Are the Federal Courts or the Republican Controlled Congress the Greater Threat to the CFPB?

Many banking lawyers believe recent actions by federal courts, and by Congress represent the greatest threat to the Consumer Financial Protection Bureau (CFPB) since its existence. Clearly, recent actions by federal courts and by Congress threaten the broad authority of the CFPB and how it exercises that authority. There is an outstanding question regarding which of the two threats is greater.

Two recent federal court holding threaten the CFPB’s aggressive enforcement strategies unlike in prior actions. First, on October 11, 2016, by a 2-1 margin, a three-judge panel of the US Court of Appeals for the DC Circuit (DC Circuit) in PHH Corp. v. CFPB held, among other things, that the CFPB’s single-director structure was unconstitutional because it permitted removal of the CFPB Director only for cause. The panel in the PHH case also provides excellent language that restricts the CFPB’s ability to unilaterally overrule another federal agency’s decision. Subsequently, the DC Circuit vacated the decision of the panel and granted the CFPB a re-hearing in banc scheduled for May 24, 2017. If the DC Circuit en banc rules against the CFPB, then it is widely expected that President Trump will remove CFPB Director Richard Cordray, and replace him with a new director who will change the direction of the CFPB to a more industry-friendly CFPB. Second, on March 17, 2017, the US District Court for the District of North Dakota in CFPB v. Intercept Corporation also delivered a major defeat to the CFPB by granting a motion to dismiss a CFPB complaint against the Intercept Corporation defendants because the CFPB complaint failed to allege facts sufficient to support a plausible claim upon which relief could be granted. The CFPB essentially claimed that Intercept Corporation, which is a payment processor, engaged in unfair, deceptive and abusive activities and practices by knowingly and illegally processing payments for its clients who were engaged in fraudulent or illegal transactions. The district court characterized the CFPB allegations as “an unadorned, the-defendant-unlawfully-harmed-me accusation.” A common theme between the three-judge DC Circuit panel decision in PHH and the federal district court in Intercept is that federal courts will require the CFPB to prove its claims and will not permit the CFPB to substitute its judgment for the judgment of Congress.

Congress has also recently taken action in response to the CFPB. On May 4, 2017, by a party line vote of 34-26, the House Financial Services Committee approved the Financial CHOICE Act of 2017 (CHOICE Act). Title VII of the CHOICE Act, if it became law, would, among other things, strip the CFPB of much of the authority it currently has under Title X of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd Frank):

1. Section 711 of the CHOICE Act would rename the CFPB the Consumer Law Enforcement Agency (CLEA), and strike the section of the law which limits the president’s ability to remove the CFPB Director only for cause.

2. Section 713 would bring CLEA into the Congressional appropriation process and allow Congress to control its budget.

3. Section 715 would grant a party who is the subject of an administrative action by the CLEA to terminate the action and force the CLEA to bring the action into court.

4. Section 716 would grant the recipient of a CLEA civil investigative demand (CID) the right to file a petition in federal court to modify or set aside the CID.

5. Section 717 would require CLEA to conduct a cost benefit analysis for CLEA regulations, administrative actions, and civil actions.

6. Section 718 would make it clear that courts are not required to defer to CLEA interpretations of the laws it administers.

7. Section 720 would require CLEA to establish a procedure for responding to requests for advisory opinions.

8. Section 727 would eliminate CLEA’s examination and supervisory authority.

9. Section 729 would strip CLEA of any rulemaking, enforcement or other relating to employee benefit compensation plans or persons regulated by the CFTC or the SEC.

10. Section 733 would strip CLEA’s rulemaking, enforcement or other authority over payday loans, vehicle title loans and other similar loans.

11. Section 734 would nullify the CFPB’s March 2013 auto lending guidance. Section 736 would strip CLEA of any UDAAP authority.

12. Section 738 would repeal CLEA’s authority to restrict arbitration.

While the answer to which threat is greater is difficult, it is likely that the courts are a greater threat than Congress, at this point, because Congressional actions to date, including the CHOICE Act, have not had any direct impact on the CFPB. Recent court cases, however, have proven to be very helpful to those lawyers who regularly challenge positions of the CFPB, and, the CFPB has had to respond to those challenges in ways that it had not done so in the past.

Is the FDIC’s Shift To De Novo Banking Real?

On May 1, 2017, the FDIC released an update to its guidance on the de novo banking – “Applying for Deposit Insurance – A Handbook for Organizers of De Novo Institutions.” The updated guidance purports to provide organizers with a “clear and transparent explanation of the path to obtaining deposit insurance.” This may be the FDIC’s response to the 2014 joint letter of the American Association of Bank Directors (AABD) and the Independent Community Bankers of America (ICBA) in which the AABD and the ICBA recommended that the FDIC issue a new Financial Institution Letter (FIL) to “to help dispel misconceptions and reaffirm the FDIC’s support for the formation of de novo banks.” These misconceptions relate to the uncertainty in the application process, the second-guessing of business plans for a de novo bank, capital requirements, examination schedules and the degree of regulatory oversight during the first seven years. The FDIC appears to be on a “get-out-the-message” campaign that de novo banking is back and the FDIC is poised to provide guidance on the process.
The banking group at Duane Morris has been involved in de-novo banking for over 40 years. We’ve advised on the de novo process and assisted in the formation of many banks throughout the Western United States and have represented these same banks throughout their life cycle. The recent recession which was sparked by excessive risk-taking by some financial institutions led to a shift in the FDIC’s regulatory philosophy towards more oversight and a period of consolidation. It appears that we are coming out of this period with a possible shift in the regulatory philosophy at the FDIC on de novo banking. To make this point, the FDIC has held industry outreach meetings in San Francisco, New York, Atlanta, and Dallas to inform industry participants about the FDIC’s application process and has planned additional outreach events on May 12, 2017, in Kansas City, Missouri, and May 31, 2017, in Chicago, Illinois.
It appears that we may be entering (finally) the cycle of de novo banks which would add to the health of the community banking industry. Small businesses may finally rejoice in the return of specialized relationship banking.

The FIL/Guidance can be found here:  https://www.fdic.gov/news/news/financial/2017/fil17017.pdf

FDIC Makes Public March Enforcement Actions

The Federal Deposit Insurance Corporation (FDIC) today released a list of orders of administrative enforcement actions taken against banks and individuals in March. There are no administrative hearings scheduled for May 2017.

The FDIC issued a total of 23 orders and one adjudicated decision. The administrative enforcement actions in those orders consisted of five removal and prohibition orders; six Section 19 orders; two civil money penalties; four voluntary terminations of insurance; six terminations of consent orders and cease and desist orders; three termination of restitution orders; and one adjudicated decision.

To view the orders and notice online, please visit the FDIC’s Web page by clicking the link:  March 2017 Enforcement Decisions and Orders

Safety and Soundness and the Bankruptcy Code: Does a Bank Commit a Safety and Soundness Violation by Failing to Comply with the Bankruptcy Rules?

It is fair to say that not many, if any, banks have internal controls or policies and procedures to identify and mitigate deficiencies in the bankruptcy practices of banks. Indeed, banks typically rely on their Legal Department or external counsel to make sure banks protect their interests when bank customers file bankruptcy. While the Compliance Department and the Risk Management Department track compliance and risks related to numerous laws, rules and regulations, the Bankruptcy Code and its rules are typically not among those laws and rules. Certainly, it would be unexpected to find a Compliance Department or Risk Management Department that focuses on reviewing bankruptcy notices and filings by bank customers, and the responses by banks to those notices and filings to determine whether the banks filed, among other things, timely and accurate proofs of claim, payment change notices, claims of post-petition mortgage fees, expenses and charges or accurate notices of final cures. It is not unreasonable to think that those areas are all issues for the Bankruptcy Court to address, and for bank counsel to make sure the interests of the banks are protected. Perhaps, Compliance Departments and Risk Management Departments along with Audit Departments should rethink the importance of bank compliance with Bankruptcy laws and rules both as a way to mitigate regulatory risk and as a way to make sure the risk profile of the bank is accurate. As an incentive to do so, banks should consider a recent civil money penalty (CMP) action by the Office of the Comptroller of the Currency (OCC) against U.S. Bank National Association (US Bank).

On April 25, 2017, the OCC imposed a $15 million CMP against US Bank and required US Bank to make approximately $29 million in remediation to approximately 22,000 US Bank accountholders. The basis upon which the OCC took action against US Bank was that:

“Between 2009 and 2014, the Bank committed various errors related to  bankruptcy filings, including: (a) untimely, not filed, or inaccurately filed Proofs of Claim; (b) payment application inaccuracies resulting in overpayments by debtors or trustees; (c) untimely and/or inaccurate Payment Change Notices; (d) untimely, and/or inaccurate Post-Petition Mortgage Fees, Expenses, and Charges; (e) inaccurate Notices of Final Cure; (f) exposure of confidential customer information in court-filed documents; and (g) inconsistent application of the Bank’s fee waiver practices.”

The OCC’s action against US Bank should be a second wake-up call for those Compliance Departments, Risk Management Departments and Audit Departments that assume that the Legal Department or external counsel will take care of any risks related to banks compliance with Bankruptcy law, rules and regulations during the Bankruptcy process. The first wake-up call for Compliance Departments and Risk Management Departments should have be the actions taken by the OCC and other federal prudential supervisors (and the Consumer Financial Protection Bureau) against mortgage servicers in connection with an interagency horizontal review of major residential mortgage servicers of the residential real estate mortgage foreclosure processes. In those enforcement actions, the OCC and the other agencies based their actions on deficiencies and unsafe or unsound practices in residential mortgage servicing and in the initiation and handling of foreclosure proceedings.

Clearly, the OCC’s action against US Bank shows that a bank may commit a safety and soundness violation by failing to comply with the Bankruptcy laws and rules. The challenge for banks is to determine what changes need to be made to their internal controls, including their policies and procedures, and what role the Legal Department, the Compliance Department, the Risk Management Department and the Audit Department should play in addressing the deficiencies.

Under the Three Lines of Defense Approach, the Legal Department must be the first line of defense, especially since the Legal Department should either have the expertise or have access to the expertise through external counsel. This means the Legal Department should either have an internal quality control process within the Legal Department or the Legal Department should properly manage and oversee the quality of the work performed by external counsel. Similarly, the Compliance Department and the Risk Management Department, as the second line of defense, should, at a minimum, obtain confirmation from the Legal Department that the Legal Department has engaged qualified and experienced external counsel to protect the interests of the bank. The purpose of the confirmation is both to make sure the Legal Department (and not any line manager) has engaged external counsel and that the Legal Department has assigned one or more attorneys to manage and oversee the bankruptcy legal services performed by external counsel on behalf of the bank. Finally, the Audit Department, as the third line of defense, should audit the Compliance Department to determine whether the Compliance Department has received the appropriate confirmation from the Legal Department and to make sure the Legal Department or the Compliance Department has a process in place to limit or mitigate any risk of a pattern or practice of deficiencies in the bankruptcy practices of the bank.

Website Accessibility Under the ADA, A New Federal Court Ruling Helps Banks

Since late last year, many banks in California, New York and Pennsylvania have received demand letters from two law firms that claim the websites of those banks violate Title III of the Americans with Disabilities Act (ADA). The demand letters assert that individuals with disabilities (typically the visually impaired) attempted to use the website of the banks, and faced unreasonable barriers to access, which made it impossible for the claimants to access the websites. The websites, according to the law firms, fail to comply with website standards developed by the World Wide Web Consortium called Web Content Accessibility Guidelines (WCAG 2.0). The law firms seek attorneys’ fees, costs and injunctive relief in connection with the demand letters.

Litigation has been commenced in several states, including California, over this issue of website accessibility by visually impaired individuals.

The ADA’s Title III became law in 2000 and protects disabled persons in public accommodation and commercial businesses. While Title III itself does not contemplate websites as a place of public accommodation, the Department of Justice (“DOJ”) along with several courts have reached that conclusion. The DOJ, which is charged with responsibility for promulgation of regulations, has promised to implement regulations by 2018. The DOJ has said in the interim WCAG 2.0 provides a minimum standard. A number of courts have agreed and allowed pending cases to continue despite motions to dismiss or stay the action until the DOJ issues its regulations. These decisions have meant that banks have been forced to defend these actions without really knowing what the DOJ regulations will provide. Several have settled with the law firms rather than litigate. Now there may be some relief for banks in California.

On March 20, 2017, a federal judge in Los Angeles granted Domino’s Pizza’s motion to dismiss a website accessibility lawsuit filed by a visually impaired person. In Robles v. Domino’s Pizza LLC the District Judge ratified the argument that in absence of a clear DOJ regulation of what “accessibility” means for a website, the defendant’s due process rights had been violated. The Court chastised the DOJ for failing to follow through on its July 2010 pronouncement to regulate website accommodation for public accommodation and ruled it was unfair to hold the defendant to an ambiguous legal obligation or the WCAG 2.0. The Court dismissed the action “pending the resolution of an issue with the special competence of an administrative agency.” This federal court parted ways with several other courts which had applied WCAG 2.0 as standards despite the DOJ’s failure to issue regulations.

While this ruling provides ammunition for clients seeking to fight these claims, it also leaves banks with uncertainty as to just how to improve websites to meet future ADA regulations by the DOJ. An unintended consequence of this ruling also strengthens the hands of bank vendors which have routinely denied any obligation to comply with WCAG 2.0.
Since, Robles was dismissed without prejudice, it can be refiled when the DOJ regulations are announced.
In the meantime, hopefully, the DOJ will act and provide the regulatory help which may actually assist the industry in this instance.

The Growing Importance of Consumer Compliance in Community Reinvestment Act Ratings: Did the OCC Cross the Line In Its CRA Rating of Wells Fargo?

Media reports have recently focused on the Needs to Improve Community Reinvestment Act (CRA) rating assigned to Wells Fargo Bank, National Association (Wells Fargo) by the Office of the Comptroller of the Currency (OCC). CRA and its implementing regulations require prudential supervisors like the OCC, the Board of Governors of the Federal Reserve System and the Federal Deposit Insurance Corporation to assess the performance record of each of the insured depository institutions they supervise in meeting the credit needs of the entire assessment area for those insured depository institutions, including the needs of low and moderate income neighborhoods consistent with safety and soundness standards. Prudential supervisors use performance ratings ranging from Outstanding (which is the highest rating) to Substantial Noncompliance (which is the lowest rating). The ratings between those extremes include High Satisfactory, Low Satisfactory and Needs to Improve. Though Wells Fargo has often historically received an Outstanding performance rating based upon the OCC’s review of CRA’s lending test, investment test, and service test, the OCC just recently assigned Wells Fargo a Needs to Improve based upon the OCC’s findings that Wells Fargo now has a significant number of consumer compliance deficiencies, especially as evidenced by recent violations of law, and enforcement actions by the OCC, the Consumer Financial Protection Bureau (CFPB) and the Los Angeles City Attorney. The OCC characterized Wells Fargo’s compliance status as egregious and found that Wells Fargo had “an extensive and pervasive pattern and practice of violations across multiple lines of business within the bank, resulting in significant harm to large numbers of consumers.”

CRA is not treated as a federal financial consumer protection law by policymakers (which explains why the CFPB has no authority over CRA) or by prudential supervisors (which explains why CRA examinations are separate examinations from either safety and soundness examinations or consumer compliance examinations). Many large insured depository institutions typically have a separate CRA Officer, who has day to day responsibility for compliance with CRA and its implementing regulations. Among the differences between CRA and the federal consumer financial protection laws is that CRA was originally based upon a simple concept that insured depository institutions that take deposits from a community should support that community with loans and investments. CRA promotes good corporate citizenship and provides opportunities for insured depository institutions to develop longstanding community and business relationships within an assessment area. While consumer financial protection laws often impose obligations on an insured depository institution or restricts its activities, CRA offers an opportunity for insured depository institutions to find more customers and to engage in more community and business activities. Following the spirit of CRA would be a great idea even if CRA were not a legal requirement.

CRA professionals and prudential supervisors have always taken into account compliance with the fair lending and anti-discrimination laws (such as the Fair Housing Act and the Equal Credit Opportunity Act) and the Home Mortgage Disclosure Act, when assessing CRA performance. It is also clear that prudential supervisors have taken into account actions taken by other governmental agencies in considering a CRA rating. For example, in the case of Wells Fargo, the OCC gave weight to actions taken by the CFPB, the Department of Justice, and the Department of Housing and Urban Development, which makes sense because those governmental agencies enforce many of the anti-discrimination laws at the federal level. It is not as clear that the OCC has historically taken into account actions taken by a city government, and this raises a question regarding whether, in the future, the OCC will take into account actions by other city governments or by state attorneys general in the context of a CRA rating. It is also far less clear that CRA professionals and prudential supervisors have always taken into account compliance with Section 5 of the Federal Trade Commission Act (i.e., prohibitions on unfair and deceptive acts and practices), the Real Estate Settlement Procedures Act, the Servicemembers Civil Relief Act and Dodd Frank Title X prohibitions on unfair, deceptive and abusive acts and practice.

There is at least a danger that the OCC, in the Wells Fargo case, has inadvertently crossed the line too much into compliance with consumer protection laws in the context of CRA. Certainly, the Wells Fargo downgrade in CRA rating from Outstanding to Needs to Improve should cause CRA professionals to consider where they should draw the line in terms of helping insured depository institutions comply with CRA. While Wells Fargo does not appear to have publicly challenged the OCC’s assigned rating, Wells Fargo did express disappointment in the rating in its recent press release citing its long standing historical record of receiving Outstanding CRA ratings.

OCC Releases CRA Evaluations for 17 National Banks and Federal Savings Associations

Today, the Office of the Comptroller of the Currency (OCC) released a list of Community Reinvestment Act (CRA) performance evaluations that became public during the period of February 1, 2017 through February 28, 2017. The list contains only national banks, federal savings associations, and insured federal branches of foreign banks that have received ratings. The possible ratings are outstanding, satisfactory, needs to improve, and substantial noncompliance.  Of the 17 evaluations made public this month, one is rated outstanding, 15 are rated satisfactory and one is rated needs to improve.  A list of this month’s evaluations is available here.

FTC, FCC Flex Muscles

Duane Morris partner Joseph Burton was featured in a video on Bank Info Security  on the impact of regulators involved in cybersecurity.

The Federal Trade Commission and the Federal Communications Commission are among U.S. regulators now starting to flex their muscles when it comes to enforcing cybersecurity standards, says Burton. What enforcement trends might we expect to see in 2017?

To view the video, please visit the Bank Info Security website.

Webinar: The FDIC Loss-Share Program: How to Extract Every Last Dollar

Duane Morris LLP and FTI Consulting invite you to our webinar, The FDIC Loss-Share Program: How to Extract Every Last Dollar, to be held on Thursday, March 2, 2017  from 11:00 a.m. to 12:00 p.m. Central time.

Duane Morris lawyers and FTI Consulting professionals will discuss strategies that can help banks maximize recoveries under the FDIC Loss-Share Program. Generally, the FDIC will reimburse 80 percent of losses for a covered asset, while the acquiring bank absorbs 20 percent of the loss, provided certain conditions and reporting requirements are met. Our program will outline the common challenges that banks face with the FDIC Loss-Share Program and provide practical solutions that increase loss-sharing recoveries.

Please visit the event page on the Duane Morris website for more information or to register online.

FDIC Consumer News Issues “Answers to Common Questions on How to Avoid Financial Mistakes and Protect Your Money”

Today, the FDIC issued its Winter 2017 FDIC Consumer News which can be read or printed at www.fdic.gov/consumers/consumer/news/cnwin17, with e-reader and portable audio (MP3) versions forthcoming. Additionally, in the coming weeks a Spanish-language version will be posted at www.fdic.gov/quicklinks/spanish.html.  This issue focuses on Answers to Common Questions on How to Avoid Financial Mistakes and Protect Your Money.  Continue reading FDIC Consumer News Issues “Answers to Common Questions on How to Avoid Financial Mistakes and Protect Your Money”