Skip to content

How to gain more from operational risk management practices.
Modern risk management technology solutions improve efficiency and provide greater visibility into risks. Today’s tools provide real-time visibility, action plans, enhanced reporting and business intelligence, and proactive notifications for operational risk. Real-time data empowers banks and financial services organizations to proactively manage risks and instantly detect and mitigate emerging issues. Click here to learn more.


Top Story Compliance Related

10/15/2020

FDIC asks early start on Call Report

The FDIC has issued FIL-97-2020 with links to materials pertaining to the Call Report for the quarter ending September 30, 2020. The agency asked that banks plan to complete their preparation, editing and review of their Call Report data as early as possible to ensure a timely submission of the data to the Central Data Repository.

With exceptions for certain institutions with foreign offices, completed Call Reports must be received by Friday, October 30, 2020.

10/15/2020

USAA Bank assessed $85M CMP

The OCC has assessed an $85 million civil money penalty against USAA Federal Savings Bank for the bank’s failure to implement and maintain an effective compliance risk management program and an effective information technology risk governance program. These deficiencies resulted in violations of law, including but not limited to violations of the Military Lending Act and the Servicemembers Civil Relief Act. In January 2019, the bank entered into a consent order with the OCC concerning the deficiencies, and is in the process of remediating them.

10/14/2020

Agenda for FDIC public Board meeting

The FDIC has posted the agenda for its 10:00 a.m. EDT October 20, 2020, Board of Directors meeting, which will be open to the public via live webcast.

Key summary agenda items include:

  • Final Rule on Branch Application Procedures
  • Notice of Proposed Rulemaking on Removal of Transferred OTS Regulations Regarding Subordinate Organizations (Part 390, Subpart O)
  • Notice of Proposed Rulemaking on Role of Supervisory Guidance

Key discussion agenda items include:

  • Final Rule on Regulatory Capital Treatment for Investments in Certain Unsecured Debt Instruments of Global Systemically Important U.S. Bank Holding Companies, Certain Intermediate Holding Companies, and Global Systemically Important Foreign Banking Organizations; Total-Loss Absorbing Capacity Requirements
  • Final Rule on Net Stable Funding Ratio: Liquidity Risk Measurement Standards and Disclosure Requirements
  • Interim Final Rule on Applicability of Annual Independent Audits and Reporting Requirements for Fiscal Years Ending in 2021

10/14/2020

FinCEN Advisory on unemployment insurance fraud

FinCEN has issued FIN-2020-A007, an "Advisory on Unemployment Insurance Fraud During the Coronavirus Disease 2019 (COVID-19) Pandemic." The advisory contains descriptions of COVID-19-related unemployment insurance (UI) fraud, associated red flag indicators, and information on how to report suspicious activity that may involve UI fraud. Representative types of such fraud include:

  • Fictitious employer-employee fraud: filers falsely claim they work for a legitimate company, or create a fictitious company and supply fictitious employee and wage records to apply for UI payments;
  • Employer-employee collusion fraud: the employee receives UI payments while the employer continues to pay the employee reduced, unreported wages;
  • Misrepresentation of income fraud: an individual returns to work and fails to report the income in order to continue receiving UI payments, or in an effort to receive higher UI payments, an applicant claims higher wages than he/she previously earned;
  • Insider fraud: state employees use credentials to inappropriately access or change UI claims, resulting in the approval of unqualified applications, improper payment amounts, or movement of UI funds to accounts that are not on the application; or
  • Identity-related fraud: filers submit applications for UI payments using stolen or fake identification information to perpetrate an account takeover.

FinCEN asks that SARs for possible UI fraud include the key term "“COVID19 UNEMPLOYMENT INSURANCE FRAUD FIN-2020-A007” in SAR field 2 (Filing Institution Note to FinCEN) and the narrative to indicate a connection between the suspicious activity being reported and the activities highlighted in the advisory. Filers should also select SAR field 34(z) (Fraud-other) as the suspicious activity type, and include certain other information detailed in the Advisory, if available, to assist law enforcement.

10/13/2020

CIP exemption for premium finance loans

The OCC, Federal Reserve, FDIC, NCUA, and FinCEN have issued an order granting an exemption from the requirements of the customer identification program rules implementing section 326 of the USA PATRIOT Act for certain loans. The affected loans are those extended by banks. credit unions and their subsidiaries under the jurisdiction of the agencies to all customers (entities and individuals) to facilitate purchases of property and casualty insurance policies referred to as insurance premium finance lending or premium finance loans.

This order, which is dated October 5, 2020, supersedes an order issued September 27, 2018.

10/13/2020

OFAC sanctions Nicaraguan bank and officials

On Friday, Treasury announced that OFAC had designated Nicaraguan financial institution Cooperativa De Ahorro Y Credito Caja Rural Nacional RL, as well as Attorney General Ana Julia Guido De Romero and Secretary of the Presidency Paul Herbert Oquist Kelley, in an effort to target key financial operations and government officials that continue to undermine Nicaragua’s democracy. The action, taken pursuant to Executive Order 13851, “Blocking Property of Certain Persons Contributing to the Situation in Nicaragua,” targets corrupt financial operations and Ortega regime supporters.

Identifying information can be found in this BankersOnline OFAC Update.

10/09/2020

FCC proposes amendments to TCPA regulations

The Federal Communications Commission has published [85 FR 64091] in today's Federal Register a proposed rule to implement section 8 of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act) and seeks comment on how to best implement it. As directed by the TRACED Act, the Commission seeks to ensure that any exemption the Commission has granted under the Telephone Consumer Protection Act (TCPA) for calls to residential lines or for calls to wireless numbers includes requirements with respect to the classes of parties that may make such calls; the classes of parties that may be called; and the number of such calls that may be made to a particular called party.

The Commission, to comply with the TRACED Act, seeks comment on the need to amend exemptions the Commission has previously carved out. Those exemptions are: (1) Non-commercial calls to a residence; (2) commercial calls to a residence that do not constitute telemarketing; (3) tax-exempt nonprofit organization calls to a residence; (4) Health Insurance Portability and Accountability Act of 1996 (HIPAA)-related calls to a residence; (5) package delivery-related calls to a wireless number; (6) financial institution calls to a wireless number; (7) healthcare-related calls to a wireless number; (8) inmate calling service calls to a wireless number; and (9) cellular carrier calls to their own subscribers.

Comments are due on or before October 26, 2020, and reply comments are due on or before November 3, 2020.

10/09/2020

U.S. sanctions 18 major Iranian banks

Yesterday, the Secretary of the Treasury, in consultation with the Secretary of State, identified the financial sector of the Iranian economy pursuant to section 1(a)(I) of Executive Order 13902, which authorizes Treasury to sanction any Iranian financial institution. Subsequently, OFAC sanctioned eighteen major Iranian banks. Sixteen Iranian banks were sanctioned for operating in Iran’s financial sector and one bank for being owned or controlled by a sanctioned Iranian bank. Additionally, this action includes the designation of an Iranian military-affiliated bank under Treasury’s counter-proliferation authority.

See BankersOnline's OFAC Update for identification of the banks sanctioned by these actions, information on a new Iran-related General License, and links to new Iran-related FAQs.

10/08/2020

Citibank fined $400M for risk management deficiencies

The OCC announced yesterday it has issued Citibank, N.A., Sioux Falls, South Dakota, a $400 million civil money penalty order related to deficiencies in enterprise-wide risk management, compliance risk management, data governance, and internal controls. The OCC took that action based on the bank’s unsafe or unsound banking practices for its long-standing failure to establish effective risk management and data governance programs and internal controls. This failure also resulted in a violation of 12 CFR Part 30, Appendix D, “OCC Guidelines Establishing Heightened Standards for Certain Large Insured National Banks, Insured Federal Savings Associations, and Insured Federal Branches.”

The agency also issued a cease and desist order requiring the bank to take broad and comprehensive corrective actions to improve risk management, data governance, and internal controls. The order requires the bank to seek the OCC’s non-objection before making significant new acquisitions and reserves the OCC’s authority to implement additional business restrictions or require changes in senior management and the bank’s board should the bank not make timely, sufficient progress in complying with the order.

Further information on the OCC's actions, with links to the consent orders, can be found HERE, in BankersOnline's Penalty pages.

The Federal Reserve Board announced a separate but related action against Citigroup, the bank’s holding company. In a cease and desist order, the Board requires Citigroup to enhance its firm-wide risk management and internal controls. Among other things, the firm has not taken prompt and effective actions to correct practices previously identified by the Board in the areas of compliance risk management, data quality management, and internal controls.

10/06/2020

Applications for early termination of CFPB orders

The CFPB has issued a policy statement on applications for early termination of administrative consent orders. The statement outlines the early termination application process for entities subject to an order and the standards that the Bureau intends to use when evaluating applications. For an order to be terminated early, an entity should demonstrate that it meets certain threshold eligibility criteria, has fully complied with the terms of the order, and has a satisfactory compliance management system in applicable areas. These conditions are designed to minimize the risk of new violations of law by the entity and to protect consumers.

The policy statement becomes effective October 8, 2020.

Pages

Training View All

Penalties View All

Search Top Stories