CFPB Issues 18th Edition of Supervisory Highlights

On March 12, 2019, the CFPB released the 18th edition of its Supervisory Highlights report. The report covers supervision activities completed between June 2018 and November 2018 and discusses supervisory observations related to automobile loan servicing, mortgage servicing, remittances, and deposits. The report also summarizes the CFPB’s previously announced public enforcement actions and guidance during the covered period.

The 18th edition of Supervisory Highlights is the first report issued under Director Kathy Kraninger’s leadership and the second report to cover supervision activities completed under the direction of former Acting Director Mick Mulvaney. Like the prior Supervisory Highlights report issued under former Acting Director Mick Mulvaney, the report includes introductory language that “institutions are subject only to the requirements of relevant laws and regulations” and “[a] conclusion that a legal violation exists on the facts and circumstances described here may not lead to such a finding under different circumstances.” Also like the prior report, it does not specify the dollar amounts of civil money penalties and consumer remediation obtained during the covered period.

The Bureau’s supervisory observations related to automobile loan servicing, mortgage servicing, remittances, and deposits—all frequent areas of focus in Supervisory Highlights reports—are discussed below.

Continue Reading

Federal Reserve Eliminates CCAR’s Qualitative Objection for Most Firms

On March 6, 2019, the Federal Reserve issued a final rule to exempt from the qualitative component of the Comprehensive Capital Analysis and Review (“CCAR”) exercise large firms that have participated in CCAR for four consecutive years and have passed the final year’s qualitative component without objection.  The final rule serves to provide an immediate exemption for all domestic bank holding companies currently subject to CCAR, and to phase out the qualitative objection for U.S. intermediate holding companies of foreign banks (“IHCs”).

Continue Reading

FTC Proposes to Add Detailed Cybersecurity Requirements to the GLBA Safeguards Rule

On March 5, 2019 the Federal Trade Commission (“FTC”) published requests for comment on proposed amendments to two key rules under the Gramm-Leach-Bliley Act (“GLBA”).  Most significantly, the FTC is proposing to add more detailed requirements to the Safeguards Rule, which governs the information security programs financial institutions must implement to protect customer data.

In addition, the FTC is proposing to expand the definition of “financial institution” under the Safeguards Rule and the Privacy Rule to include “finders.”  Finally, the FTC is proposing to amend the Privacy Rule to make technical and conforming changes resulting from legislative amendments to GLBA in the Dodd-Frank Act and FAST Act of 2015.

Proposed Revisions to the Safeguards Rule’s Information Security Program Requirements

The Safeguards Rule establishes requirements for the information security programs of all financial institutions subject to FTC jurisdiction.  The Rule, which first went into effect in 2003, requires financial institutions to develop, implement, and maintain a comprehensive information security program.  As currently drafted, the Safeguards Rule has few prescriptive requirements, but instead generally directs financial institutions to take reasonable steps to protect customer information.

The FTC’s proposed revisions would add substantially more detail to these requirements.  Andrew Smith, Director of the FTC’s Bureau of Consumer Protection, explained that the purpose of the proposed changes is “to better protect consumers and provide more certainty for business.”  The new requirements are primarily based on the cybersecurity regulations issued by New York Department of Financial Services (“NYSDFS”), and the insurance data security model law issued by the National Association of Insurance Commissioners.

Some of the specific proposed changes include:

Continue Reading

CFPB Releases Report on Elder Financial Abuse

On February 27, 2019, the CFPB announced the release of a report identifying key facts, trends, and patterns in elder financial exploitation and abuse.  The Bureau’s report is based on an analysis of 180,000 Suspicious Activity Reports (“SARs”) filed with the Financial Crimes Enforcement Network (“FinCEN”) by banks, credit unions, and other financial services providers between 2013 and 2017 relating to elder financial exploitation.  The Bureau estimated that the SARs documented a tiny fraction – less than two percent – of actual elder financial exploitation cases in 2017.  The report constitutes the first public analysis of SARs reporting elder financial exploitation since 2013, when FinCEN introduced electronic SAR filing with a category for elder financial exploitation.

Some of the key findings set forth in the report include:

  • SAR filings on elder financial exploitation quadrupled from 2013 to 2017;
  • Money services businesses (“MSBs”) have filed an increasing share of elder financial exploitation SARs (58 percent in 2017), and MSB-filed SARs tend to involve scams perpetrated by strangers, rather than depository institution-filed SARs that mostly involve persons known to the older adult;
  • Financial institutions reported a total of $1.7 billion in suspicious activities in 2017, including actual losses and attempts to steal older adults’ funds;
  • Nearly 80 percent of elder financial exploitation SARs involved a monetary loss to older adults and/or the financial institutions filing the SARs;
  • The average loss to an older adult reported in elder financial exploitation SARs was $34,200; in seven percent of these cases, the loss exceeded $100,000;
  • One-third of the individuals who suffered a loss were ages 80 and older;
  • Adults ages 70 to 79 had the highest average monetary loss ($45,300), and losses were greater when the older adult knew the suspect;
  • More than half of elder financial exploitation SARs involved a money transfer;
  • On average, the suspicious activity reported in the elder financial exploitation SARs took place over a period of four months; and
  • Fewer than one-third of financial institutions filing elder financial exploitation SARs indicated that they had also reported the activity to adult protective services, law enforcement, or other authorities.

The Bureau’s report identifies implications for key stakeholders.  First, the Bureau found that elder financial exploitation is “widespread and damaging” and that the report’s findings underscore “the need for strong and diverse interventions by financial institutions, law enforcement, and social services, as well as the involvement of policymakers.”  Second, the Bureau characterized the lack of reporting by SAR filers to adult protective services or law enforcement as “a missed opportunity.”  Third, the Bureau found that different patterns of SAR filings by MSBs and depository institutions could inform tailored prevention and intervention strategies.  Fourth, the Bureau concluded that elder financial exploitation SARs were a “useful and untapped resource” for studying this problem and for law enforcement use in investigating and prosecuting cases.

AI Update: U.S. House Resolution on AI Ethical Development Introduced

On February 27th, Reps. Brenda Lawrence (D-Mich.) and Ro Khanna (D-Calif.) introduced a resolution emphasizing the need to ethically develop artificial intelligence (“AI”). H. RES. 153, titled “Supporting the development of guidelines for ethical development of artificial intelligence,” calls on the government to work with stakeholders to ensure that AI is developed in a “safe, responsible, and democratic” fashion. The resolution has nine Democratic sponsors and was referred to the House Committee on Science, Space, and Technology.

Encouraging Ethical AI

Congress has taken an interest in the ethical challenges posed by AI in recent years. It has hosted discussions on issues pertaining to AI bias, fairness, safety, transparency, and accountability, and members of the Senate have introduced legislation that would empower committees to study ethical dilemmas.

Although H. RES. 153 does not have the force of law, the resolution marks the most concrete effort of either Chamber to describe the characteristics of ethical AI to date. The resolution “supports the development of guidelines” that are consistent with the following aims:

  1. Engagement among industry, government, academia, and civil society.
  2. Transparency and explainability of AI systems, processes, and implications.
  3. Helping to empower women and underrepresented or marginalized populations.
  4. Information privacy and the protection of one’s personal data.
  5. Career opportunity to find meaningful work and maintain a livelihood.
  6. Accountability and oversight for all automated decisionmaking.
  7. Lifelong learning in STEM, social sciences, and humanities.
  8. Access and fairness regarding technological services and benefits.
  9. Interdisciplinary research about AI that is safe and beneficial.
  10. Safety, security, and control of AI systems now and in the future.

The resolution also requires the government to develop ethical guidelines “in consultation with diverse stakeholders” such as businesses, universities, and nongovernmental organizations.

Increased Governmental Focus on AI

This resolution is another indicia of increasing government interest and involvement in AI development. The resolution specifically positions itself as a means of supporting the 2017 Charlevoix Common Vision for the Future of Artificial Intelligence—a commitment from G7 countries to encourage human-centric “AI that fosters economic growth, societal trust, gender equality and inclusion.”

It also coincides with other recent announcements signaling the U.S. government’s growing focus on AI. Earlier this month, for instance, President Trump signed an Executive Order launching a coordinated federal government AI strategy, and the Department of Defense published a strategy for accelerating the adoption of AI-enabled capabilities.

Consumer Groups and Some States Oppose CFPB Policies Aimed at Promoting Fintech Innovation

The Bureau of Consumer Financial Protection (the “CFPB” or “Bureau”) announced a trio of policies in September and December of 2018 intended to provide regulatory relief to banks and fintech companies developing new financial products and innovative disclosure methods, as part of its ongoing effort to promote innovation in financial technology. In public comments on the Bureau’s policy initiatives, consumer groups and some state attorneys general voiced concerns that the policies may harm consumers, while industry groups generally supported the initiatives.

Continue Reading

U.S. Treasury Department States It “Does Not Expect” U.S. Financial Institutions to Follow E.U.’s High-Risk Jurisdiction List

On February 13, the European Commission published a list of 23 jurisdictions that it views as posing “significant threats to the financial system of the [European] Union” in the area of anti-money laundering and counter-terrorist financing (“AML/CFT”).  On the same day, the U.S. Treasury Department issued a press statement in which it advised that it “does not expect U.S. financial institutions to take the European Commission’s list into account in their AML/CFT policies and procedures.”

The press statement specifically criticized the Commission for going beyond the jurisdictions that the Financial Action Task Force has designated as “high-risk” or “monitored” jurisdictions, and identifying an additional 11 jurisdictions as “high risk.”  These additional jurisdictions include Saudi Arabia — a country that generates significant international payments activity — as well as Panama and four U.S. territories (American Samoa, Guam, Puerto Rico, and the U.S. Virgin Islands).  These jurisdictions were selected based on what the Commission described as “strategic deficiencies” in their AML/CFT infrastructure, including, for example, perceived inadequacies in the enforcement of AML/CFT laws and in practices related to customer due diligence and the identification of ultimate beneficial owners.

The Treasury Department’s criticism of the Commission’s list is significant in part because the U.S. Financial Crimes Enforcement Network (“FinCEN”), which exercises regulatory and enforcement authority over AML issues, is a bureau of the Treasury Department.  At the same time, the Treasury Department’s statement was published as a press statement, not as regulatory guidance, and both FinCEN and other relevant Treasury Department components (including the Office of the Comptroller of the Currency) have strong traditions of independence from the Treasury Department itself.  Moreover, it is not clear whether other relevant agencies outside the Treasury Department — such as the Federal Reserve and state regulators — share the Treasury Department’s view.

The influence of the Commission’s list outside the E.U. will depend not only on the reaction of these various U.S. regulators, but also on the reception the list receives in other major financial centers around the world.

CFTC Announces 2019 Examination Priorities for the First Time

On February 12, 2019, for the first time in its history, the Commodity Futures Trading Commission (“CFTC”) announced the release of 2019 examination priorities for each of its regulatory Divisions.  CFTC Chairman J. Christopher Giancarlo stated that “[t]his first-ever publication of division examination priorities is in line with Project KISS and other agency initiatives to improve the relationship between the agency and the entities it regulates, while promoting a culture of compliance at our registrants.”  Other regulatory agencies, such as the U.S. Securities and Exchange Commission (“SEC”) and the Financial Industry Regulatory Authority (“FINRA”), traditionally publish annual examination priorities.  The CFTC 2019 examination priorities focus on ensuring that CFTC registrants have sufficient compliance mechanisms in place to effectively self-regulate in accordance with the CFTC’s regulatory priorities.  Registrants should consider this announcement as signaling an increase in the CFTC’s attention to its supervisory efforts and as a potential precursor to increased enforcement activity.

Continue Reading

President Trump Signs Executive Order on Artificial Intelligence

On February 11, 2019, President Trump signed an Executive Order (“EO”), “Maintaining American Leadership in Artificial Intelligence,” that launches a coordinated federal government strategy for Artificial Intelligence (the “AI Initiative”).  Among other things, the AI Initiative aims to solidify American leadership in AI by empowering federal agencies to drive breakthroughs in AI research and development (“R&D”) (including by making data computing resources available to the AI research community), to establish technological standards to support reliable and trustworthy systems that use AI, to provide guidance with respect to regulatory approaches, and to address issues related to the AI workforce.  The Administration’s EO is the latest of at least 18 other countries’ national AI strategies, and signals that investment in artificial intelligence will continue to escalate in the near future—as will deliberations with respect to how AI-based technologies should be governed.

Continue Reading

CFPB Releases Proposed Revisions to Payday Lending Rule

On February 6, 2019, the Consumer Financial Protection Bureau (“CFPB” or “Bureau”) released its much-anticipated proposed amendments to the payday lending rule. The proposed revision is Kathy Kraninger’s first major regulatory initiative since becoming the director of the CFPB.

The Bureau issued two notices of proposed rulemaking that would (i) repeal the mandatory underwriting provisions in the payday lending rule and (ii) delay the compliance date for these provisions until November 19, 2020, which would allow the Bureau to consider comments and issue a final rule before the underwriting provisions take effect. The Bureau’s proposed revisions would not amend or delay the effective date of the payment provisions of the payday lending rule, although the preamble to one of the proposed rules makes clear that the Bureau may separately consider whether any revisions to the payment requirements are appropriate.

Continue Reading