Posts filed under ‘Compliance’
One of the trickiest questions facing businesses of all sizes, regulators, lawyers and policy makers is how to draw a line between encouraging the disclosure of information in an age when a smart phone gives an employee access to more information than imaginable just five years ago but the need for confidentiality is as important as ever.
Example 1: credit unions are justifiably concerned over NCUA’s decision to give the public access to a risk-based net worth calculator designed to give credit unions a snapshot of how they would fare under the agency’s proposed RBNW framework. NCUA justifies its decision to make the calculator publicly available by stressing the need to have an informed public debate on this important issue.
Given the agency’s steadfast commitment to public discourse, I find it odd that it takes the agency two weeks to make an online video of its monthly board meetings available. If you want to take a look at NCUA’s February 20th board meeting, it is available now. There are people like myself for whom real time access to NCUA’s decisions and explanations as to why they are making the proposals they are making would be invaluable.
NCUA should take its commitment to openness to the next logical level and start offering real time broadcasts of its monthly meetings. If the NCUA truly believes that the public deserves real time access to an individual credit union’s potential net worth then surely that same public deserves timely information about NCUA’s latest regulatory initiatives.
Example 2: We’ve all been there. You’re sitting around the dinner table talking to your wife about the day’s events when you realize that your kids are listening to your every word. You explain to them that there is some stuff that just stays within the family. Do you really think this warning works? I once talked to a pre-school teacher who told me that she knows more intimate details about her school kids’ parents than she would ever want.
Many of you have probably already heard about a recent case in Florida in which a father successfully sued his ex-employer claiming age discrimination. As is common in these cases, $80,000 of the settlement was contingent on the father neither “directly or indirectly” disclosing the terms of the agreement to third parties. No one bothered explaining this to the ex-employee’s 20-year old daugter, who proudly reported her father’s victory to her 1,200 Facebook friends, replete with the admonition that the ex-employer should “SUCK IT.” What I didn’t realize until I read the case was that the court’s ruling ostensibly had nothing to do with the Facebook post. The father violated the agreement as soon as he talked about the settlement with his daughter. However, on a practical level it is doubtful that the father’s indiscretion would have cost him $80,000 in the pre-Facebook era. As for the 20-year old daughter with 1,200 friends, perhaps they can offer her some extra summer jobs as she may very well be paying for her own college education from here on in.
Many of you have to sign off on confidentiality agreements either as part of your employment contracts or legal settlements. This case underscores the importance of well-drafted confidentiality clauses in the age of social media. Whereas contracts typically use somewhat generic language prohibiting both direct and indirect disclosures, I wouldn’t be surprised if lawyers start seeking greater flexibility on behalf of executives entering into contracts.
Example 3: Merchants in Texas, Florida and California recently filed lawsuits to invalidate state level laws banning surcharges on credit card purchases. A group of merchants already won a similar lawsuit invalidating New York’s credit card surcharge prohibition (518 NY General Business Law). That case is currently being appealed.
In the New York case, the plaintiffs successfully argued that the credit card surcharge prohibition violated their first amendment rights.
It took a little longer than anticipated but the House of Representatives passed legislation on Tuesday delaying flood insurance rate increases previously mandated by bipartisan legislation passed in 2012. The legislation, which passed with Democratic support, was a nice victory for New York’s Staten island Congressman Michael Grimm.
As I explained in a recent blog, the 2012 reforms have resulted in sharp increases in flood insurance rates and Congressmen were justifiably concerned that without delaying these rate increases many homeowners in flood zones would find it unaffordable to live in these communities. As Representative Shelley Moore Caputo (R-West Virginia) said during last evening’s debate: in some cases, the choice of homeowners “was to either spend life savings on their flood insurance bills or walk away from their house, ruining their credit.”
However, the bill still leaves credit unions in compliance limbo. Specifically, the federal agencies have proposed regulations mandated by the 2012 bill requiring that institutions with $1 billion or more in assets establish escrow accounts for the payment of flood insurance premiums (12 U.S.C.A 4012a). The NCUA and other regulators issued a joint guidance opining that the escrow provision doesn’t take effect until the regulations are promulgated, which they anticipate will be finalized in sufficient time to allow lenders to implement them prior to July 2014.
Based on my reading of the bill passed by the House, the escrow requirement, as well as other mandates regarding the acceptance of private flood insurance, remain intact. But we won’t know this for sure until the Senate acts on the House bill, which it is expected to do shortly. I would hope that at that point federal regulators would issue a subsequent guidance to clarify the status of flood insurance regulations.
This is a story about Jack and Diane; two American kids who lost touch after a sordid affair in High School. Each of them go to college, get a job, and are now ready to claim their piece of suburbia by buying their first house.
Jack gets his mortgage from a credit union with assets over $2 billion dollars. Diane gets hers from a small credit union with assets over $25 million. Both of the credit unions make qualified mortgages (QM) to enthusiastic first time homebuyers. This means, among other things, that Jack’s mortgage doesn’t exceed a 43% debt- to-income ratio and his credit union adhered to the prescribed underwriting requirements mandated by Appendix Q. Jack’s credit union had its mortgage department document the borrowers information (remember, the days of the liar loan are over).
Our small credit union gives a QM mortgage to Diane. It also does everything right. It’s a lot easier for it to make a QM loan. For example, Diane had a debt to income ratio around 50%, but the D-T-I cap doesn’t apply to small lenders. Student loans for a Masters in Acting can pile up, but the credit union knows Diane and has made similar loans in the past. Besides, the credit union’s “mortgage department” consists of Bill, a 30 year veteran of making mortgages in the area who has internalized the credit union’s lending parameters but has never had the time or seen the need to translate this knowledge into policies or procedures.
Eighteen months go by and both credit unions have had to start foreclosures. Dodd-Frank has made foreclosure defense a profitable legal specialty, so both Jack and Diane have retained counsel. Both borrowers claim that they have a valid defense to foreclosure because both credit Unions violated Dodd-Frank in being foolish enough to give either of them a loan.
If the law works as envisioned, neither credit union will have anything to worry about. Once they prove they have made Qualified Mortgages the foreclosure defenses fail, right? In theory, yes, but here is my concern. Given the more stringent requirements imposed on larger credit unions, it may actually be easier for larger credit unions to get QM protections than smaller credit unions. The idea behind the safe harbor is that a judge can see by the terms of the mortgage and the mortgage file that a member had the ability to repay a mortgage loan. Given the more stringent limitations placed on our larger credit union, it will be obvious by the terms of the mortgage and the underwriting in the file that Jack had the Ability to Repay the loan when it was made.
In contrast, the same can’t be said of our smaller credit union. For example, was the 50% D-T-I ratio reasonable? Diane’s credit union says it was consistent with past practice, but its underwriting policy simply says it will underwrite to secondary market standards and there is nothing in the file to indicate why an exception was made in this case.
Don’t get me wrong, our small credit union did make a QM loan, but it didn’t have (a) the documentation to prove it and (b) policies explaining its underwriting standards. QM mortgage or not, judges are going to want proof and defense lawyers are going to raise as many questions about the credit union’s policies as they can.
As explained by an extremely smart lawyer in September 2012: “Even a safe harbor isn’t safe. You can always be sued for whether you meet the criteria or not to get into the safe harbor. It’s a bit of a marketing concept there. The more important point is, are we drawing bright lines? If someone were to say to me safe harbor or anything else, I would go with a safe harbor. But I don’t think safe harbor is truly safe. And I think it oversimplifies the issue.” I couldn’t agree more, Mr. Cordray.
The comment period on the Risk Based Net Worth proposal officially kicks in today with the regulation’s posting in today’s Federal Register. I’ll have more on this tomorrow.
What really caught my eye about the National Association of Realtors’ (NAR)quarterly report on the State of US Housing was not the familiar litany of excuses for why, even though optimists continue to see robust economic growth right around the corner, the housing market continues to underwhelm (the weather was bad, credit is tight and the first time homebuyer isn’t buying, yada, yada, yada). No, what really caught my eye was the Association’s assertion that spiking flood insurance premiums are beginning to take a bite out of housing.
According to NAR President Steve Brown, “Thirty percent of transactions in flood zones were cancelled or delayed in January as a result of sharply higher flood insurance rates,” he said. “Since going into effect on October 1, 2013, about 40,000 home sales were either delayed or canceled because of increases and confusion over significantly higher flood insurance rates. The volume could accelerate as the market picks up this spring.”
If part of what is going on here is political gamesmanship, it’s gamesmanship of the best kind. The Senate has already passed legislation that would delay reforms mandated by the Bigget-Waters Reform Act of 2012. One of the primary goals of the Act is to entice private insures into the flood insurance business by phasing out government subsidies that insurers argue make it impossible to accurately and cost effectively price insurance in areas where it is necessary.
While the argument appeals to the free market guy in me, members of both sides of the aisle are justifiably concerned by the evidence that without amendments to this legislation, individuals who live in areas prone to flooding will see huge spikes in their flood insurance premiums. No surprise then that Congressman Michael Grimm of Staten Island is one of the primary proponents of legislation (HR3511) to keep insurance premiums from rising. It appears that House action on the bill is imminent, but the bill has already faced unexpected delays. At the end of the day, this is one of those bills that shows that ideology won’t trump legislation to help constituents stay in their homes.
. . . . . . . . . . . . . . . . . . . .
A Failure to Communicate?
I was more than a little surprised when I read Chairman Matz’s speech before CUNA’s Government Affairs Conference yesterday. With some credit union officials describing the Risk Based Net Worth proposal as Armageddon for the industry, I figured Matz would use the opportunity to explain why NCUA feels its proposal is medicine worth taking for the industry as a whole. I was wrong.
Given the fact that the industry itself pushed for net-worth reform for several years before seeing NCUA’s proposal, the agency undoubtedly has some arguments to make in its favor. But its failure to mount any kind of a defense of its idea is becoming a real problem. The proposal itself lacks the kind of detail that credit unions deserve when their regulator puts forward a proposal of this magnitude. Matz’s silence in the face of mounting credit union concerns does nothing to address legitimate credit union jitters on this issue.
I am a transparency kind of guy, so it has taken me a while to decide whether or not NCUA did the right thing coupling its Risk Based Net Worth proposal with a calculator with which you can see how a given credit union would fair under the proposal. On the one hand, the calculator has given individual credit unions and Associations a useful and important tool with which to get a handle on a crucially important but complicated proposal. On the other hand, the proposal is just that and to put out for public viewing the consequences of a proposed rule that suggests that many credit unions are less financially secure than they were just a few weeks ago crosses the line between encouraging public debate and peddling inaccurate information in the name of openness. Put a password on the calculator and let credit unions decide for themselves how much of this information they want to make available to the public and when.
It’s strange and more than a little bit curious to see NCUA’s sudden commitment to transparency. It’s as if President Obama decided to pardon Edward Snowden so he could become the head of the National Security Agency. It wasn’t too long ago that NCUA was making all of North Carolina’s state chartered credit unions undergo separate federal examinations because one of the state’s charters had the audacity to make its CAMEL ratings available to the public. It argued than that if one credit union exposed the Holy Grail of CAMEL ratings, pretty soon other credit unions would be pressured into revealing the same information to their members. After that, the industry, followed closely by civilization, would end as we know it. Things would get so bad that the Russians, led by a Kleptocratic thug, would be allowed to hold the Winter Olympics in one of that country’s warmest locations. Okay, that last one actually happened but you get what I mean.
Perhaps NCUA understands it went a little far in its North Carolina inquisition, but I find it a little suspicious, and at the very least inconsistent, for that same regulator to suddenly put such a high premium on transparency. It wants to let any member of the public take a look at a credit unions finances and get a snapshot of how it would fair under a very rough, dangerously simplistic RBNW formula that is years from taking effect if it ever does. Never mind the fact that the information is of very limited value to the general public at this point. It seems to me that Joe Six Pack or a disgruntled member is more likely to understand a risk weighted number than a CAMEL rating. This is a great example of a little knowledge being a dangerous thing.
Ultimately, confidences belong to the party on whose behalf information is provided. That’s why a credit union should be allowed to disclose its CAMEL rating to whomever it wants. Similarly, let’s password protect the NCUA calculator and give each credit union access to its own information. That way, individual institutions could decide how best to handle the RBNW proposal and NCUA can be satisfied that it has provided industry stakeholders with a valuable tool with which to assess one of its most important proposals.
. . . . . . . . . .
With the economy still stumbling along, policy officials, including Fed Chairman Janet Yellen, have stressed that the official unemployment rate is not the only gauge to use when assessing how good a job the economy is doing absorbing people into the workforce. This is a vitally important issue because the lower unemployment the more likely the Fed is to start raising short term interest rates. To me, all you have to do is look at the nation’s historically low level of workforce participation and the number of long term unemployed to realize that this is no time to be raising interest rates. So I was surprised when I read the Fed minutes and accompanying articles pointing out that at least some members of the Open Market Committee think it is time to raise rates. What could they be thinking? A possible answer comes from this passage in the Economist:
“recent research suggests the unemployment rate is saying something important. It’s just that the message is a depressing one: America’s laborr supply may be permanently stunted. If so that would mean that the economy is operating closer to potential—using all available capital and labor—than generally thought, and that there is less downward pressure on inflation than the Fed has assumed.”
Under this depressing view, stunted economic growth is the new normal and the Fed has to be quicker to raise interest rates than would have historically been the case. If it doesn’t, then we will have a sluggish economy with high inflation.
. . . . . . . . . . . . . . . . . .
NCUA’s monthly board meeting was yesterday. Unless you’re planning to liquidate sometime soon, there’s not all that much to get excited about. Have a great weekend – remember to break out the sun screen, jump in the pool and have a barbeque, it’s going to be in the 40s.
I don’t know what it says about the state of the credit union industry that my most popular blog in recent weeks was about the legal grey area confronting credit unions and banks in the 20 states and the District of Columbia that have legalized, to varying degrees, the possession and distribution of marijuana, even though such laws violate federal statute.
So, I thought you might all be interested in knowing that our good friends at FinCEN issued a thoughtful guidance on Friday afternoon clarifying just how financial institutions can comply with the Bank Secrecy Act and provide banking services to marijuana businesses operating legally under state law. FinCEN’s solution is not directly relevant to states like New York that have yet to legalize marijuana, but given the fact that the pot-legalization movement is moving quicker than Bob Costas’ eye infection, I would keep this guidance in your electronic files. Here are some of the highlights, but remember if any of you are in the 21 jurisdictions directly impacted by this guidance, this is no substitute for reading the entire ruling.
1. In states where marijuana use is not legal, nothing has changed. You would still file a traditional suspicious activity report (SAR) if you have reason to believe that a member is using his or her account to run a pot selling business.
2. In jurisdictions where pot businesses are legal, financial institutions will be expected to do appropriate due diligence when opening an account. For example, they will have to find out whether or not the business is properly licensed and they should also analyze the store’s business model.
3. Let’s assume that we are dealing with a licensed, legal pot business. Under this guidance, even though your credit union is authorized to open the account, it would still be obligated to file SARS on a regular basis. Consistent with existing regulations, financial institutions with SARS requirements may file SARS for continuing activity. These reports are not new. However, when the SAR relates to a marijuana business for which nothing has changed, the filing would include the notation that it is “marijuana limited” in the SARS narrative section. FinCEN has taken the logical position that even though the business might be legal under state law, its activity still violates federal law and it wants to know about it.
Here’s where it gets a little tricky:
4. The Justice Department has decided that it will not prosecute marijuana-related businesses in jurisdictions where they are legal, provided the businesses do not engage in certain types of activity highlighted in the so-called Cole Memorandum such as selling drugs to minors or assisting in money laundering. Consequently, credit unions will have to monitor these businesses and when they suspect that they are engaging in activity red-flagged by the Justice Department, they would have to file a traditional SAR. For example, like any other business, it would be mighty suspicious if a business started doubling its cash deposits. Where a financial institution files a SAR on a marijuana related business that it reasonably believes “implicates one of the Cole Memo priorities. . .” it would file a “marijuana priority SAR” indicating which one of the Cole priorities are implicated.
Yesterday, Mayor Bill De Blasio, who was busy putting the liberal back in liberal, highlighted the creation of a city ID card that could be used to, among other things, open a bank account. For those of you outside the Big Apple it is a discussion worth watching. With more than half of the Assemblymen in the State Legislature residing in the City, what NYC does may very well help shape state-wide debates.
The Mayor’s speech triggered some of my increasingly aged brain cells. For almost fifteen years immigration groups have lobbied for the acceptance of identification cards other than a drivers license. For instance, for years there was a bill debated in the State Legislature that would have required banks to accept Consular Identification Cards for members seeking to open accounts.
Now, I understand that immigration is a hot button issue. It is hard to discuss the legalities of accepting alternative forms of identification when opening bank accounts. Let’s be honest, the primary use of alternative forms of government identification is to facilitate essential services for undocumented aliens. Whether you are for or against immigration, the federal government’s unwillingness to provide definitive guidance on what types of alternative identification are acceptable is just short of an abdication of its responsibility, which puts credit unions and their banking counterparts in a no win situation.
Most importantly, section 326 of the USA Patriot Act requires banks and credit unions to establish reasonable procedures for the identification and verification of new account holders. As soon as this statute and its implementing regulations were proposed, the Treasury Department was bombarded with 24,000 comment letters relating to the question of whether the final rules precluded financial institutions from relying on certain forms of identification issued by foreign governments. The Treasury Department responded to these legitimate questions with classic bureaucratic doublespeak, that because of the “divergence of opinion, it makes little sense from a regulatory perspective to specify individual types of documents that cannot be used within the nation itself.”
Read in isolation, this not so artful dodge gives institutions the right to decide for themselves what documentation is appropriate for opening an account. In addition, City-issued cards provide credit unions a solid means of verifying a person’s identity since they would be issued by municipal officials, presumably pursuant to appropriate procedures. However, not even this is all that clear. For instance, finCEN, which oversees implementation of the Bank Secrecy Act, has opined that a bank may not open an account for a U.S. citizen who doesn’t have a tax payer identification number. At the very least, this means that from a BSA perspective a member even with proper identification is not entitled to an interest bearing account since the interest is reportable income.
To be sure, cities such as Los Angeles have developed identification cards similar to that being proposed by De Blasio, but advocates of these proposals would be well advised to couple their efforts on the local level with a push for regulators to further qualify under what circumstances individuals without more common types of identification can be accepted as members consistent with BSA requirements.
Just as good fences make good neighbors, clearly written laws make for good business practices by clearly defining each party’s obligations. Credit unions and banks are acutely aware of this since every time they process a check, they are relying on warranties developed and refined over hundreds of years. However, technology is evolving much faster than the law of check negotiation.
No where are the potential problems with this trend better exemplified than with the recent emergence of remote deposit capture that allows members to take a picture of the front and back of their drafts and send the electronic images into the payment stream.
First, some real basic stuff. When your credit union receives a paper check for deposit and converts it into a substitute check, it presumably has a process in place to ensure that the duplicated original paper check is not mistakenly put into the payment pipeline.
But what happens when one of your members uses her mobile phone to create a substitute check and then forgets to destroy the original? What happens when that original check mistakenly, or in some cases, intentionally, is deposited into another depository institution, which, unaware that a substitute check has been made, honors the paper draft? What institution should ultimately bear the cost for this mishap? Believe it or not this extremely basic question has not been addressed by either the courts or regulators.
Consequently, it is a welcome development that in its December proposal making changes to Regulation CC, the Federal Reserve is proposing to add a new section, 229.34(g). Under this section, a depository bank or credit union that authorizes a member to use remote deposit capture would indemnify another depository bank that accepts an original check for deposit.
The Board argues, and for what it’s worth I tend to agree, that the financial institution that introduced “the risk of multiple deposits of the same check by offering a remote deposit capturing service should bear the losses associated with multiple deposits of a check.”
If this regulation is finalized, it will underscore to credit unions the importance of monitoring members before automatically entitling them to using remote capture technology. It also underscores the importance of account agreements that put the member on notice that she is obligated to destroy the original of a check once it is deposited.
If you want more information on this subject, you can go to page 46 of the proposal and see if you can get a copy of the December 2013 issue of Clark’s Bank Deposits and Payments Monthly.
. . . . . . . . .
Governor Cuomo’s Executive Budget Proposal includes corporate tax reforms that would benefit New York State banks. The proposal is irksome to some advocacy groups who argue that this is not the time to be giving tax cuts to the banks even if they represent an important part of the state’s economy. You can get a good summary of the argument in this article.
I hate the snow and I hate the cold, so it’s only logical that I ended up living in the Northeast. I would love to ignore the snow coming down faster than President Obama’s poll ratings but I know that at some point I’m going to have to fire up the snow blower and deal with the mess.
Similarly, credit unions face a systemic threat that they can’t wish away. My concern is that the threat posed by hackers is as great a risk to the viability of small credit unions as more commonly voiced concerns such as regulatory burden. The bottom line is this: larger institutions will be able to absorb the cost of inevitable cybercrime and make the investments to at least put hurdles in the way of hackers. Smaller institutions simply don’t have the means at their disposal. As members become more cognizant of these risks, their willingness to continue to use the small town institution will fade away.
Think this is just a depressing diagnosis from a snow-hating guy who has only had one cup of coffee?
It was disclosed yesterday that the Target breach continued for days after Target thought it had identified and dealt with the problem. If the technology can outfox a company as large as Target under intense public scrutiny, does your friendly neighborhood credit union really stand a chance when hackers look to exploit vulnerabilities in your IT system?
Fortunately, even without needed legislative reforms, there are some basic steps that can be taken to guard against this trend. Let’s start leveraging our IT expertise. If the industry pulls together its IT services into a single network to facilitate back office processes, this won’t prevent data breaches but it will make it cost effective for smaller institutions to invest in the type of sophisticated IT that is going to become an invaluable component of future growth.
Second, a successful IT Department is going to have to be integrated with a robust compliance program. For instance, you could have the best disclosures in the world but if they are not properly displayed on your online banking service, you haven’t accomplished a thing. So let’s start thinking seriously about pulling together compliance resources. This model has already been in use in states like Georgia where the league association hires compliance people paid for by a group of credit unions. Let’s stop being penny wise and pound foolish when it comes to basic investments in technological infrastructure and let’s start truly cooperating when it comes to developing the type of back-office infrastructure that can benefit all credit unions. Think of it as a corporate system for the 21st Century.
NCUA has taken its obsession with how best to protect the Share Insurance Fund to an extreme with its recent risk-based net worth requirement. In putting forward its radical proposal to impose enhanced risk-based net worth requirements on those credit unions lucky enough to have $50 million or more in assets, the NCUA is proposing a solution in search of a problem. Absent evidence that the current RBNW poses a risk to the credit union industry as a whole, there is no demonstrated need for the type of reform that NCUA is seeking to impose.
According to the NCUA, 90% of credit unions already meet the proposed net worth requirements. But this statistic only tells half the story. First, credit unions suddenly deemed to have inadequate capital will have to scramble for ways to comply with this new mandate, notwithstanding the fact that they, unlike their banking counterparts, cannot go out and raise additional capital through stock offerings. This means that members of these credit unions will pay the price for NCUA’s dictate in the form of fewer and/or less competitively priced financial products. With the economy still sluggish, this is a strange time to be putting the brakes on sound financial institutions. In addition, even though the vast majority of credit unions will satisfy the new net worth requirements, these enhanced restrictions represent a barrier to future growth.
In putting forward this proposal, NCUA acknowledges that while credit unions generally have high capital, it complains that in recent years the Share Insurance Fund experienced several hundred million dollars in losses “due to failures of individual credit unions holding inadequate levels of capital relative to the levels of risk associated with their assets and operations.” NCUA complains that its examiners did warn these credit unions of the risk, but that these recommendations were unenforceable.
With all due respect, there is something wrong with this logic. The goal of the fund is not to prevent all losses. It should surprise no one that individual credit unions, either because of severe economic conditions, mismanagement or a combination of both become insolvent. But to suggest that all credit unions should have to pay the price for these events ultimately robs credit unions of their obligation to run their institutions in the way that reflects the needs of their community and the members for whom they operate.
To be fair to NCUA, there are certainly going to be situations where a credit union could be complying with relevant rules and regulations but still operating in a risky manner. Therefore, it is justified in clarifying that it has the authority to impose capital requirements on individual credit unions where a unique composition of assets poses risk to its safety and soundness. However, there is no such thing as a completely safe financial environment and by imposing enhanced capital requirements on all credit unions, NCUA is taking money from members and failing to strike a proper balance between managing risks and allowing credit unions to run their businesses.