Archive for April, 2010
OTS Cracks Down on Overdraft Practices, Proposes New Guidance
On April 23, 2010, the Office of Thrift Supervision (OTS) reached agreement with Woodforest Bank, a thrift institution located in Refugio, Texas, concerning its overdraft protection program. The OTS also issued proposed Supplemental Guidance on abusive overdraft practices.
In consenting to two Orders from the OTS, Woodforest Bank agreed to cease certain unsafe or unsound practices identified by the OTS, including the origination of loans with a low probability of repayment, unfair, misleading or deceptive marketing or advertising practices and disclosures in connection with the Bank’s overdraft protection program. Under the terms of the agreement, the Bank will set aside more than $12 million to pay restitution to existing and past Bank customers harmed by the Bank’s overdraft protection practices, as well as pay $400,000 as a civil money penalty.
On April 29, 2010, the OTS also published proposed Supplemental Guidance on Overdraft Protection Programs in the Federal Register, which, if finalized, would update the Guidance on Overdraft Protection Programs previously issued by the OTS in 2005. In its proposed Supplemental Guidance, the OTS emphasized that thrift institutions must accurately represent the features of overdraft protection programs and clarify that overdraft protection is not a “free” account feature, while disclosing applicable program fees to the customer. The OTS also highlights a thrift institution’s responsibility to explain to customers that payment of overdrafts by the thrift institution is discretionary and to disclose circumstances under which the institution will not pay an overdraft. Additionally, the proposed Supplemental Guidance advises thrift institutions to provide customers with information regarding alternatives to overdraft protection and place reasonable aggregate limits on overdraft fees. Comments to the proposed Supplemental Guidance are due on or before June 28, 2010. The proposed Supplemental Guidance may be found here: http://www.ots.treas.gov/_files/482132.pdf.
New and Improved BSA/AML Examination Manual
Today the Federal Financial Institutions Examination Council released the 2010 version of the Bank Secrecy Act/Anti-Money Laundering Examination Manual. This revised manual further clarifies supervisory expectations, reflects feedback from the banking industry and examination staff, and incorporates regulatory changes since the manual’s release in 2007. The revised manual can be found here: http://www.ffiec.gov/bsa_aml_infobase/documents/BSA_AML_Man_2010.pdf.
Massachusetts Passes Aggressive New Data Security Law
Do you own or license personal information about a resident of Massachusetts? If so, then a new data security law, 201 CMR 17.00, applies to you. You must develop, implement and maintain a comprehensive information security program that includes a security system covering computers, including any wireless system. Among other requirements, you must ensure that, where technically feasible:
- All data containing personally identifiable information (PII) must be encrypted on the wire and as its transmitted across public networks or wirelessly. This means, for example, that PII must be sent over HTTPS, not HTTP and must be encrypted when stored in SQL Server. This rule has significant implications for database applications.
- All PII data stored on laptops or other portable devices, such as smartphones and USB drives must be encrypted.
- Backup tapes must be encrypted on a prospective basis.
Penalties for noncompliance are enforced through Massachusetts General Law Title XV: Regulation of Trade, chapter 93A, section 4. Civil money penalties may be assessed of up to $5,000 per breach or lost record, as well as reasonable costs of investigation and litigation, including attorneys fees. Any data breach must be reported to both the Office of Consumer Affairs and Business Regulation and the Attorney General.
The law became effective March 1, 2010 and can be found here: http://www.mass.gov/Eoca/docs/idtheft/201CMR1700reg.pdf.
Answers to Frequently Asked Questions regarding the rule can be found here: http://www.mass.gov/Eoca/docs/idtheft/201CMR17faqs.pdf.
Recent Federal Banking Regulator Rulemaking and Releases
The federal banking regulators concluded an active week of new rulemaking and releases. A description of these actions, as provided in the press releases by the applicable federal regulator, is provided below:
FDIC Board of Directors Approves Notice of Proposed Rulemaking to Revise Deposit Insurance Assessments
On April 13, 2010, the Board of Directors of the Federal Deposit Insurance Corporation (FDIC) approved a Notice of Proposed Rulemaking (NPR) to revise the deposit insurance assessment system for large institutions, which pose unique and concentrated risks to the Deposit Insurance Fund. Under the proposal, risk categories and long-term debt ratings would no longer be used. The FDIC would continue to use the supervisory ratings as a factor in measuring risk. The FDIC would replace the financial ratios currently used with a scorecard consisting of well-defined financial measures that are more forward looking and better suited for large institutions. The proposal also includes questions about how to incorporate other risk measures, like the quality of underwriting or risk management practices, in the future.
The proposal would create two scorecards: one for large institutions and the other for highly complex institutions. A highly complex institution would be defined as an insured depository institution with greater than $50 billion in total assets that is fully owned by a parent company with more than $500 billion in total assets. The designation also would apply to a processing bank and trust company with greater than $10 billion in total assets. Each scorecard would have two components—a performance score and loss severity score—that are of particular interest to the FDIC as an insurer. Two scores would be combined to produce a total score, which would be translated into an initial assessment rate. Similar to the current system, the FDIC would retain an ability to make limited discretionary adjustments.
The entire proposed rule is available by clicking here.
FDIC Board of Directors Approves Extension of Transaction Account Guarantee Program
On April 13, 2010, the Board of Directors of the Federal Deposit Insurance Corporation (FDIC) approved an interim rule to extend the Transaction Account Guarantee (TAG) program to December 31, 2010. Last year the program was extended to June 30, 2010. Under the TAG program, customers of participating insured depository institutions are provided full coverage on transaction accounts. The interim rule gives the Board discretion to extend the program to the end of 2011, without additional rulemaking, if it determines that economic conditions warrant such an extension.
The TAG extension will provide a continued stable funding source for participating banks and will help them maintain their ability to secure low-cost, large deposits, thereby preserving their deposit franchise value and supporting the rebuilding of their earnings and capital, which in turn protects the Deposit Insurance Fund.
Nearly 6,400 insured depository institutions, about 80 percent of the industry, continue to participate in the TAG program and benefit from the guarantee provided by the FDIC. These institutions held an estimated $266 billion of deposits above the insured deposit limit and guaranteed by the FDIC through the TAG program as of the end of 2009. Under the interim rule, participating institutions can opt out effective July 1, 2010. Last year the Board adjusted the assessment rate to make it risk based and approved an increase in the rates; the current rates will remain unchanged under the interim rule. The Board also voted to require TAG assessment reporting be based on average daily account balances and to reduce the maximum rate that can be paid for qualifying NOW accounts to 0.25 percent from 0.50 percent.
The entire interim rule is available by clicking here.
Federal Regulators Release Model Consumer Privacy Notice Online Form Builder
On April 15, 2010, eight federal regulators released an Online Form Builder that financial institutions can download and use to develop and print customized versions of a model consumer privacy notice.
The Online Form Builder, based on the model form regulation published in the Federal Register on December 1, 2009, under the Gramm-Leach-Bliley Act, is available with several options. Easy-to-follow instructions for the form builder will guide an institution to select the version of the model form that fits its practices, such as whether the institution provides an opt-out for consumers.
To obtain a legal “safe harbor” and so satisfy the law’s disclosure requirements, institutions must follow the instructions in the model form regulation when using the Online Form Builder.
The Online Form Builder is available by clicking here.
Loan Officers Eligible for Overtime Pay
On March 24, the Department of Labor (DOL) issued an Administrator’s Interpretation concluding that the typical mortgage loan officer does not qualify under the administrative employee exemption to the Fair Labor Standards Act’s overtime requirements and, thus, is eligible for overtime pay. To fall within the exemption, the employee’s primary duty must be related to the management or general business operations. The DOL’s conclusion is based on the finding that a typical mortgage loan officer’s primary duty is making sales of loan products. Such duty involves the production work of their financial institution employers and is unrelated to the internal management or general business operations of the institutions.
A complete copy of the Administrator’s Interpretation can be found here.
