Regulatory Update - March 2015

Grant Thornton’s monthly Regulatory Update tracks key regulatory news and enforcement activity within the financial services industry so you can stay informed about the impact of current events on your business.

We thank you for your interest in Grant Thornton.

Industry News
March 30, 2015 – FFIEC Joint Statements on Destructive Malware and Compromised Credentials
The Federal Financial Institutions Examination Council (FFIEC) released two statements about ways that financial institutions can identify and mitigate cyberattacks that compromise user credentials or use destructive software, known as malware. In addition, the FFIEC provided information on what institutions can do to prepare for and respond to these threats. Cyberattacks have increased in frequency and severity over the past two years. The attacks often involve the theft of credentials used by customers, employees, and third parties to authenticate themselves when accessing business applications and systems. Cybercriminals can use stolen credentials to commit fraud or identity theft, modify and disrupt information system, and obtain, destroy, or corrupt data. Also, cyber criminals often introduce malware to business systems through email attachments, connecting infected external devices such as USB drives to computers or networks or by introducing the malware directly onto the business systems using compromised credentials.
Read the full FFIEC press release and corresponding guidance >>

March 26, 2015 – CFPB Considers Proposal to End Payday Debt Traps
The Consumer Financial Protection Bureau (CFPB) announced it is considering proposing rules that would end “payday debt traps” by requiring lenders to take steps to make sure consumers can repay their loans. The proposals under consideration would also restrict lenders from attempting to collect payment from consumers’ bank accounts in ways that tend to rack up excessive fees. The strong consumer protections being considered would apply to payday loans, vehicle title loans, deposit advance products, and certain high-cost installment loans and open-end loans. The proposals under consideration provide two different approaches to eliminating debt traps – prevention and protection. Under the prevention requirements, lenders would have to determine at the outset of each loan that the consumer is not taking on unaffordable debt. Under the protection requirements, lenders would have to comply with various restrictions designed to ensure that consumers can affordably repay their debt. Lenders could choose which set of requirements to follow.
Read the full CFPB press release >>

March 26, 2015 – FDIC and FRB Adjusted Resolution Plan Filing Deadline for Nonbank Financial Companies
The Federal Reserve Board (FRB) and the Federal Deposit Insurance Corporation (FDIC) permanently adjusted the annual resolution plan filing deadline for American International Group, Inc., General Electric Capital Corporation, Inc., MetLife, Inc., and Prudential Financial, Inc., from July 1 to December 31 beginning in 2016. The Dodd-Frank Act requires that certain banking organizations with total consolidated assets of $50 billion or more and nonbank financial companies designated by the Financial Stability Oversight Council for supervision by the FRB periodically submit resolution plans to the FDIC and FRB.
Read the joint FDIC and FRB press release >>

March 19, 2015 – FRB Application of Enhanced Prudential Standards to Bank Holding Companies
In testimony before the Senate Committee on Banking, Housing & Urban Affairs, Federal Reserve Governor Daniel Tarullo suggested that the threshold for the Volcker Rule should be raised. Governor Tarullo stated that the Volcker Rule and incentive compensation requirements in Section 956 of the Dodd-Frank Act are directed at concerns typically only present with larger institutions. According to Governor Tarullo, the banking agencies have done their best to tailor the application of these rules to smaller banks and reduce the effect to these small institutions. However, Governor Tarullo testified that the threshold could be raised to $10 billion to eliminate compliance burden as the cost of current compliance efforts is likely not worth the incremental prudential benefits that might be gained.
Read Governor Tarullo's full testimony >>

March 19, 2015 –  OCC Tailored Supervisory Expectations Based on Size and Complexity
Comptroller of the Currency Thomas Curry discussed the Office of the Comptroller of the Currency’s (OCC) approach to tailoring regulatory and supervisory expectations to the size and complexity of supervised institutions. Remarks were part of testimony before the Senate Committee on Banking, Housing & Urban Affairs. Comptroller Curry described a number of initiatives undertaken by the OCC to ensure that banks that pose heightened risks to the financial system are subject to higher requirements than those with lower risk profile.
Read the Comptroller's full statement >>

March 17, 2015 – CFPB Credit Card Market Inquiry
The CFPB announced it is seeking public comment on how the credit card market is functioning and the impact of credit card protections on consumers and issuers. This public inquiry will focus on issues including credit card terms, the use of consumer disclosures, credit card debt collection practices, and rewards programs, among others.
Read the full CFPB press release >>

March 11, 2015 – CFPB Supervisory Highlights
The CFPB released its latest supervision report highlighting legal violations uncovered by the Bureau’s examiners. The Bureau found deceptive student loan debt collection practices, unfair and deceptive overdraft practices, mortgage origination violations, fair lending violations, and mishandled disputes by consumer reporting agencies. The report also shows that CFPB supervisory enforcement actions resulted in remediation of approximately $19million to more than 92,000 consumers.
Read the full CFPB Winter 2015 Supervisory Highlights >>

March 5, 2015 – FRB Release of Supervisory Stress Tests Results
The FRB released the results of its supervisory bank stress tests. The largest U.S.-based bank holding companies continue to build their capital levels and to strengthen their ability to lend to households and businesses during a period marked by severe recession and financial market volatility. This is the fifth round of stress tests led by the FRB since 2009 and the third round required by the Dodd-Frank Act.  The quantitative results from the Dodd-Frank stress tests are one component of the Federal Reserve's analysis during the Comprehensive Capital Analysis and Review (CCAR), which is an annual exercise to evaluate the capital planning processes and capital adequacy of large financial institutions.
Read the full 2015 DFAST Methodology and Results report >>

March 3, 2015 – FRB Stress Tests Too Predictable?
The stress tests meant to ensure that big banks are safe and sound have become too predictable, experts warn in a paper published by the U.S. Treasury Department’s Office of Financial Research. The researchers show that the examination process is settling into a routine, as evidenced by results that come back largely the same year after year. The findings echo concerns that stress tests have become just another regulatory hurdle. “The results of the Federal Reserve’s bank stress tests suggest a trend toward greater predictability,” the authors wrote. In the past two years, the researchers found potential bank losses to be “nearly perfectly correlated,” a surprising finding for such devilishly complex simulations.
Read the full news article >>
Read the full Office of Financial Research working paper >>

March 2, 2015 –  OCC Comptroller Curry’s Issues Remarks on BSA/AML
Comptroller Curry offered remarks to the Institute of International Bankers regarding OCC supervisory efforts related to the Bank Secrecy Act / Anti-Money Laundering (BSA/AML). Comptroller Curry stressed that banks of all types and sizes must understand the nature of BSA/AML risk, BSA/AML regulatory obligations, and the importance of collaboration among financial institutions and sovereign supervisors to meet the rising BSA/AML risks. Additionally, the Comptroller’s comments touched on the need for continuing innovation in the effort to combat BSA/AML compliance risk, including technological enhancements and expansion of information sharing.
Read the Comptroller’s full remarks >>

March 2, 2015 – Risk-Based Capital Surcharge for G-SIBs
The Systemic Risk Council, a private sector, non-partisan body of former government officials and financial and legal experts that address regulatory and structural issues related to systemic risk in the United States, submitted a letter to the Board of Governors of the Federal Reserve System supporting the Board’s recent proposal of a risk-based capital surcharge for U.S. bank holding companies identified as global systemically important banking organizations (G-SIBs) and calling for the proposal to be strengthened in several key areas. The letter, submitted by the Council’s Chair, Sheila Bair (former FDIC Chair), in part states: “The Council believes that a well- calibrated GSIB surcharge will assist regulators and GSIBs to lean into the headwinds of systemic risk ex ante, that is, prior to the onset of periods of financial stress. This, in turn, will contribute to a reduction of the probability of catastrophic GSIB failures."
Read the Council’s full letter >>

Recent Enforcement Action Activity
March 23, 2015 – Overdraft Fees Class Action Lawsuit
American Savings Bank has settled a class action lawsuit involving overdraft fees, which alleged that the bank did not post debit card charges in chronological order so it could levy more overdraft fees, for $2 million. The suit alleged that the transactions were posted in order of the highest dollar amount to the lowest dollar amount and, as a result, the number of overdraft fees to the account increased.
Read the full news article >>

March 12, 2015 –  Anti-Money Laundering
Commerzbank AG has agreed to pay U.S. authorities $1.45 billion penalty, terminate individual employees who engaged in misconduct, and install an independent monitor for violations in connection with transactions on behalf of Iran, Sudan, and a Japanese corporation that engaged in accounting fraud. From at least 2002 to 2008, Commerzbank used a series of measures – including stripping out information identifying clients subject to U.S. sanctions (“wire-stripping”) – to process 60,000 U.S. dollar clearing transactions valued at over $253 billion on behalf of Iranian and Sudanese entities. Additionally, deficiencies in Commerzbank’s anti-money laundering compliance program resulted in Commerzbank’s facilitation of numerous payments through the bank’s New York branch that furthered accounting fraud by the Olympus Corporation, a Japanese optics and medical device manufacturer.
Read the full New York State Department of Financial Services press release >>

March 12, 2015 – Third-Party Payment Processing Fraud
The United States filed a civil complaint against Plaza Bank for knowingly facilitating consumer fraud by permitting a third-party payment processor to make millions of dollars of unauthorized withdrawals from consumer bank accounts on behalf of fraudulent merchants. To resolve the case, Plaza Bank has agreed to pay $1.225 million and enter into a permanent injunction that reforms the bank’s practices to prevent such fraud in the future. The complaint alleges that from July 2007 to mid-2010, Plaza Bank knowingly permitted fraudulent merchants, acting through third-party payment processors, to illegally withdraw millions of dollars from consumers’ bank accounts. The complaint further alleges that these unauthorized withdrawals resulted in: abnormally high rate of rejected transactions; hundreds of consumer complaints each month in which consumers stated, by sworn affidavit, that withdrawals from their accounts were unauthorized; and inquiries from other banks and law enforcement, both of which expressed their belief that the payment processor’s transactions were fraudulent.
Read the full DOJ press release >>

March 10, 2015 – Bank Secrecy Act Violations and Consumer Fraud
The Justice Department announced that it has agreed to a $4.9 million civil and criminal resolution with CommerceWest Bank arising out of the department’s investigation into consumer fraud schemes facilitated by the bank. The criminal information charges the bank with a felony violation of the Bank Secrecy Act in connection with the bank’s relationship with a third-party payment processor.  The civil complaint alleges that CommerceWest Bank knowingly facilitated consumer fraud by permitting the payment processor to make millions of dollars of unauthorized withdrawals from consumer bank accounts on behalf of fraudulent merchants.  To resolve the department’s criminal and civil allegations, CommerceWest Bank has agreed to a total monetary resolution of more than $4.9 million, a deferred prosecution agreement and a permanent injunction that reforms the bank’s practices to prevent such fraud in the future.
Read the full DOJ press release >>

Grant Thornton Announcements
Key Elements of Effective Model Risk Management in Financial Services
Continuing improvements in quantitative techniques are increasing banks’ use of models in most aspects of their operations. Today, models play an especially important role in supporting key business decisions and estimating capital adequacy. To address the risk of the increasing reliance on financial models within the financial services industry, Grant Thornton recently published an article regarding key elements of effective model risk management. Authored by Ilieva Ageenko (Managing Director), Jose Molina (Principal), and Jack Katz (Partner), the document defines model risk, explores industry guidance related to model risk, and offers helpful strategies to effectively combat model risk with a six-component model risk assessment framework.

Read the full article>>
Thank you again for your continued interest in Grant Thornton’s monthly Regulatory Update. To discuss challenges impacting your business – or industry developments in general – please contact us to schedule a conversation.