Top Story Technology Related

The Federal Housing Finance Agency yesterday released an interactive tool for tracking data on multifamily mortgages that enables users to review details about loans and properties at both the state and national levels. The tool, known as a data visualization dashboard, provides a more accessible way to view and understand data on multifamily mortgages. It is derived from the Enterprise Multifamily Public Use Database (PUDB) of mortgage acquisitions by Fannie Mae and Freddie Mac (the Enterprises).

The Enterprise Multifamily PUDB Dashboard includes data snapshots of key statistics, time series charts, and state maps of multifamily housing characteristics such as median loan amount, number of properties, average number of units per property, and unit affordability. The underlying aggregate statistics presented in the dashboard come from three multifamily data files in the Enterprise PUDB, updated annually since 2008, including two property-level datasets and a data file on the size and affordability of individual units. The dashboard shows characteristics about multifamily loan, property, and unit characteristics at the national level and loan and property characteristics at the state level.

The FDIC Board of Directors approved yesterday a notice of proposed rulemaking that would strengthen recordkeeping for bank deposits received from third party, non-bank companies accepting those deposits on behalf of consumers and businesses. The proposal seeks to address risks related to these third-party arrangements, protect depositors, and promote public confidence in insured deposits.

Non-banks may deposit funds together into a single custodial account at a bank. These custodial accounts may hold funds of many thousands of consumers and businesses, and the bank may not readily know or be able to determine the individual owners of funds in the custodial account. Under the proposed rule, FDIC-insured banks holding certain custodial accounts, as defined in the proposal, would be required to take certain steps to ensure accurate account records are maintained in order to determine the individual owner of the funds, including a requirement to reconcile the account for each individual owner on a daily basis. These requirements, as well as others, apply if the bank uses a third party to maintain records.

The proposal’s provisions also provide for oversight by the banks’ primary federal supervisor to review for compliance with this rule and enforcement authority to compel compliance if the bank fails to meet these requirements.

The FDIC invites public comments on all aspects of the proposal. Public comments on the proposal are due 60 days after publication in the Federal Register.

The Treasury Department has issued announcements of designations under OFAC's Global Magnitsky and Cyber-related sanctions programs.

The Global Magnitsky sanctions designations included individuals who have undermined fundamental freedoms, including freedom of expression, in the country of Georgia. Specifically, the Department of the Treasury sanctioned two Georgian government officials associated with brutal crackdowns on peaceful protestors and political opponents, and two private Georgian citizens that are responsible for or complicit in, or have directly or indirectly engaged in violently suppressing the exercise of the freedom of peaceful assembly of Georgians engaged in the democratic process and peaceful expression.

OFAC also designated five individuals and one entity associated with the Intellexa Consortium under its Cyber-related sanctions for their role in developing, operating, and distributing commercial spyware technology that presents a significant threat to the national security of the United States.

For the names and identification information of the designated parties covered by both announcements, see the September 16, 2024, BankersOnline OFAC Update.

The FDIC, OCC, and Federal Reserve Board have jointly announced they will extend until October 30, 2024, the comment period on a request for information on bank-fintech arrangements involving banking products and services.

The agencies are seeking input on the nature and implications of bank-fintech arrangements and effective risk management practices. Extending the comment period will allow the public more time to consider the request, prepare comments, and address the questions posed by the agencies. Comments were originally due by September 30, 2024.

• Federal Register Extension Notice

The Consumer Financial Protection Bureau on Wednesday announced it had ordered TD Bank, N.A. to pay $7.76 million in consumer redress to thousands of victims for its illegal actions regarding credit reporting. The Bureau said the bank for years repeatedly shared inaccurate, negative information about its customers to consumer reporting companies. The information included systemic errors about credit card delinquencies and bankruptcies. In addition to the redress, the CFPB is ordering TD Bank to pay a $20 million civil money penalty.

Specifically, the CFPB said TD Bank harmed consumers by—

• Failing to fix its credit card reporting errors
• Sharing fraudulent information with consumer reporting companies after the bank identified hundreds of thousands of deposit account openings that were either confirmed or suspected to be fraudulent
• Failing to investigate and resolve consumer disputes

For additional information and the details of the Bureau's consent order, click HERE.

The Federal Communications Commission has published [89 FR 73321] a proposed rule with steps to protect consumers from the abuse of Artificial Intelligence (AI) in robocalls alongside actions that clear the path for positive uses of AI, including its use to improve access to the telephone network for people with disabilities.

Specifically, the proposal would define AI-generated calls, adopt new rules that would require callers disclose to consumers when they receive an AI-generated call, adopt protections for consumers to ensure that callers adequately apprise them of their use of AI-generated calls when consumers affirmatively consent to receive such calls, and adopt protections to ensure that positive uses of AI that have already helped people with disabilities use the telephone network can thrive without threat of Telephone Consumer Protection Act (TCPA) liability. The document also seeks additional comment and information on developing technologies that can alert consumers to unwanted or illegal calls and texts, including AI-generated calls.

Comments on the proposal are due by October 10, 2024, and reply comments are due by October 25, 2024.

The Federal Housing Finance Agency yesterday released an online risk analysis tool that provides geographic estimates for physical risks from various types of natural disasters as well as nationwide data on housing and the mortgage market.

The tool — known as the Mortgage Loan and Natural Disaster Dashboard— is intended to give property owners, community leaders, financial institutions, policymakers, and other stakeholders better insight into which areas of the country are most likely to incur greater damages from hurricanes, flooding, wildfires, and other types of natural hazards. Users can combine FHFA’s Public Use Database (PUDB) with data on previous disasters and other analysis from the Federal Emergency Management Agency (FEMA). They can identify areas of the country with elevated disaster risk based on several factors, and which of those areas have concentrations of properties financed with loans acquired by Fannie Mae, Freddie Mac, and the Federal Home Loan Banks.

The dashboard utilizes data from three publicly available sources. The PUDB provides a geographic breakdown of loans acquired by FHFA’s regulated entities. FEMA’s National Risk Index identifies communities most at risk for 18 types of natural hazards. The third source, FHFA’s Duty to Serve High-Needs Rural Areas data, pinpoints rural areas in the country that are characterized by a high concentration of poverty and substandard housing conditions.

The data on mortgages were updated as of 2022 and the data on past natural disasters reflected in the online tool were updated as of 2023, while the Census tracts were drawn from the 2020 U.S. Census. Dashboard users can view nationwide mortgage data at the Census-tract level overlaid with expected annual damages for 18 different types of natural disasters.

The Federal Trade Commission reports that new data show a massive increase in the amount of money consumers report losing to scammers involving Bitcoin ATM machines. Since 2020, the amount consumers reported losing has increased nearly tenfold to over $110 million in 2023.

In a newly released data spotlight, the FTC says that fraud losses to Bitcoin ATMs have topped $65 million in just the first six months of 2024. During this timeframe, consumers over the age of 60 were more than three times as likely as younger adults to report losing money to Bitcoin ATM scams. Across all ages, the median loss reported in the first half of this year was a staggering $10,000.

The majority of scam losses involving Bitcoin ATMs come as a result of government impersonation, business impersonation, and tech support scams. The lies told by scammers vary, but they all create some urgent justification for consumers to take cash out of their bank accounts and put it into a Bitcoin ATM. As soon as consumers scan a QR code provided by scammers at the machine, their cash is deposited straight into the scammers’ crypto account.

The FFIEC has announced that, on behalf of its members, the FFIEC will sunset the Cybersecurity Assessment Tool on August 31, 2025. The FFIEC announcement includes links to other resources that can assist financial institutions in their self-assessment activities.

The Federal Financial Institutions Examination Council (FFIEC) has issued a new booklet to help examiners assess information technology practices.

The “Development, Acquisition, and Maintenance” booklet provides examiners with fundamental examination expectations regarding entities’ development and acquisition planning and execution, governance and risk management, and maintenance and change management practices. It discusses the interconnectedness of an entity’s assets and processes and those of its third-party service providers along with information to help examiners assess whether management adequately addresses risks and complies with applicable laws and regulations.

The booklet reflects the changing technological environment and increasing need for security and resilience. It also highlights the importance of providing examiners with current information regarding safety and soundness, consumer protection, and provision of secure and resilient business services to customers. This new booklet replaces the “Development and Acquisition” booklet issued in April 2004.