Top Story Compliance Related

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has designated five entities and 19 individuals under the Countering America’s Adversaries Through Sanctions Act (CAATSA) as well as Executive Order (E.O.) 13694, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” as amended, and codified pursuant to CAATSA.

OFAC's action counters Russia’s continuing destabilizing activities, ranging from interference in the 2016 U.S. election to conducting destructive cyber-attacks, including the NotPetya attack, a cyber-attack attributed to the Russian military on February 15, 2018, in statements released by the White House and the British Government. Treasury reports this cyber-attack was the most destructive and costly cyber-attack in history. The attack resulted in billions of dollars in damage across Europe, Asia, and the United States, and significantly disrupted global shipping, trade, and the production of medicines. Additionally, several hospitals in the United States were unable to create electronic records for more than a week.

As a result of OFAC's action, all property and interests in property of the designated persons subject to U.S. jurisdiction are blocked, and U.S. persons are generally prohibited from engaging in transactions with them. For identification of the sanctioned individuals and entities, see our OFAC Update.

The U.S. Senate voted 67 to 31 to pass S. 2155, the Economic Growth, Regulatory Relief, and Consumer Protection Act, late on Wednesday evening, March 14, 2018, reports NMP, the National Mortgage Professional Magazine. The bill now goes to the House of Representatives for consideration, where the chairman of the House Financial Service Committee, Jeb Hensarling, is reported by The Hill to have said he's not holding talks with key senators on the bill. Hensarling said he does expect a conference committee to be formed, but House conservatives want any final bill to include more input from the House membership.

In the meantime, the House has passed the Tailor Act, which, if enacted, would require regulators to tailor their actions to meet characteristics of the many different banks they supervise.

The Senate bill includes provisions that would, among other things --

• Provide Qualified Mortgage designations for mortgages held in portfolio by banks with less than $10 billion in assets
• Increase the threshold for designation as a systemically important financial institution from $50 billion to $250 billion in assets
• End stress testing for banks under $100 billion in assets
• Simplify community bank capital calculations
• Provide appraisal requirement relief for smaller mortgages in rural areas
• Lengthen the exam cycle for community banks
• Provide for free security freezes of credit files held at nationwide credit bureaus
• Make permanent the temporary changes to the SCRA extending the "90 day" period in sections 303(b) and 303(c) to "one year."
• Provide for expanded relief from HPML escrow requirements for depository institutions

If either of these bills is enacted, it will, of course, include different final wording than that currently reported.

The OCC will host two workshops in Indianapolis at the Crowne Plaza Indianapolis Airport, April 17 and 18, for directors of national community banks and federal savings associations supervised by the OCC.

• The Compliance Risk workshop on April 17 combines lectures, discussion, and exercises on the critical elements of an effective compliance risk management program. The workshop also focuses on major compliance risks and critical regulations.
• The Operational Risk workshop on April 18 focuses on the key components of operational risk—people, processes, and systems.

The CFPB has issued a Request for Information (RFI) on its adopted regulations and its new rulemaking authorities. This is the eighth in a series of RFIs announced by Acting Director Mick Mulvaney in his "call for evidence" that the Bureau is fulfilling its proper and appropriate functions to best protect consumers. In this RFI, the Bureau is "seeking comments and information from interested parties to assist the Bureau in considering whether it should amend any rules it has issued since its creation or issue rules under new rulemaking authority provided for by the Dodd-Frank Act." Publication is expected on or about March 19, and a 90-day comment period will follow.

• UPDATE: This RFI is scheduled for publication on March 21, with a comment period ending 6/19/2018.

The CFPB has posted an article indicating that individuals who weren’t able to access the money on their RushCards in October 2015, but no longer have an active RushCard account, will have redress checks mailed to them. And earlier this month, people who were unable to access the money on their RushCards in October 2015, and still have an active RushCard, received a credit to their account.

• February 1, 2017 Penalties page: Mastercard and UniRush pay $13M for botched conversion
  

The Securities and Exchange Commission has charged foreign affiliates of KPMG, Deloitte & Touche, and BDO (Binder Dijker Otte) for their involvement in audit work that circumvented the full oversight of the Public Company Accounting Oversight Board (PCAOB). The firms agreed to settle the charges by paying penalties or disgorging their profits from the audits. Without admitting or denying the findings, BDO Canada agreed to pay a $50,000 penalty, KPMG in South Africa agreed to pay a $100,000 penalty, Deloitte in Zimbabwe agreed to pay disgorgement and interest totaling $99,057, and KPMG in Zimbabwe agreed to pay disgorgement and interest totaling $141,305.

The FDIC has posted a notice of the open-session meeting of its Board of Directors, to be held on March 20, 2018, to consider the following topics, among others:

• Memorandum and resolution re: Notice of Proposed Rulemaking: Annual Stress Test – Applicability Transition for Covered Banks with $50 Billion or More in Assets; Technical and Conforming Changes.
• Memorandum and resolution re: Regulatory Capital Rules: Removal of Certain Capital Rules That Are No Longer Effective Following the Implementation of the Revised Capital Rules [Part 325].
• Memorandum and resolution re: Technical Amendments to Assessment Rules.
• Memorandum and resolution re: Notice of Proposed Rulemaking Regarding Fiduciary Powers of State Savings Associations and Consent Requirements for the Exercise of Trust Powers.
• Memorandum and resolution re: Review of Regulations Transferred from the Former Office of Thrift Supervision: Part 390, Subpart I – Consumer Protection in Sales of Insurance [Final Rule].
• Memorandum and resolution re: Final Rule regarding Removal of OTS Regulations Re: Minimum Security Procedures Amendments (Removal of part 391, subpart A, entitled Security Procedures and amend FDIC regulations to be applicable to state savings associations).

The CFPB has posted a notice that it is updated its Small Entity Compliance Guide and the Guide to Preparing the Short Form Disclosure for Prepaid Accounts. Those guidance documents and other resources for compliance with the rule (which now becomes effective April 1, 2019), can be found on the Bureau's Implementation and Guidance page for the Prepaid Rule.

The Federal Reserve Board has issued a Consent Order to Cease and Desist to the Industrial and Commercial Bank of China, Ltd., Beijing, People's Republic of China, and to the New York City branch of that bank following the most recent examination of the New York Branch by the Federal Reserve Bank of New York, which identified significant deficiencies in the Branch's risk management and compliance with applicable federal and state laws, rules, and regulations relating to anti-money laundering compliance, including the Bank Secrecy Act and rules issued under the Bank Secrecy Act, and with the requirements of Federal Reserve Board Regulation K to report suspicious activity and to maintain an adequate BSA/AML compliance program.

The Order directs the Bank and Branch to make improvements in the areas of their:

• Corporate governance and management oversight
• BSA/AML compliance program
• Customer due diligence
• Suspicious activity monitoring and reporting

The Bank and Branch were also ordered to:

• Arrange for a look-back transaction review by an independent third party covering the Branch's U.S. dollar clearing transaction activity from July 1 through December 31, 2016, (and other periods, if later required) to determine whether suspicious activity was properly identified and reported
• Submit a written plan for OFAC regulation compliance
• Submit a revised internal audit program

The Federal Emergency Management Agency has published a final rule [83 FR 10638, 3/11/2018] identifying communities in Iowa and Louisiana that will be suspended from the National Flood Insurance Program effective March 20, 2018, for noncompliance with the floodplain management requirements of the program. Affected communities include:

• Kossuth County, Iowa: City of Titonka and unincorporated areas
• Vernon Parish, Louisiana: City of Leesville, Towns of Hornbeck and New Llano, and unincorporated areas