Posts filed under ‘technology’

Developments Over The Weekend You Need To Know About

There have been some important developments over the weekend that you need to know about.

First, state and federal banking regulators, including the NCUA, issued a joint statement yesterday encouraging financial institutions to work with borrowers “who are or may be unable to meet” payment obligations because “of the effects of the COVID-19”. In addition, the regulators conferred with the Financial Accounting Standards Board and confirmed that credit unions can take these steps without automatically characterizing them as Troubled Debt Restructurings (TDRs) for accounting purposes. According to the statement “regardless of whether modifications result in loans that are considered TDRs or are adversely classified, agency examiners will not criticize prudent efforts to modify the terms on existing loans to affected customers”. This is a good statement to keep in the files.

Second, common sense has prevailed. In response to an emergency declaration issued by President Trump on March 13th, NCUA issued this guidance allowing credit unions to conduct virtual annual meetings provided that certain conditions are met. It also reiterates that credit unions have the option of postponing the annual meeting. Incidentally, an earlier order issued by New York State also gives corporations and credit unions the explicit authority to conduct virtual, annual and special meetings.

Third, an Executive Order issued by New York’s Governor Cuomo clarified what the DFS expects financial institutions to do in response to the pandemic. The order also makes clear that this mandate only applies to state chartered and state licensed institutions. This means that a federal credit union is not subject to this order but its CUSO is. For those of you subject to New York law, the order stipulates that a financial institution that does not provide a 90-day mortgage forbearance to any person or business who has a financial hardship as a result of the COVID-19 pandemic where it would be prudent to do so shall be committing an unsafe and unsound business practice. This is not guidance. It is a mandate. When in doubt, grant the forbearance. The order also empowers DFS to regulate and restrict ATM fees, overdraft fees and credit card fees during this emergency. This will be done pursuant to emergency regulations.

Fourth, there are two other orders you may have missed that impact your credit union whether it is state of federally chartered. The first permits electronic notarization. This is a huge potential benefit to your members who are nervous about going into your branch. Secondly, New York State has suspended all statutes of limitations in civil actions. This means that even though the court system is all but shut down it will not prevent you from taking legal action against members from whom debts need to be collected or mortgages foreclosed on once the emergency period has ended.

Finally, my wife assures me that liquor stores are classified as essential services under New York’s stay-at-home-order. I don’t know about anyone else, but a couple of months of cabin fever combined with non-stop regulations is the perfect recipe for a five o’clock drink. Have a good day and stay safe.

March 23, 2020 at 9:41 am 1 comment

Can you Postpone Your Annual Meeting?

Judging by the number of people that asked the Association this question yesterday, I would hope that NCUA would shortly be coming out with guidance and other related issues. That being said, here is my opinion, which is of course, not a substitute for consultation with your attorney.

  1. Can my credit union postpone its annual meeting?

Yes it can. Under both Federal and State law, board members and officers have a fiduciary obligation to work in the best interest of the credit union (see Grand Union Mount Kisco Employees Fed. Credit Union v. Kanaryk, 848 F. Supp. 446, 457–58 (S.D.N.Y. 1994); 12 CFR 701.4. Furthermore, while NCUA decided to put its bylaws in its regulations a little more than ten years ago, it is important to understand that the bylaws are ultimately a framework in which the board carries out its obligations.

Against this backdrop, it is my humble opinion that while you should hold your annual meeting on the date and time prescribed in your bylaws whenever practical, you have the obligation to change plans when doing so is mandated by common sense public health concerns. In this case you have the right and maybe even the obligation to postpone the annual meeting to confront a public health crisis. After all, one of the goals of NCUA is to encourage participation in annual meetings and as a board member you have an obligation to make decisions which you believe are in the best interest of your membership.  No one should have to choose between putting their health at risk and attending a meeting which can be postponed.

2. Can we hold a virtual meeting?

Unfortunately the answer to this question is not as cleat cut as it should be. NCUA recently updated its bylaws and explicitly rejected a proposal to give credit unions the option of holding virtual meetings. The preamble to the final rule explained that a movement towards completely virtual meetings could actually disenfranchise some members. CUNA has requested guidance from NCUA on this very issue. For state chartered credit unions in New York you have more flexibility to interpret and implement your bylaws. I would use that flexibility to permit virtual meetings in this particular circumstance.

3. If we suspend the annual meeting, how will this impact our board elections?

That depends. If your credit union accepts nominations to the board at the annual meeting then I would argue that the election can’t be held until the annual meeting. After all, the board has an obligation not to disenfranchise its members. But if you’re like the credit union I was talking to yesterday, nominations can only be made by the board nomination committee and by petition. The time period for these nominations has passed and only incumbent board members are seeking reelection. In this case there is no need to extend the nomination period simply because the annual meeting will be postponed. After all, members had adequate time to run for the board and chose not to.

These are unique times. School districts are shutting down. Entire countries are being quarantined and President Trump is actually reading entire speeches off a tele-prompter. The purpose of this blog is not to provide definitive answers where there are none, but to underscore the flexibility your credit union has to implement its regulations in a way which both is true to the intent of your bylaws while being consistent with your obligations to work in the best interest of your members. This is the prism through which I believe regulators should, and courts ultimately would, examine your decisions.

March 13, 2020 at 9:52 am Leave a comment

Gillibrand Proposes Data Protection Agency

Data protection is the legislative equivalent of the weather: everyone talks about it but no one does anything about it. So I was pleased to see that Senator Gillibrand unveiled a bold proposal yesterday to create a Data Protection Agency.

As of ten minutes ago the text of the bill was not yet available online but, according to her press release the DPA’s core responsibilities would be giving Americans greater control of their own data by creating and enforcing data protection rules—ensuring fair competition “within the digital marketplace” and preparing America for the Digital Age by advising Congress on emerging privacy and technical issues. This last proposal is a bit unsettling since I kind of thought that Congress knew we were already in the Digital Age and was reading up about it.

You don’t have to be Nostradamus to figure out that the agency would promulgate a California/European regulatory regime on companies and crackdown on potentially anti-competitive practices of Facebook, Google and Amazon. It would be overseen by a Director serving a five year term.

Now it’s way too early to say whether this is a good or bad idea. But let’s be honest, given the current political divide in Congress, this proposal has as much chance of becoming law any time soon as Donald Trump does of giving up tweeting for Lent. But in the eight years since U.S. Attorney for the Southern District in New York, Preet Bharara, warned of a WWII style cyber-attack against this country, the situation has only gotten worse, not better. We’ve grown so used to the idea of cyber breaches that news that the Chinese government stole personally identifiable information from almost half of America’s citizens is met with a shrug. Anything that wakes us up and gets us talking about taking on data protection issues on a national level is a step in the right direction even if some of the specifics need to be refined.

On that note, enjoy your Presidents’ Day Weekend. I will be back on Tuesday.

February 14, 2020 at 9:09 am Leave a comment

Why California’s Privacy Law doesn’t apply to your Credit Union

I’m more than a little surprised by how many credit unions outside of the great state of California are concerned that they have to comply with the California Consumer Privacy Act (CCPA). As states such as New York and California move to more aggressively assert their jurisdiction, and even international actors such as the European Union seek to expand the applicability of their laws, it’s important that credit unions look beyond the specific statute they are dealing with and understand the total legal framework in which they operate.

The CCPA is landmark legislation, which aims to give consumers control of their on-line information by, among other things, giving them the ability to make sure information is deleted and giving them greater control over which third parties have access to their data. It’s modeled after Europe’s GDPR. It’s a big deal for those businesses that have to comply with its mandates. But the reality is that the vast majority of credit unions outside of the great state of California are not subject to its requirements. This is not a question governed by California Law but by Article 14 of the U.S. Constitution.

For some background, §1798.140 of the CCPA provides that the law applies to entities that are “doing business” in California provided they meet certain thresholds. There is also an exemption for not-for-profit businesses but the way that term is defined it’s possible that these exemptions will not apply to credit unions when the regulations are finalized by the California Attorney General. Both CUNA and NAFCU have understandably asked for clarification as to how exactly California is going to define these terms.

But keep in mind that no matter how California seeks to interpret its own regulations, it is constrained in its ability to impose these far reaching requirements on out-of-state entities. As none other than RBG explained for the Supreme Court

A state court’s assertion of jurisdiction exposes defendants to the State’s coercive power, and is therefore subject to review for compatibility with the Fourteenth Amendment’s Due Process Clause. *919 International Shoe Co. v. Washington, 326 U.S. 310, 316, 66 S.Ct. 154, 90 L.Ed. 95 (1945) (assertion of jurisdiction over out-of-state corporation must comply with **2851 “ ‘traditional notions of fair play and substantial justice’ Goodyear Dunlop Tires Operations, S.A. v. Brown, 564 U.S. 915, 918–19, 131 S. Ct. 2846, 2850–51, 180 L. Ed. 2d 796 (2011)

This is not controversial. It is a bedrock legal principal embraced across the legal spectrum. This is why California Law stipulates that its state courts may exercise jurisdiction “on any basis not inconsistent with the constitution”. (Cal. Civ. Proc. Code § 410.10)

So how will you know if your credit union is doing business in California? This is a term of art, which means it will ultimately depend on the unique circumstances of each credit union’s operations. But as the Supreme Court has made clear, to establish that a company is doing business more has to be proven than the occasional, incidental and isolated contact with the state. This means that for your average credit union with specific fields of membership and concentrated almost exclusively within New York and maybe some neighboring states, California law will not apply. This will be true even if some of your members end up doing banking on the West Coast. The situation changes of course if your credit union actively engages in California. For example, if you have a field of membership that includes television actors, there is a good chance that your credit union engages in the type of continuous conduct from which a court could reasonably conclude that your credit union is doing business in the state.

Here is my suggestion; before your credit union starts complying with the CCPA, ask an attorney to do an analysis as to whether or not it actually does business in the state. Chances are this will be money well spent.

January 31, 2020 at 10:31 am Leave a comment

Why Robocall Crackdown Is Hurting Your Credit Union

Contrary to popular belief the biggest obsession in DC right now isn’t the impeachment trial; it’s auto dialing. While it’s hearting to see that the Democrats and Republicans can agree to something, the result of this bi-partisan obsession is that it’s trickier for your credit union to legally communicate with its members than it should be.

First we have yet another decision– Glasser v. Hilton Grand Vacations Co., LLC, No. 18-14499 (11th Cir. 2020)- interpreting what an auto dialer is for purposes of the Telephone Communications Protections Act. Remember, whether or not your credit union is subject to the TCPA is totally dependent on whether or not it is using an auto-dialer when it reaches out and touches someone. Law 360 is reporting that the 11th Circuit refused to allow an individual to go forward with this class action lawsuit claiming a violation of the TCPA.

The case got my attention because the court agreed with an earlier decision by the Court of Appeals for the D.C. Circuit which I have blogged about – ACA International v. Federal Communications Commission- which rejected an expansive interpretation of auto-dialer championed by our friends on the West Coast. The split between the circuits increases the likelihood that the Supreme Court will have to decide how to interpret the TCPA.

Of course, the more logical step would be for Congress to amend the TCPA to make sure that it outlaws abusive telemarketing as opposed to acting as a tripwire for class action lawsuits. But the odds of anyone in Congress voting for a bill which could be attacked as weakening the TCPA are about as good as Donald Trump being removed from office by the Senate.

All this is happening against the backdrop of heightened regulatory vigilance of auto dialers. For example, the DOJ is seeking to shut down two auto dialer companies that facilitated auto dialer operations based in New York and Arizona, which the government claimed specialized in ripping-off the elderly. In addition, regulators are continuing to review whether even more TCPA regulations should be amended. As a matter of fact, it was this comment letter from CUNA last night that got me thinking about this subject for today’s blog.

There is a reason I am providing you with this parade of horribles. No one likes robocalls, or has sympathy for companies that facilitate shams intended to pressure people into giving up their money. But there are legitimate businesses, such as credit unions, which use this technology every day to communicate with their members about legitimate topics. The current frenzy has regulators using a hatchet to deal with legitimate issues when they should be using a scalpel. I don’t see this ending any time soon. So for those of you who haven’t done so already, take a good look at the type of technology you are using and start thinking of ways that you can avoid getting caught in the regulatory dragnet.


January 30, 2020 at 9:43 am Leave a comment

Another Ruling Upholds USAA’s RDC Patents

I can’t stand country music, but I love poker, and in litigation, as in poker, Kenny Rogers has a point when he says you have to know when to hold ‘em, and when to fold ‘em. This ditty comes to mind this morning as I’m thinking of how best to give you a heads up about the recent jury verdict that once again found that Wells Fargo willfully violated USAA’s remote deposit capture patents. Considering that both of these verdicts open the door to treble damages, the bank could  face more than $1 billion in damages as it continues to engage in its high-profile litigation over who has a legitimate claim to use and license RDC technology.

As I’ve explained before, most credit unions offer RDC technology pursuant to a third party agreement with Mitek Systems. Mitek brought a lawsuit against USAA seeking a ruling that it has not violated USAA’s patent. In an order issued yesterday, the federal judge overseeing the California case scheduled a hearing on USAA’s motion to dismiss for March 5, 2020. This case is absolutely crucial to credit unions. While Mitek has contractually agreed to indemnify most of the users of its RDC technology against claims of patent violations, the reality is that the sheer volume of potential claims raises the possibility that Mitek will not be able to honor its obligations.

All of which brings me back to Kenny Rogers. At the end of the day, USAA is looking to license and receive payment for the use of RDC technology from credit unions and banks. With the usual caveat that this is not legal advice, and I am certainly not a patent attorney, your credit union should at least be considering whether it’s time to cut a deal. The good news is that there are mechanisms available which allow you to pool your resources with other institutions to minimize the cost. The downside to taking that approach is that if Wells wins on appeal, or Mitek is successful in its litigation, you may end up spending money unnecessarily.

By the way, there’s a lot more that I could talk about today, but time is running short, so read tomorrow’s blog for more exciting credit union news. How’s that for a teaser?

Correction-Earlier versions of this post mistakenly said that  BOA, not Wells Fargo, was the defendant in this litigation.    


January 16, 2020 at 9:44 am Leave a comment

Cybersecurity, Escrow, Conversions and Football Highlight a Busy Few Days

DFS Issues Cybersecurity Risk Alert

In a depressing sign of the times, New York’s Department of Financial Services has issued a cybersecurity risk alert informing credit unions that, given the recent assassination of Soleimani and Iran’s demonstrated capabilities and willingness to engage in cyberattacks against financial institutions, “US entities should prepare for the possibility of cyberattacks.”

DFS points out that in 2012 and 2013; Iranian sponsored hackers launched denial of service attacks against US banks. Consequently, it “strongly recommends that all regulated entities heighten their vigilance against cyberattacks.”

Another Credit Union Converts

Hudson Heritage Federal Credit Union has officially announced its conversion to a state charter. Regardless of whether or not a conversion is in your credit union’s plans, it is great to see DFS take the steps to make the state charter a viable option for credit unions, and banks for that matter and credit unions respond positively to these developments. Remember, a viable state charter is in everyone’s interest.

Are You Prepared for Life Without Interest on Your Mortgage Escrow Accounts?

States like New York and California have long had laws mandating that financial institutions pay interest on mortgage escrow accounts, but prior to the Dodd-Frank Act, it was settled law that these state mandates could not be applied to federally chartered institutions. That is changing.

First, let me stress that if you are a federally chartered credit union not currently providing escrow interest, you are currently under no obligation to do so. That being said, however, the signs are mounting that this privilege may not last much longer, and I do think it is worth a bit of your time to start assessing the financial impact that this change will have on your credit union.

Why so glum? As I previously blogged, a lawsuit that came about after Dodd-Frank argued that preemption of escrow accounts no longer applied to federally chartered institutions. As a result, the bank in question was violating the law by refusing to pay interest to the disgruntled plaintiffs. California’s escrow requirement is very similar to New York’s. On Thursday, this lawsuit was settled with Bank of America agreeing to pay $35 million in damages to the plaintiff class, led by Donald Lusnak (subscription to Law360 required). Additionally, it has already started paying mortgage escrow.

This is all happening as a similar lawsuit; Hymes v. Bank of America, is being litigated in New York State Federal Court.

Why Can’t We Use Technology to Figure Out When a Football Crosses the Goal Line?

This is the great question I was pondering this past weekend as I was watching one of the four playoff games, in which the refs were being forced to determine if a running back managed to get the ball over the goal line while maintaining control as he was being assaulted by a group of freakishly fast, oversized athletes. Frankly, if soccer can figure out within less than an inch whether a goal has been scored, and tennis uses similar technology to tell if the ball is in or out, why can’t the NFL do the same?

Just wondering. Enjoy your day.

January 7, 2020 at 9:19 am 1 comment

Older Posts

Authored By:

Henry Meier, Esq., Senior Vice President, General Counsel, New York Credit Union Association.

The views Henry expresses are Henry’s alone and do not necessarily reflect the views of the Association. In addition, although Henry strives to give his readers useful and accurate information on a broad range of subjects, many of which involve legal disputes, his views are not a substitute for legal advise from retained counsel.

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 653 other followers