On May 18, 2016, the Board of Governors of the Federal Reserve System, the Consumer Financial Protection Bureau (the CFPB), the Federal Deposit Insurance Corporation, the National Credit Union Administration, and the Office of the Comptroller of the Currency (together, the Agencies) issued interagency guidance to financial institutions expressing the Agencies' supervisory expectations regarding institutions' customer account deposit reconciliation practices (the Guidance). The Guidance summarizes existing law relevant to deposit reconciliation practices and suggests decreasing tolerance by the Agencies for both deposit-related discrepancies and failures to research and correct such discrepancies when they occur.
The Agencies view deposit reconciliation practices as implicating both the funds-availability requirements of the Expedited Funds Availability Act (the EFAA), as implemented by Regulation CC, and the unfair, deceptive, or abusive acts or practices (UDAAP) prohibitions of the Dodd-Frank Wall Street Reform and Consumer Protection Act (the Dodd-Frank Act) and similar prohibitions under Section 5 of the Federal Trade Commission Act (the FTC Act). In the Agencies' view, deposit reconciliation is a risk area for financial institutions that may result in customer harm and related supervisory risks if not effectively managed by appropriate compliance management systems.
I. Summary of Deposit Reconciliation Guidance
The Guidance does not change existing law but emphasizes the applicability of well-known legal principles under Regulation CC and relevant UDAAP prohibitions to “credit discrepancies.” A credit discrepancy (as defined in the Guidance) occurs when a customer makes a deposit and the amount that a financial institution credits to the customer’s account differs from the total of the items deposited. Credit discrepancies may occur for a variety reasons—for example, inaccurate deposit slips or poor image capture.
The Guidance states that, in some instances, financial institutions are not researching or correcting all credit discrepancies, resulting in some customers not receiving the full amount of their actual deposit. The Agencies note that such practices harm customers and benefit financial institutions. Notably, while the Agencies acknowledge there may be “limited circumstances” in which items cannot be reconciled (for example, when the item is damaged), the Guidance does not establish a minimum threshold below which financial institutions are not required to investigate and correct credit discrepancies. Rather, the Agencies state that they expect financial institutions to:
- adopt deposit reconciliation policies and procedures to avoid or reconcile credit discrepancies or to resolve discrepancies such that customers are not disadvantaged;
- provide accurate information to customers about the institution’s deposit reconciliation processing; and
- implement effective compliance management systems to ensure compliance with applicable law, including policies, procedures, internal controls, training, and oversight processes.
II. The Agencies' Legal Theories
The Guidance provides a brief overview of the main theories under which a financial institution could be considered to violate the EFAA, as implemented by Regulation CC, and the UDAAP prohibitions of the FTC Act and the Dodd-Frank Act by failing to resolve credit discrepancies. First, the EFAA, as implemented by Regulation CC, requires that financial institutions make funds deposited in certain transaction accounts available for withdrawal within prescribed time limits. Failure to resolve discrepancies within the prescribed time frames may mean that customers are unable to access the correct amount of funds when they are entitled by the EFAA or Regulation CC to do so.
Second, the Agencies note that "[a] financial institution's deposit reconciliation practices . . . may, depending on the facts and circumstances, violate the FTC Act or [the] Dodd-Frank Act when practices result in credit discrepancies." Although the Guidance does not elaborate on what types of facts and circumstances might result in a UDAAP violation, the CFPB's 2015 consent order with Citizens Financial Group, Inc. (CFG) and its two bank subsidiaries (the Citizens Banks) is an instructive example (the Citizens Consent Order).
In the Citizens Consent Order, the CFPB found that the Citizens Banks' policy was to perform (i) a full review of the underlying checks or other documents to determine actual deposit amounts, and then make any adjustments necessary to correct the amount the consumer was credited, when a credit discrepancy was above a defined maximum threshold (US$50 or US$25, depending on the time period); (ii) a limited review of the underlying documents for credit discrepancies falling within an intermediate range (between US$23 and US$50 or US$5 and US$25, depending on the time period); and (iii) no review on credit discrepancies falling beneath the then-applicable intermediate range.
The CFPB alleged that, in practice, although the Citizens Banks did fully review the underlying checks or other documents for credit discrepancies above the maximum threshold, the Citizens Banks typically performed no review for credit discrepancies within the intermediate range. For transactions in which the amount credited to a customer's account did not match the funds deposited with the applicable bank, the CFPB found that the Citizens Banks created so-called substitution tickets that credited or debited the Citizens Banks' general ledger account with the amounts of the credit discrepancies. The CFPB also found that the Citizens Banks' alleged practice of not reviewing credit discrepancies falling beneath the then-applicable intermediate range—and typically not reviewing credit discrepancies within that intermediate range—harmed consumers when the Citizens Banks did not give consumers full credit for their deposits. The CFPB determined that "process[ing] deposits such that certain customers did not receive credit for the full amount of deposited funds [was] an unfair act or practice" and that failure to adequately disclose this practice while representing that deposits were subject to verification "constitute[d] a deceptive act or practice" in violation of the UDAAP prohibitions of the Dodd-Frank Act.
The Guidance builds on the Citizens Consent Order. First, the Guidance adopts the legal theory employed by the CFPB in the Citizens Consent Order for all the Agencies. Second, the Guidance implies that use of even clearly disclosed and rigorously followed thresholds for reviewing credit discrepancies might be an unfair practice if it results in the financial institution under-crediting its customers—a possibility that the Citizens Consent Order left open. Third, the Guidance advises financial institutions to implement effective compliance management systems that include appropriate policies, procedures, internal controls, training, and oversight and review processes to ensure legal compliance and fair treatment of customers.
III. Meeting Supervisory Expectations
We believe the Guidance indicates that the Agencies may be taking a near-zero tolerance approach to financial institutions keeping the difference when credit discrepancies result in consumers being under-credited. Not only does the Guidance state that current technology and processes permit credit discrepancies to be fully reconciled, it also does not contemplate de minimis thresholds for credit discrepancies or discuss the potential costs associated with ensuring that all discrepancies—no matter how small—are completely resolved.
We also believe that, in the immediate term, instances where financial institutions' disclosure and policy, on the one hand, and deposit reconciliation practice, on the other hand, diverge to a customer's detriment are more likely to be targets for supervisory action. In light of these considerations, our recommendation is that financial institutions proactively review their deposit reconciliation practices, including their customer disclosures. Financial institutions that use thresholds or substitution ticket-like techniques for credit discrepancies should reconcile their practices to the Guidance to ensure compliance with Regulation CC and to avoid accusations of UDAAP violations. We have advised financial institutions on the development and implementation of such remediation programs.