This week in third party and vendor risk related news, we've seen a wide variety of topics. A major financial services company lied to regulators and falsified documents, the CFPB's future regulation plans and what it means for state regs, deeper cybersecurity exams, the OCC's Semiannual Risk Perspective and a resource of ours to help you comply with OCC third party risk regulatory guidance. Check out these stories plus more below.
Industry News for the Week of May 21
The hits keep coming for Wells Fargo – lying to regulators, along with falsified documents, takes this to a whole new level
Wells Fargo falsified forms: WSJ
Wells Fargo’s business banking unit altered customer information on documents that were being prepared for regulators in 2017 and 2018, The Wall Street Journal reports. Citing anonymous sources, the newspaper says that data including social security numbers and birthdates “for people associated with business-banking clients” were changed without their consent. The bank, which says no data left the company, has reported the behavior to the Office of the Comptroller of the Currency. Wells Fargo has been so heavily sanctioned for similar practices in other units by federal regulators recently that it cannot grow its balance sheet.
Great video on SEC Third Party Risk Guidance: Read here
CFPB plans straight from Mulvaney: Read here
Small banks look past risk to do business with start ups… there is risk in that approach! Read here
Local newspaper on the resurgence of our financial community (mentions FairSquare and MBNA): Read here
Regulation by raised eyebrow – read to see what it means for regulatory reform: Read here
Interesting article on the innovative “neobanks” (at my prior company, as you’ll see in the attached article, we did business with a couple of them and considered business with a couple of others of them): Read here
Preparing for a disaster: Read here
Weaker CFPB = stronger state regs: Read here
Conference of State Bank Supervisors to roll out education on cybersecurity – expect deeper exams: Read here
Saw this tagline description for an upcoming ABA webinar but the stat is mindblowing:
Unfair, Deceptive, and Abusive Acts and Practices (UDAAP) fines imposed for violations have increased nearly tenfold over the last year. The UDAAP enforcement landscape has grown to include the life cycle of lending and deposit products or services, as well as ethics and sales culture.
The need for real time cyber security monitoring grows: Read here
From a third party risk management perspective, a very small step – but it is a start and a stepping stone:
Comptroller of the Currency Congratulates House on Passage of Important Regulatory Reforms
WASHINGTON—Comptroller of the Currency Joseph M. Otting issued the following statement upon passage by the U.S. House of Representatives of Senate Bill 2155, the “Economic Growth, Regulatory Relief and Consumer Protection Act.”
Today is an important day with the House passage of Senate Bill 2155. This bill restores an important balance to the business of banking by providing meaningful reductions of regulatory burden for community and regional institutions while safeguarding the financial system and protecting consumers. I want to express my appreciation to Chairman Hensarling for his strong leadership that led to today’s passage of meaningful and bipartisan regulatory reform embodied in Senate Bill 2155, entitled, the “Economic Growth, Regulatory Relief and Consumer Protection Act.” I also commend him and the other members of House Financial Services Committee on their foundational work on financial regulatory issues facing our nation, much of which has been incorporated into this common sense legislation.
The bill includes several features that will benefit community banks in particular and are consistent with my priorities as Comptroller, including reducing the number of banks subject to the Volcker Rule and providing a much simpler capital regime for highly capitalized community banks. The bill also will have a positive impact on federal savings associations by providing them with additional flexibility, and on banks that are not designated as systemically important by appropriately raising the threshold for heightened prudential standards and right-sizing stress-testing requirements.
These, and many other reforms included in the bill, will help the federal banking system continue to serve as an engine for creating jobs and economic opportunity. Consumers, businesses, and communities alike will enjoy the benefits of these thoughtful and tailored reforms for many years to come. I look forward to implementing this important legislation once the President signs it, and to the positive impact it will have across the country.
Neatly summarized, here’s how Banker’s Online described the regulatory reform – the longer exam cycle item is the only one that offers direct relief in third party risk concerns:
- Raises the asset threshold for "systemically important financial institutions" from $50 billion to $250 billion, with immediate relief for banks with $50 billion to $100 billion in assets
- Provides partial relief from the new HMDA disclosures added by the Dodd-Frank Act for small volume originators (fewer than 500 closed end/500 open-end loans for each of previous two years) except for institutions with "Needs to improve" or "Substantial non-compliance" CRA ratings
- Provides TILA escrow exception for banks with under $10 billion in assets originating 1000 or fewer first lien principal dwelling loans
- Raises eligibility for short-form Call Reports from $1 million to $5 billion in assets
- Reduces the impact of the Volcker Rule's restrictions on proprietary trading
- Provides qualified mortgage designation for most mortgages held in portfolio for banks with less than $10 billion in assets
- Provides for "tailored supervision" of larger banks
- Ends mandatory stress testing for banks with less than $100 billion in assets
- Provides relief from appraisal requirements for smaller mortgages
- Provides for longer exam cycles for community banks
- Provides for a simplified capital regime for highly capitalized community banks
- Reinstates permanently the Protecting Tenants at Foreclosure Act, which expired 12/21/14
OCC Semiannual Risk Perspective: Read here
It’s important to consider, and be aware of, that the OCC has guidance on the third party risk management lifecycle - the beginning, a middle and an end to the overall service provider relationship. You should audit against this lifecycle and compare to your
existing program to help identify program gaps for you to focus on - download our infographic to help you through the process.