Skip to content

How to gain more from operational risk management practices.
Modern risk management technology solutions improve efficiency and provide greater visibility into risks. Today’s tools provide real-time visibility, action plans, enhanced reporting and business intelligence, and proactive notifications for operational risk. Real-time data empowers banks and financial services organizations to proactively manage risks and instantly detect and mitigate emerging issues. Click here to learn more.

Top Story Compliance Related


OFAC sanctions Nicaraguan National Police and commissioners

Treasury has announced that OFAC has designated the Nicaraguan National Police (NNP), the primary law enforcement entity in Nicaragua, for its role in serious human rights abuse in Nicaragua. Additionally, OFAC designated three NNP commissioners, Juan Antonio Valle Valle, Luis Alberto Perez Olivas, and Justo Pastor Urbina, for their involvement as senior officials of the Government of Nicaragua and leaders of the NNP. OFAC’s designation is directed at the NNP as an institution responsible for human rights abuses in Nicaragua.

For identification information, see BankersOnline's OFAC Update.


OCC seeks comments on licencing requirements proposals

Yesterday, the OCC released a proposal for public comment to update and clarify licensing policies and procedures and eliminate unnecessary requirements consistent with safe, sound, and fair operation of the federal banking system.

The proposal would make various changes to the OCC’s Rules, Policies, and Procedures for Corporate Activities, 12 CFR part 5. Among the significant changes being proposed are:

  • permitting national banks and federal savings associations to elect to follow the procedures applicable to state banks or state savings associations, respectively, for certain business combinations.
  • expanding the operating subsidiary notice and expedited review processes to include activities that are substantively the same as activities previously approved by the OCC.
  • permitting non-controlling investments and pass-through investments in entities that have not agreed to OCC supervision, and permitting certain other investments without a filing.
  • providing procedures for granting and revoking citizenship and residency waivers for national bank directors.
  • changing the definition of “troubled condition” for purposes of changes in directors and senior executive officers to specify that an enforcement action must require the national bank or savings association to improve its financial condition for it to be considered in “troubled condition” solely as a result of the enforcement action, which would align with OCC supervisory practice.
  • adding chief risk officer to the list of positions for which a bank in troubled condition must provide notice when making a change in personnel.

UPDATE: Published on April 2, 2020. Comments are due May 4, 2020.


OCC adds FAQs on third-party relationships

OCC Bulletin 2020-10, issued yesterday, contains updated FAQs to supplement OCC Bulletin 2013-29, “Third-Party Relationships: Risk Management Guidance,” issued October 30, 2013. These FAQs are intended to clarify the OCC’s existing guidance and reflect evolving industry trends.

The new bulletin rescinds OCC Bulletin 2017-21, “Third-Party Relationships: Frequently Asked Questions to Supplement OCC Bulletin 2013-29,” issued on June 7, 2017. The FAQs from Bulletin 2017-21 have been incorporated unchanged into the new bulletin, except for question No. 24, which was updated to reflect current AICPA Service Organization Control report information.

Topics addressed include:

  • the terms “third-party relationship” and “business arrangement.”
  • when cloud computing providers are in a third-party relationship with a bank.
  • when data aggregators are in a third-party relationship with a bank.
  • risk management when the bank has limited negotiating power in contractual arrangements.
  • critical activities and how a bank can determine the risks associated with third-party relationships.
  • bank management’s responsibilities regarding a third party’s subcontractors.
  • reliance on and use of third party-provided reports, certificates of compliance, and independent audits.
  • risk management when third party has limited ability to provide the same level of due diligence-related information as larger or more established third parties.
  • risk management when using a third-party model or when using a third party to assist with model risk management.
  • use of third-party assessment services in managing third-party relationship risks.
  • a board’s approval of contracts.
  • risk management when obtaining alternative data from a third party


FDIC releases CRA evaluation ratings

The FDIC has issued a list of banks whose evaluation ratings under the Community Reinvestment Act were released in December. Of the 67 banks listed, two received evaluation ratings of Outstanding, 61 received ratings of Satisfactory, three were rated Needs to Improve, and one was said to be in Substantial Noncompliance. The two banks with Outstanding ratings were:


California Fair Housing agreement approved

The U.S. Department of Housing and Urban Development announced Wednesday that it has approved a Conciliation Agreement requiring Ronoel Romero, Blanca Romero, and Mario Prudencio, the owners and manager of a Bakersfield, California, apartment complex, to pay $14,500 to several female residents to settle allegations of sexual harassment.

Under the terms of the agreement, the owners will pay the women who filed the complaint $10,000 and attend mandatory fair housing training. The owners will also pay $4,500 to two other aggrieved female residents. In addition, Prudencio will be permanently prohibited from directly or indirectly engaging in or conducting any property management responsibilities.


Fed simplifies capital rules for large banks

The Federal Reserve Board on Wednesday approved a rule to simplify its capital rules for large banks, preserving the strong capital requirements already in place.

The "stress capital buffer," or SCB, integrates the Board's stress test results with its non-stress capital requirements. As a result, required capital levels for each firm would more closely match its risk profissuesile and likely losses as measured via the Board's stress tests. The rule, which will be effective 60 days after publication, is broadly similar to the proposal from April 2018, with a few changes in response to comments. By combining the Board's stress tests—which project the capital needs of each firm under adverse economic conditions—with the Board's non-stress capital requirements, large banks will now be subject to a single, forward-looking, and risk-sensitive capital framework. The simplification would result in banks needing to meet eight capital requirements, instead of the current 13.

A firm’s first stress capital buffer requirement, as determined under the final rule, will be effective October 1, 2020.

Also on Wednesday, the Board released the instructions for the 2020 CCAR cycle. The instructions confirm that 34 banks will participate in this year's test.


FinCEN fines former U.S. Bank official

FinCEN has announced it has assessed a $450,000 civil money penalty against Michael LaFontaine, former Chief Operational Risk Officer at U.S. Bank National Association (U.S. Bank), for his failure to prevent violations of the Bank Secrecy Act during his tenure (January 2005 to June 2014). U.S. Bank used automated transaction monitoring software to spot potentially suspicious activity, but it improperly capped the number of alerts generated, limiting the ability of law enforcement to target criminal activity. In addition, the bank failed to staff the BSA compliance function with enough people to review even the reduced number of alerts enabling criminals to escape detection.

U.S. Bank failed to timely file thousands of Suspicious Activity Reports (“SARs”). Bank employees understood through internal testing and other means that the inadequate AML policies described above caused the Bank to fail to identify and report large numbers of suspicious transactions. Subsequent analysis of the Bank’s transactions has revealed that it failed to timely file thousands of SARs, including on transactions that potentially laundered the proceeds from crimes. The Bank was assessed a civil money penalty of $185 million in February 2018 for these inadequacies and violations.


OCC CRA evaluations released

The OCC has released a list of Community Reinvestment Act performance evaluations that became public during the month of February. Of the 19 evaluations made public this month, 18 were rated satisfactory and one, First Shore FS & LA, Salisbury, Maryland, was rated outstanding.


HUD funds carbon monoxide detectors

HUD Secretary Carson has announced the award of $5 million to public housing agencies for the purchase and installation of carbon monoxide detectors in public housing units where they are necessary.


FDIC amends Securitization Safe Harbor Rule

The FDIC is amending its securitization safe harbor rule, which relates to the treatment of financial assets transferred in connection with a securitization transaction, in order to eliminate a requirement that the securitization documents require compliance with Regulation AB of the Securities and Exchange Commission in circumstances where Regulation AB by its terms would not apply to the issuance of obligations backed by such financial assets.

The FDIC's final rule, published today, will be effective May 4, 2020.


Training View All

Penalties View All

Search Top Stories