforts, even if these arrangements result in modified loans with weaknesses that result in adverse classification; and
  2. (Modified loans to borrowers who have the ability to repay their debts according to reasonable terms will not be subject to adverse classification solely because the value of the underlying collateral has declined to an amount that is less than the outstanding loan balance.

The Statement acknowledges it may be appropriate for financial institutions to use short-term and less complex loan accommodations before a loan warrants a longer-term or more complex workout arrangement.  Accordingly, the Statement identifies short-term loan accommodations as a tool that could be used to mitigate adverse effects on borrowing and encourages financial institutions to work prudently with borrowers who are, or may be, unable to meet their contractual payment obligations during periods of financial stress.

The final Statement incorporates principles consistent with existing interagency supervisory guidance on accommodations while stressing prudent internal controls related to loan accommodations include comprehensive policies and practices, proper management approvals, ongoing credit risk review function, and timely and accurate reporting and communication.

The Statement includes updated CRE loan workout examples from the 2009 Statement as well as three new examples related to Income Producing Property – Hotel, Acquisition, Development, and Construction – Residential, and Multi-Family Property.  These examples are meant to illustrate the application of existing rules, regulatory reporting instructions, and supervisory guidance on credit classifications and the determination of nonaccrual status.

Five appendices are incorporated within the Statement to address:

  • Appendix 1 contains examples of CRE loan workout arrangements illustrating the application of the statement to classification of loans and determination of nonaccrual treatment.
  • Appendix 2 lists selected relevant rules as well as supervisory and accounting guidance for real estate lending, appraisals, allowance methodologies, restructured loans, fair value measurement, and regulatory reporting matters such as nonaccrual status.
  • Appendix 3 discusses valuation concepts for income-producing real property.
  • Appendix 4 provides the special mention and adverse classification definitions used by the Board, FDIC, and OCC.
  • Appendix 5 addresses the relevant accounting and supervisory guidance on estimating loan losses for financial institutions that use the current expected credit losses (CECL) methodology.

[1] NCUA Docket no. 2022-0123;Available at https://ncua.gov/files/letters-credit-unions/policy-statement-prudent-cre-loan-accommodations-workouts.pdf

[2] NCUA Letter 10-CU-07 ; June 2010

[3] The Financial Accounting Standards Board’s (FASB’s) Accounting Standards Update 2016-13, Financial Instruments—Credit Losses (Topic 326):  Measurement of Credit Losses on Financial Instruments and subsequent amendments issued since June 2016 are codified in Accounting Standards Codification (ASC) Topic 326, Financial Instruments – Credit Losses (FASB ASC Topic 326).  FASB ASC Topic 326 revises the accounting for allowances for credit losses (ACLs) and introduces the CECL methodology.

[4] Federally insured credit unions with less than $10 million in assets are not required to comply with GAAP, unless the credit union is state-chartered and GAAP compliance is mandated by state law (86 FR 34924 (July 1, 2021)).

NASCUS Legislative and Regulatory Affairs Department
July 10, 2023 

The National Credit Union Administration (NCUA) Board has published a Notice and Request for Comment Regarding NCUA Operating Fee Schedule Methodology.   NCUA is proposing to change the exemption threshold below which Federal Credit Unions (FCUs) would not be required to pay the operating fee and establish a process to update the exemption threshold in future years

Comments are due to NCUA by August 7, 2023. The proposal may be read here.

Background

As part of the budget process, the NCUA Board adopts an annual budget in the fall of each year to cover an “operating budget” for the costs of day-to-day operations and a “capital budget” related to estimated capital project expenditures.  Determination of the annual operating fee funding requirements are calculated by subtracting from the annual budget NCUA’s estimates for miscellaneous revenues collected, the Overhead Transfer Rate (OTR) funding of the budget, interest income, and other miscellaneous adjustments made by the Board including an estimate of unallocated prior-period operating fees collected.

Once the estimated annual operating fee funding requirements are determined, the Board approved methodology is utilized by the CFO to determine the operating fee funding requirements of each individual FCU and make the appropriate recommendation to the Board.

The FCU Act imposes three requirements on the Board related to assessing an operating fee on FCUs:

  • The fee must be assessed according to a schedule or schedules, or other method that the Board determines to be appropriate, which gives due consideration to NCUA’s responsibilities in carrying out the FCU Act and the ability of FCUs to pay the fee;
  • The Board must determine the period for which the fee will be assessed and the due date for payment; and
  • The Board must deposit collected fees into the Treasury to defray the Board’s expenses in carrying out the FCU Act. Once collected, operating fees, “may be expended by the Board to defray the expenses incurred in carrying out the provisions of [the FCU Act,] including the examination and supervision of [FCUs].”[1]

Changes to Operating Fee Methodology and Request for Comment

Currently FCUs reporting average assets of $1 million or less during the preceding four calendar quarters are exempt from paying an operating fee.  Under the proposal, the Board would raise the average asset exemption level for FCUs to $2 million and annually adjust the exemption threshold in future years.

The inflationary adjustment, calculated as a percentage of average asset growth reported on the call reports over the previous four quarters, would be included in the operating fee calculation presented in the annual draft NCUA budget published by NCUA’s CFO.   This adjustment factor would then be factored into the threshold to determine the new asset base below which a FCU would not be assessed an operating fee by the NCUA.

The Notice states the Board believes this change would appropriately maintain its current policy of exempting the smallest natural person credit unions from paying the operating fee based on those institutions’ ability to pay the fee.

The Board is also seeking comment on whether either the three-tier operating fee schedule and its regressive approach to fee assessment remains appropriate.  While not pointing to a specific methodology, the Notice does reference whether a flat-rate schedule for all institutions over a certain exemption threshold, or another less regressive alternative is more appropriate.

Finally, the Board seeks comments on the equitable distribution of the operating fees across FCUs.  Specifically, they seek understanding on how any proposals to change the methodology can be justified as fair and equitable not only for those FCUs whose operating fee would decrease, but also those FCUs whose operating fees would increase compared to the current methodology.

[1]  12 U.S.C. 1755(d).

Notice of Proposed Rulemaking and Request for Comment
Agencies:  Quality Control Standards for Automated Valuation Models

NASCUS Legislative and Regulatory Affairs Department
June 15, 2023

On June 1, 2023, the OCC, Federal Reserve Board, FDIC, NCUA, CFPB, and FHFA (collectively, the agencies) issued a notice of proposed rulemaking with request for comment implementing the quality control standards mandated by the Dodd-Frank Act, section 1125, for the use of automated valuation models (AVMs) by mortgage originators and secondary market issuers in determining the collateral value of a mortgage secured by a consumer’s principal dwelling.

Comments are due on or before August 21, 2023.

Summary

The proposed rule would require credit unions, including federally insured state-chartered credit unions (FISCUs), to adopt policies, practices, procedures, and control systems to ensure that a credit union’s AVM quality control standards meet the following specific quality control factors:

  1. Ensure a high level of confidence in the estimates,
  2. Protect against the manipulation of data,
  3. Seek to avoid conflicts of interest,
  4. Require random sample testing and reviews, and
  5. Comply with applicable non-discrimination laws.

The proposed rule would not set specific requirements for how credit unions are to structure these policies, practices, procedures, and control systems. Instead, credit unions would be allowed to set quality control standards as appropriate based on the size of the credit union and the risk and complexity of transactions for which they will use AVMs. The final 2010 Interagency Appraisal and Evaluation Guidelines (Guidelines)  related to AVMs would also remain applicable.

The proposal is also applicable to secondary market issuers. A secondary market issuer that uses AVMs in connection with making appraisal waiver decisions would be required to have policies, practices, procedures, and control systems in place to ensure that the AVM supporting those appraisal waiver decisions adheres to the rule’s quality control standards. In contrast, if a credit union requests an appraisal waiver decision from a secondary market issuer it would not need to ensure that the AVM used to support the waiver meets the rule’s quality control standards because the secondary market issuer would be using the AVM to make the appraisal waiver decision, not the mortgage originator.

Amendments to NCUA Regulations

Section 1125(c)(1) applies to a subsidiary of a financial institution only if the subsidiary is:

  1. Owned and controlled by the financial institution, and
  2. Regulated by a federal financial institution regulatory agency.

The NCUA acknowledges that subsidiaries of federally insured credit unions (FICUs), specifically CUSOs, and their employees are not subject to regulation by NCUA. This proposal does not change this position. Therefore, if the proposal is finalized, NCUA would not have enforcement authority related to AVM standards over CUSOs. However, under section 1125(c)(2), the Federal Trade Commission, the CFPB, and State attorneys general would have enforcement authority over CUSOs, whether owned by a State or federally chartered credit union, in connection with a final AVM rule.

To reflect this within the proposed rule, the second sentence in proposed § 722.201(b)(1) would provide that subpart B of part 722 of the NCUA’s regulations applies to credit unions insured by the NCUA that are mortgage originators or secondary market issuers.

The NCUA is also proposing to amend § 741.203(b) to include the proposed AVM regulations in the NCUA’s list of regulatory provisions applicable to federally insured, state-chartered credit unions. Accordingly, proposed § 741.203(b) would provide that insured credit unions must adhere to the requirements stated in part 722.

AVMs Used in Connection with Making Credit Decisions

The proposed rule would apply to AVMs used in connection with making a credit decision and would define “credit decision,” to include a decision regarding whether and under what terms to originate, modify, terminate, or make other changes to a mortgage. The proposed rule would NOT cover the use of AVMs in monitoring the quality or performance of mortgages or mortgage-backed securities.

A credit decision under the proposed rule would include:

  • Decisions regarding originating a mortgage,
  • Modifying the terms of an existing loan; or
  • Renewing, increasing, or terminating a line of credit

AVMs Used by Secondary Market Issuers

As previously noted, section 1125 covers secondary market issuers. The proposed rule covers AVMs used in securitization determinations but would not cover AVMs used to monitor collateral value in mortgage-backed securities after the securities have been issued.

AVM Uses not Covered by the Proposed Rule

The proposed rule would not cover the use of an AVM by a certified or licensed appraiser in developing an appraisal. It also excludes AVMs used in reviews of completed collateral value determinations, given that the underlying appraisal or evaluation determines the value of the collateral, rather than the review of the appraisal or evaluation.

Request for Comments

The proposal consists of thirty-seven questions in which the agencies are seeking comment in the following categories:

  1. AVMs used in connection with making credit decisions.
  2. AVMs used by secondary market issuers.
  3. AVM uses not covered by the proposed rule.
  4. Definitions
    • AVM
    • Control Systems
    • Covered Securitization Determination
    • Credit Decision
    • Dwelling
    • Mortgage
    • Mortgage Originator
    • Secondary Market Issuer
  5. Quality Control Standards

Proposed Implementation Period

The agencies propose an effective date of the first day of a calendar quarter following the 12 months after publication of a final rule in the Federal Register. The seek comments on the implementation period.

 Summary of NCUA Notice and Request for Comment on the Existing Operating Fee Schedule Methodology

NASCUS Legislative and Regulatory Affairs Department
June 26, 2023

The National Credit Union Administration (NCUA) Board approved for publication in the Federal Register a Notice and Request for Comment Regarding NCUA Operating Fee Schedule Methodology at the June 22, 2023, Board meeting.  The notice would provide a 60-day comment period from its publication date.  In the Notice, the Board proposes to change the exemption threshold below which Federal Credit Unions (FCUs) would not be required to pay the operating fee and proposes to establish a process to update the exemption threshold in future years based on the credit union system’s annual asset growth.

Background

The FCU Act imposes three requirements on the Board related to assessing an operating fee on FCUs:

  1. The fee must be assessed according to a schedule or schedules or other method that the Board determines to be appropriate, which gives due consideration to NCUA’s responsibilities in carrying out the FCU Act and the ability of FCUs to pay the fee;
  2. The Board must determine the period for which the fee will be assessed and the due date for payment; and
  3. The Board must deposit collected fees into the Treasury to defray the Board’s expenses in carrying out the FCU Act. Once collected, operating fees “may be expended by the Board to defray the expenses incurred in carrying out the provisions of [the FCU Act,] including the examination and supervision of [FCUs].”[1]

In 2020, the NCUA published a request for comments on its methodology for determining its Operating Fee Schedule and revised its treatment of capital project budgets and miscellaneous revenues when calculating operating fees.  The Board also made other changes relative to its calculation of annual asset growth adjustments to the operating fee rate tier thresholds for consistency with regulation governing assessment of the annual operating fee.  These inflationary adjustments did not apply, however, to the $1 million asset threshold, small FCUs must exceed before being assessed for an annual operating fee.  Since that time, the operating fee assessment has been applied according to the published methodology, including the last operating fee schedule issued on January 25, 2023[2].

The Board has generally not used Federal Register notices in connection with annual adjustments to the asset tiers or rates of the operating fee schedule. Instead, the Board has opted to adopt such changes at its open meetings. While the Board has varied its practice with respect to operating fee schedule changes, it has done so within what they interpret as the FCU Act’s broad directive that the operating fee schedule should be as “determined by the Board to be appropriate,” subject to its consideration of its expenses and the ability of FCUs to pay.[3]  In addition, the NCUA’s regulation on operating fee processes includes a standing invitation for written comments from FCUs on existing operating fee schedules.[4]  Each year the Board also invites comments on the draft NCUA budget, which includes a detailed explanation of how the operating fee is calculated and how changes to the operating fee rates are determined based on application of the published methodology.

With this in mind, the Board delegated authority to the NCUA’s Chief Financial Officer (CFO) in November 2015 to administer the Board-approved operating fee methodology and to set the operating fees as calculated during each annual budget cycle beginning with 2016.  Although not required to do so under NCUA’s interpretation under the Administrative Procedure Act,[5] the Board did publish its methodology on January 2016, in the Federal Register and requested public comment on the same.[6]

As part of the budget process, the NCUA Board adopts an annual budget in the fall of each year to cover an “operating budget” for the costs of day-to-day operations and a “capital budget” related to estimated capital project expenditures.  Determination of the annual operating fee funding requirements are calculated by subtracting from the annual budget NCUA’s estimates for miscellaneous revenues collected, the Overhead Transfer Tate (OTR) funding of the budget, interest income, and other miscellaneous adjustments made by the Board, including an estimate of unallocated prior-period operating fees collected.

Once the estimated annual operating fee funding requirements are determined, the Board approved methodology is utilized by the CFO to determine the operating fee funding requirements of each individual FCU and make the appropriate recommendation to the Board.

Changes to Operating Fee Methodology and Request for Comment

Relating to the methodology in which operating fee assessments are imposed on individual FCUs, the Board seeks comment on a change to the exemption level below which FCUs are not charged an operating fee.  Currently, FCUs reporting average assets of $1 million or less during the preceding four calendar quarters are exempt from paying an operating fee.  Under the proposal, the Board would raise the average asset exemption level for FCUs to $2 million and annually adjust the exemption threshold in future years.

The inflationary adjustment, calculated as a percentage of average asset growth reported on the call reports over the previous four quarters, would be included in the operating fee calculation presented in the annual draft NCUA budget published by the Chief Financial Officer pursuant to 12 U.S.C. 1789(b).  This adjustment factor would then be factored into the threshold to determine the new asset base below which an institution would not be assessed an operating fee by the NCUA.

The Notice states the Board believes this change would appropriately maintain its current policy of exempting the smallest natural person credit unions from paying the operating fee based on those institutions’ ability to pay the fee.

The Board is also seeking comment on whether either the three-tier operating fee schedule and its regressive approach to fee assessment remains appropriate.  While not pointing to a specific methodology, the Notice does reference whether a flat-rate schedule for all institutions over a certain exemption threshold or another less regressive alternative is more appropriate.

Finally, the Board seeks comments on the equitable distribution of the operating fees across FCUs.  Specifically, they seek an understanding of how any proposals to change the methodology can be justified as fair and equitable not only for those FCUs whose operating fees would decrease but also for those FCUs whose operating fees would increase compared to the current methodology.

[1]  12 U.S.C. 1755(d).

[2] Available at https://ncua.gov/regulation-supervision/letters-credit-unions-other-guidance/federal-credit-union-operating-fee-schedule-2023

[3] 12 U.S.C. 1755(b).

[4] 12 CFR 701.6(c).

[5] 5 U.S.C. 551 et seq.

[6] 81 FR 4674 (Jan. 27, 2016).

Notice of Proposed Rulemaking and Request for Comment
NCUA Part 721: Charitable Donation Accounts

NASCUS Legislative and Regulatory Affairs Department
June 12, 2023

The National Credit Union Administration (NCUA) has published a proposal to amend the charitable donation accounts (CDA) section of the NCUA’s incidental powers regulation. Specifically, the Board is proposing to add “war veterans’ organizations”, as defined under section 501(c)(19) of the Internal Revenue Code, to the definition of “qualified charity” that a federal credit union may contribute to using a CDA.

Comments are due on or before July 31, 2023.

Summary

Under the current rule, federal credit unions are permitted to fund a CDA, defined as a hybrid charitable and investment vehicle that a federal credit union may fund to provide charitable contributions and donations to a qualified charity. The rule defines “qualified charity” as a charitable organization or other non-profit entity recognized as exempt from taxation under section 501(c)(3) of the Internal Revenue Code.

Proposed Changes

The Board recognizes there may be other non-profit, charitable entities outside of section 501(c)(3) that could be included as a “qualified charity” as defined under the current rule.  For purposes of this proposal, the Board has focused on “veterans’ organizations” as defined by section 501(c)(19). Under 501(c)(19) a “veterans’ organization” must meet a number of requirements.

The Board believes that the attributes listed for 501(c)(19) organizations are aligned with the purposes of the current CDA rule and is proposing to add “veterans’ organizations” to the definition of “qualified charity.”

Comments

The Board has reviewed the list of organizations in 501(c) and believes that several may be considered charitable. However, the Board is requesting feedback on the following:

  1. Should the Board consider adding additional groups, organizations, or entities to the definition of a “qualified charity?”
  2. If yes, which other groups, organizations, or entities should the Board consider? Note commenters are not limited to only those entities listed in section 501(c) of the Internal Revenue Code.
  3. For any suggested group, organization, or entity, please describe how it is non-profit, organized for a charitable purpose, and how it otherwise meets the purposes of the current CDA rule.

Summary re: CFPB Proposal on Residential Property Assessed Clean Energy Financing (Regulation Z)
12 CFR Part 1026

Section 307 of EGRRCPA (Economic Growth Regulatory Relief and Consumer Protection Act) directs the Consumer Financial Protection Bureau (CFPB) to prescribe “ability to repay” (ATR) rules for Property Assessed Clean Energy (PACE) financing and to apply the civil liability provisions of the Truth in Lending Act (TILA) for violations.  In this notice, the CFPB proposes to implement Section 307 of EGRRCPA and to amend Regulation Z to address how TILA applies to PACE transactions to account for the unique nature of PACE.

Comments must be received by July 26, 2023; the proposal can be found here.

Summary

PACE financing is financing to cover the costs of home improvements that result in a tax assessment on the real property of the consumer.   As required by Section 307 of EGRRCPA, the CFPB issued a proposed rule that would do the following:

  • Clarify an existing exclusion to Regulation Z’s definition of credit that relates to tax liens and tax assessments.
  • Make a number of adjustments to the requirements for Loan Estimates and Closing Disclosures under Sections 1026.37 and 1026.38 that would apply when those disclosures were provided for PACE transactions, including:
  • Eliminating certain fields relating to escrow account information;
  • Requiring the PACE transaction and other property tax payment obligations to be identified as separate components of estimated taxes, insurance, and assessments;
  • Clarifying certain implications of the PACE transaction on the property taxes;
  • Requiring disclosure of identifying information for the PACE company;
  • Requiring various qualitative disclosures for PACE transactions that would replace disclosures on the current forms, including disclosures relating to assumption, late payment servicing, partial payment policy, and the consumer’s liability after foreclosure; and
  • Clarifying how unit-periods would be disclosed for PACE transactions.
  • Provide new model forms for the Loan Estimate and Closing Disclosure
  • Exempt PACE transactions from the requirement to establish escrow accounts for certain higher-priced mortgage loans, under proposed Section 1026.41(e)(7).
  • Apply Regulation Z’s Ability to Repay (ATR) requirements in Section 1026.43 to PACE transactions with a number of specific adjustments to account for the unique nature of PACE financing, including requiring PACE creditors to consider certain monthly payments that they know or have reason to know the consumer will have to pay into the consumer’s escrow account as an additional factor when making a repayment ability determination for PACE transactions extended to consumers who pay their property taxes through an escrow account.
  • Provide that a PACE transaction is not a qualified mortgage (QM) as defined in Section 1026.43
  • Extend the ATR requirements and the liability provisions of TILA section 130 to any “PACE company” as defined in proposed Section 1026.43(b)(14).
  • Provide clarification regarding how PACE and non-PACE mortgage creditors should consider pre-existing PACE transactions when originating new mortgage loans.
  • The CFPB proposes that the final rule, if adopted, would take effect at least one year after publication of the final rule in the Federal Register, but no earlier than October 1, which follows by at least six months of Federal Register publication.
  • The CFPB requests comment on all aspects of the proposed rule and on whether there are any other provisions of TILA or Regulation Z that the Bureau should address with respect to PACE transactions. However, the Bureau posed the following questions in the notice of proposed rulemaking:
  • Whether any TILA provisions not addressed in this proposal warrant amendment for PACE?
  • Whether any clarification is required through rulemaking or otherwise with respect to how HOEPA’s provisions, as implemented in Regulation Z, apply to PACE transactions that may qualify as high-cost mortgages
  • The Bureau seeks comment on the interest rates and late fees that consumers may have to pay in connection with their PACE transactions both before and after default. Whether, for example, late fees that apply to all property taxes should be treated differently from contractually-imposed late fees for purposes of HOEPA’s limitations on late fees as implemented in Section 1026.34(a)(8).
  • Seeks comment on proposed Section 1026.37(p)(3) generally, and on whether to require the contact information for the PACE company under the PACE Company heading in all cases, instead of under the “Mortgage Broker” heading when applicable.
  • Whether it should require creditors to disclose specific late-payment information and, if so, what information to require.
  • Whether a periodic statement requirement would benefit PACE consumers
  • Seeks comment on the types of disclosures related to PACE financing that consumers currently receive from PACE creditors, property tax collectors and others.
  • Whether an annual or semi-annual disclosure like the periodic statement would be useful for PACE consumers, and if so, what information it should contain.
  • Whether there are any other mortgage servicing requirements in Regulation Z or X beyond the periodic statement requirement that the Bureau should address in the final rule.
  • Seeks comment on the proposed definition of “PACE Company” and whether it accurately identifies the intended entities and whether the use of this term accounts for the unique nature of PACE financing.
  • Seeks comment on whether Section 1026.43(c) should be amended to permit or require a creditor to consider the effect of potential savings resulting from the home improvement project financed in the PACE transaction (such as lowered utility payments.)
  • Seeks comment on proposed new Section 1026.43(i)(1) and specifically on whether it would provide additional clarity to include the above examples in the commentary to Section 1026.43(i)(1).
  • Seeks comment on this alternative approach and any advantages or disadvantages it has in comparison to proposed Section 1026.43(i)(1)(ii).
  • Seeks comment on its preliminary conclusion not to extend QM to PACE financing

Effective Date

The Bureau proposes that the final rule, if adopted, would take effect at least one year after publication in the Federal Register, but no earlier than October 1, which follows by at least six months from the date of promulgation.  The final rule would apply to covered transactions for which apply to covered transactions for which creditors receive an application on or after this effective date.

U.S. Department of Treasury De-Risking Strategy Report

NASCUS Legislative and Regulatory Affairs Department
May 31, 2023

Background

Section 6215 of the Anti-Money Laundering Act of 2020 (AMLA) requires the Department of Treasury to develop a strategy to mitigate the adverse effects of de-risking after conducting interviews with regulators, non-profit organizations, and other public and private stakeholders. As a result, the Department released, in April 2023,  its first-ever “strategy” report (report) on the topic of “de-risking”.

The report combines a summary of the problem of de-risking with an overview of recommended steps to solve it.

Summary

For this study, Treasury focused on the topic of “de-risking”. De-risking is the practice of financial institutions’ termination or restriction of business relationships indiscriminately with broad categories of clients rather than analyzing and managing the risks of clients in a targeted manner. Treasury further notes this type of practice is inconsistent with the risk-based approach of the Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) regulatory framework for U.S. financial institutions under the Bank Secrecy Act (BSA) and implementing regulations.

The AMLA mandated that Treasury, in consultation with federal and state banking regulators and appropriate public-and private-sector stakeholders, conduct a formal review of financial institution reporting requirements and develop a strategy to address the issue of de-risking. The report identifies the key customer categories that are impacted the most by de-risking, the top causal factors behind de-risking, and recommended policy options for combatting de-risking.

The report focuses on three specific customer categories:

  • Small and medium-sized Money Service Businesses (MSBs), often used by immigrant communities in the U.S. to send remittances abroad and are highly vulnerable to de-risking.
  • Non-profit organizations (NPOs) operating abroad in high-risk jurisdictions face substantial de-risking challenges that can interfere with their operations.
  • Broad de-risking measures impacting foreign financial institutions with low correspondent banking transaction volumes, specifically those operating in financial environments characterized by high Money Laundering/Terrorist Financing risks.

Also addressed are the regulatory requirements applicable to financial institutions and their potential customers/members, including customer due diligence, enhanced due diligence, SAR filing requirements, and compliance with the Office of Foreign Assets Control (OFAC). In addition to these requirements, the report also addresses any additional guidance and regulation issued by the various federal banking agencies, including the NCUA, while also recognizing the existence of regulatory uncertainty.

Factors Contributing to De-Risking

The report identified several factors that contribute to de-risking including profitability, reputational risk, lower risk appetites of financial institutions, regulatory burdens, and unclear expectations from regulators and sanction regimes.

Profitability

Treasury assessed that profitability is the primary consideration for financial institutions when considering relationships with business customers. As detailed in the report, cost-benefit considerations are the main drivers for financial institutions when determining whether to provide services to certain categories of customers. This is particularly due to the necessary due diligence required to monitor these relationships as well as the hiring, training, and retention of compliance staff to oversee the account relationships.

The report also addresses concerns, especially from small and mid-sized financial institutions that were interviewed[1] and stated “the high cost of conducting the necessary due diligence and account monitoring for… money transmitters transferring funds to recipients in high-risk countries often outweighs the revenue” generated by these accounts.

Regulatory Challenges and Reputational Risk

Not unexpectedly, the report finds financial institutions’ concerns with their ability to manage illicit finance risks and regulatory challenges also play a significant role in de-risking.  Financial institutions interviewed by Treasury stated they were more likely to cease operations in jurisdictions with high illicit finance risks and to exit relationships with classes of customers that they believe present more significant money laundering and terrorist financing risks. Financial institutions interviewed also indicated they tend to avoid certain customers if they determine that a given jurisdiction or class of customer could expose them to heightened regulatory or law enforcement action absent effective risk management. Reputation risk is also of concern to financial institutions if criminals misuse their services.

Perceived Supervisory Expectations

The report further discusses a perception surrounding supervisory expectations. Specifically, financial institutions interviewed feel there is a lack of consistency in how examiners evaluate financial institutions’ AML/CFT programs, particularly with respect to how those programs assess the risk associated with MSB, NPO, and foreign respondent customers.  Those interviewed saw a disconnect between the message of a “risk-based approach” coming from FinCEN guidance in comparison to that of the federal banking regulators and the way examiners interpret the BSA and other regulations.

Also discussed by those interviewed are the additional layers of supervisory complexity from state supervisory authorities. According to those interviewed, the “perceived” lack of consistency among examiners makes financial institutions more risk-averse in dealing with customers “high-risk” customers.

Federal banking agencies had a different response, stating financial institutions may be over-interpreting questions that are not part of the formal examination process and therefore treating the questions as criticism from the agencies. Additionally, according to the federal banking agencies interviewed, certain banks and credit unions do not have the “necessary experience or adequate systems” in place to manage the risks related to certain customers. Also noting, it is not until a financial institution has an examination that they become fully aware of the risks.

Strategy

As discussed, the report acknowledges the primary reason for financial institutions de-risking customer groups is profitability. However, also as identified in the report there is a significant amount of inconsistency between regulatory agencies and financial institutions and the concept of de-risking.  As a result of the findings, Treasury has proposed a strategy designed to reduce de-risking and the adverse consequences of de-risking. The proposed steps are:

  1. Examination Practices Review
    • Review examination practices, including, but not limited to, coordination between FinCEN and the federal banking agencies in the overall examination process, as well as training coordination to address the enhanced training requirements under the AMLA, Section 6307.
  2. Notice Period Analysis
    • Analyze, in coordination with FinCEN and banking supervisors, current financial institution practices and processes related to account termination and whether and how such processes might be improved for customers.
  3. Improve AML/CFT Programs
    • Treasury proposes regulations implementing Section 6101(b) of the AMLA, which requires financial institutions to have effective, reasonably designed, and risk-based AML/CFT programs. These regulations should satisfy the requirements of Section 6101(b) that Treasury should “consider that the extension of financial services to the underbanked and the facilitation of certain financial transactions, including remittances while protecting the financial system from abuse are key policy goals of the United States.
  4. Clarify and Consider Revising MSB BSA Regulations
    • Under Section 6212 of the AMLA, FinCEN should clarify regulation changes to promote financial inclusion and reduce de-risking, including by reviewing BSA/AML regulations and guidance for MSBs.
  5. Improve International Cooperation to Raise AML/CFT Compliance
    • Working with foreign governments to help improve the MSB and correspondent banking regulation and supervision.
  6. Support Regional Consolidation Projects
    • Research and consider regional “consolidation” respondent banking approaches, including mechanisms such as the establishment of a publicly chartered corporation to consolidate regional financial flows into one respondent banking customer.
  7. Support International Financial Institution Efforts on De-risking
    • This could be accomplished through related projects and technical assistance.
  8. Explore the Potential for Emerging Technological Solutions, Including Digital Identity
    • This could include AML/CFT compliance solutions.
  9. Modernization of U.S. Sanctions
    • Treasury will continue to review regulations and FAQs to assess the need for revised or updated guidance concerning appropriate risk-based diligence measures involving humanitarian-related actors and transactions.
  10. Reduce Burdensome Requirements for the Processing of Humanitarian Assistance
    • Treasury will work with financial institutions to encourage adoption of a risk-based approach to access by NPOs to the essential financial services they need to engage in life-saving assistance abroad.
  11. Track and Measure De-risking
    • FinCEN and the federal banking agencies to develop means to track and measure aggregate changes in banking relationships with respondent banks, MSBs, and NPOs, to identify underlying problems better.
  12. Public-Private Sector Engagement
    • Treasury is recommending an open dialogue among public and private sector stakeholders as well as MSBs, NPOs, financial institutions, and regulators.

[1] GAO, “Views on Proposals to Improve Banking Access for Entities Transferring Funds to High-Risk Countries, GAO-22-104792, 15 (Dec. 16, 2021), https://www.gao.gov/assets/gao-22-104792.pdf.

Summary U.S. Department of Treasury: Illicit Finance Risk Assessment of Decentralized Finance

NASCUS Legislative and Regulatory Affairs Department
May 31, 2023

Background

On April 6, 2023, the US Department of Treasury published its first-ever, Illicit Finance Risk Assessment of Decentralized Finance (DeFi). The risk assessment examines key financial crimes risks related to DeFi, as well as potential regulatory responses to the emergence of DeFi.

Treasury’s analysis was issued on the heels of the Financial Action Task Force (FATF) focusing increasing attention on the impacts of innovation in the DeFi space. The FATF sets international standards for anti-money laundering and counter-terrorist financing (AML/CFT).

The risk assessment builds upon Treasury’s other recent national risk assessments and that of Executive Order 14067 “Ensuring Responsible Development of Digital Assets.”

Summary

The risk assessment evaluates how illicit actors are abusing decentralized finance services as well as exploiting vulnerabilities unique to DeFi services. The term DeFi refers broadly to virtual asset protocols and services that purport to allow for some form of peer-to-peer (P2P) transactions.

The assessment found that illicit actors, including ransomware cybercriminals, thieves, scammers, and Democratic People’s Republic of Korea (DPRK) cyber actors, are using DeFi services in the process of transferring and laundering their illicit proceeds. To accomplish this, these illicit actors are exploiting vulnerabilities in the U.S. and foreign AML/CFT regulatory, supervisory, and enforcement regimes as well as the technology underpinning DeFi services. This assessment finds that the most significant current illicit finance risk in this domain is from DeFi services that are not compliant with existing AML/CFT obligations.

Risk Assessment

The risk assessment covers several critical areas to better understand DeFi and the overall risks identified, beginning with an overview of the market structure of the DeFi ecosystem. It also demonstrates how threat actors misuse DeFi services to engage in and profit from illicit activity, especially ransomware attacks, theft, fraud and scams, drug trafficking, and proliferation finance.

The risk assessment then considers the vulnerabilities that enable the use of DeFi services for illicit purposes, including DeFi services’ non-compliance with AML/CFT and sanctions obligations, disintermediation, and a lack of international AML/CFT standards in foreign countries.

The assessment also includes recommendations for the U.S. government to continue and strengthen efforts to mitigate illicit finance risks associated with DeFi services. Finally, the assessment poses several questions to be considered as part of the recommended actions of the assessment to address illicit finance risks.

Findings

The risk assessment found the primary vulnerability that illicit actors exploit stems from non-compliance by DeFi services with AML/CFT sanctions obligations.  Furthermore, DeFi services engaged in covered activity under the Bank Secrecy Act (BSA) have AML/CFT obligations regardless of whether the services claim that they currently are or plan to be decentralized.

Other vulnerabilities identified in the risk assessment include the potential for some DeFi services to be out of scope for existing AML/CFT obligations, having weak or non-existent AML/CFT controls for DeFi services in other jurisdictions, or having poor cybersecurity controls by DeFi services, enabling the theft of funds.

Treasury also found and warns of proliferation finance risks, given North Korea’s use of DeFi services, both to raise funds through hacking and theft, and laundering funds through the DeFi ecosystem.

It also highlighted the transparency of the blockchain as a critical tool in combating financial crimes in DeFi, noting “a wallet address publicly identified with a hack may be the subject of intense public scrutiny, make it hard to launder proceeds in that wallet, even though its owner remains unknown”.

Treasury further indicates, while risk assessments are primarily designed to identify the scope of an issue, the study also includes recommendations for the U.S. government actions to mitigate the illicit finance risks associated with DeFi services which include:

  • Strengthening U.S. AML/CFT regulatory supervision
  • Considering additional guidance for the private sector on DeFi services’ AML/CFT obligations; and
  • Assessing enhancement to address any AML/CFT regulatory gaps related to DeFi services.
  • Continue research and private sector engagement to support understanding of developments in the DeFi ecosystem.
  • Continue to engage with foreign partners.
  • Advocate for cyber resilience in virtual asset firms, testing of code, and robust threat information sharing.
  • Promote responsible innovation of mitigation measures.

Questions

Treasury also welcomes input on the following questions as part of the recommended actions above.

  • What factors should be considered to determine whether DeFi services are a financial institution under the BSA?
  • How can the U.S. government encourage the adoption of measures to mitigate illicit finance risks, such as those identified in Section 5.4 of the report, including by DeFi services that fall outside of the BSA definition of financial institution?
  • The assessment finds that non-compliance by covered DeFi services with AML/CFT obligations may be partially attributable to a lack of understanding of how AML/CFT regulations apply to DeFi services. Are there additional recommendations for ways to clarify and remind DeFi services that fall under the BSA definition of a financial institution of their existing AML/CFT regulatory obligations?
  • How can the U.S. AML/CFT regulatory framework effectively mitigate the risks of DeFi services that currently fall outside of the BSA definition of a financial institution?
  • How should AML/CFT obligations vary based on the different types of services offered by DeFi services?

Summary of CFPB Circular 2023-02: Reopening Previously Closed Deposit Accounts
May 2023

The Consumer Financial Protection Bureau (CFPB) issued Circular 2023-02 to make clear that financial institutions that unilaterally reopen previously closed deposit accounts (without consumer consent) could be found to have engaged in an unfair act or practice under the Consumer Financial Protection Act (CFPA).

The CFPA, an act or practice is unfair when it causes or is likely to cause consumers substantial injury that is not reasonably avoidable by consumers and the injury is not outweighed by countervailing benefits to consumers or to competition.

The Bureau notes that in some instances, after a consumer has completed all the steps required to initiate the process of closing a deposit account and the financial institution completes that process, the financial institution unilaterally reopens the closed account if it the institution receives a debit or deposit to the closed account.  In those instances, the new activity may cause the account to overdraft or additional account maintenance fees.

Unilaterally reopening a closed deposit account to process a debit or deposit may cause substantial injury to consumers

In the circular, the Bureau defines “substantial injury” to include monetary harm, such as fees paid by consumers due to the unfair practice.  Actual injury is not required; significant risk of concrete harm is sufficient. Substantial injury can occur when a small amount of harm is imposed on a significant number of consumers.

In addition to fees, reopening a consumer’s account to accept a deposit increases the risk that an unauthorized third party may gain access to the consumer’s funds.

Consumers likely cannot reasonably avoid injury

An injury is not reasonably avoidable by consumers when consumers cannot make informed decisions or take action to avoid that injury.  Injury that occurs without a consumer’s knowledge or consent, when consumers cannot reasonably anticipate the injury, or when there is no way to avoid the injury even if anticipated, is not reasonably avoidable.

Consumers often cannot reasonably avoid the risk of substantial injury caused by financial institutions’ practice of unilaterally reopening accounts that consumers previously closed because they cannot control one or more of the following circumstances: a third party’s attempt to debit or deposit money, the process and timing of account closure, or the terms of the deposit account agreements.

The injury is likely not outweighed b countervailing benefits to consumers or competition

Reopening a closed account does not appear to provide any meaningful benefits to consumers or competition.  Consumers do not generally benefit when a financial institution unilaterally reopens an account that consumers previously closed. Reopening an account in response to a debit will likely result in penalty fees rather than payment of an amount owed by the consumer.  In addition, while consumers might potentially benefit in some instances where their accounts are reopened to receive deposits that benefit does not outweigh the injuries that can be caused by unilateral account reopening.

Further, not reopening accounts may benefit consumers in certain circumstances.  For example, declining a deposit submitted to a closed account alerts the fund’s sender that they have incorrect account information and may encourage the sender to contact the consumer to obtain updated account information.  Declining a debit also provides an opportunity for the sender of the debit to inform the consumer of any erroneous account information, providing the consumer with the opportunity to make the payment with a current account or through another process.

The Bureau brought an enforcement action regarding this practice under the CFPA’s prohibition against unfair, deceptive or abusive practice provision and concluded that an institution’s practice of reopening consumer accounts without obtaining consumer’s prior authorization and providing timely notice caused substantial injury to consumers that was not reasonably avoidable or outweighed by any countervailing benefit to consumers or to competition.  As such, the Bureau’s circular recommends that government enforcers consider whether a financial institution has violated the prohibition against unfair acts or practices in the CFPA if they discover that a financial institution has unilaterally reopened accounts that consumers previously closed.