For additional news, research, reports, and industry announcements featured in NASCUS Report click here.
Previously featured articles can be found in the NASCUS Digital Library, cataloged by topic.
Articles for May 20, 2022 Issue:
- Coinbase Says Users’ Crypto Assets Lack Bankruptcy Protections: Cryptocurrency Trading Firm Warns Its Customers Could Be Viewed as General Unsecured Creditors
- Recession Fears Grow. But How High Is the Risk?
- Senators Seek Maximum Funding for FinCEN to Fight Money Laundering, Corruption
- Groups Publish AML Best-Practices Compliance Guide for MSBs
Cryptocurrency Trading Firm Warns Its Customers Could Be Viewed as General Unsecured Creditors
Courtesy of Paul Kiernan, Wall Street Journal
May 12, 2022 — Cryptocurrency trading platforms might look and feel like regular brokerage apps to everyday users, but regulators have long warned they lack the oversight and investor protections that are built into traditional financial services. Coinbase Global Inc. acknowledged that reality this week. In its quarterly filings, the crypto trading firm suggested that the digital tokens it holds for its users might not really belong to them if push comes to shove.
“Because custodially held crypto assets may be considered to be the property of a bankruptcy estate, in the event of a bankruptcy, the crypto assets we hold in custody on behalf of our customers could be subject to bankruptcy proceedings, and such customers could be treated as our general unsecured creditors,” the company said.
By contrast, securities held for customers by a registered brokerage are legally segregated from the assets of the brokerage, meaning they can’t be touched in bankruptcy proceedings. The Securities Investor Protection Corp., a nonprofit entity set up by Congress in 1970, also insures as much as $500,000 of customers’ securities and cash in brokerage accounts.
Trading platforms such as those operated by Coinbase COIN 7.35% offer investors a seemingly more user-friendly avenue into cryptocurrency markets than the alternative of setting up a so-called crypto wallet to transact directly with counterparties. Securities and Exchange Commission Chair Gary Gensler has frequently sought to warn investors about the risks associated with the platforms, which aren’t overseen by federal market regulators.
“When you trade on a crypto exchange—and I’m saying this to the investors who might watch this—you no longer own your crypto asset,” Mr. Gensler said in an interview with The Wall Street Journal last year. “If that exchange gets hacked, if somebody steals the underlying token…you’re just a creditor. And when crypto exchanges fail, you’re just in line in bankruptcy court.”
Coinbase Chief Executive Brian Armstrong said in a Twitter thread that the disclosure about bankruptcy risks reflected guidelines released by the SEC in March. Those guidelines directed publicly traded cryptocurrency trading platforms to report users’ assets on their own balance sheets. Coinbase held $256 billion in cash and cryptocurrencies for its customers at the end of the first quarter. “Your funds are safe at Coinbase, just as they’ve always been,” Mr. Armstrong said. “We have no risk of bankruptcy.”
Coinbase’s stock has hit closing lows for four consecutive trading days. The company reported on Tuesday evening that it lost hundreds of millions of dollars in the first quarter. In the year to date, the exchange’s stock price has plunged by 80%. Mr. Armstrong said the firm believes its service that caters to institutional clients, known as Coinbase Prime, has “strong legal protections” in its terms of service, even during big, unpredictable occurrences.
“For retail customers, we’re taking further steps to update our user terms such that we offer the same protections to those customers in a black-swan event,” he said. “We should have had these in place previously, so let me apologize for that.” Reached for comment, a Coinbase spokesman referred back to Mr. Armstrong’s Twitter thread.
Christopher Rugaber, Associated Press Economics Writer
May 9, 2022 — Inflation is at a 40-year high. Stock prices are sinking. The Federal Reserve is making borrowing much costlier. And the economy actually shrank in the first three months of this year. Is the United States at risk of enduring another recession, just two years after emerging from the last one?
For now, even the more pessimistic economists don’t expect a downturn anytime soon. Despite the inflation squeeze, consumers — the primary driver of the economy — are still spending at a healthy pace. Businesses are investing in equipment and software, reflecting a positive outlook. And the job market is more robust than it’s been in years, with hiring strong, layoffs way down and many employers desperate for more workers.
Yet several worrisome developments in recent weeks suggest that the risk of recession may be rising. High inflation has proved far more stubborn than many economists had expected. Russia’s invasion of Ukraine has exacerbated global food and energy prices. Extreme lockdowns in China over COVID-19 are worsening supply shortages.
And when Federal Reserve Chair Jerome Powell spoke at a news conference last week, he reinforced the central bank’s determination to do whatever it might take to curb inflation, including raising interest rates so high as to weaken the economy. If that happens, the Fed could potentially trigger a recession, perhaps in the second half of next year, economists say. By mid-2023, the Fed’s benchmark short-term rate, which affects many consumer and business loans, could reach levels not seen in 15 years. Analysts say the U.S. economy, which has thrived for years on the fuel of ultra-low borrowing costs, might not be able to withstand the impact of much higher rates.
The nation’s unemployment rate is at a near-half-century low of 3.6%, and employers are posting a record-high number of open jobs. So what might cause an economy with such a healthy labor market to suffer a recession?
Here’s what the path to an eventual downturn could look like:
- The Fed’s rate hikes are sure to slow spending in areas that require consumers to borrow, with housing the most visible example. The average rate on a 30-year fixed mortgage has already jumped to 5.25%, the highest level since 2009. A year ago, the average was below 3%. Home sales have fallen in response, and so have mortgage applications, a sign that sales will keep slowing. A similar trend could occur in other markets, for cars, appliances and furniture, for example.
- Borrowing costs for businesses are rising, as reflected in increased yields on corporate bonds. At some point, those higher rates could weaken business investment. If companies pull back on buying new equipment or expanding capacity, they will also start to slow hiring.
- Falling stock prices may discourage affluent households, who collectively hold the bulk of America’s stock wealth, from spending as much on vacation travel, home renovations or new appliances. Broad stock indexes have tumbled for five straight weeks. Falling share prices also tend to diminish the ability of corporations to expand.
- Rising caution among companies and consumers about spending freely could further slow hiring or even lead to layoffs. If the economy were to lose jobs and the public were to grow more fearful, consumers would pull back further on spending.
- The consequences of high inflation would worsen this scenario. Wage growth, adjusted for inflation, would slow and leave Americans with even less purchasing power. Though a weaker economy would eventually reduce inflation, until then high prices could hinder consumer spending.
- Eventually, the slowdown would feed on itself, with layoffs mounting as economic growth slowed, leading consumers to increasingly cut back out of concern that they, too, might lose their jobs.
Related Reading: Forget the Put. The Fed Will Risk Recession to Tame Inflation
Related Reading: The Fed Has a New Plan to Avoid Recession: Party Like it’s 1994
Courtesy of Dave Kovaleski, Financial Regulation News
May 19, 2022 — A group of U.S. senators recently urged the appropriations committee to allocate the maximum possible funding for the federal Financial Crimes Enforcement Network (FinCEN) to support anti-money laundering and anti-corruption reforms.
FinCEN is a bureau within the Department of Treasury that is charged with investigating money laundering, terrorist financing, and other financial crimes around the globe. The funding would be used to help FinCEN deploy new authority under the Corporate Transparency Act and the Anti-Money Laundering Act of 2020 to root out transnational criminals, drug cartels, terrorists, and authoritarian oligarchs, like Vladimir Putin.
“Senator Grassley and I fought for years for new authority to tackle money laundering by international criminals, drug traffickers, terrorists, and kleptocrats. That work led to the 2021 defense bill, where we passed into law powerful new tools to trace dirty money through complicated financial schemes and hold those responsible to account,” Sen. Sheldon Whitehouse (D-RI), one of the senators who is requesting FinCEN funding, said. “Now, we can put our new authority to work with funding that empowers FinCEN to go after kleptocrats, drug traffickers, and other bad actors around the globe. That will be a huge win for the rule of law.”
The letter was sent to U.S. Sens. Chris Van Hollen (D-MD), chair of the Senate Appropriations Committee, and Cindy Hyde-Smith (R-MI), ranking member on the committee. It was signed by Whitehouse along with U.S. Sens. Chuck Grassley (R-IA), Ron Wyden (D-OR), Bill Cassidy, M.D. (R-LA), Jack Reed (D-RI), Todd Young (R-IN), Robert Menendez (D-NJ), Catherine Cortez Masto (D-NV), Richard Blumenthal (D-CT), Elizabeth Warren (D-MA), Ben Ray Lujan (D-NM), Richard Durbin (D-IL), Raphael Warnock (D-GA), Mark Warner (D-VA), Jeanne Shaheen (D-NH), Ben Cardin (D-MD), Bernie Sanders (I-VT), Kyrsten Sinema (D-AZ), Mark Kelly (D-AZ), Amy Klobuchar (D-MN), Chris Coons (D-DE), Dianne Feinstein (D-CA), and Kirsten Gillibrand (D-NY).
“FinCEN is at the tip of the spear in detecting financial schemes that fuel all kinds of illicit activity, from drug trafficking and human exploitation to terrorism. Senator Whitehouse and I have worked for years to beef up our ability to follow the money and takedown money laundering organizations. It’s critical that FinCEN has the resources it needs to continue its important mission,” Grassley said.
The Corporate Transparency Act requires FinCEN to obtain information on the true owners of corporations and LLCs formed within the United States and to set up a database to help law enforcement and national security officials access that information when necessary.
Courtesy of ABA Banking Journal
May 19, 2022 — A group of companies involved in money services businesses, working with other interested parties including the American Bankers Association, issued a best-practices guide for MSBs related to anti-money laundering and Bank Secrecy Act compliance.
MSBs are categorized as nonbank financial institutions, such as credit card systems, investment advisers, mutual funds, insurance companies, loan providers or finance companies. The best practices also include guidance for virtual currency and fintech companies, recognizing their integration into the financial services landscape and accompanying AML obligations.
The goal of the document is to help MSBs develop a compliance program to meet applicable requirements established by the Treasury Department’s Financial Crimes Enforcement Network. The guide is also intended to help MSBs open and retain banking relationships while also helping banks understand the business operations of MSBs and the commensurate risks. “Overall, these industry best practices should enable an MSB to develop and maintain an AML program to meet its obligation to detect, report and prevent money laundering and terrorist financing,” the guide’s authors wrote.
Articles for May 13, 2022 Issue:
- Cannabis Crime Wave Boosts Banking Prospects on Capitol Hill
- Overdraft Fees, NCUA Oversight of Vendors Comes Up During Another Senate Hearing
- Federal Reserve of New York Report: Total Household Debt Increases in Q1 2022, Driven by Mortgage and Auto Balances
- CFPB Orders $8M Paid to Consumers in Student Loan Scam
Courtesy of Natalie Fertig, Politico
Weed businesses struggle to bank in the U.S., leaving cash on the premises.
- Jordan Brown, a 29-year-old budtender, was shot and killed on March 19 during his shift at World of Weed in Tacoma, Wash.
- Joshua Chase, owner of Oakanna in Oakland, was shot in the foot in the early hours of April 24
- Brian Garcia, 28, was shot and killed less than two weeks ago in a dispensary in Los Angeles.
All three men were shot during confirmed or suspected robberies of cannabis shops. Industry officials and state lawmakers say crimes against those businesses have increased in recent years due to the large amount of cash they are often required to keep on hand, since federal restrictions discourage banks from doing business with them.
Exact numbers are difficult to pin down, but in Washington state alone officials say there were more than 50 armed robberies of cannabis stores in the first two months of 2022 — a greater number than in all of 2020 or 2021. “The time for congressional dithering on this issue needs to end, because people are dying,” Washington State Treasurer Mike Pellicciotti said in an interview. “Robbers go where the cash is.”
Now, this wave of robberies and deaths may shift the outlook on Capitol Hill for legislation that would make it easier for cannabis companies to open bank accounts and apply for small business loans. Sen. Patty Murray (D-Wash.) — the third-ranking Senate Democrat — recently stated that cannabis banking is a top priority for her in negotiations over a China competition bill. The American Bankers Association and all 50 state banking associations cited public safety concerns in a recent letter to Senate leaders urging its inclusion. “There’s kind of growing momentum and interest,” said Sen. Jeff Merkley (D-Ore), a lead sponsor of the bill.
The recent spate of headline-grabbing robberies and deaths have highlighted the negative impacts of federal inaction, and spurred involvement from powerful lawmakers. Meanwhile, the delayed introduction of a federal decriminalization bill in the Senate — which would also fix the problem — has reopened the door for weed and banking. But the bill still faces a potentially fatal obstacle: Democrats’ insistence that it include social equity or criminal justice reform provisions alongside the banking legislation.
The House has passed the SAFE Banking Act six times in the past three years. Currently, it’s under consideration as an amendment in the House’s version of the COMPETES Act — also known as the China trade bill. Support for it has grown in the Senate, but the legislation has never made any progress in the chamber.
As the conference process begins in earnest, a bipartisan handful of Senators are pushing for its inclusion. “I’m hoping to see it in the bill,” Sen. Steve Daines (R-Mont.) said. “We’ve got the Republican votes to get this passed.”
Join us on June 14-15, 2022, NASCUS is offering an event devoted to the cannabis landscape designed to provide financial institutions with the latest updates on the cannabis industry. With special guest, NCUA Board Member, the Honorable Rodney E. Hood.
The US legal cannabis industry is predicted to top $30 billion in 2022. As a result, the demand for banking services will continue to intensify. Credit unions need to understand the complicated policy questions related to the cannabis industry and every examiner needs to have a working understanding of the state licensed cannabis industry to understand a credit union’s true risk profile in states where marijuana has been legalized.
Courtesy of CUToday.info
May 11, 2022 — The issue of overdraft fees raised its head in yet another Senate hearing, as did questions around cybersecurity risks to credit unions.
Both issues were raised during a Senate Banking, Housing, and Urban Affairs Committee hearing focused on the Financial Stability Oversight Council’s (FSOC) report to Congress at which Treasury Secretary Janet Yellen testified.
During the hearing, the Committee discussed stablecoin legislation, inflation, and Russian sanctions.
But committee Democrats also shared their displeasure with banks’ reliance on overdrafts fees as a source of revenue, as well as the risks posed to credit unions via cyberattacks – specifically calling for third party vendor oversight authority for NCUA, which has sought the additional powers.
Sen. Raphael Warnock (D-GA) asked Yellen if she thought that banks’ use overdraft fees as revenue was a sound practice, to which she responded that she found some of these fees “abusive.”
When asked how she would work with other regulators to hold banks accountable on this issue, Yellen responded by stating it was not the FSOC’s responsibility, but rather under the domain of the CFPB.
Risks to CUs
Separately, Sen. Jon Ossoff (D-GA) raised questions around risks posed to credit unions by cyberattacks, calling for third-party vendor authority at the NCUA. Ossoff said he is working on legislation to give the agency third-party vendor authority, with Yellen followed up by describing the lack of such authority as an “important gap” and further adding she would like to see the legislation.
Federal Reserve Bank of New York: Total Household Debt Increases in Q1 2022, Driven by Mortgage and Auto Balances
Mortgage and auto loan originations subside after historically high volumes seen in 2021
Related Reading: Federal Reserve Center for Microeconomic Data
The Federal Reserve Bank of New York’s Center for Microeconomic Data today issued its Quarterly Report on Household Debt and Credit. The Report shows a solid increase in total household debt in the first quarter of 2022, increasing by $266 billion (1.7%) to $15.84 trillion. Balances now stand $1.7 trillion higher than at the end of 2019, before the COVID-19 pandemic. The report is based on data from the New York Fed’s nationally representative Consumer Credit Panel.
Mortgage balances rose by $250 billion in the first quarter of 2022 and stood at $11.18 trillion at the end of March. In line with seasonal trends typically seen at the start of the year, credit card balances declined by $15 billion. Credit card balances are still $71 billion higher than Q1 2021 and represent a substantial year-over-year increase. Auto loan balances increased by $11 billion in the first quarter, while student loan balances increased by $14 billion and now stand at $1.59 trillion. In total, non-housing balances grew by $17 billion.
Mortgage and auto loan originations both declined in the first quarter, after historically high volumes in 2021. Mortgage originations were at $859 billion, representing a decline from the high volumes seen during 2021, yet still $197 billion higher than in Q1 2020, right before the pandemic hit the United States. The volume of newly originated auto loans was $177 billion during the first quarter, primarily reflecting an increase in auto prices. Aggregate limits on credit card accounts increased by $64 billion and now stand at $4.12 trillion–$224 billion above the pre-pandemic level.
The share of current debt transitioning into delinquency increased modestly for nearly all debt types but remains historically low. The delinquency transition rate for credit cards increased by 0.2 percentage point, while mortgages, auto loans, and home equity lines of credit all saw 0.1 percentage point increases. Although the number of new foreclosures remains very low, there was a small uptick in new foreclosures in Q1 2022.
The Quarterly Report includes a summary of key takeaways and their supporting data points. Overarching trends from the report’s summary include:
- There was $859 billion in newly originated mortgage debt in Q1 2022, with 68% of it originated to borrowers with credit scores over 760. Two percent of newly originated mortgages were originated to subprime borrowers, a sharp contrast to the 12% average seen between 2003-2007.
- About 24,000 individuals had a new foreclosure notation added to their credit reports during the first quarter, compared to only 9,000 individuals in the fourth quarter of 2021, reflecting the partial resumption on new foreclosures. Although the hold on foreclosures due to CARES was lifted on July 31, 2021, additional federal and state policies may continue to forestall some foreclosure starts.
- The share of mortgage balances 90+ days past due remained at 0.5%, a historic low.
- Outstanding student loan debt stood at $1.59 trillion in Q1 2022, a $14 billion increase from Q4 2021.
- About 5% of aggregate student debt was 90+ days delinquent or in default in Q1 2022. The lower level of student debt delinquency reflects a Department of Education decision to report current status on loans eligible for CARES Act forbearances.
Account Closings, Credit Inquiries and Collection Accounts
- The number of credit inquiries within the past six months–an indicator of consumer credit demand–was at 109 million, a 5.1% decline from the previous quarter.
- 229 million new accounts were opened in the first quarter, an uptick from the previous quarter and slightly higher than typical pre-pandemic levels.
Courtesy of PYMNTS.com
The Consumer Finance Protection Bureau (CFPB) has finalized an enforcement action against RAM Payment and Account Management Systems, two payment processors working with debt relief, over collecting debt-relief fees from consumers and lying about the specifics. According to a CFPB press release Wednesday (May 11), Account Management Systems’ co-founders, Gregory Winters and Stephen Chaya, were also filed against.
The CFPB said the companies took fees and lied about when the fees would be paid to debt-relief companies. According to the release, they sent illegal advance fees to the companies before they were allowed, and allegedly did not return funds to consumers who canceled their student loan debt-relief agreements, which is required by law.
AMS and RAM Payment are both Tennessee-based companies and have provided account maintenance and payment processors for those in debt-relief programs. The providers of these services are intended to be independent and just hold fees until the debt-relief companies are ready for them.
Because of those allegations, the CFPB is fining the defendants over $11 million.
“Too often, bad actors take advantage of student loan borrowers and others who are seeking to get out of debt,” said CFPB Director Rohit Chopra. “Our law enforcement action bans the facilitators and their ringleaders for their illegal acts.”
Articles for May 6, 2022 Issue:
- Digital Bank Heists – Because That’s Where the Money Is Today
- FBI Issues PSA on Business Email Compromises
- Card Interchange, Overdraft Fees Get Scrutiny During Senate Hearings
- FHFA Announces Mandatory Use of the Supplemental Consumer Information Form
- OPINION: Cybersecurity Metrics Corporate Boards Want to See
Digital Bank Heists – Because That’s Where the Money Is Today
Courtesy of Kevin Townsend, Security Week
The financial sector is in the crosshairs of criminal cartels and nation-state actors. Criminals seek a lucrative market, and nation-states treat profit as a form of sanctions-busting. With the high volume of Russian-speaking gangs and the current sanctions against the Russian state, this makes Russia a major threat to financial institutions – albeit not the only one.
Modern Bank Heists 5.0 (PDF) is the fifth iteration of an annual report on security in the finance sector written by Tom Kellermann, head of cybersecurity strategy at VMware. Kellermann has a keen interest in the subject since writing the first book on finance and security, Electronic Safety and Soundness, Securing Finance in a New Age, back in 2005. This report focuses on the current opinions and experience of the industry’s top CISOs and security leaders.
There are six primary takeaways from the respondents to the report:
- increasing destructive attacks (up 14 points to 63%);
- attacks targeting market strategies (66%);
- a high level of ransomware attacks (74% – 63% of which were paid);
- concern over the security of cryptocurrency exchanges (83%);
- a large increase in island hopping attacks (60%, up from 2% last year): and
- a planned 20% to 30% increase in security spending
Explaining the takeaways
The reason that financial institutions are under constant attack is simple: that’s where the money is today. The attackers comprise advanced criminal gangs (often part of a larger cartel) and nation states. The nation state attackers are particularly North Korean or Russian, where the proceeds are used to offset sanctions. “According to the World Economic Forum” Kellermann told SecurityWeek, “the proceeds associated with the dark web are more than $1 trillion per year – and I would estimate that more than 50% of that goes right back into the Russian economy.”
Related Reading: Why Ransomware Response Matters More Than Protection
FBI Issues PSA on Business Email Compromises
Business Email Compromise: The $43 Billion Scam
This Public Service Announcement is an update and companion piece to Business Email Compromise PSA I-091019-PSA posted on www.ic3.gov. This PSA includes new Internet Crime Complaint Center complaint information and updated statistics from October 2013 to December 2021.
Business Email Compromise/Email Account Compromise (BEC/EAC) is a sophisticated scam that targets both businesses and individuals who perform legitimate transfer-of-funds requests. The scam is frequently carried out when an individual compromises legitimate business or personal email accounts through social engineering or computer intrusion to conduct unauthorized transfers of funds.
The scam is not always associated with a transfer-of-funds request. One variation involves compromising legitimate business email accounts and requesting employees’ Personally Identifiable Information, Wage and Tax Statement (W-2) forms, or even cryptocurrency wallets. Between July 2019 and December 2021, there was a 65% increase in identified global exposed losses, meaning the dollar loss that includes both actual and attempted loss in United States dollars.
The BEC scam has been reported in all 50 states and 177 countries, with over 140 countries receiving fraudulent transfers. The following BEC/EAC statistics were reported to the FBI IC3, law enforcement and derived from filings with financial institutions between June 2016 and December 2021:
- Domestic and international incidents: 241,206
- Domestic and international exposed dollar loss: $43,312,749,946
BEC AND CRYPTOCURRENCY
The IC3 has received an increased number of BEC complaints involving the use of cryptocurrency. Cryptocurrency is a form of virtual asset that uses cryptography (the use of coded messages to secure communications) to secure financial transactions and is popular among illicit actors due to the high degree of anonymity associated with it and the speed at which transactions occur.
The IC3 tracked two iterations of the BEC scam where cryptocurrency was utilized by criminals. A direct transfer to a cryptocurrency exchange (CE) or a “second hop” transfer to a CE. In both situations, the victim is unaware that the funds are being sent to be converted to cryptocurrency.
- DIRECT TRANSFER – Mirrors the traditional pattern of BEC incidents in the past.
- SECOND HOP TRANSFER – Uses victims of other cyber-enabled scams such as Extortion, Tech Support, and Romance Scams. Often, these individuals provided copies of identifying documents such as driver’s licenses, passports, etc., that are used to open cryptocurrency wallets in their names.
In the past, the use of cryptocurrency was regularly reported in other crime types seen at the IC3 (e.g., tech support, ransomware, employment), however, it was not identified in BEC-specific crimes until 2018. By 2019, reports had increased, culminating in the highest numbers to-date in 2021 with just over $40M in exposed losses. Based on the increasing data received, the IC3 expects this trend to continue growing in the coming years.
Card Interchange, Overdraft Fees Get Scrutiny During Senate Hearings
Courtesy of CUToday.info
Card interchange and overdraft fees were the subject of two separate Senate hearings yesterday, and there were powerful interests on both sides of each issue, including credit unions.
In his opening statement to the Senate Judiciary Committee hearing on interchange, titled “Excessive Swipe Fees and Barriers to Competition in the Credit and Debit Card Systems,” Sen. Dick Durbin (D-IL), chair of the committee and for whom the so-called Durbin Amendment is named, made clear his position hasn’t changed since that amendment became law a decade ago. Durbin referred to interchange fees as “anti-competitive,” and blamed rising interchange fees for higher consumer prices.
“Visa and Mastercard control around 80% of the credit and debit card market. And they have established a system of fees and rules that apply to every transaction involving cards issued by the thousands of banks in the Visa and Mastercard networks,” said Durbin. “Interchange fees are designed to avoid competitive market pressures. Banks get the fees, but the banks do not set the fees. Instead, the banks let Visa and Mastercard set the fees on their behalf, so the same schedule of fee rates applies for all banks in the network.
“Bottom line: when swipe fees go up, it costs more to use money. And that cost gets built into the prices that consumers ultimately pay,” Durbin said.
Nearly $80 Billion in Fees Paid
According to Durbin, merchants paid out $77.48 billion in credit card fees and $28.06 billion in debit card fees imposed by Visa and Mastercard during 2021. As CUToday.info reported earlier, the hearing and the themes expressed by Durbin were welcomed by the nation’s retailers and merchants. Both CUNA and NAFCU sent letters to the committee ahead of the hearing warning of “concerns” around any changes (see separate reporting).
A merchants’ trade group had called for the hearing after Visa and Mastercard last month declined to stop a $1.2 billion increase in swipe fees even though Durban, Sen. Roger Marshall (R-KS), Rep. Peter Welch (D-VT) and Rep. Beth Van Duyne (R-TX) had requested that the hike be withdrawn.
Hearing on Overdrafts
Separately, a hearing before the Senate Committee on Banking featured new congressional pressure on financial institutions to eliminate overdraft fees, even as the financial services industry, including credit unions, have been pushing back.
Sen. Raphael Warnock (D-GA), who chaired the hearing, praised those banks and CUs that have reduced or eliminated fees, but indicated he believes more can be done. According to Warnock, banks made $33 million off of overdraft fees last year, and that eliminating the fees will help many in the working class, college students and people serving or who have served in the military.
“Working families are trying to figure how to pay for groceries, how to pay for prescription drugs in a world in which big pharma is exploiting the cost of drugs and on top of that you have these overdraft fees, which are totally unnecessary and this is a part of my effort to shine a light on this,” Warnock said during the hearing.
The Federal Housing Finance Agency (FHFA) today announced that Fannie Mae and Freddie Mac (the Enterprises) will require lenders to use the Supplemental Consumer Information Form (SCIF) as part of the application process for loans that will be sold to the Enterprises. The purpose of the SCIF is to collect information about the borrower’s language preference, if any, and on any homebuyer education or housing counseling the borrower received, so lenders can better understand borrower needs during the home buying process.
Specifically, the changes announced today will require lenders to present the SCIF questions to borrowers and to report any data collected from the SCIF to the Enterprise purchasing the loan. Lenders will be required to adopt these changes and reporting requirements for loans with application dates on or after March 1, 2023. Response by borrowers to the preferred language question in the SCIF will remain voluntary.
“Collecting language preference and housing counseling information provides mortgage applicants with an additional method to inform lenders of their needs, enabling the industry to more fully respond to the nation’s growing diversity,” said FHFA Acting Director Sandra L. Thompson. “These steps will contribute to an equitable housing finance system that welcomes all qualified borrowers.”
“The CFPB welcomes the FHFA’s announcement today. As those lenders and financial companies that already collect the language preference of applicants and borrowers know, this information allows lenders to serve their customers better. The collection of applicants’ language preference does not violate the Equal Credit Opportunity Act or its implementing regulations,” said CFPB Director Rohit Chopra. “The CFPB is eager to see advances in broader language access to better serve all borrowers.”
The SCIF will be available via Mortgage Translations later this Summer. Created by FHFA, Fannie Mae, and Freddie Mac, Mortgage Translations provides resources to assist lenders, servicers, housing counselors, and others in helping mortgage borrowers who have limited English proficiency. The site contains documents and resources available in English, Spanish, traditional Chinese, Vietnamese, Korean, and Tagalog. Mortgage Translations is part of FHFA’s Language Access Multi-Year Plan.
OPINION: Cybersecurity Metrics Corporate Boards Want to See
These are the metrics that boards of directors will find useful because they help map security investments with strategic goals and risks.
Courtesy of Pete Lindstrom, CSOOnline.com
Cybersecurity pros interested in metrics and measures frequently ponder and pontificate on what measures would be best to show the board of directors. That can be a tricky proposition because “we have to speak like the business” is also a mantra. Coming up with cybersecurity metrics from a business perspective can be a challenge. So how can we solve this problem and provide useful insight?
Well, first we have to recognize that the board level is the highest strategic level in the company. If you provide metrics on patch status and phishing test results, you are essentially admitting that your cybersecurity program is built on a few hodge-podge activities and a prayer.
Cybersecurity pros often malign the “red-yellow-green” types of indicators, but keep in mind that the board doesn’t need technical details or variances. If they can get by with “sales per square foot” metrics in retail stores that sell smartphones and candy bars or “bed utilization” measures for hospitals that treat dehydration and conduct brain surgery, they can work with “bigger picture” scales on three to five levels. “Red-yellow-green” isn’t completely out of the question as long as the levels are defined and have details that explain them. The bigger challenge now is that board members are increasingly becoming liable for negligence, and they really should and do want more insight.
Top cybersecurity questions from corporate boards
Now we revert to where we started – trying to provide business-oriented board members with technically oriented cybersecurity data at a strategic level. It may be helpful to set a baseline of what board members really want to know about cybersecurity in any company. Here are their top five questions:
- Are we secure? This question is the bane of many a cybersecurity pro’s existence because the answer now and always will be “no” from a literal 100% protection standpoint. If we rework the question to “what is our exposure level?” we can start to make headway.
- Are we compliant? This question is often easily answered with audit results but may provide no real comfort due to its “point-in-time” perspective that can change at a moment’s notice. Better to assess our cybersecurity program using a control framework.
- Have we had any (significant) incidents? Board members will be well-aware of any significant incidents, so this question is usually answered with details as well as estimates regarding costs and potential liability.
- How effective is our security program? Quality first.
- How efficient is our security program? And then quantity.
Articles for April 29, 2022 Issue:
- NACUSO Network Coverage: And the Winner of the Next Big Idea Competition Is…
- What Might Responsible BNPL Look Like?
- Financial Leaders Grappling with More Aggressive and Sophisticated Attack Methods
- CFPB and NY Attorney General Sue Repeat Offender MoneyGram for Leaving Families High and Dry; Company Ignored Government Warnings to Stop and Stranded Customers Waiting for Their Money
Courtesy of CTToday.info
April 26, 2022 — A pair of CUSOs that have partnered on a voice authentication solution have won NACUSO’s Next Big Idea competition here.
Illuma Labs and POSH took home the title and the prize of $7,500—made available by Co-op Solutions—following a vote after six different CUSOs had pitched their offerings Shark Tank style during the NACUSO Network meeting.
During their presentation, representatives of Illuma Labs and POSH demonstrated how they are integrating the Illuma Shield passive voice authentication solution with conversational AI IVR for deployment on the self-service side of credit union call centers. The CUSOs said the solution, aimed at fraud prevention/identity verification, can recognize a member by running in the background as the member speaks with an agent and can do so on average in 12.9 seconds with a 93% verification rate.
The companies said to date no fraudsters have defeated the system where it is in place.
QCash Financial took home second place and a $2,500 prize.
Other companies participating in the competition included Dora, ChangEd, JUDI.AI, and Qoosh Technology which offers the Quilo solution.
Each of the teams made their presentations before four judges: Bill Beardsley of Michigan Business Connection; Mary Beth Spuck of Resource One Credit Union; Becky Reed of Lone Star Credit Union, and Jeffrey Staw of Open Technology Solutions.
More from the NACUSO Conference: NCUA Board Member Rodney E. Hood’s Remarks at the 2022 NACUSO Networking Conference Orlando, Florida
NASCUS will be hosting 2021 and 2022 Big Idea Winners Renofi, Illuma Labs and POSH at the S3: State System Summit this summer
Join us for an event of in-depth learning and networking with friends, colleagues, and industry leaders from across the country, August 14-17, 2022.
This event brings state regulators, credit union professionals, and topic-specific experts together to share best practices, collaborate on industry issues, as well as exchange ideas and resources.
Courtesy of Tim Flacke, PaymentsJournal.com
BNPL is reaching an inflection point. Continued strong growth is spurring action by larger providers, such as Amex, Capital One and Citizens – firms with incentives to think holistically and long-term about their customers’ financial well-being, and their corporate reputations. Federal and state regulators are also focusing more on BNPL. It’s time to consider what “responsible BNPL” might look like, and what outcomes it can help deliver for low and moderate-income (LMI), underserved customers.
Among consumer advocates and some regulators, the rapid growth of Buy Now Pay Later (BNPL) has been met with deep suspicion and concern. This is unsurprising: BNPL is marketed to merchants as a way to increase spending, yet is serving more at-risk populations and with little regulatory oversight. BNPL has also taken root rapidly, growing 85% in 15 months during 2020 and 2021 and attracting a record $4B of venture funding in 2021,
BNPL deserves special focus, as it is serving younger, more racially diverse households with lower and more volatile incomes (compared to credit cards). Amidst historical and current systemic discrimination, these same households are less likely to have a credit card, yet more likely to face financial challenges that make access to credit critical. For many, BNPL may be the only practical credit option.
It’s also clear consumers have embraced BNPL; over 55% of Americans have tried it. And BNPL has some desirable attributes: loans are clear, time limited, convenient, don’t create long-term debt balances by themselves, and can be no-cost. BNPL is also extending credit to those with few or no other credit options.
These facts suggest an opportunity for BNPL to contribute to financial inclusion and security. Here are four key questions to consider for financial service providers looking to chart a long-term, responsible BNPL strategy built on a commitment to LMI customers’ financial well-being.
How do your LMI customers experience BNPL?
While we speak of BNPL as if it is a single product, in fact offerings vary considerably from provider to provider in terms of costs, fees, underwriting practices and other issues. The practical result is caveat emptor (“buyer beware”), and a greater chance that customers will end up using products they don’t fully understand as they make quick decisions at point of sale. Because BNPL is rarely underwritten using traditional credit bureaus, few providers understand a consumer’s full debt picture; this places users at greater risk of biting off more debt than they can chew.
Responsible BNPL providers have an opportunity to make terms and conditions completely clear and easily understood, not only at the point of sale, but by communicating with customers before and after purchases. Firms should engage their customers to understand how they use BNPL and what types of support they would welcome; for instance, might they value a simple tool to help take stock of how many installment loans one has outstanding – with what amounts, due dates, and outstanding balances – before adding another?
Courtesy of HelpNetSecurity.com
VMware released a report which takes the pulse of the financial industry’s top CISOs and security leaders on the changing behavior of cybercriminal cartels and the defensive shift of the financial sector.
The changing behavior of cybercriminal cartels and the defensive shift of the financial sector
- 60% of financial institutions experienced an increase in island hopping, a 58% increase from last year. The increase represents a new era of conspiracy where hijacking the digital transformation of a financial institution via island hopping to attack its constituents has become the ultimate attack outcome.
- 67% of financial institutions observed the manipulation of time stamps, an attack called Chronos named after the god of time in Greek mythology. Notably, 44% of Chronos attacks targeted market positions.
- 83% are concerned with the security of cryptocurrency exchanges. The advantage for cybercriminals of targeting cryptocurrency exchanges is that successful attacks can be immediately and directly turned into cyber cash.
- The majority of financial institutions plan to increase their budget by 20-30% this year. Top investment priorities include extended detection and response (XDR), workload security, and mobile security.
The report found that financial institutions are facing increased destructive attacks and falling victim to ransomware more than in years’ past, as sophisticated cybercrime cartels evolve beyond wire transfer fraud to now target market strategies, take over brokerage accounts and island hop into banks.
In the Modern Bank Heists report, 63% of financial institutions admitted experiencing an increase in destructive attacks, with cybercriminals leveraging this method as a means to burn evidence as part of a counter incident response.
Additionally, 74% experienced at least one ransomware attack over the past year, with 63% paying the ransom. When asked about the nation-state actors behind these attacks, the majority of financial instructions stated that Russia posed the greatest concern, as geopolitical tension continues to escalate in cyberspace.
The report also found that once cybercriminals gain access into a financial organization, they’re no longer after wire transfers or access to capital as traditionally assumed. Cybercriminal cartels are now seeking nonpublic market information, such as earnings estimates, public offerings, and significant transactions. In fact, 66% of financial institutions experienced attacks that targeted market strategies. This modern market manipulation aligns with economic espionage and can be used to digitize insider trading.
Related Reading: Top threats for the financial sector
Related Reading: Cybercrime Is Escalating From Bank Heists to Market Manipulation
April 21, 2022 — The Consumer Financial Protection Bureau (CFPB) and New York Attorney General Letitia James today announced they are filing a lawsuit against MoneyGram International, Inc. and MoneyGram Payment Systems, Inc. (MoneyGram)—one of the largest remittance providers in the U.S.—for systemically and repeatedly violating various consumer financial protection laws and leaving families high and dry. The lawsuit specifically alleges that the company stranded customers waiting for their money when it failed to deliver funds promptly to recipients abroad.
“MoneyGram spent years failing its customers and failing to follow the law, ignoring customer complaints and government warnings in the process,” said CFPB Director Rohit Chopra. “MoneyGram’s long pattern of misconduct must be halted.”
“Our immigrant communities trusted MoneyGram to send their hard-earned money back home to loved ones but MoneyGram let them down,” said Attorney General Letitia James. “Consumers deserve to know where their money went. Companies have an obligation to be transparent with consumers, treat them fairly, and follow the law, but MoneyGram repeatedly failed to do so. Today we are suing MoneyGram to correct their unlawful practices and prevent them from harming consumers. New Yorkers can trust that my office will protect them from unscrupulous companies.”
Dallas-based MoneyGram International, Inc. (NASDAQ: MGI) is a financial services company that enables consumers to send money, known as remittances. A significant portion of the company’s money-transfer transactions are initiated by immigrants or refugees in the United States sending money back to their native countries. The company’s reach is broad, operating in more than 200 countries and territories, and serving 47 million customers in 2021. The company is led by Chairman and CEO W. Alex Holmes. In 2021, it had $1.2 billion in revenue.
Thomas H. Lee Partners, L.P. and Goldman, Sachs & Co. invested in MoneyGram from as early as 2008. Then, on Feb. 15, 2022, MoneyGram announced a pending sale to Madison Dearborn Partners, LLC, a Chicago-based private equity firm, in a transaction valued at $1.8 billion, subject to regulatory approvals.
The company is subject to multiple consumer financial protection laws, including the CFPB’s 2013 Remittance Rule, which was written after Congress adopted a new set of legal protections to make remittance transfers more transparent and less risky in 2010. As one of the biggest players in the market, MoneyGram knew it had new laws to follow and that it had to change some of its ways of doing business. The company was also clearly subject to CFPB supervision after the Bureau began supervising the market in 2014.