October Vendor Management News

Check out latest third party risk management news from October. It's important to catch the headlines. We've helped make it easier by making a list below.

Recently Added Articles as of October 31

To wrap up October, it’s admittedly been a very slow news week as politicians in Washington have been focused on something else. That said, not sure exactly what their focus is on, but the sudden scuttling of the OCC Fintech Charter and possible dismantling of the CFPB structure are kind of big news.

Fintechs must take a different approach to become a bank now that the OCC fintech charter has been axed: With the seemingly expedited path to become a bank being out of the question for fintechs, they’ll now need to go through more traditional steps. Frankly, that path is also known as the standard process for everyone and it can take quite some time – 18-24 months. There many be some other unique ways as well. Are you curious?

Agencies join the Global Financial Innovation Network: There's more participation in the Global Financial Innovation Network (GFIN) as U.S. financial regulatory agencies join. Participation will help further regulatory clarity and understanding of emerging challenges, risks and regulatory opportunities.

Barclays pays $6.3 million to the SEC: The bank recently agreed to pay a Foreign Corrupt Practices Act (FCPA) penalty of $6.3 million to the Securities and Exchange Commission. According to the regulator, Barclays violated the FCPA’s book and records and internal accounting controls provisions. How’d they do this? They hired more than 100 insiders associated with foreign government officials, created an internship program that was unofficial and separate from the official Barclays internship program and more. Our takeaway that we want to share with you? Know your vendors, know your customers and know your employees. FCPA hurts.

The CFPB announced a symposium: Breaking news! On November 6, the CFPB will host a symposium to provide a public forum for the agency to listen to perspectives on implementation of Section 1071, which amended the Equal Credit Opportunity Act (ECOA). Interested in attending? Register here.

A quick look into what could happen if the court rules against the CFPB’s leadership structure: As shared last week, the Supreme Court will hear a case regarding the constitutionality of the CFPB’s single-director leadership structure. The case challenges the structure. In this blog, you’re given some constitutional and CFPB history to chew on before some predictions are shared. If the leadership structure is ruled unconstitutional, one outcome could be that Congress must decide if an entirely new agency should be created to replace the one that we currently have. Another outcome could be that this decision causes the court to wonder if other agencies are invalid. Finally, of course, they could simply rule the CFPB’s leadership structure is completely fine as is. Things are heating up!

Recently Added Articles as of October 24

Quite the variety of news this week. We have an update on the OCC charter, FinCEN announces innovation hours, comments on the CAMELS ratings process are welcomed, the CFPB’s leadership structure is under review by the Supreme Court and more.

The OCC’s special-purpose charter is thrown out: A recent federal court ruling dismissed the OCC’s special-purpose charter. According to Nathaniel Hoopes, executive director of the Marketplace Lending Association, “Unfortunately, this court decision may make it harder for smaller fintech companies to compete to deliver products on a nationwide basis, hurting U.S. innovation and competitiveness.” There are firms still seeking a solution. Square is an example. They’re working to gain approval from the FDIC to operate as an industrial loan company. And, there are other options being considered like working alongside state regulators to make charters happen. The battle rages on for fintech charters…

Fair Credit Reporting Act violations are increasing: Fair Credit Reporting Act violations and claims have gone way up. According to the article, in the last decade, they’ve more than doubled. This is likely due to the continuous credit report and background check concerns around privacy and accuracy. Like in third party risk management, privacy is certainly just as much a concern in many other spaces as well.

NAFCU testifies before the House Financial Services Subcommittee on Consumer Protection: Last week, Brad Thaler testified. This week, Mara Falero, VP of marketing and communications at JetStream Federal Credit Union, represented NAFCU and discussed minority depository institutions (MDIs) support. That’s not all that is happening in the credit union world. The NCUA board will meet this week to enact a final rule regarding public unit and nonmember shares. NAFCU is meeting with the CFPB to talk about the bureaus innovation policies and UDAAP concerns as well.

The CFPB leadership structure is taken to the Supreme Court: In prior weeks, we’ve discussed and shared news regarding the CFPB’s single-director leadership structure and the efforts to determine if it’s unconstitutional. This week, it’s being taken a step further. The Supreme Court has agreed to hear a case that challenges the structure. It’ll be interesting to see what happens. This case could impact the structure of other agencies like the Federal Housing Finance Agency (FHFA) and more.

FinCEN’s innovation hours: On November 13-14, FinCEN will host innovation hours in New York City. This will allow regtechs, fintechs and financial institutions to share their innovative efforts around anti-money laundering and countering the financing of terrorism by showcasing their unique approaches, products and services. Are you interested? You can submit a request here.

Feedback on CAMELS ratings is being requested: Have you had a regulatory exam where the CAMELS rating system was used? If so, you may have some comments you’d like to share about the consistency of the ratings and more. The FDIC and the Federal Reserve Board are asking the public to comment on their use of the rating system.

 $1.6 billion in legal fees for Wells Fargo: Wells Fargo’s rocky past catches up to them again. The company will pay $1.6 billion in legal fees which is causing their shares to drop and revenue to decrease slightly. Also, this week their new interim CEO will start. Every once in a while, they pop back up in the news and unfortunately, it’s often not a positive story.

Recently Added Articles as of October 17

There's a strong focus on the California Consumer Privacy Act this week with some CFPB, NAFCU and FinCEN chatter as well.

Proposed CCPA cost estimate revealed: Since the recent release of the proposed California Consumer Privacy Act (CCPA) regulations, the cost estimate to remain compliant with the CCPA regulations has also been revealed. From 2020 to 2030, it’ll likely be anywhere from $467 million to over $16 billion. Whoa! That’s quite the range, don’t you think?

NAFCU and the CFPB at the House Financial Services Committee: Prior to the CFPB Director’s testimony in front of the House Financial Services Committee, NAFCU’s Vice President of Legislative Affairs shared NAFCU’s appreciation for the committee and their continued monitoring of the CFPB. NAFCU took it a step further and even provided their viewpoint regarding certain areas where they feel the CFPB could improve. One proposal was that the CFPB should consider the asset size of credit unions more when developing policies since so many have had to close due to being unable to afford to comply with the CFPB rules. NAFCU also requested the leadership at the CFPB change by moving towards a five-person commission. We’re curious. Given this is a hot topic lately, do you also think the CFPB’s leadership structure needs to be changed?

Proposed CCPA regulations are released: It’s been a long time coming and much anticipated. In 24 pages, the California Attorney General’s Office released the proposed CCPA regulations. Some issues addressed include how organizations should provide a CCPA compliant privacy policy, notice to consumers of personal information collected, notice to consumers of financial incentives and more. It’ll be interesting to watch this unfold. CCPA is scheduled to become effective on January 1, 2020.

FinCEN updates civil money penalties: Announced on October 10^th, FinCEN increased their civil penalties. This is regarding violations of the bank secrecy act (BSA). BSA penalties will now range from $57,317 to $229,269. And, some due diligence violations can be penalized with a fine up to $1,424,088. To quote former Deputy Attorney General Paul McNulty, "If you think compliance is expensive, try non-compliance."

Recently Added Articles as of October 10

This week’s news is largely alphabet soup. It’s made up of the OCC talking CRA, NAFCU talking about the CFPB and even some news from BBVA.

States continue to join the recent Facebook suit: Most of us have a Facebook profile. You often think about how your third party vendors are using your organization and customer data, but how often do you stop and think about how Facebook is using your personal data? Now, 40 states are investigating and joining suit against the social media platform. This probe seeks to determine if Facebook reduced the quality of customer choices, increased the price of advertising, endangered customer data and other anti-competitive practices.

An overview of how BBVA decides which fintech companies to partner with: BBVA is utilizing fintechs more and more. With this, they’re almost obscure to the customer. So, they definitely have to be careful when choosing their fintech partners. In this article, they share some insight regarding how they pick a fintech partner which includes the due diligence and vetting process, reviewing the fintech’s risk management policies and more.

The OCC on CRA: In addition to third party risk management evaluations, banks are routinely evaluated for Community Reinvestment Act (CRA) performance. Here’s the OCC on the CRA. And, it should be noted, the OCC puts emphasis on modernizing the CRA regulatory framework.

CFPB one-click away rule is discussed: Recently, in Compliance Blog, NAFCU provided more insight and guidance regarding the CFPB’s one-click away rule. Specifically, they cover violations of the one-click away rule which include hyperlink requirements.

Cybersecurity remains the focus of many seminars: At the NAFCU Risk Management Seminar and the Regulatory Compliance Seminar last week, cybersecurity challenges remained the center of interest. On the agenda was the basics of cybersecurity, outsourcing IT, trends, risks and more. Sounds like the two seminars covered a lot of great information. Did you attend?

Recently Added Articles as of October 3

We kick off October with a lighter news week. There’s a lot of talk around de novo efforts, TSP regulations and a CFPB lawsuit.

Regulation of bank technology vendors: Legislation was recently approved that would significantly improve state and federal regulators’ ability to facilitate examinations of bank technology vendors. The law is The Bank Service Company Examination Coordination Act, H.R. 241. Federal regulators already have rights around these examinations; however, state regulators do not. This update will help with that. Are you glad to see this change?

De novo efforts stalled: So, why so few new banks? Of 33 de novo applications filed in the last year, only 17 have been approved so far. Many think regulators are to blame, but it turns out the main reason may be challenges in raising capital. Other factors include inexperienced founders and economic reasons. What’s next then?

FCO Holding under fire: The CFPB filed suit against FCO Holding, Inc. and subsidiaries. The debt collectors violated three regulations: Fair Credit Reporting Act, Regulation V and the Consumer Financial Protection Act. What are some of the reasons that led to this third party enforcement action? FCO failed to review their indirect dispute handling policies, provided information about accounts prior to investigating the accuracy of the information and more.

Impress examiners at your next audit by meeting all the requirements. Download the eBook.