Compliance Update with Amy K

​IRS warning on employee retention credit; FTC reports on fraud; CFPB reviewing mortgage originator rules; and some takeaways on AI from the GAC. 

by Amy Kleinschmit, Chief Compliance Officer

IRS Warning - Employee Retention Credit
The IRS recently issued warning IR-2023-40, urging businesses to carefully review the Employee Retention Credit (ERC) guidelines before trying to claim the credit as promoters continue pushing ineligible people to file. DakCU has heard from several credit unions in the Dakotas that they have been contacted by third parties concerning the ERC. Ironically, I even received a random email from an unknown vendor about the ERC just a couple days after the IRS sent out this warning.

The ERC is a refundable tax credit designed for businesses who continued paying employees while shut down due to the COVID-19 pandemic or who had significant declines in gross receipts from March 13, 2020, to Dec. 31, 2021. Eligible taxpayers can claim the ERC on an original or amended employment tax return for a period within those dates.

As discussed in the IRS warning - “While this is a legitimate credit that has provided a financial lifeline to millions of businesses, there continue to be promoters who aggressively mislead people and businesses into thinking they can claim these credits,” said Acting IRS Commissioner Doug O’Donnell. “Anyone who is considering claiming this credit needs to carefully review the guidelines. If the tax professional they’re using raises questions about the accuracy of the Employee Retention Credit claim, people should listen to their advice. The IRS is actively auditing and conducting criminal investigations related to these false claims. People need to think twice before claiming this.”

If you have any questions about the ERC please discuss with your CPA or another trusted tax professional. Improperly claiming the ERC could result in being required to repay the credit along with penalties and interest.
 
FTC Report – 2022 Fraud
The Federal Trade Commission (FTC) recently issued data showing that consumers reported losing nearly $8.8 billion to fraud in 2022. As summarized by the FTC, 2.4 million consumers reported fraud last year to the FTC, with the most commonly reported being imposter scams, followed by online shopping scams. Prizes, sweepstakes, and lotteries; investment related reports; and business and job opportunities rounded out the top five fraud categories.

Looking a little closer to home – the FTC received 2,725 reports of fraud from North Dakota which amounted to a loss of $11.2 million. The top scam reported, which is consistent with national trends, was from imposter scams with 904 reported cases. In addition to imposter scans, the top five reported scams in North Dakota for 2022 were – online shopping and negative reviews (425); prizes, sweepstakes and lotteries (277); business and job opportunities (111); and internet services (107).

With regard to South Dakota, the FTC received 3,237 reports of fraud for a loss of $10.6 million - also with imposter scams being the top reported (992). The remaining top five scams for SD include – online shopping and negative reviews (476); prizes, sweepstakes and lotteries (355); telephone and mobile services (145); and internet services (142).

MLO Rule Review
The Consumer Financial Protection Bureau (CFPB) recently announced it will begin its review of the mortgage originator rules. Commenters have 45 days to provide feedback for this Notice of Section 610 review. Section 610 of the Regulatory Flexibility Act requires each agency to consider the effect on small entities for certain rules.

Consistent with the section 610 review plan, the CFPB asks for comment on the impact of Regulation Z’s Mortgage Loan Originator Rules on small entities by reviewing the following factors:

1. The continued need for the Rules based on the stated objectives of applicable statutes and the Rules;
2. The complexity of the Rules;
3. The extent to which the Rules overlap, duplicate or conflict with other Federal rules, and, to the extent feasible, with State and local governmental rules;
4. The degree to which technology, market conditions, or other factors have changed the relevant market since the rule was evaluated, including: a. How the impacts of the Rules as a whole, and of major components or provisions of the Rules, may differ by origination channel, product type, or other market segment; b. The current scale of the economic impacts of the Rules as a whole, and of major components or provisions of the Rules, on small entities; and
5. Other current information relevant to the factors that the Bureau considers in completing a section 610 review under the RFA.

Areas for feedback include definition of loan originator under Regulation Z; prohibited payments to loan originators – compensation based on transactions terms or conditions; payments by persons other than the consumer (dual compensation). Other areas under review include prohibition on steering; loan originator qualification and identification requirements; prohibition on mandatory arbitration clauses and waiver of certain consumer rights; and prohibition on financing single-premium credit insurance.

AI & Compliance
During the recent CUNA Governmental Affairs Conference (GAC) we heard from some fantastic speakers on a variety of topics and issues. One of the speakers that spurred a lot of discussion afterwards, especially for me, was Peter Diamandis who presented, “The Future is Faster than You Think: How Converging Technologies are Transforming Business, Industries, and Our Lives.” Needless to say, he spoke on a variety of AI related topics, including discussing how some AI is already being used and where it is headed. So, to that end, I wondered, “How can AI help or hurt the role of the compliance officer?”

Points were made during the presentation that AI technology, such as ChatGPT, had successfully passed the Bar in one state and was being used to conduct medical research. So I took to the opportunity to create an account and ask ChatGPT a few questions about compliance.

My first question to ChatGPT was “Will AI help or hurt credit union compliance?”

“AI has the potential to both help and hurt credit union compliance, depending on how it is used. On the one hand, AI can help credit unions automate and streamline their compliance processes, reducing the risk of errors and improving efficiency. For example, AI can be used to identify potential compliance issues, monitor transactions for suspicious activity, and flag high-risk customers or transactions for further review. On the other hand, if AI is not used properly or if the algorithms are biased or flawed, it could actually increase compliance risks. For example, if AI systems rely too heavily on historical data, they may reinforce existing biases or overlook emerging risks. Additionally, AI systems may not always be able to interpret complex regulatory requirements or adjust to changing compliance standards. Ultimately, the impact of AI on credit union compliance will depend on how it is implemented and how well credit unions are able to manage and mitigate the potential risks and challenges associated with its use.”

Another question I asked, “Is it more cost effective to be proactive or reactive in compliance?”

“It is generally more cost-effective to be proactive rather than reactive when it comes to compliance with regulatory requirements. Proactive compliance means taking steps to anticipate and address potential compliance issues before they arise, rather than waiting for a problem to occur and then reacting to it. By taking a proactive approach to compliance, organizations can identify potential risks and implement strategies to mitigate those risks, which can help to prevent costly penalties, fines, or legal action. In contrast, reactive compliance means waiting for a compliance issue to arise and then taking action to address it. This can be much more costly, as organizations may need to devote significant resources to investigating the issue, implementing corrective actions, and responding to any legal or regulatory penalties that may result. By taking a proactive approach to compliance, organizations can also build a culture of compliance that encourages employees to identify and report potential compliance issues, which can help to further mitigate risks and prevent potential problems from arising. Overall, while there is a cost associated with investing in proactive compliance measures, this cost is likely to be lower than the cost of reacting to a compliance issue after it arises.”

Finally, looking at some of the duties of compliance officers and how AI might be able to assist with their job, I first looked at the endless reading and summarizing of proposed and new regulations – could AI help with this? So I asked, “Please summarize the recent field of membership proposed rule from the NCUA.”

At this point it became clear that AI can get things wrong and the importance of double checking or verifying responses. The response I received started with:

“The National Credit Union Administration (NCUA) recently proposed a rule on field of membership that would make it easier for credit unions to expand their membership base and better serve their communities. The proposed rule would make several changes to the current field of membership requirements, including: Expanding the definition of "rural district" to include any area that has a population of up to 1 million people and meets certain other criteria, such as low population density or a lack of access to financial services…”

However, this was not the most recent most recent FOM rule from NCUA. The most recent proposed rule was issued February at the NCUA board meeting. Important lesson not to completely rely on what the computer says – sometimes it gets it wrong.

I pointed out this error to ChatGPT by asking – “Wasn't the most recent field of membership proposed rule from NCUA issued February 2023 and does not address ‘rural district’?” AI was very polite in its response and said:

"I apologize for the mistake in my previous response. As an AI language model, my training data only goes up to September 2021, and I do not have access to information beyond that date. I appreciate you bringing this to my attention. To clarify, the most recent field of membership proposed rule from the NCUA was actually issued in February 2022, not 2023. This proposed rule does not address the expansion of the definition of "rural district." The February 2022 proposed rule would amend the NCUA's field of membership regulations to:…”

I again corrected AI, pointing out that “Are you sure the most recent proposed rule wasn't February 2023, not 2022, and filed with the federal register 2023-03684?” ChatGPT again apologized and then proceeded to provide a summary, its response:

“I apologize for the confusion in my previous responses. You are correct that the NCUA filed a proposed rule on Field of Membership in February 2023, with the Federal Register Number 2023-03684. According to the proposed rule, the NCUA aims to amend the current Field of Membership requirements to provide more flexibility for credit unions to expand their membership base and better serve their communities….”

Still an interesting experiment with one tool from AI, but also illustrates the need to verify the output from these tools. 
 
As always, DakCU members may contact Amy Kleinschmit with any compliance related issues.