Regulatory Brief for September 2022: UDAAP lawsuit, data privacy, and a windfall for OCC-regulated banks
The Greek philosopher Heraclitus is famous for having proclaimed, “Change is the only constant in life.” With apologies to Heraclitus, I’d take it one step further and say that regulatory change is the only constant in compliance.
That’s why every month my expert team of compliance professionals here at Ncontracts examines the newest regulatory changes, lawsuits, enforcement actions and trends that banks, credit unions, mortgage companies, and fintechs need to be thinking about. Who is suing the CFPB? How much will the OCC’s reduction in assessment fees save banks? Read on to find out!
Remember: You can also log in to Ncomply for updates and implementation guides on changes to state and federal regulations.
And for even more in-depth info, including a breakdown of two recent enforcement actions, listen to the podcast.
Regulatory Update for September 2022
Trades file UDAAP lawsuit against the CFPB. Seven major trade associations are suing the Consumer Financial Protection Bureau (CFPB), claiming the CFPB exceeded its statutory authority when it released its new UDAAP exam manual earlier this year and included discrimination as an unfair, deceptive, or abusive act or practice.
The trades are concerned that the CFPB is trying to expand its UDAAP authority without congressional authority because discrimination is already being dealt with under Equal Credit Opportunity Act (ECOA) and the Fair Housing Act (FHA).
FinCEN finalizes beneficial ownership rule. FinCEN finalized its rule implementing a beneficial ownership registry under the Corporate Transparency Act (CTA) that requires most corporations, limited liability companies, and other entities created in or registered in the U.S. to report information on their beneficial owners to FinCEN. FinCEN will be tackling two more rulemakings related to the CTA in the months ahead.
California passes law to protect children’s online data and privacy. The California Age-Appropriate Design Code Act, a “first-in-nation” law, will require businesses that offer online product and service providers that are likely to be accessed by children under 18 to take steps to protect their data in certain circumstances. It takes effect July 1, 2024.
New Fed policy encourages whistleblowers. The Federal Reserve Board issues a new whistleblower policy that ensures whistleblower claims are kept confidential and that banks cannot retaliate against whistleblowers. It also incentivizes whistleblowers with a reward (at the discretion of the Fed) of up to 25% of the amount of the fine, penalty, restitution, or forfeiture collected or $100,000, whichever is lower.
OCC cuts assessment fees. The Office of the Comptroller of the Currency is planning to cut assessment fees by 40 percent on a bank's first $200 million in assets and by 20 percent for the assets between $200 million and $20 billion, Acting Comptroller Michael Hsu announced in a speech. This unbudgeted windfall makes it a great time to ask your management to invest in risk and compliance training and technology.
Want to go even deeper into regulatory change? Listen to the Ncast Regulatory Update to hear about:
- CFPB’s interest in mortgage refinancing and assistance for homeowners facing financial difficulties
- The White House’s new framework for responsible development of digital assets
- OCC bulletin on video conference and data security
- How the NCUA plans to balance in-person and remote exams
- CECL for credit unions
- NCUA’s proposed rule on member expulsion and one on subordinated debt
Topics: Risk & Compliance