Carl Pry, a Senior Advisor at Treliant, is a seasoned executive with banking law, corporate finance, and regulatory compliance experience in Fortune 500 institutions, regional banks and industry consulting firms. Carl advises clients on commercial compliance, fair lending, corporate treasury and risk management. Over the last 27 years, Carl has…
Regulatory compliance in the banking world has become much more complicated in the latter half of this decade than it ever was before, hasn’t it? Or does it just seem that way? Compliance has always been a career choice for those who like a dynamic, ever-changing environment (despite what your friends might say), but in these post- Dodd-Frank years, with all the political upheaval, it seems more important than ever to pay attention to the tea leaves. What will the important regulatory issues be in 2019? What do we have to look forward to in terms of new laws and regulations? What will examiners be looking at closely this year, and by extension, which areas deserve our time? Here are a few thoughts to consider:
What to Expect for New or Changing Rules
While by no means should this be considered a guarantee of what will happen this year (if I had that kind of crystal ball I’d be in a different business), there are a host of clues out there that serve as indicators of what we might expect this year. Some are more likely than others, but the following are areas where we might see new rules or changes to existing rules:
HMDA. For more than the past year, banks have been busy collecting data and preparing for submission under the new 2018 HMDA Rule for the first time, with all the new data elements and first-time reporting of open-ended lines of credit. It has proven to be quite a challenge, and as a result, the CFPB has stated it will reconsider the rule and its impact on compliance operations and the industry. There is the possibility there will be changes to some of the new data elements as the Bureau considers how useful these elements are to fair lending analyses by both regulators and the public. Keep in mind, however, that the CFPB can only make changes to those pieces and parts of the regulation that they amended pursuant to discretion granted to the Bureau by Congress in the Dodd-Frank Act. The aspects of the regulation that were altered or added because of changes to the HMDA statute by Congress would take further action by it, as opposed to unilateral CFPB action. However, the CFPB could “work around the edges” of some things by providing clearer guidance or by amending the Filing Instructions Guide (FIG), for example. Watch for a potential proposal, or at the very least a request for public comment, in 2019.
In addition, the CFPB has finally opined on what data elements will be made public as opposed to what data elements are for the regulators’ eyes only. This will have a critical impact on the types of fair lending analyses that the press, community groups, and banks’ competitors can perform. There is much more to be said about HMDA below, as technical compliance, along with fair lending implications, is one of the more important to-dos for 2019 for compliance professionals.
The CFPB’s Payday Lending rule. This is one of those rules that doesn’t have a tremendous impact on what most banks typically do, however for some time the CFPB has told the industry that changes were coming to its proposed rule. The ability-to-repay provisions of the rule will likely be significantly changed, if not scrapped altogether. Banks that offer short-term lending products that will be covered by this rule should pay close attention to what the Bureau does here.
[Note: speaking of the CFPB, it was good to see the Bureau announce they wish to continue to—or once again—be known as the CFPB, rather than BCFP or another name we’d all have to get used to all over again. That makes it easier on all of us!]
Debt Collection. The Dodd-Frank Act gave the CFPB authority to regulate debt collectors (including banks) and write an implementing regulation for the Fair Debt Collection Practices Act, or FDCPA. The Bureau has announced plans, potentially to issue a proposal early in 2019. There continue to be many questions around what such a regulation might look like, but at present it does not appear the CFPB will remove the exception from FDCPA coverage when banks (or other similar parties) collect their own debts. But the rules do need to be updated to cover issues like emails, texts, and other newer forms of communication.
Community Reinvestment Act (CRA) modernization. This promises to be one of the more well-publicized compliance news stories of 2019, just as it was last year. Of course the primary issue to be resolved before we see any meaningful reform is whether the regulatory agencies (OCC, Federal Reserve, and FDIC) can and will agree on what exactly to do. But some of the more pressing issues to be addressed in any reform include:
- How much emphasis should branch location (or branches in general) be given in evaluating a bank’s assessment area and CRA performance? There are many banks that have only one branch, or no branches at all. What is their assessment area? How should they be evaluated?
- Banking in the 21st century is in many ways different from when the rules were written in the 1970s: telephone and internet banking, and banking on smart phone apps is ubiquitous, for example. How should these new forms of interaction with customers be treated?
- Should the “primary purpose” test for community development loans and investments be modified or eliminated?
- Should the regulation move to a more metrics-centric approach as a means to evaluate performance, or is that too strict and narrow an approach?
- How should inconsistencies between regulators be dealt with? CRA has always been a regulation with many gray areas and vagaries; see the number of Frequently Asked Questions the agencies have issued over the years. As well, inconsistencies between regulators have been problematic at times. Any clarity would be welcome.
Expect some sort of movement toward an interagency proposal sometime in 2019.
Appraisal regulations. There are several proposals and final rules that will change the thresholds as to when an appraisal is needed on real estate-secured loans.
- The prudential regulators have proposed increasing the threshold for a required appraisal on residential home loans from $250,000 to $400,000;
- The Economic Growth, Regulatory Relief and Consumer Protection Act (the Dodd-Frank Reform bill signed into law in May of 2018) contained a provision that would provide an exemption from obtaining an appraisal in rural areas of $400,000, provided certain conditions are met; and
- A final rule from the regulators raised the threshold for commercial loans (meaning a loan not secured by a single 1- to 4-family residential structure) requiring an appraisal from $250,000 to $500,000.
Make sure your bank’s appraisal compliance program (which, by the way, is required by rule) reflects the new threshold amounts, including additional changes when they occur.
Mortgage Lending. The Dodd-Frank reform legislation contained several provisions affecting consumer mortgage lending, some of which have already been finalized, including removal of the renewed three-day waiting period if a second offer of credit with a lower rate is presented to the applicant. But several others must still be finalized, including a provision allowing for Qualified Mortgage (QM) status for loans held in portfolio by banks with less than $10 billion in assets, and modifications to the exclusion from maintain an escrow account for similar small banks. Clarification of a few issues in both provisions is needed in a final rule.
The CFPB also recently issued their required report on the impact of the ability-to-repay rules in Regulation Z, which may influence some future rulemaking. And the TILA-RESPA Integrated Disclosure (TRID) rules are also subject to further interpretation by the Bureau.
Also worthy of attention is the emphasis the CFPB is placing on Section 8 of RESPA (prohibition against kickbacks and unearned fees). The CFPB has issued several enforcement actions on this over the past few years, so it’s a hot topic. There is increasing pressure for the Bureau to issue rules or guidance on banks’ use of affiliated business arrangements and marketing agreements, especially given the growth in online lending activities. More clarity here on what is permitted and what is not would be welcomed.
Flood Insurance. We’re going through yet another cycle of expiration and renewal of the National Flood Insurance Program (NFIP), and discussion of a permanent renewal of the program along with changes in the rules have been percolating for some time. Hopefully 2019 is the year we see some permanent changes so we can plan accordingly. Based on some of the previous discussions in Congress, what might we expect when legislation is finally signed into law? Here are a few possible points:
- A likely increase in premiums for many customers, as currently many federal flood policies are not written to actuarial standards (meaning the amount of premiums does not cover the amount of risk of flooding). The insolvency of the NFIP has caught Congress’ attention;
- Increase in the Civil Money Penalty component (currently $2,000 per violation) to as much as $5,000 per violation;
- Clarity (finally!) on what standards must be met in order for a private flood insurance policy to comply with the rules;
- Changes to the mandatory purchase requirement. This could go either way—some discussions involved requiring flood insurance in more instances, others would eliminate some;
- Changes in policy coverage limits and thresholds; and
- Subsidies, coverage caps, and/credits provided to homeowners who cannot afford coverage.
Final amendments to the flood regulations and Interagency Q&As is likely some time away, but keep an eye on Congress as this is where changes will originate.
Bank Secrecy Act. We had enough BSA changes in 2018, you say. While that’s certainly true, FinCEN continues to tinker with the Beneficial Ownership rule to make compliance clearer and hopefully easier. This should continue, which is good news. But also on the BSA regulatory front are:
- Possible increases to filing thresholds for the Currency Transaction Report (CTR) and Suspicious Activity Report (SAR);
- Provisions to allow more information sharing among banks; and
- Guidance on how the banking industry can handle (or whether if it can handle) the legal marijuana industry. Given the fact that 33 states (and counting) have legalized marijuana use in one form or another, clarity on this issue is long overdue. However, it will likely take some sort of Congressional action to provide any safeguards above and beyond what the regulatory agencies are willing to provide. This is a political conundrum at its heart, but hope springs eternal.
The Enforcement Environment
There are more than a few Boards of Directors who hold the opinion that enforcement of compliance laws and regulations has decreased significantly, and that means compliance need not be a priority going forward. While the days of front-page monster dollar civil money penalties are gone for the most part (at least for now), there is still significant enforcement going on out there. A quick search of your regulator’s website will confirm this. In fact, UDAAP consent orders represented $1.35 Billion last year which is 10 times the 2017 total. Don’t fool yourself, and don’t let your management and Boards be fooled; compliance is still a critically important issue in the mind of the agencies.
Also realize that while enforcement actions may not be front-page news, supervision of banks has not slowed at all. Matters Requiring Attention (MRAs) and similar types of non-monetary enforcement has not disappeared; in fact, anecdotal information suggests there are more MRAs out there than ever before. Regulatory relief has unfortunately been interpreted by some as a rationale to decrease compliance staffing, investment, and priorities. This can come back to bite the bank that makes too many incorrect assumptions about the importance (or lack thereof) of compliance. Make sure your bank is not one of them.
As far as changes within the regulatory agencies, expect no significant changes. It appears the leadership of the various agencies has finally been set after several years of uncertainty. As well, constitutional challenges to the CFPB’s structure have been beat back or are not being pursued. There should be no course-altering news on this front in 2019.
Areas to Devote Time and Attention
With all this as backdrop, what should your compliance priorities be in 2019? Here are a few suggestions:
HMDA compliance and its impact. March 1st, 2019, is likely a date you have circled on your calendars; it is the submission date for the new 2018 data. Even if you are not a bank required to submit a slew of new data under the revised rules, HMDA compliance is especially important this year due to the public attention and scrutiny that will be given to the data. Many banks are struggling with gathering and validating all the new data, and this is especially true for lines of credit, newly reported for 2018. While it is true that the agencies have announced they will take into account a bank’s “good faith efforts to comply,” this is not a license to report bad data. Further, do you want your bank’s public face of its fair lending efforts in the mortgage market to be based on erroneous information? Nothing is worse than having to defend allegations of disparate treatment and impact when they’re based on information that isn’t even accurate. Expect much attention to be given to the industry’s performance once the 2018 data becomes publicly available.
Also consider that you might not even know who is accessing and analyzing your data. Since the information is freely available on the CFPB’s website, anyone can access it without your knowledge. In prior years, you’d know since the request would come to your bank for its data. Plus it is available in a standardized format now, so it’s much easier for the press, community groups, and your competitors to slice and dice your bank’s data to their heart’s content.
Keep your nose to the grindstone when it comes to HMDA compliance. Make sure you continue to improve your processes, understand and implement all the new interpretations and changes to the data elements brought about by the new rules, and continue to monitor the CFPB for any new rules or guidance they issue. Consider 2019 the starting point for HMDA, not the finish line.
Fair Lending. This is one area where the regulators have certainly not lightened up. Fair lending supervision and enforcement is alive and well, and hopefully your bank’s fair lending program has kept up with all that is new and expected. In December of 2016, the CFPB issued a blog post stating its fair lending priorities. They have done exactly what they said they would, as (1) redlining; (2) mortgage and student loan servicing: and (3) small business lending continue to be critically important. Expect no reduction in attention to fair lending issues in these areas.
Also important for fair lending attention in 2019:
- Debt collection. While certainly part of the servicing realm, particular attention is being placed on fairness in collection practices. This is not FDCPA-related but rather a close look at whether collection practices adversely impact members of protected classes. Processes as well as outcomes are being examined, and not just in mortgage and education lending; particular attention is being placed on credit cards and auto lending.
- Credit scoring models. Credit reporting in general is being closely scrutinized by the agencies, including the fairness of scoring models. Expect more commentary from the regulators on how various credit scoring models behave and whether there are inconsistencies that should be addressed by individual banks.
- Non-English speaking consumers. Also called Low English Proficiency (or LEP) consumers, how you deal with these consumers should be a focus of your program going forward.
Keep in mind also that several state Attorneys General have very publicly announced that they will take an active role in fair lending enforcement as well.
Mortgage servicing. Fair lending isn’t the only important issues to consider when it comes to mortgage servicing. Now that we’re about four years into the new rules under RESPA for servicing consumer mortgages, technical compliance with the rules is expected. We’ve also had some additions to those rules in the past few years, so be sure your processes are operating as you expect. A few problem areas that should have your full attention (as they’ve been the focus of various enforcement actions) include notices and communications to delinquent borrowers, the loss mitigation application process (which is incredibly detailed, with many timing and notice requirements), and any waivers.
BSA/AML. Similar to HMDA, 2018 should not have been viewed as the finish line for the new Beneficial Ownership rule, but the beginning. Compliance with this rule is complicated and time-consuming; you need to be (more than) ready for your first BSA exam—including the new rule. As stated above, further guidance and interpretation of the rule may be forthcoming, so make sure you’re ready to adjust on the fly. Also similar to fair lending, enforcement of BSA rules (really any sort of financial crimes law or regulation) has not decreased at all. To the contrary, we’re continuing to see a steady stream of BSA problems in banks large and small. Make sure you’re not one of them.
To be sure, this is not a comprehensive list of priorities for this year, but it’s a good place to start. We can also be certain that issues will arise that no one sees coming. This year promises to be a busy year in the world of compliance. While we may not see a new rule to the scale of TRID or 2018 HMDA this year, there is still plenty to pay attention to, in order to keep your program in the place it should be.