Legal Briefs

April 2020 OBA Legal Briefs

  • Coronavirus and Assisting Customers
    • Modify Policies—COVID-19 addendums
    • Assisting borrowers
      • New loans
      • Loans past due or about to be
      • Limits on fee, penalties and interest
      • Regulatory reporting
      • Credit bureau reporting

Coronavirus and Assisting Customers

By Andy Zavoina (with Pauli Loeffler)

There is a risk balance that banks must follow so that in six months or at your next exam, you will say, “we helped” rather than “we were damned if we did, and damned if we didn’t.” I’ve heard one property manager say she received text messages from renters verifying that because of the coronavirus there is no rent owed for the next month. The press is advertising that evictions and foreclosures have been stopped and small business loans are available (even before the House passed the CARES Act). People do not grasp that a stoppage because courts are closed and collection actions are delayed to avoid “kicking someone who is down,” will at a time resume and the obligations to pay as agreed will mean past due payments must be paid. Enter regulatory notices that encourage lenders to work with customers. The New York Times had an article on March 22, 2020, that began:

U.S. federal and state financial regulators are encouraging lenders to help borrowers affected by the coronavirus, and will not penalize them for doing so…

The regulators said they will not criticize banks for ‘safe and sound’ loan modifications or direct the lenders to categorize them as ‘troubled debt restructurings’ —something that could affect their financial wellness.

That sounds helpful, but nowhere does it say a borrower will not be responsible to make a payment. It does say a bank must act in a safe and sound manner. If a bank does not, it will be held accountable. Historically, after some form of government bailout or immediate reaction to a crisis such as with the recent $2 trillion stimulus package, enforcement actions increase. Fraud happens. Sometimes it is intentional and sometimes it is not, but it is looked for. What can a bank do to assist its customers in these very strange times of massive business closings with so many customers without cash reserves and without a paycheck? This landscape is changing fast and information is being updated daily. Stay on top of your daily regulatory updates.

A few weeks ago I was asked about extending mortgage loans for borrowers for 90 days. My first thought was “we never extend mortgages due to all the paperwork and costs.” But my, oh my! White flags began flying and the government recognized that consumers were deep in critical times. Shelter in place orders have been extended and schools are staying closed. Workers are being laid off literally by the tens of thousands. This begs the question, is 90 days of relief enough? Banks are getting in a mode of “ready, fire, aim” as they try to meet the needs of borrowers and the CARES Act. You’ll read more on this below. The Act will give many mortgage borrowers nearly a year of forbearance. Ninety days just isn’t enough for many.

What can banks do to assist borrowers but do so in a safe and sound manner? We may have to assume “safe and sound manner” is a subjective term. It certainly has a different meaning based on the condition of the bank and its region during a COVID-19 economy than it did last December when borrowers simply wanted loan extensions for holiday bills. Times are different now, but what will be said about a bank’s reaction a year after the pandemic is over?

Modify Policies—COVID-19 Addendums

In June 2000 the FFIEC established policy standards under the Uniform Retail Credit Classification and Account Management Policy imposing controls that are still followed today. This policy:

1) Required banks to establish explicit standards that control the use of extensions, deferrals, renewals, and rewrites for closed-end loans
2) Allowed an additional re-age of open-end credits in formal workout or debt management programs that meet all other re-aging requirements; and
3) Extended the charge-off time frame for open-end and closed-end retail loans secured by one- to four-family residential real estate to 180 days past due.

The Federal Register (65 FR 36903, June 12, 2000, at defined standards on re-aging accounts. The term “re-age” is defined as “returning a delinquent, open-end account to current status without collecting the total amount of principal, interest, and fees that are contractually due.” The context of this policy is addressing troubled debts. But regulators began asking banks to have a policy addressing extending or deferring loan payments. I will use the term “extension” here to mean allowing a borrower to extend the loan by making an agreement with the lender to defer one or more periodic payments to the end of the contract. The amount of interest owed, or a specific fee is charged for this or may be waived under some circumstances. In the case of loans past due, what examiners did not want to see was a poor payment history and multiple extensions applied to a loan to bring it current without a plan for future payments. This was hiding past due accounts and was both misleading and an unsafe and unsound practice. Open-end loans were limited to one extension in a 12-month period and twice in five years. The June 2000 policy did not state that same limit for closed-end loans, but I have heard of examiners interpreting it to mean closed-end loans as well. In any case, a bank should have a policy or internal guidance on when extensions are allowed, why, how many may be applied at one time, how many are allowed in a year, over the life of the loan, and who can approve extensions as well as who can approve any exception to these internal requirements.

Criteria for extensions other than those offered during the holidays includes answering various questions similar to the underwriting process:

1) Why is the extension needed?
2) Will interest owed be paid at the time of the extension?
3) What is the recent payment history?
4) What is the plan for future payments, and how have financial conditions improved?
5) Is there loan collateral?
6) And particular to mortgages, is this in a flood zone (requiring signed disclosures), are mortgage documents necessary to be filed with the county, are we escrowing, and what happens to the accruals for those expenses?

Another issue deserving attention is an underwriting policy. A business loan may require several years of tax returns and other financials. In today’s CARES Act economy the policy needs to address new underwriting requirements. The lender’s highlights for the Paycheck Protection Program defines only four criteria to make a 100 percent Small Business Administration guaranteed loan:

1) verify that a borrower was in operation on February 15, 2020
2) verify that a borrower had employees and paid salaries and payroll taxes
3) verify the dollar amount of average monthly payroll costs
4) follow BSA requirements.

Obviously, there is more needed behind the scenes such as verifications of how many employees there are, etc. The SBA is getting pushback on some of these issues from big banks and is considering revising the guidance to increase acceptance by lenders. The loan programs are still developing as well as are compliance rules. It does make it difficult to follow this path when parts are being made up as we go. It’s important you keep abreast of the changes.

Your bank may have one or more policies addressing Troubled Debt Restructuring (TDR), extensions, and other workout issues. These may need an emergency addendum as it is unlikely any were created for the recent massive and critical changes in our economy.

Assisting Borrowers

What can your bank do today to assist borrowers? The information above leads us to this. In general, new loans can be made, HELOCs and other lines may be increased, and existing loans can be renewed, modified, or extended to assist your borrowers. While the demands are to react at a moment’s notice, the bank must act deliberately. Coordinate what is being done internally. It may not be necessary to have an amended policy board-approved prior to implementation for emergency purposes. Let management use its authority to react as needed and have the staff such as Compliance, Audit and lenders amend policies and procedures for appropriate approvals. Inform the bank’s CRA officer of the concessions being made to address customers affected by COVID-19 and keep examiners informed as to what the bank is doing on both the Lending and Operations sides of the bank.

New Loans

Section 1102 of the CARES Act addresses the Paycheck Protection Program. This is a commercial loan designed to provide a direct incentive for businesses to keep their workers on the payroll. These workers are your consumer and mortgage borrowers. The SBA will forgive loans if all the employees are kept on the payroll for eight weeks after the loan is made and the money is used for payroll, rent, mortgage interest, or utilities. The PPP will be available April 3 – June 30, 2020.

All federally insured banks can make PPP loans with a fast SBA approval. Banks can have lenders apply with the SBA online and we are hearing that in 36 to 48 hours lenders who are not yet SBA-approved can be approved. The bank can be paid a processing fee based on the loan balance for making these loans, based on tiers. Loans of $350K and less pay 5 percent to the lender, $350K to $2 million pay 3 percent and those greater than that pay 2 percent (check current information for any changes). The four underwriting criteria are outlined above.

You may also want to pay attention to bullet 1 in that underwriting list as to a date recognized as the beginning of the COVID-19 period. And if the bank is interested these PPP loans may be sold in the secondary market.

Banks can promote special loan products or the same products that were being offered a year ago. Rate considerations may be offered or deferred first payment dates. There are still qualified borrowers out there, but fewer. Some employees are more secure than ever and are creditworthy.

Loans Past Due or About to Be

Be proactive and communicate with your borrowers before they are past due. On March 22, 2020 the Fed, FDIC, NCUA, OCC and CFPB published an “Interagency Statement on Loan Modifications and Reporting for Financial Institutions Working with Customers Affected by the Coronavirus.” This statement encourages banks to work with borrowers. It also provides encouragement to work with borrowers who “are or may be unable to meet their contractual payment obligations because of the effects of COVID-19.” Add emphasis to “are or may be” and consider seeking out borrowers in advance of a payment difficulty. The bank may offer a lot of relief when payments may be deferred, and the contract extended. It provides goodwill and avoids a bump in past due loans. The statement goes on to say the “agencies will not criticize institutions for working with borrowers and will not direct supervised institutions to automatically categorize all COVID-19 related loan modifications as troubled debt restructurings (TDRs)” but it also points out that any modifications and actions taken must be consistent with safe and sound practices. The bank does not want to assist borrowers through special programs only to have those loans classified later as TDRs. Banks are still encouraged to work with classified and “special mention” loans as well.

The Statement went on to say “The agencies have confirmed with staff of the Financial Accounting Standards Board (FASB) that short-term modifications made on a good faith basis in response to COVID-19 to borrowers who were current prior to any relief, are not TDRs.” From the FDIC’s FIL-50-2013, “A TDR designation means a modified loan is impaired for accounting purposes, but it does not automatically result in an adverse classification. A TDR designation also does not mean that the modified loan should remain adversely classified for its remaining life if it already was or becomes adversely classified at the time of the modification.” So, a TDR doesn’t immediately require a classified loan status, but it is not far away. The bank may assume that borrowers who are current on payments are not experiencing financial difficulties at the time of the modification for purposes of determining a TDR status. When this is the case, no further TDR analysis is required for the loan.

Loan modifications and loan extensions may be a banks preferred options to address existing loans and avoiding past dues and the costs associated with them both in collection activity and additional ALLL reserves. Issues to keep in mind include training and applying the bank’s policy addendum and procedures consistently.

As to extensions of payments, consumer loan payments may be deferred either before or after default, but the agreement must be in writing. The bank can charge an extension fee, but it cannot charge both an extension fee and a late fee. The advantage— particularly if the borrower is more than 30 days late—is it will not be reported negatively to the credit bureau. The bank can contract for several extensions at once to advance the due date by several months, and then revisit the circumstances when payments are due to resume. The loans principal does not increase but interest continues to accrue.

Some issues to consider in your written extension agreements include requiring or reminding the borrower that insurance on collateral such as a vehicle must be maintained during this period. If your bank issues credit life or disability insurance, double check the policy and notify your borrower of any issues there. Some policies track only the originally scheduled amortization and do not extend coverage when there is a payment extension. A borrower extending a loan several times over the life of a loan may have no insurance for the last unscheduled payment periods which resulted from the extensions.

It is recommended that you accurately document the loan status when the extensions are granted, was it a 30 or 60 day or worse status, was the arrearage caused directly or indirectly by COVID-19 (document that briefly), and what are the prospects that once the extension period is over the borrower will be able to resume payments?

When on the loan desk my bank looked at the period the borrower was employed at their job. We often worked with borrowers in lower income positions who were employable at many places. For example, a person who was a cook or waitstaff was employable at many types of restaurants and unemployment periods would be brief as they often went from job to job. That is not the case today and these are some of the most unemployed folks during the current crisis. Documenting facts such as this may justify allowing multiple loan extensions at one time. If the coronavirus curve flattens in two months and the economy returns to a near normal state, positions for this group of workers will fill quickly. But at that time, those who have been unemployed may have rent and mortgage payments stacked up along with utilities, and most borrowers pay those bills before a signature loan at your bank. For this reason, a buffer month or two is recommended. This may be one of the reasons the CARES Act is providing such an extended period for mortgage extensions of up to a year.

How many deferrals/extensions should be granted? That can be up to the bank and the policy in effect. In 2019 that may have been two payment extensions in a year. In 2020 it may be three or six. It is recommended that management decide, based on its market, what is reasonable and reduce that to a policy.

Because we have limited guidance as to what an examiner may feel is acceptable, the Compliance Officer or a member of senior management, or both, may want to have a call with the bank’s examiner in charge and say, “this is what we are implementing” and explain why, and how many extensions will be allowed based on what circumstances. Then, what happens if the quarantine period is extended? Will more extensions be allowed? Don’t ask the examiner to approve your policy as they do not manage the bank, just ask what their impressions would be. This may provide the bank with an opportunity to avoid criticism later or hear that an even more flexible policy would be considered safe and sound. The intent here is not to hide any past due loans, but to work with good borrowers and help protect their credit ratings during these difficult times.

Keep in mind that most real estate secured loans are only subject to disclosure and remedy provisions of the U3C, but Reg Z does at least talk about “skip-a-payment” extensions and that neither late fees nor extension fees are considered finance charges. The written extension agreement would supersede application of payment provisions which usually state that payments are applied first to interest, then principal, and finally late fees. Extension agreements can be used with real estate secured loans and these can be done in the same manner as for U3C covered loans, and address escrows. Check with your forms vendor or counsel on the use of forms.
In the case of mortgages, the bank is extending the loan. That is a MIRE (Make, Increase, Renew or Extend) event and under the flood rules the bank may need to check the flood status of the property and if it is in a Special Flood Hazard Area, disclose that and have an acknowledgment from your borrower signed.

The bank needs to address escrows if there are any. Ask whether they must be paid, or may they go unpaid as well? I understand there are different approaches to this question. Some banks will not collect any part of the mortgage payments at this time and will adjust the final payment of the loan to include the extension fees, but I also hear about banks that are requiring the escrow portions to be paid and are staying in a 90- to 120- day range for extensions. While some banks are planning to capitalize interest, not all are. In any discussion with your EIC it may be wise to inquire about this, because the agencies don’t seem to be handling the nuances of the CARES Act, TDR and Generally Accepted Accounting Principles uniformly.

Section 4022 of the CARES Act will allow government-supported loan borrowers such as those with loans from Freddie, Fannie and the VA, to request a forbearance for 180 days if they were impacted by COVID-19, and at the end of that period another 180-day forbearance period can be requested. There are new rules to provide these extensions (modifications) and to show the loans as current, and not past due. More on that below.

Section 4022 is targeted at 1-4 family dwellings meeting certain qualifications. It must be a federally backed mortgaged meaning it is:

a) insured by the Federal Housing Administration
b) insured under section 255 of the National Housing Act
c) guaranteed under section 184 or 184A of the Housing and Community Development Act of 1992
d) guaranteed or insured by the Department of Veterans Affairs
e) guaranteed or insured by the Department of Agriculture
f) made by the Department of Agriculture; or
g) purchased or securitized by the Federal Home Loan Mortgage Corporation or the Federal National Mortgage Association.

Many of the loans your bank is servicing in-house may not qualify for such a lengthy extension period as the government programs backing the covered loans adds to the safety and soundness of the loan, meaning there is less risk to the lender. Instead of six months, the bank may adopt a standard three or four payment limit or may factor the current loan to value ratio into the decision and base the period deferred in part on that. Like the extensions discussed above, I recommend documenting what happened and what is projected to happen.
For the loan qualified under Section 4022, during the covered period, a borrower experiencing a financial hardship due, directly or indirectly, to the COVID–19 emergency may request forbearance by:

a) submitting a request to the borrower’s servicer; and
b) affirming they are experiencing a financial hardship during the COVID–19 emergency

That’s all the CARES Act calls for. It does not allow for the any forms or questions, but this applies only to the government backed mortgages.

Limits on fee, penalties and interest

Section 4022 goes on to describe the servicer’s requirements. “Upon receiving a request for forbearance from a borrower…the servicer shall with no additional documentation required other than the borrower’s attestation to a financial hardship caused by the COVID–19 emergency and with no fees, penalties, or interest (beyond the amounts scheduled or calculated as if the borrower made all contractual payments on time and in full under the terms of the mortgage contract) charged to the borrower in connection with the forbearance, provide the forbearance for up to 180 days, which may be extended for an additional period of up to 180 days at the request of the borrower, provided that, the borrower’s request for an extension is made during the covered period, and, at the borrower’s request, either the initial or extended period of forbearance may be shortened.” Specifically mentioned are “fees, penalties, or interest” but escrow payments are not referenced. We hope there will be clear guidance on this, so banks will know whether escrow payments may or may not be suspended or postponed. Absent this, banks may need to run an analysis of what the cost of paying taxes and insurance will be to avoid surprises later. There will be more impact based on the number of extensions, amounts of escrow payments and the timing of the escrow funds paid out. The escrow analysis may indicate the bank will be making a large amount of interest free loans as borrowers repay the deficiencies and shortages slowly.

Apart from the CARES Act, if an Oklahoma mortgage states a maturity date or the maturity date is ascertainable (you or counsel needs to review your documents), Sec. 301 of Title 46 requires foreclosure to be commenced within six years of that date, so it is relatively safe to not file notice of extension for a short extension. An extension for a year would not be a short term. On the other hand, if the mortgage neither states a maturity date nor is it ascertainable from the mortgage, the mortgagee must file a notice of maturity within 30 years of the date of the mortgage. So, if it is a 30-year mortgage with no maturity date, a short extension in such case could impede the bank in a worst-case scenario. If the bank is unsure which applies, the best action is to file.

Whether the loan is a mortgage or consumer loan, a modification may the solution to a problem. The June 2016 Legal Briefs has an excellent article explaining the differences between a modification and a renewal/refinance. A new loan created by the latter would require all the Reg Z and TRID disclosures applicable to the loan. A modification does not, and this why it is the easier and less costly process. Payment extensions may be the simplest solutions, especially for consumer installments. Some banks are being proactive and contacting consumers to offer no cost, three payment extensions.

Regulatory reporting

There is more confusion based on guidance documents and, in this case, I’m referring to credit reporting. The document is the FDIC’s March 27, 2020 FAQs addressing working with borrowers (at In question 2, the FAQ discusses the credit reporting of loans which have had payment extensions. The first paragraph says, “Past due reporting status in regulatory reports should be determined in accordance with the contractual terms of a loan, as its terms have been revised under a payment accommodation or similar program provided to an individual customer or across-the-board to all affected customers. Accordingly, if all payments are current in accordance with the revised terms of the loan, the loan would not be reported as past due.” This makes sense because a loan that receives an extension advances the due date and is not contractually delinquent. The loan system would show it as current on regulatory reports and to the credit bureaus.

The second paragraph in questions 2 states, “For loans subject to a payment deferral program on which payments were past due prior to the borrower being affected by COVID-19, it is the FDIC’s position that the delinquency status of the loan may be adjusted back to the status that existed at the date of the borrower became affected, essentially being frozen for the duration of the payment deferral period For example, if a consumer loan subject to a payment deferral program was 60 days past due on the date of the borrower became affected by COVID-19, an institution would continue to report the loan in its regulatory reports as 60 days past due during the deferral period (unless the loan is reported in nonaccrual status or charged off).” This then indicates that if a borrower was, for example, one payment past due, and then lost his job due to a government-mandated closure and could not make his next two payments, the bank could extend only the two payments owed after the closure or at least would report it as a month past due. I do not see a bank handling one past due loan in two ways. The bank would collect what it can for three extensions in total. Systems will typically not advance a due date, but still report a loan as still delinquent. Note, though, that the reporting described in the FDIC’s FAQ is regulatory reporting, not reporting to credit bureaus.

Credit bureau reporting

The CFPB on April 1 provided credit bureau reporting guidance in its “Statement on Supervisory and Enforcement Practices Regarding the Fair Credit Reporting Act and Regulation V in Light of the CARES Act” and stated, “As lenders continue to offer struggling borrowers payment accommodations, Congress last week passed the CARES Act. The Act requires lenders to report to credit bureaus that consumers are current on their loans if consumers have sought relief from their lenders due to the pandemic. The Bureau’s statement informs lenders they must comply with the CARES Act. The Bureau’s statement also encourages lenders to continue to voluntarily provide payment relief to consumers and to report accurate information to credit bureaus relating to this relief.” This indicates that when a loan date is advanced due to an extension, COVID-19 or not, that is the correct way to report the loan. The CFPB does have authority over Reg V.

The CFPB also recognizes that loan departments are strained due to COVID-19 personnel shortages. It notes that if there are FCRA dispute investigations that are not handled in a timely manner the CFPB does not intend to cite this in an exam nor bring any enforcement actions because of it. Hopefully the other agencies will follow suit.

March 2020 OBA Legal Briefs

  • Corona virus and banking
    • Management’s actions
      • Update
      • Education
      • Resonsibilities
      • Travel
      • Security
      • IT
      • Vendors
  • Military lending update
  • Perfecting a security interest on a trailer
  • Tax season information in Legal Briefs

Coronavirus and banking

By Andy Zavoina

Let’s first set the stage for our discussion on the coronavirus. The coronavirus is a large family of viruses that range from the common cold to much more severe illnesses. COVID-19 is the strain we are discussing. It recently started in China and has quickly made its way around the globe. While a very fluid story, it has infected more than 87,000 people worldwide and killed almost 3,000 of them. Half the people think these stories are an overreaction and the rest believe not enough is being done. Everyone is talking about it and it’s getting more real daily as people in the U.S. are now dying from the COVID-19. As I started to write this Legal Brief article on a Friday there were infected persons in the U.S. but deaths were occurring in other countries, not here. Then, on Sunday it was announced that the first person died of it in Washington state. Later that day a second died there as well. By Monday afternoon the count was six. And by Tuesday, the count had risen to nine.

Those reading this do not remember the Spanish flu, which in 1918-1919 infected 500 million people (about one in three worldwide) and killed 50 million. The world was quite different then. But is that a good thing? Medicine has advanced and we are used to having vaccines when we need them, but we do not have one now and people are much more mobile and spreading this highly infectious virus. One interview I saw had a doctor saying that this was the flu and while it has the possibility of causing death, we had not seen a high percentage of that yet and it was difficult to treat as a result. China reports a mortality rate of just 3 percent from COVID-19. The Spanish flu was the 1918 pandemic virus with a 10 percent mortality rate.

Let’s look at some business issues, since we know people take business, and the revenue it yields, very seriously. The Mobile World Congress is a large tech convention dealing with the mobile industry and it would draw 100,000 people to Barcelona, Spain. It was canceled. The Olympics in Tokyo could actually be canceled if the outbreak is not contained, a member of the International Olympic Committee said. The S&P dropped 13 percent in the last week of February representing trillions of dollars in losses and likely your retirement plan is smaller as a result. The COVID-19 is not a pandemic – yet – but it is an opportunity for banks to revisit the pandemic policies collecting dust.

My point is, the COVID-19 outbreak has already impacted you and your bank, it will continue to do so in other ways, and the only way this global economy, this mobile society, and the branch on Main Street will contain it is by being smarter. What does this mean for our banks?

Remember 2007? The FFIEC released guidance for pandemic planning. The 10-page guidance document may be integrated with the bank’s business continuity plan or exist as a separate document as it does differ and includes different requirements. When was the current policy last updated? When was it last tested? What have we learned in the last dozen years, and what adjustments could be made to your policy? The guidance cited five specific items a plan should include:

1. A preventive program to reduce the likelihood an institution’s operation will be significantly affected by a pandemic event;
2. A documented strategy that provides for scaling pandemic efforts commensurate with the particular stages of a pandemic outbreak;
3. A comprehensive framework of facilities, systems, or procedures to continue critical operations if large numbers of staff members are unavailable for prolonged periods;
4. A testing program to ensure the institution’s pandemic planning practices and capabilities are effective and will allow critical operations to continue; and
5. An oversight program to ensure ongoing review and updates to the pandemic plan.

Thankfully we are not in a pandemic stage, but that does not lessen some people’s fear or the precautions they may demand. “People” in this case includes the bank’s customers, and the bank’s staff.

Management’s Actions

The bank’s policy on addressing a pandemic crisis needs to be reviewed, and updated if necessary because branches have changed, departments have moved, and more customers can bank online. What requirements in the policy have changed as a result of this progress?

Management needs to ensure that employees are educated on COVID-19 and know the difference between facts and myths, and are mindful of their surroundings. Bankers often educate staff at a meeting in the lobby or training room. So, first things first, employees who are not feeling well should not be “troupers” who come to work. They should stay home, and they certainly should NOT attend a group meeting. The bank may opt to video the meeting and make it available to staff who are absent. Announce the meeting -“We will hold a meeting at 8am in the training room this Thursday to discuss what is being done to address the safety needs for all staff and customers based on the health issues that are of concern to us all. If you believe you have the flu, a fever, dry cough, trouble breathing, and possibly pneumonia you should consult your doctor and not attend this meeting or come to work if you may be contagious.”

The meeting will not include refreshments unless steps are taken which prevent cross contamination. Consider the ill person who refills their cup by resting a carafe against the lip of their cup. The bank should reconsider the free coffee, cookies and donuts available in the bank unless these are individually served. We want the meeting itself to be a safe place and this applies to the customer lobby as well.
Management should reassure staff that it is monitoring the situation and is managing it to ensure the protection of everyone. Outline what the bank wants, hygiene from staff, travel restrictions, time away from the bank, telecommuting possibilities, providing resource links and sharing IT and security concerns. These are expanded in this article. Management also needs to ensure supervisors are trained to respond in a uniform manner to staff concerns.

Your policy should be scalable, and the bank can implement stage one at this time. Stage one may include ensuring that the bank has hand sanitizer stations throughout the bank and especially in teller areas where customers are greeted, in close proximity to staff and others and cash is handled routinely going from person to person. These need to be in place and working by the meeting.

Quick thoughts:

1. According to the CDC, a person who coughs has a six-foot bubble in front of them that could be affected by a cough. Just as we urge staff to stay home when they are ill, customers should do the same. Use remote deposit capture, internet banking and the drive-thru lanes when possible.
2. Hand sanitizer should contain at least 60 percent alcohol and should be available in many areas of the bank to anyone. Additional cleaning and sanitizing supplies should be available and janitorial staff may be asked to pay more attention or to use sanitizing cleansers where they were not used before.
3. Staff should regularly wash their hands with soap and water for at least 20 seconds.

Those are some basic points, but reminders are positive reinforcements because the bank does care about its staff. I’m sure you can add many items to this list.

There is no evidence COVID-19 can be transmitted from soft surfaces like currency, but it could survive on frequently-touched hard surfaces, such as a doorknob, for a few hours. Consider rubber gloves for staff as coin is a hard surface. Again, show staff the bank cares.
The above may sound very simple and it is. It is common sense and it is something that should be practiced daily, not just during flu season or as a reaction to an epidemic.

Management should be able to announce any confirmed case of COVID-19 to peers so they can take appropriate actions. But confidentiality of information is also required to comply with the Americans with Disabilities Act (ADA). Under ADA rules the bank would be advised to avoid health inquiries or requiring certain staff to have medical exams absent sufficient cause such as a direct threat to the health of others. An infected employee may be ADA protected. The bank’s Family Medical Leave Act (FMLA) policy can also come into play as someone diagnosed with COVID-19 will likely qualify as having a serious health condition. Human Resources is definitely part of the management team in the action planning stage. Accommodations beyond normal paid time off routines may be required. Similarly, any travel restrictions and requirements to work offsite should be discussed with counsel, applied uniformly, and not be targeted toward any employee based on any protected basis.

Does bank staff travel on official business to countries that are highly impacted by COVID-19 such as Italy, Japan, Iran or South Korea? Likely this is not the case, so no restrictions are necessary in the policy there. But what about vacations? Are any staff members planning on going to the Olympics in Tokyo? Are any visiting family in South Korea such as those in the military? Can the bank restrict what an employee does on vacation? What about when the employee returns to work the day after getting back in the country from one of these places?

Various employment laws will influence what the travel policy says on this (also see “Responsibilities” above) and highly impacted areas may have all travelers quarantined for the 14-day COVID-19 incubation period so what the bank opts for may be secondary. In any case, any employee traveling from or through a designated area should be forbidden from returning to work if they are put on an incubation period quarantine until that period expires and the employee is cleared by medical staff. But remember the traveler mentioned above in San Antonio. Ensure all staff understands the possible repercussions of such travel and what it may mean to coworkers. If every day of vacation is used on vacation, if the employee is placed in quarantine is that an excused absence, even if they know a quarantine may be coming? If the employee is in a higher-risk area, but not one that is designated by the authorities as requiring a quarantine, should the employee be allowed back to work? Some alternatives may include allowing the employee to telecommute. Perhaps the bank has a laptop that may be checked out and used for work from home securely or the employee will use additional vacation, sick or personal days while ensuring they are not a carrier. If they are out of time off, can other staff donate their accumulated days to this person? By educating all employees everyone will have a better understanding of the issues. What the bank doesn’t want is one employee to come back to work and five others to call out as a personal precaution.

“No hats, no hoodies” has been an issue for many years and many banks have signage to this effect at branch entrances. What is the bank to do if a customer comes in wearing a surgical mask? A bank robber in Georgia has done just that and robbed six banks. Perhaps additional signage is warranted at the doors:

“For the safety of staff and customers this bank requires customers to remove hats and hoods when in the bank. Protective surgical masks are included. If you feel the need to wear such protection, we ask that you use our drive-up or online facility.”

Why is this justified? Currently the Surgeon General and the CDC have agreed that face masks are not recommended for the general public in the U.S. The risk of catching the virus in the U.S, is low since there is little evidence of community transmission at this time. Many masks are not made for this type of use and if they are not properly fitted are ineffective. A man with a beard as an example can have a difficult time getting the proper fit and the mask is virtually useless as protection from a virus. Different masks offer different levels of protection as well. The better masks are not in sufficient supply to meet the demands of the general public. If the public as a whole purchased those masks, health care workers who are at a greater risk may not find them available. In some cases, a mask is recommended, such as for some cancer patients with low immune systems or someone who is ill with a cough or sneezing. This begs the question, is the lobby the best place to meet their banking needs? For these reasons, neither customers nor staff should need a mask inside the bank. Customers in the drive-up could easily and safely remove a mask while in a vehicle for identification purposes. Simultaneously the bank may find this an opportune time to advertise the features of online banking.

We will leave VPN and laptop configurations for the telecommuting staff to the IT department, but the IT-related risks extend beyond that. Let’s assume you have that skittish employee who can already feel the fever and cough coming on. They get an email from the CDC or World Health Organization (WHO) advising them they reside in a ZIP code where a person known to have contracted COVID-19 was recently travelling. The email goes on that while there is minimal risk that this person actually had contact with them, they should nonetheless take some basic precautions. They’re asked to click on the link for a list, or to download the attached PDF, and now IT really is scrambling.

Cybercriminals love using a disaster to fuel their efforts as fear drives people to do what they ordinarily would not. Now personal and even bank information, customer information, may be at risk. Sophos, a U.K. based internet security company, was warning readers in mid-February that emails from WHO were already circulating and were stealing individuals’ email credentials. The sender’s address may give it away, if the reader looks closely enough. While is a correct address, and, where some of these emails were coming from, are not. Kaspersky, another cybersecurity company, warned of phishing emails supposedly from the CDC which contained a link to a “CDC web page” because the CDC, “established a management system to coordinate a domestic and international public health response.” That sounds official and the link looked legitimate. A person could see what COVID-19 issues were near them. But this was a phishing attack designed to capture logon credentials of those following the link. There have been others, and certainly there will be more. Staff needs to be ever vigilant and skeptical. Typing the link themselves is more helpful, or just going to the website directly will yield most of what a person needs to know.

Normal precautions apply when reviewing email. Look closely at the sender’s real email address and the real link that is offered. Look for common spelling and grammatical errors, though the criminals are getting better about this. Never enter logon credentials on a site that may be suspicious, is unfamiliar and was unexpected. If any information was revealed and that is used elsewhere, go change it. And always use different passwords at different sites.

The bank has key vendors it is critically dependent on. Has the bank asked what they are doing to protect themselves? Some vendors are already emailing clients telling them the basic plans they have. Many of these are tech related and telecommuting is an option for many. The bank should be aware of what is being done by others.

On March 3, 2020, the FHA even emailed a list of links (FHA Info #20-16) to act as resources for lenders. “While the risk of infections for Americans remains low, we are encouraging FHA-approved lenders and other stakeholders in FHA transactions to make the information below available to your employees…” Hopefully more vendors will demonstrate a willingness to be proactive and share both resources and pandemic planning initiatives.

Military Lending Update

By Andy Zavoina

Just when we thought financing GAP insurance for servicemembers was going nowhere, the Department of Defense (DoD) surprised us again. Is this a game changer? I can only answer that by asking if the bank is a risk taker.

The DoD has not amended the Military Lending Act (MLA) but it has issued a new interpretive rule. This evades rulemaking requirements and is intended to amend existing guidance only. The DoD actually removed one piece of guidance and added another.

In July 2015, the DoD amended the MLA. It greatly expanded the loans that were subject to the Act. It also carved out some exceptions. The MLA requires certain disclosures, both orally and written, when loans meeting the definition of “consumer credit” are made. Disclosure requirements include:

1. A statement describing the Military Annual Percentage Rate (MAPR).
2. A duplicate requirement for Reg Z required disclosures.
3. A description of the payment obligation, already required by Reg Z.

Sections 232.3(f)(2)(ii) & (iii) exclude from the definition of “consumer credit” loans used to purchase a vehicle or personal property when the item purchased is the loan’s collateral and there are no additional monies loaned. So, making a loan to buy a car or a washer and dryer, when the loan is secured by the items purchased, and the loan proceeds are not used for any other purpose, is not considered “consumer credit.” They would be exempt from the disclosure requirements.

Section 232.4(b) imposes the 36 percent MAPR limit on “consumer credit.” The MAPR is more of an “all-in” interest calculation in that Reg Z excludes many items which the MAPR includes. This makes it easier to reach this 36 percent ceiling. So making a loan that is exempt can be advantageous to the lender.

The question is, where is the line drawn when defining the purchase price of a car or a washer and dryer. Using a car as an example, many lenders offer and finance Guaranteed Auto Protection (GAP) insurance to protect any low- or negative-equity position the borrower has in a car. The MLA allows negative equity in a trade-in situation as part of the purchase, but the DoD issued guidance in December 2017 denoting that GAP insurance would be considered additional monies beyond the purchase price of a car. This causes a loss of the exemption, so disclosure rules and the MAPR requirements must be met.

The industry immediately appealed the guidance and now, more than two years later, the DoD has removed its opinion. Does this mean that a lender can again look at the “front sheet” description of the vehicle and use the bottom-line calculation stating the purchase price of a car and assume that is the MLA’s version? Not really.

With this adjustment in the guidance, the DoD is reverting to the original 2016 Q&A #2 to “allow the Department to conduct additional analysis on this matter”. I’m not sure if that means the DoD is actively studying this or if it may review it in the future.

I believe that the path the DoD is on is to allow these charges to be included and for the loan to remain exempt. But the final word is not in yet, any more than when the Q&A was published that effectively prohibited inclusion of the fees in 2017. We thought we understood the rules and the guidance reversed what many believed was part of the purchase price. The same could happen again as the DoD now says it “takes no position on any of the arguments or assertions advanced as a basis for withdrawing the amended Q&A #2”. I’m not sure what that means but I am risk-averse. I would not want to build a portfolio where GAP is financed only to have the administration in Washington change and the CFPB to say that it’s some type of UDAAP issue or a judge to say that these MLA loans are in violation and may be voided per the MLA penalties section. Banks wanting to accept the risk will finance GAP and may or may not see long term profits from it. Ultimately it is management’s risk decision to make.

The original, now reinstated Q&A #2 does not directly address the issue of financing GAP insurance or other credit products. Instead, it states that “[a]ny credit transaction that provides purchase money secured financing of personal property along with additional ‘cash-out’ financing is not eligible for the exception under §232.3(f)(2)(iii) and must comply with the provisions set forth in the MLA regulation.” As a bank weighs the risk decision it must be able to justify what is consider cash-out, as that constitutes additional monies loaned beyond the purchase price. A case may be made either way.

An additional change to the Q&A guidance is the inclusion of Question #21 regarding the use of Individual Taxpayer Identification Numbers (ITINs). The DoD clarified that for the purposes of the MLA safe harbor provision, “an ITIN is a ‘Social Security number.’” ITINs have been added to the DMDC database lenders and credit bureau’s use for covered borrower verification purposes. Therefore, it is now clear that verifying the covered borrower status of dependents of servicemembers can rely on an ITIN instead of a Social Security number.

Perfecting a security interest on a trailer

By Pauli D. Loeffler

There seems to be some confusion on how to perfect the bank’s security interest in trailers under Oklahoma law. Does the bank perfect by lien entry or by filing a UCC-1? The use of the word “trailer” without further definition is part of the problem; however, the manner of perfection really depends upon whether registration of title is required under Oklahoma law (Title 47, statutes below), or is merely permitted under our statutes. If registration is required, then perfection is by lien entry, and filing a UCC does nothing. If registration is merely permitted or optional, as is the case for horse trailers, farm trailers, boat trailers, etc., perfection is by UCC filing, and lien entry does nothing, See IN RE: JENNIFER LYNN JACKSON, Debtor. SUSAN MANCHESTER, Trustee, Plaintiff, v. ARVEST BANK, Defendant. CERTIFIED QUESTION OF LAW. 287 P.3d 986 (2012)

¶18 The modified certified question presented by the United States Bankruptcy Court for the Western District of Oklahoma is answered with specific explanations relevant to the case at bar. Title may be properly issued by the Oklahoma Tax Commission to non-required trailers for the convenience of showing ownership. The use of title beyond this single purpose for non-required vehicles would be contrary to the general scheme and purposes of the Uniform Commercial Code as adopted in Oklahoma. The proper method for perfecting a security interest in collateral that is not required to be titled (but may be titled at the discretion of the owner) still is, and has been by the filing of a UCC-1 financing statement. [Emphasia added.]

The specific statutes to review to clarify which method to use are:


B. The owner of every vehicle in this state shall possess a certificate of title as proof of ownership of such vehicle, except those vehicles registered pursuant to Section 1120 of this title and trailers registered pursuant to Section 1133 of this title, previously titled by anyone in another state and engaged in interstate commerce, and except as provided in subsection M of this section. Except for owners that possess an agricultural exemption permit pursuant to Section 1358.1 of Title 68 of the Oklahoma Statutes, the owner of an all-terrain vehicle or a motorcycle used exclusively off roads or highways in this state which is purchased or the ownership of which is transferred on or after July 1, 2005, and the owner of a utility vehicle used exclusively off roads and highways in this state which is purchased or the ownership of which is transferred on or after July 1, 2008, shall possess a certificate of title as proof of ownership. Any person possessing an agricultural exemption permit and owning an all-terrain vehicle or a motorcycle used exclusively off roads or highways in this state which is purchased or the ownership of which is transferred on or after July 1, 2008, shall possess a certificate of title as proof of ownership. Upon receipt of proper application information by such owner, the Oklahoma Tax Commission shall issue an original or transfer certificate of title. Until July 1, 2008, any security interest in an all-terrain vehicle that attached and was perfected before July 1, 2005, and that has not otherwise terminated shall remain perfected, and shall take priority over any subsequently perfected security interest in the same all-terrain vehicle, notwithstanding that a certificate of title may have been issued with respect to the same all-terrain vehicle on or after July 1, 2005, and that a lien may have been recorded on said certificate of title. There shall be eight types of certificates of title:

Sec. 1102

As used in the Oklahoma Vehicle License and Registration Act:

6. “Commercial trailer” means any trailer, as defined in Section 1-180 of this title, or semitrailer, as defined in Section 1-162 of this title, when such trailer or semitrailer is used primarily for business or commercial purposes…

25. “Park model recreational vehicle” means a vehicle that is:

a. designed and marketed as temporary living quarters for camping, recreational, seasonal or travel use,

b. not permanently affixed to real property for use as a permanent dwelling,

c. built on a single chassis mounted on wheels with a gross trailer area not exceeding four hundred (400) square feet in the setup mode, and

d. certified by the manufacturer as complying with standard A119.5 of the American National Standards Institute, Inc.;

29. “Recreational vehicle” means every vehicle which is built on or permanently attached to a self-propelled motor chassis or chassis cab which becomes an integral part of the completed vehicle and is capable of being operated on the highways. In order to qualify as a recreational vehicle pursuant to this paragraph such vehicle shall be permanently constructed and equipped for human habitation, having its own sleeping and kitchen facilities, including permanently affixed cooking facilities, water tanks and holding tank with permanent toilet facilities. Recreational vehicle shall not include manufactured homes or any vehicle with portable sleeping, toilet and kitchen facilities which are designed to be removed from such vehicle. Recreational vehicle shall include park model recreational vehicles as defined in this section…

Tax season information in Legal Briefs

By Pauli D. Loeffler

The new online index to Legal Briefs articles makes it much easier to find every article discussing taxes written since January 2005 by using “find in page” (ctrl+f) and entering “tax” in the search box that pops up. However, there are some 43 instances of the word, so to save you some time, here are the ones that are most relevant:

May 2012: Tis the Season – For Tax Refund Fraud
January 2014: Handle tax refunds properly
February 2016: Tis the (tax refund) season (direct deposit)
March 2016: Tis the (tax refund) season – Part II (deceased payees, Oklahoma tax refund cards)
February 2018: Tax Refund Checks

February 2020 OBA Legal Briefs

  • Index to Legal Briefs now online
  • “Abusive” UDAAP Update – Policy Statement
  • Compliance Aids – Policy Statement
  • SECURE Act and IRAs
  • LIBOR – Transition Plans
  • HMDA Guides

Index to Legal Briefs now online

by Pauli Loeffler

There are 15 years (January 2005-January 2020) of OBA Legal Briefs articles available on the OBA’s website. These articles are like an all-you-can-eat buffet of information covering a wide range of topics including check warranties and reasons for returns, advertising free accounts, HMDA, flood insurance, SCRA, campaign accounts, late fees, garnishments and levies, and nearly the entire alphabet of federal regulations. Yes, there is a wealth of information available at your fingertips, but until now it was difficult to find the article you needed. Your OBA Compliance Team shared your frustration. The search box in the right-hand corner wasn’t of much use since it would return results for not only Legal Briefs but also for webinars and OBA news articles. Another issue was finding whether an article had ever been written on the subject. Since I have been with the OBA since June 2004, I pretty much knew what had and had not been covered over the last 15 years, but that wasn’t the case for the other members of the OBA Compliance Team or for our bankers.

Thanks to the extraordinary efforts of our legal extern, Roy Adams, we now have a cumulative index of all those articles, which will be updated as new articles are posted online.  In order to access the OBA Legal Briefs index, articles, Legal Links webpage and some of Elaine Dodd’s fraud articles, you will need to create an account through the OBA’s “MyOBA Member Portal” located next to the date in the upper left-hand corner of the main ( webpage. After registering, all you need to do is click the red “Access Legal Briefs” button and enter the email address and password you registered when asked. Click the hyperlink to the index, use the “Find in Page” command (Ctrl+F) and enter a search term. I admit the search feature is not perfect, but it is much better than what was available before.

Note that Legal Briefs is a four-page pull-out in the middle of the Oklahoma Banker, the monthly newspaper sent to our member banks. It is also available via email subscription, which is sent usually within a couple of days of our submission. To subscribe to the email edition, you will need to go to this link for purchase:  The online Legal Briefs edition is posted on the website about two weeks after the print versions are received.

“Abusive” UDAAP Update – Policy Statement

By Andy Zavoina

It has been nearly a decade since the Dodd-Frank Wall Street Reform and Consumer Protection Act added “abusive” to what was the Unfair or Deceptive Acts or Practices (UDAP) law. Initially there were very few questions over the Consumer Financial Protection Bureau (CFPB) and its new Unfair, Deceptive or Abusive Acts and Practices (UDAAP) as the focus was on the enforcement actions brought using UDAAP. In fact, there have been 32 enforcement actions which included an abusiveness claim from 2011 through 2019. Only two actions were solely on an abusive act so for the most part it appeared unfair and deceptive were closely related to abusive. But with new leadership at the Bureau came new questions, such as what is “abusive” and how does that differ from the existing restrictions?

The Federal Trade Commission handled UDAP claims for many, many years and provided guidance and cases with examples of what was unfair or deceptive. But there was no such track record for what was abusive. The “CFPB Consumer Laws and Regulations” document on UDAAP from October 2012 is based on section 1031(d) of the Dodd-Frank Act, and states the following:

“An abusive act or practice:

  • Materially interferes with the ability of a consumer to understand a term or condition of a consumer financial product or service or
  • Takes unreasonable advantage of:
    • A lack of understanding on the part of the consumer of the material risks, costs, or conditions of the product or service;
    • The inability of the consumer to protect its interests in selecting or using a consumer financial product or service; or
    • The reasonable reliance by the consumer on a covered person to act in the interests of the consumer.”

Although abusive acts also may be unfair or deceptive, examiners should be aware that the legal standards for abusive, unfair, and deceptive are separate.”

Note that the guidance indicates that abusive is separate from unfair and deceptive even though these could be the same acts. There is subjectivity in this guidance and that is what seemed confusing for many bankers trying to follow the law and those who would enforce UDAAP.

In an effort to better define standards for what may be an abusive practice, the CFPB issued a Policy Statement on January 24, 2020. This provides the framework the CFPB will use to apply a standard in its supervision and enforcement activities. The Policy Statement says, “The Bureau wants to make sure that such uncertainty does not impede or deter the provision of otherwise lawful financial products or services that could be beneficial to consumers.” This statement hits home for many bankers as they may tend to take a conservative posture toward a new product or service and offer less than their customers actually want because of the fear of uncertainty. This uncertainty could limit products and services and increase costs to comply with the rules as a bank understood them.

To counter these inhibitors the CFPB explained that for clarity, it has three principles it intends to apply:

  1. Focusing on citing or challenging conduct as “abusive” in supervision and enforcement matters only when the harm to consumers outweighs the benefit, (this is also a test under the “unfairness” standard)
  2. Generally avoiding “dual pleading” of abusiveness and unfairness or deception violations arising from all or nearly all the same facts, and alleging “stand alone” abusiveness violations, and
  3. Generally seeking monetary relief for abusiveness only when there has been a lack of a good-faith effort to comply with the law. However, the CFPB will continue to seek restitution for injured consumers regardless of whether a company acted in good faith or not.

These principles under the Policy Statement are effective immediately.

The CFPB does indicate that there still exists the future possibility of future rulemaking if there is a need to better define standards for what will be considered “abusive.”

The Dodd-Frank Act gave the 50 state attorneys general and state banking regulators the authority to enforce UDAAP rules. Those entities are not bound by this Policy Statement because it was not done in a form which would bind them. While it would seem unlikely one of these would enforce the UDAAP rules inconsistently from what the CFPB is intending, it is possible.  Also, as a non-binding policy because it did not affect the law, the next Director of the CFPB could rescind this policy and create a different interpretation of the rule.

When your bank reviews products, services or conducts a periodic risk analysis, it should consider the defining rules the Dodd-Frank Act outlined as “abusive” and simultaneously consider the CFPB’s point in this new Policy Statement. Perhaps a little less conservatism could lead to a more widely accepted and needed product or service your customers want.

Compliance Aids – Policy Statement

By Andy Zavoina

On January 27, 2020, the Consumer Financial Protection Bureau published a Policy Statement on what it calls “Compliance Aids.” The Compliance Aids will act as official guidance from the CFPB. The Policy Statement explains the legal status and the effect of this new category of materials or Compliance Aids.

The CFPB noted that Compliance Aids “will provide the public with greater clarity regarding the legal status and role of these materials.” The Policy Statement does not alter the status of materials that the CFPB issued in the past but indicated that it may reissue certain existing materials as Compliance Aids “if it is in the public interest and as CFPB resources permit.”

For years the CFPB has issued useful guidance documents such as its “small entity compliance guides,” TRID forms with detailed explanations, executive summaries, FAQs and more. The Policy Statement makes it clear that this will apply only to materials which are clearly identified as a Compliance Aid. Some of the aforementioned documents will not enjoy the same legal status as an official Compliance Aid. This does not mean any of those documents will not be reissued or updated as Compliance Aids and the CFPB says that is a possibility if it is in the best interest of the public. It was also clear that these Compliance Aids will not determine the policies of any of the prudential regulators. (I will remind our readers that there may be a distinction between the policy of a regulatory agency other than the CFPB, and the CFPB’s controlling influence as the “owner” of the consumer protection regulations. I would believe that generally what the “owner” of the Reg says, goes, but there may be times when some issues will be open to interpretation and the CFPB could even carve out those exceptions for the other agencies.)

A designated Compliance Aid will be intended to provide clarity to the public and to the banks following these regulations. The Bureau notes that Compliance Aids will not rise to the level of a regulation or an official interpretation, both of which require issuance under the Administrative Procedure Act. “Compliance Aids present the requirements of existing rules and statutes in a manner that is useful for compliance professionals, other industry stakeholders, and the public” as per the Policy Statement. Like the TRID forms the CFPB issued, Compliance Aids may present practical suggestions demonstrating or illustrating how a bank (as an example) may go about complying with a specific requirement. However, the CFPB points out that a Compliance Aid may demonstrate one way to comply with a statute or regulatory requirement, but there may be alternative ways, as well. These Compliance Aids will not bind a bank into meeting its compliance requirements in the one way a Compliance Aid illustrated.  When there are multiple ways to comply, the Compliance Aid may show only one and the bank is free to use any other method so long as the stated regulatory requirements are met.

In short, these Compliance Aids will not have the force and effect of a regulation or law and compliance with a Compliance Aid is not mandatory for that reason. It is compliance with the regulations and laws that are required. A compliance Aid will be designed to accurately depict and explain one way to comply with a regulation or law. The CFPB does not intend to exercise enforcement actions against a bank or other entity which reasonably relied on a Compliance Aid as a guidance document.

This policy statement does not include rulemaking steps under the Administrative Procedures Act (such as proposal, comment period and final rule). It is intended to provide information and, like the UDAAP article also in this issue, it could be rescinded, particularly by another Director of the CFPB.

Compliance Aids will not be issued prior to February 1, 2020, as the Policy Statement identifies that as the effective date.  At the end of the day, a Compliance Aid is not a get-out-of-jail-free card. If used accurately and in good faith, those compliance efforts will go a long way toward avoiding compliance penalties, but it is always the underlying regulation or law which ultimately controls.


By Andy Zavoina

Setting Every Community Up for Retirement Enhancement (SECURE) Act. You just have to appreciate the government job of acronym writing. This article will act as an overview of some of the changes included in the new law and what your bank should have done or at least be doing to plan for the implementation of these changes. For detailed explanations bank staff handling Individual Retirement Accounts in the bank should seek out webinars, seminars or online classes to get the working details.

There was a large government spending package signed into law on December 20, 2019. As is often the case, there were non-spending bills attached, things that had nothing to do with government expenditures. The SECURE Act was one of them. IRA rules were in need of some tweaking and this will do much of that. It is hoped that some of these reforms will make it easier and more advantageous for Americans to start saving more for retirement.

Here are six key attributes to the SECURE Act. The Act:

  1. Repeals the maximum age for traditional IRA contributions, (it was 70 1/2),
  2. Increases the required minimum distribution (RMD) age for retirement accounts to 72 (it was 70 1/2),
  3. Allows long-term, part-time workers to participate in 401(k) plans.
  4. Offers more options for lifetime income strategies,
  5. Permits parents to withdraw up to $5,000 from retirement accounts without a tax penalty within a year of birth or adoption for qualified expenses,
  6. Allows parents to withdraw up to $10,000 from 529 plans to repay student loans.

One important point and popular question involves RMDs. These now begin at 72 years of age for individuals who turn 70 ½ in 2020 – any time during this year. Those who turned 70 ½ in 2019 and have begun receiving RMDs should generally continue doing so. If customers ask about this, they should be referred to their tax advisors and to watch for any IRS guidance. Those turning 70 1/2 in 2020 may also want to discuss income strategies with their tax advisor or financial planner as to withdrawal options.

With the SECURE Act, those over 70 1/2 who are still working may continue to contribute to their IRAs. One question we have seen was whether these folks can just have any RMDs reinvested automatically? Until the IRS says otherwise, we recommend an RMD go to the depositor as scheduled, and they can then determine if it will be reinvested. The paperwork trail is clear that way.

Inherited IRA distributions used to be able to be stretched out over the new owner’s single life expectancy. Now these must be taken within 10 years. That is, if the IRA owners dies in 2020 or later, the entire remaining balance must be distributed by the end of the tenth year. This may translate into larger lump-sum payouts at some banks. There are some exceptions to this rule, applicable to a surviving spouse, a minor child, or a disabled beneficiary, among others.

The SECURE Act allows an individual to take a qualified birth or adoption distribution of up to $5,000 from an IRA. The 10% early withdrawal penalty will not apply to these withdrawals, and it can be repaid as a rollover contribution to an applicable IRA. The distribution must be made during the one-year period beginning on the date on which a child of the individual is born or on which the legal adoption is finalized.

With the overview complete, let’s consider an action plan. Remember this was just passed in December 2019. Your IRA forms vendors should be in communication with you about changes and necessary amendments to conform to the SECURE Act.  If they haven’t contacted you, call them. These include contracts, distributions forms, beneficiary election forms and notices to customers to correct the 70-1/2 notices for those who no longer have to take RMDs because they were going to turn 70-1/2 in 2020. (The IRS has said that if you already sent out the notice using age 70-1/2, there is no problem if you advise IRA customers born after June 30, 1949 (these are the folks who weren’t 70-1/2 by December 31, 2019), no later than April 15, 2020, that no RMD is due for 2020.)

At the same time, you may want to remind IRA customers born after June 30, 1948, but before July 1, 1949 (people who turned 70-1/2 in calendar year 2019) who haven’t yet taken their 2019 RMDs, that they are still required to taken those distributions by April 1, 2020. The SECURE Act didn’t change their RMD start dates.

Training materials need to be updated and while that is happening, existing materials (brochures, IRA agreements, preprinted forms mentioning RMDs and age 70-1/2, scripts … you get the idea) that are outdated need to be identified and purged. System triggers that identify IRA customers at age 70-1/2 for RMDs need to be revised to age 72. I’m certain your checklist will expand and become much more detailed, but we wanted to identify the initial steps necessary now. When your customers ask about IRAs and want to entrust you with much of their life savings, they want to know that you know the current requirements and laws. It’s a trust issue. If you haven’t had training on this yet, we suggest you seek it as soon as possible.

A final note – You may have heard that the IRS has proposed updates to the life expectancy and distribution period tables that are used in calculating, among other things, the RMDs for IRA customers. That proposal was published on November 8, 2019, with a comment period that ended On January 7, 2020. A final rule hasn’t yet been issued, and the IRS suggested in the proposal the new tables won’t be used until tax year 2021. That’s a story for later.

LIBOR – Transition Plans

By Andy Zavoina

We have already had questions about preparing for the transition away from LIBOR rates and “what should we be doing?” Let’s explore a little of what this is, so you know where to find it, and what plan of action is necessary.

The London Interbank Offered Rate (LIBOR) was and is a commonly used index rate for many adjustable rate mortgage (ARM) loans. Even when I was at a small national bank, we had some lenders who, for various reason, wanted LIBOR as an index on the loans they made that had adjustable rate features. The OCC has a rule (12 CFR 34.22), which most banks, I believe, followed in one form or another, that required that the index not be controlled by the bank. The rule states that if a  national bank makes an ARM loan to which 12 CFR 1026.19(b) applies (i.e., the annual percentage rate of a loan may increase after consummation, the term exceeds one year, and the consumer’s principal dwelling secures the indebtedness), the loan documents must specify an index to which changes in the interest rate will be linked. This index must be readily available to, and verifiable by, the borrower and beyond the control of the bank. A national bank may use as an index any measure of rates of interest that meets these requirements. The index may be either single values of the chosen measure or a moving average of the chosen measure calculated over a specified period. A national bank also may increase the interest rate in accordance with applicable loan documents specifying the amount of the increase and the times at which, or circumstances under which, it may be made. A national bank may decrease the interest rate at any time.

LIBOR was a commonly used index as it met those criteria followed by national and other banks and lenders. The index ideally is in sync with market conditions and this preserves the banks’ interest income during fluctuating market conditions. But LIBOR was based on banking transactions and that market has changed at least partly to a scandal that included misuse and manipulation of the LIBOR rate itself. The result is that the financial regulator in the United Kingdom overseeing LIBOR has stated that it will likely disappear after 2021.

Banks looking for a reliable replacement index rate may look to the Alternative Reference Rates Committee, which is a working group created by the Federal Reserve. It recommends the Secured Overnight Financing Rate (SOFR) as a LIBOR replacement. SOFR is based on overnight reverse repurchase agreements that offer a deep and liquid market with far more transactions to use as a base, as compared to LIBOR. This is not a required alternative, just a suggested one. As noted above, within certain conditions banks have many options. If your bank sells mortgages, your investors may impose certain restrictions as well.

With almost two years before the change takes effect, there is time to plan your transition but expect borrowers to begin asking questions of you if LIBOR is their indexed rate. More importantly, what are you using on loans made today? There is little reason to be using a rate that is going away unless the bank has already determined it is the best rate to continue using until it can no longer be used. In those cases, loan documents should be crystal clear as to what the bank will do, and when, to change that rate with its borrowers. In fact, the existing loan documents will hopefully be uniform and address what steps the bank must take.

Following on this, the loan administration department should be able to produce a list of adjustable rate loans that use the LIBOR rate as an index. If there are none, keep it that way. Otherwise you will know the number and dollar amount of loans impacted by this index change. The identified loan documents may require a review by counsel as to amending the indexed rate. This is where we hope the terminology is uniform and sufficiently detailed so that the bank can identify a new index rate and substitute that with the new rate, and under what conditions. It may be that the bank has to wait until LIBOR is scheduled to be terminated or it may be able to be changed sooner. But borrowers will have a required amount of lead time and will need information about the rate. This may include where to find the rate, a comparison of the two rates over a given historical period, and when the change will take effect for each borrower. If your documents fail to adequately address the transition, bank counsel may be consulted so that an agreed upon notice of the change in terms can be created.

Getting this process underway and understanding the number of accounts requiring changes must be on the To-Do list for this year.

HMDA Guides

By Andy Zavoina

One of the first things a compliance professional does when they undertake a significant task like an audit or regulatory submission is to ensure they have the latest resources available. You must know that you are asking the right questions, know the correct thresholds for applicability and have the most current interpretive guidance. If you are a HMDA bank, you are preparing for a major submission – actually two. You are preparing your 2019 Loan Application Register (LAR), and you are starting your 2020 LAR for submission next year. Have you ensured you have the latest issuance applicable to your bank?

On February 4, 2019, the Consumer Financial Protection Bureau (CFPB) published “Reportable HMDA Data: A Regulatory and Reporting Overview Reference Chart for Data Collected in 2019.” The chart is intended to be used as a reference tool for data points required to be collected, recorded, and reported under Regulation C.

On March 7, 2019, the OCC issued Bulletin 2019-12. This was in concert with the FDIC and the Federal Reserve. Because these three agencies are part of the FFIEC, the information is the OCC Bulletin is not exclusive to national banks. What the Bulletin outlined were the key data fields on a banks’ LAR which are tested for HMDA compliance requirements.

Of 110 data fields, 37 have been identified as key fields. Examiners will typically test and validate these 37 key fields that reporting lenders are required to collect, record, and report. That certainly does not mean the other 73 fields can be wrong, but it does mean you want additional scrutiny on these 37 when you scrub HMDA data. For banks that qualify for a partial exemption from the HMDA data collection, your examiners will typically test and validate 21 of those 37 fields. The fields are identified in the Bulletin.

(To qualify for the partial exemption for closed-end mortgage loans, a bank must have originated, in each of the two preceding calendar years, fewer than 500 closed-end mortgage loans. To qualify for the partial exemption for open-end lines of credit, a bank must have originated, in each of the two preceding calendar years, fewer than 500 open-end lines of credit. The partial exemption is not available to banks that do not meet certain Community Reinvestment Act performance evaluation rating standards.)

On March 20, 2019 the FFIEC released the 2019 edition of “A Guide to HMDA Reporting: Getting It Right!,” for HMDA submissions due March 1, 2020. The 2019 edition reflects amendments made to HMDA by the EGRRCPA and the 2018 HMDA interpretive and procedural rule issued by the CFPB. The appendices provide additional implementation materials reporting lenders may find useful.

The FFIEC has the 2020 LAR submission software available on its website at

In September 2019 the CFPB published its “Filing Instructions Guide” (FIG) for data collected in 2020 and a new resource, the “Supplemental Guide for Quarterly Filers.” Both are available on the Bureau’s HMDA Help for Filers webpage.

On October 29, 2019, The CFPB announced its approval of a rule that finalized certain aspects of its May 2019 Notice of Proposed Rulemaking under HMDA. It extended for two years the temporary threshold for collecting and reporting data about open-end lines of credit. The rule clarified partial exemptions from certain HMDA requirements that Congress added in the Economic Growth, Regulatory Relief, and Consumer Protection Act (EGRRCPA).

On December 20, 2019, the Federal Register included a final rule increasing the Regulation C (HMDA) asset-size exemption threshold for banks from $46 million to $47 million. Banks with assets of $47 million or less as of December 31, 2019, are exempt from collecting data in 2020. The rule is effective on January 1, 2020.

And in January 2020 the CFPB released an updated version of its “Home Mortgage Disclosure Act (HMDA) Small Entity Compliance Guide.” The new version reflects changes made by the Bureau’s rule in October to extend by two years the temporary threshold of 500 for reporting open-end lines of credit. This issuance includes the new thresholds for reporting, the rule and the updated guide clarified the partial exemptions from certain HMDA requirements under EGRRCPA. The partial exemptions will become effective in 2022 after the expiration of the complete exemption for loans made beneath the reporting threshold amounts.

Get the right tools and ensure everyone involved in the HMDA scrub is on the same page. Good luck with your submission and data collection. It is

January 2020 OBA Legal Briefs

  • New Home Buyer Savings Account
  • CFPB Supervisory Highlights
    • UDAAP & GAP
    • Credit cards
    • Credit reporting (furnishing)

New Home Buyer Savings Account

By Mary Beth Guard

I don’t recall what the last straw was with apartment living, but whatever it was spawned a very strong “we need to get our own house” feeling.  I may or may not have painted the apartment’s dining room a color that horrified our landlord.  It was definitely time to move, but we were young (ish – we were both out of law school) and had no money (we were making spit and had student loans with payments of $139.81 and $264.12 per month – small by today’s standards, but like I said, we were making spit).  We had zippity-doodah saved for a downpayment, so we sought help from Bank of Maternal Parents.  My folks agreed to loan us $5,000 to cover the downpayment and closing costs, paving the way for us to become homeowners.

This trip down memory lane was spawned by studying an amazing new law that went into effect in Oklahoma on January 1, 2020 – the Oklahoma First-Time Home Buyer Savings Account Act.  Oklahoma was one of the first ten states to enact this legislation that provides favorable tax treatment for funds set aside for down payments and/or closing costs, subject to certain parameters.  The best part is that your bank can offer these accounts without taking on a bunch of red tape and you don’t have to police them for compliance with the Act!  Your customers need to know about this tax-advantaged savings vehicle – and you need to know how it all works, so here we go!

First of all, let me just say that the realtor people who pushed this bill through, bless their pointy little heads, did not consult with us on the language.  It appears they used a pre-fab template that was developed in some other state years ago, because the law’s definition of “financial institution” includes entities that don’t exist in Oklahoma, such as “safe deposit company.”  Also, the first state to pass this legislation was Montana, way back in the 90s.  As you may have heard (yes, I am being sarcastic), the laws relating to real estate lending have changed a bit since then.  The text in the bill, however, was not updated to reflect TRID.  Instead of referring to a Closing Disclosure under Regulation Z, it talks about a settlement statement under RESPA!   Nonetheless, I am a huge fan of this new Act.

The law is intended to help first-time home buyers achieve homeownership by providing tax breaks for funds placed in special accounts and ultimately used for downpayment or closing costs by an individual who has never purchased, either individually or jointly, a single-family residence in the State of Oklahoma.  It is codified to Title 46 of the Oklahoma Statutes, Sections 311 through 318.

Before I get into the nitty gritty, let me set your mind at ease about any possible burden on banks from this new law.  There is none!  You don’t have to set up a new type of account for this.  You don’t have to have any new forms to use within the bank.  You don’t need any special wording in your deposit account agreement.  You don’t have to style the account in a special way or worry about whose SSN to use as the TIN.  You don’t have to designate the account as a home buyer savings account in your system or on the contract.  You don’t have to maintain a record of the beneficiary.  You do not need to determine whether the account meets the requirements for a Home Buyer Savings Account.  You have no responsibility for tracking the use of funds in the account or monitoring withdrawals.  You have no reporting obligations under this law.  It’s like this is a behind your back agreement between the taxpayer (account holder) and the Oklahoma Tax Commission.  The Tax Commission is in charge of ensuring the legal requirements are met for the tax breaks to be earned.  How awesome is that?  You simply open an interest-bearing savings account for your customer like any other interest-bearing savings account.  Nothing special from your end.

Your mission, should you choose to accept it, is merely to increase awareness of the new law and its benefits.  Knowing where to point the customer to find the statutes and being able to answer basic questions about the Act will be a great service.

What your customer is going to do is file a form with the Oklahoma Tax Commission, giving that agency all of the necessary information about the account.  The form is Form 588.  It’s an easy one pager.  It can be submitted any time after the account was opened, but no later than April 15 of the year immediately following the calendar year in which the account was opened.  (In other words, it would have to be sent to the Tax Commission by April 15 of 2021 for an account opened this year.)  On the form, they will give information about the account holder(s), when the account was opened, the account number and bank routing number, and the name and SSN of the designated beneficiary.  The form includes a declaration made under penalty of perjury that the information is true, correct, and complete.  The form can be accessed here:  It is a fill-in-the-blank PDF.

There will be other forms (at least one) coming out from the Tax Commission at a later point in time because there is other information that must be provided to the OTC by the accountholder and a form is the most feasible way to handle the submission.  To get the tax breaks, the customer has to submit to the Tax Commission with their Oklahoma income tax return a form that contains detailed information regarding the home buyer savings account.  They will have to list transactions that occurred on the account during the tax year and they will have to furnish a copy of the 1099-INT.  Also, when funds are withdrawn from a home buyer savings account, the accountholder will be required to furnish the OTC a detailed account of the eligible costs toward which the account funds were applied and a statement regarding the amount of any funds remaining in the account.

Funds cannot be withdrawn for any purpose other than eligible costs (again, you do not have to inquire, monitor, track, or worry about this – it’s your customer’s burden).  The customer does have the authority to close a HBSA at one institution and put the money into a HBSA at another institution.

Any individual may establish a home buyer savings account, either as an individual account or a joint account.   The tax breaks go to the account holder.  The account holder may be the person who aspires to be a home buyer themselves, in which case they would name themselves as the qualified beneficiary, or the account holder can instead name someone else as qualified beneficiary.  For example, if this law had been in effect in the ancient time when I was going to buy my first house, my parents could have set up the account and named me as the qualified beneficiary.  That would have given them the tax benefits and provided the funds to me for the eligible costs.  I could have set one up and been both the account holder and qualified beneficiary.  A person may be named qualified beneficiary on more than one account, but the same account holder cannot have multiple accounts for the same beneficiary.

If the account is going to be a joint account, the joint owners must file joint tax returns.  If they file separately, they cannot have a joint Home Buyers Savings Account – they don’t meet the requirements.  Again, that is something the OTC oversees, and is not something you have to ask about or worry with.

Just one qualified beneficiary can be designated on an account.  (That is so smart and it eliminates all kinds of potential problems, such as what would happen if there were two beneficiaries and they got a divorce before the funds could be used to buy a house.  I can imagine all sorts of scenarios where having more than one beneficiary on an account could prove disastrous.)  There is one point in the statute where it refers to multiple beneficiaries, but don’t be misled by that.  It’s in paragraph 5, where it’s talking about all the things a financial institution shall not be required to do.  It says you don’t have to “Designate an account as a home buyer savings account, or designate the qualified beneficiaries of an account…”  The reason it refers to more than one is not because there can be multiple, but because the designated beneficiary can be changed over the life of the account.  Let’s say parents set up an account and name their eldest child, Ted, as the designated beneficiary.  Ted ends up moving to Seattle, so they change the beneficiary designation to their daughter Phoebe who lives here and plans to buy a house here.   There is no limit to the number of times the beneficiary designation can be changed.  There is a space on Form 588 for documenting the change.  Your customer will fill out the form and timely file it with the OTC.  It is totally unlike an authorized signer situation where every time a customer changes an authorized signer you have to be in the big middle of it.

I’ve talked about parents a lot, but let me be clear – anyone can set up this type of account, either for themselves or for any third party.  I helped my niece buy her first house.  If I had another niece or nephew or friend that was going to buy a house in Oklahoma as a first-time home buyer and I wanted to help, this law would give me a powerful incentive to do so by giving me a tax break for my trouble.  .

Looking at the definition of first-time home buyer, several things struck me.  First, the home buyer must reside in this state.  That means that an Oklahoma resident cannot set up this type of account and name a beneficiary who lives outside Oklahoma.

Second, an individual can be a qualified beneficiary if he has never purchased a single family residence.  If he has previously purchased a duplex, triplex, quadraplex, or multi-family dwelling – OR if what he purchased before was not used as his principal residence — he can still be considered a “first-time home buyer.”

Third, previous purchases of a single family residence are only disqualifying if they were in Oklahoma!  If someone lived and owned property in another state previously, it’s the dawn of a new day when they move to Oklahoma.  They could be a qualified beneficiary of a First-Time Home Buyer Savings Account (let’s call it HBSA, okay?) as they begin anew in our state.  In case you’re wondering, the term “single-family residence” means “a single family residence owned and occupied by a qualified beneficiary as the qualified beneficiary’s principal residence, which may include a manufactured home, trailer, mobile home, condominium unit, or cooperative.”  They get a demerit for using the term in the same term’s definition.  Worse than that, because they have tied eligible costs to the settlement statement under RESPA, it is not entirely clear whether the account could be used in connection with the purchase of an unaffixed manufactured home, trailer, or mobile home.  But the question of whether it’s all about the dirt – or not – is not yours to answer.  It’s between your customer and the Oklahoma Tax Commission.  You are not the Home Buyer Savings Account police!

Fourth, the law doesn’t address a situation where two or more people are purchasing property jointly and only one of them would qualify as a first-time home buyer.  I believe the person who meets the definition of first-time home buyer can be a qualified beneficiary of a HBSA, even if their co-purchaser could not be.  Since only one qualified beneficiary is allowed per account, the person who is qualified could be the beneficiary.  Yes, that would inure to the benefit of the other co-purchaser, who is not a first-time home buyer, but that is simply not a problem.

Let’s look at the tax breaks.  There is a deduction and there is an exclusion.  Every dollar contributed to the HBSA (up to $5,000 if the account has an individual owner or up to $10,000 if a married couple filing a joint return owns the account) can be deducted from the account holder’s  taxable income for Oklahoma income tax purposes per tax year.  Interest earned on the account is excluded from the account holder’s taxable income for Oklahoma income tax purposes.

If someone other than the account holder deposits money into the HBSA, that person doesn’t get any tax benefit.

Can this type of account be maintained forever?  No, there is a limited shelf life.  Fifteen years is the maximum.  Any funds in a HBSA that are not expended for eligible cost by December 31 of the last year of a fifteen-year taxable period must thereafter be included in the account holder’s taxable income.

There is also a dollar amount cap on the tax break.  An account holder may claim the deduction and exclusion for an aggregate total amount of principal and earnings not to exceed $50,000.  So, that’s up to $5,000 per calendar year (or $10,000 if it is a joint account), up to a max of $50,000.  For whatever reason, the maximum is the same, whether there are individual accountholders or joint accountholders.

The tax breaks are only earned if the principal and earnings of the account remain in the account until a withdrawal is made for eligible costs related to the purchase of a single-family residence by a qualified beneficiary.  If the accountholder ends up wanting or needing to use the funds for some other purpose – poof goes the tax deduction and exclusion.

What are “eligible costs”?  The down payment and allowable closing costs.  Hmmm.  So what are “allowable closing costs”?  They include any “disbursement listed on a settlement statement for the purchase of a single-family residence in Oklahoma by a qualified beneficiary.”  The term “settlement statement” is a specially defined term.  It means “the statement of receipts and disbursements for a transaction related to real estate, including a statement prescribed under the Real Estate Settlement Procedures Act of 1974, 12 U.S. C. 2601 et seq., as amended, and regulations thereunder.”  What prevents this old moldy reference from being a fatal flaw (in my opinion, and remember that I am not wearing any kind of judicial robe) is that it says “including a statement prescribed under…”  It is an example, an option.  It is not the exclusive document – which is a darn good thing, since RESPA has been displaced as the source for the closing papers.

Can your bank charge a fee for the HBSA?  Yes, and it can be deducted from contributions to the account.

What if the customer dies?  If the accountholder dies, the funds are handled according to the deposit account agreement and law.  If it is a joint account with right of survivorship, the surviving joint tenant becomes the owner by virtue of the survivorship provision in the contract and the account can still be used as a HBSA, but the tax break will max out at $5,000 per year thereafter, rather than $10,000.  Can an account like this have POD beneficiaries?  I see nothing to prevent that because from the financial institution’s standpoint, it is a plain vanilla savings account.  The customer might not even inform you that it is being used by them as a HBSA!  If the customer designates one or more POD beneficiaries, the funds would be paid out to them as normal under Section 901 of the Banking Code.  If the sole accountholder (or sole remaining accountholder) has NOT designated POD beneficiaries, then it’s like any other instance where an individual account owner dies and there are no beneficiaries.  The funds would belong to the estate of the deceased depositor.  It would then either need to go through probate, or if the amount was under $50,000 and the individual did not leave a will, the heirs could get the money after submission of a proper affidavit of heirs under Section 906 of the Banking Code.  If probate is not desired and Section 906 won’t work, the other alternative is for the heirs to see if the other small estate provision – the one in Title 58 of the Oklahoma Statutes, Section 393 – could be applied.

Um, how about the qualified beneficiary if the accountholder is not the beneficiary and the accountholder dies?  Basically, too bad, so sad.  The funds do not pass to the qualified beneficiary.  The funds don’t get held in some sort of limbo waiting for the qualified beneficiary to purchase a house.  They are simply an asset of the dead accountholder’s estate – or property of POD beneficiaries, if there are any.  The Tax Commission takes a hickey, too, to the extent of any tax break the accountholder had already received.  If you know the account is a HBSA and the accountholder is saving the funds for someone else who is a qualified beneficiary, you might want to explain that they have the option to designate the qualified beneficiary (or anyone else) as POD beneficiary.

We think this new account will be very popular!

CFPB supervisory highlights

By Andy Zavoina

The CFPB released its latest Supervisory Highlights in mid-September. This series of documents provides information on enforcement and supervisory actions based on the Bureau’s findings in compliance examinations. The most recent issue covers exam findings between December 2018 and March 2019. Areas of interest included auto loan originations, credit cards, and debt collections. Reviewing the CFPB’s findings is like listening attentively at an exit review after an exam. There are comments on things that were wrong – violations of law – and comments on things that a bank may want to consider twice before doing it again. Often you hear hints about practices that are subjective and sometimes those same practices are major points in the next exam.


The CFPB expands on the FTC Act’s “UDAP” provisions to add a second “A” for “abusive” acts. The Bureau considers an act or practice abusive if, among other things, the practice takes unreasonable advantage of a consumer’s lack of understanding of the material risks, costs, or conditions of a product or service. In this issue of Supervisory Highlights, the product under discussion is Guaranteed Asset Protection (GAP) insurance, which is often sold but thought by many to be over-priced insurance, especially when compared to a policy purchased directly from an agent rather than as part of a purchase transaction from a vehicle dealer.

GAP coverage is intended to bridge the gap between the collateral’s actual value and the loan amount when the Loan to Value (LTV) ratio is high. Many borrowers have minimal down payments and finance most of the cost of a vehicle. If there is an accident or theft and the vehicle is damaged or stolen, GAP helps pay what the auto insurance does not, based on the value of the vehicle.

What the CFPB found was that lenders sold GAP coverage to borrowers with low LTVs. In these cases, the borrower is paying a high premium for coverage which is not necessary or is of minimal value. By buying this coverage, the consumer is deemed to have demonstrated that “lack of understanding” about a financial product mentioned above. The Bureau felt the lenders took “unreasonable advantage of the consumers’ lack of understanding of the material risks, costs, or conditions of the product.” Yes, this means the financial institutions were found to have violated UDAAP principals. Like an investment professional, lenders need to determine if a product or service is a good fit for the consumer and the loan circumstances warrant the product or service. Some lenders are instead focused on the value of the sale and the income being generated, instead of consumer protections. These lenders have now taken remedial actions to help cure their UDAAP problems – reimbursing consumers for the premiums for GAP coverage they should not have been sold.

What could your bank do to avoid being accused of “abusive” GAP-sales practices? It could ensure lenders are trained to do what is best for the consumer and the bank. Often there is little or no consideration for the consumer as the emphasis is on retail sales. There should be a minimum LTV ratio established below which GAP coverage is not warranted or sold. That’s the message the Bureau sends to the industry with its discussion of overzealous GAP insurance sales, and the lesson to be learned from the mistakes of the lenders whose practices were described in that discussion

Credit cards

Triggering and triggered advertising terms

A basic tenet in compliance is that things like disclosures and advertisements must be “clear and conspicuous.” What the CFPB found in some credit card advertisements were triggered terms that were not clear or conspicuous. This is valuable information for us because we don’t hear a lot of guidance when it comes to advertising, and here the Bureau is discussing enforcement actions.

As a reminder, Regulation Z section 1026.16(b) has triggering terms for advertisement for open-end credit, and the terms that must be disclosed when the triggering terms are used:

When any of the following “triggering” terms is included in an ad—

  • The periodic rate used to compute the finance charge or the annual percentage rate;
  • A statement of when the finance charge begins to accrue, including the “free ride” period (if any);
  • The method of determining the balance on which a finance charge must be imposed;
  • The method of determining the finance charge, including a description of how any finance charge other than the periodic rate will be determined; and
  • The amount of any charge other than a finance charge that may be imposed as part of the plan.

then the following “triggered” information must also be included—

  • Any minimum, fixed, transaction, activity or similar charge that could be imposed;
  • Any periodic rate that may be applied expressed as an “annual percentage rate” using that term or the abbreviation “APR;”
  • If the plan provides for a variable rate, that fact must be disclosed; and
  • Any membership or participation fee.

We are often asked, “can we make the triggered disclosures via a link when using online ads?” The answer is yes. Both Reg DD and Reg Z allow a bank to show the disclosures, clearly and conspicuously, on the ad with the triggering terms, or to have them one-click away. But just as the triggered disclosures must be clear and conspicuous, so must the link to them if that is how they are to be viewed. What the Bureau found was that one or more lenders made consumers click on links that were neither clear nor conspicuous, and then navigate through an online application before being able to see the triggered disclosures. And the application was eight pages long!

When is the last time you reviewed your online advertising?

Offsetting payments

Another credit card issue was offsetting payments. Generally, Reg Z prohibits setoff from a consumer’s deposit account for a credit card debt (See sections 1026.12(d) and 1026.12(d)(2)). Offsets are permitted, but there must be an affirmative agreement with the consumer and it must be in account opening disclosures. Simply saying the bank has the right to setoff will not meet the requirements of the regulation and commentary. For a security interest to qualify for this exception, the consumer must be aware they are granting a security interest, that it is a condition for getting the credit card and they must specifically intend to grant a security interest in the deposit account. This is often done on deposit-secured card accounts.

The Bureau found violations of these requirements. Without proper training and careful labeling of past-due credit card accounts, a collector may believe “he who has the gold, makes the rules,” and that setoff is the right thing to do for a past due account. Have your collectors (and any third-party collectors you use) been trained about the rule against setoff of past due credit card payments? Do you carefully label such accounts so your collectors will know the accounts don’t allow setoffs?

Speaking of secured credit cards, another UDAAP finding was that some secured credit card lenders made false claims that so long as the account was in good standing, after a stated period the secured cards would become unsecured cards. But the card issuers were not releasing their security interests in the accounts.

Yet another credit card issue was found that relates to the “D” UDAAP (for “deceptive”). An act or practice that is “deceptive” includes any practice which “(1) misleads or is likely to mislead the consumer; (2) the consumer’s interpretation is reasonable under the circumstances; and (3) the misleading act or practice is material.” What the CFPB found was that, “…credit card issuer(s) misled or were likely to mislead consumer credit card holders by sending collection letters that suggested that the issuer(s) could repossess consumers’ automobiles, or foreclose on homes, securing loans or mortgages owned by the issuer(s). In fact, the issuer(s) did not repossess any vehicles or foreclose on any mortgages in connection with delinquent credit card accounts, and it was against the policies of the issuer(s) to do so.” So idle threats were made which had no basis of reality and it was a fear tactic which would also violate the Fair Debt Collections Practices Act.

While the UDAAP violations cited in the report involved credit card debt, the principle can apply to other collection activities as well.

Credit reporting (furnishing)

Entities that report information to credit bureaus have certain responsibilities under the Fair Credit Reporting Act. One of those responsibilities is to investigate disputed information. The Bureau found some credit reporters failed to investigate disputes in a timely manner or failed to even complete an investigation.

Remedial action for these violations includes establishing and implementing enhanced monitoring activities, approving policies and procedures that will include compliance with furnisher-specific requirements, and providing validation of all corrective actions.

Summing up

At the end of the day, a bank’s management and compliance officer should ask themselves if any of the issues described in the Bureau’s Supervisory Highlights could apply to their bank and the products and services it offers. Does your bank offer any of the products or services mentioned by the Bureau? Is your bank (or a third party engaged on its behalf) involved in any of the acts or practices cited by the CFPB as a problem? If so, take corrective action before your regulator finds similar problems in an exam.

December 2019 OBA Legal Briefs

  • These OREOs are no treat!
  • Privacy: It’s for bank info, too
  • Managing returns of duplicate payments

These OREOs are no treat!

By Andy Zavoina

The Office of the Comptroller of the Currency (OCC) issued an enforcement order against Citibank, N.A. in October 2019 and imposed a $30 million civil money penalty because it violated the holding period allowed for the Other Real Estate Owned (OREO) — the real property on which it had foreclosed, but not disposed of.

Each regulatory agency has its set of rules for this. 12 U.S.C. § 29 and 12 C.F.R. § 34.82 provide that a national bank cannot hold OREO for a period longer than five years. I have seen exceptions to this in the past based on the bank’s efforts to maintain the property and actively offer it for sale and on the real estate market the property is in. Files must be well documented and organized explaining what the bank has done, what it is doing and what the projections are for the property. That was not the case at Citibank, according to the OCC’s order.

In this case the bank had more than 200 instances in which the allowed holding period was exceeded between April 2017 and August 2019. The OCC Consent Order (AA-EC-2019-67) indicates that the bank had reviewed its processes and its portfolio of OREO as early as 2015 and identified these violations. However, the bank failed to implement a cure process. The OCC noted that the bank had deficient controls over and monitoring of the OREO portfolio and “lacked adequate policies, procedures, and processes to effectively identify and monitor the holding period for OREO assets.”  After the early identification in 2015, the bank indicated it was committed to correcting the deficiencies and it requested extensions to the holding periods. But these requests were not timely and in fact resulted in additional violations.

In April 2017 the OCC formerly told the bank its OREO internal controls were still decentralized, ineffective and inadequate.  Since then the bank continued to request holding period extensions. The bank made continued promises but failed to meet its goals.

As a result, the bank was ordered to pay a civil money penalty of $30,000,000.

As is often the case with “issues” in general, whether they be compliance, or safety and soundness oriented, examiners identified problems or confirmed a self-identification of them and agreed to a committed solution. But when a bank fails to meet the accepted cure and time benchmarks, the problem is only exacerbated. Without senior management’s involvement and communication with the board, the necessary resources may not be made available or other complications may arise. In those instances, continued communications (think updates) with the bank’s regulatory agency are vital. What has changed, and what can be done to get the cure process back on track must be discussed. In the case of the CMP above, this communications effort appears to have failed and repeated warnings were not adequately addressed.

Let’s revisit some basics of OREO management and suggest that each bank should ensure any OREO it has is being correctly managed and there are alarms set to go off so that the proactively handles its portfolio and has no need to reactively request an extension when it is then too late to do so.

As the bank assumes ownership of the property one of the first steps it should follow is to take physical control of the property. Just as the bank demands insurance on collateral it loans on, it should similarly have coverage for its own property to adequately insure itself for all the risks it needs to mitigate. It needs to assess the current situation, including whether there are tenants in the property, whether the former owner is one of those tenants, and whether evictions will be required (if they are even allowed) or will this be an income producing property, or both? The condition of the property must be evaluated and there may be needed improvements required. If the bank is stepping into the prior owner’s shoes, it needs to understand if there are required leasehold improvements or developer’s obligations it must adhere to. Are there any environmental hazards that must be addressed such as underground fuel tanks, or any other safety issues that pose a greater liability to the bank and were not addressed by the prior owner? Will the bank manage this property or outsource this to a property management company? A current appraisal and market analysis indicating the expected holding period is a must.  A management company can not only collect rents and advertise space available, but also prioritize any list of needed improvements and have them done. Outsourcing is not always necessary but may be especially helpful on commercial properties. There is no single set of rules as the bank’s condition and familiarity with the property and the market it is in will help dictate what needs to be done. This is a key reason all banks should have guidance established in advance in the form of a policy and procedure on the handling of OREO.

Understanding the property and the bank’s obligations will be vital to the management and sale of the property as well as its value. If the property has rental spaces, having those profitably filled will make selling it as an ongoing concern easier. If clearing out tenants, renovating and using the property for a different purpose makes more sense, planning must be done in advance.

While the bank may be anxious to sell the property immediately, could there be any advantages to holding the property for a period of time? This could be an issue if there is an expected development of nearby property that could increase the value of this OREO now owned by the bank. That could represent a gain on sale and income for the bank.

In addition, once the bank has the property, it needs to determine if the bank itself will hold title or transfer ownership to a holding company or separate entity created for this purpose. There may be benefits financially and for accounting purposes that need to be explored. This is the bank’s decision.

For example, assume that the bank has ownership of a single-family residence and wants to sell the property because it is vacant. How recent is the appraisal, has the area changed since the last appraisal, and should it obtain a new one now or update the existing appraisal so it has a firm idea of what it will sell for? A Realtor may conduct a market analysis to assist in this valuation. A property inspection is also advised. The bank wants to ensure it has clear title, understands the value of the property and as the owner, determine when it is best to offer it for sale. Again, prioritize any repairs or improvements that facilitate the sales goal and the asking price of the property. Evaluate the sale “as-is” and with improvements, balancing the costs and time to hold the property. Document all these efforts and the Realtor’s opinion of the market trends in this area.

Remember that 12 C.F.R. § 34.82 requires a national bank to dispose of OREO “at the earliest time that prudent judgment dictates but not later than the end of the holding period (or an extension thereof) permitted by 12 U.S.C. 29.” Other agencies will have similar rules. The paper or virtual OREO checklist the bank uses should start with the date the property is acquired. That is the key date for the five-year holding period.

According to the OCC’s OREO handbook, the property’s value should be “recorded at the fair value of the property, less the estimated cost to sell and this amount becomes the new cost basis of the property. The amount by which the recorded amount of the loan exceeds the new cost basis is a loss and must be charged to the allowance for loan and lease losses (ALLL). The recorded amount of the loan is the loan balance adjusted for any unamortized premium or discount and unamortized loan fees or costs, less any amount previously charged off, plus recorded accrued interest.” While rare, there could be a gain when the OREO is booked. Before recording a gain, verify the values.

Your regulatory agency’s OREO exam guide may indicate when a new independent appraisal or evaluation is required. The guidance may also indicate how often a new valuation is needed, as updates may be required depending on the circumstances.  The OREO must be carried at the lower of cost or fair value, less the estimated cost to sell. Any changes in the valuation or sale costs should be well documented.

Remember that, as the property owner, income and expenses for the OREO are included in the Call Report as income and expenses. These do not get added to or subtracted from the amount the OREO is booked for. It is easy to see a bank apply rental income against the booked value and hedge its bet as to the sales amount or to reduce pressure to force a sale. But that would be inappropriate even if it were later seen as a gain on sale.

When the end of the five-year holding period approaches, the bank may request one or more extensions. In total they can be five years, which would be a total of 10 years for the bank to have liquidated the property. The bank must be able to demonstrate that it has made a good-faith effort to dispose of the property within the initial five-year period or that disposal of the property within that initial period would be detrimental to the bank. Discussion with the bank’s regulatory agency well in advance of the expiration of the current holding period would be advised and the agency can provide an idea of the time required for an extension approval.

When it comes to OREO, whether the bank has no properties currently, or many, each bank should ensure it is prepared. There are many nuances as to valuations, what an asset’s value is booked as, the handling of income and expenses, how a gain or loss will be accounted for, as well as the management of the property. One goal – sell the property – should always be on the forefront. And as is common in the loan area, document, document, document. The bank must have processes in place, and those processes must be periodically verified to ensure they follow regulatory requirements and are working. If your bank acquires another bank, how was the OREO handled by the acquired bank and have the OREO files been reviewed? We have already established 30 million times that examiners are serious about this.

Privacy: It’s for bank info, too

By Andy Zavoina

You may have heard the phrase “loose lips sink ships,” which was widely used during World War II. It meant that even saying something that seemed harmless in the wrong area and overheard by others could lead to a catastrophe, especially when combined with other bits of information. In some cases, the ship that gets sunk could be a bank employee. All employees need to be reminded that privacy of information gained in the day-to-day work environment extends beyond a customer’s non-public, private information.

There were two separate OCC enforcement actions that were taken in September and October 2019 and made public in November. The first involved Amie Dorman (AA-EC-2019-50). She was working for Morgan Stanley Private Bank, N.A. out of Salt Lake City, Utah, and Morgan Stanley Bank, N.A. out of Purchase, New York.

Dorman was Executive Director of the Global Regulatory Relations Group at Morgan Stanley from approximately September 2014 to August 2017. In that capacity she was provided non-public OCC information concerning the banks and was involved in the banks’ responses to regulatory concerns and supervisory findings. This meant she genuinely participated in the affairs of the bank and is subject to rules concerning what she knew. When she left Morgan Stanley in 2017 Dorman, “retained confidential Morgan Stanley documents, of which at least 18 contained non-public OCC information regarding one or both Banks” as noted in the enforcement action.

She was later employed by another bank where some of those confidential documents were not only stored, unsecured, but also used. Quoting from the OCC order, “Respondent utilized documents containing non-public OCC information and kept the documents unsecured in her office, thereby disclosing them.” Does this mean that by having the documents in her office they were considered “disclosed” or that she used some of this information and that was in fact the disclosure? The answer may be academic as there should be no reason for an employee to leave one bank with confidential information and documents from that bank’s regulator, specific to that bank.

This was considered a violation of 12 CFR § 4.36(d), which protects information that the OCC need not even reveal under a Freedom of Information Act request, or information that has not yet been published. This type of information generally includes information on the supervision, licensing, regulation, or examination of a bank, an investigation or enforcement action, bank information and information about a third party.

I can’t speculate on what information was shared, or retained and stored, or how it drew the attention of the OCC. But I can visualize a person’s new bank trying to capitalize on a new hire’s experience or that new hire offering information as a demonstration of what an asset they can be. Perhaps remembering concepts in general should be enough without documentation to back it up. Dorman was ordered to pay a civil money penalty of $7,500.

That seems like an isolated case. But remember there were two separate but similar orders here. The October Consent Order (AA-EC-2019-49) involves Roseann McSorley, a former Managing Director and Chief Administrative Officer of Oversight and Controls at JPMorgan Chase Bank, N.A. Columbus, Ohio.

In this case the OCC was initiating a CMP under 12 CFR § 4.32(b) based on its findings that McSorley disclosed some confidential OCC information involving JPMorgan Chase, which she left in 2016, while employed at a new bank. Documents containing non-public OCC information on her old bank were made available to one or more employees during meetings or discussions, and she shared them via text message. To complicate matters, McSorley was questioned twice by bank investigators about having JPMorgan Chase documents and she denied having any. The bank tried to retrieve its documents. McSorley initially did not respond, but eventually did return them. As in the prior case a CMP was assessed, this time for $35,000.

Bank employees, especially officers, often have confidential information about their bank or can access it. When leaving one bank for another, they may assume there is no loyalty to the former employer and that the experience and knowledge they gained is their “property.” These two cases contradict that thought process and remind us that confidential information about a bank is confidential! It is not to be shared. Documents, whether on paper or electronic, are not the property of an employee, former or otherwise, and are not to be taken from the bank.

Perhaps these are good training examples for an employee meeting, reminding all staff of the restrictions on them and the need to respect the privacy of the bank as well as that of customers. And don’t forget senior management when providing that training. The two individuals to whom the OCC issued these enforcement actions appeared to have significant roles at their respective former banks.

Consider also that your bank’s Ethics Policy should address the importance of maintaining the confidentiality of non-public regulator information and other bank information in general.

Managing returns of duplicate payments

By John S. Burnett

When a bank’s customer writes a check, it’s the customer’s intention that the payment ordered by the check be completed once – and only once – to the payee and for the amount identified on the check. But in today’s multichannel payment environment, in which a check can be presented in its original form, as an ACH check conversion item, or as a remote-deposit or mobile-deposit captured image, the potential for multiple presentments of the payment order have increased, much to the frustration of both the check issuers and the depositary and paying banks involved.

The reason for the increase in multiple presentments is found in the fact that whenever a check is converted into an ACH entry or truncated when deposited as an image, the check itself isn’t given to the banking system in order to collect the funds represented by the check. Instead, checks that are converted to ACH entries (e.g., ARC or BOC check conversion entries) or deposited as images using merchant remote deposit capture (RDC) equipment or deposited as mobile deposits remain with the person (merchant or individual) making the deposit. The security for the original checks can range from strict to lax, depending on the merchant and controls on that security required by the originating depository financial institution (ODFI) for ACH conversions or truncating bank in the case of RDC deposits. In the case of mobile deposits, especially mobile deposits by consumers, the security is virtually non-existent. Whether through dishonesty or mistake, these checks have the potential for being used more than once. And mobile deposits have the biggest potential for “double dipping” as a percentage of total mobile deposits processed.

Terms: For the remainder of this discussion, I will use “ACH” to mean any check conversion entry to ACH format, “check” to mean a check deposited in paper form at a depositary bank,  “image” to mean a check that’s been captured and deposited as an image, and “truncating bank” as the depositary bank that accepts that image.

Returns by the midnight deadline

Much has been done by the Federal Reserve, clearinghouse associations, third-party processors, and in-house systems to detect duplicate presentments of different forms of the same original item whether they occur on the same processing day or on different days.  If yours is the paying bank, and you or your third-party processor identifies a duplicate payment in time to return it by your midnight deadline (if it’s a payment of a “check” or of an “image”) or in time to meet the return deadline for the returned “ACH” to be available to the ODFI by the start of business on the second banking day following the Settlement Date for an ACH, you are in the best position. It’s a standard, no-hassle process for check or ACH returns.

If it’s a “check” or an “image” you are returning, you handle it as you handle any other check return but use the ‘Y’ return reason code to indicate it’s a duplicate presentment. The other presentment (the one you aren’t returning) can be an ACH conversion entry for the same check, an “electronic check” or a “check.” If both the first and second presentment occur on the same day, pick one to be paid and return the other.

If you need to return an ACH that’s a duplicate presentment, use the R39 return code (improper source document/source document presented for payment) if an ARC, BOC or POP ACH entry and the source document to which it refers have both been presented for payment and posted to the Receiver’s account. You don’t need a Written Statement of Unauthorized Debit (WSUD) to make this return.  How can such a duplicate payment occur? A merchant could mistakenly (or fraudulently) run a check or checks through his MICR-capture equipment to initiate the ACH entry or entries and deposit the original checks, too.

After the midnight deadline

Even with all the system enhancements at many levels to detect duplicate presentments, there are some that make it to the paying bank undetected.  There is a “grace period” allowed for identifying and returning them, but it can vary depending on the type of payment. These returns aren’t as straightforward as those completed before the midnight deadline.

Clearly, once you’ve paid one presentation of the check item, your customer should not be charged for a subsequent presentation, regardless of the form it takes (“ACH,” “check” or “image”).

The UCC and checks or images that are duplicate payments

Under UCC section 4-406, your customer “must exercise reasonable promptness” in examining account statements and/or items to identify any payment that was not authorized because of an alteration or because a purported signature by or on behalf of the customer was not authorized. That would include a duplicate payment of an authorized item (the first payment was authorized; the second wasn’t).  If the customer identifies a second payment of the same item that hasn’t been reversed and the item returned, UCC section 4-406(c) provides that the customer must “promptly notify” the bank. Your account agreement may include language defining “reasonable promptness” and “promptly notify.”  If the customer fails to notify the bank of a duplicate payment within one year after the statement or items are made available to the customer showing that payment, the customer loses the right to make the claim. Whether the bank is responsible to the customer is a matter of law and contract, not related to whether the bank can return the item in question.

Note that ARC, BOC and POP entries are EFT items  under Regulation E when a consumer account is involved, and your consumer customer has rights under Regulation E’s §§1005.6 and 1005.11 that you must comply with if the consumer claims that one of those EFTs was not authorized. The rules under Regulation E aren’t set out in this article but must be followed whether or not your bank is able to return one or more unauthorized ACH items that are EFTs.

Extended ACH return period

If the customer makes a prompt claim, the bank can return an ARC, BOC or POP “ACH” payment within the ACH “extended return period” if the customer provides a WSUD. The extended return period requires that the returned entry be available to the ODFI at the start of the banking day following the 60th calendar day following the Settlement Date of the entry being returned. In these cases, use the R37 (source document presented for payment) return entry when returning an ARC, BOC or POP entry.

If the entry involved is an RCK entry, it is not subject to Regulation E, but is subject to the UCC provision described earlier, and if the customer provides a WSUD, you can use the R53 return code (Item and RCK entry presented for payment) within the ACH extended return period. This entry would be subject to the UCC provision described earlier.

Returning checks and images that are duplicate payments

Federal Reserve Check Services offers an extended adjustment procedure for duplicate payments that are either “checks” or “images.” Other check clearinghouses may have similar procedures, but this discussion outlines the adjustment process offered by the Fed. Refer to the Check Adjustments Quick Reference Guide ( for details of the process, which varies depending on the level of Check Services a bank uses.

A Paid Item (“PAID”) adjustment request can be initiated to request a credit entry for an item that is being refused either because it is the original check (or the legal equivalent, i.e. a substitute check, electronically created item or image received in as cash or return letter or a photocopy and the other item has already paid (the same day or earlier).  If you make the claim within 6 calendar months of the cash letter date of the item, you should receive a same-day credit entry to your bank’s reserve account. The depositary bank will be charged for the item.

If you make your claim after 6 months but within the one calendar year, the Fed will provide information you can use to deal directly with the offsetting institution.

This method cannot be used more than one calendar year after the cash letter date of the item.

If your bank clears checks and receives cash letters from a clearinghouse, investigate whether the clearinghouse provides adjustment services similar to those offered by FRB Check Services.

Finally, we’ll discuss what your bank can do if it has received back an item unpaid, and a remote deposit capture or mobile deposit of a check is involved.

Reg CC’s indemnity provision for “image” returns

Section 229.34(f) of Regulation CC creates an indemnity provision involving “images” of checks captured under RDC and mobile deposit agreements. A depositary bank that—

  • is a “truncating bank” because it accepts deposit of an electronic image or other information related to an original check [a remote-deposit-captured or mobile-deposited check],
  • does not receive the original check,
  • receives settlement or other consideration for an electronic check or substitute check related to the original check, and
  • does not receive a return of the check unpaid

indemnifies a depositary bank that accepts the original check for deposit for losses incurred by that depositary bank if the loss is due to the check having already been paid.

But, the depositary bank may not make an indemnity claim under this provision if the original check it accepted for deposit bore a restrictive indorsement inconsistent with the means of deposit, i.e., it was indorsed using words like “Mobile deposit only” when the check is being deposited at a teller station or drive-up window.

If your bank receives a return of a deposited check due to duplicate payment (and you took the original check for deposit), and you determine that the check was mobile deposited before you took the check for deposit, and cannot recover all of the check amount from your customer, you should contact the paying bank to ask for information on the bank that accepted the mobile deposit. Assuming the check wasn’t already indorsed “for mobile deposit,” or with words to that effect, at the time you took it for deposit, you can make a direct indemnity claim upon the bank that took the mobile deposit of the check, up to the amount of your loss, plus interest and expenses.

See Regulation CC, section 229.34(f) for the indemnity provision and section 229.34(i) for indemnification amounts.

The indemnification provision is imposed on RDC and mobile-deposit accepting banks and in favor of depositary banks taking an original check because RDC and mobile deposits increase the risk in the payment system for losses due to duplicate presentments and payments.

Note that a mobile-deposit accepting bank that has received a mobile-deposited item back unpaid is not subject to the indemnity provision. For example, if the same check is mobile deposited (in order) at Bank A and Bank B and then deposited in paper form at Bank C, and Banks A and C both receive their items back unpaid, Bank B would indemnify Bank C for a loss. Bank A doesn’t provide an indemnity because its item was returned unpaid for duplicate payment. Bank B doesn’t receive an indemnification because it didn’t take the original paper check for deposit.


November 2019 OBA legal briefs

  • Medical marijuana state question 788 and banking issues

Editor’s note: This month’s Legal Briefs section has been ceded to one of the OBA’s strategic partners, McAfee & Taft, to allow their insight on medical marijuana and the resulting banking issues. As a disclaimer, however, the following does not necessarily reflect the views or advice of the OBA, its legal department or its members. It’s simply meant as an opportunity to get more information out from a credible source on an important, timely topic.


by Robert T. Luttrell, III, McAfee & Taft

Generally, bankers are interested in knowing that their customers are not conducting illegal activities. There are legal and reputational risks to the bank otherwise. Because of the recent activity around the legalization of industrial hemp and the ubiquitous sale of its derivative CBD, the following reviews the background of the criminalization of marijuana (and its cousin industrial hemp); to what extent is industrial hemp cultivation, processing and sale legal federally and in Oklahoma; and what legislative relief may coming.


Cannabis was widely used as a medicine in the United States. And hemp was used for its fiber to be used in industrial products. The states and federal government ended that practice with state-level bans and the Federal Marijuana Tax Act of 1937. Since the Controlled Substances Act was enacted in 1970 “marihuana” (which definition included hemp) has been a Schedule 1 drug (Schedule 1 drugs also include heroin and LSD). Consequently, almost any activity involving growing, processing, transporting, possessing or dispensing marijuana is illegal. As is almost any activity related to the proceeds of these activities. Violators are subject to criminal penalties ranging from 10 years to life and fines up to $2,000,000

Nevertheless, the states began to legalize marijuana in some form. Texas was the first state to reduce possession of small amounts of marijuana to misdemeanor status in 1973. This decriminalization phase ran until 1978. California legalized medical cannabis in 1996. Colorado and Washington were the first states to adopt a recreational cannabis regime in 2012. Oklahoma legalized “medical” marijuana in 2018. Now 26 states have decriminalized small amounts of marijuana. This generally means possession is a civil or local infraction or lowest class misdemeanor with no possibility of jail time. Fourteen states and territories have legalized recreational marijuana. Thirty-four states have some form of medical marijuana program.

Then, the federal government legalized industrial hemp grown under certain programs starting in 2014.


On June 26, 2018, Oklahoma approved State Question 788 which added statutes legalizing marijuana. Among other things, it gave the Oklahoma State Department of Health 30 days to develop applications for licenses and post them to its website.

The Oklahoma Medical Marijuana Authority reported that as of October 1, 2019, 205,899 patient licenses (just over 5% of the state’s population and the highest in the country) and 1,434 caregiver licenses had been issued. There were also 4,063 grower licensees, 1,651 dispensary licensees and 1,168 processor licensees.;

Marijuana sales topped $23 million in May, 2019 and the state collected more than $1.6 million in excise taxes and $2 million in state and local taxes. Total state tax collections were almost $10.7 million. This growth has been attributed to low barriers to entry on the commercial side and lack of a requirement to have a specific medical condition on the user side.

A number of legislative enactments followed SQ788 to do things like: decriminalizing possession of small amounts of marijuana (1.5 ounces); cleaning up the language of SQ 788; tightening some of the restrictions; transferring marijuana licensing to a newly created Oklahoma Medical Marijuana Authority; setting rules for the disposal of marijuana waste; setting rules for the disposal of marijuana inventory in the event of death, insolvency, bankruptcy of the license holder and for foreclosure of a security interest or by a receiver; and applying tobacco smoking limitations to smoking marijuana. The principal bill was House Bill 2612, the Oklahoma Medical Marijuana and Patient Protection Act, more commonly called the “Unity Bill”. It became effective on August 29, 2019. See also House Bill 2601; House Bill 2613, Senate Bill 31, Senate Bill 162, Senate Bill 532, Senate Bill 811, Senate Bill 882, Senate Bill 1030. See, 63 Okl. Stat. § 420 et seq. & OAC 310:681-1-1 et seq.

As a result of the passage of so many bills in the same legislative session, there are some inconsistencies that may need to be reviewed in particular cases. For example, Senate Bill 162, Senate Bill 1030, and House Bill 2601 all became effective November 1, 2019 and all amended 63 Okl. Stat §420. Senate Bill 162 and House Bill 2601 both contain the same subsection B reading:

B. Possession of up to one and one-half (1.5) ounces of marijuana by persons who can state a medical condition, but are not in possession of a state-issued medical marijuana license, shall constitute a misdemeanor offense with a fine not to exceed Four Hundred Dollars ($400.00).

However, in Senate Bill 1030, subsection B adds that no prison sentence may be imposed, that only a citation may be issued and that if the violator written promise to answer as specified in the citation, the police must release the person upon personal recognizance. Since these bills became law at the same instant, there is no way to tell whether the restriction on a prison sentence will be applied.

There are a number of commercial marijuana license categories, all of which relate to handling marijuana, although several do not involve growing, processing or dispensing marijuana.

Transportation licenses
Transportation licenses permit the holder to transport marijuana from an Oklahoma licensed dispensary, licensed grower, or licensed processer, to an Oklahoma licensed dispensary, licensed grower, licensed processor, or licensed researcher. Cannabis must be transported in a locked container, shielded from public view, and clearly labeled “Medical Marijuana or Derivative.”

Commercial Establishment License
A commercial establishment license covers dispensary, grower, processor, or researcher and is shall be issued for a period of twelve (12) months.

Medical marijuana waste disposal license
The holder of a Medical marijuana waste disposal license shall be “entitled to possess, transport and dispose of medical marijuana waste.” “Medical marijuana waste” is “unused, surplus, returned or out-of-date marijuana and plant debris of the plant of the genus Cannabis, including dead plants and all unused plant parts, except the term shall not include roots, stems, stalks and fan leaves.” 63 Okl. Stat. §428.

Medical marijuana testing laboratory license
“A medical marijuana testing laboratory may accept samples of medical marijuana, medical marijuana concentrate or medical marijuana product from a medical marijuana business for testing and research purposes only, which purposes may include the provision of testing services for samples submitted by a medical marijuana business for product development.”

The State Department of Health can require medical marijuana businesses to submit samples to a medical marijuana testing laboratory for testing.

Ownership of Licensees
Oklahoma requires that 75% of all principals of a marijuana license holder be Oklahoma residents. That may not be enforceable.

On June 29, the Supreme Court of the United States released its opinion in Tennessee Wine & Spirits Retailers Association v. Thomas, 588 US ___ (2019). Tennessee had a statute requiring all applicants for a license to operate a retail liquor store to have been a resident of Tennessee for 2 prior years, for a renewal license be a resident for 10 years and that all stockholders of corporate applicants be residents. SCOTUS held these requirements violated the dormant commerce clause.

“Under our dormant Commerce Clause cases, if a state law discriminates against out-of-state goods or nonresident economic actors, the law can be sustained only on a showing that it is narrowly tailored to “‘advanc[e] a legitimate local purpose.’”

If we viewed Tennessee’s durational-residency requirements as a package, it would be hard to avoid the conclusion that their overall purpose and effect is protectionist. Indeed, two of those requirements—the 10-year residency requirement for license renewal and the provision that shuts out all publicly traded corporations—are so plainly based on unalloyed protectionism that neither the Association nor the State is willing to come to their defense. The provision that the Association and the State seek to preserve—the 2-year residency requirement for initial license applicants—forms part of that scheme. But we assume that it can be severed from its companion provisions, see 883 F. 3d, at 626–628, and we therefore analyze that provision on its own. Since the 2-year residency requirement discriminates on its face against nonresidents, it could not be sustained if it applied across the board to all those seeking to operate any retail business in the State.”

Even though it is doubtful that the federal courts would deal with this issue, Oklahoma state courts could apply this rule to invalidate the residency requirement. That might become important as the business matures and outside players want to come into the state to acquire existing licensees.

Federal Law

Restraints on Prosecution
Because of the federal law implications, why, then, do people seem to feel comfortable dealing in marijuana or accepting the proceeds from marijuana in payment for product or services or for deposit or as rent? There are a number of constraints on federal agencies respecting their prosecution of marijuana related crimes.

Cole Memo
Under the Obama Administration, the Department of Justice (DOJ) took a forbearance approach to much of the marijuana-related activities (both medical and recreational) rather than pursuing all activities that violate the CSA. In August 2013 the DOJ issued what is known as the Cole Memorandum advising U.S. Attorneys that their offices should focus their limited resources on the following marijuana-related crimes:

A. Preventing the distribution of marijuana to minors;B. Preventing revenue from the sale of marijuana from going to criminal enterprises, gangs, and cartels;
C. Preventing the diversion of marijuana from states where it is legal under state law in some form to other states;
D. Preventing state-authorized marijuana activity from being used as a cover or pretext for the trafficking of other illegal drugs or other illegal activity;
E. Preventing violence and the use of firearms in the cultivation and distribution of marijuana;
F. Preventing drugged driving and the exacerbation of other adverse public health consequences associated with marijuana use;
G. Preventing the growing of marijuana on public lands and the attendant public safety and environmental dangers posed by marijuana production on public lands; and
H. Preventing marijuana possession or use on federal property.

The Sessions Memo
The Federal position changed in January 2018 when the Cole Memorandum was rescinded by Attorney General Jeff Sessions. U.S. Attorneys were advised that the decision on whether to prosecute marijuana-related crimes should be guided by the DOJ’s traditional principles that apply to all criminal prosecutions.

A. Federal law enforcement priorities as established by the DOJ;
B. The seriousness of the crime;
C. The deterrent effect of criminal prosecution; and
D. The cumulative impact of particular crimes on the community.

The DOJ asserts that this merely returned the USAs to the position prior to the Cole Memo and that this does not represent a change. This is the guidance they had before the Cole Memo and, says the DOJ, the Cole Memo was unnecessary.

AG Barr’s Position
During a Senate hearing, William Barr said of the current state of affairs:

“The situation that I think is intolerable and which I’m opposed to is the current situation we’re in, and I would prefer one of two approaches rather than where we are. Personally, I would still favor one uniform federal rule against marijuana but, if there is not sufficient consensus to obtain that, then I think the way to go is to permit a more federal approach so states can make their own decisions within the framework of the federal law and so we’re not just ignoring the enforcement of federal law…. I would like to see Congress address this issue.”

Consolidated Appropriations Act of 2018 (also referred to as the Rohrabacher-Farr Amendment or the Blumenauer-McClintock-Norton Amendment)

Congress used the 2015 and 2016 appropriations bill to further limit enforcement of federal marijuana laws in states that have legalized medical or recreational marijuana. And, like “old Man River” it just keeps rolling along having been continued in appropriation bills or by continuing resolution since. The current version is contained in Consolidated Appropriations Act of 2019 (Pub.L. 116–6) Sec. 537 which was effective until September 30, 2019. Now continued until November 21, 2019 (Continuing Appropriations Act, 2020 (HR 4378) (Pub. L. 116-59 §§101(2) &106(3))

SEC. 537.
None of the funds made available under this Act to the Department of Justice may be used, with respect to any of the States of …Oklahoma… to prevent any of them from implementing their own laws that authorize the use, distribution, possession, or cultivation of medical marijuana.

The same provision is included in the FY 2020 Commerce, Justice, Science And Related Agencies Appropriations Bill §531 which would take the prohibition through 2020. But it also contains a provision (§550) which would restrict funds being used to interfere in any marijuana regime, whether or not medical.

We should note that the term “medical” is not defined in the bills. To be truly “medical,” marijuana would have to have an accepted medical use. The FDA in 2016 found that “[T]he available evidence is not sufficient to determine that marijuana has an accepted medical use.” This means that marijuana has been determined to have “a high potential for abuse,” “no currently accepted medical use in treatment in the United States,” and “a lack of accepted safety for use of the drug or other substance under medical supervision.”

It could be argued that, because of Oklahoma’s lack of a “presenting condition”, there is not enough “medical” in Oklahoma to make the marijuana laws “medical” notwithstanding the name.

Effects of restrictions. lying on these appropriations bills, defendants in several federal marijuana prosecutions in California and Washington moved to dismiss their cases. On August 16, 2016, in United States v. McIntosh, 833 F.3d 1163 (9th Cir., 2016), a panel of the Ninth Circuit held that the appropriations bills entitled marijuana defendants to an evidentiary hearing “to determine whether their conduct was completely authorized by state law, by which we mean that they strictly complied with all relevant conditions imposed by state law on the use, distribution, possession, and cultivation of medical marijuana.” The panel deferred to the district courts on remand to decide what remedy would be appropriate, noting the transitory nature of the potential relief

Pending Legislation.

Safe Banking Act of 2019
The “Secure And Fair Enforcement Banking Act of 2019”, HR 1595 (“SAFE Banking Act of 2019”) was passed by the House on September 25, 2019 on a vote of 321 to 103 and has been referred to the Senate. It does not legalize marijuana. It restricts action which can be taken against depository institutions and ancillary business that deal with marijuana related firms. To obtain the benefits of the Act, the covered entity must be dealing with a “Cannabis-Related Legitimate Business”. That is,

“a manufacturer, producer, or any person or company that—

(A) engages in any activity described in subparagraph (B) pursuant to a law established by a State or a political subdivision of a State, as determined by such State or political subdivision; and

(B) participates in any business or organized activity that involves handling cannabis or cannabis products, including cultivating, producing, manufacturing, selling, transporting, displaying, dispensing, distributing, or purchasing cannabis or cannabis products.” §14 (4).

Cannabis is “marijuana” as defined in the CSA A cannabis product is “any article which contains cannabis” §14(2) & (3).

In respect to a customer of a depository institution that is a cannabis-related legitimate business, federal banking regulators may not:

1. take adverse action related to deposit insurance,
2. discourage the offering of financial services, or
3. take adverse or corrective supervisory action on a loan.

For ancillary businesses, proceeds from a transaction involving activities of a cannabis-related legitimate business are not considered proceeds from an unlawful activity.

Depository institutions, insurers and their officers, directors and employees, cannot be held liable under any federal law for providing financial services to a cannabis-related legitimate business.

Collateral is not subject to forfeiture.

The FinCEN is required to issue SAR related guidance and examination procedures consistent with the Safe Banking Act.

Federal banking regulators must:

1. confirm “the legality of hemp, hemp-derived CBD products, and other hemp-derived cannabinoid products, and the legality of engaging in financial services with businesses selling hemp, hemp-derived CBD products, and other hemp-derived cannabinoid products,” and

2. “provide recommended best practices for financial institutions to follow when providing financial services and merchant processing services to businesses involved in the sale of hemp, hemp-derived CBD products, and other hemp-derived cannabinoid products.”

The Strengthening the Tenth Amendment Through Entrusting States Act has been introduced in the Senate. It would return to the states and Indian tribes the right to control the “manufacture, production, possession, distribution, dispensation, administration, or delivery of marihuana.” It has gone nowhere.

Where does industrial hemp and it derivative CBD fit?

The most movement has been in regard to industrial hemp.

Hemp Specific Legislation
The Agriculture Improvement Act of 2018 (Public Law 115–334) (the “2018 Farm Bill”) became law on December 20, 2018. The Agricultural Act of 2014 (P.L. 113-79) (“2014 Farm Bill”) was became law on February 7, 2014. Both have provisions relating to hemp. Both define industrial hemp as:

the plant Cannabis sativa L. and any part of that plant, including the seeds thereof and all derivatives, extracts, cannabinoids, isomers, acids, salts, and salts of isomers, whether growing or not, with a delta-9 tetrahydrocannabinol concentration of not more than 0.3 percent on a dry weight basis. (7 USC §§ 5940 and 1639o).

Exclusion from the definition of marijuana?
On the federal level, the 2018 Farm Bill excludes hemp from the definition of marihuana in the CSA with no apparent restriction on how or where it is produced. This raises an interesting issue in that hemp production is only permitted under the 2014 Farm Bill under a state pilot program and under the 2018 Farm Bill in accordance with a USDA plan or an approved State or tribal plan. The 2014 Farm Bill authorization remains in effect until one year after the USDA adopts its rules. Hemp may be produced under the 2014 Farm Bill notwithstanding the CSA, but is not excluded from the definition of marijuana by that bill. It appears that the 2018 Farm Bill declassified industrial hemp grown under the 2014 Farm Bill as well as that grown under the 2018 Farm Bill. There are penalties in the 2018 Farm Bill for cultivating hemp not in conformance with a plan. But there are none in the 2014 Farm Bill because before the 2018 Farm Bill that would have made the hemp grower subject to the CSA. One of the penalties in the 2018 Farm Bill is the referral of the offender to the Attorney General of the United State and, in Oklahoma, the state Attorney General. There seems to be no reason to do this if there are no penalties except loss of privileges under the program. But, there do not seem to be any.

In Oklahoma, industrial hemp is excluded from the definition of marijuana under certain circumstances.Two amendments to the definition of marijuana in 63 Okl. Stat. §2-101(23)(h) were adopted in the last legislative session which cloud the matter. One was by Laws 2019, SB 868, c. 91, § 10, emerg. eff. April 18, 2019 (“Version 1”) and by Laws 2019, SB 848, c. 428, § 16, emerg. eff. May 21, 2019 (“Version 2”). They both exempt “industrial hemp” from the definition of marijuana.

Version 1 exempts “h. industrial hemp…and any part of such plant…which shall only be grown pursuant to the Oklahoma Industrial Hemp Program and may be shipped intrastate and interstate.”

Version 2 exempts “h. industrial hemp… and any part of such plant…which shall not be grown anywhere in the State of Oklahoma but may be shipped to Oklahoma pursuant to the provisions of subparagraph e or f of this paragraph.”

Since Version 2 became effective last, it seems that industrial hemp grown in Oklahoma is not exempt from the definition of marijuana in Oklahoma. I am confident that this is not what the Legislature intended. But, I think because of the effective dates of the Acts, this is what happened. I have been told that this will be cleaned up next session. I don’t know how a court would handle this in the interim. It is inconsistent to have an Industrial Hemp Pilot Program to grow hemp in Oklahoma and have penalties for growing hemp in Oklahoma.


“Retail sales of industrial hemp and hemp products may be conducted without a license so long as the products and the hemp used in the products were grown and cultivated legally in this state or another state or jurisdiction and meet the same or substantially the same requirements for processing hemp products or growing hemp.” 63 Okl. Stat. §1-1431(C).

Transportation of hemp and hemp products produced under the 2018 Farm Bill can be transported through any state or Indian Tribal lands whether or not legal in that jurisdiction. §10144. Except that, as noted above, the only authority to transport Oklahoma hemp is in the version of 63 Okl. Stat. §2-101(23)(h) first effective, now repealed.

2018 Farm Bill

The hemp grower must be licensed in an USDA approved state or Indian tribal plan or, absent such a plan, by the USDA under a plan established by the USDA. The USDA published its Interim final rule effective on October 31, 2019. The USDA will continue to receive comments and you should expect the rules to change. Some interesting items in the rule:

1. Samples for testing must be collected with 15 days of anticipated harvest. Oklahoma has not set a schedule and Washington has a 30 day schedule and has trouble meeting it.
2. Sampling must “be sufficient at a confidence level of 95 percent that no more than one percent (1%) of the plants in the lot would exceed the acceptable hemp THC level.
3. The “Acceptable Hemp THC level” could test above .3% THC and still be hemp depending on the confidence level of the test. The USDA is considering establishing a hemp laboratory approval process for this reason.
4. Hemp testing a 0.5%THC or below will not be subject to action under a plan. Nevertheless, hemp testing above .03% must be collected and destroyed by a person authorized under the CSA to handle marijuana.

Oklahoma has adopted an Industrial Hemp Program and a set of rules. But, it has not been approved by the USDA. So, Oklahoma is still operating under the 2014 Farm Bill.

2014 Farm Bill

The 2014 Farm Bill authorized state pilot programs to “study the growth, cultivation, or marketing of industrial hemp.” Oklahoma authorized such a program. 2 Okl. Stat. §3-401 et seq. Colleges are authorized to contract for the production of hemp. The OSDA licenses the operation. The license application shows the intended use and disposition of the crop. So, to determine if the industrial hemp is being grown in accordance with the Oklahoma Pilot Program it is necessary to:

Review the license,
Review the license application,
Ensure that the activity is taking place on the described real estate,
Ensure that the activity is covered by the license,
Review any test reports’ and
Review harvest reports.

Hemp in Oklahoma is eligible for crop insurance.

What about CBD?
There are least 113 cannabinoids in the plant Cannabis sativa L. The most well known is (was?) delta-9 tetrahydrocannabinol (“THC”) which is the principal psychoactive constituent of cannabis (and a controlled substance on its own divorced from the marijuana plant). One of others, Cannabidiol (“CBD”), is reputed to have medicinal qualities. The FDA has approved a CBD containing prescription drug, Epidolex, for the treatment of two seizure conditions: Dravet syndrome and Lennox-Gastaut syndrome.

CBD being an extract of the “marihuana” plant is, along with THC, a Schedule 1 Controlled Substance and cannot be legally grown, processed or sold. That is, unless the CBD isn’t a Schedule 1 Substance.

CBD (and, hence, CBD oil) is not a Schedule 1 substance if it is made from industrial hemp. Oklahoma has made industrial hemp farming legal. So have a number of other states. Assuming away for a moment the conflicting amendments and assuming that a court holds or the legislature confirms that Version 1 applies, CBD oil derived from industrial hemp is not a controlled substance under certain circumstances.

There are some obvious problems. The 2014 Farm Bill is silent on how to obtain or transport hemp seeds. The 2014 Farm Bill does not define “research”. The 2014 Farm Bill does not specifically address the legality of hemp’s constituent compounds such as CBD.

Colorado CBD as an example

Oklahoma Version 1 of 63 Okl. Stat. § 2-101(23)(h) would make Colorado CBD not legal because is was not a “part of such plant…grown pursuant to the Oklahoma Industrial Hemp Program.”

Oklahoma Version 2 would make Colorado CBD not legal because is was not “shipped to Oklahoma pursuant to the provisions of subparagraph e or f of this paragraph.”

And for CBD, it may be shipped into the State only under e & f.

“e. for any person participating in a clinical trial to administer cannabidiol for the treatment of severe forms of epilepsy pursuant to Section 2-802 of this title, a drug or substance approved by the federal Food and Drug Administration for use by those participants,

f. for any person or the parents, legal guardians or caretakers of the person who have received a written certification from a physician licensed in this state that the person has been diagnosed by a physician as having Lennox-Gastaut Syndrome, Dravet Syndrome, also known as Severe Myoclonic Epilepsy of Infancy, or any other severe form of epilepsy that is not adequately treated by traditional medical therapies, spasticity due to multiple sclerosis or due to paraplegia, intractable nausea and vomiting, appetite stimulation with chronic wasting diseases, the substance cannabidiol, a nonpsychoactive cannabinoid, found in the plant Cannabis sativa L. or any other preparation thereof, that has a tetrahydrocannabinol concentration of not more than three-tenths of one percent (0.3%) and that is delivered to the patient in the form of a liquid,”

So, almost all of the CBD where ever it is being sold is illegal.

Interstate Transportation
The Consolidated Appropriations Act of 2019 (Pub.L. 116–141) (effective until September 30, 2018; now also continued to December 7, 2018) prohibits the use of funds to contravene the Farm Bill:

Sec. 729

None of the funds made available by this Act or other Act may be used—
(1) in contravention of section 7606 of the Agricultural Act of 2014 (7 U.S.C. 5940); or

(2) to prohibit the transportation, processing, sale, or use of industrial hemp, or seeds of such plant, that is grown or cultivated in accordance with subsection section 7606 of the Agricultural Act of 2014, within or outside the State in which the industrial hemp is grown or cultivated.

Health Claims

2018 Farm Bill preserved the Food and Drug Administration’s authority to regulate products containing cannabis or hemp. The FDA has approved CBD in the drug Epidiolex for treatment of Lennox-Gastaut syndrome or Dravet syndrome in patients 2 years of age and olderand THC in the drugs Marinol and Syndros. Consequently, the FDA’s position is that:

“Under the FD&C Act, any product intended to have a therapeutic or medical use, and any product (other than a food) that is intended to affect the structure or function of the body of humans or animals, is a drug. Drugs must generally either receive premarket approval by FDA through the New Drug Application (NDA) process or conform to a “monograph” for a particular drug category, as established by FDA’s Over-the-Counter (OTC) Drug Review. CBD was not an ingredient considered under the OTC drug review. An unapproved new drug cannot be distributed or sold in interstate commerce.”

The FDA has sent warning letters to that effect.

Unsurprisingly, the FDA takes the position that, since CBD is an approved drug, it is illegal to label products containing CBD as a dietary supplement.

Any manufactured product containing CBD must include on its label:

1. The country of origin of the cannabidiol; and
2. Whether the cannabidiol is synthetic or natural. 63 Okl. Stat. §1-1431(A).

The FDA takes the position that, since CBD is an approved drug, it is illegal to put it in human or animal food.

“The addition of derivatives of hemp, including hemp-derived cannabidiol, to…products intended for human or animal consumption shall be permitted without a license and shall not be considered an adulteration of such products.” 63 Okl. Stat. §1-1431(C). But, any establishment selling or manufacturing marijuana or CBD products included in foodstuffs or ingested orally as a major component of their business operation is a “Food Establishment” and is subject to 63 § O.S. 1-1118 and is required to obtain a food license.

Businesses extracting CBD or processing or warehousing food items containing CBD are subject to the licensing and inspection requirements of 63 O.S. § 1-1119 and OAC 310:260.


“A cosmetic is defined in 201(i) as “(1) articles intended to be rubbed, poured, sprinkled, or sprayed on, introduced into, or otherwise applied to the human body or any part thereof for cleansing, beautifying, promoting attractiveness, or altering the appearance, and (2) articles intended for use as a component of any such articles; except that such term shall not include soap.”

Under the FD&C Act, cosmetic products and ingredients are not subject to premarket approval by FDA, except for most color additives. Certain cosmetic ingredients are prohibited or restricted by regulation, but currently that is not the case for any cannabis or cannabis-derived ingredients.”

“The addition of derivatives of hemp, including hemp-derived cannabidiol, to cosmetics, personal care products…shall be permitted without a license and shall not be considered an adulteration of such products.” 63 Okl. Stat. §1-1431(C).


Legalized marijuana presents challenges for bankers. Until Congress acts any business having a relationship with marijuana or its proceeds fraught. So, too, with industrial hemp and CBD until the USDA issues its final rules and Oklahoma both corrects conflicts in its statutes, conforms its plan to the final rules and receives USDA approval. So, proceeding cautiously should be the rule. Stand by you will get the latest news from the OBA.

October 2019 OBA Legal Briefs

  • Residential appraisal threshold raised
  • 2019 Oklahoma legislation
  • Watch for new CTR filing instructions

Residential appraisal threshold raised

By John S. Burnett

Agencies issue joint rule

The Federal Reserve, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency have adopted a final rule that increases the threshold for residential real estate transactions requiring an appraisal from $250,000 to $400,000. The appraisal threshold was last  changed 25 years ago.

For transactions exempted from the appraisal requirement, the final rule requires institutions to obtain an evaluation to provide an estimate of the market value of real estate collateral.

The rule also incorporates the appraisal exemption for rural residential properties provided by the Economic Growth, Regulatory Relief, and Consumer Protection Act and similarly requires evaluations for these transactions. The rule also requires institutions to review appraisals for compliance with the Uniform Standards of Professional Appraisal Practice.

The $400,000 threshold doesn’t apply to loans fully or partially insured or guaranteed by the FHA or VA or loans qualified for sale to Freddie Mac or Fannie Mae. Such loans are already exempted from the agencies’ appraisal rules because they are subject to the appraisal requirements of the FHA, VA, Freddie or Fannie.

Important new definition

The $400,000 threshold applies to a “residential real estate transaction,” which is newly defined under the rule as “a real estate-related transaction that is secured by a single 1-to-4 family residential property.” That is a significant change, and residential mortgage loans of less than $400,000 secured by more than one property – for example, a bridge loan secured by a borrower’s current residence and a new residence, to be paid off. or refinanced upon sale of the current residence – will require an appraisal by a state certified or licensed appraiser, unless the rural residential exemption applies. The agencies believe that the former $250,000 threshold similarly applied only to transactions secured by a single 1-to-4 family residential property but have added the “residential real estate transaction” definition to clarify the regulation.

Effective dates

The rule amends 12 CFR Part 34 (OCC), 12 CFR Part 225 (Federal Reserve) and 12 CFR Part 323 (FDIC) effective the day after publication in the Federal Register, except for the evaluation requirement for transactions exempted by the rural residential appraisal exemption and the requirement to review appraisals for USPAP compliance, both of which will be effective January 1, 2020.

2019 Oklahoma legislation

By Pauli Loeffler

I have previously covered amendments to Title 47 with regard to “Take Your Tag” (effective July 1). I have also covered amendments to Title 2, the Oklahoma Industrial Hemp Program, in preparation for approval by USDA once its rules are promulgated under the 2018 Farm Bill. There was a lot of legislation enacted this legislative session. Some of the changes were minor such as making statutes more gender neutral. If you have a taste for trivia, I would suggest you look in Title 25 (Definitions and General Provisions) will fascinate and entertain you. Effective November 1, 2019, the official state steak for Oklahoma is the ribeye. Other than that legislative gem, changes to existing statutes and new legislation with greater impact will be covered here. The Oklahoma Statutes are accessible on the Oklahoma State Courts Network. You will find all the statures under “Legal Research.” Choose “Statutes” and then the Title. Titles are in alphabetical order.

Title 18 – Corporations.

Nonstock and charitable nonstock corporations. Effective November 1, 2019, in addition to for-profit and not-for-profit corporations, Oklahoma will have two new corporate entity types: nonstock and charitable nonstock. Neither of these nonstock corporations is authorized to issue capital stock but instead will have members. Charitable nonstock corporations are not-for-profit but required information in the Certificate of Incorporation makes a difference. Name requirements are identical to those for current corporations.

For profit nonstock corporations may be formed for a number of reasons. For instance, the corporation may be closely held, and the member has no interest in selling shares. Another possibility is that it was formed for a single, short-term purpose or a specific transaction such as construction project, or it may be formed solely for working with another company or individual for a joint venture. There can be certain tax advantages involved. Sec. 1006 provides:

A. The certificate of incorporation shall set forth:

4. … In the case of nonstock corporations, the fact that they are not authorized to issue capital stock shall be stated in the certificate of incorporation. The conditions of membership, or other criteria for identifying members, of nonstock corporations shall likewise be stated in the certificate of incorporation or the bylaws. Nonstock corporations shall have members, but the failure to have members shall not affect otherwise valid corporate acts or work a forfeiture or dissolution of the corporation. Nonstock corporations may provide for classes or groups of members having relative rights, powers and duties, and may make provision for the future creation of additional classes or groups of members having such relative rights, powers and duties as may from time to time be established including rights, powers and duties senior to existing classes and groups of members. Except as otherwise provided in the Oklahoma General Corporation Act, nonstock corporations may also provide that any member or class or group of members shall have full, limited, or no voting rights or powers, including that any member or class or group of members shall have the right to vote on a specified transaction even if that member or class or group of members does not have the right to vote for the election of members of the governing body of the corporation. Voting by members of a nonstock corporation may be on a per capita, number, financial interest, class, group, or any other basis set forth. The provisions referred to in the three preceding sentences may be set forth in the certificate of incorporation or the bylaws. If neither the certificate of incorporation nor the bylaws of a nonstock corporation state the conditions of membership, or other criteria for identifying members, the members of the corporation shall be deemed to be those entitled to vote for the election of the members of the governing body pursuant to the certificate of incorporation or bylaws of such corporation or otherwise until thereafter otherwise provided by the certificate of incorporation or the bylaws…

There are subtle differences between a not-for-profit corporation and a charitable nonstock corporation regarding the Certificate of Incorporation requirements under Sec. 1006 A.:

  1. If the corporation is not for profit:

a. that the corporation does not afford pecuniary gain, incidentally or otherwise, to its members as such,

b. the name and mailing address of each member of the governing body,

c. the number of members of the governing body to be elected at the first meeting, and

d. in the event the corporation is a church, the street address of the location of the church.

The restriction on affording pecuniary gain to members shall not prevent a not-for-profit corporation operating as a cooperative from rebating excess revenues to patrons who may also be members; and

  1. If the corporation is a charitable nonstock and does not otherwise provide in its certificate of incorporation:

a. that the corporation is organized exclusively for charitable, religious, educational, and scientific purposes including, for such purposes, the making of distributions to organizations that qualify as exempt organizations under section 501(c)(3) of the Internal Revenue Code, or the corresponding section of any future federal tax code,

b. that upon the dissolution of the corporation, its assets shall be distributed for one or more exempt purposes within the meaning of section 501(c)(3) of the Internal Revenue Code, or the corresponding section of any future federal tax code, for a public purpose, and

c.  that the corporation complies with the requirements in paragraph 7 of this subsection. [Emphasis added.]

As far as bylaws, Sec. 1013 as amended provides: “In the case of a nonstock corporation, the power to adopt, amend or repeal bylaws shall be in its governing body. Notwithstanding the foregoing, any corporation may, in its certificate of incorporation, confer the power to adopt, amend or repeal bylaws upon the directors or, in the case of a nonstock corporation, upon its members. The fact that such power has been so conferred upon the directors or members, as the case may be, shall not divest the shareholders or governing body of the power, nor limit their power to adopt, amend or repeal bylaws.”

Elsewhere in Title 18 there are provisions for merger and consolidation of nonstock companies as well as conversion of stock/nonstock companies without regard to whether the entities are for profit or not for profit.

For nonstock for profit, the bank will need the same documents as it does for other corporations, and CIP will be the same. As far as beneficial ownership, if there are members, you need to know the percentage of member interests, but is possible that a for profit may have no members. In that case, the bank will need to determine the undivided interest of the directors. with undivided interest. Documentation for not for profit/charitable nonstock is the same but such corporations have no beneficial owners.

Who is authorized to sign corporate documents: Sec. 1007. The amendment to this section for corporations affects who signs instruments other than the Certificate of Incorporation. Until November 1, 2019, this section provides:

  1. All other instruments shall be executed:

a. by the chair or vice-chair of the board of directors, or by the president, or by a vice-president, and attested by the secretary or an assistant secretary; or by officers as may be duly authorized to exercise the duties, respectively, ordinarily exercised by the president or vice-president and by the secretary or an assistant secretary of a corporation,

b. if it appears from the instrument that there are no such officers, then by a majority of the directors or by those directors designated by the board,

c. if it appears from the instrument that there are no such officers or directors, then by the holders of record, or those designated by the holders of record, of a majority of all outstanding shares of stock, or

d. by the holders of record of all outstanding shares of stock.

On and after November 1, in order to the statute states:

  1. All other instruments shall be signed:

a. by any authorized officer of the corporation,

b. if it appears from the instrument that there are no such officers, then by a majority of the directors or by those directors designated by the board,

c. if it appears from the instrument that there are no such officers or directors, then by the holders of record, or those designated by the holders of record, of a majority of all outstanding shares of stock, or

d. by the holders of record of all outstanding shares of stock.

Interestingly, this conflicts with Title 16 (Conveyances) Secs. 53 and 93 (“Every deed or other instrument affecting real estate made by a corporation must have the name of such corporation subscribed thereto either by an attorney-in-fact, president, vice-president, chairman or vice-chairman of the board of directors of such corporation” and Oklahoma Title Standards Sec. 12.2.  It also conflicts with Sec. 414 G. of the Banking Code: “Every conveyance of real estate and every lease thereof made by a bank or trust company shall have the name of such bank or trust company subscribed thereto, either by an attorney-in-fact, president, vice-president, chairperson or vice-chairperson of the board of directors of such corporation.”

Title 16 – Conveyances.

Sec. 13.  This statute permits a married person to convey (deed, mortgage, etc.) real property without joinder of the spouse when the property is not homestead. The only time the signature of both spouses is NOT required is when one spouse purchases real property and title is conveyed solely to him or her. In that case and only in that case, he or she can execute the mortgage without the non-title holding (“non-owner”) spouse signing the mortgage. In all other cases, the non-owner spouse must sign. If this is not done, the mortgage is defective until 10 years after recording affecting marketable title. It could not be cured by way of recording an affidavit of the non-signing spouse with regard to homestead or waiver of homestead, and a subsequent mortgage executed solely by him or her as spouse. Title Examination Standards §7.2 Comment states:

While 16 O.S. §13 states that “The husband or wife may convey, mortgage or make any contract relating to any real estate, other than the homestead, belonging to him or her, as the case may be, without being joined by the other in such conveyance, mortgage or contract,” joinder by both spouses must be required in all cases due to the impossibility of ascertaining from the record whether the property was or was not homestead or whether the transaction is one of those specifically permitted by statute. See 16 O.S. §§4 and 6 and Okla. Const. Art. XII, §2. A well-settled point is that one may not rely upon recitations, either in the instrument or in a separate affidavit, to the effect that property was not the homestead. Such recitation by the grantor may be strong evidence when the issue is litigated, but it cannot be relied upon for the purpose of establishing marketability. Hensley v. Fletcher, 172 Okla. 19, 44 P.2d 63 (1935).

The amendment effective November 1, 2019, allows the non-signing spouse to either a) execute an affidavit stating the property is not homestead, or b) execute a mortgage either with or without others to the original grantee, or to a successor or successors in interest stating the property was not homestead. In discussing the amendment to Sec. 13, I understand that changes to the Title Standards will be presented to the Delegates of the Oklahoma Bar Association for adoption at the annual meeting in November. On a side note, there will be a Title Standard regarding series LLCs as well.

Real Property Electronic Recording Act was enacted in 2008 and was covered in the December 2008 OBA Legal Briefs. Existing Sec. 86.3 validates recording of an original conveyance on paper or other tangible medium signed by an electronic signature as well as notarization with an electronic signature attached to or logically associated with the document or signature. A physical or electronic image of a stamp, impression, or seal is unnecessary. New Sec. 87 goes further. Subsection C. permits a notary to certify such paper or tangible document as a true and correct copy if the notary: a) confirms security features reveal no tampering, b) no changes or errors in electronic signature or other information are evident, c) personally printed or supervised printing of the document, and c) no changes or modifications are made to the electronic document, paper, or tangible copy beyond the certification by the notary.

The form of certification shall state: “I certify that the preceding or attached document (document title), (document date), containing (number) pages is a true and correct copy of an electronic document printed by me or under my supervision, and that, at the time of printing, no security features present on the electronic document indicated any changes or errors in an electronic signature or other information in the electronic document since its creation or execution.”  It will be dated and signed by the certifying notary, with seal and commission expiration. The certificate is prima facie evidence that the requirements of subsection C of this section have been satisfied with respect to the document.

The legislature enacted the Remote Online Notary Act (Title 49, Secs.201- 214) effective January 1, 2020. The Oklahoma Secretary of State will promulgate rules for notaries.

Title 12A – Uniform Commercial Code – Article 15

Article 15 is the Uniform Electronic Transactions Act (EUTA). The definitions for subsection (9), “Electronic record” and subsection (10) “Electronic signature” in Sec. 102 have been amended to add blockchain technology making it subject to this article. This is effective November 1, 2019

Title 14A – Uniform Consumer Credit Code

Sec. 3-508B. I covered the dollar amount changes to this section in the June 2019 OBA Legal Briefs. Amendments were made to that statute adding (1)(g) and (1)(h). Sec. 3-508B consumer loans are based on a special finance-charge method that combines an initial “acquisition charge” with monthly “installment account handling charges,” rather than using the provisions of § 3-508A. Late or deferral fees and convenience fees as well as convenience fees for electronic payments under § 3-508C are permitted, but other fees cannot be imposed. No insurance charges, application fees, documentation fees, processing fees, returned check fees, credit bureau fees, or any other kind of fee is allowed. No credit insurance even if it is voluntary can be sold in connection with in § 3-508B loans. If a lender wants or needs to sell credit insurance or to impose other normal loan charges in connection with a loan, it will have to use § 3-508A instead. Existing loans made under § 3-508B cannot be refinanced as or consolidated with or into § 3-508A loans, nor vice versa. Further, substantially equal monthly payments are required. The first scheduled payment cannot be due less than one (1) calendar month after the loan is made, and subsequent installments due at not less than 30-day intervals thereafter. The minimum term for loans is 60 days.

3-508B is more than a bit complex and confusing in that neither online version of the statute nor print versions of the Oklahoma Uniform Consumer Credit Code are updated when dollar amounts are adjusted pursuant to Sec. 1-106. Basically, you have to take the current Changes in Dollar Amount published by the Oklahoma Department of Consumer Credit (which can be accessed at the link below and are also available on the Oklahoma Bankers Associations Legal Links page), and then write in the those amounts in order for the statute to make any sense. Or at least that is what I have to do. To save you from having to do that, you will find the version effective for Sec. 3-503B loans I have prepared on the Legal Links page for July 1, 2019 as well as one incorporating the amendments effective for 3-508B loans consummated on and after November 1.

The acquisition charge authorized under this statute is deemed to be earned at the time a loan is made and shall not be subject to refund. Provided, however, if the loan is prepaid in full, refinanced or consolidated within the first sixty (60) days, the acquisition charge will NOT be deemed fully earned and must be refunded pro rata at the rate of one-sixtieth (1/60) of the acquisition charge for each day from the date of the prepayment, refinancing or consolidation to the sixtieth day of the loan. The Department of Consumer Credit has published a Daily Acquisition Fee Refund Chart for both the changes effective July 1, 2019, and effective November 1, 2019, links on this page. Further, if any loan is prepaid, the installment account handling charge shall also be subject to refund. A Monthly Refund Chart for handling charges for can be accessed on the page indicated above, as well as § 3-508B Loan Rate (APR) Table for both July 1, 2019 and November 1, 2019 are accessible from the link above.

Title 12 – Civil Procedure

Sec. 1560. I found this new section regarding foreclosure of Oklahoma licensed medical marijuana dispensaries, growers, and processors very interesting. It provides that if any of these businesses is subject to foreclosure, has a receiver appointed, becomes insolvent, bankrupt, or ceases operation (sole owner dies), a secured party or receiver may continue operations by submitting proof to the Oklahoma Medical Marijuana Authority (OMMA) proof of the secured status, receivership, etc. OMMA may permit the secured party or receiver to continue operations at the dispensary, etc. without additional charge to the creditor or receiver but subject to the annual license fee and to operate the business for a reasonable period of time (which is not defined but will presumably be subject to rules promulgated by OMMA). The statute provides that marijuana items left by a deceased, insolvent or bankrupt person or licensee, or subject to a security interest or a court order appointing a receiver, may be foreclosed, sold under execution or otherwise disposed whether by foreclosure or by sale as a going concern.

This is what OMMA tweeted on August 26, 2019:

Here are 1-yr. totals for Medical Marijuana applications & approvals in Oklahoma: Applications: Patient 189,129. Caregiver 1,699. Businesses 8,089.  Total: 198,917

Approvals: Patient 178,173. Caregivers 1,277. Growers 4,287. Dispensaries 1,848. Processors 1,173. Total: 186,758

It is my impression that relatively few banks in Oklahoma actually bank licensed dispensaries, processors, or growers, and some refuse to bank customers who lease to licensees or those who supply equipment or services to licensees. Of course, all that may change if the federal legislation which recently passed the House also passes the Senate. However, I do wonder how regulators will view financial institutions actually running a foreclosed dispensary, etc.

  1. A secured party or court-appointed receiver may continue to operate a business for which a license has been issued under Section 421, 422 or 423 of Title 63 of the Oklahoma Statutes for a reasonable period after default on the indebtedness by the debtor or after the appointment of the receiver.

Title 68 – Public Health and Safety

Medical marijuana (MMJ). There was a lot of new legislation enacted with regard to MMJ already in effect in addition to the foreclosure statute in Title 12 mentioned above. HB 2016 became effective March 19th enacting the “Oklahoma Medical Marijuana and Patient Protection Act” Secs. 427.1 through 427.23. Sec. 429 of the “Oklahoma Medical Marijuana Waste Management Act” is already in effect, while Secs. 427a, 428 and 430 are effective on November 1, 2019. Frankly, it is easier to read the current rules on rather than wade through the statutes.

Sec. 427.8. This statute is sometimes referred to as the “Unity Bill.”  It contains provisions regarding rights of licensed patients and caregivers. The provisions of this statute that a bank needs to consider are those regarding applicants for employment and employees. There is a rather short list of what the bank cannot do. You cannot refuse to hire, discipline, or penalize an applicant or employee solely because s/he is a medical marijuana (MMJ) licensee, nor can you do any of the foregoing solely on the basis of a positive drug test for MMJ if the bank has a drug testing policy. I suggest you review your hiring policy and employee manual. The bank can ban all use of MMJ on its premises and/or during work hours. You can also ban use if performing “safety sensitive” jobs set out in subsection K of the statute which includes operating a motor vehicle, firefighting, carrying a firearm, etc. BUT there is still a catch: the employee must test “above the cutoff concentration level established by the U.S Department of Transportation or under Oklahoma law for being under the influence, whichever is lower, and this will require a drug testing policy that complies with Tit. 40 O.S. Secs. 551, et seq. The employee manual can ban possession and consumption of MMJ by employees with licenses while at work, picking up bank mail from the post office, etc.  None of the members of the OBA Legal and Compliance team is an expert in the field of labor law. It is highly recommended the bank contact an attorney who is an expert to review and draft your employment policy and employee manual.

CBD. Sec. 1-1431 is a new statute effective November 1, 2019. It covers labeling of cannabidiol but doesn’t apply to drugs approved by the FDA such as Epidiolex (approved June 2018). More importantly, it codifies that there is no licensing requirement for retail sales as long as the hemp is grown legally in this state or in another state:

  1. Retail sales of industrial hemp and hemp products may be conducted without a license so long as the products and the hemp used in the products were grown and cultivated legally in this state or another state or jurisdiction and meet the same or substantially the same requirements for processing hemp products or growing hemp. The addition of derivatives of hemp, including hemp-derived cannabidiol, to cosmetics, personal care products and products intended for human or animal consumption shall be permitted without a license and shall not be considered an adulteration of such products. Nothing in this section shall exempt any individual or entity from compliance with food safety and licensure laws, rules and regulations as set forth under the Oklahoma Public Health Code.

Title 28 – Fees

Sec. 32. The fee payable to county clerks for preservation of instruments recorded increases from $5 to $10 effective November 1, 2019. Banks will need to keep this in mind in making disclosures for consumer loans.

Watch for new CTR filing instructions

by John S. Burnett

Apparently, the current instructions for CTR filings involving individuals who complete multiple transactions in different roles (on own behalf and one behalf of another person) are causing problems for FinCEN and those who need to understand the nature of reported transactions. For example, under the current instructions, if John Smith makes two deposits – one  to his personal account with $6,000 in cash and the other to J Smith, Inc., his business account, with $8,000 in cash – filers are instructed to complete one Part I record identifying John Smith as a person who conducted the transactions, and, because he conducted one on his own behalf and the other on behalf of another person (the corporation), item 2a (Person conducting transaction on own behalf) is to be checked. The full amount of $14,000 and the two account numbers appear in item 21 on the John Smith Part I record. Another Part I record is completed for the corporation, with item 2c (Person on whose behalf transaction was conducted) checked, and $8000 and the business’s account number in item 21.

FinCEN has reportedly posted an alert for discrete and batch filers on its eFiling portal that the instructions will soon change (optional compliance now and mandatory compliance February 1, 2020). According to the alert, an update has been or will be made to the eFiling system to require two Part I records for a conductor completing multiple reportable cash transactions both on his/her own behalf and on behalf of another person(s) – one for the transaction(s) on his own behalf (2a checked) and the other for the transaction(s) on behalf of other persons (2b checked). There would continue to be a separate Part I (2c) record for person(s) on whose behalf transactions are conducted.

If your bank uses a third party to batch file its CTRs, you should be getting more information on these changes from the service provider.

We’ll continue to watch for updates from FinCEN and report them to you in future Legal Updates.

September 2019 OBA Legal Briefs

  • Do cashier’s checks expire?
  • Mandatory vacation for bank employees
  • Inform your borrower (Post-confirmation rate reduction)
  • Two regulation amendments, two errors

Hemp, CDB

by Pauli Loeffler


In April 2018, Oklahoma enacted legislation to permit cultivation of hemp under the federal Farm Bill of 2014 for research of hemp under pilot programs. In December 2018, the federal Agriculture Improvement Act of 2018 (“the Act”) became law. During the 2019 planting season, states, tribes and institutions of higher education may continue operating under authorities of the 2014 Farm Bill until 12 months after USDA establishes the plan and regulations required under the Act. The USDA’s website says the agency intends to have regulations in effect by the fall of this year, but that remains to be seen. The USDA’s Agricultural Marketing Service Specialty Crops Program has oversight and approval of state programs.

During Oklahoma’s 2019 legislative session, the 2018 statutes were amended. The Oklahoma Industrial Hemp Program statutes can be found in Title 2, Sections 3-401 to 3-411, inclusive. The Oklahoma Department of Agriculture, Food, and Forestry (“the Department”) is required to promulgate rules to implement the Oklahoma Industrial Hemp Program. This will probably not happen until the USDA proposes and finalizes regulations.

Marijuana and industrial hemp are derived from the same plant and don’t let anyone tell you otherwise. This is true under both federal and Oklahoma law. The crucial difference between marijuana (illegal under federal law but legal for medical and/or recreational use in the majority of states including Oklahoma for medical). and hemp is definitional.

“Industrial hemp” means the plant Cannabis sativa L. and any part of the plant, including the seeds thereof, and all derivatives, extracts, cannabinoids, isomers, acids, salts and salts of isomers, whether growing or not, with a delta-9 tetrahydrocannabinol [THC] concentration of not more than three-tenths of one percent (0.3%) on a dry-weight basis… (§ 3-401).

This is same as the federal Act’s definition. Both the Act and our statute require that the person growing, cultivating, handling, or processing the hemp must file an application for a license, submit all required reports, and grant access for inspection and testing. The Act legalizes the transportation of hemp across state lines.

Once all the moving pieces are in place, i.e., USDA rule, Oklahoma’s Department issues rules for the Industrial Hemp Program approved by USDA, etc., then all the bank needs are a copy of the license and periodic checks that the customer/licensee is complying. Since hemp is legal under both federal and state law, none of the problems attendant to banking MRBs are present. Until then, your customers will be operating under the Farm Bill of 2014 and have a license for research.


Cannabidiol (“CBD”) is one of more than 80 biologically active chemical compounds found in the Cannabis sativa plant. Oklahoma has absolutely no requirements that those selling CBD products have to be licensed, but that is not true in other states. While the OCC has previously stated CBD business are MRBs (requiring MRB SARs), unless the business is selling products that do not meet the definition of hemp or marketing products with unsubstantiated health claims, it is unlikely any criminal or civil action will be taken against them. I wish I could say there is no risk under at all, but I can’t. CBD is being sold by retailers (convenience stores, Walmart, doctor’s offices, etc.) pretty much everywhere in Oklahoma.

Do not confuse the CBD products being sold by your customer with the FDA approved prescription drug Epidiolex (approved June 2018). This is a Schedule V drug (September 2018) approved for the treatment of seizures, and the FDA found it safe and effective for its intended use. It requires a prescription. That is not what your CBD customer is selling. I suggest you read the Final Rule issued by DOJ and DEA reclassifying Epidiolex from a Schedule I (no currently accepted medical use in the United States, a lack of accepted safety for use under medical supervision, and a high potential for abuse) to Schedule V (substances with low potential for abuse… and consist primarily of preparations containing limited quantities of certain narcotics).

If the customer is selling a product that has been tested that meets the definition of “hemp” set out above, it is similar to over the counter medication (aspirin, Nytol), but there is still a risk even though it is very unlikely local police or the FBI is going to swoop in. Let’s look at Footnote 11 to the Final Rule:

  1.  Nothing in this order alters the requirements of the Federal Food, Drug, and Cosmetic Act that might apply to products containing CBD. In announcing its recent approval of Epidiolex, the FDA Commissioner stated:

[W]e remain concerned about the proliferation and illegal marketing of unapproved CBD-containing products with unproven medical claims. . . The FDA has taken recent actions against companies distributing unapproved CBD products. These products have been marketed in a variety of formulations, such as oil drops, capsules, syrups, teas, and topical lotions and creams. These companies have claimed that various CBD products could be used to treat or cure serious diseases such as cancer with no scientific evidence to support such claims.

In other words, even though the product may by definition be “hemp,” it can run afoul of FDA provisions with unsubstantiated claims, non-compliance in labeling for dietary supplements, or an adulterated food product. The FTC looks closely at advertising for food, over-the-counter drugs, and dietary supplements, too. Both agencies can enter cease and desist orders and/or seize the product and assets derived from it.

Do cashier’s checks expire?

by Pauli Loeffler

Q. We had a non-customer who recently found an old cashier’s check in a file from November 1997. The bank the cashier’s check is drawn on doesn’t exist anymore as we merged with another institution. My cashier says that at the 5-year mark, they would have either reissued the check with the new bank information, or turned it over to the state, but since the check is so old, there is no way for us to tell what happened. The presenter stated he would hate to have to file a lawsuit. Does this person have a leg to stand on?

A. Unfortunately, cashier’s checks don’t expire. Due to the merger, your institution assumed the obligation to pay the cashier’s check. Unless you can find some record of an Affidavit of Loss, Stolen or Destroyed Cashier’s Check provided, the check was replaced, and the second check was cashed, your bank is liable to the payee. Yes, he can sue the bank. The bank cannot unilaterally reissue a cashier’s check to avoid reporting and remitting it as unclaimed property. If the bank has reported and remitted funds to the Oklahoma Treasurer, it pays the cashier’s check and then submits an Affidavit for Reimbursement.

Mandatory vacation for bank employees

By Pauli Loeffler

Q. I have a question regarding the Oklahoma State Banking rule found in the Administrative Code Sec. 85:10-5-3 Minimum control elements for bank internal control program requires 5 consecutive business days of vacation for employees each calendar year.

Our vacation policy reads:  First year of employment with a start date prior to July 1st of that year the employee/officer gets 6 vacation days.  Does the employee/officer have to take 5 consecutive banking days in a row of that 6 days they get?  They are eligible for the 6 days.

Does it matter when in the year they are hired as to if they are required when eligible (after their 90 day probation is up) to take the 5 consecutive banking days off?

A. 85:10-5-3. Minimum control elements for bank internal control program

     All internal control programs adopted by banks shall contain as a minimum the following:

(1)      A requirement that each officer and employee, when eligible for vacation, be absent from the institution at least five consecutive business days each calendar year, unless otherwise approved in writing by the bank’s bonding company for bank officers and employees generally and then each officer and employee who may be excepted from this requirement must be specifically approved by the bank’s board of directors and it shall be recorded in the board of directors minutes, that the officer or the employee may be absent less than the five consecutive banking days. During the absence of an officer or employee, the duties of the absent officer or employee must be performed by other bank officers and employees…

If the employee is not eligible for vacation under the bank’s vacation policy, then it is not required. If your policy is no vacation days allowed during the 90 day probation period, and the employee is hired less than 95 days before the end of the calendar year, then approval by the board is not required nor by the bonding company. Note that holidays (Christmas, New Years, etc.) when the bank is closed do not count as a “business day.”

The FDIC’s recommendation is two weeks, but offers alternatives. (See link below.)

The objective is that employee shall not have direct nor indirect have control (i.e., the substitute should not call or email the employee on vacation) over his/her duties for a consecutive period as a matter of internal control to ferret out wrong-doing such as embezzlement and the like, including an employee who was putting loan applications into his/her drawer without processing. The employee who is on vacation could still be working at the bank but cross-training with duties unconnected with his or her usual duties. I applaud cross-training particularly for smaller banks since I get a ton of calls when the employee in charge of garnishments, subpoenas, CTRs, etc. is off, and the employee filling the gap has little or no training.

Inform your borrower

By Andy Zavoina

Post-consummation rate reduction

Recently, I have answered the same question from a number of bankers. The scenarios involve a closed loan that the bank later determines the borrower was eligible for a lower rate or some form of discount,and the bank wants to apply now. The question posed: “Is redisclosure required?” The answer is: “It depends.”

But there is a much bigger question to be asked.  At face value, this sounds like a good thing. The borrower gets their rate lowered, and no one will object to that. Or will they? I have my auditor’s hat on for this, and there are many red flags raised when you do this. That is where bigger questions come into play.

If you think that reducing a borrower’s loan rate after closing can only be a good thing, I disagree by reviewing one large bank’s recent penalty of $25 million for this same practice. The bank in question paid a small penalty, if you call $25 million small, because it discovered the problem and self-reported it while immediately beginning remuneration to as many as 24,000 borrowers from as far back as 2011. This wasn’t just a recent issue, and the examiners found fault with the problem, rather than the cure.

Disclosing the cost of credit

First, we must explore the purpose of Regulation Z, which implements the Truth in Lending Act (TILA). Reg Z states at § 1026.1(b), “The purpose of this part is to promote the informed use of consumer credit by requiring disclosures about its terms and cost, to ensure that consumers are provided with greater and more timely information on the nature and costs of the residential real estate settlement process, and to effect certain changes in the settlement process for residential real estate that will result in more effective advance disclosure to home buyers and sellers of settlement costs.” Neither TILA nor Reg Z is designed to dictate the terms of a loan to a consumer for personal, family or household use, but rather to ensure adequate disclosures are made so that a consumer-borrower can make an informed choice about a loan that is being offered to them. In many cases, the consumer is then encouraged to seek a similar loan from another lender who will then offer similar disclosures, allowing the consumer to shop for the best deal for them before they become obligated on the loan.

There are important takeaways here. The consumer can find out the terms of a loan before becoming obligated and can compare terms those offered elsewhere. Even in the case where the loan is not a real estate secured requiring an early Loan Estimate disclosure, the lender should be using terms orally and in advertising that describe the Annual Percentage Rate (APR), the Total Interest Paid, Total of Payments and the interest rate. These are what will be on a consumer contract, and a lender can easily tell a borrower these amounts if asked which allows a consumer to shop for a loan.

None of this matters, if weeks or months after a loan is closed, the consumer is offered a modification or refinance to lower the interest rate or another component of the finance charge giving them a more affordable loan. You may ask, “Well the consumer didn’t find a better deal, or the loan wouldn’t be here, so this is icing on the cake, right?” Will the consumer object? I do not see that happening, but although the bank is trying to do the right thing, there are problems in these scenarios.

Refinancing or modification?

Often, questions concern the lesser issue on what has to be done to reduce this rate. Often the bank will have the option to modify the loan rather than refinance it. That can make a big difference since a refinance is a new loan and, with a consumer-borrower, this means new disclosures will be required. If this is a real estate loan that can be a cumbersome, time consuming, and an expensive endeavor. If it is a modification, the terms can be adjusted without the event being considered a new loan under Reg Z. I will refer you to an article Pauli Loeffler wrote for the Legal Briefs in June 2016 — “Is it a Refi?” Two questions must be answered  “No” for a loan to qualify as a modification. These are: “Is there any new money” and “Is a variable rate feature being added has not been previously disclosed?” Reviewing the entire article is always recommended any time the refi or modification question comes up. (you will need to register by clicking My Member Portal and filling in the information in order to access the Legal Briefs archives).

Audit concerns

Back to the auditor’s questions on these reduced rate loan: “Why wasn’t the consumer offered the best deal in the first place?”” Does the bank know if it lost loans to its competitors because it failed to offer discounts originally?”” Could this reduction in cost after the fact be a smokescreen to lower the borrowing costs for a protected class?”” What is the cost to the bank to modify or refinance the loans after the fact?” And last but not least, “Which loans were not caught in the subsequent review and remain at a higher rate?”

If your bank offers some form of relationship loan pricing, it should be firmly ingrained in the lenders and underwriters who determine and discuss these rates with the borrowers. It should be annotated on all rate sheets if it is an established program. Your customers should be aware the program exists so they develop the relationship and take advantage of it when they can, and will invite your bank to compete for their loan when they have a borrowing need. Such programs are often based on the customer’s having one or more deposit products in good standing with the bank, the time they have had those accounts, and potentially their borrowing history with you.

Let’s first look at the harm that is done to the borrower. The moment the loan is closed, harm is done. If a discount was available and not offered, the borrower has been harmed. When the bank realizes there was an error, it has a choice to make. It can refinance or modify the existing loan, or it can choose to do nothing other than try harder in the future. After all, the borrower accepted the loan terms and did not feel slighted, so this is more profit for the bank, right? We’ll hold that question for consideration when we discuss the bank that was penalized.

Auditing the closed loans can help a bank find errors. While you cannot go back in time and avoid the error, the bank can make it right. Through the use of additional manpower, hours of work, and analysis the bank can determine what the interest rate and other costs should have been, and bring the loan down to that using a modification or refinancing strategy. Some banks suggested they could program the loan at the discounted rate, notify the borrower of the lower payment and move forward. That’s a bad idea on many fronts. What is programmed will not agree with what was disclosure and violates the key purpose of TILA and Reg Z. What if the borrower has a question years later, the bank sees the discrepancy and wants to revert to the contracted terms? What if the loan is sold to another lender or serviced by another entity which cannot reconcile what is being charged and what was contracted for? There must be documentation to support the terms of the credit, or loan administration will not know what to program or why. This sloppy procedure demonstrates a lack of controls and casts a shadow on the bank’s procedures in general. Yes, amending and adjusting the loan is the right thing to do, but it must be documented and supported by a paper trail. It is a better option than ignoring the problem and doing nothing, but it pales in comparison to doing it right the first time.

The fair lending problem

Let’s explore a fair lending aspect. Jane Doe applies for a loan and is approved. This is a reportable loan under the Home Mortgage Disclosure Act, and it is correctly and completely recorded on the Loan Application Register. John Doe applies for a similar loan with qualifications similar to Jane’s. The good news is John’s loan is also approved. It is recorded on the LAR, and all is right with the world. John’s loan is flagged for a quality control audit, and John is found eligible for a rate discount on his loan. The bank reacts quickly and modifies John’s loan to bring his rate and corresponding APR down. Is all still good in the world? No, because Jane was similarly qualified, but her loan was not reviewed. Jane has a higher borrowing cost. The result is a pricing difference worth reporting to the Department of Justice because Jane is female, John is male, and there is a disparity in treatment between the two. The protected basis could be sex, color, religion, etc., but it doesn’t really matter. It also does not matter whether intentional or not; the effect is the same. If other comparisons are found and the protected basis is the same, there is a real problem that will be very expensive to work through.

What controls are in place to regulate which loans get a reduced rate after consummation?  In the example above, assume a biased lender goes to Loan Administration after the loan closing and points out his lack of a relationship pricing discount for John’s loan. The corrections are made and now more obviously there is different treatment for the two borrowers. Fair lending analysis often starts with the Loan Application Register, and Jane Doe’s loan at 3.5% looks the same as John Doe’s loan at 3.5%, except that John is now actually paying less than that and is saving thousands in finance charges over the life of the loan. This is discrimination behind a smoke screen that conceals it. This indicates a need for yet another set of controls that will increase the bank’s costs in managing the portfolio. Who can set a loan rate, who can re-set a loan rate, and under what conditions may a loan’s rate be changed?

When a rate is changed because a relationship discount was called for, is the bank calculating the adjustment back to inception of the loan or just from the current date forward? The borrower may not object in either case, but it requires yet more controls, math, and verifications, and is one more thing to do wrong since the rate was not correctly set when made. To this auditor’s pencil, the adjustment must go back to inception, which requires not only a payment adjustment, but a refund of some charges paid from closing forward.

Another audit issue that would be prompted here is a review of loans closed, loans closed with the relationship discount, the demographics of all those borrowers, and a comparison to the demographics of those loans the bank adjusted after the fact. This is a continuation of the fair lending red flags raised by potential loans to the likes of Jane and John in the earlier example. Again, this is one more detailed fair lending review that is needed but is certainly not free of charge.

A $25 million penalty

You may be asking if these hypotheticals really come to the attention of a regulator. This is where we get to the case of the bank that was penalized.  Let’s review the enforcement action between the Office of the Comptroller of the Currency (OCC) and Citibank, N.A. This action, #2019-009, was made public in March 2019. Citibank initiated a Relationship Loan Pricing Program (RLP) in August 2011. This program was designed to provide better pricing on mortgage loans. A qualified borrower could receive either a credit to closing costs or an interest rate reduction. But the bank discovered in 2014 that the RLP program rates were not being applied to all qualified borrowers. In 2015, the bank self-reported the problem to the OCC. In 2018, the OCC determined this was a violation of the Fair Housing Act. It recognized that the bank found the problem, identified the applicable accounts and initiated refunds and corrective actions on approximately 24,000 accounts averaging $1,000 each for total reimbursement of hard costs at $24,000,000, and it added a $25,000,000 civil money penalty on top of that.

The OCC’s enforcement action says that from August 2011 until April 2015, the bank did not train its lenders to offer the RLP. This would appear to be inception of the program until the deficiency was detected. The order further noted that from August 2011 until November 2014, the bank’s own written guidelines did not instruct its lenders to offer the RLP to all qualified borrowers nor to document any reasons a borrower rejected the offer. And lastly, from August 2011 until January 2015, lenders were not required to even notify borrowers that they may be eligible for a discount under this RLP.

What we see here is that the bank had a program but neither trained lenders to offer it nor told borrowers they may be eligible for it. Was there any harm to the consumer borrowers? The OCC obviously thought so.

What is not evident in this six-page enforcement order is any mention whatsoever that there was any bias, real or through the effects test, nor that any protected class was disadvantaged. The order only said that some disadvantaged borrowers would have belonged to a protected class. If all applications are mismanaged equally, is there any discrimination? You can assume that in 24,000 cases there were minority and majority borrowers as well as a mixture of other protected groups. What the action said was that the bank showed ineffective risk management and control weaknesses and that certain borrowers were adversely affected “on the basis of their race, color, national origin and/or sex.” Nothing in the order evidenced this conclusion in any way. But the order includes common text such as, “…in the interest of cooperation and to avoid additional costs associated with administrative and judicial proceedings with respect to the above matter, the Bank, by and through its duly elected and acting Board of Directors (“Board”), consents to the issuance…” meaning it was not going to be cost effective to dispute the findings. Remember, this had already been in the works for three years. I referenced the reimbursements and penalty as hard costs. Consider the soft costs: the manhours required to create the routines to review all the loans made back to 2011 that may have been subject to the RLP, which were borderline and denied, and which were approved. Then you also need to know what the finance charges paid on the account were, compared to what they would have been with the RLP. You also need to include the paid loans and may need to track down those borrowers to explain what happened and why they are getting a refund. These are the soft costs, and they are no small amount, I’m sure.

Yet in some bank president’s office even today, lenders are still making a case that “these borrowers are already getting a good rate, and if they didn’t know they might qualify for a reduction there is no sense, no feeling, no harm, no foul,” or that “we can review the loans after they close, maybe within a month or two, and correct problems we find, so we are OK.” But at the end of the day, if the bank has a program to provide a lower cost of borrowing on mortgage (or other) loans for certain qualified borrowers, it has to manage the program, to train its lenders to apply the program, and to advise borrowers they may qualify for a lower cost loan. And without specific evidence to the contrary, this bank may be deemed to have a risk management and internal control failure and a Fair Housing Act violation if it does not do all those things.

Correcting a problem found is always a good idea. Preventing the problem in the first place is a much better idea.

(For more on the Citibank case, see

Two regulation amendments, two errors

By John S. Burnett

I’ve had occasion to contact the CFPB twice in the last two months concerning errors in their final rules amending key regulations. In both cases, an attorney at the Bureau called me to thank me for pointing out the glitch (in the second case, I wasn’t the first to note the error), and to assure me that a “fix” would soon be published. My purpose in this short article isn’t to pat myself or BankersOnline on the back for calling the Bureau to task. Rather, it’s just to note the two errors and explain how one of them appears to have occurred.

A Reg CC comedy of errors

On June 24, the Bureau and the Federal Reserve Board announced a final rule amending Regulation CC to make inflation adjustments to certain dollar amounts in the regulation and to adopt three changes to definitions made by the Economic Growth, Regulatory Reform, and Consumer Protection Act of 2018. The inflation adjustments involved changes to the text of both the regulation and the Official Commentary.

The document submitted to the Office of the Federal Register (OFR) for publication appears to have been written by Federal Reserve staff and approved by the Board and the Director of the Bureau (the CFPB must sign off on any amendments to the subparts of the regulation addressing funds availability or disclosures). In the “amendatory instructions” at the end of the document (the part of the rule that instructs the OFR how to change the official version of the regulation in the Code of Federal Regulations (CFR)), an instruction to amend the Commentary was inserted in the middle of the instructions for amending the body of the regulation. That appears to have created a problem for the OFR staff, since the standard they work with deals with amendments in the order the regulation appears in the CFR, where the Commentary appears as Appendix E, after the regulatory text and a couple of other appendices.

This is where things got confusing, and someone attempted to reconfigure the amendatory instructions to put the changes to the Commentary at the end, and botched it in the July 3 publication of the rule in the Federal Register, adding an incorrect instruction to change the $100 amount in section 229.21(a)(2)(i) to $250. I credit a BankersOnline user with calling that error to my attention.

The Federal Reserve rectified the error when it published a correction in the August 29 Federal Register. We have verified that Regulation CC as it appears on BankerOnline’s website has been updated correctly.

(Ironically, the July 3 Reg CC amendments document also included corrections of several 2011 typographical errors in Regulation DD that we called to the CFPB’s attention three or four years ago.)

A ‘High Cost’ error in Regulation Z

The other glitch also involved inflation adjustments, this time in Regulation Z. On August 1, the Bureau published annual threshold inflation adjustments for 2020 under the CARD Act, HOEPA and the Dodd-Frank Act. The HOEPA (High-Cost Mortgage Loans) adjustments are always made to the Official Commentary, and this year was not an exception. However, the amendment as published included an error. When the Bureau added comment 32(a)(1)(ii) to prescribe the adjusted $1,000 points and fees cap applicable to non-high-cost-mortgages of an adjusted $20,000 or less, it listed the amount as $21,980 instead of the correct $1,099 (the $21,980 amount was correctly inserted in comment 32(a)(1)(ii), also added by these amendments).

The Bureau attorney I spoke with on this error said their staff was aware of the mistake and is determining how to fix it. While they figure that out, we have annotated the BankersOnline Regulation Z page for section 1026.32 to flag the error and provide the correct amount.

August 2019 OBA Legal Briefs

  • Amendments to Title 47
  • EGRRCPA Update – Part 2

Amendments to Title 47

By Pauli Loeffler

Sell the vehicle, keep the license plate. Effective July 1, 2019, § 1112.2 was added to Title 47. If the borrower buys a new or used car or truck from a dealer, nothing has changed. If the borrower trades his car in for a new one, he will take his license plate with him, but will display the paper tag until the car is registered. He has 30 days to do so or face a penalty. The borrower presents the license plate to the tag agent, and once the registration is completed, puts the old tag on the new car. He will not get a new license tag.

On the other hand, things are different if buying from a private party in Oklahoma. The private party will keep the plate, and things get hairy. Billy Bob Smith buys Justin Will’s truck. Justin will retain the plate. Billy Bob isn’t trading or selling any vehicles, so he has a truck with no plate. He can drive around Oklahoma without a license plate for 5 days as long as he has a notarized bill of sale from Justin. Billy Bob still has 30 days to register the truck, but he pretty much will have to park it in his garage after the 5 days are up. I kind of wonder how often Billy Bob will get stopped and have to produce the bill of sale during that time, but getting stopped a couple of times will probably spur him into registering the vehicle quickly. I also would guess it will make it easy for law enforcement to make contact quotas if such quotas exist.

There is another problem that wasn’t considered when the statute was enacted: What happens when there is a lien on a Justin’s truck, and there’s lien on the certificate of title?

Sec. 1110 of Title 47 provides:

  1. 1. A secured party shall, within seven (7) business days after the satisfaction of the security interest, furnish directly or by mail a release of a security interest to the Tax Commission and mail a copy thereof to the last-known address of the debtor… If the secured party fails to furnish the release as required, the secured party shall be liable to the debtor for a penalty of One Hundred Dollars ($100.00). Following the seven (7) business days after satisfaction of the lien and upon receipt by the lienholder of written communication demanding the release of the lien, thereafter the penalty shall increase to One Hundred Dollars ($100.00) per day for each additional day beyond seven (7) business days until accumulating to One Thousand Five Hundred Dollars ($1,500.00) or the value of the vehicle, whichever is less, and, in addition, any loss caused to the debtor by such failure.

Your bank has the title to the truck. As a practical matter, Justin’s lender is receiving a cashier’s check payable to the lender or to Justin and the lender. Cashier’s checks are not subject to stop payment, so the lender could sign the lien release (your bank can fill one out and send it with the check) right then and there. Unfortunately, that is probably NOT going to happen. If Justin’s lender waits until the cashier’s check is paid to provide the lien release, and your bank is holding the title until the release is received, Billy Bob has a truck without a tag and no way to register title.

As far as your bank is concerned, you need to know that there can be more than one lien on a certificate of title (I think the limit is either 4 or 5 although only two will be displayed on the certificate), so there is no real reason to delay filing your lien entry and speeding matters along provided you know the bank has the cashier’s check, and it will be presented for payment. When Justin’s institution files its release, it will no longer have a lien, its lien will be removed from any subsequent certificate of title. You will need to make sure that the truck does not serve as collateral for another of Justin’s loans.

Note: The following license plates are NOT subject to § 1112.2: Mobile Chapel, Manufactured Home, Boat/ Outboard Motor. Construction Machinery, Special Mobilized Trailer – Trailer Exempt, Commercial Rental Trailer – Commercial Trailer, Farm Trailer- Forest Trailer – Private Trailer, or ATV- Utility Vehicle – Off Road Motorcycle.

Another item for your glove box. Also. effective July 1, 2019, is new § 1112.3 of Title 47:

  1. Except as otherwise provided in subsection B of this section, at all times while a vehicle is being used or operated on the roads of this state, the operator of the vehicle shall have in his or her possession or carry in the vehicle and exhibit upon demand to any peace officer of the state or duly authorized employee of the Department of Public Safety, either a:
  2. Registration certificate or an official copy thereof;
  3. True copy of rental or lease documentation issued for a motor vehicle;
  4. Registration certificate or an official copy thereof issued for a replacement vehicle in the same registration period;
  5. Temporary receipt printed upon self-initiated electronic renewal of a registration via the Internet; or
  6. Cab card issued for a vehicle registered under the International Registration Plan.
  7. The provisions of subsection A of this section shall not apply to the first thirty (30) days after purchase of a replacement vehicle.

So, dig out your registration documents and put them in your car just in case the officer asks.

EGRRCPA Update – Part 2

By Andy Zavoina

We updated the status on sections 101 through 202 in last month’s Legal Briefs.

Section 203: Synopsis – The Bank Holding Company Act is amended to exempt certain banks from the “Volcker Rule” when it has less than $10 billion in assets, and trading assets and liabilities comprising not more than 5% of total assets. (The Volcker Rule prohibits banking agencies from engaging in proprietary trading or entering into certain relationships with hedge funds and private-equity funds.) and

Section 204: Synopsis Volcker Rule restrictions on entity name sharing are eased in specified circumstances.

Effective Dates 203 & 204: The effective date is upon enactment. While it may be effective immediately changes to existing regulations are anticipated.

Updates 203 & 204: July 22, 2019 – The FDIC, FRB, OCC, SEC, and the U.S. Commodity Futures Trading Commission have issued a final rule to amend regulations implementing Section 13 of the Bank Holding Company Act (the Volcker Rule) in a manner consistent with the statutory amendments made pursuant to Sections 203 and 204 of the Economic Growth, Regulatory Relief, and Consumer Protection Act (EGRRCPA). These statutory amendments modified the Volcker Rule to exclude certain community banks from the Volcker Rule and to permit banking entities subject to the Volcker Rule to share a name with a hedge fund or private equity fund that it organizes and offers under certain circumstances.

Based on September 30, 2018 call report data, this change to the Volcker Rule exempted approximately 97.5% of the 5,486 U.S. depository institutions. Only 0.15% of depository institutions had trading assets equal to at least 5% of their total assets.

Section 205: – SynopsisThe Federal Deposit Insurance Act will be amended to require federal banking agencies to issue regulations allowing small depository institutions, less than $5 billion in assets, to satisfy reporting requirements with a shorter or simplified Report of Condition and Income (the Call Report) and to file these only after the first and third quarters.

Effective Date: The effective date is not stated. While it may be effective immediately changes to existing regulations are anticipated.

Update: On June 26, 2019, the three agencies published a final rule expanding the eligibility to file the FFIEC 051 report of condition, which is the most streamlined version of the call report.

Section 206: SynopsisThe Home Owners’ Loan Act will now permit federal savings associations with assets under $20 billion to operate under the Office of the Comptroller of the Currency (OCC) with the same rights and duties as national banks, without requiring a change in its charter. OCC regulations will be required to complete this.

Effective Date: The effective date is not stated. While it may be effective immediately changes to existing regulations are anticipated.

Update: The OCC has issued a final rule to implement a new section of the Home Owners’ Loan Act. The new section allows a Federal savings association with total consolidated assets equal to or less than $20 billion, as reported by the association to the Comptroller as of December 31, 2017, to elect to operate as a covered savings association. A covered savings association has the same rights and privileges as a national bank and is subject to the same duties, restrictions, penalties, liabilities, conditions, and limitations as a national bank. A covered savings association retains its Federal savings association charter and existing governance framework. The new rule, published as a new part 101 of title 12 of the CFR, is effective July 1, 2019.

Section 207: Synopsis – The Federal Reserve Board (FRB) must increase the consolidated asset threshold (permissible debt level) for a bank holding company or savings and loan holding company (BHCs) that is not engaged in significant nonbanking activities, does not conduct significant off-balance-sheet activities and does not have a material amount of debt or equity securities, other than trust-preferred securities, outstanding, from $1 billion to $3 billion. The FRB may exclude a company from this threshold increase if warranted. Currently the FRB allows BHCs under $1 billion in assets to take on more debt in order to complete a merger than it would a larger BHC.

Effective Date: The effective date is not stated. While it may be effective immediately changes to existing regulations are anticipated.

Update: On August 28, 2018, the FRB issued an interim final rule which raises the asset threshold for relief under the FRB’s small bank holding company policy statement from $1 billion to $3 billion. It also applies to savings and loan holding companies with less than $3 billion in total consolidated assets. The interim final rule is effective upon publication but the regulatory agencies will accept comments for 30 days after publication.

Section 208: SynopsisThe Expedited Funds Availability Act (implemented by Reg CC) will apply to American Samoa, the Commonwealth of the Northern Mariana Islands, and Guam. The Reg CC’s one-day extension for certain deposits in non-contiguous states or territories will also apply to these territories.

Effective Date: This section is effective 30 days after the laws signing, or June 23, 2018.

Update:  On June 24, 2019, the FRB and CFPB issued a final rule amending Reg CC. The changes include extending coverage to American Samoa, the Commonwealth of the Northern Mariana Islands, and Guam.

This change will be effective September 3, 2019.

This final rule also added cost of living adjustments (COLA) which are based on the Consumer Price Index for Urban Wage Earners and Clerical Workers. This is the first set of adjustments and provides that future changes will be made every five years. This change will go into effect July 1, 2020.

The adjustment impacts a number of dollar amounts incorporated into Subpart B – Availability of Funds and Disclosure of Funds Availability Policies of Reg CC including:

  1. The $200 rule under Sec.229.10(c)
  2. The $400 rule under Sec. 229.12(d)
  3. The $5,000 amount in sections. 229.13(a), (b) and (d)(2)

These COLA adjustments may impact your Funds Availability Disclosures given to customers and displayed as notices to customers in your lobby. These changes can also impact your training materials, training requirements. You have a year to implement this so there’s no hurry, but add it to your 2020 calendar now unless you elect to comply prior to the required implementation date.  Early compliance is allowed.

Since the changes are not detrimental to the customers (consumer and commercial)  with transaction accounts, prior notice will not be required. These changes expedite availability so (229.18(e)) Reg CC only requires a change notice not later than 30 days after implementation.

Section 210: SynopsisThese revisions raise the asset threshold from $1 billion to $3 billion allowing more banks to be eligible for an 18-month examination cycle instead of a 12-month cycle. If a bank has less than $1 billion in assets and meets specified criteria related to capital adequacy and scores received on previous examinations, it may be examined only once every 18 months. The federal banking agencies will have to determine if qualified banks already scheduled for an exam under the 12-month cycle will be rescheduled for the longer 18 months.

Effective Date: The effective date is upon enactment. While it may have been effective immediately changes to existing regulations were published in September 2018.

Update: Sep. 10, 2018 (OCC Bull 2018-27)  The OCC, FDIC and FRB published an interagency interim final rule amending the regulations governing eligibility for the 18-month on-site examination cycle. To qualify for the extended 18-month examination cycle, a bank with

  1. less than $3 billion in total assets must be
  2. 1- or 2-rated,
  3. be well capitalized,
  4. not be subject to a formal enforcement proceeding or order from a federal banking agency, and
  5. not have experienced a change of control in the preceding 12-month period. Additionally, a national bank or federal savings association
  6. must have a management rating of 1 or 2 to qualify.

On December 21, 2018 the Federal banking agencies issued final rules that adopted without change the interim final rules were made final.

Section 214SynopsisThis allows a bank to classify certain commercial credit facilities that finance the acquisition, development, or construction of commercial properties as regular commercial real estate exposures instead of high volatility commercial real estate (HVCRE) exposures for risk-weighted capital requirement calculations and the federal banking agencies may not subject a bank to higher capital standards with respect to HVCRE exposure unless the exposure is an HVCRE acquisition, development, or construction (ADC) loan.

An HVCRE ADC loan is secured by land or improved real property, has the purpose of providing financing to acquire, develop, or improve the real property such that the property becomes income-producing; and is dependent upon future income or sales proceeds from, or refinancing of, the real property for the repayment of the loan.

Effective Date: The effective date is upon enactment. While it may be effective immediately changes to existing regulations are anticipated.

Update: On September 18, 2018, the regulatory agencies issued a proposed rule implementing this provision. The new law limits the exposures subject to a 150 percent risk weight to only those high-volatility commercial real estate loans that fall under the statutory “HVCRE ADC” definition. The proposal defines these loans as secured by land or improved real property with the purpose of providing financing to acquire, develop or improve the real property such that the property would become income producing; and is dependent upon future income or sales proceeds from, or refinancing of, the real property for repayment of the loan.

An additional proposal to expand on the September 2018 proposal has been made by the OCC, FDIC and FRB in June 2019. It has not been published in the Federal Register as of the production of this update but the comment period will extend for 30 days after being published. This new proposal adds language to the definition of HVCRE exposure providing that the one-to-four-family residential property exclusion would not include credit facilities that solely finance land development activities, such as the laying of sewers, water pipes and similar improvements to land without any construction of one-to-four-family structures. The agencies are seeking feedback

Section 215: SynopsisThe Social Security Administration (SSA) will develop a database for verification of consumer information upon request by a certified financial institution. An E-SIGN’ed consent Verifications will be provided only with the consumer’s consent and in connection with a credit transaction. Users of the database shall pay system costs as determined by the SSA.

Effective Date: The effective date is not stated. While it may be effective immediately changes to existing regulations are anticipated.

Update: The Social Security Administration published a notice announcing the initial enrollment period for a new electronic Consent Based Social Security Number (SSN) Verification (eCBSV) service. SSA will roll out the service to a limited number of users in June 2020, and plans on expanding the number of users within six months of the initial rollout. All interested permitted entities must apply during this initial enrollment period to be eligible to use the new eCBSV service during either the initial rollout or subsequent planned expansion. Permitted entities that do not apply during the initial enrollment period must wait until the next designated period after the planned expansion to apply for enrollment. The initial enrollment period for permitted entities will begin on July 17, 2019, and remain open until the period closes on July 31, 2019. In accord with statutory requirements, permitted entities will be required to provide payment to build the new eCBSV system.

Section 301: SynopsisThe Fair Credit Reporting Act (FCRA) will increase the length of time a consumer reporting agency must include a fraud alert in a credit file from the current 90 days to at least one year.

It will require consumer reporting agencies to provide a consumer with free credit freezes and to notify them of this availability. It will establish provisions for placement and removal of freezes, and creates requirements related to the protection of the credit records of minors.

The FCRA now requires that whenever a consumer is required to receive a summary of rights required under FCRA’s Section 609, a notice of consumer rights regarding the new security freeze right must be included. This includes for employment purposes discussed at the “Effective Date” of this section.

Effective Date: This section is effective 120 days after the laws signing, or September 21, 2018.

Update: The Bureau published an interim final rule on September 18, 2018 which contained the new “Summary of Consumer Rights” in both English and Spanish. Each is available at

Section 604(b)(2) of the FCRA requires a summary of rights notice to employees and prospective employees when a credit report is used in the hiring process. One requirement is that as part of the hiring process the bank must give the applicant or employee notice in advance that a credit report may be obtained, include a written description of consumer rights and have that person’s consent to access the credit file. If your credit report vendor provides the bank with a copy of the summary at the same time it provides the report to the employer, ensure everything is updated.  The credit report provider does not have to provide a copy with each report if it “has previously provided” the summary. Many vendors are likely relying on this provision.  If a new one was sent, remove your outdated versions of the notice.

Section 302: Synopsis – Medical debt could not be included in a veteran’s credit report until one year has passed from when the service was provided.

A new dispute process and verification procedure will be created when the veteran’s medical debt in a consumer credit report. It establishes a dispute process for veterans so that a credit reporting agency must remove information related to a debt if the veterans notifies it and provides documentation showing the Department of Veterans Affairs is in the process of making payment.

Finally, this section requires credit reporting agencies to provide free credit monitoring to active duty military members that would alert them to material changes in their credit scores.

Effective Date: This section is effective one year after the laws signing, or May 24, 2019. Changes to regulations are anticipated.

Update: June 28, 2019, The Federal Trade Commission has published a final rule to implement the credit-monitoring provisions applicable to active duty military consumers. The final rule defines “electronic credit monitoring service,” “contact information,” “material additions or modifications to the file of a consumer,” and “appropriate proof of identity,” among other terms. It also contains requirements on how NCRAs must verify that an individual is an active duty military consumer. Further, the final rule contains restrictions on the use of personal information and on communications surrounding enrollment in the electronic credit monitoring service.

The amendments are effective July 31, 2019. Compliance is not required until October 31, 2019. They changes do not require any action by financial institutions.

Section 304: SynopsisThe sunset provision of the Protecting Tenants at Foreclosure Act was repealed, restoring notification requirements and other protections related to the eviction of renters in foreclosed properties. (The Act expired on December 31, 2014.)

As a refresher, this applies to a federally related mortgage or any dwelling or residential property. A tenant for these purposes is a person in possession of the property with or without a lease, provided:

  • The occupant is not the mortgagor or the child, spouse or parent of the mortgagor;
  • The lease or tenancy was the result of an arm’s-length transaction; and
  • The lease or tenancy requires the receipt of rent that is not substantially less than fair market rent for the property, or the unit’s rent is reduced or subsidized due to a federal, state or local subsidy.

A party acquiring the property through foreclosure or as a successor in interest to the purchaser takes the property subject to the rights of a tenant, and a tenant without a lease or with a lease terminable at will under state law is entitled to a 90-day notice before the owner may commence eviction proceedings. The tenant may not be evicted until the end of the lease term. There is an exception for purchasers who will occupy the property as a primary residence, although a 90-day notice must still be delivered before commencing an eviction.

Effective Date: This section is effective 30 days after the laws signing, which was June 23, 2018.

Update: The Federal Reserve issued Consumer Affairs Letter CA-18-4 on June 22, 2018. This addresses the restoration of the Protecting Tenants at Foreclosure Act and it provides background information The Board also issued compliance examination procedures for the Act. The law protects tenants from immediate eviction by persons or entities that become owners of residential property through the foreclosure process, and extends additional protections for tenants with U.S. Department of Housing and Urban Development Section 8 vouchers.


Exam procedures

Section 307Synopsis

The Consumer Financial Protection Bureau must extend ability-to-repay regulations to Property Assessed Clean Energy (PACE) loans which retrofit homes (as well as commercial and ag property) for energy efficiency but are often financed at high interest rates with 100% financing and 20 years to repay. The debt stays with the property and is controlled locally via a Dept. of Energy program.

Effective Date: The effective date is not stated. While it may be effective immediately changes to existing regulations are anticipated.

On March 4, 2019 the Bureau published an advanced Notice of Proposed Rulemaking to gather information for consideration. PACE financing is dependent on state enabling laws. It is typically used to finance clean energy projects, disaster resiliency improvements, and water conservation measures. Loans are repaid over a number of years via an annual assessment on municipal property tax bills.

The Bureau will consider the information it receives in response to its ANPR to develop a Notice of Proposed Rulemaking. The information solicited will enable the Bureau to better understand the market and unique nature of PACE financing. This will help the Bureau formulate proposed regulations that not only would achieve statutory objectives but also would reflect a careful consideration of costs and benefits. Comments on the ANPR were open for 60 days.

Title IV is targeted at large banks and addresses changes in Bank Holding Company (BHC) rules.

Section 401SynopsisThe Financial Stability Act of 2010 was amended with respect to nonbank financial companies supervised by the FRB and certain bank holding companies, to:

  • increase the asset threshold at which certain enhanced prudential standards shall apply, from $50 billion to $250 billion, while allowing the FRB discretion in determining whether a financial institution with assets equal or greater than $100 billion must be subject to such standards;
  • increase the asset threshold at which company-run stress tests are required, from $10 billion to $250 billion;
  • and increase the asset threshold for mandatory risk committees, from $10 billion to $50 billion.

Effective Date: This section is effective 18 months after the law’s signing, or November 2019, less changes to any bank holding company with total consolidated assets of less than $100 billion, which are effective immediately.

Update December 2018 – The FDIC and other agencies published a notice of proposed rulemaking amending stress testing requirements to reflect the new $250B threshold instead of the older $10B. Additional updates include:

Tailoring Capital and Liquidity Rules for Foreign Banking Organizations, Proposed rule May 24, 2019 – The proposed amendments establish risk-based categories for determining the application of the resolution planning requirement to certain U.S. and foreign banking organizations and a proposal by the agencies to extend the default resolution plan filing cycle, allow for more focused resolution plan submissions, and improve certain aspects of the Rule. Comments closed June 21, 2019.

Section 402: Synopsis – This requires the appropriate federal banking agencies to exclude, for purposes of calculating a custodial bank’s supplementary leverage ratio, funds of a custodial bank that are deposited with a central bank. The amount of such funds may not exceed the total value of deposits of the custodial bank linked to fiduciary or custodial and safekeeping accounts.

Effective Date: The effective date is not stated. While it may be effective immediately changes to existing regulations are anticipated.

Supplementary Leverage Ratio for Custodial Banks, This proposed rulemaking was published April 30, 2019

Section 403: Synopsis – The Federal Deposit Insurance Act will now require certain municipal obligations to be treated as level 2B liquid assets if they are investment grade, liquid, and readily marketable. Under current law, corporate debt securities and publicly traded common-equity shares, but not municipal obligations, may be treated as level 2B liquid assets (which are considered to be high-quality assets).

The FRB, FDIC and OCC issued an interim rule on this on August 31, 2018 which was in the Federal Register, Vol. 83, No 170, Pg. 44451.

Effective Date: The effective date is not stated. While it may be effective immediately changes to existing regulations are anticipated.

Update: On May 30, 2019, the FDIC issued a press release announcing that the final rule will adopt without change the agencies’ interim final rule issued in August 2018, amending their liquidity coverage ratio (LCR) rules to treat certain eligible municipal obligations as high-quality liquid assets (HQLA).

The rule takes effect 30 days after publication in the Federal Register. This now treats liquid, readily marketable and investment-grade municipal securities as HQLA for the purposes of the LCR, one of the Basel III liquidity regimes.

July 2019 OBA Legal Briefs

  • How to Write Suspicious Activity Reports (SARs)
  • EGRRCPA Status Update (Part 1)

How to Write Suspicious Activity Reports (SARs)

By Roy L. Adams

Introduction. Hello, readers! I am a second-year law student at Oklahoma City University School of Law, and a legal intern working for your OBA’s Legal and Compliance Team. Just based on that sparse information, you are probably asking, “Why should I trust what you have to say?” Let me give you some of my background to alleviate trust issues.

Before embarking on the daunting but worthwhile experience of law school, I worked for Cabela’s Club Visa as an Anti-Money Laundering and Bank Secrecy Act Analyst.  As impressive as that title sounds, I really need to tell you how I got that position in the first place.

It all began when I worked as a linguist with the Marines in Iraq. I learned how terrorists move money, where they get their money, and what types of systems they used to send money domestically and overseas. This experience provided me practical knowledge of how money can be moved around undetected. That knowledge allowed me to land a job where I could put what I learned to good use benefitting my employer.

In 2001, Cabela’s chartered a national bank to provide support for their co-branded Visa credit card. At Cabela’s, there were only three employees and our manager, and we ran the anti-money laundering parameters for the bank, which had assets over four billion dollars. Through brain and bronze, the four of us were able to handle this difficult job. Even after I obtained my master’s degree, I stayed with Cabela’s bank for several years. When Capital One purchased Cabela’s bank, I transitioned to Capital One and a new title: Anti-Money Laundering Investigator. Capital One flew our team to its headquarters to meet with their investigators and exchange information on how we perfected ways to monitor accounts and to write SAR narratives.

Having established my credentials, you can read this article assured the information about SAR writing did not just come out of some mystical void.


Let’s start with some basics. Businesses monitor unusual activities based on the services they offer, and as a result, a SAR will vary depending on the company. What I am about to share with you are general guidelines on what should be included in your SAR narrative. SARs are challenging to write because federal regulators tell us neither what they are looking for nor what we should be monitoring to satisfy the federal requirements. Despite this, institutions should use their best efforts to monitor for unusual activities.

What to include

In writing a SAR, the drafter should tell a story. Dry and choppy paragraphs make the reader lose interest in the content and merely skim it rather than digesting the value of the SAR’s information. In order to tell an effective story that a reader would benefit from, you need to answer the 6Ws: Who, What, When, Where, Why, and How.

The Who. It is a simple question to answer. The “Who” references the account holder, entity, known or unknown fraudsters, etc., that triggered the SAR. It is here that you will tell the federal investigators the actual name of the person or business you are filing a SAR on. For example, a customer made an excessive number of cash advances. The SAR should refer to the customer by name. Once you identified the customer’s name then you can refer to him/her as the subject if he/she was the subject of the investigation. Why should you do this? It is because you save federal investigators time wasted to scroll through the SAR form to find out the actual name of the person.

The What. The answer to this question is: What was the unusual activity that occurred? Let’s say they have been withdrawing cash or suddenly start depositing a lot of cash. Another example would be a customer engaging in transactions in areas known for illegal activities.

The Where. Where did the unusual activity take place? You should state in the SAR: “In the city of Oklahoma City, Oklahoma, John Smith, (“the subject”), made 30 ATM transactions totaling $15,000 between 01/01/2019 and 04/01/2019, behavior consistent with cash structuring.” The point of being so specific is to supply every detail the federal investigators need to know in a concise manner. They should have no additional questions regarding where the transactions took place, the number of transactions, the dollar amount involved, the type of unusual behavior, and the review time period. This helps the federal investigators aggregate the information with SARs submitted by other institutions. This is a nice sweet sentence that tells a story without confusing the reader.

The Why. Why are you filing a SAR on this account or on this business? Why was the activity unusual? Or why did it trigger an alert on the system? It is here you would mention, for instance, the type of account such as: “Cash advances are made from the subject’s saving account.” This is inconsistent behavior for an account of this type. Another example could be “The subject makes a purchase for more than $5,000 at a fast food restaurant or a nail salon.” This behavior of spending pattern is inconsistent for this type of merchant and the subject, but this activity is consistent with human trafficking.

The How. How did the activity occur? For example, “The subject has a personal account and has a total of eight or ten authorized users on it at any one time, with only $1,000 spent during the lifetime of the account. At 4 to 6-week intervals, the subject calls in and removes five authorized users and replaces them with new authorized users.” The spending pattern on the account does not support a commercial account, all the authorized users are unrelated to each other and do not share a common address or anything else. This pattern of activity is consistent with synthetic identification creation. The How should explain to the reader the method the subject used that made his/her activity unusual.

Organization of SAR narrative

Now that you have an idea about what you should include in your SAR, I will address how you should organize the SAR. Drawing from experience, federal auditors/investigators go straight to the narrative. The first thing they read is the introductory paragraph. This paragraph should tell federal investigators why they should keep reading. Therefore, the first paragraph should include the subject’s name, type of unusual activity, type of account, total amount in question, date range, and why the behavior is unusual.

The next paragraph is where you describe the steps you took to investigate/analyze the account. It is here that you would mention what occurred, where it occurred, and any KYC, CDD, or EDD performed on the account, and the findings prior to the filing. Also, if you are filing a continuing SAR on the same person or business, then you should include in your SAR narrative the prior SAR ID and a brief summary of what the prior SAR concerned. This lets federal investigators know right away that the person has multiple SARs filed on them.

The final paragraph of the narrative is the conclusion. In this paragraph the bank should mention any number of items including: the account balance, credit limit at the opening date and whether that has increased or decreased since that time, date the account was opened, and its current status, i.e., whether it is open or has been closed. If the account has been terminated, add the closure date. You will also include how the application was submitted—in person, by mail, by phone, or internet. If it was done online, then include the IP address if available. If the application was submitted in person, by mail, or over the phone, then include the city and state where the application was received. If applicable, state the amount of the institution’s loss. I realize that all this information can be found in various fields on the SAR form but placing it in the conclusion makes it accessible to federal investigators without having to scroll up and down between pages. Think about how much “joy” you get from scrolling up and down in Reg Z to interrelate the information, and you will understand why I recommend consolidating it in one location.

General good practices

Writing the SAR should not be complicated. Just remember you are telling a story. Do it the same way as you would tell a story to your friend, your child, or a stranger at a bar. The story must be logical for it to make sense to the other person. If your story is choppy or does not make sense, then the person is going to walk away. Similarly, if your SAR does not make sense, the federal investigators are going to walk away from it and move on to the next narrative.

When I was writing a SAR, I would literally highlight each sentence and read it. It helped me understand what I wrote frame by frame rather than looking at the entire narrative. If necessary, the bank may have a “dedicated review team” to read over the narrative to make sure it flows smoothly and to eliminate grammatical and mathematical errors.

If you do not have an expensive software program to run the math, then develop an Excel spread sheet. There are a lot of helpful videos on YouTube to teach you how to write formulas in Excel. Never do math manually. It will suck up all your time and make your eyes cross. I did that originally, and it was not efficient.

This is where the employer can play a role. There is an Excel certification program through Microsoft. Employers can incentivize their employees to enroll in it. I think this is a practical certification for employees to obtain, especially when the institution does not have the funds to purchase software to run the SAR calculations.

Do not criminalize account holders for using services your institution offers. What do I mean by that statement? For example, your bank offers overseas wire transfers, and people use this service. As a result, people who trigger the system for overseas wire transfers get slammed with a SAR because the activity is inherently unusual. A service offered should not result in a penalty unless this is out of the ordinary course of activity/business for the subject. Not every person who conducts an overseas wire transfer is worthy of a SAR. Some institutions would say “Let’s just file a SAR on that person or that entity; what is the worst thing that could happen?” This is a lazy way of conducting business because you are increasing your institution’s workload as well as that of the federal investigators. As bank officials, we should not be taking the easy way out when we cannot reach a decision on whether a SAR should be filed. Do more research and analysis on the account until you reach a decision.

Some institutions do not set a SAR filing limit. This means an institution files numerous SARs on the same person or entity for the same activity. This results in unnecessary work for the bank. It would be a good idea to institute policy and procedure regarding a set number of SARs and establish a cut off number. For example, the subject keeps alerting the system for structuring for more than a year and requiring multiple continuation SARs. If the bank’s policy sets the maximum number of SARs for the same person or activity at some reasonable number, and when that number is reached, the account will be considered for closure due to noncompliance with terms and conditions of an account, SAR workload can be decreased. It is imperative that you document the steps and the reasons why the bank decided to close the account.

When writing numbers in the SAR narrative such as dates, it is important to use the full date. Follow the standard practice of using MM/DD/YYYY. Why should you do it this way? The reason is: Federal investigators aggregate the dates, and it is easier for the system to recognize and pick up those dates in this format.

Things not to say

In the narrative, do not refer to a cardholder or accountholder as the “suspect.” I read many SARs that refer to the cardholder as the suspect; this is simply incorrect.  In order to designate a suspect, you must do a lot of investigation. I do not mean just digital investigation, but actual physical investigation, which we are simply not equipped to do. We are not law enforcement personnel, and only law enforcement can designate who is a suspect. Refer to the cardholder as a subject. If the cardholder is not the subject of the investigation, then just refer to them as cardholder or accountholder. You would state in the SAR “John Smith, (‘the subject’), is a credit cardholder.” Thereafter, you can refer to John simply as the subject.

Another thing to avoid is the use of your bank’s internal terminologies. For instance, your bank has a money market deposit account denominated as a “Super Saver Account” or refers to certain real estate loans held in portfolio as “IB mortgages.” Do not incorporate your company’s internal terminology into the SAR narrative. This is important. While these terms make sense to you, the reader who is unfamiliar with your company’s internal lingo is left scratching his/her head. Keep the SAR in plain English using terms that everyone understands. For example, do not say “John Smith triggered the golden standard.” This terminology will make sense to you, but to an outsider, it means nothing. If the golden standard is the cash advance report, then just say, “John Smith triggered the cash advance report.”

Finally, refrain from using the term “suspicious activity.” This phrase implies that the cardholder is doing something illegal. It’s better to say, “unusual activity.” If a cardholder triggers the system once or twice, does that make his/her activity “suspicious?” The answer is no. It means that the cardholder conducted a transaction that was unusual when compared to his/her spending pattern. “Suspicious” is a strong word that we should not use lightly. We are not law enforcement agents who are qualified to deem activity “suspicious”; instead, our job is to aid and assist law enforcement in doing theirs.


If you follow the approach that I highlighted in answering the Who, What, When, Where, Why, and How questions, the SAR narrative will look noticeably different. Remember you are telling a story to a stranger who has no information other than what you are providing them. Tell a story that any layperson can follow and understand; keep it simple. If you would like to brainstorm ideas with me about how to create a SAR template for your institution, I would be happy to help. Just reach out to the OBA Legal and Compliance Team and get connected.

EGRRCPA Status Update (Part 1)

By Andy Zavoina

On May 24, 2018, the president signed the Economic Growth, Regulatory Relief, and Consumer Protection Act (EGRRCPA), also sometimes referred to as S.2155. EGRRCPA is intended to relieve pressure on community banks, appropriately assigning risk where there is more chance of loss. Larger banks have more cost efficiencies and can also absorb more loss without any disruption to their bottom lines. For example, the CFPB estimated in its HMDA rulemaking that the additional costs on banks with minimal complexity (those providing relatively few mortgages) would be roughly $23 per application for closed-end mortgages. It would be just $.10 to $.20 cents for banks producing greater volumes of loans. Estimates of EGRRCPA‘s effects were that 85% of banks would have received a HMDA exemption, but the vast majority of mortgage loans would still be reported. The result is that the fair lending uses for HMDA data will be preserved because the high-volume reporters are the main sources of those data.

This update will serve as a reference for those sections that have been implemented or are well on the way. There is a good deal of progress.

EGRRCPA is broken into six titles, each dedicated to a separate topic:

  1. mortgage credit,
  2. regulatory relief for community banks and increased access to credit for customers,
  3. the credit reporting industry and access to credit especially by servicemembers, veterans, students
  4. holding companies,
  5. capital, and
  6. student borrowers.

Here are the updates so that you can ensure compliance, lending, finance and operations are all working from the same recipe.

Section 103Synopsis – In response to a lack of qualified appraisers, this section amends FIRREA to exempt general requirements for independent home appraisals in rural areas where the bank has contacted three state-licensed or state-certified appraisers who could not complete an appraisal in a reasonable amount of time. Loans less than $400,000 would not require an appraisal, but if there is no appraisal the ability to sell a loan would be restricted.

Effective Date: Not stated, .but regulatory changes are needed for implementation

Update: A notice of Proposed Rulemaking was published in the Federal Register on December 7, 2018, raising the threshold for residential real estate transactions requiring an appraisal to $400,000 from the current $250,000 threshold. This proposal requires that residential real estate transactions exempted by the threshold include an evaluation consistent with safe and sound banking practices. Evaluations provide an estimate of the market value of real estate, but appraisal regulations do not require evaluations to be prepared by state licensed or certified appraisers.

The proposal would also require institutions to review appraisals for compliance with the USPAP, as mandated by the Dodd-Frank Act.

Certain High-Priced Mortgage Loans would still require appraisals and not be exempted by this rule and not eligible for the appraisal exception. Other exceptions also apply:

  1. The property must be located in a rural area;
  2. The financial institution must retain the loan in portfolio, subject to exceptions; and
  3. Not later than three days after the Closing Disclosure is given to the consumer, the financial institution or its agent must have contacted not fewer than three state certified or state licensed appraisers, as applicable, and documented that no such appraiser was available within five business days beyond customary and reasonable fee and timeliness standards for comparable appraisal assignments.

Section 104: Synopsis – HMDA was amended so that banks that originated fewer than 500 closed-end mortgages and fewer than 500 open-end mortgages in each of the last two years and have a Satisfactory or better CRA rating will essentially enjoy a roll back of some rules to pre-2018. This allows the banks reporting fewer loans to avoid in-depth reporting requirements.

Update: On October 10, 2018, the FDIC published FIL-58-2018 addressing the Interpretive and Procedural Rule on Partial Exemptions from HMDA Requirements from the CFPB. This applies to banks with total assets less than $1 billion.

The Bureau’s rule provides clarifications related to the following matters:

  • Data Points Covered by the Partial Exemptions: The rule identifies 26 data points covered by the partial exemptions and 22 other data points that all HMDA reporters must collect, record, and report.
  • Loans Counted Toward the Partial Exemptions’ Thresholds. The Bureau interprets the terms “closed-end mortgage loan” and “open-end line of credit” in the Economic Growth Act to include only those closed-end mortgage loans and open-end lines of credit that otherwise are reportable under Regulation C.
  • Exception Based on Community Reinvestment Act Examination Reports. The Bureau interprets the Act to provide that the determination of which CRA examinations are the two most recent is made as of December 31 of the preceding calendar year.
  • Non-Universal Loan Identifier. If an IDI eligible for a partial exemption chooses not to report a universal loan identifier, the IDI must report a non-Universal Loan Identifier unique within the IDI.
  • Permissible Optional Reporting of Exempt Data Points. An eligible IDI may voluntarily report data points that are covered by the Act’s partial exemptions. However, if the IDI reports any data field for such a data point, it must report all data fields associated with that data point. For example, if an IDI voluntarily reports street address for a transaction, it must also report zip code, city, and state for that transaction.

On May 2, 2019, the Bureau proposed HMDA threshold and other changes in a Notice of Proposed Rulemaking (NRPM) and an Advanced Notice of Proposed Rulemaking (ANPR).

For closed-end mortgage loans, the NPRM proposes two alternatives that would permanently increase the coverage threshold from 25 to either 50 or 100 closed-end mortgage loans. For open-end lines of credit, it would extend for another two years the current temporary coverage threshold of 500 open-end lines of credit. Once that temporary extension expires, the NPRM would set the open-end threshold permanently at 200 open-end lines of credit.

The ANPR solicits comments about the costs and benefits of collecting and reporting the data points the 2015 HMDA Rule added to Regulation C and certain preexisting data points that the 2015 HMDA Rule revised. The ANPR also seeks comments about the costs and benefits of requiring that institutions report certain commercial-purpose loans made to a non-natural person and secured by a multifamily dwelling.

The NPRM is available at:

The ANPR is available at:

The comment periods on both the NPRM and ANPR have been extended to October 15, 2019.

Section 203: Synopsis – The Bank Holding Company Act was amended to exempt certain banks from the “Volcker Rule” when they have less than $10 billion in assets, and trading assets and liabilities comprising not more than 5% of total assets (the Volcker Rule prohibits banking agencies from engaging in proprietary trading or entering into certain relationships with hedge funds and private-equity funds); and

Section 204: Synopsis –  Volcker Rule restrictions on entity name sharing are eased in specified circumstances.

Effective Dates 203 & 204: Effective upon enactment but requires regulatory amendments.

Update: December 18, 2018 – The FDIC, FRB, OCC, SEC, and the U.S. Commodity Futures Trading Commission issued a notice of proposed rulemaking to amend regulations implementing the Volcker Rule consistent with the statutory amendments made by Sections 203 and 204. These statutory amendments modified the Volcker Rule to exclude certain community banks from the Volcker Rule and to permit banking entities subject to the Volcker Rule to share a name with a hedge fund or private equity fund that it organizes and offers under certain circumstances. The FDIC issued FIL-86-2018 regarding the proposal.

The changed made by EGRCCPA provide that the Volcker Rule does not apply to an institution that does not have (A) more than $10 billion in assets and (B) trading assets of more than 5%. This is a two-pronged test. Yahoo Finance provided an analysis of the statute and the proposal and argues that failing either criterion A or B would appear to be enough to qualify for the exemption, because (A and B) is not true if either A or B is false. However, under the regulation, both A and B must be false in order to qualify for the exemption. This could provide grounds for an institution that has more than $10 billion in assets, but trading assets of less than 5% of their assets, to challenge the statutory authority for applying the Volcker Rule to them. That did not appear to be the intent of the law and a court may have to decide that if a case was presented to it.

Based on September 30, 2018, call report data, this change to the Volcker Rule would exempt approximately 97.5% of the 5,486 U.S. depository institutions. Only 0.15% of depository institutions had trading assets equal to at least 5% of their total assets.

Section 201: Synopsis – The banking agencies must develop Community Bank Leverage Ratios (the ratio of a bank’s equity capital to its consolidated assets) and set a threshold of between 8 and 10% for well capitalized banks with assets of less than $10 billion. (This is currently 5%.)  Banks that exceed this ratio shall be deemed to be in compliance with all other capital and leverage requirements. The agencies may consider a company’s risk profile when evaluating whether it qualifies as a community bank for purposes of the ratio requirement.

Effective Date: The effective date is not stated, but regulatory changes are needed.

Update:  A Notice of Proposed Rulemaking was issued by the OCC, FRB and the FDIC, on November 28, 2018, and published February 8, 2019. This request for comment would simplify regulatory capital requirements for qualifying community banking organizations. The comment period ended in April 2019.

Community banks would be eligible to elect the community bank leverage ratio framework if it has less than $10 billion in total consolidated assets, limited amounts of certain assets and off-balance sheet exposures, and a community bank leverage ratio greater than 9 percent. A qualifying community banking organization that has chosen the proposed framework would not be required to calculate the existing risk-based and leverage capital requirements. Such a community banking organization would be considered to have met the capital ratio requirements to be well capitalized for the agencies’ prompt corrective action rules provided it has a community bank leverage ratio greater than 9 percent.

Section 202: Synopsis – The Federal Deposit Insurance Act will be amended to exclude reciprocal deposits of an insured depository institution from certain limitations on prohibited broker deposits if the total reciprocal deposits of the institution do not exceed the lesser of $5 billion or 20% of its total liabilities. The bank must have a composite condition of outstanding or good and be well capitalized. These deposits are also subject to limitations on interest rates paid. This will allow smaller banks previously hampered by FDIC premiums to compete with larger banks for larger deposit accounts.

Effective Date: Upon enactment, but regulatory changes are required.

Update: The FDIC published a proposed rule on September 12, 2018. As proposed, a well-capitalized and well-rated bank would not be required to treat reciprocal deposits as brokered deposits up to the lesser of 20 percent of its total liabilities or $5 billion. A bank that is not both well-capitalized and well-rated may also be able to exclude reciprocal deposits as brokered deposits under certain circumstances.

On December 18, 2018, the FDIC authorized publication of (1) the final rule on the treatment of reciprocal deposits, and (2) the advance notice of proposed rulemaking inviting comment on all aspects of the FDIC’s brokered deposit and interest rate regulations.

On March 8, 2019, the FDIC made technical amendments to the preamble of a final rule published in the Federal Register on February 4, 2019. The final rule relates to a limited exception for a capped amount of reciprocal deposits from treatment as brokered deposits. As published, several industry participants raised concerns about the meaning of a sentence in the preamble of the final rule. To avoid potential confusion, the FDIC amended the language effective when these clarifications were published.

The FDIC recognizes that the statute only limits the amount of reciprocal deposits an institution may ‘‘receive’’ in order to be considered an agent institution.

Watch for Part 2 next month.

We’ll wrap up our EGRRCPA status update in our August 2019 Legal Briefs.

June 2019 OBA Legal Briefs

  • New stuff!
  • Changes in UCCC amounts effective 7/1/19
  • CFPB’s Spring 2019 Regulatory Agenda


By Andy Zavoina

The Fair Debt Collection Practices Act (FDCPA) is a new hot topic. I’ve already heard you thinking. “but that affects third party collectors and I’m collecting only debts owed to us, so it doesn’t apply.” But that may not be the case very soon. The FDCPA has been with us since 1977 and the “collection landscape” has been through a complete transformation since then. Answering machines were not yet popular, and no one thought about email, voicemail and text messaging. On top of that the lending landscape is greatly different as well. Technologies have changed, cultures have changed, and the existing rules are antiquated. When there was a question that tried to apply 1977 rules to a twenty-first century situation, many debtors and collectors turned to the courts for answers, because there was no federal authority writing rules under the FDCPA or “owning” them. The Federal Trade Commission issued interpretations, but they were not binding, and court rulings were not consistent, adding to the confusion on all sides.

The Consumer Financial Protection Bureau (CFPB) was assigned authority under the Dodd-Frank Act to address this issue and they published an interim rule in 2011 (made final in 2016) that covered the process for states to apply for exemption from the federal statute based on the existence of a similar state law or regulation. The Bureau also issued an advance notice of proposed rulemaking asking for information on debt collection procedures (the comment period and an extension expired in February 2014). Now, in 2019, we get proposed rules intended to update the FDCPA regulation, but we must recognize these first proposals are informed by comments that are already at least five years old (and by the Bureau’s experience in regulating – and litigating in the debt collection space. It is a slow pace by which we’ve reached this proposal, but it’s time to make a hole on your bookshelf or hard drive for Regulation F, as that is the FDCPA’s new home.
Many readers will also recall most banks could ignore the law and those early proposals because they were all directed at third party debt collectors working debts owed to others, like those your bank may send out. The CFPB had planned to later release a second version which would be similar but directed at first party collectors. Then the dominant parties in Washington changed and that second version was put on the shelf and retired. Many bankers breathed a sigh of relief believing they had dodged a bullet at a time when they were dealing with major changes in lending regulations.

Another task the CFPB has is to handle complaints from consumers. Consistently, when reports are compiled about these complaints, debt collection issues rank in the top two and historically is the number one complaint from consumers. Yes, I hear you, deadbeats will complain to try and get out of their debts. But there are far too many cases of collectors attempting to collect more money than is owed and on debts for which the person is not obligated to pay for one reason or another. The sheer volume of complaints tells everyone the system is broken and needs to be fixed. On May 21, 2019, round three started and we have a serious contender in this proposal which is open for comment through August 19, 2019.

Here is the rub. The advance copy of the new proposal is 538 pages long and you will not want to read it for entertainment no matter how much of a page turner it is. [The official Federal Register (single-spaced, small print) publication of the proposal is 145 pages of small print!] The proposal still defines a debt collector as a third-party collector and some bankers will stop there, because that means the proposed rule will not apply to them.

But it will, and here is why. Regulatory agencies and debtor’s attorneys have many arrows in their quivers, and they will shoot you where it hurts – right in the wallet — with whichever penalty works and costs you the most. We have seen this with other cases such as Regulation E. Some banks disclose that they follow Regulation E but then impose additional requirements. This is deceptive, and this is when the violation can be considered an Unfair, Deceptive or Abusive Act or Practice (UDAAP). The FDCPA proposal defines certain actions as abusive and deceptive and when, as a matter of law, an action is defined as such, you can reasonably anticipate those practices to then be enforced as UDAAP violations – even against first-party creditors. And this is one reason why banks should be familiar with the proposal and consider submitting a comment letter on issues management feels strongly about.

Another reason is that the bank will be in a better position to arrange for debts owed to them to be collected by third parties when it knows the rules up front and has, for example, complied with E-SIGN rules so that electronic communications are already approved by the debtor. It is easier when making a loan to complete the E-SIGN requirements and authorizations than when collecting it. CFPB Director Kathleen L. Kraninger said, “As the CFPB moves to modernize the legal regime for debt collection, we are keenly interested in hearing all views so that we can develop a final rule that takes into account the feedback received.” The CFPB is willing to accept your thoughts on the proposal; consider offering them.

The CFPB exists to protect consumers and as noted above, it receives many thousands of complaints about debt collections. There is no gray area, the goal of this FDCPA proposal is to strengthen those consumer protections. When I started in banking, my primary function was that of debt collector. I remember well how debtors dodged my calls and I was not alone. One “war story” I heard from a hard-core third-party collector was about when he called a residence and a child answered. Parents dodging calls had their kids answer often. He was told Mommy was not home by the little girl so he proceeded to befriend her a bit and then asked if she could write down a phone number for her mommy. He told her step by step, find mommy’s purse and get her lipstick and write this number on the wall!

In a very big Servicemembers Civil Relief Act case, the debtor reported, “…he and his wife began receiving debt collection calls. They report that Chase was sometimes calling three times a day; calls were made between 4 and 6 a.m. …” The Federal Trade Commission reports common tactics debt collectors use include telling a debtor he or she had committed a crime, like check fraud, and unless they paid the debt, they could be arrested, be sued, have their wages garnished and go to jail. Many collectors have harassed debtors, even after being provided with evidence that the debts had already been paid off. Some would illegally contact family, friends, and employers about past due debts. These bad apples are the catalyst for the strengthening of the FDCPA. It is intended to protect debtors from harassment and provide better information and processes to dispute a debt.

To accomplish this, the proposal would set limits on the number of weekly calls debt collectors can make to the debtor and clarify how they can communicate with the debtor. Additionally, it requires them to provide certain additional information about the debt to the debtor as a means of validation. The proposal would establish bright-line rules as to telephone communication by limiting debt collectors to no more than seven weekly attempts to reach a consumer about a debt. Once they reach a consumer, the collectors may have just one telephone conversation per week with that consumer about the debt. The regulation would clarify a consumer is protected by requiring debt collectors to send the debtors specific disclosures about the debt and additional consumer protections. The proposal would also clarify how debt collectors can communicate with consumers via voicemails, emails and text messages, and how consumers who don’t want to receive such communication can opt out. The proposed regulation would prohibit collectors from suing on debts that they knew or should have known had expired. And collectors will be prohibited from reporting consumer debt to a credit bureau until after they have informed the consumer.

Early in the proposal it states, “The proposal focuses on debt collection communications and disclosures and also addresses related practices by debt collectors.” This is evidenced with regards to debt servicing requirements lenders are already familiar with which was a point of conflict some years ago between mortgage servicing disclosures and the FDCPA. RESPA and mortgage servicing requirements promote communication with a borrower as to where the loan is, whom to pay, when, etc. The CFPB wrote the mortgage servicing rules in a way that enables loan servicers to send required communications without violating the FDCPA. To do this, the CFPB included a variety of exceptions and alterations to the mortgage servicing rules to avoid FDCPA risk.

The servicing rules have been evolving throughout this FDCPA update process. The CFPB issued Bulletin 2013-12 clarifying the interactions between the servicing rules and the FDCPA. Most recently, the CFPB issued the 2016 amendments to the mortgage servicing rules (effective in 2017 and 2018), which narrowed certain of the FDCPA-related exceptions.

Along with the 2016 servicing rule amendments the CFPB issued an Interpretive Rule which provided a safe harbor from FDCPA liability for complying with certain servicing rules. In general terms, the Interpretive Rule stated that: (1) communicating with a confirmed successor-in-interest (CSII), in accordance with the rules, does not violate the FDCPA prohibition on third party collection communications; (2) certain early intervention communications with a delinquent borrower, despite an FDCPA cease communication request, does not violate that provision of the FDCPA; and (3) communicating with a consumer regarding loss mitigation, despite an FDCPA cease communication request, does not violate that provision of the FDCPA, if the dialogue was initiated by the consumer.

The mortgage-specific provisions of the proposed debt collections rules, in part, pick up where the Interpretive Rule left off.

To reinforce what was in the Interpretive Rule, this proposal includes a special definition of a “consumer” for purposes of § 1006.6 dealing with decedent debt accounts. Definitions are still in § 1006.2. In the Interpretive Rule, the CFPB took the position that the special definition of a “consumer,” for specific purposes includes a type of individuals with whom a servicer needs to communicate about the mortgage loan.

Under the proposal, these persons would be deemed a “consumer” as it relates to: (1) the prohibitions regarding unusual or inconvenient times or places; (2) the prohibitions regarding consumers represented by an attorney; (3) the prohibitions regarding a consumer’s place of employment; (4) the prohibitions on communication with a consumer after a refusal to pay or cease communication notice; (5) communications with third parties; and (6) opt-out notices for electronic communications or attempts to communicate. In addition, this special definition of “consumer,” applies to the prohibited communication media provisions in the new Section 1006.14(h).

Speaking of definitions, “debt” is generally defined as it is under the Act, but the proposal adds a new category of debt called a “Consumer Financial Product or Service Debt,” which is a term incorporated from the Dodd-Frank Act. The idea is that certain of the rules apply to “debts,” and others to “Consumer Financial Products or Service Debts”.

The proposal allows for alternate content in the validation notice for loans subject to the mortgage periodic statement requirement in Reg Z, (§ 1026.41). Validation notices issued for these mortgages can omit certain items including the itemization date, amount of debt on the itemization date and the itemization of the current amount of the debt in a tabular format. This content can only be omitted, however, if the debt collector provides a copy of the most recent periodic statement provided to the consumer in accordance with Reg Z along with the validation notice and refers to the periodic statement in the validation notice. The Official Staff Commentary in the proposal contains a sample. All other validation notice will still be required.

The proposal clarifies how debt collectors may use technology to communicate with the debtors. Many technologies are new as compared to the FDCPA, voicemail, email and text messages to be specific and were not originally addressed in 1977. While these may now be used under the proposal, the debtors will also be allowed to opt-out or “unsubscribe” as it is sometimes referred to. There have been court cases involving calling an old cell number as an example and that counting it as a “call” so there is a new safe harbor proposed for unintentional communications with third parties via email or text message. Collectors must avoid using communications means that debtors request not be used. This is not dissimilar to a debtor now saying to not call again but revert to mail or some other method. Calls to cell phones and electronic communications generally are subject to the FDCPA’s prohibition on communicating at unusual and inconvenient times and places and collectors may still not use a debtor’s email that is known, or should be known, to be provided by that debtor’s employer. As to social media, only private messaging systems may be used to contact a debtor.

As to electronic disclosures, collectors must provide disclosures which can be retained/stored by the debtor. E-SIGN rules must be followed to utilize e-disclosures, and E-SIGN compliance is more easily done in advance than by a collector unless the debtor wants to follow these procedures and use electronic media. The bank should take care to ensure its E-SIGN agreement is transferable and follows the loan if it is assigned to a third-party collector.

Spanish and other foreign language notices may be used. Collectors may include an option for debtors to request notices in Spanish. They may provide validation notices in any language, so long as it is accompanied by an English notice or such English notice was already provided.

The number of calls and conversations will now be limited as noted above. This relates to the consumer protection and reduction of harassment goals of the revisions. The CFPB studied data from its Debt Collection Consumer Survey to determine how many times debtors were being contacted and found 14 percent of the time it would be 8 or more times per week. This was an estimated 6.9 million debtors. Collectors will be allowed no more than seven telephonic attempts per week to reach a debtor about a specific debt. Once a telephone conversation between the collector and debtor takes place, the collector must wait at least a week before calling the debtor again. Making payment arrangements for two days after the call will not allow an exception. There appears to be no limit on the number of emails or text messages that may be sent.

The proposal defines how debt collectors can provide required disclosures electronically. Collectors would be required to provide consumers with a disclosure containing information about the debt and related consumer protections including, for example, an itemization of the debt and plain-language information about how a consumer may respond to a collection attempt, including by disputing the debt. Additionally, the proposal requires the disclosure to include a “tear-off” that consumers can send back to the collector to respond to the collection attempt.

Collectors will be prohibited from providing information about a debt to a credit reporting agency unless the collector has communicated information about the debt to the debtor by, for example, sending the consumer a letter.

There is a series of cases referred to in the proposal as the Foti line and under these a voicemail message from a collector must contain certain information referred to as the “mini-Miranda.” Because the message must include information about the debt, leaving messages with the mini-Miranda could lead to liability if a third party hears the message. The proposed rule provides that no information regarding a debt is conveyed and no FDCPA “communication” occurs when debt collectors convey only the individual debt collector’s name, the consumer’s name, and a toll-free method that the consumer can use to reply to the collector.

Some prohibited practices in the proposal include one of the most litigated problems, time-barred debts. Debts have an expiration date set by individual states. After that defined period the debt is no longer collectible. Collectors may not transfer debts they know or should know have been paid or settled, have been discharged in bankruptcy or are associated with an identity theft report. They may not sue or threaten suit on time-barred debts or debts the collector should know are out-of-statute and no longer collectible.

For more information formulated in a tabular format, the CFPB has published, “Fast facts: Proposed Debt Collection Rule” on its website.

New stuff!

By Pauli D. Loeffler

OBA Legal/Compliance team’s new intern

We are excited to welcome Roy Adams as our intern this summer. Roy is a student at Oklahoma City University’s School of Law and will graduate next May. Before attending law school, Roy coordinated and assisted state/federal regulators and independent auditors, conducted case analysis, identified unusual financial activities, and wrote SAR narratives as required by the federal regulation. He monitored and tracked AML/BSA high-risk accounts, conducted EDD, and is well-versed in CIP/KYC policy and procedure. Roy will be contributing both in answering your emails and writing articles for the OBA Legal Briefs. He’s already working on an article for next month’s Legal Briefs.

New OBA Legal Links content

In the March 2018 OBA Legal Briefs, I talked about the OBA’s website update and provided you with a list of Templates, Forms, and Charts available on the Legal Links page. Several more have been added in addition to other updated content. Check it out!

Changes in UCCC amounts effective 7/1/19

By Pauli D. Loeffler

Sec. 1-106 of the Oklahoma Uniform Consumer Credit Code in Title 14A (the “U3C”) makes certain dollar limits subject to change when there are changes in the Consumer Price Index for Urban Wage Earners and Clerical Workers, compiled by the Bureau of Labor Statistics, U.S. Department of Labor. You can download and print the notification from the Oklahoma Department of Consumer Credit by clicking here.

It is also accessible on the OBA’s Legal Links page under Resources once you create an account with the OBA. You can access the Oklahoma Consumer Credit Code and the changes in dollar amounts for prior years from links on the Legal Links page as well.

Increased Late Fee

The maximum late fee that may be assessed on a consumer loan is the greater of (a) five percent of the unpaid amount of the installment or (b) the dollar amount provided by rule of the Administrator for this section pursuant to § 1-106. As of July 1, 2019, the amount provided under (b) will increase by $.50 to $26.00.

Late fees for consumer loans must be disclosed under both the UC3 and Reg Z. For a bank to be able to impose any late fee, the consumer must agree to it in writing. Any time a loan is originated, deferred or renewed, the bank is given the opportunity to obtain the borrower’s consent in writing to the increased late fee set by the Administrator of the Oklahoma Department of Consumer Credit. However, if a loan is already outstanding and is not being modified or renewed, a bank has no way to unilaterally increase the late fee amount if it states a specific amount in the loan agreement.

On the other hand, the bank may take advantage of an increase in the dollar amount for late fees if the late-fee disclosure is worded properly, such as:

“If any installment is not paid in full within ten (10) days after its scheduled due date, a late fee in an amount which is the greater of five percent (5%) of the unpaid amount of the payment or the maximum dollar amount established by rule of the Consumer Credit Administrator from time to time may be imposed.”

§ 3-508B Loans

Some banks make small consumer loans based on a special finance-charge method that combines an initial “acquisition charge” with monthly “installment account handling charges,” rather than using the provisions of § 3-508A with regard to maximum annual percentage rate. § 3-508A is the section containing provisions for a “blended” rate by tier amounts under (1)(a) as well as the alternative of using a flat 25% APR under (1)(b). § 3-508A is NOT subject to annual adjustment without statutory amendment.

The permitted principal amounts for § 3-508B is adjusting from $1,530.00 to $1,560.00 for loans consummated on and after July 1, 2019.

Sec. 3-508B provides an alternative method of imposing a finance charge to that provided for Sec. 3-508A loans. Late or deferral fees and convenience fees as well as convenience fees for electronic payments under § 3-508C are permitted, but other fees cannot be imposed. No insurance charges, application fees, documentation fees, processing fees, returned check fees, credit bureau fees, or any other kind of fee is allowed. No credit insurance even if it is voluntary can be sold in connection with in § 3-508B loans. If a lender wants or needs to sell credit insurance or to impose other normal loan charges in connection with a loan, it will have to use § 3-508A instead. Existing loans made under § 3-508B cannot be refinanced as or consolidated with or into § 3-508A loans, nor vice versa.

As indicated above, § 3-508B can be utilized only for loans not exceeding $1,560.00. Further, substantially equal monthly payments are required. The first scheduled payment cannot be due less than one (1) calendar month after the loan is made, and subsequent installments due at not less than 30-day intervals thereafter. The minimum term for loans is 60 days. The maximum number of installments allowed is 18 months calculated based on the loan amount as 1 month for each $10.00 for loan amounts between $155.95 and $364.00 and $20 for loan amounts between $364.01 – $1,560.00.

Lenders making § 3-508B loans should be careful and promptly change to the new dollar amount brackets, as well as the new permissible fees within each bracket for loans originated on and after July 1st. Because of peculiarities in how the bracket amounts are adjusted, using a chart with the old rates after June 30 may result in excess charges for certain small loans and violations of the U3C provisions.

Since §3-508B is “math intensive,” and the statute both online or in a print version does not show updated acquisition fees and handling fees, you will find a modified version of the statute with the 2019 amounts on the Legal Links page UCCC Section 3-508B – Effective July 1, 2019. Again, you will need to register an account with the OBA in order to access it.

The acquisition charge authorized under this statute is deemed to be earned at the time a loan is made and shall not be subject to refund. Provided, however, if the loan is prepaid in full, refinanced or consolidated within the first sixty (60) days, the acquisition charge will NOT be deemed fully earned and must be refunded pro rata at the rate of one-sixtieth (1/60) of the acquisition charge for each day from the date of the prepayment, refinancing or consolidation to the sixtieth day of the loan. The Department of Consumer Credit has published a Daily Acquisition Fee Refund Chart for 2019 and prior years with links on this page. Further, any if a loan is prepaid, the installment account handling charge shall also be subject to refund. A Monthly Refund Chart for handling charges for can be accessed on the page indicated above, as well as § 3-508B Loan Rate (APR) Table.

§ 3-511 Loans

I frequently get calls when lenders receive a warning from their loan origination systems that a loan may exceed the maximum interest rate. Nearly always, the banker says the interest rate does not exceed the alternative non-blended 25% rate allowed under § 3-508A according to their calculations. Usually, the cause for the red flag on the system is § 3-511. This is another section for which loan amounts may adjust annually. Here is the section with the amounts as effective for loans made on and after July 1, 2019, in bold type.

Supervised loans, not made pursuant to a revolving loan account, in which the principal loan amount is $5,200.00 or less and the rate of the loan finance charge calculated according to the actuarial method exceeds eighteen percent (18%) on the unpaid balances of the principal, shall be scheduled to be payable in substantially equal installments at equal periodic intervals except to the extent that the schedule of payments is adjusted to the seasonal or irregular income of the debtor; and

(a) over a period of not more than forty-nine (49) months if the principal is more than $1,560.00, or

(b) over a period of not more than thirty-seven (37) months if the principal is $1560.00 or less.

The reason the warning has popped up is due to the italicized language: The small dollar loan’s APR exceeds 18%, and it is either a single pay or interest-only with a balloon.

Dealer Paper “No Deficiency” Amount

If dealer paper is consumer-purpose and is secured by goods having an original cash price less than a certain dollar amount, and those goods are later repossessed or surrendered, the creditor cannot obtain a deficiency judgment if the collateral sells for less than the balance outstanding. This is covered in Section 5-103(2) of the U3C. This dollar amount was previously $5,100.00 and increases to $5,200.00 on July 1.

CFPB’s Spring 2019 Regulatory Agenda

by John S. Burnett

The CFPB recently announced the Spring 2019 updates to its regulatory agenda.

In the short term, the Bureau intends to issue an extension for the underwriting requirements compliance date in its Payday Loan rule. We’ll see what happens in the next few weeks.

Other items on the Agenda:

• December 2010 – proposed rule on public disclosure of HMDA data
• January 2020 — resume pre-rule work on data collection on women-owned, minority-owned, and small business lending
• Before November 2020 – Final determination on reconsideration (read: rescission) of the underwriting requirements of the Payday Loan rule.
• In pre-rulemaking stage: Rulemaking to bring “Property Assessed Clean Energy” (PACE) loans under the ability-to-repay and general civil liability provisions of the Truth in Lending Act.
• Further refinements to Regulation C implementing HMDA

May 2019 Legal Briefs

  • What to say and not say
  • Dead beneficiaries
  • Dead joint tenants
  • Funds belong to an estate
  • Watch your fees

What to say or not say

By Mary Beth Guard

Last summer, while on a trip to Indiana, I got an “urgent” call forwarded from my home phone to my cell phone from a large money center bank that we had a credit card account with. The stressed-sounding individual said that the bank did not have all my personal identifying information and my card privileges would be terminated unless I went in person to one of the bank’s branches and presented acceptable ID and supplied additional information.

Hmmmmmm. The nearest branch of this bank was at least 200 miles away from where I was at the time, so a little visit just wasn’t going to happen. But here’s the thing. We had opened the credit card account in 1987 with a different financial institution. My husband was the accountholder and I merely had user privileges on a convenience card on the account. A number of years ago, the credit card portfolio of the original issuer was acquired by the bank calling me. We had always paid the balance in full each month by the payment due date and at the time I received their phone call, not only was there no outstanding balance, but we hadn’t used the card in close to six months.
I will admit, I blew off the phone call and didn’t give it another thought until we got back home to Oklahoma. When we returned from Indiana, there was a large envelope with serious paperwork in it, all marked URGENT, all indicating that if I did not get myself to a branch of their bank somewhere with identifying documents in the very near future, they would close out the credit card account. Yes, I ignored that, too.

Another phone call followed. The bank’s representative sounded so desperate and exasperated that I imagined him being hooked up to electrodes controlled by some lunatic that would sizzle and burn the bank’s rep if I didn’t immediately capitulate to his request.

Color me curious. I had to know what prompted the crazy calls. Why, after all those years, would the bank suddenly decide they needed to get to know me better? With thirty years of usage history and payments, their neural network software could easily construct a profile of me, just based upon my spending history, and the databases to which they had access would fill in the blanks. I had questions.

The next time the dude called, I went into interrogation mode. “Why do you need more identifying information on me?” I asked. “Because we don’t have it,” he responded. “Well, that’s because 30+ years ago when my husband designated me as an individual he wanted to have a card on his account, you didn’t request or require detailed information on me.” “Yes,” he said, “That is true, but now we need that information.”

“Need.” That is a special word (one that my husband sometimes claims I don’t know the meaning of – but that’s another story). So, the bank “needs” that information. Wow! Who knew?! I had more questions.

“So, why do you need the information?” The guy got all serious as he attempted to answer and he did something one should never do (unless, of course, it is true): he attempted to justify his actions by saying that they were required by law. Oops. He overplayed his hand as he told me in a very authoritative-sounding voice that “the recently passed USA PATRIOT Act required all financial institutions to go back and review their records to ensure they had complete, up-to-date identifying information on all of their accountholders.”

I picked the low-hanging fruit first, pointing out that I wasn’t an actual accountholder, but merely an authorized user on the account. It didn’t matter, he insisted. I was viewed as a “customer” and they needed the information.

So, I moved on. “About this ‘recently passed USA PATRIOT Act,’ wasn’t that law actually enacted around 2002?” “Well, I’m not sure, that could be right – but a new rule on beneficial ownership requires us to get additional information.” Okay, he was really stepping in it at that point.

“Yeah. That beneficial ownership rule requires you to obtain information on the beneficial owners of certain legal entities. This is a consumer account. No entities are involved. How does that rule come into play?” I queried. “And on existing customers, what is the trigger for pursuing additional information?”

“Lady, I cannot take the time to educate you about all the laws and rules our bank has to comply with. Just let me assure you, we must obtain this information and you must present your drivers license at one of our branches.” [Those of you who know I have never had a drivers license are chuckling at this point. Those of you who have attended one of my new accounts programs are replaying in your minds the part where I talk about the fact that not everyone has a drivers license, whether due to a disability, lack of desire (or, in my case, knowing I would be really bad at being behind the wheel of a motor vehicle), thus the proper thing to say when CIPing a customer via the documentary verification method is “We will need to see acceptable ID, such as a drivers license, state ID, passport, or similar unexpired, government issued photo ID.”]

Okay, if he didn’t have time to educate ME about the laws and rules, perhaps I should take the time to educate him? Naaa. Life’s too short to provide free clues to the clueless.

Here is the bottom line: The bank had decided to require more information than any law or regulation actually required them to obtain and they were doing so without a specific regulatory trigger. It is certainly within the bank’s right to determine what it wants to know about its customers and it can seek that information at any time, but it needs to couch the request properly as being driven by the bank – not as being crammed down the bank’s throat by the government. When you make an assertion to the wrong person that a statute or a rule mandates something, someone is going to call you out on it and you’re going to lose all credibility.

He could have said “Our bank is working hard and going beyond what many other banks do In order to protect accounts against fraud or abuse and to fight terrorism. In connection with that effort, the bank is taking steps to ensure it knows who is really using its products and services. In any instance where we don’t find complete identifying information on a customer, we are working to address that. Our bank wants to be able to say that it knows the true identity of each and every customer, so that means going back to accounts established when the standards for identity verification were minimal and working to bring the information in our records up to current standards for each customer.”

Employees should know, for any customer requirement or limitation, what the source is: law, regulation, policy, generally accepted banking practice – and should be careful not to misstate the origin.

There are various times when specific things should be said:

– When a safe deposit box is being rented, the bank employee should say “You will want to read through your safe deposit box rental agreement so that you understand your rights and responsibilities. Also, because the contents of the box are known only to you, you may wish to talk to your insurance agent about obtaining insurance on the contents of your box.

– When a customer who has had an individual account appears to want to add someone to it and make it a joint account, it would be ideal for the bank employee to first have an opportunity to speak to the individual account owner alone (outside the presence of the person who is going to be added) to ensure they understand the ramifications of bringing someone on as a joint owner. The bank employee could say “There are two options for adding someone to your account. Let me explain the differences so you can decide which alternative best meets your needs. You could add Sydney as an authorized signer. If you put him on as an authorized signer, he is regarded as your agent and his transactions on the account should be for your benefit. He would not be an owner of the account and could not use it for his personal banking business. For example, he should not be allowed to deposit items made payable to him into the account. If we receive a garnishment or levy relating to Sydney’s debts, funds from the account would not be sent to those creditors because the funds would be deemed to belong to you – not to Sydney. If you wanted the funds in your account to pass to Sydney upon your death, you could designate him (and whomever else you desire) as Pay on Death beneficiar(y)ies.” Then the employee would go on to explain joint ownership. “If you instead make Sydney a joint owner, he will have co-equal rights to you on the account. It will legally be treated as his account just as much as it is considered yours. He would not be bound to act for your benefit. He could act for his own benefit and can use the account for any lawful purpose. He can make deposits of checks payable to him, he can have direct deposits and can set up auto debits. Once you name him a joint owner, you cannot remove him. To sever the joint account relationship, you would have to close the account and open a new one in just your name.” I recommend this “eyes wide open” foundation to informed consent because of the many scenarios we have dealt with over the years where a customer thinks it’s “their account” and the joint owner is just on there to do their bidding, not realizing that once it gets made a joint account, all that is out the window.

– When a customer is opening a new account, the required disclosures (Reg E, CC, P, etc.) must be provided before the account relationship is established (i.e., before they sign on the dotted line of the signature card.) The thinking of Congress and the regulators is that the disclosures provide important and useful information that should be used in deciding whether to go through with the account opening. As soon as you know the type of account the person is contemplating opening, you print out and hand them the disclosures. If it is a consumer account, you say “Please look over these disclosures that are required by federal law. They will help you understand how quickly you will have access to your funds after a deposit, what our privacy policy and practices are, what to do in the event of a problem with a direct deposit or an electronic funds transfer, such as an auto-debit from your account or a transaction with an ATM or debit card. Plus, they will tell you about the rate [if interest-bearing], fees, and terms on your new account.”
There are other times when certain things should NOT be said. Never commit the bank to a specific course of action until all the facts are known. For example, a wonderful customer comes in all upset saying that a forged check for $12,000 was paid on their account. At that point, when that is all you know, you need to simply say “I am so sorry to hear this. We will look into this right away.” If you ordinarily would think “great customer, forged check, we need to return their money” – not so fast. When you begin your investigation, you may learn the forged check was paid over a year ago, so your bank would have no liability because of the one year bar. You may very well make a business decision to give the money back anyway, but legally you would not be required to, so the factors that go into your decision-making will be different.
Be sympathetic but absolutely noncommittal in any situation where you need to dig for facts before liability can be ascertained – such as where a customer claims unauthorized ACH transactions occurred, a payment wasn’t credited properly on a loan account, they were charged fees they should not have been charged, their deposit was misencoded, an endorsement was bogus – whatever. If you make any kind of statement that could be misconstrued by the customer as meaning that you will take care of their loss, you are going to have a reputation issue to deal with if you decide not to do so.

Dead beneficiaries

By Mary Beth Guard

If your bank is proactive about asking customers whether they wish to designate one or more POD beneficiaries (and I certainly hope you are, because it is an important option under Oklahoma law for allowing funds in a deposit account to pass without going through probate), I would wager a guess that lurking in your deposit accounts are POD beneficiaries that are no longer living, and that is not a good thing. Here’s why.

Section 901 of the State Banking Code (6 O.S. §901) provides the authority for designation of pay on death beneficiaries on deposit accounts held by individuals. It provides various choices:

1. The accountholder can designate one or more individuals as beneficiaries;

2. The accountholder can designate one or more trusts as beneficiaries;

3. The accountholder can designate one or more charitable organizations (i.e., non-profit organizations that are tax exempt under IRS Code Section 501(c)(3) as beneficiaries;

4. The accountholder can designate a mix of eligible beneficiaries – for example, naming 7 individuals, two charitable entities, and a trust. Whenever there are multiple POD beneficiaries on an account, each receives an equal share.

Under paragraph (B)(1) of Section 901, when a deposit has been set up as POD, on the death of the account owner the funds are to be paid to the designated beneficiaries, BUT if an individual named beneficiary is not living, the funds must go to the estate of the named beneficiary. Just think about that. The reason your customer set up POD beneficiaries in the first place was so the funds in the account could pass to whomever they designate without having to go through court. Easy, quick, no cost. But if a beneficiary predeceases the account owner, that throws a giant crimp in the works because that beneficiary’s share will need to go to the beneficiary’s estate. We’ve had some circumstances where the beneficiary predeceased the account owner by twenty years and the estate proceeding for the beneficiary had been concluded many years earlier. In other situations, there was never an estate proceeding. So, figuring out how to get the funds out of the bank and into the hands of the rightful parties becomes a real challenge.

How do you avoid this dilemma? Here are some possible courses of action:

 Any time you become aware that an individual named as a POD beneficiary on one of your customer’s accounts has passed away, send a letter to your customer (or talk to the customer in person or by phone) to say: “We were sorry to hear of Jack’s passing and want to convey our condolences. You know, Jack is a pay on death beneficiary on your account. If you don’t change that, when you die the funds will have to go to Jack’s estate and may require a court proceeding, which is probably not what you want. We would be happy to assist you in updating your beneficiary designations.”

 Use a statement stuffer (or online banking message) to say: “Have you updated your Pay on Death Beneficiary designations? Under Oklahoma law, if a beneficiary dies before the accountholder, the funds must go to the beneficiary’s estate. To avoid that, update your beneficiaries to remove any who have passed away and add one or more new beneficiaries of your choice.”

 Do a proactive review of your POD accounts to identify those that had beneficiaries designated more than ten years ago. Consider making phone calls or sending letters or putting a message on the system for a CSR to chat with the customer next time they are in the lobby or branch to do a “welfare check” on the beneficiaries and to see if the customer wants to make any changes – even where the beneficiaries are still alive and kicking.

There is also another alternative. The statute itself provides authority to designate one primary POD beneficiary and one or more contingent beneficiaries. It says, in pertinent part:

If any named primary beneficiary is not living, the share of that beneficiary shall instead be held for or paid to the estate of that deceased beneficiary unless contingent beneficiaries have been designated by the account owner as allowed by paragraph 4 of this subsection.

3. Each P.O.D. beneficiary designated on a deposit account shall be a primary beneficiary unless specifically designated as a contingent beneficiary.

4. If there is only one primary P.O.D. beneficiary on a deposit account and that beneficiary is an individual, the account owner may designate one or more contingent beneficiaries for whom the funds shall be held or to whom the funds shall be paid if the primary beneficiary is not living when the last surviving owner of the account dies. If there is more than one primary P.O.D. beneficiary on a deposit account, contingent beneficiaries shall not be allowed on that account.

5. If the only primary P.O.D. beneficiary is not living and one or more contingent beneficiaries have been designated as allowed by paragraph 4 of this subsection, the funds shall be held for or paid to the contingent beneficiaries in equal shares, and shall not belong to the estate of the deceased primary beneficiary. If the only primary beneficiary is not living, and a contingent beneficiary or contingent beneficiaries have been designated as allowed by paragraph 4 of this subsection, but one or more designated contingent beneficiaries are also not living, the share that otherwise would belong to any deceased contingent beneficiary shall instead be held for or paid to the estate of that deceased contingent beneficiary…

7. If only one primary P.O.D. beneficiary has been designated on a deposit account, the account owner may add the following, or words of similar meaning, in the style of the account or in the account agreement: “If the designated P.O.D. beneficiary is deceased, then payable on the death of the account owner to (Name of Beneficiary), (Name of Beneficiary), and (Name of Beneficiary), as contingent beneficiaries, in equal share.”

8. Adjustments may be made in the styling, depending upon the number of owners of the account, to allow for survivorship rights, and the number of beneficiaries. It is to be understood that each beneficiary is entitled to a proportionate share of the account proceeds only after the death of the last surviving account owner, and after payment of account proceeds to any secured party with a valid security interest in the account. In the event of the death of a beneficiary prior to the death of the account owner, the share of that beneficiary shall go to the estate of that beneficiary. Unless one or more contingent beneficiaries have been designated to take the place of that beneficiary as provided in paragraph 4 of this subsection. All designated primary P.O.D. beneficiaries shall have equal shares. All designated contingent P.O.D. beneficiaries shall have equal shares as if the sole primary beneficiary is deceased.

Let’s look at an example of how the primary/contingent thing would work. Let’s say Shirley wants to put her sister Wanda on her account as POD beneficiary. Shirley and Wanda are each in their mid-80s and while Shirley is in great shape, Wanda is a big ball of medical issues and it’s not likely she will live to see too many more trips around the sun. Knowing all this (and I dare say some of you community bankers could practically complete genealogical charts and medical histories on some of your customers because you get to know them so well!), when Shirley wants to designate Wanda as her POD beneficiary, she could make Wanda the primary beneficiary and name contingent beneficiaries. That way, if Wanda dies before Shirley does, Shirley doesn’t have to come in and change anything. The contingent beneficiaries will click into first place.

If it were me, any time a customer wants to designate just one beneficiary, I would gently urge them to also name contingent beneficiaries at the same time.

Think about the many times you have dealt with accounts of deceased customers. In instances where the customer had carefully chosen and kept updated POD beneficiaries, there is a good feeling knowing that the funds are able to pass, hassle-free, to the customer’s chosen recipients.

Dead joint tenants

By Mary Beth Guard

Want to see me cringe? Tell me something like “Lola and Wayne Flintner had a joint account. Wayne died. We’ve kept the joint account open so Lola can deposit checks payable jointly, and she can also deposit any checks payable to Wayne.” Can you hear me loudly moaning “NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO!”?

“What is the problem?” you might ask, adding, “We’ve done it this way for years.”

Deposit accounts are governed by law and by the terms of the deposit account agreement. When you have an account that is joint tenancy with right of survivorship and one of the two joint owners passes away, the joint tenancy terminates by virtue of the contract terms. The terms specify that if one of the joint owners dies, the account and the funds in it automatically become the property of the surviving joint owners. So, Wayne dies. The joint ownership of the account ceases. It is now an individual account owned solely by Lola.

“Yes,” you tell me, “We realize it will become Lola’s account, but we hold off on having her sign a new signature card because we know there are checks she wants to deposit.”

Let me be perfectly clear. It is not going to “become” Lola’s individual account at a future point in time. It became an individual account owned by Lola as soon as Wayne died.

“But the signature card is marked ‘joint account’ and both their names are on it!” you exclaim.

“Yes,” I reply, but under contract law and the terms of the deposit agreement, it is now a sole ownership account. That is what all the parties – the bank, Lola, Wayne – agreed to at the account inception. That’s how that account “works” from a legal standpoint.

If there is a check payable to Wayne that was issued after he died or even one issued before his death that simply didn’t get deposited while he was alive, the check now belongs to Wayne’s estate. And if a check arrives and is jointly payable to Wayne and Lola, his ghost can’t endorse it and it is therefore non-negotiable. It needs to either be reissued, or Lola needs to endorse it over to Wayne’s estate and the representative for Wayne’s estate needs to handle it.

What’s the harm? (That’s what you’re thinking, right? You’re thinking Wayne would want Lola to get the money.) The harm is that you are converting the check. You are taking funds that belong (in whole or in part, depending upon whether the check is payable to Wayne individually or jointly) to Wayne’s estate and you are doing posthumous estate planning, deciding for yourself that you are going to divert the funds from the estate and give them to Lola. You don’t have the legal right to do so and you could face liability.

Who would care?

 Creditor’s of Wayne’s estate. They stand first in line to make claims against any assets.

 If there are no creditors (or if there are plenty of other assets to satisfy creditors), then the beneficiaries under Wayne’s will (which may or may not include Lola) would be next in line.

 If Wayne didn’t leave a will, his heirs would be entitled to the assets in his estate, after payment of creditors.

Funds belonging to an estate

by Mary Beth Guard

My aunt passed away recently and a check payable to her arrived at my cousin’s house a few weeks later. Her will named my cousin executor, but because she had already disposed of the bulk of her assets through other means (joint tenancy with right of survivorship, having assets in her trust, POD accounts, etc.) it did not appear that any probate was going to be necessary, so my cousin endorsed the check as “Estate of so-and-so” then signed his name, followed by “Executor.” He wanted to deposit it into his personal account.

The bank asked for copies of the court documents appointing him Executor. Of course, there were none. Not only that, if he had been the Executor and was trying to put the check into his personal account, the bank would have been on notice of breach of fiduciary duty under Section 3-307 of the Uniform Commercial Code. Correctly, the bank refused to accept the deposit. Not surprisingly, my cousin was infuriated. The way he looked at it, there were no creditors, he and his sister were to receive everything via his mother’s stated wishes in her will. Once he understood the reasoning, he still wasn’t happy, but he was better able to accept it.

I wish I could say that he managed to get the check reissued, but the reality is that he sent to his sister for deposit into the small bank in Kansas where she does business. She signed underneath his endorsement and no one raised any objection to sticking it into her account. Argh. That bank obviously was either oblivious to the risk or was willing to take the risk, due to the small amount of the check, the large balance in the account, and the long-term customer relationship. I just rolled my eyes because I know when the next one comes in and my cousin strikes out when trying to deposit it, we will hear the old familiar refrain: “But my sister’s bank accepted one like it, why can’t you?” Now you know why.

Watch your fees

By Mary Beth Guard

When is the last time you reviewed the fees your bank charges? It’s time to take a close look. The number one complaint from customers these days is excessive or hidden fees. I receive a number of different email reports of current litigation and court decisions and I’m seeing a definite trend of lawsuits, class action and otherwise, from consumer — as well as even a few commercial customers, alleging that fees were wrongly charged. In some instances, the plaintiffs assert the fees were not contracted for or were not properly disclosed. In others, they allege the fees are onerous. Start your review and next time we’ll examine specific problematic fee practices.

April 2019 OBA Legal Briefs

  • Complaints
  • Convenience fees on loan payments


By Andy Zavoina

“We just don’t get complaints, we pride ourselves on customer service.” That may be true at some bank, perhaps one with a unicorn as a mascot, but I’ll wager most banks have customers who are unhappy about NSF and other account fees, being denied a loan, or a slow drive-up lane, or who feel that the bank should be open until 8 p.m. Regardless, even if your bank really has no complaints here are two reasons there should be a complaint monitoring system in place.

First, the revised Risk-Focused Compliance Supervision Program considers this critical. In November 2016 the FFIEC updated Uniform Interagency Consumer Compliance Rating System (CCRS). The FFIEC member agencies Ithe Fed, FDIC, NCUA, OCC and CFPB) implemented the updated rating system on consumer compliance examinations for exams after March 31, 2017. The CCRS is divided into three major categories and twelve assessment factors. The second category, used to evaluate a bank’s Compliance Program, has four assessment factors, one of which is Consumer Complaint Response. More on that in a moment, but suffice it to say that your regulatory agency wants your bank to have a plan to detect and resolve complaints if there was a “wrong” involved. How does the bank know there was a complaint? It trains staff to detect, resolve and learn from them.

Second, it only takes one complaint to get your bank on a Department of Justice or class action suit radar. Let’s examine a few real-life cases of complaints and enforcement actions. Keep in mind that these are a few we know of because they were in the mainstream media. How many smaller actions were there that we just didn’t hear about or the results were confidential, in a bank Report of Examination, and we just couldn’t hear about them?

The first case created problems for California Auto Finance (CAF). There was a single complaint made by a servicemember to the DOJ that her car was repossessed while she was on active duty. This single complaint lead to an $80,000 consent order with a record payment of $30,000 to one servicemember. Here’s a summary of what happened:

DOJ received a complaint in November 2016 from Army Private Andrea Starks. CAF had repossessed Starks’ car from her grandmother’s home the first day Starks was in basic training. Was this a case of a repossession agent on the hunt for Starks’ car and finding it unknowingly a day late, after she was protected by the Servicemembers Civil Relief Act (SCRA)? Not really, because Starks had notified CAF that she was enlisting, so they were made aware of her status and as a large subprime lender, surely, they are keenly aware of SCRA protections, or so you would think. In March 2018, the DOJ filed a lawsuit against CAF alleging violations of the SCRA, because there had been no court order allowing the repossession to take place. CAF then had to provide a list of all repossessions from December 2011 until December 2018. How long would it take your bank to provide such a list for a seven-year period?

Analysis of this list revealed a second repossession. Army Specialist Omar Martinez was in his first month of active duty when his car was repossessed. Prior to entering the military Martinez had also notified CAF of his employment change and again, CAF should have been aware of the SCRA protections. Because of the repossession’s impact on Martinez’ credit, he was unable to purchase a new car and had to rely on rideshares and taxis for over a year. According to the DOJ press release, CAF reached a private settlement with Starks. As part of the consent order, CAF agreed to pay Martinez $30,000. That’s the highest amount the DOJ has ever recovered for one servicemember.

CAF in fact did not have an SCRA compliance policy or procedures in place. In addition to the $30,000 paid to Martinez, the consent order requires CAF to train all its employees about SCRA requirements if they are involved in servicing covered loans or repossessing collateral. The consent order was still pending court approval in March 2019. This case started with a single complaint. CAF had received no others.

In the second example, a lawsuit was filed in July 2016 alleging that COPOCO Community Credit Union had violated the SCRA by repossessing cars owned by protected servicemembers without first obtaining court orders allowing it to do so. In July 2017 COPOCO and the DOJ entered into an agreement requiring the credit union to change its policies and compensate four servicemembers whose cars were repossessed in violation of the SCRA, $10,000.

This case was launched after the DOJ received a complaint from Alyssa Carriveau, the wife of U.S. Army Private First Class Christian Carriveau, alleging that COPOCO had repossessed their car, along with their two-year-old daughter’s car seat, from the driveway of their home. (Note, the DOJ and media emphasized the car seat. That’s a nice reputational knife in the back because it isn’t as though a repo agent will knock on the debtor’s door and ask them to clean out the vehicle before it is taken away.) Carriveau initially believed her car was stolen, but she later learned it had been “repoed.” Her husband, PFC Carriveau, was away at military training at the time and she was not able to get to work without the vehicle. The DOJ investigation showed COPOCO had no policies for SCRA compliance. After filing the lawsuit, the DOJ discovered three additional repossessions that violated the SCRA.

The agreement called for the Carriveaus, whose car was returned the day after repossession, to be credited $5,000 to the balance of their motor vehicle loan and to receive a lump sum $2,500 paid to them directly.

As for the other servicemembers, who COPOCO claimed never even made any claim against them, each would be awarded $10,000, less any amounts that were past due at the time of repossession which were still owed. They would also receive the amount of lost equity in the repossessed vehicle and interest accrued on the lost equity. COPOCO also paid a $5,000 penalty to the DOJ. Again, one complaint started this case.

In our third example, Wells Fargo reached a $4 million settlement with the DOJ. Like the two prior cases, this involved repossessions. This may be low hanging fruit for the DOJ as the tests are fairly simple — was the debtor a covered servicemember, and was there a court order issued allowing the repossession?

This case began when the DOJ received a complaint from the Army’s Legal Assistance Program alleging that Wells Fargo had repossessed Army National Guardsman Dennis Singleton’s car while he was preparing to deploy to Afghanistan. Wells Fargo repossessed the car, sold it at a public auction and then tried to collect a deficiency balance of over $10,000 from Singleton. While seeking assistance with debt consolidation, Singleton met with a National Guard attorney and learned about his rights under the SCRA. The attorney requested information from Wells Fargo about the original loan and repossession and asked for copies of the correspondence and Singleton’s payment history. Wells Fargo never responded to that request and the attorney requested the DOJ’s assistance. The ensuing investigation revealed 413 repossessions of vehicles owned by covered servicemembers. There was also a companion enforcement order from the OCC which assessed a $20 million civil money penalty and required Wells Fargo to make restitution to servicemembers harmed by the bank’s SCRA.

Staff from each of these lenders could have handled these cases differently and the outcomes could have been dramatically different. This is why bank staff needs to be trained and know how to handle complaints while recognizing those complaints which should be elevated for immediate attention to others at the proper level in the organization. Recognizing a problem that may be an anomaly with low risk differs from a systemic problem, which is likely to be widespread, and an isolated complaint concerning a subjective error differs from a complaint alleging a violation of law.

So let’s go back to the CCRS and determine what your bank needs to do as to complaint resolution, because it will influence your compliance management system rating. Assigned ratings range from 1 to 5, reflecting an increasing order of concern. The CCRS ratings are as follows:

• 1 reflects a strong CMS and the bank takes action to prevent violations of law and consumer harm.

• 2 is a satisfactory CMS that shows the bank is managing consumer compliance risk for the products and services offered and limits violations of law and consumer harm.

• 3 indicates a deficient CMS, and the bank has an increased risk with products and services and a recognized inability to limit violations of law and consumer harm.

• 4 reflects a CMS seriously deficient at managing risk with the bank’s products and services and/or at preventing violations of law and consumer harm. “Seriously deficient” indicates fundamental and persistent weaknesses in crucial CMS elements and severe inadequacies in core compliance areas necessary to operate within the scope of statutory and regulatory consumer protection requirements and to prevent consumer harm.

• 5 reflects a CMS critically deficient at managing risk for the bank’s products and services offered and/or at preventing violations of law and consumer harm. “Critically deficient” indicates an absence of crucial CMS elements and a demonstrated lack of willingness or capability to take the appropriate steps necessary to operate within the scope of statutory and regulatory consumer protection requirements and to prevent consumer harm.

As to the CCRS section specifically addressing complaint responses, the FFIEC provided the criteria used to evaluate a 1 to 5 rating. These are the benchmarks that will be used for your rating.

1. Processes and procedures for addressing consumer complaints are strong. Consumer complaint investigations and responses are prompt and thorough.

• Management monitors consumer complaints to identify risks of potential consumer harm, program deficiencies, and customer service issues and takes appropriate action.

2. Processes and procedures for addressing consumer complaints are adequate. Consumer Complaint investigations and responses are generally prompt and thorough.

• Management adequately monitors consumer complaints and responds to issues identified.

3. Processes and procedures for addressing consumer complaints are inadequate. Consumer complaint investigations and responses are not thorough or timely.

• Management does not adequately monitor consumer complaints.

4. Processes and procedures for addressing consumer complaints and consumer complaint investigations are seriously deficient.

• Management monitoring of consumer complaints is seriously deficient.

5. Processes and procedures for addressing consumer complaints are critically absent. Meaningful investigations and responses are absent.

• Management exhibits a disregard for complaints or preventing consumer harm.

In particular, pay attention to management’s responsibilities. Upper management will not be responsible to investigate or reply to complaints. But it will be responsible for establishing the culture, supported by sound policies, procedures and training that will determine the bank’s rating. Management must be involved in complaint management and compliance must provide periodic reports describing what is happening.

Other than improved customer satisfaction, what incentive does a bank have to work harder on complaint resolutions? In addition to being recognized for a better CMS rating, your CCRS rating helps define your examination schedule. As an example, a small (<$250M) FDIC-examined bank with a 1 or 2 rating is due to be examined each 30-36 months, while a 3-rated bank can expect an exam each 12-24 months.

Larger FDIC banks with a 1 or 2 rating are recommended for a compliance examination each 24-26 months while those with a 3 should expect an exam on a 12-24-month interval.


By Andy Zavoina

I was disturbed by a recent question involving the Military Lending Act (MLA). The actual question was not difficult but playing the part of my 4-year-old grandson I would ask, “why” and to that answer, “why” and so on. This can be done to get to the root of a problem, and it is something auditors should do often. At the crux of the matter, this bank misinterpreted a provision of the law and the consequences could be severe.

Let’s get some housekeeping out of the way first. The law I’m addressing is actually the Department of Defense regulation “Limitations on Terms of Consumer Credit Extended to Service Members and Dependents (under Military Lending Act)” and is commonly referred to as the MLA.

When a covered loan is made to a covered borrower there are disclosures which must be made, and legally required terms of the contract between the bank and the borrower. The nature of the problem here started with the basics, so let’s review some of those. A “covered borrower” (§232.3(g)) is a person who, at the time they become obligated on a consumer credit transaction is:

1. A regular or reserve member of the Army, Navy, Marine Corps, Air Force, or Coast Guard, serving on active duty under a call or order that does not specify a period of 30 days or fewer, or such a member serving on Active Guard and Reserve duty as that term is defined in 10 U.S.C. 101(d)(6), or

2. A dependent of someone meeting the qualifications of the above. There is more to the definition of a dependent but typically this would be a spouse. For the particulars, review 232.3(g) and 10 USC 1072(2) but a quick test would be if they have a dependent ID card, they are a dependent.

Consumer credit (§ 232.3(f)(1)) means credit offered or extended to a covered borrower primarily for personal, family, or household purposes, that is:

(i) Subject to a finance charge; or

(ii) Payable by a written agreement in more than four installments.

That is a very broad definition, but the Department of Defense (DoD) included exceptions. For these purposes, consumer credit does not mean:

1. A residential mortgage, which is any credit transaction secured by an interest in a dwelling, including a transaction to finance the purchase or initial construction of the dwelling, any refinance transaction, home equity loan or line of credit, or reverse mortgage;

2. Any credit transaction that is expressly intended to finance the purchase of a motor vehicle when the credit is secured by the vehicle being purchased;

3. Any credit transaction that is expressly intended to finance the purchase of personal property when the credit is secured by the property being purchased;

4. Any credit transaction that is an exempt transaction for the purposes of Regulation Z (other than a transaction exempt under 12 CFR 1026.29) or otherwise is not subject to disclosure requirements under Regulation Z; and

5. Any credit transaction or account for credit for which a creditor determines that a consumer is not a covered borrower by using a method and by complying with the recordkeeping requirement set forth in § 232.5(b).

Exceptions 2 and 3 above can be problematic. When read as above a lender may believe a purchase money loan is exempted and that was the root of my banker question. The DoD has published additional guidance on the MLA and these sections in particular. Without having to revise the MLA, it was clarified through a Question and Answer document that a lender must understand what the DoD considers “to finance the purchase of” a motor vehicle or personal property. Here is the guidance:

Question: Does credit that a creditor extends for the purpose of purchasing a motor vehicle or personal property, which secures the credit, fall within the exception to “consumer credit” under 32 CFR 232.3(f)(2)(ii) or (iii) where the creditor simultaneously extends credit in an amount greater than the purchase price of the motor vehicle or personal property?

Answer: The answer will depend on what the credit beyond the purchase price of the motor vehicle or personal property is used to finance. Generally, financing costs related to the object securing the credit will not disqualify the transaction from the exceptions, but financing credit-related costs will disqualify the transaction from the exceptions.

Section 232.3(f)(1) defines “consumer credit” as credit offered or extended to a covered borrower primarily for personal, family, or household purposes that is subject to a finance charge or payable by written agreement in more than four installments. Section 232.3(f)(2) provides a list of exceptions to paragraph (f)(1), including an exception for any credit transaction that is expressly intended to finance the purchase of a motor vehicle when the credit is secured by the vehicle being purchased and an exception for any credit transaction that is expressly intended to finance the purchase of personal property when the credit is secured by the property being purchased.

A credit transaction that finances the object itself, as well as any costs expressly related to that object, is covered by the exceptions in § 232.3(f)(2)(ii) and (iii), provided it does not also finance any credit-related product or service. For example, a credit transaction that finances the purchase of a motor vehicle (and is secured by that vehicle), and also finances optional leather seats within that vehicle and an extended warranty for service of that vehicle is eligible for the exception under § 232.3(f)(2)(ii). Moreover, if a covered borrower trades in a motor vehicle with negative equity as part of the purchase of another motor vehicle, and the credit transaction to purchase the second vehicle includes financing to repay the credit on the trade-in vehicle, the entire credit transaction is eligible for the exception under § 232.3(f)(2)(ii) because the trade-in of the first motor vehicle is expressly related to the purchase of the second motor vehicle. Similarly, a credit transaction that finances the purchase of an appliance (and is secured by that appliance), and also finances the delivery and installation of that appliance, is eligible for the exception under § 232.3(f)(2)(iii).

In contrast, a credit transaction that also finances a credit-related product or service rather than a product or service expressly related to the motor vehicle or personal property is not eligible for the exceptions under § 232.3(f)(2)(ii) and (iii). For example, a credit transaction that includes financing for Guaranteed Auto Protection insurance or a credit insurance premium would not qualify for the exception under § 232.3(f)(2)(ii) or (iii). Similarly, a hybrid purchase money and cash advance credit transaction is not expressly intended to finance the purchase of a motor vehicle or personal property because the credit transaction provides additional financing that is unrelated to the purchase. Therefore, any credit transaction that provides purchase money secured financing of a motor vehicle or personal property along with additional “cashout” financing is not eligible for the exceptions under § 232.3(f)(2)(ii) and (iii) and must comply with the provisions set forth in the MLA regulation.

When the MLA was revised many bankers believed GAP insurance could be financed with the loan and that this met the raw definition in the law. The DoD was explicit in its interpretation that financing the GAP insurance would disqualify the exemption and therefore require disclosures and certain contract terms to include a cap of 36 percent on the Military Annual Percentage Rate (MAPR). The MAPR is similar to the Annual Percentage Rate under Reg. Z except that it is more inclusive and therefore is generally greater than the APR.

If a bank missed the finite terms in the DoD guidance document which will be used to interpret the law, there could be severe consequences, found in section 232.9 (Penalties and Remedies) of the MLA.

Violators are subject to criminal and civil penalties under the rule. Moreover, consumer credit contracts that are not in compliance with the rule will be deemed void from inception.

(a) Misdemeanor. A creditor who knowingly violates 10 U.S.C. 987 as implemented by this part shall be fined as provided in title 18, United States Code, or imprisoned for not more than one year, or both.

(b) Preservation of other remedies. The remedies and rights provided under 10 U.S.C. 987 as implemented by this part are in addition to and do not preclude any remedy otherwise available under State or Federal law or regulation to the person claiming relief under the statute, including any award for consequential damages and punitive damages.

(c) Contract void. Any credit agreement, promissory note, or other contract with a covered borrower that fails to comply with 10 U.S.C. 987 as implemented by this part or which contains one or more provisions prohibited under 10 U.S.C. 987 as implemented by this part is void from the inception of the contract.

(d) Arbitration. Notwithstanding 9 U.S.C. 2, or any other Federal or State law, rule, or regulation, no agreement to arbitrate any dispute involving the extension of consumer credit to a covered borrower pursuant to this part shall be enforceable against any covered borrower, or any person who was a covered borrower when the agreement was made.

(e) Civil liability

(i) In general. A person who violates 10 U.S.C. 987 as implemented by this part with respect to any person is civilly liable to such person for:

(ii) Any actual damage sustained as a result, but not less than $500 for each violation;

(iii) Appropriate punitive damages;

(iv) Appropriate equitable or declaratory relief; and

(v) Any other relief provided by law.

(2) Costs of the action. In any successful action to enforce the civil liability described in paragraph (e)(1) of this section, the person who violated 10 U.S.C. 987 as implemented by this part is also liable for the costs of the action, together with reasonable attorney fees as determined by the court.

(3) Effect of finding of bad faith and harassment. In any successful action by a defendant under this section, if the court finds the action was brought in bad faith and for the purpose of harassment, the plaintiff is liable for the attorney fees of the defendant as determined by the court to be reasonable in relation to the work expended and costs incurred.

(4) Defenses. A person may not be held liable for civil liability under paragraph (e) of this section if the person shows by a preponderance of evidence that the violation was not intentional and resulted from a bona fide error notwithstanding the maintenance of procedures reasonably adapted to avoid any such error. Examples of a bona fide error include clerical, calculation, computer malfunction and programming, and printing errors, except that an error of legal judgment with respect to a person’s obligations under 10 U.S.C. 987 as implemented by this part is not a bona fide error.

(5) Jurisdiction, venue, and statute of limitations. An action for civil liability under paragraph (e) of this section may be brought in any appropriate United States district court, without regard to the amount in controversy, or in any other court of competent jurisdiction, not later than the earlier of:

(i) Two years after the date of discovery by the plaintiff of the violation that is the basis for such liability; or

(ii) Five years after the date on which the violation that is the basis for such liability occurs.

So, if a lender misinterprets the requirements of the MLA, especially if this has been done for an extended period (these major changes to the MLA were effective in October 2016). and if that lender was active, that simple misinterpretation can have huge consequences.

What does it mean to void the contract? This could require a lender to refund all the fees and interest paid by the borrower and hopefully walk away with a recovery of the principal. But do not forget the other damages the covered borrower may collect. If the borrower is successful in court, the lender could also be liable for the court costs and attorney’s fees. Plus, this was an active lender and there may be hundreds, even thousands of loans that could be voided and included in a class action suit.

The penalties that can be enforced by regulators likely depend on the size of the lender, the severity of the violations, the lender’s initial attempts to comply with the MLA and its prior history of compliance. At the end of the day, these are not issues management wants to address. It is far simpler to stay abreast of the laws, regulations, interpretive guidance and to put in place audit controls which provide prompt corrective actions.

Convenience fees on loan payments

By Pauli Loeffler

Oklahoma Senate Bill 1151 was enacted in 2017 to permit supervised lenders (federal regulated financial institutions and lenders licensed by the Oklahoma Department of Consumer Credit that make loans with APRs exceeding 10%) to charge consumer borrowers convenience fees for electronic loan payments effective November 1, 2018. The statute is found in Title 14A O.S. § 3-508C. You can read the statute here.

The statute allows supervised lenders to charge a fee for convenience payments made by debit card, electronic funds transfer, electronic check or other electronic means for loans subject to §§ 3-508A and 3-508B. Section 3-508A provides the maximum interest rate at consummation for most consumer loans. It does not apply to the vast majority of real estate secured loans, loans for education, and consumer loans exceeding the threshold amount which is the same for both the U3C and Reg Z. It also does not apply to agricultural, commercial, or loans to other than natural persons, e.g. trusts. Section 3-508B provides an alternative method of imposing a finance charge to that provided for § 3-508A loans, but until the enactment of § 3-508C prohibited all fees other than late fees and deferral fees.

So, what does § 3-508C allow? The bank can impose and collect a convenience fee on an electronic payment transaction as long as the fee does not exceed the actual cost incurred by the lender or four percent (4%) of the electronic payment transaction, whichever is less. “Actual costs” is defined as the actual third-party costs incurred for the processing of payments made by electronic means. Note that if the bank is a subsidiary of the entity processing the payment, the parent entity is considered a third-party. If the installment payment being made is $25.00, the bank will only be able to charge the borrower $1 and isn’t a real money maker if the actual cost exceeds that amount.

The bank must provide the consumer the option to make payments on a loan by check, cash, or money order directly to the lender in order to avoid the imposition of a convenience fee. If the bank wants to charge the consumer a convenience fee for various types of electronic payment transactions, it must fully disclose the fee either in the loan disclosures or at the time of the specific electronic payment transaction. Even if the bank discloses the fee in the loan documents, before the bank can charge a convenience fee, it must notify the customer of the amount of the fee prior to completing the electronic payment transaction as well as provide the customer an opportunity to cancel the transaction without incurring a fee. This applies regardless of whether the request is made via telephone (train your employees) or online (“A convenience fee in the amount of $x.xx will be assessed… Click “cancel” if you do not wish to proceed with payment”). Finally, the convenience fee is NOT refundable if the customer elects to proceed with payment. It is advisable to notify the customer of this fact as well.

March 2019 OBA Legal Briefs

  • HMDA Reference Chart
  • Flood Update

HMDA Reference Chart

by Andy Zavoina

If your bank is a HMDA bank, congratulations, you’re a survivor and the 2018 Loan Application Register (LAR) is put to bed. I won’t mention that a first quarter review for 2019 is due in just a few weeks.

In a helpful way, the Consumer Financial Protection Bureau (Bureau) recently issued a resource document, the “Reportable HMDA Data: A Regulatory and Reporting Overview Reference Chart for HMDA Data Collected in 2019.” This reference chart may just help you out as you dig into this year’s HMDA records. The document includes changes to Reg C since HMDA was revised in 2015, through and including changes effective January 1, 2019, in accordance with the Economic Growth, Regulatory Relief, and Consumer Protection Act (EGRRCPA).  The latest Filing Instructions Guide (FIG) is referenced, and the document also includes information helping smaller filers know what to file as “not applicable” or “exempt.” This is an exemption applicable to the new data categories required by the Dodd-Frank Act and the HMDA rule as adopted by the Bureau when the bank’s applicable mortgage loans are below certain thresholds and certain Community Reinvestment Act rating criteria are met. More on this below, in case you are not sure if you meet the criteria. This chart does not replace the 2019 FIG, however, and it should be referenced for filing and LAR entry guidance as well.

As for banks qualifying for some LAR entry exemptions, there are several criteria which must be met. For closed-end mortgage loans, the partial exemption will apply if the bank originated fewer than 500 of these loans in each of the two prior calendar years.  For home equity lines of credit (HELOCs), the partial exemption will apply if the bank originated fewer than 500 HELOCs in each of the two prior calendar years.  The HELOC change will not initially affect reporting because, for 2018 and 2019, the threshold to report HELOCs is 500 transactions in each of those two calendar years under a temporary rule issued by the Bureau.

Even if your bank originates loans or HELOCS below the applicable threshold, HMDA’s partial exemption from reporting the new HMDA data categories does not apply if your bank received “Needs to Improve” rating during each of its two most recent CRA exams, or “Substantial Noncompliance” on its most recent CRA examination. Both the loan volume and CRA tests must be met.

The 2019 Chart provides information on how a lender opting to not report a Universal Loan Identifier for an application or loan under the exemption would report a Non-Universal Loan Identifier for the application or loan. It also includes additional guidance on reporting of the Credit Scoring Model and the reporting of the Automated Underwriting System result. The 38-page Chart may be found here:

Not related to the 2019 Chart, I’d like to bring out some recent HMDA and HMDA-related questions which may be of interest to bankers. The first addresses the new Uniform Residential Loan Application (URLA). Many bankers have asked when it should be used. The short answer is, beginning July of this year. According to Fannie Mae, as of February 26, 2019, it has published the final Direct Underwriter Specification of the test period, along with other updated resources supporting the redesigned URLA/Form 1003.

The URLA/Form 1003 is a standard form adopted by Fannie Mae and Freddie Mac (the Government-Sponsored Enterprises (GSEs

Fannie Mae also updated a FAQ page. Here are a few of importance to banks:
12) When will the GSEs require the updated AUS datasets to be delivered?

On February 1, 2020, lenders will be required to submit new applications using the updated AUS datasets based on MISMO v3.4. Applications received before February 1, 2020, that have not closed (e.g., loans for new construction) will be accepted in the existing data formats (1003 v3.2 flat file and MISMO v2.3.1 format for DU and the MISMO v2.4 for LP) until February 1, 2021, when only the datasets based on MISMO v3.4 may be submitted. This will provide lenders with the opportunity to close out their existing pipeline of loans which were previously submitted in the existing data formats.

An “Optional Use Period” for the updated AUS datasets begins on July 1, 2019, and ends on February 1, 2020. The GSEs recommend the industry use this time to:

  • Test POS/LOS updates
  • Test System dependencies to ensure the new data format flows through systems
  • Check Integration with the GSEs
  • Conduct training and plan for implementation rollout
  • Update policies and procedures as well as any customization they may need to do to support the new datasets.

Lenders may begin testing loan file submissions with each GSE at any time.

During the optional use period, the GSEs’ AUS systems will continue to accept the legacy formats (Fannie Mae: 1003 3.2 flat file, MISMO v2.3.1 / Freddie Mac: MISMO v2.4).

13) What should I be doing now to prepare for the redesigned URLA and updated AUS specifications?

The specific steps you should be taking at any given time will vary based on where your organization is in the planning and implementation process, but the following are some actions, at a high level, that will help you prepare:

  • Identify any data on the redesigned URLA that you do not currently collect and develop a plan to obtain that data.
  • If you use a technology solution provider, reach out to them to ensure they have copies of the updated AUS specifications. Determine the type and timeframe of testing you need to conduct with your vendor and work with them to understand when they expect to be ready to produce and receive the new data interface files. Remember, you are not mandated to start submitting loan application submission files to the GSEs’ AUS systems until February 1, 2020.
  • If you maintain your own system, work with internal technical and business analysts to scope and schedule the tasks necessary to process the updated AUS specifications.
  • Regularly check each GSE’s URLA/ULAD web page for additional updates to the AUS specifications to ensure you are using the most recent version. Reach out to your GSE representatives, as needed, to confirm requirements and arrange testing with the GSEs.

24) Can a lender submit the current AUS formats with the redesigned URLA? UPDATED

No, the redesigned URLA cannot be used with the existing AUS formats; new formats must be used due to the differences in the data collection between the redesigned URLA and the old URLA. The redesigned URLA may be used starting July 2019. Lenders using the redesigned URLA must use the updated AUS Specifications for each GSE – for Fannie Mae, DU Specification MISMO V3.4, and for Freddie Mac, Loan Product Advisor v5.0.0n.

The entire FAQ can be found at

Another question asked if the URLA/Form 1003 was required to be used for mortgage loans? The answer is No, it is not. It may be required by investors, however, as the URLA/Form 1003 is a “standardized” and accepted form; but if the bank has the required information for its real estate loan there is no format that is required under Regs B, C or Z, only certain pieces of information. The URLA/Form 1003 meets the information requirements.

As an example, national banks are overseen by the Office of the Comptroller of the Currency (OCC). National banks not subject to HMDA that received 50 or more home loan applications during the previous calendar year may choose either of the two recordkeeping systems. They may maintain HMDA-like records, or record and maintain the Monthly Home Loan Activity Format under the Fair Housing Home Loan Data System (12 CFR 27). This includes the number of applications received, closed, denied, and withdrawn. More specific information includes:

  • Application information including:
    – date of application
    – type of loan (purchase, construction-permanent, refinance)
    – any government insurance and type
    – is it an application or inquiry
    – case number
    – race/national origin
    – property location (complete street address and census if located in one in which the bank has an office)
  • If an appraisal is completed:
    • The appraised value; and
    • The census tract number, where available, for those properties that are in a Metropolitan Statistical Area (MA) in which the bank has a home office or branch office.
  • Disposition of loan application using the following categories:
    • Withdrawn before terms were offered;
    • Withdrawn after terms were offered;
    • Denied;
    • Terms offered and accepted by applicant(s).
  • If final terms are offered, whether or not accepted:
    • The loan amount.
    • Whether private mortgage insurance is required, and if so, the terms of the insurance.
    • Whether a deposit balance is required, and if so, the amount.
    • The note (simple) interest rate.
    • The number of months to maturity of the loan offered.
    • Points,
    • Commitment date.
  • The type of mortgage using the following categories:
    • Standard Fixed Payment;
    • Variable Rate;
    • Graduated Payment;
    • Rollover;
    • Other.
  • The name or identification of the bank office where the application was submitted.
  • Whenever credit is denied, copy of the Equal Credit Opportunity Act credit notice and statement of credit denial.
  • Any additional information used by the bank in determining whether or not to extend credit, or in establishing the terms.

As luck would have it, this information would be in your loan file and much of it would be on your URLA/Form 1003. National banks must attempt to gather the application information. I once asked my OCC examiner what “attempt to gather” meant and he replied that if we used the URLA/Form 1003 with the applicants, then we have met that “attempt to gather” standard.

Now, the longer answer to the original questions as to when may a bank start using the new URLA/Form 1003, the effective date on the form itself is July 2019 and it should not be used before that. The GSEs will require the use of the redesigned URLA for all new loan applications in February 2020, so your bank has time to train and adopt the new form. Now is the time to review the new form and understand what the changes are, what new data is requested, and how you will begin using the form. Your investors may be communicating with you already as to requirements they may have on usage.

Another HMDA question was about a credit score used by an investor. This investor required the credit score from a particular credit reporting agency and if the applicant or co-applicant had no score, to use 555 and both applicants’ scores were averaged with that single result being used in the credit decision. For example, Applicant 1 does not have a credit score and Applicant 2 has a score of 777. The average is calculated as 555+777=1332/2=666. The credit score is now 666. Is this reported on the LAR?

Generally, I would say the bank needs to report the scores from the bureau on the first two applicants. The methodology of the investor is separate from HMDA. But the plain text of Reg C says, as to the LAR entry: “(i) Except for purchased covered loans, the credit score or scores relied on in making the credit decision and the name and version of the scoring model used to generate each credit score.”

And the FIG states, “1. Credit Score of Applicant or Borrower. Enter, in numeral form, the credit score, or scores relied on in making the credit decision for the applicant or borrower, or of the first co-applicant or co-borrower, as applicable. If Regulation C requires your institution to report a single score that corresponds to multiple applicants or borrowers, report the score in either the applicant field or the co-applicant field. Or, enter the applicable Code from the following:

Code 7777—Credit score is not a number
Code 8888—Not applicable
Code 9999—No co-applicant
Code 1111—Exempt”

The bank used an average score, but also used a proxy score when no score existed. I question the categorization of “555” as credit score because for Reg C, a credit score means “a numerical value or a categorization derived from a statistical tool or modeling system used by a person who makes or arranges a loan to predict the likelihood of certain credit behaviors, including default (and the numerical value or the categorization derived from such analysis may also be referred to as a “risk predictor” or “risk score”); and

(ii) does not include—

(I) any mortgage score or rating of an automated underwriting system that considers one or more factors in addition to credit information, including the loan to value ratio, the amount of down payment, or the financial assets of a consumer; or

(II) any other elements of the underwriting process or underwriting decision.”

The bank and/or investor need to justify the proxy score, in my opinion, if it is to be reported. This may already be justified somewhere by the investor. You should ask the investor about it.

The commentary to Reg C at 1003.4(a)(15)3 has an example on this question, stating: “3. Credit score—multiple applicants or borrowers. In a transaction involving two or more applicants or borrowers for whom the financial institution obtains or creates a single credit score and relies on that credit score in making the credit decision for the transaction, the institution complies with § 1003.4(a)(15) by reporting that credit score for the applicant and reporting that the requirement is not applicable for the first co-applicant or, at the financial institution’s discretion, by reporting that credit score for the first co-applicant and reporting that the requirement is not applicable for the applicant. Otherwise, a financial institution complies with § 1003.4(a)(15) by reporting a credit score for the applicant that it relied on in making the credit decision, if any, and a credit score for the first co-applicant that it relied on in making the credit decision, if any. To illustrate, assume a transaction involves one applicant and one co-applicant and that the financial institution obtains or creates two credit scores for the applicant and two credit scores for the co-applicant. Assume further that the financial institution relies on a single credit score that is the lowest, highest, most recent, or average of all of the credit scores obtained or created to make the credit decision for the transaction. The financial institution complies with § 1003.4(a)(15) by reporting that credit score and information about the scoring model used for the applicant and reporting that the requirement is not applicable for the first co-applicant or, at the financial institution’s discretion, by reporting the data for the first co-applicant and reporting that the requirement is not applicable for the applicant. Alternatively, assume a transaction involves one applicant and one co-applicant and that the financial institution obtains or creates three credit scores for the applicant and three credit scores for the co-applicant. Assume further that the financial institution relies on the middle credit score for the applicant and the middle credit score for the co-applicant to make the credit decision for the transaction. The financial institution complies with § 1003.4(a)(15) by reporting both the middle score for the applicant and the middle score for the co-applicant.”

In this case I would still consider inquiring with the investor how the 555 was derived and how it qualifies as a credit score. If your bank is faced with this, it may also consider calling HMDA Help to determine if this is an acceptable method when only “one credit score is used.” That rule is typically applied when a tri-merge report is accessed and only one of the three scores is used. In this case you have one score and one proxy and then you average them, so it is a different application of this rule. The commentary also indicates how a bank reports when it “obtains or creates a single credit score and relies on that credit score in making the credit decision for the transaction” to ensure that this proxy is acceptable in the first place.

Credit scores must be supported by a statistically sound methodology. Any bank using a proxy number and reporting it as a credit score should be familiar with how it is derived and its proper and authorized use. HMDA does provide examples and one validated model may be used to create another. But the bank needs to know that what was done is compliant when the bank is making decisions based on one or more score models.

As this article goes to press in early March, I do notice some email auto-responses from compliance professionals who were heavy into HMDA indicating they’ll reply when they return from vacation. Take a rest, you’ve earned it. But as you prepare for Q1-2019 LAR reviews, be aware of the tools and the rules for 2019 records.

Flood Update

By Andy Zavoina

On February 12, 2019, the OCC, FRB, FDIC, FCA and NCUA (the Agencies), jointly published final rules on required acceptance of private flood insurance pursuant to the Biggert-Waters Act.  These rules will be effective July 1, 2019. The 90-page rule document has four main objectives:

  1. It implements the Biggert-Waters Act (from 2012) requirements that banks accept private flood policies that meet the criteria specified in the Act.
  2. It allows your bank to rely on an insurer’s written assurances that a private flood insurance policy does meet the Biggert-Waters criteria.
  3. It allows your bank to accept private flood insurance policies that do not meet the Biggert-Waters Act criteria, under certain conditions.
  4. It allows your bank to accept certain flood coverage plans provided by mutual aid societies, subject to agency approval.

The National Flood Insurance Program (NFIP) was first authorized in 1968. If you have been in real estate lending for any length of time, you are aware that the NFIP is in one of two states— funded, or not funded—and the latter means there is difficulty in closing loans requiring flood insurance.  As an example, just before the December-January federal government shutdown, the NFIP was temporarily funded. There was some confusion over whether flood insurance policies could be issued but that was resolved, and they could be. When the government reopened in late January, there was no additional funding for the NFIP, so as you read this, keep in mind the latest reauthorization for the NFIP expires on May 31, 2019.

The Biggert-Waters Act intended that by requiring banks to accept private insurance flood policies, the risk from payouts could be spread to other than the federal government. Initially the wording and practices in the industry made this difficult and that it why it has taken nine years to reach a final rule. But we are not out of the woods yet.

This final rule permits your bank to exercise discretion to accept flood insurance policies issued by private insurers as well as plans providing flood coverage issued by mutual aid societies, such as Amish Aid organizations, that do not meet the statutory definition of “private flood insurance.” This acceptance is subject to certain restrictions. Congress explicitly provided for private flood insurance to fulfill this requirement instead of the Standard Flood Insurance Policy (SFIP) from the NFIP, if the private flood insurance met the conditions defined in the statute.

The law (42 USC 4012a(b)(7)), defines private flood insurance. You can find the law here:

The problem is that some insurance companies polices may not conform to this definition, it is not yet known if they will be made to conform, and banks may choose to not accept them as they fail to meet the mandatory acceptance criteria. The Agencies did not provide much latitude to allow nonconforming policies and the result is that some states insurance laws will have restrictions conflicting with these rules, such as to the filing of claims or cancellation of policies. The Agencies understand this and even stated in the final rule that “The Agencies recognize that there may be conflicts between the definition of ‘private flood insurance’ and State laws, and that the laws of certain States may prevent flood insurance policies issued by companies regulated by these States from meeting the definition of ‘private flood insurance.’ In such cases, regulated lending institutions are not required to accept policies that comply with State laws and conflict with the definition of ‘private flood insurance.’ However, as discussed in greater detail below, regulated lending institutions may still exercise their discretion to accept certain policies issued by private flood insurers, even if the policies do not conform to the definition of ‘private flood insurance.’ ”

The final rule does require some small changes to the statutory definition of private flood insurance and that is the Agencies’ way of adding clarity as an aid to compliance. As an example, the final rule adopted the proposed language as, “… the proposed rule defined ‘private flood insurance’ consistent with the statutory definition, with some clarifying edits, to mean an insurance policy that: (1) is issued by an insurance company that is licensed, admitted, or otherwise approved to engage in the business of insurance in the State or jurisdiction in which the property to be insured is located, by the insurance regulator of that State or jurisdiction or, in the case of a policy of difference in conditions, multiple peril, all risk, or other blanket coverage insuring nonresidential commercial property, is recognized, or not disapproved, as a surplus lines insurer by the State insurance regulator of the State or jurisdiction where the property to be insured is located; (2) provides flood insurance coverage that is at least as broad as the coverage provided under a standard flood insurance policy issued under the NFIP (SFIP), including when considering deductibles, exclusions, and conditions offered by the insurer; (3) includes a requirement for the insurer to give written notice 45 days before cancellation or non-renewal of flood insurance coverage to the insured and the regulated lending institution, or a servicer acting on the institution’s behalf; (4) includes information about the availability of flood insurance coverage under the NFIP; (5) includes a mortgage interest clause similar to the clause contained in an SFIP; (6) includes a provision requiring an insured to file suit not later than one year after the date of a written denial for all or part of a claim under a policy; and (7) contains cancellation provisions that are as restrictive as the provisions contained in an SFIP.”  This is very close to 42 USC 4012a(b)(7), linked above.

The term “as broad as” is used in the final rule and the law. The final rule provides that your bank need not accept policies with additional exclusions unless the exclusions actually provide more coverage to the policyholder, so it works in the policyholder’s favor, but takes nothing away from the bank. As an example, an SFIP policy will define what a covered “flood” is and a private policy must be as rigid but may go further and include more flood-like events in the coverage. The private policy must include the same types of coverage such as the building and contents at a minimum, but can include more. The deductibles must be no higher than an SFIP policy allows and the excluded losses can be no more restrictive than an SFIP policy, but can have variances that favor the policyholder and bank.

Recognizing that not all banks, especially smaller ones, may have personnel with the skillsets to recognize and compare the differences between a private policy and an SFIP policy, there is a compliance aid for mandatory acceptance.  Your bank may determine that a policy meets the definition of “private flood insurance” without further review so long as a prescribed statement is included within the policy or as an endorsement to the policy: “This policy meets the definition of private flood insurance contained in 42 U.S.C. 4012a(b)(7) and the corresponding regulation.” This statement need not be present to accept a policy, but if it is, the bank’s responsibilities are met as to ensure the compliance requirements are met. Note that a policy cannot be rejected simply because the statement is not there.

The bank does have discretionary acceptance authority if the policy does meet certain criteria:

(i) It provides coverage in the amount which must be at least equal to the lesser of the outstanding principal balance of the designated loan or the maximum limit of coverage available for the particular type of property under the Act;

(ii) Is issued by an insurer that is licensed, admitted, or otherwise approved to engage in the business of insurance by the insurance regulator of the State or jurisdiction in which the property to be insured is located; or in the case of a policy of difference in conditions, multiple peril, all risk, or other blanket coverage insuring nonresidential commercial property, is issued by a surplus lines insurer recognized, or not disapproved, by the insurance regulator of the State or jurisdiction where the property to be insured is located;

(iii) Covers both the mortgagor(s) and the mortgagee(s) as loss payees, except in the case of a policy that is provided by a condominium association, cooperative, homeowners association, or other applicable group and for which the premium is paid by the condominium association, cooperative, homeowners association, or other applicable group as a common expense; and

(iv) Provides sufficient protection of the designated loan, consistent with general safety and soundness principles, and the [financial institution] documents its conclusion regarding sufficiency of the protection of the loan in writing.

Why would a bank determine a private policy is not adequate? The Agencies note some factors but this is not a complete list. Consider:

  1. whether the flood insurance policy’s deductibles are reasonable based on the borrower’s financial condition;
  2. whether the insurer provides adequate notice of cancellation to the mortgagor and mortgagee to ensure timely force placement of flood insurance, if necessary;
  3. whether the terms and conditions of the flood insurance policy with respect to payment per occurrence or per loss and aggregate limits are adequate to protect the regulated lending institution’s interest in the collateral;
  4. whether the flood insurance policy complies with applicable State insurance laws; and
  5. whether the private insurance company has the financial solvency, strength, and ability to satisfy claims.

The final rule is available here, . It certainly includes more information than is in this summary especially as to mutual aid societies which we do not have the space to discuss and may not be of key interest to our readers.

February 2019 OBA Legal Briefs

  • Service member complaints
  • Authorized signers
  • 2nd Amendment Auditors


By Andy Zavoina

In early February 2019 the Consumer Financial Protection Bureau (Bureau) released four Frequently Asked Questions pertaining to integrated disclosures under Truth in Lending and the Real Estate Settlement Procedures Act (TILA-RESPA or TRID). It starts with the standard disclosure that there is no substitute for reading and interpreting both the regulations, Reg Z for TILA and Reg X for RESPA as well as the official interpretations (Commentaries) that accompany each. These FAQs are clarifying the regulations and commentaries without being an official part of either. These may be considered official guidance from the owner of the regulation, the Bureau.

Question 1 addresses changes affecting the Closing Disclosure after it has already been delivered, and redisclosure with the possibility of a delay in the closing date.

“If there is a change to the disclosed terms after the creditor provides the initial Closing Disclosure, is the creditor required to ensure the consumer receives a corrected Closing Disclosure at least three business days before consummation?”

And the typical compliance answer is, “it depends.” The official answer is that there are three scenarios in which the consumer MUST receive the corrected Closing Disclosure at least three days prior to closing. In the event you have one of these three scenarios, you must be prepared to make a new disclosure and potentially to delay and reschedule the closing to ensure the redisclosure is received by the consumer at least three business days before the closing.

  1. If the change results in an inaccurate annual percentage rate.
  2. If loan product information which is required by TRID to be disclosed becomes inaccurate.
  3. If a prepayment penalty is added.

If your change is anything other than one of these three, you should redisclose to the consumer, no later than closing, but there is no need to delay the closing as the three-day advance disclosure requirement will not apply. (Review 1026.19(f)(2)(i).)

Question 2 helps provide guidance as to when the consumer’s overstated APR is going to decrease, is redisclosure necessary? This would seem to be advantageous to the borrower, but not necessarily if it means a delay in closing the loan. Some interpretations of the rule indicate redisclosure is required, even if the three-day waiting period to closing could be harmful to the consumer. The actual question is,

“Is a creditor required to ensure that a consumer receives a corrected Closing Disclosure at least three business days before consummation if the APR decreases (i.e., the previously disclosed APR is overstated)?”

And again, the Bureau tells us “it depends.” In this case it depends on whether, according to Reg Z, the APR which was previously disclosed on the consumer’s Closing Disclosure was accurate or not.

If the overstated APR is accurate under Reg Z:

  • the lender must provide a corrected Closing Disclosure,
  • the lender may, however, provide the revised disclosure at or before consummation and there is no requirement for a new three business-day waiting period. This generally means the closing need not be rescheduled.
    (Refer to 1026.19(f)(2)(i))

If the overstated APR is not accurate under Reg Z:

  • Because the APR is not accurate, the bank must ensure that a consumer receives a corrected Closing Disclosure at least three business days before consummation. Depending on how far in advance the correction was noted, the closing may have to be re-set.
    (Refer to 1026.19(f)(2)(ii))

The Reg Z rules for finance charge accuracy on mortgage loans may be found under 1026.18(d)(1): “In a transaction secured by real property or a dwelling, the disclosed finance charge and other disclosures affected by the disclosed finance charge (including the amount financed and the annual percentage rate) shall be treated as accurate if the amount disclosed as the finance charge:

(i) Is understated by no more than $100; or

(ii) Is greater than the amount required to be disclosed.

The Reg Z rules for APR accuracy on mortgage loans may be found under 1026.22(a)(4)-(5) which (of course) refer to other sections of Reg Z but I’ve condensed them in this explanation below:

“(4) If the annual percentage rate disclosed in a transaction secured by real property or a dwelling varies from the actual rate determined in accordance with paragraph (a)(1) of this section (which addresses how an APR is calculated), in addition to the tolerances applicable under paragraphs (a)(2) and (3) of this section (generally the APR for a regular loan is accurate if it is within .125 percent above or below a properly calculate APR, and an irregular loan is within .25 percent above or below the properly calculated APR), the disclosed annual percentage rate shall also be considered accurate if:

(i) The rate results from the disclosed finance charge; and
(ii)(A) The disclosed finance charge would be considered accurate under §1026.18(d)(1) (just recapped above) or § 1026.38(o)(2), as applicable; or
(B) For purposes of rescission, if the disclosed finance charge would be considered accurate under § 1026.23(g) or (h), whichever applies.

“(5) Additional tolerance for mortgage loans. In a transaction secured by real property or a dwelling, in addition to the tolerances applicable under paragraphs (a)(2) and (3) of this section, if the disclosed finance charge is calculated incorrectly but is considered accurate under § 1026.18(d)(1) or § 1026.38(o)(2), as applicable, or § 1026.23(g) or (h), the disclosed annual percentage rate shall be considered accurate:

(i) If the disclosed finance charge is understated, and the disclosed annual percentage rate is also understated but it is closer to the actual annual percentage rate than the rate that would be considered accurate under paragraph (a)(4) of this section;

(ii) If the disclosed finance charge is overstated, and the disclosed annual percentage rate is also overstated but it is closer to the actual annual percentage rate than the rate that would be considered accurate under paragraph (a)(4) of this section.”

Finance charge and APR accuracy are related but measured differently and are different for mortgages than other loans. The Bureau’s document refers to an older edition of the Consumer Compliance Outlook (CCO First Quarter 2011)  which makes understanding the rules easier with some examples. This CCO document refers to older citations of Reg Z using the Federal Reserve’s “226” reference. Simply substitute the current Bureau citation of “1026” if you want to review Reg Z directly. This means 226.23 is reviewed under 1026.23, as an example.

Question 3 asks if EGRRCPA changed the period between providing the Closing Disclosure and consummation of a mortgage loan. Specifically, “Does Section 109(a) of the Economic Growth, Regulatory Relief, and Consumer Protection Act affect the timing for consummating a transaction if a creditor is required to provide a corrected Closing Disclosure under the TRID Rule?”

Current TRID rules require a three-day waiting period between the delivery of the Closing Disclosures and the actual closing. If a redisclosure is required, the three-day period may have to be re-started (see the discussion of Questions 1 and 2). Section 109 of EGRRCPA will allow a waiver of this period if the annual percentage rate is decreasing. This could allow a timely closing and better loan terms for the borrower.

The Bureau provided an emphatic “No” and went on to clarify Section 109(a) titled, “No Wait for Lower Mortgage Rates,” amends Section 129(b) of the Truth in Lending Act (TILA). TILA Section 129(b) requires certain disclosures which must be provided for high cost mortgage loans (HCML) and the waiting periods required as a gap between disclosure and consummation of an HCML. (Refer to 15 U.S.C. § 1639 and Reg Z’s 1026.31, .32, and 34.)

If the APR is disclosed according to TRID and it becomes inaccurate, the bank must ensure that the consumer receives the corrected Closing Disclosure at least three business days before consummation of the mortgage loan. This requirement comes from 1026.19(f)(2)(ii) and is to comply with TILA Section 128, (15 U.S.C. § 1638,) and is separate and distinct from the waiting period requirement in TILA Section 129(b). This means Section 109(a) of EGRRCPA did not create an exception to the waiting period requirement under TILA Section 128. It does not affect the timing for consummating transactions after a creditor provides a corrected Closing Disclosure under the TRID Rule.

But all is not lost. Refer to question 1 again. An overstated APR is not inaccurate if it results from the disclosed finance charge being overstated, and a bank is not required to provide a new three business day waiting period. As a result, if the disclosed APR decreases due to a decrease in the disclosed interest rate, a bank is not required to provide a new three business day waiting period under the TRID Rule. So, this rule hasn’t changed, but the Bureau has reminded us of the three circumstances which do re-set the three-business day clock.

Question 4 (Model Forms). The Bureau added one question pertaining to the use of “older” model forms and a safe harbor when there are regulatory changes. “Does a creditor’s use of a model form provide a safe harbor if the model form does not reflect a TRID Rule change finalized in 2017?”

Possibly a surprise, the Bureau said “Yes.” The Bureau noted when finalizing the 2017 changes to the TRID Rule (sometimes referred to as “TRID 2.0”), that a bank is deemed to comply with the disclosure requirements associated with the Loan Estimate and Closing Disclosure if the bank uses the appropriate model form and properly completes it with accurate content.
Reg Z’s Appendix H includes model forms with headings, subheadings, and other fields required by Reg Z, at 1026.37 and 1026.38. These blank model forms for the Loan Estimate are H-24(A) and (G) and H-28(A) and (I). The Closing Disclosure model forms are H-25(A) and (H) through (J), and H-28 (F) and (J). Blank forms are also in Appendix H.

For example, the regulatory text provides that the percentage amount required to be disclosed on the Loan Estimate line labeled “Prepaid Interest (___ per day for __ days @__ %)” is disclosed by rounding the exact amount to three decimal places and then dropping any trailing zeros that occur to the right of the decimal point. (refer to 1026.37(g)(2)(iii) and (o)(4)(ii).) However, on page 2 of model form H-24(C), section F, the interest rate disclosed (4.00%) on the line for prepaid interest includes two trailing zeros that occur to the right of the decimal point. Thus, a creditor could claim the safe harbor by disclosing the interest rate on the “Prepaid Interest” line by including two trailing zeros, or otherwise could comply with § 1026.37(o)(4)(ii) by rounding the exact amount to three decimal places and dropping any trailing zeros that occur to the right of decimal point. For example, if the interest rate for the transaction being disclosed is four percent, the creditor could claim the safe harbor by disclosing “4.00%” (consistent with the model form) although it also could disclose “4%” (consistent with the regulatory text and commentary).

It is very likely that the bank has a vendor providing the software to generate both the Loan Estimate and the Closing Disclosure and that these forms can only be produced in accordance with the requirements set forth by Reg Z. But at least the Bureau has listened and possibly seen a few of these errors and dismissed them as inconsequential. There is no pass to violate Reg Z, but at least good faith efforts that meet them in part will be recognized.

Action Plan: The bank should consider developing a training session and or memo and circulating it to all loan, compliance, and audit staff who are involved in TRID loan closings. This will help ensure each person understands each of the four questions and answers. It is recommended that emphasis be placed on Closing Disclosures and their timing.

Ask yourself if amendments are needed to the bank’s loan procedures as a result of this, should this be incorporated into regular training and audit workpapers, has the bank agreed with these interpretations or could there be loans which, if reviewed today. would be in violation of Reg Z and RESPA? If so, is there any corrective action that could be taken? (In the case of most timing violations, these could not be completely corrected, but were new Closing Disclosures provided at all, and would this be an indicator that the training mentioned above is now more important?) Lastly, review the forms produced for the Loan Estimate and Closing Disclosure to determine if the forms meet Reg Z requirements with some new standards. Most banks have not been examined in detail for TRID requirements. This FAQ document may clarify issues for lenders and examiners alike, which may now increase digging into mortgage loan files.

Servicemember Complaints

By Andy Zavoina

In January, the Consumer Financial Protection Bureau (Bureau) released its “Annual Report” from the Office of Servicemembers Affairs. It covered April 2017 through August 2018 and while the Bureau logged nearly 49,000 complaints from servicemembers and the top three categories were credit reporting, debt collection, and mortgages, I want to review one item from the “Emerging issues and continuing trends in the financial marketplace for servicemembers” section. Servicemembers do not understand add-on products, which are optional, or the features and the limitations of these products they may purchase and finance, meaning they pay for them for several years.

Add-on products can easily cost hundreds and hundreds of dollars and, when financed, lower the equity in the car. But there is an add-on to help cover that event too. In particular, GAP insurance is becoming an issue. You know the sales pitch, “cars depreciate, and we are financing most of your cost, so GAP insurance fills the gap between what you owe and what the car is worth if this baby is stolen or totaled…” But one servicemember bought the GAP protection and was stationed overseas. This is very common with the military and he wanted to take his car. He had to get permission from the lender, in writing, to ship the car. It was totaled, and there was a gap. But the policy doesn’t cover a loss outside the United States. Based on this report we may anticipate more pressure on GAP insurance.

Under the Military Lending Act (MLA), a loan to purchase a vehicle is exempt from MLA restrictions when the vehicle purchased is the collateral for the loan, and there are no extra funds loaned – that is, it’s just to buy the vehicle. And that’s the rub. The Department of Defense rules include in the Military APR calculation “Any fee for a credit-related ancillary product sold in connection with the credit transaction for closed-end credit or an account for open-end credit; (Refer to 232.4(c)(ii)) If this fee is in the MAPR, it can disqualify the “no extra funds” exception and the GAP cost contributes to the 36 percent MAPR limit as well. Some banks believed GAP was excluded, and they would accept the risk of financing that. Other banks sought counsel’s opinion and believe that getting GAP insurance after the car is purchased allows the exception because the GAP isn’t a part of the original transaction.

In August 2018, the Trump administration was “testing the waters” to get a definitive clarification and allowance on the GAP insurance issue for the MLA. There was some initial resistance. One must ask, if they want a specific provision to allow GAP insurance, that is a good indicator that it is currently included. The DoD has not offered conclusive guidance. But with civil and criminal penalties in the MLA (232.9) which includes considering the loan contract void from inception, banks should carefully evaluate the risks of financing GAP and considering it a qualified exception under the MLA. The complaints servicemembers make and the lack of coverage will not help lenders.

Authorized Signers

By Pauli Loeffler

We get a lot of questions about authorized signers but for some reason, there hasn’t been a Legal Briefs article on the topic – until now.

Who is an authorized signer? An authorized signer is anyone who does not own a deposit account but has been received authorization of the owner to do so. Authorized signers include:

  1. Convenience signers on
    a) Consumer accounts
    b) Sole proprietorships
  2. Signers authorized to act for entities such as:
    a) Corporations
    b) LLCs
    c) General partnerships
    d) Limited partnerships
    e) Joint ventures
    f) Trusts
    g) Foundations
    h) Federal, state, county, and municipal government/agencies and their subdivisions
    i) Unincorporated associations such as: Churches, Little league teams, POM teams, Band parents, etc.
  3. Fiduciaries authorized to act by appointment as a/an
    a) Attorney in Fact (“AIF”)
    b) Representative Payee
    c) Federal Fiduciary
    d) Custodian (UTMA)
    e) Guardian
    f) Receiver
    g) Conservator
    h) Personal representative of an estate

This is not an exhaustive list. I also need to point out that authorized signers listed under number 2 owe fiduciary duties to the account owner just as do those listed under number 3, but other than an AIF, all those listed under number three have a duty to regularly report either to a court (Guardian, Receiver, Conservator, and Personal representative of an estate), the appointing agency (Representative Payee, Federal Fiduciary), or the account owner/parent (Custodian). For convenience signers listed under number 1, there is neither a specific duty nor any legal requirement to report to the account owner.

What can ALL authorized signers do? All authorized signers may make deposits and write checks. All authorized signers may obtain information on an account all the way back to the time that the account was opened if they remain authorized signers on the account. Once an authorized signer is removed, the only way s/he can obtain any information on an account is either by 1) obtaining consent of the owner or 2) by way of a subpoena.

An authorized signer may stop payments on a check or close the account as provided by the UCC, Tit. 12A O.S. §4-403. If the authorized signer closes the account, the check will ALWAYS be made payable to the account owner.

What things can’t an authorized signer do? With certain exceptions granted under bylaws, operating agreements, partnership agreements, trusts, etc., an authorized signer cannot add an authorized signer nor remove another authorized signer. Authorized signers, with a couple of exceptions, cannot add or change pay on death beneficiaries on an account that allows PODs (neither rep payee nor federal fiduciary accounts for VA allow PODs). I have seen a few Power of Attorney/Durable Power of Attorney documents that do permit this, but the document must specifically provide this power, and that is very, very rare. PODs named by the owner before being subject to the guardianship may remain on the account, but any change would require a specific court order. On the other hand, PODs (in Oklahoma) are allowed on all UTMAs not established by a court, and a custodian can add or change the POD. If it is a court-ordered UTMA, the court order will need to name one or more PODs for the account to have a POD.

Can authorized signer change the address for statements? The best practice is to confirm the address change with the account owner if the account is not a guardianship, rep payee, federal fiduciary, UTMA, receivership, conservatorship, estate, or custodian of a UTMA. For entities that are required to register with the Secretary of State (corporations, LLCs, and limited partnerships), a change of principal place of business will need to be filed. This can be confirmed online. Unincorporated associations are not required to file with the Secretary of State. Partnerships are not required to file anything with the SoS other than if they are operating under a fictitious name, so you need to confirm authority for the change. On the other hand, if you know the grantor of a durable power of attorney is now in the hospital or has dementia and in a nursing home, changing the address by the AIF does not require confirmation by the account owner. However, if a guardian who isn’t the AIF has been appointed, the bank should inform the guardian who must account to the court. Note the appointment of guardian does not automatically revoke a durable power of attorney, however, the guardian can choose to either leave it in place or revoke it.

If we have a joint account and one of the joint owners’ names “John Doe” as AIF, what can we do? The joint owner cannot deny the AIF access to information nor making transactions on the account. The bank can certainly inform the joint owner that an AIF has been added, but she/he cannot deny the authority granted, nor remove the AIF. The joint owner can close the account and open a new one as a sole owner. S/he cannot remove the AIF from the joint account any more than s/he could remove the owner that executed the POA.

A personal representative is asking for information on an account of a deceased owner that had a joint owner or POD. What information can the bank provide? The personal representative “stands in the shoes” of the decedent. Whatever information the deceased owner could have asked for until the time of death, the bank can provide to the personal representative.

When a new rep payee or federal fiduciary is named, can s/he have information on the former account? No. The only way the new rep payee or federal fiduciary can obtain this information is with the consent of the predecessor or through a subpoena of the records.

2nd Amendment Auditors

By Pauli Loeffler

Let’s start with a bit of background: Statutes permitting concealed carry of handguns with permits have been on the books for a long time in Oklahoma, since 1995 to be exact. “Open carry” statutes became effective November 1, 2012. Although the statutes have been amended since that time, for the most part, the rules remain the same. Title 21 O.S. §1277 covers certain places where both concealed and open carry are prohibited except for certain individuals. Title 21 O.S. § 1289.7a prohibits the property owner, tenant, employer, or business entity from maintaining, establishing, or enforcing any policy or rule prohibiting any person, except a convicted felon, from transporting and storing firearms or ammunition in a locked motor vehicle, or from and storing firearms or ammunition locked in or locked to a motor vehicle on any property set aside for any motor vehicle. Motorcycles are defined as a vehicle, but it would be impossible to lock a more than a handgun in one, and if it was a larger weapon, say a shotgun, or rifle, a thief will take both the bike and the weapon (unless he has bolt cutters).

These “2nd Amendment Auditors” have been posting videos on social media involving engagements with a variety of businesses including Bank of Oklahoma, courthouses, and a staged a rally at The Gathering Place, a privately-funded park that was assigned to Tulsa County’s River Parks Authority. Whether a bank chooses to allow handguns inside the bank by anyone who is not federal, state, or local law enforcement (“peace officers” under Sec. 1289.23 of Tit. 21) without regard to whether they are on or off duty, it is up to the bank to decide.

The bank should have policy on whether handguns permitted under the statute are allowed in the bank. If these are not permitted, the bank must post signage to that effect. Legally, the bank is free to refuse entry into the building to anyone other than as indicated previously. To avoid problems, the greeter at the bank needs to know whom to contact in the event someone disregards the notice (security, an officer of the bank) that is designated to deal with the person disregarding the notice.

Whether the bank permits handguns or not, if it becomes the target of a “2nd Amendment Audit,” it should have some protocol for dealing with the person or persons to get them out of the lobby and into a private office or conference room for the appropriate person to discuss the bank’s stance. There should be more than one knowledgeable officer of the bank that knows and understands the reasons behind the bank’s policy and, more importantly, can remain calm and composed in talking to these “auditors.”

If the bank prohibits handguns, the person dealing with the auditors will state that the bank is complying with the Oklahoma statutes and has chosen to prohibit handguns inside the bank by its policy. If asked to justify the bank’s policy (which is a question you can easily anticipate), certainly protecting bank customers and employees was part of the policy decision. You can anticipate the “auditor” retorting that law-abiding citizens with permits are there to protect these people. Rather than engaging in fruitless debate and asking for statistics to prove the “auditor’s” point, probably the strongest argument is that most law enforcement overwhelmingly hates open carry because in an incident it is very hard to tell the good guys from the bad guys. It makes containment infinitely more difficult for law enforcement (the “good guys” regardless of the “auditor’s” view of the “Right to Bear Arms.”)

Whether you are “Joe Public” or a 2nd Amendment Auditor, supporting law enforcement is inarguably a good position. I will add that while law enforcement officers and soldiers are well-trained on how to protect their weapon from someone grabbing it, this is not the case with the average permit holder. Also, while I enjoy hunting quail, pheasant and ducks, as a customer, having someone come into the bank lobby with a gun and two clips on his belt as happened in the BOK incident would make me very nervous, but that is my personal point of view.

The other and larger problem with 2nd Amendment Auditors is that they do not really seem to care what the state law is but rather jump to the U.S. Constitution and the Bill of Rights. Now you have two lay persons arguing Constitutional law for the entertainment of their followers on social media.

This brings us to the “no recording in the bank” issue in the BOK video. As far as recording conversations, it isn’t illegal to record a conversation without obtaining consent of other parties to the discussion. This is provided in 18 U.S.C. § 2511(d) which states: it “shall not be unlawful for a person not acting under color of law to intercept a wire, oral, or electronic communication where such person is a party to the communication or where one of the parties to the communication has given prior consent to such interception[.]” So while the law places certain conditions on persons acting under color of law — that is, acting on behalf of the government — to record conversations, federal law allows private citizens to do so unless it is for the purpose of any criminal or tortious act. Showing up to ask questions is neither a criminal nor a tortious act. The Oklahoma statute mirrors the federal statute.

The bank can have a policy of not allowing audio recordings which is applied to everyone. Such policy is very unlikely to hold up in a “whistle blower” suit against the bank, but that isn’t involved here.

Banks almost universally have prohibitions against filming video (or even taking photographs) inside the bank for security reasons. A bank wants to avoid paving the way for potential robbers, kidnappers, terrorists, etc. to plan to target the bank. Criminals can study photos and video to identify the location and angles of security cameras, determine how many employees there are, figure out vantage points from which they could control hostages, doorways through which to make their escape, etc.