Insight. Oversight. Foresight. ®Florida Michigan North Carolina Texas
Regulatory Compliance Strategy for 2019
John ZasadaCompliance Consulting Director
Somewhere in the Middle
•1, 2, 3 Directors•Pro consumer, then pro FI•Now what?•Implications for CUs•Know where to focus
2
3
Bio
• 25 years of financial institution compliance experience• Created first nationwide credit union compliance
consulting practice• Assisted hundreds of financial institutions improve their
regulatory compliance performance• Trained NCUA and State examiners on consumer
compliance • Helps lead DoerenMayhew’s national compliance practice• Performs ongoing compliance reviews of financial
institution websites, social media and advertising
John Zasada, Director of Compliance ServicesJD, CAMS
Agenda
4
• What’s new with the CFPB
• Penalties• Exams• BSA • OFAC• Elder financial abuse• Hemp and marijuana• Complaint management
• Fair lending• Reporting to the BOD• UDAAP
CFPB Directors
Mixed Signals
• MLA• Pro consumer
• Payday Lending• Pro industry
CFPB Still Enforcing
• USAA Federal Savings Bank• Regulation E violations
• Not stopping preauthorized transfers
• Inadequate EFT investigations
Political Changes
• Democrat heads HFSC• No new laws but can slow down
deregulation
Reversing Decisions by Former Director?
• HR 1500• Reverse several Mulvaney
decisions• Dead in the water
Rolling Back the Regulations
• Did this ever really happen?• If so, to what extent?• 2018 federal register decline• Private sector not inclined
Upcoming Regulatory Changes
• FinCEN• Nothing major, but…
• CFPB• HMDA proposal• Regulation CC final rule• Payday lending• Debt Collection Practices rule proposal
Debt Collection Proposal
• Issued in May• Does not govern first-party collectors,
but…• You may use 3rd parties• UDAAP
• Controversial• Allows up to 7 calls per week• Both sides not loving it
NCUA Supervisory Priorities
• Compliance 2 of the top 3• BSA
• CDD and beneficial owners• Regulatory Compliance
• MLA• Regulation B adverse action notices• HMDA
• Monitor/Test in 2019• Find the issues first
Agency Guidance
• More and more being issued• Helps plug holes in your compliance
program but…• Something else to follow• Can appear to require more than the
regulation itself• Provides examples of safe and sound
conduct• Current and fresh
And not just Guidance
• FAQs• Outlook articles
BSA
• Programs still deficient• Not just mega banks being
held accountable for BSA violations
BSA Compliance Innovation
• FinCEN encouragement• Innovation Hours Program
• Present to FinCEN your BSA products and services
• FinCEN will not bless them• Be wary if someone claims that is
the case
AML Model Validation
• Appropriate filtering criteria and thresholds
• System capturing necessary information
• How often?
SARs in the News
• Treasury official shared SARs with a journalist
• SARs involved Russian spy, Rick Gates and Paul Manafort
Elder Financial Abuse
• Hot button issue• Small % reported• Train staff on it• File SARs
• EFE SAR filings quadrupled from 2013 to 2017
• CFPB webinar• New joint law enforcement effort
Elder Abuse Updated Advisory
• CFPB updated 2016 Advisory• 6 best practices• Report to authorities• File SARs• Pay attention to Reg E exceptions
Elder Abuse and Privacy
• Privacy concerns are overblown• You can report it without violating
privacy laws as long as you provide training
• Safe harbor provided in the 2018 Economic Growth Act
Opioids and BSA
• FinCEN advisory• Be aware of the illicit schemes• Monitor for the red flags• Pay attention to FinCEN
advisories
Phishing Attacks
• BSA officers received e-mail seemingly related to ongoing suspicious activity investigation
• Phishing attempt• What if someone else received it?• Route everything through BSA
Officer
OFAC Violations
• Chase Bank paid $5.2 million settlement
• Voluntarily disclosed violations but still had to settle
• New screening software and more training
OFAC Commitments
• Management commitment• Risk assessment• Policies and procedures• Audit• Train
OFAC and 3rd Parties
• OFAC applies to your vendors• FFIEC issued a statement on
OFAC’s cyber related sanctions program
• Run checks on third party vendors
Hemp
• Cultivation of hemp legal but still need regulations
• Regulations expected before 2020 growing season
• NCUA risk alert approves services to hemp businesses
• SARs not required
Marijuana
• SAFE Banking Act• House hearing
• First step?• Using personal accounts instead
of business account
What is a Marijuana-Related Business?
• How far do you go in making the determination?
• Tiers?
Serving Cannabis-Related Businesses
• Start with the risk assessment• Present it to the BOD• Look at federal/state law, insurance,
financial audit, vendors• Lending issues
More Cannabis Concerns
• Cash• Back-office operations• Due diligence• Multiple accounts
Final Cannabis Steps
• Regulator• NCUA not penalizing CUs
• 3-6 months• Marketing • Exit strategy
Complaint Snapshot
• CFPB released it for 2015 - 2018• Top complaints:
• Debt collection• Credit reporting• Mortgages• Credit cards
Complaint Management
• More than keeping a list• Root cause analysis• Identify compliance risk• Report to the BOD and business
lines• Part of your CMS
Diagnosing Compliance Complaints
• Someone manually decides what is a complaint and whether it has UDAAP implications
• Have you tested that function?• Are these being filtered correctly?
Non Complaints Important
• Do not ignore it simply because it does not meet complaint definition
• Internal reporting of issues• Look for early indications and
trends
Banks, CUs and Complaints
• CUs score higher than banks on consumer satisfaction
• One recent study banks score higher than credit unions at solving customer complaints and problems
• Lower expectations for banks?
Fair Lending Enforcement Actions
Reporting year Total enforcement matters
2012 1
2013 26
2014 2
2015 5
2016 3
2017 1
2018 0
Fair Lending Referrals to DOJ
Year Number of referrals2012 122013 242014 182015 162016 202017 112018 1
Below is a year-to-year overview of ECOA referrals to DOJ:
Lending Fairly to Millennials
• Rent padding• Some credit unions made it
policy• Fair lending implications• Case by case basis better
Compliance Reporting to the BOD
• Regulatory changes• Enforcement actions and lawsuits• Compliance hot topics• New or changed compliance policies• Compliance testing/monitoring• New products and services• Complaints• Training• Risk assessment• BSA
UDAAP
• CFPB approach changed• Broader sense of harm• Soft skills necessary in addition
to technical expertise
Where to Look for UDAAP Issues
• Product development• Marketing• Sales• Complaints• Servicing• Collections• Third parties
UDAAP Issues
• Late fees• Collections• Language• Member feedback
MLA and SCRA
• There is confusion as to how they are different• MLA while in active duty• SCRA before active duty• MLA caps rate at 36% MAPR• SCRA caps rate at 6%
SCRA CU Example
• 2018 credit union settled with DOJ in relation to vehicle repossessions
• SCRA limits CUs actions against active duty service members
• Members can request an interest rate reduction• High reputation risk
Nissan Motors Settlement
• 10th SCRA DOJ Settlement with auto finance company
• Repossessions• Look to settlements for best practices
• Defense Manpower Data Center database
SCRA Foreclosure Example
• PHH foreclosed on 6 servicemembers homes without the required court orders
• SCRA does not generally permit foreclosure against servicemembers without a court order
• Lessons from settlements
Most Common SCRA Violations
• 6% interest rate cap• Repossessions• Foreclosures
HMDA in the News
• A few bad actors cause additional HMDA scrutiny by regulators
• Large mortgage company caught falsifying HMDA information
• Selected “non-Hispanic white” when not provided information
• $1.75m fine
HMDA Data Readily Available
• Old rules – 3rd parties had to make a request to see your modified LAR
• New rules – Standard format available online with no request necessary
• Know your data
Online Marketing
• Digital redlining• Over target• Interest rate on Linkedin?
ESIGN
• ESIGN requires demonstrable consent
• Do in-branch tablets demonstrate consent?
• Probably not
Focus
• CFPB is politically dividing• Warren on the offensive• Control what you can• Continue to watch for signs• BSA, elder abuse, OFAC, hemp/cannabis,
debt collection, complaints, fair lending
Insight. Oversight. Foresight. ®Florida Michigan North Carolina Texas
Thank You!
Presenter NameTitle, Group Name (if desired)Phone: [email protected]))
56