Industry News

Looking for an article from a previous week? Visit the NASCUS Digital Article Repository. Further information can be found in the Digital Library, under News & Analysis in the top navigation.

 

Articles for October 28, 2022

FHFA Announces Validation of FICO 10T and VantageScore 4.0 for Use by Fannie Mae and Freddie Mac

Fannie Mae and Freddie Mac will accept FICO 10T and VantageScore 4.0 in a multiyear effort with the industry

Oct. 24, 2022 — The Federal Housing Finance Agency (FHFA) today announced the validation and approval of both the FICO 10T credit score model and the VantageScore 4.0 credit score model for use by Fannie Mae and Freddie Mac (the Enterprises).

As a result of FHFA’s announcement, lenders, investors and other industry stakeholders, as well as borrowers and first-time homebuyers, can expect:

  • More Accurate Credit Scores: Part of the evaluation of new credit score models included extensive testing by the Enterprises to ensure that any validated and approved models met the necessary accuracy standards to treat borrowers fairly and to protect the safety and soundness of the mortgage market and the Enterprises. Both FICO 10T and VantageScore 4.0 met those standards.
  • More Inclusive Credit Scores: While both Enterprises have already taken steps to expand equitable access to credit, such as enhancements to their underwiting systems, both FICO 10T and VantageScore 4.0 include new payment history information such as rent, utilities, and telecom payments when available.
  • Enhanced Safety and Soundness in the Housing Market: Promoting accuracy and newer innovative credit score models in the housing finance system will ultimately lead to better outcomes for borrowers, lenders, and the Enterprises. Additionally, because both FICO 10T and VantageScore 4.0 are more accurate than Classic FICO, the mortgage market will be provided with an improved view of risk from two different credit score models.

Fact Sheet: FHFA Announcement of Credit Score Models​


“Today’s decision will benefit borrowers and the Enterprises, along with maintaining safety and soundness,” said FHFA Director Sandra L. Thompson. “While implementing the newer credit score models is a significant change that will take time and require close coordination across the industry, the models bring improved accuracy and a more inclusive approach to evaluating borrowers.”

FHFA expects that implementation of FICO 10T and VantageScore 4.0 will be a multiyear effort. Once implemented, lenders will be required to deliver both FICO 10T and VantageScore 4.0 credit scores with each loan sold to the Enterprises. FHFA and the Enterprises will conduct outreach to stakeholders to ensure a smooth transition to the newer credit score models.

For nearly 20 years, the Enterprises have relied on Classic FICO. Today’s announcement is the result of a years-long effort by FHFA and the Enterprises to implement Section 310 of the Economic Growth, Regulatory Relief, and Consumer Protection Act. The new models improve accuracy by capturing new payment histories for borrowers when available, such as rent, utilities, and telecom payments.

FHFA also announced today that the Enterprises will work toward changing the requirement that lenders provide credit reports from all three nationwide consumer reporting agencies (CRAs). Instead, the Enterprises will require lenders to provide credit reports from two of the three nationwide CRAs. The Enterprises will work with stakeholders on a plan for implementing the change from a tri-merge credit report requirement to a bi-merge credit report requirement.

UK Lawmakers Vote to Recognize Crypto as Regulated Financial Instruments     

Courtesy of Sandali Handagama, CoinDesk.com

Oct. 24, 2022 — The lower house of the Parliament voted in favor of adding crypto to the scope of activities to be regulated via the proposed Financial Services and Markets Bill – which already seeks to extend payments rules to stablecoins.

Lawmakers in the U.K. voted in favor of recognizing crypto assets as regulated financial instruments and products in the country on Tuesday. The House of Commons, the Parliament’s lower house, met on Tuesday for a line-by-line reading of the proposed Financial Services and Markets Bill, which broadly covers the U.K.’s post-Brexit economic strategy. The lawmakers considered a list of proposed amendments to the bill, including one put forward by parliamentarian Andrew Griffith to include crypto assets in the scope of regulated financial services in the country.

The draft bill already included measures to extend existing regulations to payments-focused stablecoins, which are cryptocurrencies pegged to the value of other assets like the U.S. dollar or gold. “The substance here is to treat them [crypto] like other forms of financial assets and not to prefer them, but also to bring them within the scope of regulation for the first time,” Griffith, the financial services and city minister, said during the parliamentary meeting before lawmakers voted largely in favor of keeping the amendment in the legislative package.

The local crypto industry, which recently welcomed the news of Rishi Sunak’s appointment as the country’s new Prime Minister, stands to welcome the efforts to give legal recognition to digital assets broadly. The markets bill – and by extension the stablecoin rules – was introduced during Sunak’s time as finance minister in the Boris Johnson administration.

The crypto provision, which relies on the definition of “crypto asset” inserted by a new clause 14, “clarifies that crypto assets could be brought within the scope of the existing provisions” of the Financial Services and Markets Act 2000 relating to regulated financial activities, Griffith said. The measures could regulate crypto promotions and outlaw companies that are not authorized to operate in the country.
“The Treasury will consult on its approach with industry and stakeholders ahead of using the powers to ensure the framework reflects the unique benefits and risks posed by crypto activities,” Griffith said.

Read the entire article here.

Equifax Wants to Help KYC DeFi and NFT Users—And Keep Their Data Private

Equifax and Oasis Labs will together provide a privacy-focused KYC solution for Web3 companies.

Courtesy of Mat Di Salvo, Decrypt.co

Oct. 26, 2022 — Credit reporting giant Equifax, best known for one of the largest data breaches in history, will now help build a data privacy solution for Web3 projects.

The company today announced that it has entered into an agreement with privacy-focused cloud company Oasis Labs to develop an identity management and know-your-customer (KYC) product for Web3 startups, such as DeFi protocols and NFT projects. Web3 refers to the next phase of the internet, which its proponents believe will be more decentralized, built upon blockchain networks, and make use of cryptocurrency.

But the decentralization that blockchain affords does not mean that Web3 products do not need to follow through with identity verification and KYC procedures, and Equifax and Oasis say that a KYC solution with “strong privacy protection” does not currently exist in the Web3 space.

The two companies will therefore work together to build a solution by issuing “anonymous KYC-ed credentials” to Web3 users’ wallets. Neither Equifax nor Oasis immediately responded to Decrypt’s request for further comment on its tech.

“We are working to not only build a better, more efficient decentralized identity and on-chain KYC solution, but to help accelerate the adoption of Web3 and bring more trust to the industry,” Oasis Labs founder Professor Dawn Song said in a press release.

Equifax made headlines in 2017 after suffering a massive data breach—revealing personally identifying details of 143 million U.S. customers. The company was ordered to pay a historic $700 million fine in order to settle enforcement actions with every U.S. state, the Federal Trade Commission, and the Consumer Protection Bureau.


Related Reading: How Binance Is Training Law Enforcement Around the World to Combat Crypto Crime
Crypto exchange Binance has built a specialist team to teach law enforcement officers about the ins and outs of cryptocurrency. Fighting crypto crime starts with fighting the many misconceptions that have built up around it. Like the idea that cryptocurrency transactions are untraceable and anonymous, for example, and that the blockchain industry doesn’t care enough to investigate bad behavior or take action to prevent it.

Related Reading: Top NFT-Related Cybersecurity, Phishing, Hacking and Other Risks in 2022
The continued growth of the market for nonfungible tokens (NFTs) in 2022 has helped shape the zeitgeist of what has been referenced colloquially by some as the “fourth industrial revolution,”[1] defined largely by network effect (e.g., virality); rapid innovation; social, creative and civic engagement; and evolved perspectives with regard to how rights and obligations between and among parties to automated agreements are defined and enforced.

Federal Reserve Bank of Boston: In Crypto, “DeFi” Could Offer 24/7 Access to Financial Services. But Could It Disrupt the Economy?

Boston Fed researchers explore benefits, stability risks of growing “decentralized finance” system.

Courtesy of Amanda Blanco, Federal Reserve Bank of Boston

Oct. 2022 — “Decentralized finance” products and services – or DeFi – are rapidly growing in the world of cryptocurrency. By using public, digital ledgers called blockchains, DeFi aims to create a financial system that operates without any traditional central institutions, like banks.

In theory, DeFi services such as lending, payments, investing, and crowdfunding could be executed all day, every day – with no need for a third party to verify their accuracy and reliability, said Edward Dumas, a lead markets specialist at the Federal Reserve Bank of Boston. Transactions would be secure and anonymous, with financial services available to all people.

“That’s the vision,” Dumas said. “Now, the reality of DeFi … is still in its infancy.”

Dumas said that amid the focus on its benefits, the continually evolving technology may also pose risks to the broader economy. These risks – and what they could mean to the financial system – are explored in a Supervisory Research and Analysis working paper that Dumas co-authored, “Decentralized Finance (DeFi): Transformative Potential & Associated Risks.”

In the paper, the authors note that blockchains aren’t as secure as many people believe. They warn that DeFi can become a tool for criminals and that the very interconnectedness of DeFi can also lead to vulnerabilities. “The rapid growth (of DeFi) … suggests that policymakers should start giving serious consideration to a full range of financial stability issues that could arise should such activities become systemically important,” they wrote.


Linked Report: Decentralized Finance (DeFi): Transformative Potential & Associated Risks


Dumas – who works in the Boston Fed’s Supervision, Regulation & Credit department – wrote the paper with four fellow researchers in the Bank’s Supervisory Research and Analysis Unit: Francesca Carapella, Jacob Gerszten, Nathan Swem, and Larry Wall.

They note that by using blockchains, DeFi offers transparency on near-real time transactions. Users can access a public, continuously updated record of activities generally considered to be “immutable” or unchangeable. But the researchers say that blockchains have been successfully hacked by malicious actors seeking cryptocurrency profits. And they say that even if blockchains were to become completely immutable, that may not be a good thing.

“Blockchain transactions that involve fraud or theft might not be reversed as quickly or easily as they would in traditional finance,” the researchers said.

The authors say that because DeFi has no central authority, there could be technical challenges fixing “bugs,” or mistakes, in the programs stored on the blockchains that run DeFi products and services. The researchers add that the interconnections DeFi creates between markets also present a financial risk: “A shock to one market may spread through DeFi connections to other markets.”

They also note that the censorship-resistant nature of DeFi, which aims to make it accessible to everyone, can invite criminal activity and risk-taking. “Blockchains are already being used to facilitate scams, theft, money laundering, and a variety of other criminal activity. (And they) could facilitate activities that, despite being legal, may increase the risk of financial instability,” the authors wrote.

DeFi could work together with traditional finance, or cause disruptions

Dumas said it’s still unclear how DeFi will co-exist with the traditional financial system. He said they could work in tandem, or DeFi could disrupt the traditional system and cause competition.

The researchers say that as traditional banks offer more cryptocurrency services and loans, it’s possible they may not fully realize the market’s risks, which could lead to legal issues. And it may be easier for customers to sue banks and other traditional financial firms – even in cases where they had relatively minor involvement – rather than try to determine responsible parties “on the DeFi side.”

“If a meltdown occurs in the crypto market, banks could suffer direct losses on their services and loans, create legal exposure from customers who suffered losses in the crypto market, and risk reputational damage,” they wrote. Dumas said DeFi experimentation is ongoing, and it’s important to acknowledge and plan for potential risks related to DeFi and cryptocurrency.

Read the entire article here.

Fintech Firm Upgrade Offers Top U.S. Savings Rate of 3.5% As Competition for Deposits Heats Up

Courtesy of Hugh Son, CNBC


KEY POINTS
  • The fintech startup’s Premier Savings account is being launched Thursday with a 3.5% annual percentage yield, according to CEO Renaud Laplanche. That is higher than any account currently tracked by Bankrate.com, senior analyst Ted Rossman said in an email.
  • Upgrade’s product requires a minimum balance of $1,000 to earn the 3.5% APY. It has few restrictions apart from that.
  • The rate is likely to climb further in coming months and could hit 4.5% next year if the Fed continues to raise rates, Laplanche said.

Oct. 27, 2022 — Credit card startup Upgrade is releasing a new savings account with what it says is the country’s top interest rate as competition for deposits heats up, CNBC has learned.

The fintech firm’s Premier Savings account is being launched Thursday with a 3.5% annual percentage yield, according to CEO Renaud Laplanche. That is higher than any account currently tracked by Bankrate.com, senior analyst Ted Rossman said in an email.

“At 3.5%, we’re by far the best savings account in the country,” Laplanche said during an interview. Competition for deposits is beginning to heat up after an era in which banks were flooded with cash and had little reason to raise rates. That started to change as the Federal Reserve embarked on its most aggressive rate-boosting campaign in decades, squeezing borrowers and finally rewarding long-suffering savers. A year ago, high-yield savings accounts had APYs around 0.5%; now many are over 2%.

The dynamic is closely watched by banking analysts because higher funding costs affect how much the industry stands to benefit from future Fed moves. Even big banks, including JPMorgan Chase and Wells Fargo, have boosted rates for CDs recently, unlike earlier this year when it was mostly smaller institutions raising payouts, Morgan Stanley analyst Betsy Graseck said in a Sept. 30 note.

“This suggests that deposit-pricing pressure is becoming more widely dispersed across the banking industry as rates move sharply higher,” Graseck said. “We believe deposit price competition will continue intensifying from here.”

One reason for that is because fintech players are more established now than in previous rate-hiking cycles, and they tend to pay the highest rates, according to the veteran analyst.

Network effects

Upgrade, a San Francisco-based startup founded by Laplanche in 2016, can afford to pay higher rates than rivals because of its network of 200 small banks and credit unions, according to the CEO. These institutions don’t have national deposit-gathering platforms and, as a result, are willing to pay more for funding, he said.

Ironically, the next highest rate listed by Bankrate.com this week was offered by LendingClub at 3.12%. Laplanche co-founded the fintech pioneer in 2006 before departing a decade later. Similar to other fintech firms like Chime which offer banking services through smartphone apps, Upgrade isn’t a bank; it partners with institutions including Cross River Bank to offer FDIC-backed accounts.

Upgrade’s new account requires a minimum balance of $1,000 to earn the 3.5% APY. It has few restrictions apart from that; the accounts aren’t capped and don’t require users to sign up for Upgrade’s other products to take advantage of the rate, Laplanche said. Other fintech players offer higher rates on limited amounts of money. Fintech firm Current, for instance, offers a 4% APY, but only for savings up to $6,000.

Headed higher

Laplanche said his product’s rate is likely to climb further in coming months as the Fed attempts to wrangle inflation by boosting its benchmark rate, he said. “We’ll follow along with what the Fed is doing,” the CEO said. “If they continue to raise rates, there might be a point next year where we’ll pay 4.5%.”

Upgrade, which was valued at $6.28 billion in a private funding round late last year, is best known for credit cards that turn monthly balances into installment loans.

That feature automates financial discipline for its users and generally reduces the interest they pay versus traditional cards. The product appears to be gaining traction; Upgrade was the fastest-growing card issuer by outstanding balances among the top 50 players, according to industry newsletter the Nilson Report.

Upgrade will continue to build products with the aim of helping Americans navigate life events, including by eventually offering car loans and mortgages, Laplanche said. And unlike many other direct-to-consumer fintech firms, Upgrade is profitable and doesn’t need to raise more funding, he said.

Read the entire article here.

Articles for October 21, 2022

US Lawmakers Introduce Bill Allowing Crypto Investments in 401(k) Retirement Plans

Courtesy of Kevin Helms, Bitcoin.com

Several U.S. lawmakers have introduced the Retirement Savings Modernization Act to provide 401(k) retirement savers access to a wide range of investments, including crypto assets. “With inflation at record highs, a stock market downturn, and a potential recession on the horizon, many Americans are rightfully concerned about their financial future,” said U.S. Senator Pat Toomey.

Retirement Savings Modernization Act Introduced
The U.S. Senate Committee on Banking, Housing, and Urban Affairs announced Thursday that Senators Pat Toomey (R-PA) and Tim Scott (R-SC) and Representative Peter Meijer (R-MI) have introduced a bill called the Retirement Savings Modernization Act.

The bill aims “to bolster Americans’ retirement savings by allowing workers to diversify assets included in defined contribution plans, such as 401(k) plans,” the announcement details. “This legislation will amend the Employee Retirement Income Security Act of 1974 (ERISA) to clarify that private sector retirement plan sponsors may offer plans, including both pensions and 401(k)s, that are prudently diversified across the full range of asset classes.”

Senator Toomey opined, “With inflation at record highs, a stock market downturn, and a potential recession on the horizon, many Americans are rightfully concerned about their financial future,” elaborating: “By providing 401(k) savers with access to the same asset classes as pension plans, my legislation will open the door to a more secure retirement for millions of Americans.”

Related Reading: IRS Expands Key US Tax Language to Include NFTs: Newly released draft instructions for the 2022 tax year change the language from “virtual currency” to broader “digital assets.”

While pension plans and 401(k) plans are covered by the same law, the former have incorporated asset classes outside of the public markets since 1982. Meanwhile, the latter “almost never incorporate exposure to alternative assets due to fiduciaries’ anticipated litigation risk,” the announcement explains. The bill lists “digital assets” as a “covered investment.”

Senator Scott described: “Inflation has eroded and devalued the savings many Americans spent their lives accumulating. This bill would modernize retirement plans to ensure they can provide diverse investments with higher returns. American workers and their families deserve to go about their lives with peace of mind, knowing their hard-earned money will be secure when they choose to retire.”

Until the 1970s, most Americans working in the private sector relied on pension plans for retirement. Today, the vast majority of private sector workers rely on 401(k) plans. “However, pension plans have consistently outperformed 401(k) plans because they diversify across the full range of asset classes, putting one of every five dollars in alternative asset classes like private equity,” the lawmakers noted.

Click here to read the entire article.

Microsoft Confirms Data Breach, But Claims Numbers Are Exaggerated

Courtesy of Eduard Kovacs, Security Week

October 20, 2022 — Microsoft has confirmed that it inadvertently exposed information related to prospective customers but claims that the company which reported the incident has exaggerated the numbers.

Threat intelligence firm SOCRadar revealed on Wednesday that it has identified many misconfigured cloud storage systems, including six large buckets that stored information associated with 150,000 companies across 123 countries.

These buckets, which the firm has dubbed BlueBleed, included a misconfigured Azure Blob Storage instance allegedly containing information on more than 65,000 entities in 111 countries. SOCRadar described it as “one of the most significant B2B leaks”.

SOCRadar said the exposed data belonged to Microsoft and it totaled 2.4 Tb of files collected between 2017 and August 2022. The exposed information allegedly included over 335,000 emails, 133,000 projects, and 548,000 users.

The company said the leak included proof-of-execution (PoE) and statement of work (SoW) documents, user information, product orders and offers, project details, and personal information.

Microsoft confirmed on Wednesday that a misconfigured endpoint exposed data, which the company said was related to “business transaction data corresponding to interactions between Microsoft and prospective customers”. The tech giant said it quickly addressed the issue and notified impacted customers.

“The business transaction data included names, email addresses, email content, company name, and phone numbers, and may have included attached files relating to business between a customer and Microsoft or an authorized Microsoft partner. The issue was caused by an unintentional misconfiguration on an endpoint that is not in use across the Microsoft ecosystem and was not the result of a security vulnerability,” Microsoft explained.

The tech giant has thanked SOCRadar, but it’s not happy with the company’s blog post, claiming that it greatly exaggerates the scope of the issue and the numbers involved.

“Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users,” Microsoft pointed out.

SOCRadar has also made available a free tool that can be used to search for digital assets, hashes, and specified keywords on the dark web and darknet websites. Microsoft is disappointed that this tool has been publicly released, saying that it’s “not in the best interest of ensuring customer privacy or security and potentially exposing them to unnecessary risk”.

The company believes such tools should include a verification system to ensure that a user can only look for data pertaining to them, and not to other users.

 

IRS Expands Key US Tax Language to Include NFTs

Newly released draft instructions for the 2022 tax year change the language from “virtual currency” to broader “digital assets.”

Courtesy of Jesse Hamilton, Coindesk

October 18, 2022 — The U.S. Internal Revenue Service (IRS) has made a move this week to clarify at least one question for crypto investors: how taxpayers account for non-fungible tokens (NFT).

The tax division of the Treasury Department released an updated draft for its 2022 instructions for form 1040 filers that swaps the old category for “virtual currency” with broader new language on “digital assets,” including an explicit recognition of NFTs.

“Digital assets are any digital representations of value that are recorded on a cryptographically secured distributed ledger or any similar technology,” according to the draft instructions. “For example, digital assets include non-fungible tokens (NFT) and virtual currencies, such as cryptocurrencies and stablecoins.”

The previous year’s “virtual currency” section of the U.S. tax-filing instructions was a narrower definition of a digital token “that functions as a unit of account, a store of value or a medium of exchange.” The final tax instructions haven’t yet been released, so the crypto section could still be tweaked before it’s official.

Crypto investors will have to calculate and report taxable income “if you disposed of any digital asset in 2022, that you held as a capital asset, through a sale, exchange, gift, or transfer,” according to the latest document.

 

Digitalization Ranks as Top Priority; Macroeconomic Conditions as Greatest Risk for Global Credit Union Movement Approaching 400-million Members

Expanded 2021 Statistical Report features several new categories of data

Courtesy of Greg Neumann, World Council of Credit Unions

October 18, 2022 — Despite year-to-year growth in overall membership and total assets for the global credit union movement, World Council of Credit Unions’ (WOCCU) 2021 Statistical Report shows major gaps in key product and service offerings have resulted in different priorities and risk concerns for credit unions in different parts of the world.

As of December 31, 2021, there were a total of 393,871,631 members of 87,914 credit unions worth $3.48 trillion in assets across 118 countries.

Along with providing statistics on members, assets, savings and loans, the 2021 Statistical Report also features first-time data sets on credit union:

  • Strategic priorities.
  • Risk Concerns.
  • Access to various products and services.
  • Taxation

“Despite the COVID-19 pandemic continuing to impact credit unions across the globe in 2021, they still managed to increase membership by 5% and grow assets by 9%,” said Elissa McCarter LaBorde, WOCCU President and CEO. “For WOCCU to ensure that type of growth continues, and credit unions are able to reach even more underserved populations, we need to gather more specific data from national credit union associations than ever before. While some data sets in this report are more complete than others, this is just the first step in our plan to offer a continuously clearer picture of the challenges and opportunities credit unions face in each region of the world.”

Membership and assets up, but not everywhere

Credit unions in Africa and Latin America saw the most substantial growth in terms of membership and assets. Africa saw a 42% spike in assets—the largest worldwide. Latin America witnessed the biggest growth in membership at 16%.

Europe was the only region to see a decline in credit union assets, while Australia and New Zealand both saw declining membership.

New data provides insights into regional differences

WOCCU’s 2021 Statistical Report also provides several sets of new data obtained from national credit union associations in more than 40 countries and six regions of the world. Specifically, we asked the credit union associations to:

  • Rank their top strategic priorities and risk concerns moving forward.
  • Describe the level of access credit unions and their members have to certain products and services that are necessary to strengthen and grow our movement.

Strategic priorities

Digitalization is the clear top priority for credit unions overall, with 81% of respondent credit union associations ranking it at or near the top of their lists.

  • 66% identified membership and asset growth as another top priority, including 83% in Europe, 80% in Africa and 57% in Asia.

Regulatory reform was a top priority for 51% of those surveyed, and easily the top priority for respondent credit union associations in North America (100%) and the Caribbean (80%).

Read more here.

Federal Reserve Board, Washington, D.C.: How Much Does Racial Bias Affect Mortgage Lending? Evidence from Human and Algorithmic Credit Decisions

Abstract
We assess racial discrimination in mortgage approvals using new data on mortgage applications. Minority applicants tend to have significantly lower credit scores, higher leverage, and are less likely than white applicants to receive algorithmic approval from race-blind government-automated underwriting systems (AUS). Observable applicant risk factors explain most of the racial disparities in lender denials. Further, we exploit the AUS data to show there are risk factors we do not directly observe, and our analysis indicates that these factors explain at least some of the residual 1-2 percentage point denial gaps. Overall, we find that differential treatment has played a limited role in generating denial disparities in recent years.


Introduction

American families use mortgages to purchase their homes, to lower their housing costs when interest rates decline, and to tap into home equity for a variety of reasons including investments in human capital and small businesses. But not all families can easily get a mortgage; in particular, access to mortgage credit differs sharply by race and ethnicity, which may contribute to the wide racial and ethnic gaps in homeownership and wealth (e.g. Bhutta et al. 2020). For example, in 2018 and 2019, Black mortgage applicants were twice as likely as white applicants to have their application denied by lenders.

In order to craft policies that can address these disparities in credit access, it is crucial to identify what drives them. The landmark study of Munnell et al. (1996) found compelling evidence that discrimination played a major role in mortgage lending decisions in the early 1990’s.1 Since then, the mortgage industry has evolved in many ways, including widespread adoption of technologies such as automated underwriting that can help reduce racially biased credit decisions. Nonetheless, the wide gaps in mortgage denials present in recent data have led many to conclude that discrimination persists. Media reports and survey evidence indicate widespread beliefs that financial institutions do not treat minorities fairly.2 But it has been challenging to firmly assess the role of discrimination without detailed underwriting data on mortgage applicants similar to what Munnell et al. had collected.

In this paper, we use new confidential supervisory data collected under the Home Mortgage Disclosure Act (HMDA) to estimate the extent to which racial and ethnic discrimination by mortgage lenders continues to generate disparities in denial rates. “Discrimination” here refers to lenders treating applicants with identical observed risk factors differently on the basis of race or ethnicity—including both taste-based and statistical discrimination—which has been illegal since 1968 under the Fair Housing Act. Overall, we find that differential treatment has played a limited role in generating denial disparities in recent years, consistent with significant progress in fair lending over the last 30 years.

Rather than differential treatment, we find that group differences in risk characteristics drive most of the disparities in credit access. To start, we show that Black and Hispanic applicants tend to be more leveraged and have much lower credit scores. For example, the average credit score for Black applicants is over 40 points lower than white applicants. We also document that Black and Hispanic applicants are less likely to receive algorithmic approval recommendations from government automated underwriting systems (AUS) than white applicants. These AUS recommendations reflect the underwriting and eligibility guidelines of Fannie Mae, Freddie Mac, the Federal Housing Administration (FHA), and the Veterans Administration (VA), and are “color blind” in that race and ethnicity (or proxies like neighborhood location) cannot be used in the algorithm.

Click here to read the report

Articles for October 14, 2022

How Wi-Fi Spy Drones Snooped on a Financial Firm

Check your rooftops: Flying gear caught carrying network-intrusion kit

Courtesy of Thomas Claburn, The Register

Oct. 6, 2022 — Modified off-the-shelf drones have been found carrying wireless network-intrusion kit in a very unlikely place. The idea of using consumer-oriented drones for hacking has been explored over the past decade at security conferences like Black Hat 2016, in both the US and in Europe. Naomi Wu, a DIY tech enthusiast, demonstrated a related project called Screaming Fist in 2017. And in 2013, security researcher Samy Kamkar demonstrated his SkyJack drone, which used a Raspberry Pi to take over other drones via Wi-Fi.

Now, these sorts of attacks are actually taking place.

Greg Linares, a security researcher, recently recounted an incident that he said occurred over the summer at a US East Coast financial firm focused on private investment. He told The Register that he was not involved directly with the investigation but interacted with those involved as part of his work in the finance sector.

The Register corresponded with an individual affiliated with the affected company who corroborated Linares’s account and asked not to be identified owing to a non-disclosure agreement and employment concerns. In a Twitter thread, Linares said the hacking incident was discovered when the financial firm spotted unusual activity on its internal Atlassian Confluence page that originated from within the company’s network.

The company’s security team responded and found that the user whose MAC address was used to gain partial access to the company Wi-Fi network was also logged in at home several miles away. That is to say, the user was active off-site but someone within Wi-Fi range of the building was trying to wirelessly use that user’s MAC address, which is a red flag. The team then took steps to trace the Wi-Fi signal and used a Fluke system to identify the Wi-Fi device.

“This led the team to the roof, where a ‘modified DJI Matrice 600’ and a ‘modified DJI Phantom’ series were discovered,” Linares explained.

The Phantom drone was in fine condition and had a modified Wi-Fi Pineapple device, used for network penetration testing, according to Linares. The Matrice drone was carrying a case that contained a Raspberry Pi, several batteries, a GPD mini laptop, a 4G modem, and another Wi-Fi device. It had landed near the building’s heating and ventilation system and appeared to be damaged but still operable.

“During their investigation, they determined that the DJI Phantom drone had originally been used a few days prior to intercept a worker’s credentials and Wi-Fi,” Linares said. “This data was later hard coded into the tools that were deployed with the Matrice.”

Click here to read the entire article.

White House to Unveil Ambitious Cybersecurity Labeling Effort Modeled After Energy Star

Courtesy of Suzanne Smalley, CyberScoop

Oct. 11, 2022 — The White House National Security Council will announce plans Tuesday for a consumer products cybersecurity labeling program intended to improve digital safeguards on internet-connected devices, a senior White House official told CyberScoop.

About 50 representatives from consumer product associations, manufacturing companies and technology think tanks will convene at the White House on Oct. 19 for a workshop on the voluntary effort ahead of an expected spring 2023 launch.

The White House briefly described the effort in a document it released Tuesday outlining various cybersecurity initiatives. The administration plans to start with recommending three or four cybersecurity standards that manufacturers can use as the basis for labels that communicate the risks associated with using so-called internet of things devices.


Related Fact Sheet: Biden-⁠Harris Administration Delivers on Strengthening America’s Cybersecurity


Deputy National Security Adviser for Cyber and Emerging Tech Anne Neuberger is spearheading the initiative, which is modeled after Energy Star, a labeling program the Environmental Protection Agency and the Department of Energy operate to promote energy efficiency, the senior administration official said.

“Today when folks buy tech, they buy it for a cool feature, speed to market — cybersecurity is often an afterthought,” said the official, who requested to remain anonymous to speak candidly about the effort. “Everybody realizes that it’s an idea whose time has come.”

The administration is working with the European Union to align on standards since the White House wants products with cybersecurity labels to be sold globally.

The standards under consideration could rate products based on how often manufacturers deploy patches for software vulnerabilities or whether devices connect to the internet without a password, the official said. It is not yet clear who will verify companies’ claims.

The White House hopes the program will reward companies that invest in cybersecurity while also helping consumers find safer products. The status quo in which products hit the market quickly, leaving consumers to muddle through or ignore products’ cybersecurity features, is “not sustainable,” the official said.

In its final report, the U.S. Cybersecurity Solarium Commission recommended that Congress create a nonprofit national cybersecurity certification and labeling authority tasked with “establishing and managing a voluntary cybersecurity certification and labeling program for information and communication technologies,” including software, devices and industrial control systems.

CSC Executive Director Mark Montgomery hailed the White House decision to pursue a labeling program but warned it will be difficult to design and stand up.

Click here to read the entire article.

US Senator Introduces ‘No Digital Dollar Act’ to Prohibit Treasury and the Fed From Interfering With Americans Using Paper Currency

Courtesy of Kevin Helms, Bitcoin.com

Lankford, James

Oct. 1, 2022 — A U.S senator has introduced the “No Digital Dollar Act to prohibit the U.S. Treasury and the Federal Reserve from interfering with Americans using paper currency” if a central bank digital currency is adopted. The bill further states: “No central bank digital currency shall be considered legal tender under section 16 5103 of title 31, United States Code.”

No Digital Dollar Act Introduced
U.S. Senator James Lankford (R-OK) announced Thursday that he has introduced a bill titled “No Digital Dollar Act to prohibit the U.S. Treasury and the Federal Reserve from interfering with Americans using paper currency if a digital currency is adopted and makes certain individuals can maintain privacy over their transactions using cash and coins.”

The bill will “amend the Federal Reserve Act to prohibit the Board of Governors of the Federal Reserve System from discontinuing Federal Reserve notes if a central bank digital currency is issued, and for other purposes,” according to the text of the bill.

Furthermore, “the Secretary of the Treasury may not discontinue minting and issuing coins under this section if a central bank digital currency is issued,” the bill details, adding: No central bank digital currency shall be considered legal tender under section 16 5103 of title 31, United States Code.

Senator Lankford explained that residents in his state have expressed to him their concern that the Treasury “could phase out paper money and transition to a digital dollar.” He stressed that many Oklahomans “still prefer hard currency or at least the option of hard currency.”

The lawmaker added, “There are still questions, cyber concerns, and security risks for digital money,” emphasizing: “There is no reason we can’t continue to have paper and digital money in our nation and allow the American people to decide how to carry and spend their own money.”

Lankford stressed: As technology advances, Americans should not have to worry about every transaction in their financial life being tracked or their money being deleted.

The lawmaker explained that “There is currently no federal statute that prohibits the Treasury from only having a digital currency.”

While the Federal Reserve is working on a digital dollar, Fed Chair Jerome Powell said this week that a U.S. central bank digital currency (CBDC) will take at least a couple of years. “We are looking at it very carefully. We are evaluating both the policy issues and the technology issues, and we are doing that with a very broad scope,” Powell said.

Treasury Announces Two Enforcement Actions for over $24M and $29M Against Virtual Currency Exchange Bittrex, Inc.

Enforcement Actions by OFAC and FinCEN for Apparent Violations of Sanctions and Anti-Money Laundering Obligations

Oct. 11, 2022 — The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) and Financial Crimes Enforcement Network (FinCEN) announced settlements for over $24 million and $29 million, respectively, with Bittrex, Inc. (Bittrex), a virtual currency exchange based in Bellevue, Washington. This is OFAC’s largest virtual currency enforcement action to date.  It also represents the first parallel enforcement actions by FinCEN and OFAC in this space. Investigations by OFAC and FinCEN found apparent violations of multiple sanctions programs and willful violations of the Bank Secrecy Act’s (BSA’s) anti-money laundering (AML) and suspicious activity report (SAR) reporting requirements. These enforcement actions emphasize to the virtual currency industry the importance of implementing appropriate risk-based sanctions compliance controls and meeting obligations under the BSA. The failure to take action can result in violations of OFAC and FinCEN regulations and expose exchanges and others in the virtual currency industry to potential abuse by illicit actors.

OVERVIEW OF OFAC SETTLEMENT WITH BITTREX

Bittrex has agreed to remit $24,280,829.20 to OFAC to settle its potential civil liability for 116,421 apparent violations of multiple sanctions programs. As a result of deficiencies related to Bittrex’s sanctions compliance procedures, Bittrex failed to prevent persons apparently located in the Crimea region of Ukraine, Cuba, Iran, Sudan, and Syria from using its platform to engage in approximately $263,451,600.13 worth of virtual currency-related transactions between March 2014 and December 2017. The applicable sanctions programs generally prohibited U.S. persons from engaging in transactions with these jurisdictions. Based on internet protocol (“IP”) address information and physical address information collected about each customer at onboarding, Bittrex had reason to know that these users were located in jurisdictions subject to sanctions. At the time of the transactions, however, Bittrex was not screening this customer information for terms associated with sanctioned jurisdictions. This information was not voluntarily self-disclosed.

A full description of OFAC’s settlement can be found here.

OVERVIEW OF FINCEN SETTLEMENT WITH BITTREX

Bittrex has agreed to remit $29,280,829.20 for its willful violations of the BSA’s AML program and SAR requirements. FinCEN will credit the payment of $24,280,829.20 as part of Bittrex’s agreement to settle its potential liability with OFAC. FinCEN’s investigation found that, from February 2014 through December 2018, Bittrex failed to maintain an effective AML program. This included deploying inadequate and ineffective transaction monitoring on its platform resulting in significant exposure to illicit finance. Further, Bittrex’s AML program failed to appropriately address the risks associated with the products and services it offered, including anonymity-enhanced cryptocurrencies. Bittrex failed to file any SARs between February 2014 and May 2017, a period of over three years. Bittrex also failed to file SARs on a significant number of transactions involving sanctioned jurisdictions, including transactions that were suspicious above and beyond the fact that they involved a sanctioned jurisdiction. A detailed description of FinCEN’s consent order can be found here.

ADDITIONAL RESOURCES

For information on complying with virtual currency sanctions, see OFAC’s Sanctions Compliance Guidance for the Virtual Currency Industry here and OFAC’s FAQs on virtual currency here.

Articles for October 7, 2022

FinTech Partnerships Pave Path for Branchless Banking

Courtesy of PYMNTS.com

Oct. 6, 2022 — The successful digital bank offers more than banking cloaked in an online wrapper.nTreasury Prime Vice President of Banking Jeff NowickiEmprise Bank Senior VP of Innovation and Development Emily Reisig and Zeta CEO Aditi Shekar told PYMNTS that the branchless approach has the potential to open up new opportunities to both traditional banks and FinTechs.

But to get there, providers need to understand the changing needs and desires of their targeted, tech-savvy — and younger — customers. PYMNTS’ own studies show that a majority of consumers love digital banking features and are happy using digital banks and FinTechs. But fewer than 10% use them as their primary account.

Shekar noted that — with a nod to the millennials out there that opt to interact with their financial services providers online — “our generation has evolved as a digitally native generation.” And as those consumers get older, the expectations of every aspect of lives, banking included, are that the experiences will be “upgraded” to be increasingly available online.


Related Reading: Why Banking Apps Need to Be More Than Just Banking Apps


As so much of life is shifted online, Shekar said, “community is not going to be about where you live — it’s going to be about who you like to talk to and who you like to spend your time with online.” The pressure is on, then, for the banks to upgrade their digital offerings, too, enabling a seamless flow of money movement. To do so, financial institutions (FI) and FinTechs both need to understand the very real shifts happening in the households they seek to serve more adroitly.

We’re no longer in what Shekar termed “single payer mode,” where one person earns the money and spends it. The millennial generation, she remarked, is typically marked by dual income households, and younger consumers neither earn nor manage spend — or even share it — the same way as their parents.

Emprise Bank’s Reisig remarked that “there’s the pressures of technology and of innovation — the technology experiences become the new expectation of our customers.”

Linking Banks and FinTechs

In the past, said panelists, banks may have eyed FinTechs with suspicion, and consumer FinTechs may have sought to build everything in house, or eyed banking charters as a key way to create the digital bank of the future.

But Reisig said there’s room for a partnership model where FinTechs can innovate, create delightful experiences and solve frictions inherent in the digital channels emerging in financial services. Banks like Emprise, she said, can be a supportive banking partner, bringing their knowledge and expertise to bear on all manner of critical banking products.

The banks and FinTechs need a bit of connective tissue to tie their respective strengths together, Nowicki said, who added that providers including Treasury Prime can help connect the two sides of that digital banking equation. The banks, he said, bring their strengths in risk management and regulatory compliance to the table, as purely digital relationships continue to be forged between consumers and banking entities.

“It’s important for the banks that are entering into [the digital banking] space,” he said, “to keep control of certain aspects of the programs and of the relationships.” For the FinTechs, said Shekar, there’s the advantage of not having to build deep integrations with each and every bank partner.

As she noted, “I am not a compliance expert — I’m a software builder, and I like the ability to stay in my lane while still leveraging the capabilities of a bank partner and Treasury Prime at the same time.”

Click here to read the entire article.

When are State Money Transmission Laws Applicable? Blockchain Game Developers and FinCEN

Courtesy of Sheppard Mullin Richter & Hampton LLP; National Law Review, Volume XII, Number 277

Oct. 4, 2022 — The rising prevalence of crypto and virtual currencies has invited the scrutiny of several regulatory bodies who continue to grapple with the unique challenges posed by blockchain technology, FinCEN being one prime example. The Financial Crimes Enforcement Network (“FinCEN”) is an arm of the United States Department of Treasury that seeks to impede financial crimes such as money laundering and terrorist financing, and was the first financial regulator in the U.S. to address virtual currency.

Unsurprisingly, the potential misuse of blockchain technology to conceal money laundering activities—among other financial crimes—is a central issue for FinCEN, which is tasked with implementing and enforcing regulations applicable to these activities. Game developers and publishers monetizing the evolving ecosystem of blockchain games should take particular note—especially as it relates to games that facilitate in-game fungible or non-fungible token exchanges.

As background, FinCEN serves to regulate money transmitters under the federal Bank Secrecy Act. A money transmitter is typically an individual or business that engages in the transfer of funds whether they be based in real or virtual currencies. Such a transfer can occur by any means including by wire or electronic transfer. FinCEN requires all money transmitters to register with FinCEN and comply with a number of compliance obligations including regular reporting to FinCEN (particularly as it relates to user/customer identification and transaction data). On top of that, a myriad of state laws also exists that impose additional regulations on money transmitters. For instance, many states have instituted expensive licensure requirements.

To date, FinCEN has published guidance in several instances regarding its view on how convertible virtual currencies should be treated. First, in 2013, FinCEN explained that “[t]he definition of a money transmitter does not differentiate between real currencies and convertible virtual currencies” and noted that “[a]ccepting and transmitting anything of value that substitutes for currency makes a person a money transmitter under the regulations implementing the [Bank Secrecy Act].” Then, in 2019, FinCEN’s update to its original guidance in fact affirmed its 2013 interpretation and did not establish any new regulatory expectations or requirements.

Thus, under FinCEN’s interpretation, a business that serves as a middleman, accepting payment via virtual currency from one user and passing it along to another, likely qualifies as a money transmitter. In the context of blockchain games, if a game publisher plays a role as a money transmitter in an exchange of tokens—that are deemed a convertible virtual currency—between players, the game publisher is likely also subject to the Bank Secrecy Act and other money transmitter laws. As a result, each game developer that facilitates token exchanges should evaluate which legal and regulatory obligations are applicable to it, in order to maintain compliance with federal laws.

As for state money transmitter laws, such a game might or might not qualify as a money transmitter based on these facts. For instance, California’s Department of Financial Protection and Innovation regulates money transmitters in the state under California’s Money Transmission Act (Cal. Fin. Code § 2000 et seq.), but the guidance around classifying and commercializing certain virtual currency services is still evolving. Thus, if a game developer resides in California and his or her game includes any form of token exchange using virtual currencies, then consulting with an attorney to consider the specific facts would be highly advised to determine whether a license to transmit money is required in California. However, even if a California license is not required, the game developer might still need to comply with federal and other states’ licensure requirements.

Mortgage Borrowers Can Challenge Inaccurate Appraisals Through the Reconsideration of Value Process

Courtesy of Patrice Alexander Ficklin, Makalia Griffith, and Tim Lambert, CFPB

Oct. 6, 2022 — Accurate appraisals are essential to the integrity of mortgage lending. Overvaluation can decrease affordability, make it harder to sell a home or refinance, and increase the risk of foreclosure. Undervaluation can prevent a homeowner from accessing accumulated equity, whether through sale or a home equity loan. Both over- and under-valuation keep individuals, families, and neighborhoods from building wealth through homeownership.

Homebuyers and homeowners can ask for a lender to reconsider a home valuation the consumer believes to be inaccurate. This process is often referred to as a “reconsideration of value” or “ROV.” Borrowers can point out, for example, factual or other errors or omissions, inadequate comparable properties, or provide evidence that the appraisal was influenced by prohibited bias.

Responsible lenders focused on serving their customers typically will provide borrowers with clear, actionable information about how to raise concerns about the accuracy of an appraisal. A lender’s reconsideration of value process must ensure that all borrowers have an opportunity to explain why they believe that a valuation is inaccurate and the benefit of a reconsideration to determine whether an adjustment is appropriate. While an individual lender’s reconsideration of valuation process may vary, lenders must make sure that their reconsideration of value process is nondiscriminatory and available and accessible to all.

Some lenders include information about how to request a reconsideration of value in the copies of appraisals and other home valuations required under the Equal Credit Opportunity Act Valuations Rule. Other lenders may provide information about the reconsideration of value process and a borrower’s ability to provide relevant information before an appraisal is conducted. When lenders provide borrowers with clear, plain-language notice of reconsideration of value opportunities, lenders help ensure that their reconsideration of value process is nondiscriminatory. Lenders that fail to have a clear and consistent method to ensure that borrowers can seek a reconsideration of value risk violating federal law.

Ensuring that homebuyers and homeowners can challenge inaccurate appraisals is one of many efforts that the CFPB and other federal agencies are working on to ensure fair and accurate appraisals. The CFPB has already taken the first step to implement legal requirements to limit bias in algorithmic appraisals. Regulators are also working to provide more oversight over the activities of the Appraisal Foundation, which wields enormous power over the appraisal industry. Learn more about the work of the Interagency Task Force on Property Appraisal and Valuation Equity (PAVE) .

Innovator Q&A: Digital Currency Risks May Be On The Rise, But There’s Hope For Tracking Fraud

Courtesy of Zach Warren, Thomson Reuters Institute

Oct. 4, 2022 — In an in-depth interview with Gurvais Grigg of Chainalysis, we examine how the growth in the use of digital currency also has led to an increase in incidents of fraud involving such assets

For those not fully invested in the digital currency world, it may be tough to completely understand its scope. Although digital assets only began to be traded in 2009, the current worldwide market cap for digital currencies sits at around $1 trillion dollars, according to CoinMarketCap, and nearly $400 billion of that is Bitcoin alone.


Related Reading: Cost of Living Crisis: The Implications for Financial Crime


As digital currencies have become more prominent, however, so has fraud involving crypto. In fact, scammers captured $14 billion in digital currency in 2021, according to blockchain analysis company Chainalysis.

digital currencyThose numbers can be eyepopping for compliance professionals tasked with tracking financial transactions and identifying potential fraud. Those numbers certainly captured Gurvais Grigg’s attention. Grigg, Chainalysis’s Global Public Sector Chief Technology Officer, moved to the private sector in April 2021 by joining Chainalysis after 23 years at the Federal Bureau of Investigation (FBI), most recently as Assistant Director of the FBI Laboratory. An eight-year-old startup, Chainalysis provides software that tracks blockchain transactions, providing the government and financial institution risk managers with both the tools and education around digital transactions and where money is flowing in this emerging ecosystem.

The past year-plus tracking digital currency transactions and fraud have only strengthened the belief that financial institutions and those with whom they work need to begin planning for digital asset risks now. Recently, the Thomson Reuters Institute caught up with Grigg to discuss why he views the blockchain and digital asset transactions as inherently transparent, emerging risks that fraud managers need to know, and what the future of digital asset transactions portends from here.

Thomson Reuters Institute: You’ve written that blockchain can actually increase transparency rather than lessen it. What about the technology makes it trackable?

Gurvais Grigg: It’s a common misconception that crypto is anonymous and untraceable. ‍In fact, it’s quite the opposite: Cryptocurrencies operate on public, immutable ledgers known as blockchains, and anyone can look up the entire history of transactions of cryptocurrencies that use public blockchains like Bitcoin. Cryptocurrencies are more transparent than most traditional forms of value transfer.

Because the blockchain is permanent and immutable, investigators or consumers are able to see transactions in real-time or access them years later with confidence that the records have not been altered. The same is not always the case with traditional fiat investigations and other asset types. Blockchain analytics and data can significantly reduce investigation time and provide this unparalleled transparency for investigators, regulators, and compliance officers now and into the future.

Thomson Reuters Institute: Digital currency in particular has had a reputation for being where people can go to hide money or transactions. Is this reputation changing? And should it?

Gurvais Grigg: Criminals often embrace new technologies, and cryptocurrency is no exception. The early adoption of cryptocurrency by some criminals helped shape its initial reputation. And crypto remains appealing for criminals, primarily due to its pseudonymous nature and the ease with which it allows users to instantly send funds anywhere in the world, despite its transparent and traceable design. Criminals and nation state actors are turning to digital assets for many of the same reasons so many legitimate consumers: Crypto is a low cost, high speed, and secure way to transfer value.

Click here to read the entire interview.

Crypto Contributions to US Election Campaigns Require Legal Navigation

Courtesy of Todd Ehret, Thomson Reuters

Sept. 13, 2022 — As campaign fundraising heats up ahead of the US midterm elections, making political campaign contributions via cryptocurrencies requires careful navigation of federal and state law

The Federal Election Commission (FEC), which governs campaigns for Congress and the presidency, allows cryptocurrency contributions to political committees. State and local races across the country are a different story — campaign finance laws vary significantly. Further, the laws are quickly changing. California, for example, recently reversed a 2018 ban on the use of cryptocurrencies for campaign contributions.

“The landscape of crypto campaign contributions remains a rapidly developing area,” says Chris White, a campaign-finance specialist with the Washington DC-based law firm Wiley Rein.

In an article published on the law firm’s website in June, White and Wiley co-author Caleb Burns wrote: “As interest in the use of cryptocurrencies for political contributions has increased, states have begun to fashion their own sets of laws and regulations governing the use of cryptocurrencies in campaign finance. The approaches taken at the state level fall on a spectrum from a total ban on the contribution or use of cryptocurrencies to the explicit approval of contributions made via cryptocurrency.”

With such a rapidly changing patchwork of laws, it would be wise for professionals in this area to keep up with the legality of crypto campaign contributions.


Federal elections

2014 advisory opinion from the FEC gave a green light to political action committees accepting contributions in Bitcoin. Also, individual federal candidates can accept donations on the form of cryptocurrency, but the FEC prohibits using cryptocurrencies to pay for campaign expenditures.

The FEC holds that that cryptocurrencies fall under the “anything of value” catch-all areas of the Federal Election Campaign Act, which defines such contributions as “any gift, subscription, loan, advance, or deposit of money or anything of value made by any person for the purpose of influencing any election for Federal office.” Therefore, cryptocurrencies are treated similarly to “stocks, bonds, art objects and other similar items that cannot be deposited upon receipt, but will be liquidated at a later date.” The donation’s value is based on the market value of the cryptocurrency on the day of the donation.

Although the FEC specifically referenced Bitcoin in the 2014 advisory, it is presumed that the advisory would apply to other crypto assets. (The commission has a detailed guide to reporting crypto donations on its website.)


States with a green light

In addition to the FEC, Arizona, Colorado, Iowa, Ohio, Tennessee, and Washington have said contributions made via cryptocurrency are permissible.

California recently joined the list when it reversed its ban on crypto contributions after the California Fair Political Practices Commission voted unanimously to repeal the state’s ban on cryptocurrency donations and adopt new rules for accepting the funds. The new California regulation was finalized in late July and will take effect within 60 days. It requires that donations be verified via a know-your-customer (KYC) procedure and be processed through a US-based third-party payments processor registered with Treasury’s Financial Crimes Enforcement Network.

Colorado, Iowa, Ohio, and Tennessee have followed the FEC’s guidance and requirement that the donations should be fair valued at the time of the contributions, and any increases or decreases should be treated as other income or expenditure.

Conversely, Washington and Arizona are treating cryptocurrencies more like traditional forms of currency. Washington state has taken a more restrictive approach, treating crypto donations as the equivalent of cash contributions, capping them at $100, requiring them to be converted to fiat currency within five business days, and prohibiting the use of crypto for the purchase of goods and services. While Arizona stated that “committee[s] may accept an in-kind contribution in the form of cryptocurrency… and such contributions are generally subject to the same rules applicable to traditional contributions in US currency.”

“In keeping with this treatment of cryptocurrency as analogous to ‘traditional’ US currency rather than a commodity, Arizona has neither expressly approved nor expressly foreclosed the use of cryptocurrency by political committees to purchase goods or services,” explained the attorneys at Wiley in their article.

Click here to read the entire article.

Articles for September 30, 2022 Issue:

The DeFi Financial Crime Arms Race: By Taking A Fresh Approach to Stamping Out Financial Crime We Can Build a Safer Future for DeFi. 

Courtesy of Michael Karbouris, CoinDesk

Sept. 27, 2022 — Decentralized finance (DeFi) is a vibrant and innovative ecosystem that has the potential to improve efficiency and transparency in financial markets and serve as a driving force in redefining the future of finance. Built on public permissionless blockchains, DeFi’s mission is to give anyone with an internet connection the ability to tap into financial services, which in turn promotes equal opportunity and financial democratization around the world.

However, given its open nature, DeFi is undergoing the same arms race that has plagued every nascent but innovative technology and industry: fighting criminals who want to take advantage of it.


Related reading: FIs Seek Expert Insights on How Best to Tame Crypto


DeFi is no stranger to financial crime. In 2021, money laundering in crypto accounted for more than $8 billion, with almost $1 billion of this being sent to DeFi protocols. While these headline numbers are concerning, let’s put them in context. It’s estimated that somewhere between 100 and 250 times that number in fiat currency is laundered each year in traditional financial markets – most of it opaque, much of it undetected, and even less acted upon by law enforcement.

The fact that we can estimate with a much higher degree of accuracy how much money is being laundered in DeFi highlights a truth that is sometimes overlooked: DeFi is largely transparent, and a transparent market should in theory be easier to police. The ability to monitor almost every transaction is something that is still near impossible to carry out in traditional fiat markets. And yes, while privacy-oriented protocols in DeFi will likely only get more popular, the beauty of zero-knowledge proof technology is that it allows opt-in transparency while maintaining privacy through pseudo-anonymity.

When it comes to DeFi, ultimately we all want an ecosystem with integrity, one that breeds confidence for the growing crypto community. But simply looking to traditional finance (TradFi) as a model on how to achieve this is not optimal. Rather than trying to fit existing regulations tailored for TradFi markets, we should be understanding DeFi’s idiosyncrasies, focusing on the types of financial crimes that are unique to the DeFi ecosystem and that truly hurt the end user, and aligning methods of detection and prevention with crypto’s core values of decentralization and trustlessness.

The various shades of DeFi-specific financial crime

The whole point of laundering money is to make illicit income, usually generated through criminal activity, appear legal. When it comes to crypto, criminal activities such as theft and fraud can look vastly different to how they appear in traditional financial markets. This is a result of the public nature of the technology, lack of intermediaries and the pseudo-anonymity afforded by permissionless blockchains.

Click here to read the entire article.

 

Fintech Firms Suffer Data Breach Due To Critical Zoho Flaw

Courtesy of Jurgita Lapienytė, CyberNews 

Sept. 27, 2022 — A technology platform servicing financial technology companies fell victim to a cyberattack that exposed sensitive end-user data. Most likely, threat actors behind the breach exploited a critical vulnerability in Zoho’s ManageEngine product.

Last week, the Cybersecurity and Infrastructure Security Agency (CISA) warned of a critical remote code execution (RCE) vulnerability in the Indian company’s ManageEngine program, warning it has been exploited in the wild.

Rated 9.8 out of 10 on the The Common Vulnerability Scoring System (CVSS), the bug was patched by Zoho on June 24.


Related reading: 21 Hackers Made Over $1M on HackerOne

Related event: Registration Open for NCUA Webinar on Defending Against Ransomware Attacks


“This remote code execution vulnerability could allow attackers to execute arbitrary code on affected installations of Password Manager Pro, PAM360, and Access Manager Plus. Authentication is not required to exploit this vulnerability in Password Manager Pro and PAM360 products,” Zoho said in June, urging users to upgrade immediately.

Zoho has at least 80 million customers worldwide, including big companies like Netflix, Amazon, Fortinet, Facebook, KPMG, Renault, HP, and Tesla, among others.

CISA issued a warning “based on evidence of active exploitation.” The Cybernews Research team found one instance where threat actors most likely exploited the critical flaw to breach an organization.

The hack

A threat actor hacked into the BankingLab software-as-a-service (SaaS) banking platform, servicing fintech companies, and is giving away access to its clients’ servers and customers for free. It is believed that BankingLab had been relying on ManageEngine to protect its network.

On September 24, a new user on a popular hacker forum posted the following message: “Recently, we have obtained all server permissions of BankingLab and obtained all customer data, including the transaction flow of each customer’s user [and] identity information. Now I will share the data and master key of the PAM360 password management system inside BankingLab with you, which contains the sshkey of internal services [and] various system and server passwords. Please enjoy.”

BankingLab provides a “full stack of digital banking services” to financial technology (aka “fintech”) companies, including modules for customer account management, payment processing, issuing cards, and providing loans and deposits. Its clients include Vialet, Simplex, Bankera, and Perlas Finance.

“We help entrepreneurs with our technology, guiding you from business ideas to successful licensed financial institutions,” the company claims.

BankingLab is a brand owned by Baltic Amber Solutions (BAS), which is headquartered in Vilnius, Lithuania. In an interview with a local news outlet in 2021, BAS head and co-founder Narimantas Bloznelis said: “We want to build a platform corresponding to all fintech solution needs, and to become a financial services Amazon.”

The Cybernews research team has investigated the leak posted by the threat actor, and it turns out to be an SQL database dump and master key of the PAM360 password management system inside bankinglab.com. Short for “structured query language”, SQL is commonly used in programming and managing data and can be exploited as an attack vector by cybercriminals.

Click here to read the entire article.

Bank to Pay $13M in Mortgage Redlining Case, as Feds Target Discriminatory Loan Practices 

Coutesy of Charles Toutant, Law.com

Redlining is getting more attention now after getting less attention during the previous administration, said Matthew Adams, a white-collar defense lawyer at Fox Rothschild who handles redlining cases. “I think it fits with the current administration’s focus on civil rights abuses,” Adams said.

What You Need to Know

  • Lakeland Bank agrees to pay $13 million to settle allegations that it avoided issuing home mortgages in Black and Hispanic neighborhoods around Newark.
  • The Justice Department is accelerating its investigation and prosecution of redlining.
  • Lakeland Bank denies any wrongdoing in the case but says it wanted to avoid the distraction of prolonged litigation.

Sept. 28, 2022 — A New Jersey-based bank agreed to pay $13 million to resolve allegations that it engaged in discriminatory lending practices in Newark and nearby areas, the Department of Justice announced.

Lakeland Bank engaged in redlining by avoiding the issuance of loans in Black and Hispanic neighborhoods of Essex, Somerset and Union counties, the Justice Department said. The Lakeland case is part of an amped-up effort to target mortgage redlining under Attorney General Merrick Garland, the Justice Department said.

From at least 2015 to 2021, all Lakeland branches were located in majority-white neighborhoods, and its loan officers did not serve the needs of Black and Hispanic neighborhoods in Newark and nearby, the complaint alleged. The CEO of Lakeland said his bank would settle with the Justice Department even though he denied the allegations.

“While we strongly disagree with any suggestion we have acted improperly, Lakeland Bank has fully cooperated throughout this process and remains confident that we have been fully compliant with all fair lending laws,” said Thomas Shara, president and CEO of Lakeland Bank. “This resolution avoids the distraction of protracted litigation and allows us to focus our time, expertise, and resources towards achieving a shared goal of meeting the credit needs of all residents within our communities, including those who historically have been underserved.”

John Gorman of Luse Gorman in Washington represents Lakeland Bank in the redlining case. He declined to comment on the case.

Just one day before the charges were announced, Lakeland, headquartered in Oak Ridge, New Jersey, said it would merge with Iselin, New Jersey-based Provident Bank. A Provident spokesman said that bank was aware of the redlining charges, and the announcement would not derail the merger.

Last month the Justice Department said it would collaborate with the Consumer Financial Protection Bureau and the Office of the Comptroller of the Currency to aggressively prosecute redlining, which violates the Fair Housing Act and the Equal Credit Opportunity Act.

The department said it was expanding its analyses of potential redlining to both depository and nondepository institutions, which are lenders that do not provide typical banking services but engage in mortgage lending.

More redlining prosecutions are likely in the future, said Matthew Adams, a white-collar defense lawyer at Fox Rothschild in Morristown. Redlining is getting more attention now after sitting on the back burner during the Trump administration, Adams said.

“I think it fits with the current administration’s focus on civil rights abuses,” Adams said. The nondepository institutions that are suddenly under scrutiny for redlining are the same institutions that are under the spotlight for violations related to COVID-19 stimulus funds, he said. “By their nature, being nondepository institutions, they have been subject to perhaps less scrutiny,” he said.

“Financial institutions that refuse to provide mortgage lending services to communities of color not only contribute to the persistent racial wealth gap that exists in this country, but also violate federal law,” Garland said in a statement. “The agreement with Lakeland announced today represents the Justice Department’s continued commitment to addressing modern-day redlining, and to ensuring that all Americans have equal opportunity to obtain credit, no matter their race or national origin.”

“Redlining creates an unequal playing field that unfairly prevents many persons of color from achieving the dream of home ownership, and this type of systemic and intentional discrimination cannot and will not be tolerated,” U.S. Attorney Philip Sellinger said. “It is wholly unacceptable that redlining persists into the 21st century, and this case demonstrates our commitment to combating redlining and hold banks and others accountable when they engage in unlawful discrimination. Through this agreement, we are taking a major step forward by removing unlawful and discriminatory barriers in residential mortgage lending.”

Lakeland agreed to invest $12 million in a loan subsidy fund for residents of Black and Hispanic neighborhoods in the Newark area, as well as $750,000 for outreach and consumer education, and $400,000 for development of community partnerships to provide services to increase access to residential mortgage credit.

The bank also agreed to open two branches in neighborhoods of color, including one in Newark. It also agreed to have four loan officers dedicated to serving the Newark area and to employ a community development officer who will oversee expansion of lending in communities of color.

ICYMI: An Iowa Credit Union Sues Apple for Antitrust Violations

Courtesy of Malathi Nayak, law.com

Apple is accused of using its market power to fend off competition from rival payment apps and charging card issuers fees to boost its bottom line.

Apple Inc. was hit with an antitrust lawsuit over Apple Pay, accused of using its market power in the mobile device industry to fend off competition from rival payment apps and charging card issuers fees to boost its bottom line.

The proposed class-action complaint by Affinity Credit Union marks the latest antitrust battle for the iPhone maker, after facing increased scrutiny in recent years over its App Store policies from government regulators. European regulators, after a nearly two-year investigation, also found on a preliminary basis that Apple abused its dominant position with Apple Pay in the market for tap-to-pay apps or mobile wallets.

IPhone users must use Apple Pay if they want to buy something by tapping the phone against a terminal in a store. Other iPhone payment services such as PayPal and Square, as well as financial institutions such as Chase, Citi and American Express, can’t launch tap-to-pay iPhone apps with their own features and interface.

By excluding competition, Apple can charge “payment card issuers fees that no other mobile wallet ventures to impose,” Affinity Credit Union, the Des Moines, Iowa-based payment card credit union that issues payment cards, said in the lawsuit, filed Monday in federal court in San Jose, California.

Apple charges issuers 0.15% on credit card transactions and 0.05% on debit cards. Google Pay and Samsung Pay, operating on the Android system, don’t charge card issuers any fees. The Apple Pay fees “generated a reported $1 billion for Apple in 2019, and this revenue stream — earned from card issuers — is predicted to quadruple by 2023,” Affinity Credit Union said in the lawsuit.

“If Apple faced competition, it could not sustain these substantial fees,” Affinity Credit Union said.

The credit union claims Apple is violating the Sherman Act, designed to protect competition, by tying its mobile devices and mobile wallet together and by exclusing all competitors.

Click here to read more.

 

DOJ Asks Congress for Tools to Limit NFT Money-Laundering Risk

Courtesy of PYMNTS.com

Sept. 22, 2022 —Down at the very bottom of the crypto crime report the Justice Department issued last week was a request that could make it a lot harder to buy and sell NFTs.

Citing examples of criminals using the sale of the popular nonfungible tokens that hold art, video, music and collectibles to launder funds, the Justice Department asked Congress to define some of all NFTs as “value that substitutes for currency” under the Bank Secrecy Act (BSA).

Doing so, it said in “The Role of Law Enforcement in Detecting, Investigating, and Prosecuting Criminal Activity Related to Digital Assets,” would “make clear that its key [anti-money-laundering (AML) and countering the financing of terror (CFT)] provisions — including the obligations to have customer identification programs and report suspicious transactions to regulators — apply to NFT platforms, including online auction houses and digital art galleries.”


Related Reading: DOJ Seeks to Double Jail Time for Money Transmission Crimes

Related Reading: How Did NFTs Become SEC’s Newest Crypto Target?


The impetus, the department said, is the “explosive growth in the demand and corresponding markets for NFTs, perhaps most notably in the area of digital art.”

Substantial Risk

This “presents substantial money-laundering risks,” it said, citing a February Treasury Department study on money laundering in the broader art market.

“NFTs can be used to conduct self-laundering, a sequence in which criminals purchase an NFT with illicit funds and then resell to a purchaser who pays for it with clean funds unconnected to a prior crime,” that report noted.

It also found that in most cases, “digital assets that are unique, rather than interchangeable, and that are used in practice as collectibles rather than as payment or investment instruments … are generally not considered to be virtual assets under [international regulations].”

The “nonfungible” part of NFT means that each is unique and cannot substitute for any other, as opposed to cryptocurrencies like bitcoin which all have the same uses and value.

NFT marketplaces “may take the view that this definition [of a ‘value that substitutes for currency’] does not apply to their activities — and that they are thus not subject to the BSA’s anti money-laundering and anti-terrorism laws, the department said.

Justice is asking Congress to amend the BSA “to make clear that its key AML/CFT provisions — including the obligations to have customer identification programs and report suspicious transactions to regulators — apply to NFT platforms, including online auction houses and digital art galleries.”

Already There

Redefining NFTs as “value that substitutes for currency” would allow the Treasury Department’s Financial Crimes Enforcement Unit (FinCEN) to “potentially seek to regulate such activity under its money transmission regime,” a trio of lawyers at Skadden, Arps, Slate, Meagher & Flom wrote in an April blog post.

That, according to Jamie Boucher, Eytan Fisch and Javier Urbina, would require NFT marketplaces to register as money services businesses (MSB) with FinCEN.

Some types of NFTs — notably those used to fractionalize tangible assets like physical artworks and real estate, but also other valuable art or collectible tokens — are likely securities, the Securities and Exchange Commission (SEC) has said.

In FinCEN’s view, the trio noted, those can be repurposed to fit the definition of “value that substitutes for currency” and thus may already require MSB licenses.

EU Finalizes Legal Text for Landmark Crypto Regulations Under MiCA

Courtesy of Jack Schickler, Sandali Handagama, CoinDesk

Click to access video discussion.

Sept. 22, 2022 —The European Union has finalized the full text of its landmark Markets in Crypto Assets (MiCA) legislation. Officially, the text is still open to comments, but sources briefed on the talks have told CoinDesk that it is, in practice, finalized.

A leaked draft of the bill dated Sept. 20 and verified by CoinDesk urges EU enforcers to take a “substance over form” approach to the law, meaning its provisions could even apply to some assets categorized as non-fungible tokens (NFT).

MiCA, once passed into law, will require issuers of crypto assets to publish white papers containing technical roadmaps, for platforms to register with the authorities, require stablecoin issuers to hold capital and be prudently managed.

The new draft also features changes that could indicate how the EU might treat algorithmic stablecoins, which were notably excluded from MiCA’s scope when it was first introduced in 2020. Algorithmic stablecoins – similar to the recently collapsed terraUSD (UST), which used another cryptocurrency and a bit of code to balance its price and supply – should fall within the scope of regulation “irrespective of how the issuer intends to design the crypto asset, including the mechanism to maintain a stable value.”

“Offerers or persons seeking admission to trading of algorithmic crypto assets that do not aim at stabilizing the value of the crypto assets by referencing one or several assets should in any event comply with Title II of this Regulation,” a Recital in the draft said, referring to the section of the law that lays out requirements for crypto asset issuers.

A Recital is a text that introduces an EU law and sets out its motivation. Though not – unlike the substantive articles of the regulation – legally binding, a recital can be used by supervisors and courts when interpreting the scope of the legislation.

An older draft also sought to limit the issuance of stablecoins backed by asset reserves that were denominated in a “non-EU currency” to introduce “a minimum denomination or to limit the amount issued,” which the industry feared would block popular U.S. dollar-pegged stablecoins like USDC out of the EU market. The new draft proposes this rule should be modified to apply to all issuers of asset-backed stablecoins, regardless of the currency of denomination.

Are NFTs in or out?
NFTs are typically designed to have a unique digital identifier that cannot be copied, interchanged or subdivided, but the rise of fractionalized assets – where a set of fungible tokens are issued to represent one NFT – have been drawing some attention from regulators as they could resemble traditional securities.

While the leaked draft – thrashed out in a series of technical meetings following a June 30 deal – shows MiCA doesn’t apply to NFTs that are genuinely unique and incapable of being traded with each other, “the issuance of crypto-assets as non-fungible tokens in a large series or collection should be considered as an indicator of their fungibility,” the final compromise text says in a Recital, even if the issuer gave it a unique identifier.

The details of the provision have caused concern within the industry. The exact drafting used could determine whether in practice the regulation covers the bulk of the NFT market – such as similar, but distinct Bored Apes, implying issuers and trading platforms would be caught by its strictures.

When considering whether to regulate a particular asset, national and EU regulators “should adopt a substance over form approach under which the features of the asset in question should determine the qualification, not its designation by the users,” the text added.

How the Fed’s Rate Increase Will Hit Americans’ Monthly Budgets

Courtesy of By Julia Carpenter, Wall Street Journal

Sept. 21, 2022 —The Federal Reserve raised rates another 0.75 percentage point Wednesday, as part of its continuing effort to stamp out stubbornly high inflation. Americans are only beginning to feel the full impact of these moves.

By raising rates, the Fed seeks to cool the economy and rein in inflation, which continued to run higher than expected in August. Higher interest rates raise the cost of carrying credit-card balances and taking out mortgages, car loans and other debt, but consumers may not immediately feel the effects. Even outsize increases like the central bank’s recent hikes reach wallets and the broader economy somewhat gradually over weeks and months, economists say.


Related Reading: The Fed Forecasts Hiking Rates as High as 4.6% Before Ending Inflation Fight


“There’s no easy answer for when it starts to pinch,” said Caroline Fohlin, an economist at Emory University. “It’s acting like a vice, just tightening more and more.”

To put the rate increases in context, it helps to look at the actual effect higher rates are having on Americans’ monthly expenses for credit cards and other debt since the Fed began this effort six months ago.

Rising rates will increase your credit card bills
The average annual percentage rate on a credit card increased from around 16.17% in early March to more than 18% in September, because of rate increases, according to Bankrate. Since the average household carries a $8,942 balance, according to WalletHub, that works out to roughly an extra $14 in interest each month.

These numbers may appear small, said Nina O’Neal, partner and investment adviser with AIM Advisors, but the relatively quick rate of increases can creep up.

Higher mortgage rates make homes less affordable
The change in the cost of borrowing to buy a house has been more pronounced in what has already been a pricey housing market. Before the Fed’s move, the average fixed rate on a 30-year mortgage recently rose to 6.02%, from 4.16% the week of March 17, and additional rate increases would likely push mortgage rates even higher.

Rising rates can translate to hundreds of dollars more in a monthly mortgage payment. The median home price reached $403,800 in July, according to data from the National Association of Realtors. Someone putting a 20% down payment on such a home and taking out a 30-year mortgage with a 6% rate will now pay around $2,400 a month. If they made the same purchase six months ago, their monthly payments would be nearly $250 less.

Click here to read the entire article.

 

The Data Point: Paycheck-to-Paycheck Living Now Stands at 59% of All US Consumers

Courtesy of PYMNTS.com

Sept. 2, 2022 —With inflation deflating the dollar and prices through the roof, more Americans report they are living paycheck-to-paycheck, though the stats vary month to month.

For the latest study in the series “New Reality Check: The Paycheck-To-Paycheck Report: Emergency Spending Edition,” a PYMNTS and LendingClub collaboration, we surveyed over 4,000 U.S. consumers, finding that nearly 3 in 5 U.S. consumers were living paycheck to paycheck in July 2022 — a 5 percentage-point increase from July 2021.

As the study states, “Living paycheck to paycheck is becoming the norm, and as many consumers now live paycheck to paycheck without issues paying bills as those who do not live paycheck to paycheck. The affluent are not immune to these trends, either, as the share of high-income consumers living paycheck to paycheck has increased in the past year.”

Related Report: New Reality Check — The Paycheck-To-Paycheck Report: Emergency Spending Edition

  • Paycheck-to-paycheck living now stands at 59% of all U.S. consumers.

While the 59% of consumers living paycheck to paycheck in July was a slight improvement over the June figure of 61%, the year-over-year trajectory combined with the ongoing inflationary crush is a combination keeping more Americans in the “making ends meet” category.

Per the study, the share of consumers living paycheck to paycheck across income levels has fluctuated, but “it has also trended upward, especially for those in higher income brackets. For instance, 74% of consumers annually earning less than $50,000 were living paycheck to paycheck in July 2022, a decrease from 76% in July 2021.

“All other consumers became more likely to be living paycheck to paycheck: 63% of those annually earning $50,000 to $100,000 were living paycheck to paycheck in July 2022, up from 55% in July 2021, as were 43% of those earning more than $100,000 per year, a 9 percentage-point increase from 34% in July 2021.”

 

Articles for September 16, 2022 Issue:


Say Hello to Crazy Thin ‘Deep Insert’ ATM Skimmers

Courtesy of Brian Krebs, KrebsonSecurity.com

Sept. 14, 2022 — A number of financial institutions in and around New York City are dealing with a rash of super-thin “deep insert” skimming devices designed to fit inside the mouth of an ATM’s card acceptance slot. The card skimmers are paired with tiny pinhole cameras that are cleverly disguised as part of the cash machine. Here’s a look at some of the more sophisticated deep insert skimmer technology that fraud investigators have recently found in the wild.

The insert skimmer pictured is approximately .68 millimeters tall. This leaves more than enough space to accommodate most payment cards (~.54 mm) without interrupting the machine’s ability to grab and return the customer’s card. For comparison, this flexible skimmer is about half the height of a U.S. dime (1.35 mm).

These skimmers do not attempt to siphon chip-card data or transactions, but rather are after the cardholder data still stored in plain text on the magnetic stripe on the back of most payment cards issued to Americans.

Here’s what the other side of that insert skimmer looks like.

The thieves who designed this skimmer were after the magnetic stripe data and the customer’s 4-digit personal identification number (PIN). With those two pieces of data, the crooks can then clone payment cards and use them to siphon money from victim accounts at other ATMs.

To steal PINs, the fraudsters in this case embedded pinhole cameras in a false panel made to fit snugly over the cash machine enclosure on one side of the PIN pad.

Click here to see the entire range of images on ATM skimmers

The financial institution that shared the images above said it has seen success in stopping most of these insert skimmer attacks by incorporating a solution that NCR sells called an “insert kit,” which stops current skimmer designs from locating and locking into the card reader. NCR also is conducting field trials on a “smart detect kit” that adds a standard USB camera to view the internal card reader area, and uses image recognition software to identify any fraudulent device inside the reader.


Related Reading:

Crooks Go Deep With Deep Insert Skimmers

Dumping Data from Deep Insert Skimmers


Skimming devices will continue to mature in miniaturization and stealth as long as payment cards continue to hold cardholder data in plain text on a magnetic stripe. It may seem silly that we’ve spent years rolling out more tamper- and clone-proof chip-based payment cards, only to undermine this advance in the name of backwards compatibility. However, there are a great many smaller businesses in the United States that still rely on being able to swipe the customer’s card.

Many newer ATM models, including the NCR SelfServ referenced throughout this post, now include contactless capability, meaning customers no longer need to insert their ATM card anywhere: They can instead just tap their smart card against the wireless indicator to the left of the card acceptance slot (and right below the “Use Mobile Device Here” sign on the ATM).

For simple ease-of-use reasons, this contactless feature is now increasingly prevalent at drive-thru ATMs. If your payment card supports contactless technology, you will notice a wireless signal icon printed somewhere on the card — most likely on the back. ATMs with contactless capabilities also feature this same wireless icon.

Once you become aware of ATM skimmers, it’s difficult to use a cash machine without also tugging on parts of it to make sure nothing comes off. But the truth is you probably have a better chance of getting physically mugged after withdrawing cash than you do encountering a skimmer in real life.

So keep your wits about you when you’re at the ATM, and avoid dodgy-looking and standalone cash machines in low-lit areas, if possible. When possible, stick to ATMs that are physically installed at a bank. And be especially vigilant when withdrawing cash on the weekends; thieves tend to install skimming devices on Saturdays after business hours — when they know the bank won’t be open again for more than 24 hours.

Lastly but most importantlycovering the PIN pad with your hand defeats one key component of most skimmer scams: The spy camera that thieves typically hide somewhere on or near the compromised ATM to capture customers entering their PINs.

Shockingly, few people bother to take this simple, effective step. Or at least, that’s what KrebsOnSecurity found in this skimmer tale from 2012, wherein we obtained hours worth of video seized from two ATM skimming operations and saw customer after customer walk up, insert their cards and punch in their digits — all in the clear.

 

BSA Violation: Former CUSO Owner Admits to $1 Billion Scheme Targeting a New York Credit Union

Courtesy of By Peter Strozniak, CUTimes.com 

Sept. 14, 2022 —A New York man admitted in federal court Tuesday he was part of a scheme that channeled $1 billion in high-risk transactions, including millions of dollars of bulk cash transactions from a Mexican bank, to New York State Employees Federal Credit Union.

Hanan Ofer, 69, pleaded guilty to failing to maintain an effective anti-money laundering program in violation of the Bank Secrecy Act, according to a prepared statement from the U.S. Attorney’s office for the Eastern District in Brooklyn, N.Y.

From 2014 to 2016, Ofer and Gyanendra Asre of Greenwich, Conn., devised and carried out a scheme after they opened and operated a CUSO to bring lucrative and high-risk international financial business to what prosecutors called “a small, unsophisticated credit union.” The NYSEFCU-CUSO was a money services business registered with FinCEN.

Nevertheless, the U.S. Attorney also said in its prepared statement that Ofer was experienced in international banking, trained in anti-money laundering compliance and procedures, and represented to NYSEFCU that he and the CUSO would conduct appropriate anti-money laundering oversight mandated by the Bank Secrecy Act.

Asre, whose criminal case is pending, pleaded not guilty to eight counts of failing to maintain an anti-money laundering program at the credit union, failing to maintain an effective AML program at the credit union’s CUSO, failing to file suspicious activity reports and operating an unlicensed money transmitting business.

Asre was NYSEFCU’s compliance officer from March 2015 to June 2016 and also was a member of the credit union’s supervisory committee from November 2014 to April 2016. He was a 25% owner of the NYSEFCU-CUSO. Ofer was employed as a manager of logistics at an unidentified U.S. financial institution and owned 25% of the NYSEFCU-CUSO.

In their prepared statement, prosecutors said Ofer failed to implement an effective anti-money laundering program at the NYSEFCU-CUSO and other entities, which caused the credit union to process high-risk transactions, including from Mexican banks, without appropriate oversight and without ever filing a single suspicious activity report required by law. Asre and Ofer also owned and operated DDH Group LLC, an unlicensed money transmitting and money services business that conducted some of these high-risk transactions, federal prosecutors said.

According to the indictment, from November 2014 to June 2016, the CUSO received more than $100 million in bulk cash deposits of U.S. currency into a federal reserve account that originated from an unidentified Mexican bank. Those funds were then wired to the Mexican bank’s accounts at an unidentified U.S. financial institution, according to the indictment that was unsealed in April 2021 in U.S. District Court for the Eastern District of New York in Brooklyn.

Ofer faces up to 10 years in prison, prosecutors said. His sentencing hearing has not been scheduled.

In October 2017, the $1.8 million, 1,183-member NYSEFCU was liquidated by the NCUA, which declined to comment on whether the alleged $1 billion in high-risk transactions contributed to its decision to close the credit union.

NYSEFCU’s financial performance reports showed that in the three years before Asre and Ofer were providing their services (2012-2014), the credit union was making $11,000 to $13,000 in fee income. In 2015 and 2016, the credit union’s fee income substantially increased to $87,000 and $79,000, respectively.

 


Zelle: ‘We’re Doing Over $1 Million a Minute’ In Transactions, Early Warning Services CEO Says

Early Warning Services CEO Al Ko joins Yahoo Finance Live to discuss Zelle notching over $5 billion in payments over the last five years, nearly 1,700 banks using the Zelle transfer service, growth for Zelle, and the future of fintech.

Click here to watch the video interview.

Sept. 8, 2022 — Video Transcript
YF: Money sharing app Zelle is marking five years in the fintech space and more than 5 billion transactions on the platform since its launch in 2017. Joining me to mark the milestone to discuss the future of fintech space, we’ve got the CEO Al Ko here with me in studio. Al, it’s good to see you in person. What is it, 500 or 5 billion transactions here that we’re looking at right now. That’s a pretty significant milestone when you consider that Zelle was kind of a latecomer when it comes to peer-to-peer transactions.

AL KO: That’s right. A lot of the top peer-to-peer applications have been around for over a decade. Zelle just celebrated its fifth birthday. And we’ve been very fortunate to have amazing distribution and amazing products. So we’re doing over $1,000,000 a minute, if you believe it. Over $1.6 billion a day. And so that’s what adds up to a run rate of over half a trillion dollars in the last 12 months.

YF: Yeah. I was just saying this morning how often I use Zelle to sort of pay out family members or whatnot. But, increasingly, I found that a lot of businesses are doing transactions on Zelle as well. So when you look over the last five years, how has that market expanded for you?

AL KO: Yeah. So if you go back to the origins, it started out as a peer-to-peer solution. And that’s what it was designed for, integrated into a consumer checking account. Fast forward to today. We’ve got 750 banks and credit unions live. That covers about 80% of the population. And here’s the surprise. And I was once a product manager. Even though it’s P2P, a lot of businesses were using it. And the average Zelle transaction is $275. And so think of your dog walker, your hairstylist, paying rent. Those are very common use cases for Zelle.

YF: And how much of that is the advantage that Zelle doesn’t necessarily charge a fee? When you think about something like Venmo, there is a fee that’s attached. The Cash App as well. How much of that has been a big driver for you?

AL KO: Well, the key advantages of Zelle, first, it’s already integrated to your bank account. So you don’t have to download anything else. It’s got the safety and security associated with your bank. The money moves within seconds. And then, of course, it’s free. So it’s all of those. But people really like that it’s tied to their bank and their checking account.

YF: How do you get from 5 billion to 10 billion? Where do you see the market potential moving forward?

AL KO: Well, we expect to continue to see a lot of growth in business and small business in particular, particularly in those service-based businesses where Zelle is better than the alternative, cash and check.

YF: When you look at the fintech space broadly, you’ve got a pretty good pulse, especially on how small businesses are right now. There’s a lot of concern about whether, in fact, we’re headed to a recession, how big the slowdown is going to be. What are you seeing from where you stand?

AL KO: What’s interesting is, from our data at least, we’re not seeing a big slowdown. So, of course, we’re subject to the overall economy. For example, during the omicron surge, we definitely saw a little bit of a pullback. But right now, we’re seeing consumers be robust. So we’re not seeing any kind of slowdown right now.

YF: There’s been a lot of changes in the space. We talk so much about the huge growth that we saw in buy now, pay later players, especially during the pandemic. It feels like there’s a bit of a reckoning happening, not just when we look at the stock moves and the pullback, the layoffs that we’ve heard, but also a lot of consumers saying, look, now it’s time to pay up. And this has not necessarily been a good solution. How do you view that part of the fintech space?

Click here to read the entire article or watch the video interview. 


The Fed Could Crash the Housing Market

Courtesy of Nicole Goodkind, CNN Business

Sept. 14, 2022 —Investors are getting spooked that the Federal Reserve’s aggressive interest rate hikes could damage the US economy (just look at Tuesday’s selloff). One area of growing concern: housing. Interest rate hikes can lead to higher mortgage rates, which could cause people to think twice about buying a home.

So far, sales are slipping, while prices are holding steady. But some economists warn continued historic rate hikes by the Fed could risk crashing the housing market, underscoring the difficult task ahead for the central bank.


Related Reading: Are We Seeing a Mortgage Rate Lockdown?


What’s happening: According to Tuesday’s Consumer Price Index report, housing costs rose 0.7% in August and are up 6.2% year-over-year, the largest increase since 1991.

That increase was largely responsible for August’s higher-than-expected pace of inflation. Combined with a tight labor market, those high prices give the Fed reason to continue to go hard at its policy meeting next week and beyond, Marvin Loh, senior strategist at State Street, told me.

The Fed needs to see housing costs ease by about half a percentage point to reach its ultimate inflation goal, Loh added. The job won’t be easy. Housing prices can remain stubbornly high, even as the Fed works to counteract them.

Housing prices are “the type of sticky inflation that will not ease anytime soon,” Joseph Brusuelas, chief economist at RSM US, told me. “It’s why the Fed will need to demonstrate a show of resolve by increasing the policy rate by 75 basis points at its September meeting despite the encouraging declines in transportation and energy.”

The risks: Some economists are noting weakness in the housing market starting to peek through. Home sales declined in July for the sixth month in a row. Housing starts, a measure of new home construction, also plunged that month as the cost of building supplies remained high and prospective buyers were priced out of the market.

So should the Fed keep up its historic hikes? The central bank must walk a careful line — a housing slowdown has preceded nine out of the past 12 recessions, and investors haven’t forgotten America’s catastrophic housing crisis in 2008.

Keep in mind: Although there are some reasons to suggest the CPI report on housing lags what’s actually going on in the market, and that housing prices could already be on their way down, we’re nowhere near a market collapse.

Still, Federal Reserve officials will face a tough decision in the coming months. Do they use the housing market’s resilience as a mandate to push forward with aggressive rate hikes and risk a crash?


Americans should prepare for a heating bill shock this winter

Gas prices are easing in the US. But winter is coming and the CEO of Chevron, one of the world’s largest energy companies, is warning that relief at the pump could soon be offset by sweat-inducing heating bills. Chevron Chairman and CEO Mike Wirth said in an interview with CNN’s Poppy Harlow “there’s certainly a risk that costs will go up” for American consumers. Wirth is not predicting a rise of the magnitude seen in Europe, where natural gas prices have skyrocketed as Russia has limited exports, reports my colleague Paul R. La Monica.

But in an interview that aired Tuesday, Wirth warned that US prices could be “significantly higher” this winter.

Oil prices are stillup more than 15% so far this year. That has helped boost sales, earnings and the stock prices of companies like Chevron. Shares of the oil producer are up 36% year-to-date, while the broader S&P 500 is 17.5% lower. Wirth acknowledged that his company is making large profits while Americans struggle.

“I recognize that high energy prices are difficult for consumers. That’s why we’ve talked about increasing production, trying to increase supply to markets in a commodity business,” he said. “You go through these cycles. Two years ago, we were losing billions of dollars a quarter. Now we’re making strong profits.”

Bearish investors flock to cash

In more doom and gloom on Wall Street, pessimistic fund managers are selling stocks and piling into cash, according to a Bank of America survey published Tuesday.

“Investors’ perception of the outlook for the global economy remains bleak in September,” Michael Hartnett, Bank of America’s chief investment strategist, wrote in the report, which surveyed 212 fund managerswith more than half a trillion dollars of assets under management in September.

About 72% of respondents expected a weaker economy in the next 12 months, up 5 percentage points from August. The share of investors saying recession is likely also increased in September to 68%, the highest since May 2020.

Unsurprisingly, Wall Street is bracing for corporate profits to soften and equities to continue to crash, the survey showed. The cash levels investors are holding jumped from 5.7% last month to 6.1%, their highestlevel since the September 11 attacks in 2001.

Click here to read the entire article or watch the video interview. 


CISA Orders Agencies To Patch Windows, iOS Bugs Used In Attacks

Courtesy of Sergiu Gatlan, BleepingComputer.com

Sept. 14, 2022 — CISA added two new vulnerabilities to its list of security bugs exploited in the wild today, including a Windows privilege escalation vulnerability and an arbitrary code execution flaw affecting iPhones and Macs. Apple also patched the arbitrary code execution vulnerability on Monday and confirmed that it was exploited in attacks as a zero-day bug in the iOS and macOS kernel.

A binding operational directive issued in November 2021 says that all Federal Civilian Executive Branch Agencies agencies have to secure their networks against bugs added to CISA’sCISA’s catalog of Known Exploited Vulnerabilities.

CISA has given Federal Civilian Executive Branch Agencies agencies three weeks, until October 10th, to address these two security flaws and block attacks that could target their systems.


Related Reading: ‘This Is a Problem We Can Tackle’ — Former White House CIO Wants To Help Credit Unions Outmaneuver Cybercriminals.


“These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise,” CISA warned today.

Since BOD 22-01 was issued, CISA has added over 800 security flaws to the catalog of bugs exploited in the wild, requiring federal agencies to address them on a tighter schedule to block attacks and potential security breaches.

 


Articles for September 9, 2022 Issue:


FTC Alleges: Credit Karma Hurt People’s Credit Scores Using Dark Patterns

The popular credit monitoring company tricked people with false “pre-approved” credit card offers Credit Karma found got them to click ads more often.

Courtesy of Maxwell Strachan, Vice

September 1, 2022 — The Federal Trade Commission is accusing a company of tricking users into signing up for credit cards with so-called dark patterns.

Credit Karma, which offers people a free way to check their credit scores, told people that they had “90% odds” and had been “pre-approved” for credit cards that they actually did not qualify to receive, the Federal Trade Commission says in a new complaint. The federal agency alleges that between February 2018 and April 2021, almost one-third of people who were told they would qualify did not, causing them to “unnecessarily” receive a hard inquiry on their credit reports that often hurt their scores.

The FTC is requiring the personal finance company to pay out $3 million to the people they allegedly deceived and no longer falsely tell people they have been pre-approved for credit cards.

“Credit Karma’s false claims of ‘pre-approval’ cost consumers time and subjected them to unnecessary credit checks,” said Samuel Levine, the director of the agency’s bureau of consumer protection, in a statement. “The FTC will continue its crackdown on digital dark patterns that harm consumers and pollute online commerce.”

Dark patterns are user interfaces that deceive users in non-intuitive ways. According to the complaint, Credit Karma ran A/B testing experiments that showed that people were more likely to click on ads that said they had been pre-approved than they were on ones that said they had “excellent” odds of approval, which the FTC said constituted a dark pattern.

Credit Karma said in a statement on Thursday that the company altered its business so that it no longer tells people they have been pre-approved as of April 2021.

“We fundamentally disagree with the FTC’s allegations about marketing terms that aren’t even in use anymore, but ultimately we reached this agreement to avoid disruption to our mission and maintain our focus on helping our members find the financial products that are right for them,” Credit Karma chief legal officer Susannah Wright said in a statement.

Credit Karma lets people monitor their credit online without affecting their score. Part of the way it makes money is by using the data it receives to allow credit card companies and others to send targeted advertisements to people through the site. When someone buys a product, the third-party companies pay Credit Karma.

“We suggest offers based on your credit, Approval Odds, and money we make from our partners,” the company says on its website. In another area, the company elaborates: “For instance when you take an offer –– like for a credit card or loan –– through Credit Karma, we usually make some money from one of our partners, like the bank that issues the card or the lender who funds your loan.”

Credit Karma knew people were getting denied after the company told them they had been pre-approved, according to the complaint. As evidence, the FTC cited customer service training materials that said one common issue people complained about was “I was declined for a pre-approved credit card offer …. How is that possible?!?!?!”

 

Fannie Mae: High Home Prices, Mortgage Rates Weighing on Housing Sentiment

Year-over-Year Jump in Interest Rates Amplifying Perceptions of Unaffordability for Buyers and ‘Lock-in Effect’ for Sellers

September 7, 2022 — The Fannie Mae (FNMA/OTCQB) Home Purchase Sentiment Index®(HPSI) decreased 0.8 points in August to 62.0, its sixth consecutive monthly decline, as high home prices and elevated mortgage rates continue to weigh on consumer sentiment, particularly home-selling sentiment. Despite the relatively small aggregate change, the HPSI experienced significant volatility among four of its six components, including those measuring consumer perceptions of homebuying and home-selling conditions, as well as expectations regarding the future direction of home prices and mortgage rates.

Month over month, consumers reported that home-selling conditions have worsened – although that component remains strongly positive on net. Consumers also reported that homebuying conditions have improved, but 73% continue to report that it’s a “bad time to buy.” For the first time since the start of the pandemic, consumers are neutral, on net, about the future path of home prices, with an increasing share this month reporting that prices will decline. Meanwhile, a greater share reported the expectation that mortgage rates will decline, even though a majority continue to believe that mortgage rates will go up over the next 12 months. Year over year, the full index is down 13.7 points.

Home Purchase Sentiment Index – Component Highlights
Fannie Mae’s Home Purchase Sentiment Index (HPSI) decreased in August by 0.8 points to 62.0.The HPSI is down 13.7 points compared to the same time last year. Read the full research reportfor additional information.

  • Good/Bad Time to Buy: The percentage of respondents who say it is a good time to buy a home increased from 17% to 22%, while the percentage who say it is a bad time to buy decreased from 76% to 73%. As a result, the net share of those who say it is a good time to buy increased 8 percentage points month over month.
  • Good/Bad Time to Sell: The percentage of respondents who say it is a good time to sell a home decreased from 67% to 59%, while the percentage who say it’s a bad time to sell increased from 27% to 35%. As a result, the net share of those who say it is a good time to sell decreased 16 percentage points month over month.
  • Home Price Expectations: The percentage of respondents who say home prices will go up in the next 12 months decreased from 39% to 33%, while the percentage who say home prices will go down increased from 30% to 33%. The share who think home prices will stay the same increased from 26% to 28%. As a result, the net share of Americans who say home prices will go up decreased 9 percentage points month over month.
  • Mortgage Rate Expectations: The percentage of respondents who say mortgage rates will go down in the next 12 months increased from 6% to 11%, while the percentage who expect mortgage rates to go up decreased from 67% to 61%. The share who think mortgage rates will stay the same increased from 21% to 25%. As a result, the net share of Americans who say mortgage rates will go down over the next 12 months increased 11 percentage points month over month.
  • Job Loss Concern: The percentage of respondents who say they are not concerned about losing their job in the next 12 months increased from 78% to 79%, while the percentage who say they are concerned decreased from 22% to 21%. As a result, the net share of Americans who say they are not concerned about losing their job increased 2 percentage points month over month.
  • Household Income: The percentage of respondents who say their household income is significantly higher than it was 12 months ago increased from 24% to 25%, while the percentage who say their household income is significantly lower increased from 13% to 15%. The percentage who say their household income is about the same decreased from 61% to 59%. As a result, the net share of those who say their household income is significantly higher than it was 12 months ago decreased 1 percentage point month over month.

About Fannie Mae’s Home Purchase Sentiment Index
The Home Purchase Sentiment Index® (HPSI) distills information about consumers’ home purchase sentiment from Fannie Mae’s National Housing Survey® (NHS) into a single number. The HPSI reflects consumers’ current views and forward-looking expectations of housing market conditions and complements existing data sources to inform housing-related analysis and decision making. The HPSI is constructed from answers to six NHS questions that solicit consumers’ evaluations of housing market conditions and address topics that are related to their home purchase decisions. The questions ask consumers whether they think that it is a good or bad time to buy or to sell a house, what direction they expect home prices and mortgage interest rates to move, how concerned they are about losing their jobs, and whether their incomes are higher than they were a year earlier.

About Fannie Mae’s National Housing Survey

Click here to read the entire article.

 

Harvard Researcher: More Americans Tapping Buy Now, Pay Later Services For Groceries ‘Shows the Height of Personal Desperation’

Courtesy of Jessica Dicxkler, CNBC

KEY POINTS

  • With food prices at historic highs, more consumers are turning to buy now, pay later services for their weekly essentials.
  • “Once people start stretching out grocery payments it shows the height of personal desperation,” says Marshall Lux, a fellow at the Harvard Kennedy School.

 September 7, 2022 —As prices rise, Americans are increasingly finding new ways to make ends meet. But with some necessary purchases, such as groceries, there are fewer options that don’t involve taking on debt.

That makes the option to pay later — through companies such as Klarna, Zip, Zilch, Affirm and Afterpay — look increasingly attractive. About two-thirds of consumers have worried in the past month about affording groceries due to the rise of inflation, a recent LendingTree survey found.

At the same time, Zip said it notched 95% growth in U.S. grocery purchases, according to The New York Times. Klarna reported that more than half of the top 100 items its app users are now buying are grocery or household items.

“The fact that there’s a large number of Americans that simply can’t afford to buy food highlights the desperation that this economic climate creates,” said Marshall Lux, a fellow at the Mossavar-Rahmani Center for Business and Government at the Harvard Kennedy School.

“Once people start stretching out grocery payments it shows the height of personal desperation,” Lux added.

Although inflation, overall, began to ease last month along with gasoline prices, food costs climbed 1.1% in July, bringing the year-over-year gain to 10.9%, according to the latest Consumer Price Index figures.

The food-at-home index, a measure of price changes at the grocery store, notched the largest 12-month increase since 1979.

 

Note: As of July 2022. Not seasonally adjusted. Chart: Gabriel Cortes / CNBC Source: U.S. Bureau of Labor Statistics

 

Using BNPL could mean people ‘overextend themselves’ “For someone who has the ability to pay, this is an interest-free loan,” Lux said.

However, BNPL’s rapid growth is driven primarily by younger consumers, with two-thirds of BNPL borrowers considered subprime, Lux noted, which makes them especially vulnerable to economic shocks or a possible recession.

“In the best-case scenario, this will enable people to hang on or, in the worst case, overextend themselves,” he said.

Further, the more BNPL accounts open at once, the more prone consumers become to overspending, missed or late payments and poor credit history, other research shows.

Generally, if you miss a payment there could be late fees, deferred interest or other penalties, depending on the lender. (CNBC’s Select has a full roundup of fees, annual percentage rates, whether a credit check is performed, and if the provider reports to the credit scoring companies, in which case a late payment could also ding your credit score.)

 

Fed Vice Chair Brainard Calls for Crypto-Specific Regulations, Notes Stablecoin Risks

While crypto “has all the same risks that we’re very familiar with from traditional finance,” its quirks need tailored solutions, Lael Brainard said.

Courtesy of Helene Braun, CoinDesk

September 7, 2022Federal Reserve Vice Chair Lael Brainard said the cryptocurrency market bears similar risks to traditional finance, but will need new regulations for situations not covered by existing laws.

“We have seen that the crypto financial system has all the same risks that we’re very familiar with from traditional finance,” she said in a speech at the Clearing House and Bank Policy Institute 2022 annual conference on Wednesday. But given the unique characteristics of crypto, there’s a need for “creating clear regulatory guardrails.”

Brainard is leading the central bank’s exploration of a digital U.S. dollar, and her role as the No. 2 person at the Fed makes her opinions on crypto quite significant. Brainard’s latest remarks echoed her previous statements that the sector needs to meet the same safety standard as traditional finance in order to prevent it from becoming a threat to the broader financial system.


Related Reading:
Banks Fire Back at Warren Over OCC Crypto Guidance: Two bank trade groups asked acting Comptroller Michael Hsu to deny Sen. Elizabeth Warren’s request that the banking agency abandon Trump-era guidance on cryptocurrency.

OCC Acting Director Hsu’s Updated Crypto Comments “Safeguarding Trust in Banking: An Update” (9/7/22): Under my direction, the OCC has adopted a “careful and cautious” approach. The agency put into place this approach through the issuance of Interpretive Letter 1179, which establishes guardrails by clarifying that national banks and FSAs should not engage in certain crypto activities unless they demonstrate that the activities can be performed in a safe, sound, and fair manner.

 Vermont’s Financial Regulator Alleges Celsius and Its CEO Made ‘False and Misleading Claims’: According to the regulator, Celsius “lacked sufficient assets to repay its obligations” despite suggesting it had enough funds in its reserves to mitigate the risk of insolvency.


The Fed vice chair also reiterated the risk of stablecoins in her speech. She predicted there will be a lot more of such tokens created by the private sector in the future, calling into question if the central bank should issue its own central bank digital currency (CBDC.)

“Stablecoins is one of those areas that I think has the most potential for risk if not properly regulated and of course those risks can easily spill into the main core financial system because of the runnable nature of stablecoins,” she said.

Back in May, some $60 billion in value evaporated almost overnight after the collapse of algorithmic stablecoin terraUSD (UST). Meanwhile, some worry that asset-backed stablecoins such as USDT or USDC may not be able to sustain significant amounts of withdrawals.

In November 2021, a committee known as the President’s Working Group on Financial Markets – whose members include Fed Chair Jerome Powell and Treasury Secretary Janet Yellen – issued recommendations on stablecoins. Brainard characterized its report as “very strong” and she said that she agrees with its recommendations that stablecoins should be subject to bank-like regulation, and that “credential guardrails and the liquidity backstop are the best way to situate stablecoins.”

Articles for September 2, 2022 Issue:

Rep. Presses Federal Agencies, Crypto Companies on Fraud Prevention

Aug. 31, 2022 — The chair of the House Subcommittee on Economic and Consumer Policy has sent letters to four federal agencies and five digital asset exchanges requesting information about the steps they are taking to combat cryptocurrency-related fraud and scams.

Rep. Raja Krishnamoorthi, D-Ill. said in the letters Tuesday that cryptocurrencies have become “scammers’ favored means of payment as well as their preferred bait for unsuspecting victims,” citing Federal Trade Commission data that says the annual amount of cryptocurrency lost to fraud is on pace to surpass $1 billion in 2022.

“As stories of skyrocketing prices and overnight riches have attracted both professional and amateur investors to cryptocurrencies, scammers have cashed in,” Krishnamoorthi said in the letters. The letters were sent to the U.S. Department of Treasury, the U.S. Securities and Exchange Commission, the Commodity Futures Trading Commission, and the FTC. The crypto exchanges that got similar letters are Binance.US, Coinbase, FTX, Kraken and KuCoin.


Related Reading: Federal Reserve Board Washington D.C.; The Financial Stability Implications of Digital Assets


Krishnamoorthi requested information he said could help Congress understand what the government and the exchanges are doing to protect consumers, and could inform potential legislative solutions to make the crypto space safer for consumers.

He called attention to a “lack of a central authority” to flag suspicious transactions, the “irreversibility of transactions,” as well as the “limited understanding” investors have of crypto’s underlying blockchain technology as cause for concern about growing fraud.

Consumers are “often unaware of the current patchwork of resources available to inform their investing decisions,” and insurance companies are reluctant to provide coverage to consumers given the lack of regulation of digital assets, he added.  Krishnamoorthi also directed separate criticisms at the government agencies and the exchanges.

In the letters to the agencies, he argued “the federal government has been slow to curb cryptocurrency scams and fraud” and that “existing federal regulations do not comprehensively or clearly cover cryptocurrencies under all circumstances.” Meanwhile, he said some exchanges allow digital assets to be listed with “little or no vetting,” leaving potential vulnerabilities undiscovered even though they could “easily be identified” through audits.

“Many exchanges have also failed to implement appropriate monitoring of accounts, which can flag illicit activity, notify investors, and prevent transactions with addresses linked to scammers,” he added. Krishnamoorthi set a Sept. 12 deadline for the federal agencies and the crypto exchanges to provide documents and information dating back to Jan. 1, 2009.

For the agencies, he asked for “all policies, guidance, or other official documents” related to efforts to prevent crypto-related scams and fraud, to investigate such fraud, and to work with other agencies to regulate crypto. He also asks for the agencies’ thoughts on how such processes and frameworks could be improved to minimize the risks.

“Congress may need to pass legislation to help bring stability to the digital asset industry and protect consumers from investment fraud and abuse, but more information is needed to understand what the relevant federal agencies are already doing,” Krishnamoorthi said.

In the letters to the exchanges, he asked for “all documents” regarding their efforts to combat crypto-related scams and fraud, what processes and tools are in place to inform consumers about the risks and to investigate potential fraud, and if they provide insurance to consumers that covers fraud.

He also asked the exchanges what they believe the federal government could do to assist crypto exchanges in combating fraud and scams.

Click here to read more in this article from Bankrate.

Survey: Bank Overdraft Fees Tumble to 13-Year Low While ATM Fees Are Back on The Rise

Courtesy of Karen Bennerr and Matthew Goldberg, Bankrate.com

Aug. 31, 2022 — Banks have been reducing or eliminating overdraft fees at an unprecedented rate over the past year or so, as they face heavy public pressure to curb what one consumer watchdog has referred to as “junk fees.” In fact, the average overdraft fee of $29.80 is down 11 percent from last year’s record high, according to Bankrate’s 2022 checking account and ATM fee study. However, an overwhelming majority of accounts surveyed (96 percent) still charge a fee for overdrafts.

Unlike overdraft fees, not all bank fees are on the decline. Bankrate’s study found the average combined cost of an out-of-network ATM transaction to be $4.66, the highest amount since 2019. The average ATM surcharge levied on non-customers hit a record high of $3.14 per transaction.

The study also found that 46 percent of noninterest checking accounts are free — meaning they don’t charge monthly service fees — which is down slightly from 2021. Unlike top-yielding savings accounts, checking accounts that bear interest continue to pay record-low yields, the survey found, despite several Federal Reserve interest rate hikes in 2022.

For the study, Bankrate surveyed 10 banks and thrifts in each of 25 large U.S. markets. Information was gathered regarding checking accounts that bear interest and those that don’t, as well as ATM fee policies. Here are the highlights of the study.


Key findings:

  • The average overdraft fee declined to a 13-year low of $29.80, which is down 11 percent over last year’s record high of $33.58. The average nonsufficient funds (NSF) fee decreased to $26.58, the lowest since $25.81 in 2004. While these averages have gone down and some accounts have entirely eliminated such fees, 96 and 87 percent of accounts surveyed still charge overdraft fees and NSF fees, respectively.
  • The combined total of the average out-of-network ATM fee assessed by one’s own bank and the average surcharge levied by the ATM owner increased to $4.66, the highest since 2019. The surcharge on non-customers ($3.14) reached a new high, up 1.9 percent from $3.08 last year.
  • Among the metropolitan areas covered in the survey, the city with the highest average total combined ATM fees is Atlanta, where you’ll pay around $5.38 for using an out-of-network ATM. Meanwhile, you’ll find the lowest combined average fees in Los Angeles at $4.21.
  • The number of free checking accounts has decreased slightly in 2022 to 46 percent (down from 48 percent last year), although 99 percent of noninterest checking accounts are either free or can become free when certain requirements are met. These may include maintaining a set minimum balance or having your paycheck directly deposited.
  • The average yield on interest checking accounts remains at a record low, and the most common payout is 0.01 percent annual percentage yield (APY). And while the average monthly service fee of $16.19 is down slightly from last year, it’s the second highest ever tallied.

Overdraft fees: Lowest in over a decade

Overdraft and NSF fees on the decline

An overdraft fee may be charged by a bank when you withdraw more money from your account than the amount you have in it and the bank pays that overdraft. The average overdraft fee in 2022 is $29.80, which is down 11 percent over last year’s record-high average of $33.58 — the lowest since 2009 when the fee averaged $29.58.

Like overdraft fees, the average NSF fee decreased as well in 2022 — dropping to $26.58, which reflects a 21-percent decrease from last year’s record high of $33.58. It’s also the lowest average NSF fee since 2004 when the average was $25.81.

Banks charge an NSF fee when there isn’t enough money in an account to cover a transaction, and the bank does not honor the transaction. Ways to avoid these fees include linking a savings account to your checking account in order to cover any shortfall, as well as keeping tabs on your account balance before initiating transactions.

Average overdraft fee
The average overdraft fee decreased to $29.80 in 2022 from $33.58 in 2021.

Overdraft fees may be down on average, but still prevalent

The trend among banks to reduce or eliminate overdraft and NSF fees comes at a time when proposed federal legislation would limit their ability to charge such fees. The Consumer Financial Protection Bureau (CFPB) has also called for an end to these fees, releasing a report that revealed 20 banks each earned between $50 million and $1.4 billion in overdraft and NSF fee revenue in 2021.

While average overdraft and NSF fees are lower than they’ve been in more than a decade, they’re not completely going away just yet. Fees for overdrafts and nonsufficient funds are still charged by 96 percent and 87 percent of accounts surveyed, respectively.

Click here to read more in this article from Bankrate.

Metaverse Scammers Have a Bridge to Sell You. This Alabama Regulator Is Fighting Back

The state’s securities commission is warning people about the dangers of buying virtual real estate.

Courtesy of Elizabeth Napolitano, CoinDesk.com

September 1, 2022 — Crypto investors have pumped hundreds of millions of dollars into buying up virtual land – and thieves are taking note. According to Joseph Borg, a financial regulator in Alabama, metaverse real estate scammers pose a danger to investors in his home state.

“There are offers for [metaverse] real estate [scams] where they’ll tell you, ‘Get in now while it’s hot before the price goes up,’ and everybody buys it and you’re left out,’” said Borg, the longtime director of the Alabama Securities Commission. “I put that right up there next to the one that’s selling real estate on the moon.”

Indeed, the crypto-verse has a potpourri of “metaverses” from Yuga Labs’ Bored Ape-themed Otherside realm (over $800 million in lifetime land sales) to Decentraland ($330 million), The Sandbox ($295 million) and more. One dashboard on crypto data site Dune counts the top 32 virtual worlds.


Related Reading:


That’s not to say these land sales are inherently fraudulent. Speculators aside, some investors see value in buying a piece of digital real estate and then building their virtual worlds atop their plot. Decentraland is full of otherworldly architecture and virtual shtick.

But some of those builders are allegedly fraudulent. In May, Borg’s ASC and four other state-level financial regulators ordered a metaverse casino with alleged Russian connections to cease sales of non-fungible tokens (NFTs). The regulators claimed the casino, called the Flamingo Casino Club, was a front for scammers.

Actually locking up the alleged scammers is another matter.

In order to stick it to the scammers, regulators must first identify them, Borg told CoinDesk. But doing so can be tough in the metaverse, where fraudsters can cloak themselves in the veil of internet anonymity, which these days means masquerading in sometimes zany ways, Borg said.

“Saying [we’re going to] issue an order against the guy who looks like a duck with a hat on in the metaverse doesn’t do us any good,” Borg said. “We got to track down a computer, trace it and figure out where their money’s going and how they’re operating.”

In the absence of identifiable persons of interest, and left with little legal recourse as a result, the ASC has issued an advisory cautioning people about the dangers of investing in potential metaverse scams.

That doesn’t mean the commission, which has muscled crypto’s bad actors before, has given up on tracking criminals, however. Borg said ASC is still gunning to put a lid on metaverse real estate scams and hopes to issue orders against those involved in the scams once they can be identified.

And while those efforts are underway, the commission is taking steps to educate would-be investors about how the metaverse really works.

“It’s ‘get into the real estate market now because everybody’s going to want a piece,’” Borg said. “But, of course, you can create as much [real estate] as you want, because you can have a multitude of metaverses, but people don’t understand that yet.”

The Flamingo Club Casino case, and many like it, Borg says, demonstrates how the metaverse can be not only a land of opportunity, but also a land of large losses, especially for the uninformed investor.

“Bad actors are now leveraging interest in [metaverse] opportunities and products,” Borg said in a press release Wednesday. “Virtual reality can leave you virtually broke.”

The review, FHLBank System at 100: Focusing on the Future, will include a series of listening sessions and regional roundtable discussions

Aug. 31, 2022 — The Federal Housing Finance Agency (FHFA) today announced it will conduct a comprehensive review of the Federal Home Loan Bank (FHLBank) System beginning in the fall of 2022.

“FHFA plays a vital role in supporting affordable, equitable, and sustainable access to mortgage credit,” said FHFA Director Sandra L. Thompson. “FHFA’s regulated entities function as a reliable source of liquidity and funding for housing finance and community investment. As the Federal Home Loan Banks approach their centennial, FHFA will conduct a comprehensive review to ensure they remain positioned to meet the needs of today and tomorrow.”


Related Reading: Federal Housing Finance Agency Report: U.S. House Prices Rise 17.7 Percent over the Last Year; Up 4.0 Percent from the First Quarter


The FHLBanks have been a critical source of liquidity for their members for the past 90 years, especially during times of market stress, such as the Great Recession and the outset of the COVID-19 pandemic. The FHLBanks also support low-income housing and community development directly by offering a variety of programs to their members, including the Affordable Housing Program, the Community Investment Program, and the Community Investment Cash Advance Program.

As part of the review process, FHFA will host two public listening sessions and a series of regional roundtable discussions to consider and evaluate the mission, membership eligibility requirements, and operational efficiencies of the FHLBanks. FHFA will hear from stakeholders on the FHLBanks’ role or potential role in addressing housing finance, community and economic development, affordability, and other related issues.

FHFA invites interested parties to speak or attend the kick-off event for FHLBank System at 100: Focusing on the Future, a listening session on Thursday, September 29, 2022. The session will be held in person at the Constitution Center in Washington, DC, with the option to participate virtually.

FHFA is specifically interested in receiving feedback in six key areas:

  1. The FHLBanks’ general mission and purpose in a changing marketplace;
  2. FHLBank organization, operational efficiency, and effectiveness;
  3. FHLBanks’ role in promoting affordable, sustainable, equitable, and resilient housing and community investment;
  4. Addressing the unique needs of rural and financially vulnerable communities;
  5. Member products, services, and collateral requirements; and
  6. Membership eligibility and requirements.

Register​​​ ​to attend or speak at the September 29 listening session (12:30 – 4:00 PM). Participants will be able to select in-person or virtual attendance. FHFA is also accepting wri​​tten comments through October 21, 2022, via FHFA’s website ​or mailed to: Federal Housing Finance Agency, 400 7th Street, SW, Washington, DC 20024.

Federal Housing Finance Agency Report: U.S. House Prices Rise 17.7 Percent over the Last Year; Up 4.0 Percent from the First Quarter

 

Articles for August 26, 2022 Issue:

Cyber News: Traditional Check Fraud Gets a Digital Makeover

Courtesy of Glenn Fratangelo, NiceActimize.com

August 23, 2022 —What happens when trust is shaken in a fundamental societal institution, like the postal service system?

An emerging method of committing financial fraud is stealing checks, and the circumstances surrounding these scams are often bizarre and highly public. Checks are appropriated from the familiar blue United States Postal Service (USPS) collection boxes and rewritten, repurposed, and cashed by thieves. One victim had their check stolen twice from the same collection box, even after taking measures to get a new bank account and checks.[1]

With so much attention given to the constant uptick in digital scams, it’s easy to push concerns over physical financial assets, like checks, to the side. But criminals exploit any avenue to commit fraud—even vandalizing protected federal government property to get a payout.

Check fraud is a conduit to numerous other crimes, such as wire fraud, identity theft, synthetic identity fraud (SIF), peer-to-peer payments (P2P) fraud, account takeover (ATO), and mail fraud. As the risk of check fraud rises, so should the precautions and measures to prevent this trending crime.

Check Fraud Scams Go Digital

By now, I should be desensitized to the machinations of these criminals thanks to constant exposure to this industry. But their confidence and audacity still surprise me.

Take the infamous Telegram user, “Liam Neeson” who brazenly posted numerous stolen items for sale on social media.[2] Under the handle of this A-list actor, this criminal advertised stolen checks for sale to 1,200 subscribers. Charitable donations, DMV fees, uncashed checks, and utility payments pilfered from mailboxes in North Carolina were all presented as photos with the intent of selling to a criminal community. 

The digital era introduced some unsavory variants to traditional check fraud scams. Social media platforms provide criminals with the public portal and visibility to boast about their crimes and incentivize their peers, as they occasionally seek validation or hope to inspire their teammates. These criminals also rely on the dark web to sell stolen checks and related paraphernalia, like stolen mailbox keys, to other criminals within their vast networks.


Related Reading: New ransomware HavanaCrypt poses as Google software update
A new strain of ransomware has been making victims for the past two months, masquerading as a Google software update application and reusing an open-source password management library for encryption. Dubbed HavanaCrypt by researchers from Cybereason, the new ransomware program features anti-analysis, data exfiltration and privilege escalation mechanisms, but doesn’t seem to be dropping a traditional ransom note.


Gain access to personal mail

Stolen mailbox keys, or arrow keys, are commonly featured for sale on the dark web or platforms like Telegram (where they’ve been known to sell for upwards of $7,000) because they’re one of the main methods available to illegally access personal mail. A report from USPS revealed that complaints of mail theft rose 161% between March 2020 and February 2021.[3]

Mail theft and subsequent check fraud via this technique has captured attention at the highest level; Congresswoman Eleanor Holmes Norton has made inquiries of the United States Postal Service (USPS) regarding this issue.[4] The USPS responded that it is aware and taking action to prevent this crime but they’re under-resourced, which makes it far more challenging to fully investigate these attacks. Ultimately, it falls on everyone to do what they can to prevent check fraud, as postal workers are being attacked.

Leverage Peer-2-Peer Platforms

Yet another example of the digital twist on this crime is the use of P2P platforms, like Cash App, to augment check fraud.[5] Criminals are targeting people through tactics like fake job offers. Victims are instructed to deposit substantial checks into their bank account as an advance for job-related items, like computers or supplies, and then told to send the deposited funds to a different person through a P2P app. Ultimately, the victim realizes the check was fake, leaving them responsible for the losses. In this scenario, criminals capitalize on Regulation CC, which enables customers to immediately use at least a portion of deposited funds prior to the check clearing. With knowledge of regulatory requirements along with a bank’s corresponding funds availability policies, they use this information to obtain a portion of deposited funds prior to the check bouncing.[6]

Read the entire article here.

Housing Market: Fannie Mae Sees Dark Days Ahead for the Housing Market

Economic and Strategic Research Group expects total home sales to decrease 16.2% in 2022

Courtesy of James Kleimann, HousingWire.com

August 23, 2022 — It will get worse for the housing market – and mortgage industry – before it gets better. That’s the takeaway from a group of economists at Fannie Mae who slashed their forecast for 2022 home sales this week.

“Housing remains clearly on the downtrend — and has been for several months now — due to the combined effects of outsized home price increases and the significant and rapid run-up in mortgage rates,” Fannie Mae’s Chief Economist Doug Duncan said in a statement.

Fannie Mae’s Economic and Strategic Research Group expects total home sales to decrease 16.2% in 2022, a further downward revision from July’s projected drop of 15.6%. The latest forecast also projects total mortgage origination activity at $2.47 trillion in 2022, down from $4.47 trillion in 2021. The mortgage market is projected to slip even further in 2023, dropping to $2.29 trillion.

A brutal housing market has already tested the business models of mortgage lenders, and it will be a while before conditions improve. In the second quarter of 2022, nonbank mortgage lenders on average lost $82 per loan, according to the Mortgage Bankers Association. Combining both production and servicing operations, only 57% of companies in the MBA report were profitable in the second quarter.


Related reading: Federal Housing Finance Agency (FHFA) Announces Intent to Establish a Federal Advisory Committee on Affordable, Equitable, and Sustainable Housing:
The Committee’s activities will focus on FHFA’s regulated entities – Fannie Mae, Freddie Mac, and the Federal Home Loan Banks – and their respective roles in providing a reliable source of liquidity and funding to support housing finance in the single-family and multifamily housing markets.


On average, IMBs generated $705 million in origination volume in the second quarter, down from $808 million in the previous quarter. Total production revenue for IMBs, which includes fee income, net secondary marking income and warehouse spread, decreased to 335 bps in the second quarter, down from 350 bps a quarter prior. On a per-loan basis, production revenues declined to $10,855 per loan in the second quarter, down slightly from $10,861 per loan in the first quarter.

Many lenders have been cutting hundreds or thousands of staffers amid the dip in origination volume. Fannie Mae forecasters said that despite mortgage rates settling in the low 5% range over the past month, recent incoming data has led them to revising the home sales forecast, notably because of a drop in new home sales.

New homes sold at an annualized pace of 590,000 units in June, the lowest sales pace since April 2020. ESR Group researchers now expect new home sales to finish the year at 632,000 units, down from 668,000 in last month’s forecast. New home sales are now projected to fall 18% from last year, while existing home sales are expected to fall by 16% in 2022 to 5.143 million.

Fannie Mae’s ESR group also said it expected real gross domestic product growth for the full year 2022 and 2023 to remain flat from last month at 0.0% and negative 0.4%, respectively.

“The continued expectation that real GDP growth will be negative beginning in 2023 is due to the combined effects of tighter monetary policy weighing on business and residential investment and still-elevated inflation weighing on consumer spending,” Fannie Mae wrote in the report. The ESR group wrote that it expects inflation to tick down gradually, ending 2022 at 7.2% and 1.8% by the end of 2023.

Crypto News: FTX’s Money Isn’t Insured, FDIC Says; FTX is Accused of Making ‘False Representations’ About FDIC Insurance

Courtesy of Emma Roth, TheVerge.com

August 23, 2022The Federal Deposit Insurance Corporation (FDIC) slapped the Sam Bankman-Fried-owned cryptocurrency exchange FTX with a cease-and-desist order over “false and misleading statements” that suggest its assets are FDIC-insured. The FDIC doesn’t cover stocks or crypto, and only safeguards funds held in insured bank accounts.

In a letter to the exchange, the FDIC points to a now-deleted tweet from FTX president Brett Harrison, which states “direct deposits from employers to FTX US are stored in individually FDIC-insured bank accounts in the users’ names.” The referenced tweet also says that “stocks are held in FDIC-insured and SIPC [Security Investor Protection Corporation]-insured brokerage accounts.” The FDIC claims this falsely represents that FTX and the funds invested by users are FDIC-insured when they’re really not.

While not flagged in the FDIC’s letter, users have also pointed out another potentially misleading tweet from Harrison that says “cash associated with brokerage accounts is managed into FDIC-insured accounts” at FTX’s “partner bank.”

Harrison has since issued a response to the FDIC’s letter, explaining that FTX “really didn’t mean to mislead anyone,” and claims FTX “didn’t suggest that FTX US itself, or that crypto/non-fiat assets, benefit from FDIC insurance.” FTX CEO and founder Bankman-Fried provided further clarification as well, stating that while “FTX does not have FDIC insurance,” the banks it does business with do. Bankman-Fried adds that it may “explore potential ways that individual accounts using direct deposit… could, in the future, be used to further protect customers,” and that FTX “would be excited to work with the FDIC on that.”

As noted by the FDIC, the Federal Deposit Insurance Act (FDI Act) prohibits companies from ”implying that their products are FDIC–insured by using ‘FDIC’ in the company’s name, advertisements, or other documents.” The FDIC is giving FTX 15 days to provide confirmation that it has removed or corrected any alleged misrepresentations. In addition to FTX, the FDIC doled out cease-and-desist warnings to four other companies, including Cryptonews.com, Cryptosec.info, SmartAsset.com, and FDICCrypto.com. The FDIC declined to comment beyond the contents of its letter, and FTX didn’t immediately respond to The Verge’s request for comment.

Like Robinhood, FTX has started offering both traditional stock and crypto trading options. In May, crypto billionaire Bankman-Fried disclosed a 7.6 percent stake in Robinhood, and he’s reportedly looking into purchasing the trading platform.

Even with the so-called crypto winter driving several crypto companies to bankruptcy, FTX and Bankman-Fried’s crypto trading firm Alameda Research have somehow managed to stay afloat. Bankman-Fried has extended lines of credit to numerous struggling crypto firms to help them weather the uncertain economy, and told Reuters he has “a few billion” more for future bailouts. According to documents obtained by CNBC, FTX brought in $1.02 billion in revenue in 2021 and $270 million in the first quarter of 2022.

Fraud News: Zelle Scam Targets Kansas Man for a Fake $2,500 Refund Through Bank Account; Digital Payment Scams Getting Attention from Federal Lawmakers

Courtesy of Matt Flener, KMBC 9 News

August 22, 2022—Taylor Witt is hoping for a refund from U.S. Bank or Zelle after he said he fell for a very sophisticated scam. Witt emailed KMBC 9 Investigates for help after he said someone stole $2,500 from his U.S. Bank account through a fake Zelle refund scam.

Witt said the scammer called him from a number impersonating his bank’s fraud department. The scammer told him that his bank account was hit by a fraudulent Zelle transaction, convincing Witt to go through a fake refund process with Zelle.

Reluctant at first, he said the scammer convinced him to look at the back of his debit card to compare the telephone number to the caller ID on his cell phone, and the numbers then matched. Witt said that he has tried to get U.S. Bank to refund the money, but so far, the bank has not budged.

“It was just very devastating,” he said. “It just didn’t register with me that the person warning me of the fraud was the one trying to take the money.”  Witt has seen news stories across the country of people falling for digital payment scams, along with a push by lawmakers to get banks to refund people’s money.

A U.S. Bank spokesman said he was looking into Witt’s account. U.S. Bank does provide tips on how to avoid being the victim of digital payment scams. Zelle did not immediately respond to an email from KMBC 9 Investigates. A spokeswoman for the parent company of Zelle, Early Warning, said the payment platform acts as a messaging service in transactions.

“Because we don’t hold the funds we’re not able to to give back the money to the consumer,” said Meghan Fintland, spokeswoman for Early Warning. “They have to do that through their bank.” Zelle also offers a list of tips to make sure people don’t get scammed.

Nikolas Reese with the Better Business Bureau of Greater Kansas City said that it is important to only send money to people you know. “Unless you know that person in your personal life that would not use a digital wallet service to send money to them,” Reese said. Witt is now hoping for a refund. “It’s very sophisticated in their approach,” he said. And he has a warning for others, “The moment you hit that button, that money is out of your account.”

 

Articles for August 12, 2022 Issue:

Bank Policy Institute: Complex, Sweeping CRA Proposal Would Undercut Law’s Mission of Serving Communities

Courtesy of Tara Payne, Bank Policy Institute

August 5, 2022 — BPI today commented on the banking agencies’ joint Community Reinvestment Act proposal. BPI strongly supports the CRA and its core mission of supporting communities, including low- and moderate-income and underserved areas, and parts of the proposal would helpfully provide some certainty about what activities qualify for CRA credit, particularly with respect to banks’ partnerships with Minority Depository Institutions; however, the proposal in other respects would stray far beyond the agencies’ statutory mandate to the point of credit allocation, and would undermine the law’s core mission by allowing CRA ratings to be driven subjectively by behavior unrelated to community development.

What BPI is saying:

“The proposal presents the worst of two worlds:  its hundreds of pages of requirements dictate how banks are to allocate credit, yet at the end of the day the agencies reserve the right to downgrade a bank’s rating regardless of its compliance with the agencies’ dictates, based on any of a wide range of factors unrelated to community development.”
— Paige Pidano Paridon, BPI senior vice president and senior associate general counsel

Background: The Community Reinvestment Act, enacted in 1977, requires the federal banking regulators to evaluate banks on how they meet the credit needs of their communities, including low- and moderate-income neighborhoods. On May 5, 2022, the agencies issued a joint proposal to modernize the rule. This effort follows a previous rulemaking effort by the OCC, which was abandoned in July 2021, and advance notice of proposed rulemaking issued by the Federal Reserve in 2020.

Key issues:

  • Calibration: The proposal’s Retail Lending Test would be calibrated so stringently that it could render the CRA a tool for credit allocation, rather than for ensuring credit availability. This result would conflict with the purposes of the law. Further, this test would compare banks’ performance to benchmarks that they would never know in advance, raising due process and Administrative Procedure Act concerns.
  • Geographical bounds: The CRA requires that regulators evaluate banks’ lending in places where banks have domestic branches, not where they provide loans. In the context of digital banking and innovation, banks may provide loans to customers outside where they have branches. Under the proposal, such lending could be penalized by prompting a stringent distribution analysis in that new geographical area.
  • Price controls: Some elements of the proposal could serve as a de facto requirement to offer specific deposit services, products and features – and could effectively impose price controls by capping deposit account fees. This would contradict the statutory mandate to encourage banks to meet the credit needs of their communities and would go beyond the agencies’ statutory authority.
  • Complexity: The proposal’s multiple new tests, subtests and factors would subject several separate parts of a bank’s operation to evaluation. More straightforward alternatives could achieve similar goals.
  • Mission creep: The proposal would authorize the agencies to downgrade a bank’s rating based on any consumer compliance violation, beyond the reach of the statute and with no standard for how significant a violation would have to be to merit a downgrade.  As such, the CRA would be inappropriately converted into a redundant consumer compliance enforcement regime, and lose its focus on community development.

The proposal’s other problems include a rigid, one-size-fits-all approach to large bank evaluations and an extremely short compliance period.

Click here to read the entire article.

 

Senators Propose Legislation to Address Digital Asset Reporting Requirements

August 3, 2022 — U.S. Senators Pat Toomey (R-Pa,) Mark Warner (D-Va.), Cynthia Lummis (R-Wyo.), Kyrsten Sinema (D-Ariz.), and Rob Portman (R-Ohio) today introduced legislation to clarify the digital asset reporting requirements signed into law as part of last year’s Infrastructure Investment and Jobs Act.

Last August, the senators announced an agreement with the Department of the Treasury (Treasury) on an amendment to the infrastructure package that would have clarified the definition of “broker” with respect to who must report to the government information about a digital asset transaction. The amendment specifically excluded from reporting requirements services like mining and wallet providers who do not take custody of other individuals’ cryptocurrency, nor are able to comply with the reporting requirements of a broker. While the amendment had strong bipartisan support, including from the Biden administration, the Senate was never afforded the opportunity to vote on and pass this amendment last August due to a procedural hurdle. The legislation introduced today is the exact same text introduced as a bipartisan amendment nearly one year ago.


To read the full text of the bill, click here.


In addition to maintaining strong bipartisan support in the Senate, this legislation is widely supported by the digital asset industry.

“Coin Center supports any effort to improve the status quo created by the ill-advised crypto tax provisions in the Infrastructure Investment and Jobs Act,” said Jerry Brito, Executive Director of Coin Center. “We applaud Sen. Toomey for leading a bipartisan effort to address some of these issues and appreciate the support of Senators Warner, Sinema, Lummis and Portman.”


Related reading: Chairwoman Waters, Representatives Beatty, Green, Foster and Lynch Send Letter to Digital Assets Industry Requesting Diversity and Inclusion Data
The House Financial Services Committee sent a letter to the nation’s 20 largest crypto, Web3, and digital assets companies, as well as prominent venture capital firms with investments in crypto, urging them to provide data around their diversity and inclusion practices.


“We thank Senators Toomey, Sinema, Portman, Lummis, and Warner for their bipartisan leadership in this nuanced space,” said Sheila Warren, Chief Executive Officer of the Crypto Council for Innovation.“Clarifying how people can use and report on digital assets is important for the industry. We look forward to supporting the continued growth of innovation in the U.S. and working with policymakers on this issue.”

“The Chamber of Digital Commerce commends Senator Toomey and co-sponsors for listening to the concerns of the digital asset community and continuing to advocate for regulatory clarity,” saidCody Carbone, Director of Policy, Chamber of Digital Commerce. “The infrastructure bill included burdensome reporting requirements for nearly every participant within the ecosystem and this bipartisan bill will ensure digital asset reporting requirements match the technology’s operation. We urge that this legislation is swiftly passed into law and look forward to working with all interested parties on policy that provides additional certainty for the digital asset space.”

Click here to read the entire press release. 

 

Cisco Hacked by Yanluowang Ransomware Gang, 2.8GB Allegedly Stolen

Courtesy of Sergiu Gatlan, BleepingComputer.com

August 10, 2022 — Cisco confirmed today that the Yanluowang ransomware group breached its corporate network in late May and that the actor tried to extort them under the threat of leaking stolen files online. The company revealed that the attackers could only harvest and steal non-sensitive data from a Box folder linked to a compromised employee’s account.

“Cisco experienced a security incident on our corporate network in late May 2022, and we immediately took action to contain and eradicate the bad actors,” a Cisco spokesperson told BleepingComputer. “Cisco did not identify any impact to our business as a result of this incident, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations.

“On August 10 the bad actors published a list of files from this security incident to the dark web. We have also implemented additional measures to safeguard our systems and are sharing technical details to help protect the wider security community.”

Stolen employee credentials used to breach Cisco’s network The Yanluowang threat actors gained access to Cisco’s network using an employee’s stolen credentials after hijacking the employee’s personal Google account containing credentials synced from their browser.

The attacker convinced the Cisco employee to accept multi-factor authentication (MFA) push notifications through MFA fatigue and a series of sophisticated voice phishing attacks initiated by the Yanluowang gang that impersonated trusted support organizations. MFA fatigue is an attack tactic where threat actors send a constant stream of multi-factor authentication requests to annoy a target in the hopes that they will finally accept one to stop them from being generated.

The threat actors finally tricked the victim into accepting one of the MFA notifications and gained access to the VPN in the context of the targeted user. Once they gained a foothold on the company’s corporate network, Yanluowang operators spread laterally to Citrix servers and domain controllers.

“They moved into the Citrix environment, compromising a series of Citrix servers and eventually obtained privileged access to domain controllers,” Cisco Talos said.

After gaining domain admin, they used enumeration tools like ntdsutil, adfind, and secretsdump to collect more information and installed a series of payloads onto compromised systems, including a backdoor malware.

Ultimately, Cisco detected and evicted the attackers from its environment, but they continued trying to regain access over the following weeks.

“After obtaining initial access, the threat actor conducted a variety of activities to maintain access, minimize forensic artifacts, and increase their level of access to systems within the environment,” Cisco Talos added.

Click here to read the entire article.

 

Investors Watch for Cracks In U.S. Consumer Loan Market

Courtesy of Kate Duguid, Financial Times

August 10, 2022 — Investors are watching closely for hairline cracks in the US consumer loan market as lower-income borrowers feel the squeeze of high prices and rising interest rates. US household debt levels have skyrocketed this year as Americans borrow more to pay for increasingly expensive homes and cars.

It’s not just big-ticket items: rising rents as well as higher prices at the petrol pump and in the grocery store have pushed consumers to rely more on credit cards. Research from the Federal Reserve Bank of New York shows that US households held a record-breaking $16tn in debt as of the second quarter of this year, an increase of roughly $2tn since before the pandemic.

For now, overall delinquencies — debts past their due date — remain historically low at around 2.7 percent, and big lenders including banks have not yet registered a significant uptick in losses on consumer loans. Unemployment has been steady at pre-pandemic lows, and Americans have continued to feel the benefit of early pandemic stimulus.

But while overall delinquencies did not rise in the second quarter and are still 2 percentage points lower than they were pre-pandemic, the composition has changed. A growing share is now in the early stages of delinquency, according to the New YorkFed data, which could signal developing problems. These are particularly notable in credit card and car loans, where delinquencies are picking up in lower-income areas and among subprime borrowers.

Analysts and economists warn that these problems could proliferate as the US FederalReserve rapidly lifts interest rates to rein in price growth that continues to run at 40-year highs.

The central bank’s tightening has not yet hit the US labor market, with the unemployment rate at a half-century low , but economists expect it to do so eventually companies scale back hiring. Tighter monetary policy is also expected to make new credit harder to access, all while borrowers face higher debt payments on credit cards and other variable-interest loans.

Click here to read the entire article.

 

Bank of America Customer Loses Thousands After Being Tricked By Zelle Scammers With Personal Info

Courtesy of Michael Finney and Renee Koury, ABC 7 News

Image courtesy of TechJunkie.com

July 28, 2022  — In a widespread scam, bank imposters are tricking people into sending them money with Zelle, the popular quick payment app. The scam has been going on across the country for more than a year.

Now more are coming forward – among the latest is a San Francisco man who says the imposters knew all of his banking information, which led him into the trap. He said the shock was more than he could handle.

“I had a panic attack,” said the victim, San Francisco resident Eduardo Carrascosa. “I just couldn’t believe, I just couldn’t believe it… $3,500 is a lot of money.” That’s how much he lost, in an instant, back in June. Carrascosa says it happened while he was busy at work, managing shipping at a time when companies are trying to unclog the supply chain. “I got a call from ‘Bank of America,'” he said, using air quotes as he said the bank name. At the time, he thought it really was his bank.


RELATED READING:


The irony here: the imposters told him scammers had changed his Zelle account to send themselves money. In fact, that is exactly what the imposters themselves were doing. Thousands of dollars, gone in an instant. A woman on the phone said someone was transferring $3,500 out of his bank account. Was he the one authorizing it?

“No, that’s not me, go ahead and cancel it,” Carrascosa said he replied. “Let me get back to my work.” But the woman said he had to quickly reverse the transaction, or he’d lose his money. “So I started to, you know, red flags,” Carrascosa recalls. “So, I googled the number that was calling me.”

Carrascosa was suspicious, but a Google search showed the caller ID on his phone was a real B of A phone number. Then, a man came on the phone, supposedly the woman’s supervisor. Carrascosa said he kept quizzing the man, trying to determine if he really was a banker.

“I thought I was outsmarting them,” Carrascosa recalls. “I usually don’t make customer service reps answer all those questions but I was suspicious.”

He said the man answered all the questions correctly. “He knew my debit card number, my checking account number, cellphone number, address.” However, the man did answer vaguely when asked how long Carrascosa was a bank customer. “He said he’d been there 10 years.”

FDIC Urges Banks to Police Misleading Crypto Claims on Deposit Insurance

Courtesy of Pete Schroeder, Reuters

July 29, 2022 — A U.S. banking regulator is urging banks dealing with cryptocurrency companies that they need to make sure customers know which of their funds will be insured by the government in case of collapse, and which have no safety net.

The Federal Deposit Insurance Corporation (FDIC) said Friday it is concerned consumers may be confused about how safe their money may be when placed in crypto assets, particularly in cases where firms offer a mix of uninsured crypto products alongside insured bank deposit products.

In a new advisory, the FDIC said banks need to make sure any crypto firms they partner with do not overstate the reach of deposit insurance. The push comes as broad turmoil in the crypto market has led to the collapse of some high-profile firms, including one regulators publicly chastised yesterday for overstating deposit insurance coverage.

“Inaccurate representations about deposit insurance by non-banks, including crypto companies, may confuse the non-bank’s customers and cause those customers to mistakenly believe they are protected against any type of loss,” the FDIC advisory stated.

On Thursday, the FDIC and Federal Reserve issued a cease and desist order against now-bankrupt crypto firm Voyager Digital, charging the company misled customers to believe funds invested in the brokerage would be guaranteed by the government. read more

Specifically, the FDIC said banks need to make clear to the public that deposit insurance only covers insured banks in case of collapse, and that protection does not extend to the failure of any nonbank partners, which can include crypto custodians, exchanges, and wallet providers.

FTC Fines Opendoor $62M for ‘Misleading Claims’ About Home-Buying Service

Courtesy of PYMNTS.com

August 2, 2022 — The Federal Trade Commission on Monday (Aug. 1) fined online home buying firm Opendoor Labs $62 million, saying it must stop cheating potential home sellers by tricking them into thinking that they could make more money selling their homes to Opendoor, according to an FTC press release.

Opendoor allegedly pitched potential sellers using misleading and deceptive information, and most customers who sold to Opendoor made thousands less than they would have using a more traditional approach, the press release says.

“Opendoor promised to revolutionize the real estate market but built its business using old-fashioned deception about how much consumers could earn from selling their homes on the platform,” FTC Bureau of Consumer Protection Director Samuel Levine said in the press release. “There is nothing innovative about cheating consumers.”


Related: Real Estate Platform Opendoor Launches Mortgage Finance App


Opendoor, which buys homes directly from buyers, claimed to use cutting-edge technology to create “market-value” offers and reducing transaction costs compared with traditional home sales process, including charts showing that consumers would almost always make more money through the Opendoor service.

Opendoor also violated the law by misrepresenting its use of projected market value prices when making offers to buy homes, saying it made money from fees rather than from buying low and selling high and incorrectly reporting savings related to repair costs and selling their homes, according to the FTC release.

In a statement released Monday, Opendoor said, “While we strongly disagree with the FTC’s allegations, our decision to settle with the Commission will allow us to resolve the matter and focus on helping consumers buy, sell and move with simplicity, certainty and speed.”

The company added, “Importantly, the allegations raised by the FTC are related to activity that occurred between 2017 and 2019 and target marketing messages the company modified years ago. We are pleased to put this matter behind us and look forward to continuing to provide consumers with a modern real estate experience.”

In June, Opendoor launched a financing app that the company claims lets consumers get pre-approved for a mortgage in under two minutes. The app is part of the company’s suite of products, which include Buy with Opendoor, Opendoor Backed Offers, and Opendoor Complete.

The company said its technology identifies loan options based on the customer’s needs and criteria, including mortgage rate, guidelines and terms and the down payment required.

Opendoor said the app processes more than 10,000 data points in seconds to determine the maximum home purchase price a buyer can afford based on their qualifications and the minimum down payment for available loan options.

PayPal: BNPL Volumes Surge 226% Year on Year 

Courtesy of PYMNTS.com

August 2, 2022 — PayPal’s most recent earnings results spotlight the continued digital shift, as active user counts eclipsed pre-pandemic levels. And buy now, pay later (BNPL) volumes surged by triple-digit percentages. PayPal’s active accounts at the end of the second quarter stood at 429 million, up 6% year-over-year, and the tally includes 35 million merchant accounts.

Total payment volumes grew by 13% on an FX-neutral basis to $339.8 billion. Excluding eBay, the company’s revenues were up 14%.

Transactions Per Active Account Surge, Too 

The company said that transactions per active account grew 12% to 48.7 payment transactions. PayPal’s core daily active accounts at the end of the quarter had gained more than 40% relative to the pre-pandemic period, the company said in its supplemental filings.

Venmo volume increased 6% to $61 billion, marked by 90 million active accounts. Overall P2P volume, which includes PayPal, Venmo and Zoom, was up 3% to $93 billion (on top of 41% growth in the same period last year). Venmo commerce volume grew by 250% year over year.  P2P transactions represented 27% of TPV in the quarter.

During the conference call with analysts, CEO Dan Schulman said that the “inherent network effect” remains in place and that the company is “doubling down on checkout, our PayPal and Venmo digital wallets and our Braintree platform.” He noted on the call that 80% of the company’s volume was driven by 30% of PayPal’s active accounts in the quarter. With a nod toward continued fine-tuning of the payments experience, the company is testing its new mobile SDK software development kid, which will remove friction, he said.

“We are also enhancing our checkout user experience to better serve our nearly 400 million consumer accounts by surfacing the most relevant funding instrument based on past purchase behavior, merchant category and purchase price, among other attributes,” he said on the call. Schulman added that “we’ll continue to expect to grow significant faster than the rate of eCommerce going forward, both on branded and branded [offerings] and on checkout.”

BNPL activity has been ramping, he said, marked by $4.9 billion in volume, up 226% year over year — and used by 22 million consumers, and offered by more than 200,000 merchants.

Schulman said, too, that engagement has been on an upswing with digital wallets, and management noted on the call that wallet users are twice as likely to choose PayPal at checkout.  The company, he said, is working on “a debit card reboot” which will be a metal form factor with rewards built in — and which opens up the total addressable market by 20 million to 30 million users.

CFO John Rainey, who is being replaced by Blake Jorgensen, formerly of Electronic Arts, effective Aug. 3, noted that credit losses in the most recent quarter were $68 million, only a few basis points. During the question and answer session, management noted that Elliott Investment Management has taken a $2 billion stake in the company and said that discussions with the activist investor have been focused on operational improvements and long-term strategy.

Equifax Sent Wrong Borrower Credit Scores to Lenders

Courtesy of CUToday.info

August 3, 2022 — Equifax has confirmed it sent the erroneous credit scores to lenders of all asset sizes on people applying for auto loans, mortgages and credit cards and more during mid-March through early April of this year.

Equifax

The confirmation did not break out separately how many credit unions may have been affected.

Equifax said the scores were sometimes off by 20 points or more in either direction, according to people familiar with the situation who spoke with the Wall Street Journal. The incorrect information was sufficient to alter the interest rates consumers were offered or to result in their applications being rejected altogether, the report stated.

The company began disclosing the errors to lenders in May, the sources indicated.

Equifax said it has since fixed the error, which the company described as a “technology coding issue.” The glitch didn’t alter the information in consumers’ credit reports, according to the company.

CEO Responds

“We have determined that there was no shift in the vast majority of scores during the three-week timeframe of the issue,” Sid Singh, president of Equifax’s U.S. Information Solutions, said in a statement. “For those consumers that did experience a score shift, initial analysis indicates that only a small number of them may have received a different credit decision.”

According to the Journal, which cited people familiar with the matter, the error affected many lenders across multiple consumer loan products, not just mortgages,

The percentage of incorrect scores provided to lenders varied, sources told the Journal. At one big bank, for example, 18% of applicants during the three-week period had incorrect scores, with an average swing of eight points, one of the people said.

Several-Thousand Affected at 1 Lender

“Equifax told one large auto lender that about 10% of applicants during the three-week period had inaccurate scores, according to a person familiar with the matter,” the Journal reported. “Of those, several thousand saw a change of 25 points or more on their credit score, the person said. In a small number of cases, applicants went from having no credit score at all to a score in the 700s—or vice versa, the person said. The most widely used credit scores range between 300 to 850; the higher the credit score, the more likely an applicant will get approved and at a lower interest rate.”

Equifax’s Singh said in the statement the company has been working closely with lenders and providing them with updated scores

 

Average Data Breach Costs Hit a Record $4.4 Million, Report Says

Courtesy of Bree Fowler, CNET

According to a new report from IBM Security, the average cost of a data breach rose to $4.4 million this year.

Why it matters

More than half of the companies surveyed for the report admitted to passing on those higher costs to customers in the form of higher prices. Data breach costs keep going up, and consumers are likely paying for them.

The average data breach cost rose to an all-time high of $4.4 million this year, according to the IBM Security report released Wednesday. That marked a 2.6% increase from a year ago and a 13% jump since 2020.

More than half of the organizations surveyed acknowledged they had passed on those costs to their customers in the form of higher prices for their products and services, IBM said.

The annual report is based on an analysis of data breaches experienced by 550 organizations around the world between March 2021 and March 2022. The research, which was sponsored and analyzed by IBM, was conducted by the Ponemon Institute.

The cost estimates are based on both immediate and longer-term expenses. While some costs like the payment of ransoms and those related to investigating and containing the breach tend to be accounted for right away, others such as regulatory fines and lost sales can show up years later. On average, those polled said they accrued just under half of the costs related to a given breach more than a year after it occurred.

Case in point, T-Mobile said Friday it would pay $500 million to settle a class action lawsuit filed by customers over a data breach revealed nearly a year ago that exposed the personal information of an estimated 76.6 million people.


Pending judicial approval that could come before the end of the year, T-Mobile will pay $350 million to settle the customers’ claims and an additional $150 million to upgrade its data protection. The breach, disclosed in August, exposed information such as customer names, Social Security numbers, phone numbers, addresses and dates of birth.

Many of the highest-cost breaches analyzed in the IBM study involved critical infrastructure within the financial services, industrial, technology, energy, transportation, communication, healthcare, education and public-sector industries.

Those breaches had an average cost of $4.8 million, about $1 million more than the average cost paid by organizations outside of critical infrastructure, IBM said.

Part of that stems from the particularly high costs of health care industry breaches. Healthcare, which is considered to be critical infrastructure, had the highest average per-breach cost of $10.1 million, up from $9.2 million in 2021.

Critical infrastructure has become an increasingly tempting target for both nation-state attackers and cybercrime gangs in recent years. Last year, ransomware attacks against Colonial Pipeline and meat processor JBS USA shut down both companies for days, even though they both paid the equivalent of millions of dollars in ransom to get their data unlocked.

Read the entire article here. 

 

Millions of Android Devices Infected with Wallet-Draining Malware

Courtesy of Sead Fadilpašić, TechRadar.com

That Android wallpaper app is actually signing you up for premium services

Researchers have discovered another batch of seemingly innocent Android apps that are actually designed to push malware onto the endpoints(opens in new tab), and rake up expenses to the unsuspecting victims.

The latest batch included wallpaper apps, keyboards, photo editors, video editors, and an occasional cache cleaner or system maintenance apps, was discovered by the Dr. Web antivirus(opens in new tab) team, and have more than 10 million downloads between them. Overall, 28 apps were found on the Google Play Store, having somehow managed to bypass Google’s strict security policies.


Listen to or read the entire article here.

Related Reading: Click here for a complete list of malicious Android apps.

Related Reading: This Android malware is so dangerous, even Google is worried


Android Apps Hacked

As for the damages, the practice is more or less the same. Once installed, most apps will try to hide, changing their appearance in the app drawer to that of a system app. That way, they hope the users would be discouraged from uninstalling them. Then, the apps would push ads, and try to sign up the victim to various premium services, to rake up additional expenses.

None of this would have been possible if users wouldn’t give the apps the necessary permissions. Even though the apps are simple in design (and actually do what they’re advertised to do), they often ask the users for advanced permissions, such as the permission to be excluded from the battery saver feature, so that they can remain operational in the background even when terminated by the user – which itself is a major red flag.

Most of the apps have already been removed from the Play Store, but three remain. Still, even if all of the apps were removed, they have still been downloaded millions of times, and until all victims remove them from their devices, they’ll continue to be a threat.

 


Tom Ernsperger, EVP/Chief Lending Officer, One Nevada Credit Union
“To some extent, yes. Particularly here in the Las Vegas market, where housing price appreciation has been among the national leaders for some time. Remarkable home price increases combined with quickly rising rates have already priced a number of potential borrowers out of the market.

“While I don’t see it being nearly as volatile as during the last recession, I think we’ll see home sellers coming off their asking prices to facilitate sales. We’ve already seen a bit of this.”


Marty Burke, Vice President/Mortgage Development Officer, Franklin Mint FCU

“I don’t believe we’re in a housing bubble nor are we headed for one. From 2008-2011, home prices decreased by over 30% and caused homeowners to become upside down, owing more than the home’s value. 

“In this market, house appreciation will slow to low single-digit appreciation by year’s end, but values will tend to stabilize and not decline. As rates rise, home-buying demand will slow. We’ll see more inventory available for buyers still seeking the opportunity of homeownership.”


Wendy Dawson, Vice President of Mortgage Lending, Coastal FCU

“Wow, that’s the magical question. No one can know for certain how the market will change over the next few days, weeks, or months, and economic news will continue to impact the housing market one way or another.

“I do feel confident and fortunate that Coastal operates in a footprint (NC, SC, and VA) with enormous demand for housing that is likely to continue. The last estimate I read warned that the national housing inventory is well below what’s needed, potentially as much as 3 million homes below demand. This underpins the entire market and should be considered when discussing the current state of the market.

“Especially as the market shifts, we’ll do our best to make sure our products continue to be tailored to the needs of our members and our markets. This, combined with our conservative and sustainable approach to growth, will continue to help us achieve our goals.”


Doc Dougherty, Chief Lending Officer, Together Credit Union

“There are good arguments on both sides, but I wouldn’t call it a bubble. A housing bubble requires both a rush of speculators entering markets and overvalued homes. From what I review and follow, values have increased swiftly over the past few years. However, unlike the bubble of 2008 -09, this recent housing boom is not underpinned by the crazy speculation that we saw back then, and underwriting practices have improved dramatically.

“In some U.S. markets, we’ll likely see 10% to 15% declines if we end up in another recession. Fortunately, those of us living in the Midwest don’t experience the crazy market swings that occur more often in the Northwest and Southwest.”


Andrew Clarkson, Vice President for national mortgage production, United FCU

“I don’t believe so. The current economic stress isn’t originating from the housing market. Jobs and incomes remain in strong positions. Inflation and supply chain issues continue to be the primary stressors of this economy.”

“The housing market will eventually react to rising rates. We’ve seen an increase in price reductions and that trend may very well be normal over the next several months as interest rates climb. But, according to national real estate associations, there’s still a housing-supply shortage so a housing bubble seems unlikely.”