Insights from Winston & Strawn

This week there are two financial services regulatory developments worthy of a “deeper dive” than normal.

Online Lending

On July 20, the U. S. Department of the Treasury published a formal Notice and Request for Comment on the subject of expanding access to credit through online marketplace (including “peer­to­peer”) lending to small businesses and consumers. Specifically, the Department seeks comment on (1) the various business models and products offered, (2) the potential for online lending to expand access to credit to underserved persons, and (3)“ “how the financial regulatory framework should evolve to support the safe growth of this industry.” The Consumer Financial Protection Bureau’s eventual rulemaking on payday lending is explicitly outside the scope of the Treasury’s request, but securities law considerations are within the scope of the request. The request provides the public 45 days to comment.

The Treasury Department Notice reflects its understanding that, to date, the majority of consumers benefitting from online lending are prime or near­prime borrowers and that such lending delivers lower costs and faster decision times than traditional lending. The Notice recognizes that high underwriting costs can make it uneconomical to make small consumer loans and, thus, such loans may bear very high interest rates.

Similarly, it notes that, on the small business front, small businesses are more dependent on bank financing than are larger firms, but underwriting costs make it uneconomical to make small loans.

The Treasury Department Notice also suggests that technology may be able to reduce these transaction costs. This could drive down consumer interest rates and enable heretofore underserved consumers and small businesses to access credit. Of course, the Notice notes that online lending is growing rapidly.

Recognizing that there are different online lending business models, such as balance sheet lenders, “peer­to­ peer” platform lenders, and bank­affiliated lenders, the Treasury Department Notice asks whether different business models raise different policy concerns. It also asks whether the unprecedented amount of online data available on the activities of particular small businesses enables online lending or creates risks. The Department expresses an interest in market segmentation and whether historically underserved segments of the market may be getting access to credit through this means. It also asks about marketing channels, accuracy of credit risk models, regulatory compliance steps, management of operational practices (loan servicing, fraud detection, credit reporting, and collections), and how the federal government might facilitate innovation. The Department also asks whether “peer­to­peer” platform lenders should be required to have “skin in the game,” echoing securitization risk retention rules. It also asks about harms that online lending might present to consumers and small businesses, citing specifically privacy and cybersecurity threats and consumer protection concerns. Finally, the Treasury Department Notice asks what factors investors consider and about the current availability of secondary liquidity for online loan assets.

The Notice does not mention a source of legal authority for the Department to act in this area.


Deputy Treasury Secretary Sarah Bloom Raskin spoke about cybersecurity to the American Bankers Association (“ABA”) Summer Leadership meeting on July 20. She had spoken on the same subject to another gathering of the ABA last December. In the seven month interim, the cyber world experienced the attack attributed to North Korea on Sony Entertainment Pictures; theft of member personal information from Anthem, Premera, and Carefirst; and the hacks of the federal government’s Office of Personnel Management attributed to China. It was in that context that Deputy Secretary Raskin outlined ten questions that should guide the design of an effective cybersecurity program at a bank:

  1. Does the bank embed cybersecurity into its governance, control, and risk management systems?
  2. Has the bank identified its “crown jewels?”
  3. Has the bank tailored its security controls to the specific cyber risks presented by each key network, system, or set of sensitive data?
  4. Has the bank prioritized the implementing of enhanced controls around those networks and systems and data?
  5. Has the bank reviewed the FFIEC Cybersecurity Assessment Tool and incorporated it into the bank’s approach to cyber risk management?
  6. Has the bank designated specific professionals to be responsible for cybersecurity strategy and given them the necessary authority, resources, and access?
  7. Has the bank trained its personnel on its cybersecurity policies?
  8. Has the bank ensured that its insurance coverage matches its cyber risks?
  9. Does the bank’s cyber risk insurance impose “minimum required practices” that must be followed to ensure coverage?
  10. Does the bank utilize “basic cyber hygiene,” i.e.
  • Does it require multi­factor authentication?
  • Does it restrict special high­level access only to those who need it?
  • Is the bank consistently patching its software?
  • Is it effectively scanning for malicious activity?

Deputy Secretary Raskin intimated that, had the targets of the widely­reported hacks that occurred in the last seven months followed what she called “basic cyber hygiene,” the damage caused by those incidents would have been limited.

Jerry Loeser

Feature: Anti­Money Laundering

U.S. and international regulators have been stepping up their oversight of how financial institutions develop and implement their anti­money laundering (“AML”) programs. In June, Kevin W. Goodman of the U.S. Securities and Exchange Commission (“SEC”) discussed how his agency evaluates broker­dealer compliance with AML regulations. Using past SEC enforcement actions as examples, Goodman emphasized that each firm must demonstrate that it has tailored its AML program to the AML risk it faces. Goodman also described those areas in which the SEC’s Office of Compliance Inspections and Examinations will focus. Those areas include thinly traded securities, direct market access, master/sub­account relationships, and cash management services. View Goodman’s remarks here.

Last week, the U.S. Financial Crimes Enforcement Network (“FinCEN”) issued a final rule imposing “special measure five” against FBME Bank Ltd., formerly known as the Federal Bank of the Middle East. Special measure five prohibits U.S. financial institutions from opening or maintaining correspondent accounts or payable through accounts for or on behalf of FBME. The action follows FinCEN’s finding that FBME is a primary money laundering concern under Section 311 of the USA PATRIOT Act. According to FinCEN: (i) FBME is used by its customers to facilitate money laundering, terrorist financing, transnational organized crime, fraud, sanctions evasion, and other illicit activity internationally and through the U.S. financial system; (ii) FBME has systemic failures in its anti­ money laundering controls that attract high­risk shell companies, companies formed for the sole purpose of holding property or funds and that do not engage in any legitimate business activity; and (iii) FBME performs a significant volume of transactions and activities that have little or no transparency and often no apparent legitimate business purpose. View FinCEN’s ruling here.

The day before FinCEN issued its ruling, the Federal Deposit Insurance Corporation (“FDIC”) and the California Department of Business Oversight (“CDBO”) issued a joint order against Banamex USA for failing to implement an effective Bank Secrecy Act/AML compliance program and failing to retain a qualified and knowledgeable Bank Secrecy Act (“BSA”) officer and support staff. In their joint order, the agencies found that Banamex lacked adequate internal controls reasonably designed to detect and report illicit financial transactions and other suspicious activities and neither provided sufficient BSA training nor conducted effective independent testing. For these failures, the FDIC assessed a $140 million penalty and the CDBO $40 million. The FDIC penalty will be satisfied in part by the CDBO's penalty. View the joint order here.

The Federal Reserve Board and the New York State Department of Financial Services also issued a joint AML enforcement action. To resolve this matter, the New York branch of the China Construction Bank Corporation agreed to submit to the agencies an enhanced BSA/AML compliance program addressing internal controls, customer due diligence, suspicious activity monitoring and reporting, transaction review, and internal audit. View the joint order here.

The European Securities and Markets Authority (“ESMA”) provided guidance on the application of AML rules to investment­based crowdfunding platforms. Provided in a question and answer format, the guidance analyzes the potential AML risks presented by crowdfunding platforms and how the different European AML regulatory structures apply. View the guidance here.

Finally, FinCEN has advised that the Financial Action Task Force (“FATF”) updated the list of jurisdictions with strategic anti­money laundering/counter­terrorist financing deficiencies. The FinCEN Advisory notes the countries subject to countermeasures or enhanced due diligence and describes the steps which firms must take as a result. View the FinCEN Advisory here. The National Futures Association (“NFA”) also advised of the FATF update and urged new futures commission merchants and introducing brokers to revise their AML programs accordingly. View the NFA notice here.

Banking Agency Developments

OCC Bulletin on New Flood Insurance Rules

On July 21st, the Office of the Comptroller of the Currency (“OCC”) issued a Bulletin on a final rule that implements certain provisions of the Biggert­Waters Flood Insurance Reform Act of 2012 and the Homeowner Flood Insurance Affordability Act of 2014. The final rule amends existing regulations to: (1) incorporate a statutory exemption to the general mandatory flood insurance purchase requirement for detached structures; (2) establish requirements for national banks and federal savings associations to escrow flood insurance payments on residential improved real estate securing a loan; and (3) incorporate statutory amendments related to the force placement of flood insurance.

OCC Community Developments Newsletter Highlights Sustainable Loan Modifications

On July 21st, the OCC published the latest edition of its Community Developments Investments electronic newsletter entitled “Hardest Hit Fund: State Programs to Improve Loan Modification Sustainability and Stabilize Communities.” The newsletter provides examples of how state housing finance agencies are implementing the Hardest Hit Fund program, such as by funding programs that provide principal reduction in conjunction with a loan modification, temporary mortgage assistance for unemployed borrowers, assistance to facilitate short sales, or funds to pay off second liens. It also describes efforts to address low­value abandoned properties in a way that complements the work being done by the state housing finance agencies. There is also a review of how foreclosure prevention and community stabilization activities may qualify for consideration in a bank’s Community Reinvestment Act examination. OCC Press Release.

Payment Task Forces Steering Committee Members Named

On July 21st, the Federal Reserve Board announced the members of the steering committees of both the Faster Payments Task Force and Secure Payments Task Force. The steering committees will advise the Federal Reserve task force chair on meeting agendas and assist in prioritizing the various task force activities. The committees will also assist in establishing and recommending the scope of work groups, synthesizing task force perspectives, and determining items in need of task force deliberation. Federal Reserve Board Press Release.

New Capital Position Surcharges Announced

On July 20th, the Federal Reserve Board approved a final rule requiring the largest U.S. bank holding companies to further increase their capital positions. Under the rule, a firm that is identified as a global systemically important bank holding company will have to hold an additional 1.0 to 4.5 percent of their firm’s total risk­weighted assets. The surcharges will be phased in beginning on January 1, 2016, becoming fully effective on January 1, 2019. Federal Reserve Board Press Release.

New Capital Planning and Stress Test Rules Proposed

On July 17th, the Federal Reserve Board published for comment proposed modifications to its capital planning and stress testing regulations. The proposed changes would take effect for the 2016 capital plan and stress testing cycles. Under the proposal, adjustments to the timing for several requirements that have yet to be integrated into the stress testing framework would be made. Banking organizations subject to the supplementary leverage ratio would begin to incorporate that ratio into their stress testing in the 2017 cycle. The use of advanced approaches risk­weighted assets, which is applicable to banking organizations with more than $250 billion in total consolidated assets or $10 billion in on­balance sheet foreign exposures, in stress testing would be delayed indefinitely, and all banking organizations would continue to use standardized risk­weighted assets. Comments should be submitted on or before September 24, 2015. Federal Reserve Board Press Release.

Federal Contracting Event

On August 12, 2015, the OCC will co­host a technical assistance event for minority­ and women­owned businesses interested in federal contracting opportunities at George Mason University in Arlington, Virginia. The OCC, Federal Reserve Board, Consumer Financial Protection Bureau, Department of the Treasury, FDIC, Federal Housing Finance Agency, National Credit Union Administration, and the Securities and Exchange Commission will offer free informational, educational, and networking sessions to help businesses build and grow federal contracting opportunities. OCC Press Release.

Treasury Department Developments

OFR Studies Liquidity Shocks and Stress Tests

On July 22nd, the Treasury Department’s Office of Financial Research published “Incorporating Liquidity Shocks and Feedbacks in Bank Stress Tests.” The paper discusses how four types of shocks that can affect banks could be incorporated into stress tests and shows that shocks can affect regulatory ratios for capital and liquidity simultaneously. It further notes that a bank’s response to a binding regulatory ratio in stress can spread shocks to other banks.

Know Before You Owe Effective Date Finalized

On July 21st, the Consumer Financial Protection Bureau (“CFPB”) issued a final rule moving the effective date of the Know Before You Owe mortgage disclosure rule, also called the TILA­RESPA Integrated Disclosures rule, to October 3, 2015. The rule requires easier­to­use mortgage disclosure forms that clearly lay out the terms of a mortgage for a homebuyer. CFPB Press Release.

CFPB Cautions Lenders Regarding Improper Military Allotment Practices

On July 20th, the CFPB announced it has sent letters to several companies that sell retail goods to military servicemembers. The letters advise the companies to review their websites and other advertising for potentially misleading marketing and to review other practices related to payment by military allotment. Active­duty servicemembers are not permitted to use allotments to pay for personal property such as vehicles, appliances, and consumer electronics. The CFPB is concerned that companies that are still advertising repayment by way of military allotment may potentially be violating federal consumer financial protection laws. CFPB Press Release.

Securities and Exchange Commission

Exemptive Applications and Orders

BATS One Feed Loses No­Action Request

On July 22nd, the SEC’s Division of Trading and Markets denied BATS Global Markets’ request for no­action relief if a registered representative of a broker­dealer uses the BATS One Feed to fulfill the requirements of the Vendor Display Rule of Regulation NMS. Because BATS One Feed only aggregates approximately 20 percent of the daily volume in national market system securities among the four BATS Exchanges, relying on the BATS One Feed alone would be inconsistent with the Vendor Display Rule.

No­Action Relief from Risk Retention Rules

On July 17th, the SEC’s Division of Corporation Finance granted Crescent Capital Group LP’s request for no­ action relief from the risk retention requirements of Section 15 G of the Securities Exchange Act of 1934 in connection with a refinancing of collateralized loan obligations that were issued in a transaction priced before December 24, 2014, the date on which the Credit Risk Retention Final Rules were published in the Federal Register.

Other Developments

Commissioner Gallagher Decries Labor Department Fiduciary Duty Proposal

On July 21st, Commissioner Daniel M. Gallagher submitted his personal comments to the Department of Labor concerning its proposed rules on the definition of “fiduciary” and the conflict of interest requirements for retirement investment advice. Gallagher believes that the proposal is “grounded in the misguided notion that charging fees based on the amount of assets under management is superior in every respect and for every investor to charging commission based fees. It brazenly dismisses both suitability as a proper standard of care for brokers and the FINRA arbitration system as a mechanism to resolve disputes….” He labels the Department a “nanny state” which substitutes its judgment for that of investors. Gallagher Letter.

SEC Investigates Firms with FIFA Ties

On July 18th, Reuters reported the SEC is investigating companies who have sponsored soccer teams with links to the international soccer association, FIFA. Because officials of FIFA have been arrested on public corruption charges, the SEC is studying whether the companies have violated the Foreign Corrupt Practices Act in their dealings with FIFA. Yellow Card.

Commodity Futures Trading Commission

New DSIO Director Named

On July 24th, Commodity Futures Trading Commission (“CFTC”) Chair Timothy Massad named Eileen T. Flaherty as the agency’s Director of the Division of Swap Dealer and Intermediary Oversight. CFTC Press


Chair Massad Marks Dodd­Frank Act’s Fifth Anniversary

On July 23rd, CFTC Chair Timothy Massad summarized his agency’s implementation of the Dodd­Frank Act. After noting what has been done in the areas of swaps clearing, trading, and reporting, he discussed what remains to be done. The agency, in coordination with its international counterparts, is examining whether standards should be adopted regarding clearinghouse stress testing, margin methodologies, and resolution planning. Working with banking regulators both here and abroad, the CFTC is also developing margin requirements for over­the­counter swaps and determining the threshold for who will be considered a swap dealer. Massad Remarks.

CTAs Who Don’t Direct Client Accounts Exempt from Certain Reporting Requirements

On July 23rd, the CFTC’s Division of Swap Dealer and Intermediary Oversight announced it has issued a letter that exempts commodity trading advisors (“CTA”) that are registered but do not direct any client commodity interest accounts from filing Commission Form CTA­PR. CFTC Press Release.

Energy and Environmental Markets Advisory Committee Members

On July 21st, the CFTC announced four new associate members of the Energy and Environmental Markets Advisory Committee. They are: William B. Jones, Martin Bates, Joseph W. Allen, and Andrew K. Soto. CFTC Press Release.

LEI Utility Designation Extended

On July 20th, the CFTC extended DTCC­SWIFT’s designation as the provider of legal entity identifiers. CFTC Press Release.

Federal Rules Effective Dates

July 2015 ­ September 2015

Commodity Futures Trading Commission

July 10, 2015             Proceedings Before the Commodity Futures Trading Commission; Rules Relating to Suspension or Disbarment From Appearance and Practice. 80 FR 32855.

Consumer Financial Protection Bureau

August 31, 2015         Defining Larger Participants of the Automobile Financing Market and Defining Certain Automobile Leasing Activity as a Financial Product or Service. 80 FR 37495.

August 10, 2015         Minimum Requirements for Appraisal Management Companies. 80 FR 32657.

August 1, 2015           Amendments to the 2013 Integrated Mortgage Disclosures Rule Under the Real Estate Settlement Procedures Act (Regulation X) and the Truth In Lending Act (Regulation Z) and the 2013 Loan Originator Rule Under the Truth in Lending 

                                      Act (Regulation Z). 80 FR 8767.

Integrated Mortgage Disclosures Under the Real Estate Settlement Procedures Act (Regulation X) and the Truth In Lending Act (Regulation Z). 78 FR 79730.

Federal Deposit Insurance Corporation

August 10, 2015         Minimum Requirements for Appraisal Management Companies. 80 FR 32657.

July 23, 2015             Regulation D: Reserve Requirements for Depository Institutions. 80 FR 35565.

July 1, 2015               Restrictions on Sale of Assets of a Failed Institution by the Federal Deposit Insurance Corporation. 80 FR 22886.

Federal Housing Finance Agency

August 10, 2015         Minimum Requirements for Appraisal Management Companies. 80 FR 32657.

July 6, 2015               Minority and Women Inclusion Amendments. 80 FR 25209.

Federal Reserve System

August 10, 2015         Minimum Requirements for Appraisal Management Companies. 80 FR 32657.

July 23, 2015             Regulation D: Reserve Requirements for Depository Institutions. 80 FR 35565.

National Credit Union Administration

July 6, 2015               Chartering and Field of Membership Manual. 80 FR 25924.

Office of the Comptroller of the Currency

August 10, 2015         Minimum Requirements for Appraisal Management Companies. 80 FR 32657.

July 1, 2015               Integration of National Bank and Federal Savings Association Regulations: Licensing Rules. 80 FR 28345.

Office of Foreign Assets Control

July 10, 2015             Venezuela Sanctions Regulations. 80 FR 39676.

Securities and Exchange Commission

August 14, 2015         Freedom of Information Act Regulations: Fee Schedule, Addition of Appeals Time Frame, and Miscellaneous Administrative Changes. 80 FR 41432.

Exchanges and Self­Regulatory Organizations

The Depository Trust Company

Proposed Discontinuation of Fractional Share Distribution Approved

On July 20th, the SEC approved The Depository Trust Company’s (“DTC”) proposed discontinuation of the option offered by DTC to issuers that allows for the distribution of fractional shares of securities in DTC’s system, when DTC is handling fractional dispositions of shares resulting from corporate actions, for new issues. SEC Release No. 34­75487.


Proposed Changes to Complex Order Auction Process Approved

On July 20th, the SEC approved NYSE Arca’s and NYSE MKT’s proposal to amend their respective rules to (1) allow Users to utilize the Complex Order Auction (“COA”) to satisfy the order exposure requirements of Rules NYSE Arca Rule 6.47A and NYSE MKT Rule 935NY; (2) allow any OTP Holder or ATP Holder, as applicable, to participate in a COA; and (3) provide for a COA Response Time Interval of no less than 500 milliseconds. SEC Release No. 34­75493.

Rules Implementing New Trading Platform Approved, Additional Rules Proposed

On July 20th, the SEC approved NYSE Arca’s proposed adoption of new equity trading rules relating to Trading Sessions, Order Ranking and Display, and Order Execution to reflect the implementation of Pillar, the Exchange’s new trading technology platform. SEC Release No. 34­75494. On July 21st, the SEC provided notice of the NYSE Arca’s proposal of additional rules for Pillar relating to Orders and Modifiers and the Retail Liquidity Program. Comments should be submitted within 21 days after publication in the Federal Register, which is expected during the week of July 27. SEC Release No. 34­75497.

Judicial Developments

State Bank Can Challenge CFPB’s Constitutionality

On July 24th, the D.C. Circuit partially reinstated a state bank’s lawsuit questioning the constitutionality of the CFPB. Because the bank is subject to CFPB oversight, the bank had pre­enforcement standing to challenge the Bureau’s constitutionality. The bank additionally has standing to challenge the appointment of the CFPB’s Director. However, the Court found, the bank lacked standing to challenge the constitutionality of the Financial Stability Oversight Council (“FSOC”). The bank’s competitor, not the bank itself, is subject to FSOC regulation. Finally, the bank’s challenge to the government’s orderly liquidation authority is not ripe and must also be dismissed. State National Bank of Big Spring v. Lew.

Shareholder Suit Perks Up

On July 24th, the Second Circuit reinstated a putative securities fraud class action lawsuit against Green Mountain Coffee Roasters Inc. Plaintiffs alleged that Green Mountain and some of its executives made fraudulent misrepresentations about the company’s inventory, business performance, and growth prospects in a manner designed to mislead investors about the strength of Green Mountain’s business. Vacating dismissal, the Court held that plaintiffs adequately alleged misleading statements of material fact and a compelling inference of intent to defraud. Employees' Retirement System of Government of the Virgin Islands v. Blanford.

Industry News

European Regulator Proposes Executive Pay Rules for Mutual Funds

On July 23rd, the European Securities and Markets Authority published for comment proposed guidelines on mutual fund executive compensation. Issues addressed by the proposal include the application of the rules to smaller firms, the governance of remuneration, and the disclosure of remuneration. Comments should be submitted on or before October 23, 2015. ESMA Press Release.

Raising the Curtain on Symphony

On July 22nd, American Banker discussed Symphony, an instant messaging software owned by a consortium of banks and likely to be adopted by a number of financial firms. The New York State Department of Financial Services has asked Symphony about its software’s data retention capabilities and whether a back­door to its data encryption key exists. That key could be used by regulators to gain access to user data. Data Key.

“Too Big to Fail” Repeal Proposed

On July 21st, Senator John Cornyn re­introduced the “Taxpayer Protection and Responsible Resolution Act.” The bill would replace the Dodd­Frank Act’s orderly liquidation provisions for financial institutions and replace them with a new Bankruptcy Code Chapter 14. Under that chapter, if a bankrupt bank has assets or liabilities which pose a systemic threat, those assets or liabilities would be transferred to a new “bridge” company. Cornyn Press Release.

Banking Official Cautions Congress

On July 21st, Bloomberg reported Thomas Hoenig, the Vice Chair of the FDIC, has sent a letter to lawmakers warning against proposals that would weaken capital requirements for banks which engage in swaps and derivatives trading activities with their affiliates. Capital Caution.

Balancing Act

On July 21st, Reuters described the efforts of the Basel Committee on Banking Supervision (“Basel Committee”) to balance political need against financial reform. The Basel Committee is reevaluating capital requirements for collateralized loan obligations, asset­backed securities, and certain hedging practices. Balancing Act.