Skip to content

Exception Tracking Spreadsheet (TicklerTrax™)
Downloaded by more than 1,000 bankers. Free Excel spreadsheet to help you track missing and expiring documents for credit and loans, deposits, trusts, and more. Visualize your exception data in interactive charts and graphs. Provided by bank technology vendor, AccuSystems. Download TicklerTrax for free.

Click Now!

Top Story Compliance Related


OCC reminder on investments in venture capital funds

The OCC has issued Bulletin 2021-54 to remind OCC-supervised banks and savings associations of restrictions on most equity investments in venture capital funds. The Bulletin includes these points:

  • Banks generally may not make passive equity investments in venture capital funds.
  • Equity investments in venture capital funds may be permissible if they are public welfare investments or investments in small business investment companies.
  • Qualifying for the Volcker rule's venture capital fund exclusion does not make a fund a permissible investment for a bank.
  • As with any investment, before a bank invests in a venture capital fund, the bank must determine whether the investment is permissible and appropriate for the bank.
  • Impermissible and inappropriate investments expose the bank and its institution-affiliated parties to enforcement actions and civil money penalties.
  • National bank directors may be personally liable for impermissible investments' losses.


OFAC amends Syrian Sanctions Regulations, issues Venezuela-related license

On Friday, November 26, OFAC published a final rule amending the Syrian Sanctions Regulations (31 CFR Part 542) to expand an existing authorization related to certain activities of nongovernmental organizations (NGOs) in Syria. The amendments were effective on publication. OFAC also published two new related Frequently Asked Questions:

  • FAQ 937: What does the general license (GL) at § 542.516 of the Syrian Sanctions Regulations (SySR), as amended on November 26, 2021, authorize with respect to nongovernmental organizations (NGOs)?
  • FAQ 938: What early-recovery-related transactions and activities are nongovernmental organizations (NGOs) authorized to engage in pursuant to the general license (GL) at § 542.516 of the Syrian Sanctions Regulations (SySR), as amended on November 26, 2021?

OFAC also issued Venezuela-related General License 8I, "Authorizing Transactions Involving Petróleos de Venezuela, S.A. (PdVSA) Necessary for the Limited Maintenance of Essential Operations in Venezuela or the Wind Down of Operations in Venezuela for Certain Entities."

Related link:


2021 Do Not Call Registry Data Book

The Federal Trade Commission (FTC) has released the National Do Not Call Registry Data Book for Fiscal Year 2021. The FTC’s National Do Not Call (DNC) Registry lets consumers add their phone number and choose not to receive most legal telemarketing calls. In the last fiscal year, nearly three million people signed up with the DNC Registry, bringing the total close to 245 million phone numbers.

Now in its thirteenth year of publication, the Data Book also provides the most recent fiscal year information available on robocall complaints, the types of calls consumers reported to the FTC, and a complete state-by-state analysis. According to the Data Book, complaints about imposter calls again topped the list, with almost 594,000 received during the fiscal year ending on September 30, 2021, including both live calls and robocalls. In such calls, imposters falsely pose as government representatives, such as the Social Security Administration or the IRS, legitimate business entities, or as people affiliated with them.


Agencies' statement on crypto-asset initiatives

A Joint Statement on Crypto-Asset Policy Sprint Initiative and Next Steps was issued yesterday by the Federal Reserve, FDIC, and OCC to summarize their interagency "policy sprints" focused on crypto-assets and provide a roadmap of future work related to crypto-assets.. The statement describes the focus of the preliminary work conducted through the sprints undertaken by the agencies. It summarizes the agencies' plan to provide greater clarity throughout 2022 on whether certain crypto-related activities conducted by banking organizations are legally permissible, and related expectations for safety and soundness, consumer protection, and compliance with existing law and regulations. The emerging crypto-asset sector presents potential opportunities and risks to banking organizations, their customers, and the overall financial system. The interagency sprints quickly advanced and built on agencies' combined knowledge, which helped identify and assess key issues related to potential crypto-asset activities conducted by banking organizations. The focus of the sprint work included:

  • Developing a commonly understood vocabulary using consistent terms regarding the use of crypto-assets by banking organizations.
  • Identifying and assessing key risks, including those related to safety and soundness, consumer protection, and compliance, and considering legal permissibility related to potential crypto-asset activities conducted by banking organizations.
  • Analyzing the applicability of existing regulations and guidance and identifying areas that may benefit from additional clarification.

To place the sprint work in context, staff reviewed and analyzed a number of crypto-asset activities in which banking organizations may be interested in engaging including:

  • Crypto-asset custody.
  • Facilitation of customer purchases and sales of crypto-assets.
  • Loans collateralized by crypto-assets.
  • Activities involving payments, including stablecoins.
  • Activities that may result in the holding of crypto-assets on a banking organization’s balance sheet.

During 2022, the agencies plan to provide greater clarity on whether certain activities related to crypto-assets conducted by banking organizations are legally permissible, and expectations for safety and soundness, consumer protection, and compliance with existing laws and regulations related to:

  • Crypto-asset safekeeping and traditional custody services.
  • Ancillary custody services.
  • Facilitation of customer purchases and sales of crypto-assets.
  • Loans collateralized by crypto-assets.
  • Issuance and distribution of stablecoins.
  • Activities involving the holding of crypto-assets on balance sheet.

Related links:


OCC clarifies bank cryptocurrency requirements and trust bank chartering

OCC Chief Counsel's Interpretive Letter #1179 has been published to confirm that national banks and federal savings associations must demonstrate that they have adequate controls in place before they can engage in certain cryptocurrency, distributed ledger, and stablecoin activities. The letter provides a roadmap for banks to engage with their supervisory office to provide written notification of their proposed activities and outlines the criteria that the OCC will follow to evaluate the proposed activity and provide a supervisory non-objection. If the bank receives a supervisory non-objection, the OCC will review these activities as part of its ordinary supervisory processes.

The interpretive letter also clarifies OCC standards for chartering National Trust Banks. The OCC may look to state law to determine if an applicant’s activities are limited to the operations “of a trust company and activities related thereto,” but an applicant’s activities will not automatically be deemed to be trust activities—or to be fiduciary activities—solely by virtue of state law. The OCC retains discretion to determine if an applicant’s activities that are considered trust or fiduciary activities under state law are considered trust or fiduciary activities for purposes of applicable federal law.


2021 CRA software downloads available

Version 2021 for the calendar year 2021 CRA data due March 1, 2022, is now available on the FFIEC's CRA/HMDA Software Downloads webpage. Each software version is year-specific (i.e. 2020 reporting requires 2020 CRA DES and not 2021 CRA DES).


OFAC targets facilitator for ISIS-K

Yesterday, the Treasury Department announced that OFAC had designated Ismatullah Khalozai, an individual who has acted as a financial facilitator for the Islamic State’s Khorasan Province (ISIL-Khorasan), active in Afghanistan and commonly referred to as “ISIS-K.” This individual has provided support to ISIS-K’s operations in Afghanistan by facilitating international financial transactions that fund human trafficking networks and facilitating the movement of foreign fighters who seek to escalate tensions in Afghanistan and the region.

OFAC took this action in coordination with the U.S. Department of State, which yesterday designated Sanaullah Ghafari, Sultan Aziz Azam, and Maulawi Rajab as Specially Designated Global Terrorists (SDGTs) for their roles as leaders of ISIS-K.

For identification information on Khalozai and the individuals designated by the State Department, and other changes in OFAC's SDN List, see the BankersOnline OFAC Update for November 22, 2021.


SEC assesses $18M penalty for compliance failures

The Securities and Exchange Commission has announced that an affiliate of McKinsey & Company that offers investment options exclusively to current and former McKinsey partners and employees has agreed to pay an $18 million penalty for compliance failures.

The SEC’s order finds that the affiliate maintained inadequate policies and procedures to prevent McKinsey partners from misusing material nonpublic information they obtained as consultants to public companies and other McKinsey clients while they were simultaneously overseeing the affiliate’s investment decisions. The SEC’s order finds that McKinsey’s affiliate MIO Partners Inc. was investing hundreds of millions of dollars in companies that McKinsey was advising. Certain McKinsey partners oversaw MIO’s investment choices and also had access to material nonpublic information as a result of their McKinsey consulting work. These partners were routinely privy to confidential information like financial results, planned bankruptcy filings, mergers and acquisitions, product pipelines and funding efforts, and material changes in senior management at those companies.

According to the SEC’s order, MIO did not have reasonably designed policies and procedures to address the dual roles for McKinsey consultants who were involved in MIO’s investment choices. For example, the order cites an instance where a McKinsey partner’s access to confidential information about MIO’s investments in a company through a third-party manager created a risk that one of McKinsey’s units could influence the company’s Chapter 11 reorganization plan in a way that favored MIO’s investment.

The SEC’s order finds that MIO, which is a registered investment adviser and wholly-owned subsidiary of McKinsey, violated Sections 204A and 206(4) of the Investment Advisers Act of 1940 and Rule 206(4)-7. Without admitting or denying the findings, MIO consented to the entry of a cease-and-desist order and a censure, and agreed to pay the $18 million penalty.


OCC enforcement actions

The Office of the Comptroller of the Currency has issued a list of enforcement actions taken in September and October 2021. Among the actions listed were:

  • a Consent Order to cease and desist issued to Cenlar FSB, Ewing, NJ, after the Comptroller found that the bank’s internal controls and risk management practices did not support the current risk profile and size of the Bank’s mortgage sub-servicing portfolio, which is an unsafe or unsound practice.
  • a previously announced Civil Money Penalty order issued to Trustmark National Bank, Jackson, MS
  • an order of prohibition and for payment of a $75,000 civil money penalty was issued to Derline Cunningham, former retail branch manager and officer of Citizens Bank, N.A., Providence, RI, for unspecified infractions
  • an order of prohibition was issued to Addisha Jackson, a former customer service representative at JPMorgan Chase Bank, N.A., Columbus, OH, for unspecified infractions
  • a formal agreement was entered into with The Federal Savings Bank, Chicago, IL, for unsafe or unsound practices, including those relating to: (i) risk management; (ii) the Bank’s consumer compliance program and violations of law, rule, or regulation, including those relating to the Real Estate Settlement Procedures Act, and the Truth in Lending Act; and (iii) compliance with the Bank Secrecy Act.


Bureau reminder to debt collectors

The CFPB has emailed a reminder concerning a provision of Regulation F implementing the Fair Debt Collection Practices Act. Under the regulation, debt collectors who adopt and follow certain procedures can obtain a bona fide error defense from civil liability for unintentional violations of the prohibition against third-party communications when communicating by email or text message. For text message communications, one element of those procedures includes using a “complete and accurate database” to confirm that the consumer’s telephone number has not been re-assigned to another user.

The Rule’s commentary identifies the FCC’s Reassigned Numbers Database as a “complete and accurate database.” The FCC has now published that database, which is available at More information about the Reassigned Numbers Database is available at


Training View All

Penalties View All

Search Top Stories