A Thursday Morning Hodgepodge

Believe it or not, Christmas is only a week and a half away. Today’s news has me thinking that a lot of policymakers want to clean off their desks before they take their long winter naps.

NCUA to Consider RBC Compliance Extension

The NCUA Board holds its last meeting of the year today. Among the issues to be discussed is a final rule on risk-based capital. In July, NCUA proposed a second extension of its risk-based capital rule to January 2022. During this time, the NCUA Board will be further analyzing additional changes to the RBC rule, as well as considering the extent to which supplemental capital could be used to satisfy RBC requirements. This further delay is an addition to the NCUA’s earlier decision to raise the threshold level for RBC compliance from $100 million to $500 million. Why doesn’t NCUA just admit that the whole RBC idea was fatally flawed and scrap the whole thing?

CFPB Director Looks Back on First Year in Office

CFPB’s Director Kathy Kraninger used an opportunity before the National Association of Attorneys General to reflect on her first year and comment on some pending big-ticket items. She indicated that while her mind is still open to suggestions, the CFPB is taking a serious look at changing the payday lender regulations finalized in the closing days of the Cordray reign by scrapping the requirement that payday loans be subject to underwriting requirements. Keeping in mind that this is one man’s opinion, for you fans of the Cordray administration, you have to admit that Kraninger has been a refreshing change from the interim oversight of her former boss Mick Mulvaney. Let’s face it; it was always strange to have someone vehemently opposed to a Bureau to be in charge of it. As for us more moderate types, Kraninger has struck the appropriate balance between enforcement, regulation and common sense, which means that she hasn’t ignored the potentially negative impacts of well-intended regulations. I’m sure she is ecstatic to know that I have given her my stamp of approval.

NY Senate Republicans Dropping Like Flies

It was Watergate that condemned New York’s Assembly Republicans to permanent minority status, and it increasingly appears as if the election of Donald Trump will be dagger in the heart of the New York State Senate Republicans, at least if they ever thought they would have a chance of once again being in the majority. As of my last count, we are now up to as many as eight Republicans who have announced they either will not run for reelection or seek other seats. This is an amazing turnaround for an institution which not long ago was the best place for a Republican to be, short of statewide office.

The latest longtime senator to announce his departure is none other than Joe Robach of Rochester. He joins North Country’s Betty Little, Western New York Senator Michael Razenhofer and the Capital Region’s Joe Amedore. In addition, freshman Central New York Senator Bob Antonacci jumped ship and secured a judgeship. Further, Senators Chris Jacobs and Rob Ortt are both running for Congress. Remember folks, this is on top of the fact that the GOP is already down to 23 senators. The recent wave of retirements raises the real possibility that the Senate democrats will join the Assembly democrats in having supermajority control in both chambers. This may not seem like a big deal, but it gives the legislative leaders that much more leverage in negotiating against governors when they know they can override vetoes in a worst-case scenario.

December 12, 2019 at 8:55 am Leave a comment

Just What Does Your Cyber Policy Protect You Against in the First Place?

Have you come to work recently and gotten an e-mail from your boss requesting that you take out large amounts of money in either transfer funds or gift cards with a promise for reimbursement? I have, as have many other people in the industry. Now, imagine if one of these scams cost your company almost $2 million. Does your credit union have insurance to cover these types of losses? Even if it does, how confident are you that you understand the fine print of the policy that you are paying for?

Keep in mind the joint statement issued by the Federal Financial Institutions Examination Council (FFIEC) last year putting all financial institutions on notice that they should consider acquiring cyber insurance policies, but that doing so does not alone alleviate your independent obligation to protect your credit union from cyberattacks.

With that long-winded lead in, the case I want to tell you about today was recently decided by the Court of Appeals for the Eleventh Circuit. This case underscores just how fact-sensitive cybersecurity insurance is and will remain for the foreseeable future.

Imagine being Loann Lien, the controller for a company called Principle. At 9:10 AM, she receives an e-mail from the company’s managing director informing her that the company has been secretly working on a “key acquisition” and asking her to wire money needed to complete the agreement as soon as possible. She was even told to give her full attention to outside attorney Mark Leach, who would be providing additional instructions. Sure enough, five minutes later, she received an e-mail from Leach, allegedly a partner at a London-based law firm. Lien dutifully tells the attorney that she could wire the $1.7 million. Lien then works with another Principle employee to prepare the transfer, but before the wire can be executed, Wells Fargo, pursuant to its fraud prevention policies, asks for verification that the transfer was legitimate. Lien then confirms with Leach that her boss had in fact approved the transaction and the wire goes through. All this took place within two hours of the first e-mail. Imagine then how Ms. Lien felt when she was chatting with her boss about the transfer the next day only to be informed by him that not only did he not authorize a transfer, but that he was not even working the day before.

Fortunately for the company, it had a commercial insurance policy. The policy covered “losses resulting directly from a fraudulent instruction directing a financial institution to debit Principle’s transfer account and transfer, pay or deliver money from that account.” Unfortunately, its insurer, Ironshore, denied coverage. It made two principal arguments. First, the losses did not result directly from a fraudulent transaction because Leach conveyed the necessary details to Lien after the initial e-mail. Furthermore, the money was not transferred until the company followed Wells Fargo’s instructions. Ironshore then argued that the transaction which took place was not actually fraudulent. After all, it was actually the company and Wells Fargo that executed the transfer following their own policies and procedures.

This is the type of argument that makes normal people hate lawyers, and that lawyers love. Fortunately for those of you holding insurance policies, two of the three members on the Court of Appeals rejected Ironshore’s arguments. To the court, the e-mail clearly constituted a fraudulent instruction and it was the proximate cause of the loss. In other words, it wasn’t going to interpret the policy as only applying when a fraudulent e-mail directly and independently leads to a wire transfer. Legally, this is a much closer call than it may appear to be, and the senior judge of the circuit wrote a dissenting opinion agreeing that the transfer was fraudulent but that the e-mail did not actually cause the harm for which Principle sought coverage.


December 11, 2019 at 9:23 am Leave a comment

State Establishes Framework for Hemp Related Products

Late yesterday evening, we received word that the Governor had signed important legislation which creates a state-level framework for the expanded production of hemp and authorizes products derived from hemp to be legally sold on the state level. The bill takes effect on March 8, 2020.

For credit unions, the bill provides a further comfort level when it comes to opening accounts not just for hemp manufacturers, but for businesses which specialize in selling hemp-related products in the more general sense. The distinction is a key one because, to its proponents, hemp can be used in just about everything ranging from nutritional supplements to hair and beauty products.

Along with the bill signing, the Governor announced plans to hold a “summit” in January to discuss issues related to hemp and marijuana.

The bill is an important step in the right direction. As I explained in this blog, the USDA recently came out with temporary regulations establishing a framework for the federal approval of hemp manufacturing in states where it is already legal. As with so many other developments in this area, the state’s legislation brings to the forefront continuing tension with federal law. The 2018 legislation which removed hemp as a schedule I drug explicitly permitted the US Food and Drug Administration to make an independent determination regarding the proper regulation of hemp-derived products. To date, the agency has not indicated what its ultimate position on this issue will be. By establishing a state-level framework, the legislation brings forth the authority of the US FDA to preempt state law relating to this industry. The state is anticipating this concern by mandating that all the products and individuals licensed pursuant to this framework be New York entities. Whether or not this is enough to avoid federal scrutiny remains to be seen.

December 10, 2019 at 9:09 am Leave a comment

Credit Unions to Get More Relief From Remittance Transfer Rule

Good morning, folks.

Busy day today but I am in a particularly good mood because I got to watch the Patriots lose again. Do you realize this entire generation of New England football fans has never had to watch bad football?

Anyway, I wanted to give you a quick heads up on two issues involving the CFPB. First, on December 3rd, the Bureau proposed important amendments to the Remittance Rule. Many of you may recall that among the mandates contained in the Dodd-Frank Act was an amendment to the Electronic Funds Transfer Act creating a new section 919. The statute and resulting regulations created mandated disclosures for institutions that electronically transfer funds overseas. At the time these regulations were promulgated, I for one underestimated the impact that these changes would have on affected credit unions. Ultimately, the CFPB exempted credit unions and other financial institutions from the remittance transfer regulations if they provided 100 or fewer remittance transfers each of the previous two years.

So I have some good news. The Bureau is proposing raising the compliance threshold from 100 transfers to 500 transfers. In addition, for those credit unions that do have to comply, the Bureau is also increasing the number of institutions that can provide estimates of mandated disclosures. The Bureau is proposing to adopt a permanent exception that would “permit institutions to estimate the exchange rate for a remittance transfer to a particular country if, among other things, the designated recipient will receive funds in the country’s local currency and the insured institution made 1,000 or fewer remittance transfers in the prior calendar year to that country.”

One thing that hasn’t changed is the incredible suspicion that the new Bureau leadership engenders among democrats. On Thursday, Senators Elizabeth Warren and Sherrod Brown sent a letter to the CFPB questioning its intentions regarding publishing legal opinion letters at the request of individual companies. The senators expressed concern that even though the use of opinion letters may be appropriate in some instances, they should not be used to shield companies from complying with consumer protection laws. Frankly, the senator’s concerns are, at the very least, a tad premature.

First, even agencies have an obligation to follow the law. While we can all think of examples where this obligation has arguably been stretched to the breaking point, let’s wait to see what the Bureau says and does before assuming it will abuse its authority to interpret regulations. Secondly, agency opinion letters can provide a useful mechanism to address arcane and legalistic regulations and, in so doing, provide much needed guidance to industry participants. Frankly, I think it is unfortunate that both the NCUA and New York’s Department of Financial Services have greatly reduced the number of opinion letters they produce.


December 9, 2019 at 8:53 am Leave a comment

Banks Cynical Love Affair with the CRA

I want to dedicate this blog today to the banking industry. In spite of the fact that as recently as 2018, they were urging banking regulators to reform and streamline the Community Reinvestment Act (CRA), they have now seen the light. They love the statute and its regulations so much that they think it should also be made applicable to “large” credit unions. Surely, they are not so cynical that they secretly continue to believe that the CRA is an over burdensome mandate, and actually are advocating for the CRA to be imposed on credit unions because they think it might hurt credit unions and muddy the water between the important regulatory and legislative distinctions separating banks and credit unions. That would be like the president of the United States criticizing the Vice President’s son for working with a Ukrainian company while at the same time urging his personal lawyer to work with some of those same officials. Surely, our politics haven’t become that cynical.

Perhaps it is a simple misunderstanding. The newest talking point is that somehow, as credit unions grow, the CRA becomes more relevant to their existence. However, a look at the history behind the CRA demonstrates that it was not imposed on banks in 1977 because banks had grown big. The CRA was passed because by that time, banks of all sizes had intentionally discriminated against minority neighborhoods and low income areas for decades. In other words, the CRA was recognition that a for-profit banking charter did not adequately incentivize banks to do the right thing.

In contrast, credit unions have no such history of intentional discrimination. As a matter of fact, credit unions were created to counteract the discriminatory practices of banks, and today, more than half of the federally chartered credit unions in the country are low-income institutions serving an area in which “a majority of its membership (50% + one member) qualifies as Low-Income Members.”

I also find it odd that the banks now whole-heartedly support the CRA even as they take steps to make it as difficult as possible for credit unions to serve communities in need of resources. For example, New York State has for two decades encouraged banks to work with poor communities to apply for the creation of Banking Development Districts. The basic idea is that in return for committing financial resources to areas in need of banking services, the banks receive incentives including low interest public deposits. Despite the fact that the banking industry is so concerned about the needs of low income communities, it has steadfastly opposed extending the program to credit unions. Fortunately, this year, the legislature passed the bill and we are awaiting action by the Governor. Perhaps given the new-found commitment on the part of the banking industry to community investment, they are actually supporting credit unions, and I just haven’t seen their memo in support.

At the end of the day, the banks latest love affair with the CRA is so transparently cynical that it won’t gain the traction it needs to become a serious threat to credit unions based solely on bank lobbying efforts. As I said before and will say again, the real threat to credit unions comes not from legislators influenced by the banking lobby, but from the more liberal wing of the Democratic Party, which has shown signs of becoming impatient with the efforts made by the credit union industry. Their concerns are not cynical, and deserve to be addressed on their merits. Credit unions don’t need CRA to be coerced into doing the right thing, but there isn’t a credit union in the country that shouldn’t be able to explain to its senator or congressperson how it uses its tax exemption to serve members in general and persons of modest means in particular.

December 6, 2019 at 9:43 am 1 comment

Devastating Toll of Elder Financial Crimes Highlighted in FinCEN Report

The last six years have seen a dramatic rise in the filing of Suspicious Activity Reports (SARs) related to elder financial crimes according to a report released by FinCEN on Wednesday, which tracked the number of SARs tracked between 2013 and August 2019. Even assuming that part of this rise reflects increased sensitivity to the issue by financial institutions, the statistics underscore just how sickening this trend is, and how it is likely to continue for the foreseeable future.

For example, FinCEN reports that the amount of money stolen by individuals in on the rise. According to studies, FinCEN cites “$50,084 as the average activity amount and $15,964 as the median amount.” In other words, billions of dollars are being stolen annually from vulnerable seniors, precisely when they are most in need of these funds.

While the report is instructive and important, there is little else in it that will come as a surprise to anyone who has tracked the issue. For example, financial crimes often involve manipulation by trusted third parties or relatives. Statistically, these are the types of circumstances that will most likely involve your credit union. In contrast, scams such as those, in which a friend or relative calls in need of transferred funds typically utilize money service businesses.

Reports like these understandably pull at the heartstrings, and many legislators have taken steps to deal with the issue. However, let’s keep in mind that the report also underscores that we already have a framework in place to report suspected abuse. What I would like to see is stricter distribution of SARs involving elder financial crimes to law enforcement and district attorney offices. There is no need to reinvent the wheel, and these types of changes can be done without the need for additional legislation.

Georgia Senate Pick has FinTech and NY Connection

Georgia Governor Brian Kemp announced that he has chosen Kelly Loeffler to be Senator Isakson’s replacement following his retirement from the United States Senate. Once you get beyond all the standard political gobbledygook, the pick is intriguing because, as Law360 pointed out this morning (subscription required), she comes to the Senate with extensive knowledge of digital coin issues. She secured a trust charter from New York’s Department of Financial Services to offer bitcoin future contracts that were traded on the Intercontinental Exchange. As one legal observer commented to the website, it “will be very powerful to have a Senator who is absolutely conversant in this area and really knows the details.” Of course, no matter how knowledgeable she is about one of the most important emerging fields, it remains doubtful that her expertise will be utilized in creating legislation anytime soon given the tribalism that has consumed national politics.

December 5, 2019 at 8:41 am Leave a comment

Important Guidance on Issues Ranging from Data Underwriting to Hemp

It may be December, but yesterday was one of the busiest days in months for those of us who specialize in tracking regulatory issues. Here are some of the most important developments.


Joint “Statement” on the Use of Alternative Data Released

The federal financial banking regulators, including the NCUA and CFPB, issued an important guidance yesterday detailing baseline expectations for the use of alternative data in underwriting decisions. The statement is not important so much for what it says, but simply because it says anything at all. It represents the first attempt by regulators to establish regulatory expectations for the use of alternative data as computer algorithms make it possible for financial institutions to consider a huge volume of seemingly unrelated data points in making underwriting decisions.

Not surprisingly, the regulators stressed that while the use of alternative data provides new opportunities for both borrowers and lenders alike, “as with prior developments in the evolution of underwriting … data and analytical methods also raises questions regarding how to effectively leverage new technological developments” that are consistent with applicable consumer protection and fair lending laws.

Interestingly, the regulators highlight the increasing use of cash flow analysis, which they state “may be particularly beneficial for consumers who demonstrate reliable income patterns over time from a variety of sources rather than from a single job.”

Readers of this blog should not be surprised to know that regulators expect financial institutions using data analytics to undertake a “thorough analysis” of the data being used and the potential risks of not complying with relevant consumer protection laws. Whether or not it is actually possible to strike that balance remains to be seen, but that is a blog topic for another day.

By the way, I put “statement” in quotes because it is not entirely clear to me whether a statement is to be given even less deference than a guidance, and if so, whether or not it is prudent for any of you to even worry about this distinction.

Another Day, Another CU-Bank Merger

Here is another log for credit union opponents to throw on the fire. The American Banker is reporting this morning that Suncoast Credit Union in Tampa, FL has agreed to a purchase and assumption of the assets of $747 million Apollo Bank in Miami. The American Banker points out that this relatively large transaction marks the 16th credit union acquisition of bank assets this year. Predictions suggest that even larger banks will be purchased by credit unions next year. Although this trend reflects the individual decisions of credit unions and their boards, the consequences will affect the industry as a whole. It is time for all of us to better refine those talking points when it comes to explaining why these mergers are occurring, and why they are consistent with the credit union charter.

Guidance Issued on Hemp Banking

The NCUA was not among a group of regulators who issued a joint guidance with FinCEN yesterday detailing BSA obligations for financial institutions that provide services to hemp-related businesses. Most importantly, the guidance emphasizes that hemp banking is now subject to the same SAR reporting requirements as any other type of business. That being said, a well-run compliance program involving hemp growers is much more complicated than your average business.

New York State’s SAFE Act Guidance

Last but not least, on November 24th, an important provision of S2155 took effect. Specifically, section 12 U.S.C. 5117 grants federally registered mortgage loan originators who are seeking state-level licenses or seeking to be qualified in another state temporary authority to act as loan originators. Currently, someone who originates for a federally chartered bank or credit union must be registered with New York State, but does not have to be licensed as a mortgage loan originator. The problem is that when these individuals become employed by mortgage bankers, there can often be a delay of several months before their state-level licensing takes effect. The law now permits individuals licensed in other states and individuals previously employed in federally chartered institutions to obtain a temporary license. New York State has not promulgated formal regulations, but here is a link to a very concise guidance the state has issued on the subject.

December 4, 2019 at 9:18 am Leave a comment

Older Posts

Authored By:

Henry Meier, Esq., Senior Vice President, General Counsel, New York Credit Union Association.

The views Henry expresses are Henry’s alone and do not necessarily reflect the views of the Association. In addition, although Henry strives to give his readers useful and accurate information on a broad range of subjects, many of which involve legal disputes, his views are not a substitute for legal advise from retained counsel.

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 628 other followers