This monthly roundup of compliance news includes the following articles:
On April 3, 2018, the Financial Crimes Enforcement Network (FinCEN) released 37 Frequently Asked Questions (FAQs) on its Customer Due Diligence Rule (CDD Rule), which went into effect on May 11, 2018. The CDD Rule clarifies and enhances CDD requirements for financial institutions under the Bank Secrecy Act (BSA) and, among other things, imposes a new requirement for covered financial institutions to identify and verify the identity of beneficial owners. Generally, the CDD Rule requires covered financial institutions to:
- Collect beneficial ownership information at the time of account opening for any natural person who owns 25 percent or more of a legal entity; and
- Develop, and update as needed, a customer risk profile to aid in reviewing customers’ transaction activity.
The much-anticipated guidance supplements an FAQ issued in 2016 by FinCEN shortly after the issuance of the final CDD Rule and covers various topics intended to help clarify questions and comments received by the industry and guide financial institutions with their compliance efforts. Key themes identified in the most recently issued FAQs include.
- Collecting and maintaining information: The FAQs clarify that beneficial ownership information does not need to be obtained for accounts established before the May 11, 2018 effective date. The guidance confirms that updating beneficial ownership information is not required unless, through its normal course of monitoring, an institution identifies a potential change of beneficial ownership.
- Reliance: The FAQs cover certain circumstances in which a covered financial institution may rely on beneficial ownership information previously collected from and confirmed by an existing customer. Specifically, when an existing customer is determined to be a beneficial owner of a new legal entity customer and had previously been subject to a financial institution’s customer identification program (CIP), the information may be relied upon so long as there is confirmation from the customer that the information is accurate and up-to-date and the financial institution has no knowledge of facts that would reasonably call into question the reliability of the information. Further, an institution is required to maintain a record of the customer confirmation, whether that confirmation was provided verbally or in writing. A similar principle applies in instances when an existing customer opens multiple accounts or renews a financial product or service – the information already collected can be relied upon to satisfy the beneficial ownership requirements if it has been confirmed by the customer.
- Currency transaction reporting: When completing a currency transaction report (CTR) for a business, a financial institution is not required to list the beneficial owners, as the CDD Rule does not change existing CTR requirements. In instances when legal entity customers share a common owner, the FAQs confirm that transactions should not be aggregated unless there is reason to believe entities under common ownership are not operating independently of each other. Further, according to the FAQs, unless a financial institution has knowledge a transaction was made on behalf of a beneficial owner and meets CTR requirements, beneficial owners are not required to be listed in a CTR.
- Record retention: Covered financial institutions are required to retain beneficial ownership verification information for a period of five years after the record is made; however, beneficial ownership identification information is required to be retained for five years after the account is closed. Further, a description of every document relied upon for verification, any non-documentary methods used for verification purposes, and the resolution of any discrepancies identified during verification must be retained for five years after the record is made.
- Exclusions: The FAQs respond to questions clarifying which legal entity types are not covered by the rule. Specifically, the FAQs clarify that beneficial ownership information is not required to be collected on pooled investment vehicles, trusts, charities and other nonprofits, equipment finance and leases, private label retail credit cards and non-U.S. governmental departments or agencies.
Even though the newest FAQs do not address all concerns raised by the industry, they do demonstrate FinCEN’s continued commitment to help clarify regulatory expectations. Many covered financial institutions have spent significant amounts of time modifying their programs over the past several months and years to help ensure compliance with the rule’s complex requirements. As financial institutions prepare for upcoming regulatory reviews, they should work to ensure the relevant changes made to customer acceptance and maintenance programs, systems and tools are documented, new key controls are tested, and employees impacted by the changes are adequately trained on new protocols.
In the week following the effective date of the rule, FinCEN, signaling its intention to work with the industry as it seeks to implement the rule, issued exceptive relief to the rule’s beneficial ownership requirements for short-term insurance premium financing loans and certain loans and deposit products subject to automatic rollover. The latter relief is for a 90-day period. Additional information about these FinCEN actions can be found on our blog.
In May 2018, pursuant to the Congressional Review Act (the act), both the Senate and the House of Representatives voted in favor of repealing Consumer Financial Protection Bureau (CFPB) Bulletin 2013-02, “Indirect Auto Lending and Compliance with the Equal Credit Opportunity Act.” The bulletin provides guidance to bank and nonbank indirect auto lenders regarding compliance with the fair lending requirements of the Equal Credit Opportunity Act (ECOA) and its implementing regulation, Regulation B.
Enacted in 1996, the act establishes expedited procedures by which Congress may disapprove of a broad range of regulatory rules issued by federal agencies by enacting a joint resolution of disapproval. When a disapproval resolution is enacted, the rule may not take effect and the agency may issue no substantially similar rule without subsequent statutory authorization. In instances where a rule is disapproved after going into effect, it is treated as though it had never taken effect.
CFPB Bulletin 2013-02 addresses potential discrimination in the indirect auto lending industry. The bulletin highlights the fair lending risks inherent in the policies and practices of indirect auto lenders permitting “dealer markups,” which occur when auto dealers increase a consumer’s interest rate over the risk-based buy rate quoted by the indirect auto lender.
The bulletin reminds indirect auto lenders that they may be considered creditors under ECOA and of their exposure to fair lending risk in instances where their markup and compensation policies permit dealers to increase consumer interest rates. The bulletin suggests that indirect auto lenders with such markup and compensation policies may be liable under the legal theories of both disparate treatment and disparate impact when pricing disparities on a prohibited basis occur within their portfolios. As such, the bulletin urges indirect lenders to:
- Impose controls on, or otherwise revise, dealer markup and compensation policies, and monitor the effects of those policies, to address unexplained pricing disparities on prohibited bases; or
- Eliminate dealer discretion to markup buy rates and compensate dealers in some other way.
The repeal of CFPB Bulletin 2013-02 is significant in that it marks the first instance where a non-binding guidance document has been repealed by the act; in the few prior instances in which the act has been successfully invoked, the resolutions were typically related to repealing formal agency regulations.
The fact that the act was used to repeal non-binding guidance presents two unique implications. First, since the laws and regulations upon which the Bulletin was based were not impacted by the repeal, there is some uncertainty as to the practical impact of this action. Second, under the terms of the Act, Congress has 60 days to pass a joint resolution of disapproval, a time frame that begins on the later of two dates – when Congress receives an agency report related to the rule or when the report is published in the Federal Register. Although CFPB Bulletin 2013-02 was issued more than five years ago, its repeal is considered permissible, since the CFPB had never submitted a report to Congress related to the rule or published it in the Federal Register. Applying this approach to other CFPB guidance could expose numerous long-standing agency policies to repeal.
Despite the repeal of CFPB Bulletin 2013-02, financial institutions should carefully consider any decisions to moderate their markup and compensation policies. As mentioned above, the laws and regulations that supported the bulletin are still intact and other federal and state agencies continue to be focused on consumer protection.
The joint resolution disapproving CFPB Bulletin 2013-02 must now go to President Donald Trump, who has indicated he will sign such legislation to eliminate the Obama-era guidance.
In April 2018, the Securities and Exchange Commission (SEC) proposed a new set of rules and interpretations designed to promote retail investor protection and establish appropriate investment professional conduct. The proposed rules are different from the Department of Labor’s (DOL) Fiduciary Rule, which was passed in June 2016 and vacated by the Fifth Circuit Court of Appeals on April 30, 2018, whereby the Fiduciary Rule applied only to retirement accounts. By contrast, the SEC proposal applies to broker-dealers who make recommendations to retail customers on any securities transaction or strategy.
The proposed rules will be out for comment for 90 days with the aim to permit retail investors and other interested parties the opportunity to review the material and submit comments. The proposed rules and implications for retail customers consist of the following:
- Regulation best interest: Proposed “Regulation Best Interest” requires a broker-dealer to act in the best interest of a retail customer when making a recommendation of any securities transaction or investment strategy involving securities to a retail customer without placing its financial interest ahead of the customer’s. To discharge this duty, an investment adviser must comply with three obligations: (1) disclose to the retail customer in writing the key facts about the relationship, including material conflicts of interest associated with the recommendation; (2) exercise reasonable diligence, care, skill and prudence to understand the products and the customer’s best interest; and (3) establish, maintain and enforce reasonably designed policies and procedures to identify and at a minimum disclose and mitigate, or eliminate, material conflicts of interest arising from financial incentives associated with the recommendation. Other material conflicts of interest must also be disclosed. However, there is no clear definition of the best interest standard in the proposal.
- Interpretation of fiduciary duty: The SEC’s proposed rules include a proposed interpretation to reaffirm and clarify the SEC’s views of the fiduciary duty that investment advisers owe to their clients. By highlighting principles relevant to the fiduciary duty, investment advisers and their clients will have greater clarity about investment advisers’ legal obligations.
- Customer relationship summary: The Customer Relationship Summary (Form CRS) is a proposed standardized short-form relationship summary disclosure document to provide retail investors easy-to-understand information about their relationship with the investment professional. Form CRS would supplement existing account documentation and would highlight differences in services offered, applicable legal standards, possible fees and conflicts of interest.
- Restrictions on the use of certain names and titles: The SEC proposal regarding the use of certain names and titles would restrict broker-dealers and their financial professionals from using the words “adviser” or “advisor” as part of a name or title when communicating with a retail investor unless the broker-dealer is a registered investment adviser. Investment advisor or adviser is a formal title that comes with additional disclosure and registration requirements and whose casual use by brokers is thought to create potential investor confusion.
To comply with these proposed changes, banking institutions and broker-dealers should be prepared to evaluate whether and how to enhance their policies, programs and systems to ensure compliance with the technical and operational requirements of the proposed rules. Leadership should be kept informed of the status of the proposed changes as well as any steps taken to comply.
In the wake of the highly publicized enforcement actions addressing improper sales practices at financial institutions, the Office of the Comptroller of the Currency (OCC) initiated in 2017 a horizontal review of sales practices across large and mid-sized institutions to identify the prevalence of improper sales practices across the industry. While the OCC has not publicly concluded on the results of its horizontal review, it did comment on the preliminary results at a recent financial services industry conference. While these remarks should not be construed as official commentary from the OCC, they do shed light on the results of the OCC’s review that financial institutions should consider; specifically:
- While gaps were identified when assessing the adequacy of institutions’ sales practices risk management programs, the OCC did not identify systemic issues related to the unauthorized opening of accounts without customer consent. Additionally, no correlation was noted between the use of sales quotas and unauthorized account opening, and, for many of the banks examined, no unauthorized account opening was noted at all.
- Potentially unauthorized account opening activity, where observed, was principally identified for credit card products. The OCC noted that credit cards pose unique challenges in demonstrating customer authorization because a written customer signature is not required for origination.
- Gaps were noted in key aspects of sales practices risk management programs, such as within policies, procedures and risk monitoring processes. However, these gaps were characterized by the OCC as “expected” due to the historical lack of regulatory scrutiny on sales practices in general.
The OCC indicated it will be identifying leading practices from its horizontal review and will make these observations available to the institutions that were examined. Whether such observations will be more broadly published has not yet been communicated; however, the OCC has disclosed that it has no intention of issuing further industry guidance on the topic of sales practices.
While the OCC’s informal public remarks suggest overall positive results from the horizontal examinations, financial institutions should remain cognizant of the elevated expectations for sales practices risk management programs and should ensure their corresponding internal control environments are commensurate with their size and complexity.
It is important to note that this newsletter is provided for general information purposes only and is not intended to serve as legal analysis or advice. Companies should seek the advice of legal counsel or other appropriate advisers on specific questions and practices as they relate to their unique circumstances.