Skip to content

How to gain more from operational risk management practices. Modern risk management technology solutions improve efficiency and provide greater visibility into risks. Today’s tools provide real-time visibility, action plans, enhanced reporting and business intelligence, and proactive notifications for operational risk. Real-time data empowers banks and financial services organizations to proactively manage risks and instantly detect and mitigate emerging issues. Click here to learn more.


Top Story Compliance Related

12/06/2019

OCC lists 10 Outstanding CRA evals

The OCC yesterday released a list of Community Reinvestment Act (CRA) performance evaluations that became public in November. Of the 22 evaluations listed, 12 are rated "Satisfactory" and these ten are rated "Outstanding" (links are to their evaluations):

12/06/2019

Treasury and Justice target cybercriminals

Russian nationals charged with banking cybercrimes

The U.S. Department of Justice has joined with the U.S. Department of State and the United Kingdom’s National Crime Agency in charging two Russian nationals, Maksim Y. Yakubets and Igor Turashev, with a vast and long-running cybercrime spree that stole from thousands of individuals and organizations in the United States and abroad. They are charged with an effort that infected tens of thousands of computers with a malicious code called Bugat. Once installed, the computer code, also known as Dridex or Cridex, allowed the criminals to steal banking credentials and funnel money directly out of victims’ bank accounts. Their names and those of their associates have been added to the SDN List.

Evil Corp sanctioned for infecting bank computers

OFAC has announced action taken against Evil Corp, the Russia-based cybercriminal organization responsible for the development and distribution of the Dridex malware. The Dridex malware is a multifunctional malware package that is designed to automate the theft of confidential information, to include online banking credentials from infected computers.

Evil Corp has used the Dridex malware to infect computers and harvest login credentials from hundreds of banks and financial institutions in over 40 countries, causing more than $100 million in theft. OFAC's action targets 17 individuals and seven entities to include Evil Corp, its core cyber operators, multiple businesses associated with a group member, and financial facilitators utilized by the group. Identification information on the designated individuals and entities can be found in BankersOnline's OFAC Update.

FinCEN and the CISA (U.S. Cybersecurity and Infrastructure Security Agency) issued a Report on Dridex Malware that provides an overview of the malware, related activity, and a list of previously unreported indicators of compromise derived from information reported to FinCEN by private sector financial institutions. Because actors using Dridex malware and its derivatives continue to target the financial services sector, including financial institutions and customers, the techniques, tactics, and procedures contained in this report warrant renewed attention. Treasury and CISA encourage network security specialists to incorporate these indicators into existing Dridex-related network defense capabilities and planning.

12/05/2019

FinCEN report on increase in fraud against elders

A report has been released by FinCEN indicating that elders face an increased threat to their financial security by both domestic and foreign actors. Elder financial exploitation Suspicious Activity Report filings increased dramatically over the six-year study period, from about 2,000 filings per month in 2013 to a peak of nearly 7,500 filings per month in August 2019. The yearly dollar amount of suspicious activity reported for elder financial exploitation also rose.

FinCEN Director Kenneth A. Blanco said the SARs filed by financial institutions are used to protect the country and its people from harm and provide unique and valuable information on crime and other threats happening in the U.S. and around the world impacting families and communities. He said, "These SARs are also important to filer banks and MSBs because they show trends and patterns in criminal activity. Every financial institution wants to protect its customers, and SAR reporting helps them do that. Awareness of these reporting trends and potential exploitation methods can also help consumers protect themselves."

12/05/2019

FDIC lists CRA eval ratings

The FDIC has issued a list of 71 state nonmember banks to which the FDIC assigned Community Reinvestment Act evaluation ratings in September 2019. A bank in Connecticut received a "Needs to Improve" rating. The other 70 banks received "Satisfactory" ratings.

12/04/2019

Bureau proposes Remittance Rule changes

The CFPB announced Tuesday it has issued a Notice of Proposed Rulemaking relating to the Remittance Rule (subpart B of Regulation E). The proposal—

  • would allow certain banks and credit unions to continue to provide estimates under certain conditions where it could be economically infeasible for these institutions to provide exact disclosures.
  • would increase the safe harbor threshold that determines whether a company makes remittance transfers in the normal course of its business and is subject to the Rule to 500 or fewer transfers annually in the current and prior calendar years. The Bureau said this would reduce the burden on over 400 banks and almost 250 credit unions that send a relatively small number of remittances—less than 0.06 percent of all remittances.
  • requests comment on a permanent exception in the Rule permitting providers to use estimates for transfers to certain countries and the process for adding countries to the safe harbor countries list maintained by the Bureau.

Comments on the proposal will be accepted for 45 days following its publication in the Federal Register.
UPDATE: Published at 84 FR 67132 on 12/6/2019, with comment period ending 1/21/2020.

12/04/2019

Statement on use of alternative data in credit underwriting

Five Federal financial regulatory agencies—the Fed, the CFPB, the FDIC, the OCC and the NCUA— have issued an "Interagency Statement on the Use of Alternative Data in Credit Underwriting" by banks, credit unions, and non-bank financial firms.

The statement notes the benefits that using alternative data may provide to consumers, such as expanding access to credit and enabling consumers to obtain additional products and more favorable pricing and terms. The statement explains that a well-designed compliance management program provides for a thorough analysis of relevant consumer protection laws and regulations to ensure firms understand the opportunities, risks, and compliance requirements before using alternative data.

Alternative data includes information not typically found in consumers’ credit reports or customarily provided by consumers when applying for credit. Alternative data include cash flow data derived from consumers’ bank account records.

12/04/2019

Treasury targets Venezuelan oil shipments to Cuba

The Treasury Department announced Tuesday that OFAC has identified six vessels as blocked property of Petroleos de Venezuela, S.A. (PdVSA) under the authority of Executive Order 13884, which blocks the property and interests in property of the Government of Venezuela. Additionally, OFAC identified the vessel Esperanza as blocked property of Caroil Transport Marine Ltd., which was designated on September 24, 2019, for operating in the oil sector of the Venezuelan economy. The Esperanza was previously listed as the Nedas on the SDN List, which was identified as blocked property on April 12, 2019. For further identification information on the seven vessels, see BankersOnline's OFAC Update.

12/04/2019

Agencies clarify guidance for banking hemp-related businesses

On Tuesday, December 3, the Board of Governors, FDIC, FinCEN, OCC, and the Conference of State Bank Supervisors jointly released a statement, "Joint Guidance on Providing Financial Services to Customers Engaged in Hemp-Related Businesses," clarifying the legal status of hemp growth and production, and the relevant requirements under the Bank Secrecy Act for banks providing services to hemp-related businesses. The statement—

  • emphasizes that banks are no longer required to file SARs for customers solely because they are engaged in the growth or cultivation of hemp in accordance with applicable laws and regulations. For hemp-related customers, banks are expected to follow standard SAR procedures, and file a SAR if signs of suspicious activity warrant filing.
  • provides banks with background information on the legal status of hemp, the USDA's interim final rule on the production of hemp, and the BSA considerations when providing banking services to hemp-related businesses.
  • indicates that FinCEN will issue additional guidance after further reviewing and evaluating the USDA interim final rule.

12/03/2019

FDIC posts enforcement actions manual

The FDIC has issued FIL-76-2019 announcing it has posted its Formal and Informal Enforcement Actions Manual on its website to provide transparency regarding the agency's enforcement program.

  • The manual provides instructions to FDIC staff who process formal and informal actions against insured depository institutions and their institution-affiliated parties.
  • The manual does not interpret any law or regulation. Rather, it supports FDIC staff in the application of relevant laws and regulations. Additionally, it provides instructions for development of enforcement actions in response to supervisory concerns, violations, and other actionable misconduct.
  • The manual does not establish supervisory requirements and is not industry guidance.

12/02/2019

FEMA to suspend communities from flood program

FEMA has published a notice [84 FR 65924] in today's Federal Register identifying communities in North Carolina scheduled for suspension from the National Flood Insurance Program on December 6, 2019, for noncompliance with the floodplain management requirements of the program. The communities listed include:

  • Atkinson
  • Northwest
  • Pembroke
  • Roxboro
  • Tabor City
  • unincorporated areas of Brunswick, Columbus, Durham, Pender, and Robeson Counties

If FEMA receives documentation that a community has adopted the required floodplain management measures prior to the effective suspension date, the suspension will not occur. Information identifying the current participation status of a community can be obtained from FEMA's Community Status Book.

Pages

Training View All

Penalties View All

Search Top Stories