by Amy Kleinschmit, Chief Compliance Officer
Compliance Outlook – 2023 Second/Third Issue The Federal Reserve System recently posted their Second/Third Issue of the Consumer Compliance Issue for 2023, which can be found here. While written and issued by the Federal Reserve, it provides a lot of good information and insights that may be helpful for credit unions to at least keep on their radar. The first article in the recent issue discusses the top compliance violations in 2022 and HMDA tops the list. As discussed in the article, a majority of 2022 violations involve failure to properly collect and report the HMDA data fields for “covered loans” as defined by §1003.4(a). Examiners cited institutions for selecting the wrong “loan purpose” field when the purpose was a refinancing or a cash-out refinancing. Another area of focus for Federal Reserve examiners - reporting the gross income the borrower provided rather than the income the institution relied upon in the credit decision. The articles goes on to note that examiners observed lenders reporting the scoring model by the name of the credit reporting agency, such as TransUnion, when the regulation requires the institution to specifically identify the name and version of the scoring model used to generate each credit score. Another area of concern for Federal Reserve examiners were business or commercial purpose loans. To clarify the meaning, Comment 3(c)(10)-3 provides examples of loans that are not excluded from reporting under §1003.3(c)(10) because, although they primarily are for a business or commercial purpose, they also meet the definition of a home improvement loan under §1003.2(i), a home purchase loan under §1003.2(j), or a refinancing under §1003.2(p). The article goes on to provide ways to mitigate HMDA risks, including a Table – “Sound HMDA Practices – Ways to Strengthen the HMDA Process.” In addition to in depth discussion on the top consumer violation – HMDA, the Consumer Outlook issue also includes another Table that list 8 other top violations (why it only listed the top 9 violations instead of top 10 is not explained, but is slightly annoying to my OCD brain). Anyway, aside from the CRA violations which aren’t applicable to credit unions, the other violations are on regulations that credit unions also have to comply with. Great opportunity to do a self-check and make sure the credit union isn’t having similar issues. Another article that may be of interest – if you really want to geek out on compliance is – Compliance Risk Assessments. But in all seriousness, risk assessments are a key piece of the puzzle in mitigating the risk of violating consumer protection laws and regulations. The article discusses developing a risk assessment and provides some helpful points. FinCEN Alert A joint alert was recently issued by FinCEN and the US Department of Commerce’s Bureau of Industry and Security. This Alert discusses a new SAR key term to support financial institutions in reporting potential efforts to evade U.S. export controls beyond the Russia-related circumstances that were the focus of prior alerts. As explained in the Alert - This Notice, which applies to export control evasion occurring in support of other nation-state adversaries and illicit actors globally, provides U.S. financial institutions with red flags to assist them in identifying transactions potentially tied to the illicit acquisition of items subject to the Export Administration Regulations (EAR), including, for example, advanced technologies that can be used in new or novel ways to enhance adversaries’ military capabilities or support mass surveillance programs that enable human rights abuses. The Alert includes red flag indicators of export control evasion, including:
FinCEN requests that financial institutions reference this alert by including the key term “FIN2023-GLOBALEXPORT” in SAR field 2 (Filing Institution Note to FinCEN) and the narrative to indicate a connection between the suspicious activity being reported and the activities highlighted in this alert. FinCEN Final Rule FinCEN recently issued another final rule relating to Beneficial Ownership Information reporting, which can be found here. Briefly, this final rule discusses when and how entities required to report beneficial ownership information to FinCEN may use a FinCEN identifier to report the beneficial ownership information of certain related entities. It is effective January 1, 2024. Additional information to provide to your business/legal entity members about their upcoming requirements to report beneficial ownership information to FinCEN can be found here. FRAUD ALERT – protect your business members. FinCEN has been notified of recent fraudulent attempts to solicit information from individuals and entities who may be subject to reporting requirements under the Corporate Transparency Act. The fraudulent correspondence may be titled "Important Compliance Notice" and asks the recipient to click on a URL or to scan a QR code. Those e-mails or letters are fraudulent. FinCEN does not send unsolicited requests. Please do not respond to these fraudulent messages, or click on any links or scan any QR codes within them. CFPB Seeking Oversight The Consumer Financial Protection Bureau (CFPB) recently issued a proposed rule, found here, to establish the CFPB’s supervisory authority over certain nonbank covered persons participating in a market for “general-use digital consumer payment applications.” As explained in the preamble of the proposed rule, the proposed market would include providers of funds transfer and wallet functionalities through digital applications for consumers’ general use in making payments to other persons for personal, family, or household purposes. Examples include many consumer financial products and services that are commonly described as “digital wallets,” “payment apps,” “funds transfer apps,” “person-to-person payment apps,” “P2P apps,” and the like. Comments should be received on or before January 8, 2024. CFPB Enforcement Action CFPB also recently announced an enforcement action against a bank for violation of the Equal Credit Opportunity Act (ECOA) and its implementing Regulation B by discriminating against certain credit card applicants based on their national origin. The Consent Order can be found here. As explained in the Consent Order, from at least 2015 through 2021, it was the Bank’s practice to apply extra scrutiny to, negatively assess, and often deny certain credit card applications based on Armenian national origin. The bank employees suspected that applicants with last names ending in -ian or -yan, especially if the applicant’s address was in or around Glendale, California, were more likely to commit fraud and referred to them as “bust outs” because the employees perceived them as likely to incur significant charges and then “bust out,” meaning they would leave the country or otherwise not pay off the charges. The Bank even took corrective action against employees if they failed to identify and deny Applications if the applicant’s last name ended in -ian or -yan and address was in or around Glendale, California, including action that could affect the agent’s performance rating, pay, and authority to approve future Citi Retail Services Credit Card Applications. The CFPB found that the Bank’s practice discriminated against Credit Card applicants in multiple aspects of the Credit Transaction on the basis of national origin in violation of ECOA and Regulation B. The order requires the bank to provide $1.4 million in redress to consumers and pay a $24.5 million civil money penalty. DakCU members may contact Amy Kleinschmit with any compliance related questions. Comments are closed.
|
The MemoThe Memo is DakCU's newsletter that keeps Want the Memo delivered straight to your inbox?
Archives
October 2024
Categories
All
|