<img src="https://ws.zoominfo.com/pixel/pIUYSip8PKsGpxhxzC1V" width="1" height="1" style="display: none;">

July 2023 Regulatory Brief: Third-Party Guidance, Fair Lending & Consumer Compliance Violations and the Road Ahead

3 min read
Jul 6, 2023

Each month the Ncontracts team of compliance pros breaks down the hottest regulatory trends and changes.

What’s the latest guidance you need to know about? What areas of drawing regulatory scrutiny and likely to be the subject of upcoming proposals? What enforcement actions and lawsuits are making headlines? Read on and find out!

Remember: You can also log in to Ncomply for updates and implementation guides on changes to state and federal regulations.

Here are the highlights:


New and Updated Guidance 

Updated Interagency Guidance on Third-Party Relationships 

The Office of the Comptroller of the Currency (OCC), Federal Deposit Insurance Corporation (FDIC), and the Federal Reserve finalized their Interagency Guidance on Third-Party Relationships: Risk Management. The third-party vendor management guidance replaces existing guidance while aligning the agencies’ approach to vendor management. 

Read our blog for a deep dive or register for our webinar.

FDIC Updates Guidance on NSF Fees 

The FDIC updated its guidance on multiple presentment of NSF fees from late last year to align with the new final interagency guidance on third-party relationships and risks. The guidance encourages banks to consider mitigating related risks such as consumer compliance risk, third-party risk, and litigation risk by reviewing NSFs and considering whether they should be changed, limited or eliminated. The guidance highlights that institutions that self-identify and correct violations before examination may not be cited for UDAP violations. Failure to self-identify and correct non-compliant practices may result in supervisory or enforcement actions, including civil money penalties and restitution. 

Spotlight on Proposals: What May Be Coming Your Way

Here’s a rundown of some of the potential rulemaking and proposals expected for the rest of the year:

OCC, Federal Reserve, and FDIC. The FDIC, Federal Reserve, and OCC are planning on issuing an NPRM in December, seeking comment on the definition of an effective Bank Secrecy Act compliance program. The regulators aim to update regulations for consistency with AML Act and to clarify and expand the customer due diligence requirements that impose beneficial ownership requirements for legal entity customers.

NCUA. The National Credit Union Administration (NCUA) will be releasing an Advanced Notice of Proposed Rulemaking (ANPRM) asking for input on climate-related financial risks with an eye towards protecting the share insurance fund. Other upcoming NCUA ANPRMs include digital assets, share insurance rule changes (especially for trust accounts), and overdraft policy flexibility. Field of membership (FOM) proposals are already out and final rules are expected in September.

CFPB. The CFPB is expected to issue a proposed rule on large nonbank participants in markets for consumer payments this summer and a final rule limiting credit card fees in October. The CFPB is also examining whether overdraft fees are finance charges subject to Reg Z and will begin potential rulemaking of nonsufficient (NSF) fees in November.

FinCEN. The Financial Crimes Enforcement Network (FinCEN) expects to issue a final rule on access to the beneficial ownership register in September and a notice of proposed rulemaking amending the customer due diligence final rule in November.

Interagency Proposals

AI & Automated Valuation Models. The OCC, Federal Reserve, FDIC, NCUA, CFPB and Federal Housing Finance Agency issued an NPRM seeking public comment on a proposed rule that on the use of AI and other algorithmic systems in appraising home values.  The proposed rule would apply to mortgage originators and secondary market issuers involved in valuing single-family and one-to-four-unit multifamily homes using automated valuation models (AVMs). While four of the proposed quality-control standards align with existing Dodd-Frank standards, the regulators are introducing a fifth standard that requires AVMs to comply with applicable discrimination laws. Covered Institutions would have to establish policies, practices, procedures, and control systems to ensure AVMs used in Covered Transactions adhere to quality-control standards ensuring confidence in estimates, data protection against manipulation, avoiding conflicts of interest, random sample testing and reviews, and compliance with applicable nondiscrimination laws.  Comments are due August 21, 2023.

Proposed Interagency Guidance on Reconsiderations of Value for Residential Real Estate Valuations 

The CFPB, FDIC, Federal Reserve, OCC and NCUA requested public comment on proposed guidance addressing reconsiderations of value (ROV) for residential real estate transactions to be published in a future Federal Register. The goal is to produce a comprehensive guidance document that will give institutions methods and models to help them enable a consumer who believes an appraisal value of property isn't correct to provide information that might have been missed or to consider possible deficiencies in the appraisal.

Enforcement Actions

Fair lending. The DOJ announced a settlement with Pennsylvania Bank alleged to have engaged in lending discrimination through redlining majority-Black and Hispanic neighborhoods in and around Philadelphia. The bank will pay over $3 million to resolve the allegations.

Consumer protection. The CFPB issued an enforcement action and $25 million penalty against ACI Worldwide and its subsidiary, ACI Payments, for unlawfully initiating around $2.3 billion in authorized mortgage payment transactions. The company used real customer data instead of dummy transactions when testing systems causing nearly 500,000 homeowners to overdraft. The takeaway: vendor due diligence is essential. You need to know how vendors are using your data – and need to have controls in your vendor agreements to prevent these kinds of fiascos.

Securities violations. The Securities and Exchange Commission (SEC) and several state regulators have begun enforcement actions against Coinbase and Coinbase Global alleging its operating as an unregistered securities exchange, broker, and clearing agency.


Subscribe to the Nsight Blog