Posts filed under ‘Regulatory’

Chip and PIN: The Next Big Compliance Deadline?

When a President has to react to a serious problem but doesn’t know what more he can do to solve it   he appoints a “Czar” as in a “Drug Czar” or “Ebola Czar.“ When a President has ideas about how to solve a problem but can’t get anyone to agree to his solution, he holds a summit.

The President is a smart guy who knows that cybersecurity is a major issue about which Congress has failed to act. Last year, 100 million consumers were victims of data breaches. So this past Friday, the President announced that he would be hosting a cybersecurity summit.

While the bully pulpit only goes so far, the actions announced by the President and major retailers on Friday underscore that, for card issuing credit unions, October 2015 looms as one of the biggest compliance deadlines. As you probably already know, October 2015 is when that liability shifts for card issuers and merchants accepting Visa and MasterCard that don’t have chip-and-pin technology.

Starting in October of 2015 a merchant with a payment terminal that doesn’t use chip-and-pin technology will be liable for the costs of any unauthorized Point of Sale transactions involving a member with a chip-and-pin card. Conversely, if a card issuer can’t process EMV transactions, it is on the hook for the liability. The shift was first unveiled in 2012 to give everyone more than adequate time to adopt the new technology but, until recently, I was skeptical of just how important the deadline would be. Making the shift costs money. Issuing chip embedded plastic isn’t cheap compared to the erstwhile magnetic strip and retrofitting payment terminals isn’t cheap for merchants.

But the days of mutually assured indifference are over. Speaking before employees at the CFPB on Friday, the President unveiled an Executive Order mandating that credit cards and credit-card readers issued by the United States government come equipped with chip-and-pin technology starting next year.  The President also announced that he was ordering federal law enforcement to share more information with the private sector when they discover identity theft rings.

Finally, the President announced that “a group of retailers that include some of our largest — Home Depot, Target, Walgreens, Walmart — and representing more than 15,000 stores across the country, all of them are pledging to adopt chip-and-pin technology by the beginning of next year.”

Now, I have said it before and I will say it again. Industry-wide adoption of chip-and -pin is no panacea. The technology is already old and does nothing to prevent online fraud. But the events of Friday underscore that it is time to get moving on adopting this technology if you haven’t done so already.

Here are some links for additional information:

http://www.whitehouse.gov/the-press-office/2014/10/17/remarks-president-protecting-american-consumers

http://phys.org/news/2014-10-obama-unveils-stem-identity-theft.html

http://usa.visa.com/download/merchants/bulletin-us-participation-liability-shift-080911.pdf

http://usa.visa.com/download/merchants/bulletin-us-participation-liability-shift-080911.pdf

October 20, 2014 at 8:46 am Leave a comment

CFPB: Bankruptcy Code Harms Student Borrowers

Is the Bankruptcy Code to blame for difficulties students experience modifying their private student loan obligations?  That is the implicit question posed by the CFPB in its annual report analyzing the student loan industry.  According to the report, which summarizes data from complaints received by the CFPB over the previous year, students seeking repayment options for private student loans are facing many of the same obstacles homeowners face after falling behind on their mortgages.

According to the report, since the Bureau began accepting private student loan complaints in 2012, the most common complaint comes from borrowers seeking to avoid default when they face financial hardship.  According to the Bureau, its findings suggest that lenders and servicers “have yet to address the need for loan workout in a fulsome manner.”

What would the CFPB do?  In 2005, one of the changes made to the bankruptcy code was to make private student loans non-dischargeable in bankruptcy.  At the time of this change, similar protections had already been granted to federally subsidized student loans.  The CFPB is recommending that Congress revisit the PSL exemption “to determine whether the special bankruptcy protection afforded to lenders should be limited to those who offer certain loan modification options.” Remember, the CFPB has already put in place a regulatory framework mandating that lenders work in good faith with homeowners who are struggling to make their mortgage payments.

The nation’s rising level of student loan debt is a serious and growing problem.  As I’ve pointed out in a previous blog, there is even growing evidence that student debt is holding back the housing recovery by making it more difficult for people to afford their first house.  What concerns me about the CFPB’s recommendation is that it adds fodder to an increasingly ideological and divisive debate about the root causes of student debt.

Let’s look at issues surrounding education finance.  But let’s not analyze the issue in isolation.  College tuition has skyrocketed and shows no signs of letting up.  Looking at the amount of debt being amassed in this country to get an education and focusing exclusively on lenders is tantamount to blaming the woes of the NY Jets on their quarterback, Geno Smith: it might be comforting, but there are some issues for which there are no easy solutions.

Well I’m off to enjoy my morning yogurt.  It’s going to taste extra good now that Governor Cuomo has signed legislation  naming it the official state snack.

October 17, 2014 at 8:24 am Leave a comment

Military Misfires on Consumer Protection

Today’s blog provides a good example of how well-intentioned people can end up doing more harm than good.  The Department of Defense recently proposed expanding the coverage of consumer protection laws that currently apply to pay-day loans, refund anticipation loans and vehicle title loans to most consumer loans covered by the Truth in Lending Act. It would not apply to loans to purchase a vehicle or a home.  If the DOD isn’t careful, it will dry up the swamp of creditors who prey on our service members, which of course is a good thing, but do so in a way that will make it more difficult for members of the armed forces to get access to consumer credit, especially from credit unions.  Here’s why.

Back in 2007, responding to wide spread reports of predatory lending activities targeting the military, Congress passed the Military Lending Act.  The Act empowered the Department of Defense to define and regulate consumer credit products provided to active duty members of the armed forces and their dependents.  It gave the military wide discretion in determining what products would be subject to the enhanced regulatory restrictions.  Under the regulations promulgated by the DOD, a 36% interest rate cap was placed on refund anticipation loans, pay-day loans, and vehicle title loans.  In addition, the cap is calculated based on the Military Annual Percentage Rate (MAPR), which is succinctly summarized by the CFPB to include interest, fees, credit service charges, credit renewal charges, credit insurance premiums and other fees related to credit products sold in connection with the loan.  Creditors selling these loans have to provide enhanced disclosures, as well as take affirmative steps to identify eligible consumers.

At the time the legislation was enacted, credit unions and other financial institutions were concerned that if regulations were written too broadly, they would require the wide-spread adoption of two types of consumer loan products:  one for the military and one for civilians.  However, the final regulations were narrow enough in scope so that they didn’t impact the vast majority of credit unions, most of which would have no desire to offer these types of products in the first place, even if located in states where they were permitted to do so.

The statute as it has been implemented by the DOD made sense, at least until last Friday.  The DOD is proposing regulations that would expand the definition of products covered under the statute to include credit cards and other consumer loans covered under the Truth in Lending Act.  As a result, credit cards offered to members of the military and their dependents would be subject to a 36% cap calculated by a refined MAPR.  To be fair, the military recognizes that a poorly drafted regulation runs the risk of denying mainstream credit to members of the armed forces, so it is refining the MAPR to, for example, exclude customary and reasonable fees.  But the calculation of an MAPR would still differ for members of the military and civilians.  Furthermore, by expanding the reach of the MLA to most consumer loans except home mortgages and car loans, the military will make it more difficult for credit unions to provide legitimate loans to service members.

In fact, the proposal is such a bad idea that NCUA took the highly unusual step of issuing a statement critical of the proposal the same day it was announced.  It pointed out that NCUA’s pay-day lending alternative was designed specifically to fit within the Department’s existing regulations.

Current NCUA regulations allow federal credit unions to offer payday alternative loans with an interest rate of up to 28 percent and an application fee of up to $20. Under the Military Lending Act regulations, consumer credit to covered borrowers is subject to a 36 percent cap on the military annual percentage rate, or military APR, which includes application fees. If these regulations are revised to cover payday alternative loans, the rate and fee for many payday alternative loans would be higher than the military APR cap.

Conversely, our good friends at the bureau that never sleeps, the CFPB, thinks the Department’s proposal is a swell idea.  Proponents of the DOD’s approach point out that it is extremely easy to avoid compliance with the MLA.  For example, a loan with a 91-day repayment period isn’t classified as a pay-day loan under the regulations, but a 90-day loan could be.  They argue that by expanding the size of the jurisdictional net, it will be easier to catch those creditors who prey on members of our armed forces.  The problem with larger fishing nets, of course, is that they scoop up everything in their wake, including fish that no one wants to catch in the first place.

Perhaps DOD should consider expanding the definition of the existing products covered under the MLA rather than grabbing everything into its jurisdiction.  Another alternative, which it notes in the preamble that it is open to considering, is to exempt certain types of institutions from coverage of the expanded regulations.  Considering that federal credit unions are already subject to an interest rate cap on loans and that the vast majority of credit unions are places that members of the military looking for a fair deal should be encouraged to patronize, an exemption makes sense to me.

At ease.

October 1, 2014 at 8:30 am Leave a comment

What Is the True Cost of Fraud?

How much is cyber theft costing us? The question is crucial because, to simple country lawyers like me, we are facing the electronic equivalent of a man-made Ebola virus. Is it possible that fraud is a manageable cost of doing business? I don’t think so, but I’m afraid many policy makers, merchants and large financial institutions might.

One place to look for the answer is in the Fed’s biannual report on the cost of debit card interchange costs mandated by the Durbin Amendment. The latest installment was issued September 18th.  Fraud resulted in $1.57 billion in losses in 2013. Furthermore: “. . . the majority of fraud losses were absorbed by issuers and merchants (61 percent and 36 percent respectively); cardholders absorbed only 3 percent of losses.”

Most importantly, the cost of fraud is rising.  “Although overall fraud losses as a percentage of transaction value did not change much between 2011 and 2013, there were substantial changes in the incidence of fraud, as well as in average losses per fraudulent transaction.”

But since overall transaction costs are going down, the Fed won’t be proposing a change to the existing cap, which is currently 21 cents plus 5 basis points multiplied by the value of the transaction, plus a 1-cent fraud-prevention adjustment, for institutions that take mandated fraud prevention measures.

Something doesn’t quite past the smell test. In the same week, Home Depot concludes that a mere 56 million consumers had their credit and debit card information stolen by malware imbedded onto its card readers, the Federal Reserve concludes that there is no need to recommend raising the cap on interchange fees for institutions with $10 billion or more in assets.   We may have one of those situations where economists can tell us the price of fraud but not its true cost. Remember the cap just applies to institutions with $10 billion or more in assets.

Why should credit unions care? Because, while cyber fraud may be an acceptable cost of doing business for the big guys who can absorb the costs, it’s not for your smaller institution. Furthermore, the Fed can’t monetize consumer anger and mistrust. Your average consumer is going to get fed up sooner or later. They will turn to the larger, more sophisticated institutions that they believe are better able to protect them – a trend that will be accelerated by our good friends at Apple.

September 19, 2014 at 9:06 am 1 comment

Are CFPB’s Performance Reviews “Acceptable?”

Yesterday, the CFPB, which prides itself on being a statistics-driven, cutting edge agency of the 21st Century, announced a new rating system for its employees which deemphasizes statistics.  For several months now, the CFPB has been dogged by increasingly strident accusations that its managers engaged in discriminatory practices.  These accusations were bolstered by an internal report highlighted in yesterday’s CU Times showing statistical disparities based on race in the performance review process.  For example, 20.3 percent of white employees received the highest rating (a 5 on a 1-5 scale), while only 10.5% of African-American employees received this rating.  The CFPB is responding to this “proof” of racial disparity by implementing a pass-fail system of employee evaluations, doing away with those troublesome numbers.  Instead, employees will retroactively be classified as either solid performers or unacceptable ones. 

CFPB’s retreat speaks volumes about statistics and their limits.  Disparity impact analysis, where regulators and litigators argue that a facially neutral lending policy can be proven to discriminate against individuals based on statistical analysis, is predicated on the assumption that statistics don’t lie.  Advocates of this approach argue that at some point statistical disparities demonstrate that even facially neutral policies reflect discriminatory undertones and/or practices. 

On the other end of the spectrum, on which I would place myself, are those who take a jaundiced view of disparate impact analysis.  Statistics only tell a fraction of the story.  For instance, the CFPB’s statistical chart can’t tell you about how often an employee had to be pushed to get his work done.  Similarly, statistics alone can’t capture the full extent of negotiations that went on between a mortgage originator and a consumer who happened to be African-American.  Nevertheless, the explosion of data makes it more, not less, likely that statistics will be used to judge the effectiveness of anti-discrimination laws.  This is why I find the CFPB’s response so telling.  Rather than defend its evaluations, it implicitly assumes that its managers must be racially biased.  Remember, these are the same people who will ultimately be reviewing lending trends and using increased HMDA data to spot discrimination.   

The pre-eminence of disparate analysis is going to have real life consequences.  For instance, the reality is that as lenders heighten their underwriting standards to make sure that they can document why a borrower can repay a mortgage loan or decide to only make so-called qualified mortgages, these decisions will have a disproportionately negative impact on minority groups that, in the aggregate, have less income. 

What will be the response of legislators and regulators?  Will they look at these statistics and realize that they reflect deep-seated, complex problems that simply can’t be assumed to only reflect racial animus?  Or will they do what the CFPB has done and simply water down evaluation standards so that the difficult issues raised can be “solved” instead of addressed.   

August 28, 2014 at 8:43 am 1 comment

Why We All Need To Know More About Mortgages

The SEC was literally asleep at the switch during the early days of the mortgage meltdown. Although it has made some marked improvements in its oversight of the financial industry, its glacial movement in implementing Dodd-Frank mandated reforms makes it quite clear that it is as reluctant to impose requirements on its regulated entities as the CFPB is zealous in dreaming up new and creative ways to protect the American consumer from himself.

So it’s big news whenever the SEC finally gets around to implementing Dodd-Frank requirements and even bigger news when, on balance, the proposal is one that makes a lot of sense. In fact, at the risk of insulting the CFPB, the proposal the SEC is reportedly finalizing today should nudge the CFPB to take a second look at its proposed revisions to HMDA regulations. Humor me a little bit and you will see where I am going on this one.

Asset-backed securities are a broad categorization of bonds comprised of pools of assets ranging from student loans to car loans to everyone’s personal favorite in the industry — mortgage backed securities. Purchases of these bonds are repaid with the revenue from consumer loan payments. These bonds are typically broken into tranches with more conservative investors getting less of a return but being first in line to get paid in the event that the loans start going delinquent.

As credit unions are painfully aware, in the pre-financial crisis days regulations permitted institutions like the corporate credit unions to rely on ratings agencies when deciding whether or not it was safe to buy an asset backed security like one comprised of mortgage loans. With 20-20 hindsight, we all know that this assumption was dangerously naïve. For the last several years, the question has been with what should the old system be replaced? New regulations require that institutions, including credit unions, no longer rely exclusively on rating agency determinations when buying securities, but as I have complained in previous blogs, it is unrealistic to think that most institutions have the expertise or access to information necessary to make the type of decisions for which they relied on the rating agencies. In addition, remember that all this is taking place against the backdrop of litigation in which credit unions have billions of dollars at stake in which the primary issue is the extent to which the bundlers and underwriters of mortgage-backed securities knowingly provided inaccurate information when selling securities that faded quicker than the Yankee’s playoff hopes. (Hey, at least we have the Jets and Giants to look forward to…Right?).

According to several news reports, the SEC will be finalizing regulations mandated by Dodd-Frank that require the issuers of asset-backed securities to provide more loan-level data about the assets that are being bundled and sold into securities. As a result, before an institution purchases a mortgage-backed security, for example, it will be able to examine the individual mortgage loans comprising the security.

Similar proposals have been floating around since 2010. So why the holdup? According to press reports, privacy groups have been concerned about how regulators planned on protecting such a huge treasure trove of personal financial data and a way that protects the individual homeowner. These are, of course, legitimate concerns, particularly since hackers have demonstrated on an almost daily basis that it is about as easy to steal computer-protected data as it is to find a first-term Senator who thinks he should be President. As legitimate as this concern is, the benefits of the proposal far outweigh its harms. By putting buyers on notice that the information is available to assess a loan’s quality, we’re creating a mechanism to improve credit quality before bonds go bad as opposed to trying to deter recklessness almost exclusively with after-the-fact law suits.

So where does HMDA and the CFPB come in? Currently, the agency that never sleeps called a Bureau has out for public comment proposed revisions to Regulation C, which implements HMDA. These mandate that you log information about mortgage loans you provide. Dodd-Frank gives the Bureau the authority to mandate the creation of a truly universal loan identifier. In an ideal world, regulators and lenders could track every loan from its creation to its payoff.  This would benefit housing advocates who believe that, with just a little more information, they can prove that lenders are somehow to blame for every mortgage not given to anyone who wants one and every foreclosure that takes place. It would also benefit lenders, many of whom already have to comply with unique loan identifier requirements if they participate in the MERS system. But the Bureau notes in the preamble that it isn’t planning a formal universal identifier proposal at this time. It should reconsider.

Given the nationalization of mortgage finance and the benefit to the financial system of insuring that all parties to complicated financial transactions have as much information to perform adequate due diligence as possible, the CFPB should consider speeding up its timeline for implementation of a universal loan identifier system. I understand that this process won’t be quick but the sooner a mortgage tracking system is implemented the sooner consumers and lenders can benefit from a more transparent lending system and resulting efficiencies.

On that note enjoy your day and, if you are in the Albany area, I’m giving you permission to leave early and take advantage of this beautiful weather while it is still around.

 

 

 

 

 

 

August 27, 2014 at 9:31 am 1 comment

Older Posts


Authored By:

Henry Meier, Esq., Associate General Counsel, Credit Union Association of New York

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 338 other followers

Archives


Follow

Get every new post delivered to your Inbox.

Join 338 other followers