The most interesting statistic I heard last week at the Association’s annual Northeast Economic Forum was that 48% of new mortgages last year were originated by nonbanks. Technology has come to mortgage lending and the companies that emphasize electronic mortgage applications and processing are beating the pants off lenders that rely on having people apply at their brick-and-mortar branches.
I was thinking about this factoid this morning as I read an interview with the OCC’s General Counsel, Amy Friend, in the American Banker. The OCC is rolling out plans for creating a special charter for fintech companies. Now here is a regulator that sees the writing on the wall and wants to remain relevant.
Why would companies want to be regulated by the OCC? The OCC says that the idea has appeal to a lot of companies that don’t want to be regulated by fifty different state regulators. Anyone who has taken a look at New York’s proposed cybersecurity regulations can understand why.
She explains that “We can provide a single charter with some uniformity, and that makes it very appealing. But, we also take that authority very seriously, and understand its implications. The comptroller has made it clear that if we decide to grant a national charter in this area, the institution that receives the charter will be held to the same high standards of safety, soundness and fairness that other federally chartered institutions must meet.” She further explains that institutions might want to get both a traditional bank charter and take deposits in which case they will also need to be regulated by the FDIC. Why not the NCUA as well?
The plan is still in the conceptual stages but in March the OCC released a white paper on supporting financial innovation in the banking system and last month it proposed regulations clarifying its authority to wind-down bankrupt non-depository financial institutions that are not insured by the Federal Deposit Insurance Corporation . The regulation is seen as a first step in explaining how the OCC could oversee bankrupt Fintech charters.
More on Navy
In Thursday’s blog I highlighted the CFPB’s consent order against Navy Federal and the impact it could have on credit unions who suspend services to members who have caused them a loss. Judging by the number of readers I really hit a nerve.
According to the Bureau, it was an unfair and deceptive practice for Navy to freeze electronic account services to members who were delinquent on loan payments. That simply isn’t true-at least according to the NCUA. To add a little fuel to the fire here is a 1997 opinion from the NCUA in which it explains that credit unions may restrict services to members who are delinquent:
“In the past, we have allowed for suspension of services when the member caused a loss as a result of bankruptcy, an NSF check or a charged-off loan, but we have never addressed the issue of a delinquent loan. You advise that a delinquent loan increases the FCU’s collection costs resulting in a loss to the credit union. As long as the FCU has a rational basis for limiting services, we would have no legal objection.”
So how can Navy be fined, in part, for adopting practices explicitly authorized by its primary regulator for almost thirty years? Is this another example of CFPB overreach? Inquiring minds want to know.
On Tuesday the CFPB announced an enforcement order against Navy Federal Credit Union for engaging in unfair and Deceptive collection practices against delinquent members whose accounts were delinquent. One of the violations cited by the Bureau raises questions about one of the most fundamental precepts of credit union law: The right to restrict services to members who have caused a loss.
According to the Bureau, Navy engaged in Unfair and Deceptive Practices by denying electronic account access and services for about 700,000 accounts after members became delinquent on a Navy Federal Credit Union credit product. As explained in the press release “ This meant delinquency on a loan could shut down a consumer’s debit card, ATM, and online access to the consumer’s checking account. The only account actions consumers could take online would be to make payments on delinquent or overdrawn accounts.”
To be clear, this practice was just one of a group of hardball collection practices some of which, if true, violated the Fair Debt Collections Practices Act. But the CFPB’s finding on Navy’s account practices is hard to square with one of the bedrock rules of credit union land. As the NCUA has explained in opinion letters over the years . “Long standing legal interpretation is that an FCU may limit services to a member who has caused a loss” so long as the member retains the right to vote at the annual meeting and maintain a share draft account.
Against this backdrop, If a member has caused Navy a loss then how is it unfair and deceptive to limit his use of electronic account services? Before yesterday I would have told you that electronic services are a privilege of membership, not a right.
If this is no longer the case then NCUA should put credit unions on notice of this fundamental policy shift. If the law hasn’t changed then NCUA should consult with the Bureau and explain how Navy’s actions are distinguishable from what other credit unions do and why. We need guidance…quickly.
You can be forgiven if, upon seeing the initial headlines yesterday morning that the CFPB was ruled unconstitutional, you allowed yourself to drift into a world of no TRID, no HMDA amendments and no short-term loan restrictions, and you are a little disappointed this morning with the news that, even with yesterday’s ruling in PHH CORPORATION, ET AL., PETITIONERS v. CONSUMER FINANCIAL PROTECTION BUREAU, RESPONDENT, No. 15-1177, 2016 WL 5898801,(D.C. Cir. Oct. 11, 2016), the Bureau that never sleeps is alive and well. In the short- term this decision, if it is upheld by the Supreme Court, will have no impact on your compliance burden.
But don’t be too depressed. The Court’s ruling is a significant victory for those of us who believe that Congress gave too much power to one person. It makes the Bureau more accountable to the political process and, by implication, potentially more receptive to the concerns of the credit union industry. It also clarifies some important RESPA issues that I will address in a future blog
The case dealt with the legality of a $109 million fine imposed on PHH by an administrative law judge after the CFPB alleged it was violating the anti-kickback provisions of RESPA. Originally PHH just wanted the fine vacated but in appealing the ruling it broadened its argument to challenge the constitutionality of the Bureau itself. It argued that the separation of powers mandated by the constitution was violated because the CFPB’s Director could only be removed by the President “for cause.” Congress has created, and the Courts have approved , independent agencies but these agencies have been overseen by boards of individuals; not a single director empowered to promulgate whatever rules and take whatever enforcement actions he or she deems appropriate.
The Court agreed. “The single-Director structure of the CFPB represents a gross departure from settled historical practice. Never before has an independent agency exercising substantial executive authority been headed by just one person.” It ruled that the CFPB as structured was unconstitutional.
But its remedy was as simple as its application of precedent was straightforward: Rather than disband the Bureau it simply invalidated that portion of Dodd Frank which stipulated that the Director could only be removed “for cause.” This means that the President could give Director Cordray his walking papers today, no questions asked.
Does this matter to you? In the long-term I think it does. I am fond of calling the Director the Benign Dictator of Consumer Protection. From now on credit unions can blame the president for not doing enough to distinguish between the Big Banks and credit unions. And it’s probable that an agency no longer insulated from politics will be more willing than the Bureau has been recently to listen to legitimate industry concerns before promulgating regulations in the first place.
Frankly, the Bureau has grown more arrogant and intrusive with each passing month. Anything that constrains the actions it can take is a step in the right direction.
NY Issues Incentive Based Compensation Guidance
The only regulator pumping out mandates quicker than the CFPB lately is New York State’s Department of Financial Services. That’s not a good thing for those of us who want to maintain a viable state charter.
Reacting to the Wells Fargo Account Opening Scandal, the DFS released a guidance yesterday on Incentive Compensation Arrangements applicable to state chartered banks and credit unions. Here is one of its highlights:
“The Department advises all regulated banking institutions that no incentive compensation may be tied to employee performance indicators, such as the number of accounts opened, or the number of products sold per customer without effective risk management oversight and control.”
On that note get busy implementing all those Bureau regulations. I hope I see you this week at the Economic Forum.
An international security consulting firm, has created quite the stir across the pond by reporting that hackers have already figured out not only how to steal biometric data from ATM machines but also how to commercialize the sale of devices facilitating its capture.
On September 22, 2016, Kaspersky Lab reported there are already at least 12 sellers offering skimmers capable of stealing victims’ fingerprints from ATMs. In addition, at least three underground sellers are already researching devices that could illegally obtain data from palm vein and iris recognition systems. By the way. this is in addition to reports demonstrating that it is possible for hackers to steal information stored on EMV chip cards.
The news caused one British regulator to write a letter to banks telling them to report on the steps that they are taking to secure biometrics. What makes this report so disturbing is that, whereas compromised ATM and credit cards can be reissued, you can’t change someone’s biometric data. If it really is as easy to steal this information as it appears it will be, then the use of biometric passwords will offer convenience to people like your faithful blogger, who is frustrated by an ever-growing list of passwords, but will be an expensive dead-end when it comes to security.
From now on I’m going to tell my wife to follow Kim Kardashian’s lead and take millions of dollars in jewelry with her wherever she goes instead of using a safety- deposit box. What could possibly go wrong?
The report also underscores just how behind the curve this country is when it comes to cyber theft. Merchants are merchants are still grumbling about the use of chip readers and a major Presidential candidate is encouraging cyber-hacking his opponent while Europe is already debating the merits of biometric security. I can’t believe that this is the best the country that created Google, Facebook and Microsoft can do.
Which brings me to my proposed one sentence guidance for all regulators , financial institutions and businesses to follow: “Every business must have a cybersecurity plan, but one which is tailored to its size, complexity and cyber vulnerability. Any mandate more prescriptive than this will be outdated in days and deny institutions the flexibility they need to weigh cybersecurity costs against other expenditures eating away at the bottom line.
Extended Exam Cycle, Right Around The Corner
NCUA announced yesterday that well managed credit unions with assets of less than $1 billion could move to an extended examination cycle, beginning next year, subject to board approval. The recommendation is among ten put forward by an agency working group on exam flexibility.
On that note enjoy your long weekend, I will be back on Tuesday!
Somethings are just meant to be. The Mets are almost always going to be no better than a slightly above average baseball team, destined to leave their fans in stunned disbelief like a bride left at the altar; payday loans will always be around: The question is how best to regulate them?
The NCUA took a shot at answering this question when it submitted a letter commenting on the CFPB’s Payday Loan proposal. It not only argues that the CFPB should categorically exempt PAL loans from these regulations but it also advocates for a numerical threshold below which financial institutions could make loans that are technically payday loans without complying with the regulation, thereby letting them avoid the underwriting and disclosure requirements proposed by the CFPB. The Association makes an almost identical argument in its comment letter to be submitted to the Bureau. Here is why a threshold makes sense.
Despite the CFPB’s best efforts, payday loans are, and will remain, the pornography of the financial industry: They can’t be defined, but you know it when you see it. In its extensive research on the payday lending industry, the CFPB makes a convincing argument that the industry’s business model is predicated on s customers getting into more and more debt. An industry that profits only if its customers are made poorer and more financially desperate is repugnant and should be regulated.
But not all short-term loans are predatory loans. For example, there are credit union CEO’s who don’t officially offer payday loan alternatives but who know and trust their members enough to give them a short-term loans when they are in a jam. No one is going to get rich of these loans. The problem is that unless the CFPB either exempts credit unions from these regulations, or at least allows them to make a certain number of short-term loans without having to worry about these regulations, credit unions will actually have less flexibility to provide emergency loans to those who need them. In other words, the CFPB should promulgate a regulation that goes after the Payday lending industry, not short-term loans. A numerical threshold accomplishes this goal.
The God Mother of the CFPB, Massachusetts Senator Elizabeth Warren, once compared bad financial products to defective toasters. She argued that, just like the government has the power to prevent companies from selling defective toasters, it should have the power to prohibit the sale of defective lending products. This analogy has always driven me nuts. A defective toaster helps no one but the costs and benefits of a loan ultimately depend on the circumstances of the person applying for it.
The CFPB needs to understand this distinction as it finalizes these regulations…….
On that note, your blurry eyed blogger is off to the start the day, having watched the New York Mets lose their last game of the 2016 season. I know you’re not supposed to enjoy watching other people suffer, but as a lifelong Yankee fan, I got the biggest kick out of watching all those shocked Met fans moments after a 3 run home run ended their season. By the way, this is the year the Cubs’ drought ends. This prediction is as solid as your best collateral.
The Bureau that never sleeps is at it again.
Yesterday it released final regulations extending basic account protections and to prepaid cards. The regulations take effect next October. The rule generally applies to general use reloadable prepaid cards. It is intended to provide card users with protections against loss and unauthorized use similar to those provided to credit card users.
Conceptually, Director Cordray has a point on this one. For an increasing number of Americans prepaid cards are their bank accounts. Right now these are the most unregulated consumer financial product in the country. It makes sense to ensure that they have the some of the basic rights and protections afforded to traditional account holders. As always. however, we wont know the regulation’s full impact until stakeholders have time to go over the 1,600 pages accompanying the final rule.
Incidentally in crafting the rule the CFPB spent a lot of time analyzing and discussing overdraft protections. For those of us who are convinced that it is only a matter of time before the Bureau enacts generally applicable regulations in this area you may want to look at an interesting discussion of overdrafts that begins on page 59 of the link I gave you. The Bureau points out that “Although Congress did not exempt overdraft services or similar programs offered in connection with deposit accounts when it enacted TILA, the Board in issuing Regulation Z in 1969 carved financial institutions’ overdraft programs (also then commonly known as “bounce protection programs”) out of the new regulation.” In other words the Bureau is well within its rights to impose further overdraft restrictions simply by amending Regulation Z.
Whether it should do this is of course another issue.
NCUA Issues Letter Detailing MLA Examinations
The NCUA released a letter to credit unions informing them that examiners will be expecting credit unions to make “reasonable and good faith efforts” to comply with the Military Lending Act now that the regulations have taken effect. This is the regulatory equivalent of giving an “A for effort “so long as a credit union is familiar with the regulation, is making an effort to implement it and has appropriate policies and procedures in place.
Remember your gumption might get you off the hook with NCUA but it doesn’t relieve you of your ongoing obligations to military personnel and their dependents.
Today is the first Monday in October; which means it is the first day of the new Supreme Court term; which means you get deluged with articles describing the year’s most important cases; which means that your faithful blogger doesn’t want to miss out on the fun.
Here is my sleeper pick for a case that could have a profound impact on the way the credit card system works and the way associations operate: Osborn v. Visa Inc., 797 F.3d 1057, 1061 (D.C. Cir. 2015), cert. granted, 136 S. Ct. 2543 (2016) .
Visa and MasterCard rules stipulate that no ATM operator may charge customers whose transactions are processed on Visa or MasterCard networks a greater access fee than that charged to any customer whose transaction is processed on an alternative ATM network. Thus as the appellate court noted, under the Access Fee Rules, operators cannot say to cardholders: “We will charge you $2.00 for a MasterCard or Visa transaction, but if your card has a Star or Credit Union 24 bug on it, we will charge you only $1.75.” A group of independent nonbank ATM operators and a consumer who paid debit card fees assert that these rules illegally restrain the efficient pricing of ATM services. They characterize the Access Fee Rules as constituting an “anti-steering” regime that prevents independent ATM operators from incentivizing cardholders to choose and use cards “that are more efficient and less costly than either Visa or MasterCard’s.”
On appeal, the court made two rulings that will be reviewed: (1) that the economic harm caused by consumers who had to pay higher ATM fees was sufficient harm to challenge the legality of the ATM fees and (2) whether card issuers have violated antitrust laws by merely agreeing to the Visa and MasterCard rules.
In other words, depending on how this case is decided the ability of card issuers to be on a level playing field with each other when it comes to honoring all card requirements could be in jeopardy. In addition, card issuers could face litigation over Visa and Mastercard rules not just from merchants and ATM operators but from disgruntled consumers, Finally, just how much can Association’s do in coordinating industrywide activity without running afoul of the antitrust laws? It may not be the type of case that gets the family arguing with each other over the dinner table but it could impact the way everyone reading this post does business.
What Would You Do If You knew You Had Five Minutes To Live?
That was the question posed by Rabbi Kenneth Berger in a Yom Kippur sermon he delivered in the aftermath of the Challenger shuttle tragedy in which the astronauts are believed not to have died until the shuttle crashed into the sea. The sermon was highlighted in this article over the weekend and I’ve been thinking about it ever since. Here is my favorite quote:
“The explosion and then five minutes. If only I… If only I… And then the capsule hits the water, it’s all over. Then you realize it’s all the same — five minutes, five days, 50 years. It’s all the same, for it’s over before we realize. “‘If only I knew’ — yes, my friends, it may be the last time. ‘If only I realized’ — yes, stop, appreciate the blessings you have. ‘If only I could’ — you still can, you’ve got today.”