On January 9, 2019, a divided three-judge panel of the Ninth Circuit held that the Federal National Mortgage Association, or Fannie Mae, is not a “consumer reporting agency” within the meaning of the Fair Credit Reporting Act (the “FCRA”). The case, Zabriskie v. Federal National Mortgage Association, was brought by prospective borrowers who were unable to refinance their current mortgage loans due to allegedly erroneous information in their credit histories, as reported by Fannie Mae software that is commonly used by mortgage lenders.
The partial federal government shutdown could affect the timing of processing of certain new merger and acquisition applications by the Board of Governors of the Federal Reserve System (the “Board”).
Pursuant to special procedures outlined in a December 2018 notice, the Office of the Federal Register is not publishing documents during the partial government shutdown except where necessary to safeguard human life, protect property, or provide other emergency services consistent with the performance of functions and services exempted under the Antideficiency Act. Exempt functions and services include activities related to the supervision of the stock markets and commodities and futures exchanges, but not other normal and routine activities of the federal banking regulators.
In a joint report (the “Report”) published on 7 January 2019, the EU’s three financial industry watchdogs considered the need for potential strategies to help coordinate and promote innovation in the EU fintech space.
The Report by the European Securities and Markets Authority (“ESMA”), European Banking Agency (“EBA”) and European Insurance and Occupational Pensions Authority (“EIOPA”) (together the European Supervisory Authorities or “ESA”) sets out (i) a comparative analysis of the role of innovation hubs and regulatory sandboxes (together referred to as “Innovation Facilitators”) at national level; and (ii) best practices regarding the establishment and operation of Innovation Facilitators in the furtherance of financial innovation and the interaction between fintech companies and supervisory authorities.
Innovation hubs seek to provide a forum for regulators and fintech companies to raise issues, seek guidance on compliance matters and discuss ideas. The first innovation hubs were established in 2014 with the majority becoming operational in the course of 2016 and 2017. Currently they are relatively widespread, with innovation hubs reported in over twenty-one Member States and three EEA States.
Regulatory sandboxes allow for a controlled environment in which new products and applications can be tested on real customers. Such sandboxes were first launched by the UK’s Financial Conduct Authority in May 2016 and have been attributed as a key factor in helping London become a major hub for financial technology. Other UK regulators, such as the Information Commissioners Office have also sought to use sandboxes to ensure compliance in the design of data-driven products (the subject of another Covington blog post available here). At present, only five Member States have operational sandboxes, with a further four having preparations for establishment under way.
As recognised in the Report, these Innovation Facilitators offer a range of benefits in helping supervisory authorities to keep pace with rapidly developing technologies in the financial sector. This includes offering such authorities the ability to anticipate regulatory and supervisory issues and to respond proactively. Further, it allows fintech companies easy access to regulators, allowing for early clarification on regulatory and supervisory matters and to act as a platform to raise policy matters.
However, the Report also notes that one of the potential impediments to the scaling of financial innovations across the EU is that Innovation Facilitators currently only operate on a national level. This approach can potentially result in different regulatory and supervisory stances being adopted towards the same innovation. Furthermore, risks are identified in terms of ‘forum shopping’ and ‘regulatory arbitrage’ that would compromise the level regulatory environment. In practice this may result in firms who have successfully tested innovations in one Member State having to repeat the processes of concept explanations, risk-mitigation and testing, with the risk of different outcomes.
To try and address the issues outlined above, ESA has proposed two measures at the EU-level:
- The development of ESA guidance on cooperation and coordination between Innovation Facilitators. Such guidance would seek to ensure that where authorities choose to agree on bilateral or multilateral collaboration arrangements, that a common approach is adopted to allow for the exchange of information in the context of information hubs and regulatory sandboxes.
- Network of Innovation Facilitators. Intended as a complementary measure to the ESA guidance, this network would be open to all competent authorities in the EU and provide a platform for practitioners/experts to support said authorities in arriving at common approaches to questions about regulatory and supervisory expectations. In addition, the network would also seek to enhance financial innovation and technical capacity through acting as a forum of authorities to share their knowledge on the operation of innovation facilitators.
At present these measures remain no more than early-stage proposals, but they do indicate that the ESA are actively considering methods to stimulate pan-European fintech innovation. For now, the Report uses its comparative analysis to outline best practices at a national level by way of principles for the establishment and operation of Innovation Facilitators. These principles are intended to promote convergence and ‘protect the level playing field’.
The ESA will continue to monitor developments regarding Innovation Facilitators at the national level within the EU and will take appropriate steps to promote a common approach towards fintech, as well as continuing to exploring strategies for cross-border coordination and cooperation. Further steps are to be outlined in the course of 2019.
The team at Covington will continue to monitor developments and keep you informed.
Representative Maxine Waters (D-CA), the newly appointed Chair of the House Financial Services Committee (the “Committee”), took a first step last week towards one of the major priorities of the Committee under her leadership – the promotion of diversity and inclusion in the financial services sector. The first change under the new Chair’s watch was the creation of a new subcommittee to support this objective. Chair Waters’ other agenda items for the Committee continue to take shape, but she has previously indicated that her focus will be on, among other things, protecting consumers and investors from abusive financial practices, ensuring appropriate safeguards are in place to prevent another financial crisis, expanding affordable housing opportunities and tackling homelessness, and encouraging responsible innovation of financial technology.
On December 21, 2018, the Consumer Financial Protection Bureau (the “Bureau”) announced its issuance of final policy guidance describing its intentions for modification and disclosure to the public of certain loan-level data that financial institutions report under the Home Mortgage Disclosure Act (“HMDA”) and Regulation C. The guidance applies to HMDA data compiled by financial institutions in or after 2018 and made available to the public beginning in 2019. The final policy guidance identifies the HMDA data and text fields the Bureau intends to exclude from public disclosure and the HMDA data fields the Bureau intends to disclose in a modified, less precise manner to protect the privacy of mortgage applicants and borrowers.
The final policy guidance indicates that, in May 2019, the Bureau intends to commence a separate notice-and-comment legislative rulemaking under the Administrative Procedure Act to incorporate the modifications and disclosure of HMDA data into the text of Regulation C.
On December 3, 2018, the Dutch Authority for Consumers & Markets (“ACM”) published a speech from its board member, Cateautje Hijmans van den Bergh, regarding potential competition law concerns in the financial technology (“FinTech”) sector.
In particular, further to the European Parliament’s study on FinTech and competition law (the “Study”) – as discussed in a previous blog post – Hijmans van den Bergh voiced concerns regarding potential FinTech foreclosure, following the adoption of Technical Standards. She also provided some guidance regarding access to essential inputs held by firms in the sector.
PSD2 and access to information
Under the EU Directive on EU-wide payment services (“PSD2”), banks should allow third parties access to payment information, if the customer allows it. As a consequence, FinTech firms can access information held by banks, in order for those firms to offer their services. This access has been considered important to increase competition and innovation in the financial sector. According to the Study, this offers benefits to consumers, such as cost reduction, greater choice, improvements in efficiency, greater transparency and increased financial inclusion.
Hijmans van den Bergh explained that reaching these benefits is also in line with ACM’s mission: creating opportunities and options for businesses and consumers. To achieve its mission, the ACM has several powerful instruments, such as competition law, which they apply in coordination with regulations, e.g. the PSD2.
Technical standards and competition law
In her speech, Hijmans van den Bergh stated that there has been a lot of discussion about the type and design of information access that banks need to provide to FinTech. In this regard, the PSD2 and the Regulatory Technical Standards provide some guidance, and several EU working groups have been working on it.
From a competition law perspective, she explained that competition law is in favour of the creation of technical standards to enable FinTech access to information. The clear limit to standardization is that it cannot lead to market foreclosure. Moreover, all interested parties need to participate in the standard setting process, and no single standard can be imposed.
Hijmans van den Bergh further explained that competition law provides a clear framework regarding access to an essential input that a new competitor might need: access needs to be provided in an open, transparent and non-discriminatory manner.
Guidance to prevent foreclosure
In relation to the implementation of PSD2 and potential foreclosure by banks, Hijmans van den Bergh set out three guiding principles:
- New competitors should be involved in any standard-setting process. To prevent the risk of foreclosure, the key question should be what kind of access new competitors need in order to innovate and compete.
- Banks should be flexible and look beyond the current market situation, as the market is constantly evolving and the type of access might change over time.
- Banks should not be allowed to offer one type of access exclusively to one party, and thereby exclude others. This includes alternative types of access or other arrangements with third parties that are partly or wholly owned by banks, or with new competitors that they consider ‘preferred’ counterparts.
Hijmans van den Bergh explained that standards and competition can go hand-in-hand as long as the criteria regarding access to essential inputs are respected. Therefore, she would assert that new competitors should be included in any discussion or decisions regarding access as an ongoing effort. Moreover, new competitors cannot be refused on the basis they would need another type of access compared to access provided to current competitors.
She emphasized the ACM’s role in helping new competitors and upcoming technologies to make the market work better. She concluded that, in the coming months, the ACM will want to focus on competition and innovation barriers that new competitors and technology might encounter, and that the ACM will be monitoring the possible emergence of dominant players and potential for abuse.
It took some time for banking lawyers and compliance officers to get used to the Consumer Financial Protection Bureau’s (CFPB’s) announcement, under former Acting Director Mick Mulvaney, that it would refer to itself as the Bureau of Consumer Financial Protection (BCFP). This blog — like many others in the industry — made sure to follow the agency’s instructions to the letter.
The moratorium, however, has now been lifted. The Bureau’s new Director, Kathy Kraninger, has announced that her agency may once again be referred to as the CFPB. The Bureau will use the name BCFP in certain formal contexts, such as statutorily required reports and legal filings, but will otherwise call itself by its original name.
Director Kraninger’s announcement should bring holiday cheer to industry and to Congress. One analysis, initially made public by The Hill, suggested that the Bureau’s name change would have cost regulated businesses roughly $300 million — costs they would have incurred in updating internal databases, regulatory filings and disclosure forms. Director Kraninger’s announcement may also please Senator Elizabeth Warren, who, earlier this week, asked the CFPB’s inspector general to investigate the name change. The CFPB, too, will see benefits from the reversal — in particular, according to the same analysis reported by The Hill, an expected $9 million to $19 million in cost savings.
The Board of Directors of the Federal Deposit Insurance Corporation (FDIC) today approved its operating budget for 2019. The budget reflects a decrease in both expenditures (down 2.3%) and headcount (down approximately 3%). The FDIC’s budget memorandum explains that these changes reflect, among other things, consolidation in the industry and a decrease in the frequency of examinations for small banks, which have both contributed to a reduction in the FDIC’s workload.
Against this background, the FDIC’s decision to add staff in specific areas is of particular interest, and helps shed light on the agency’s priorities over the coming year. Among other things, the FDIC is:
- adding 23 IT examiner and specialist positions to augment its IT examination workforce; and
- adding a further 23 positions in its large bank supervision team, responsible for supervising banks with over $10 billion in assets.
The FDIC’s budget memorandum explains that the proposed addition of 23 IT examiners reflects the “growing complexity, interconnectedness, and operational and cybersecurity risk posed to the financial system by technology service providers.” And, in an accompanying statement, FDIC Chair Jelena McWilliams indicated that the additional large bank supervision positions are intended to keep up with the growth in the number of large banks supervised by the FDIC.
In addition to focusing resources on examining the IT infrastructure of supervised banks, the FDIC also intends to invest in a number of internal initiatives to improve its own IT capabilities and invest in cybersecurity.
On December 6, 2018, the Federal Deposit Insurance Corporation (“FDIC”) released a series of documents relating to the process for chartering a de novo FDIC-insured depository institution.
- A request for information (“RFI”) on all aspects of the FDIC’s deposit insurance application process. The RFI seeks comments on the transparency and efficiency of the application process, and any unnecessary burdens that have become a part of the process. The RFI extends to: (i) guidance and other issuances; (ii) the steps in the application and process; and (iii) communications with applicants, other interested parties and the general public. The RFI sets out thirteen specific questions, including “specific aspects or components of the application process that particularly discourage potential applicants from initiating or completing the application process” and “ways in which the FDIC could or should support the continuing evolution of emerging technology and fintech companies as part of its application review process, and whether there are particular risks associated with any such proposals.” Comments are due February 11, 2019.
- A review process for draft deposit insurance proposals. The process enables prospective organizers to request FDIC review of a draft deposit insurance proposal. The process is designed to provide the FDIC and an organizing group the opportunity to better understand and work through possible challenges with a proposal before the group commits to filing a formal application. The FDIC staff is available to discuss proposals, even at early stages of development, and answer any questions regarding regulatory requirements or the application process. The FDIC staff will attempt to provide interim feedback on a draft proposal within 30 days and final feedback within 60 days.
- An updated handbook on deposit insurance for de novo organizers and a final procedures manual for deposit insurance applications that provide detailed information regarding the de novo application process. The procedures manual was released for public comment in July 2017.
- An updated version of the FDIC’s timeframes for processing regulatory applications. The timeframes set forth guidelines for processing most types of regulatory applications. The timeframes do not purport to cover protested applications or filings that raise legal or policy issues.
The FDIC also established a centralized email address to receive questions about the de novo process or individual applications (ApplicationsMailbox@fdic.gov).
In an Op-Ed published in the American Banker on the same day that the documents were released, FDIC Chairman McWilliams announced that the FDIC is launching a nationwide outreach initiative on the de novo process, including a roundtable discussion in Washington in December, followed by discussions in each of the FDIC’s six regional offices in the coming months. Citing the dramatic decline in de novo activities since the financial crisis, Chairman McWilliams stated that encouraging new bank formation is one of her key priorities—“[d]e novo activity is not where it should be.” According to Chairman McWilliams, most de novo banks are “traditional banks that offer services and products to underserved communities and fill gaps in overlooked markets” and “a key source of new capital, talent, ideas, and ways to serve customers.”
On December 3, 2018, the Board of Governors of the Federal Reserve System (“Federal Reserve), the Federal Deposit Insurance Corporation (“FDIC”), the Financial Crimes Enforcement Network (“FinCEN”), the National Credit Union Administration (“NCUA”), and the Office of the Comptroller of the Currency (“OCC”) (collectively, “agencies”) released a joint statement on innovative efforts to combat money laundering and terrorist financing.
In the joint statement, the agencies encouraged banks to consider and, if appropriate, responsibly implement innovative approaches with respect to their anti-money laundering (“AML”) and Bank Secrecy Act (“BSA”) compliance obligations. In particular, the agencies discussed innovative internal financial intelligence units that may be tasked with “identifying complex and strategic illicit finance vulnerability and threats.” The agencies also discussed artificial intelligence and digital identity technologies and recognized the value of these innovative approaches in strengthening banks’ BSA/AML compliance programs, as well as potentially reducing compliance costs.