Thursday, December 12, 2024

Legal Briefs

July 2019 OBA Legal Briefs

  • How to Write Suspicious Activity Reports (SARs)
  • EGRRCPA Status Update (Part 1)

How to Write Suspicious Activity Reports (SARs)

By Roy L. Adams

Introduction. Hello, readers! I am a second-year law student at Oklahoma City University School of Law, and a legal intern working for your OBA’s Legal and Compliance Team. Just based on that sparse information, you are probably asking, “Why should I trust what you have to say?” Let me give you some of my background to alleviate trust issues.

Before embarking on the daunting but worthwhile experience of law school, I worked for Cabela’s Club Visa as an Anti-Money Laundering and Bank Secrecy Act Analyst.  As impressive as that title sounds, I really need to tell you how I got that position in the first place.

It all began when I worked as a linguist with the Marines in Iraq. I learned how terrorists move money, where they get their money, and what types of systems they used to send money domestically and overseas. This experience provided me practical knowledge of how money can be moved around undetected. That knowledge allowed me to land a job where I could put what I learned to good use benefitting my employer.

In 2001, Cabela’s chartered a national bank to provide support for their co-branded Visa credit card. At Cabela’s, there were only three employees and our manager, and we ran the anti-money laundering parameters for the bank, which had assets over four billion dollars. Through brain and bronze, the four of us were able to handle this difficult job. Even after I obtained my master’s degree, I stayed with Cabela’s bank for several years. When Capital One purchased Cabela’s bank, I transitioned to Capital One and a new title: Anti-Money Laundering Investigator. Capital One flew our team to its headquarters to meet with their investigators and exchange information on how we perfected ways to monitor accounts and to write SAR narratives.

Having established my credentials, you can read this article assured the information about SAR writing did not just come out of some mystical void.

Overview

Let’s start with some basics. Businesses monitor unusual activities based on the services they offer, and as a result, a SAR will vary depending on the company. What I am about to share with you are general guidelines on what should be included in your SAR narrative. SARs are challenging to write because federal regulators tell us neither what they are looking for nor what we should be monitoring to satisfy the federal requirements. Despite this, institutions should use their best efforts to monitor for unusual activities.

What to include

In writing a SAR, the drafter should tell a story. Dry and choppy paragraphs make the reader lose interest in the content and merely skim it rather than digesting the value of the SAR’s information. In order to tell an effective story that a reader would benefit from, you need to answer the 6Ws: Who, What, When, Where, Why, and How.

The Who. It is a simple question to answer. The “Who” references the account holder, entity, known or unknown fraudsters, etc., that triggered the SAR. It is here that you will tell the federal investigators the actual name of the person or business you are filing a SAR on. For example, a customer made an excessive number of cash advances. The SAR should refer to the customer by name. Once you identified the customer’s name then you can refer to him/her as the subject if he/she was the subject of the investigation. Why should you do this? It is because you save federal investigators time wasted to scroll through the SAR form to find out the actual name of the person.

The What. The answer to this question is: What was the unusual activity that occurred? Let’s say they have been withdrawing cash or suddenly start depositing a lot of cash. Another example would be a customer engaging in transactions in areas known for illegal activities.

The Where. Where did the unusual activity take place? You should state in the SAR: “In the city of Oklahoma City, Oklahoma, John Smith, (“the subject”), made 30 ATM transactions totaling $15,000 between 01/01/2019 and 04/01/2019, behavior consistent with cash structuring.” The point of being so specific is to supply every detail the federal investigators need to know in a concise manner. They should have no additional questions regarding where the transactions took place, the number of transactions, the dollar amount involved, the type of unusual behavior, and the review time period. This helps the federal investigators aggregate the information with SARs submitted by other institutions. This is a nice sweet sentence that tells a story without confusing the reader.

The Why. Why are you filing a SAR on this account or on this business? Why was the activity unusual? Or why did it trigger an alert on the system? It is here you would mention, for instance, the type of account such as: “Cash advances are made from the subject’s saving account.” This is inconsistent behavior for an account of this type. Another example could be “The subject makes a purchase for more than $5,000 at a fast food restaurant or a nail salon.” This behavior of spending pattern is inconsistent for this type of merchant and the subject, but this activity is consistent with human trafficking.

The How. How did the activity occur? For example, “The subject has a personal account and has a total of eight or ten authorized users on it at any one time, with only $1,000 spent during the lifetime of the account. At 4 to 6-week intervals, the subject calls in and removes five authorized users and replaces them with new authorized users.” The spending pattern on the account does not support a commercial account, all the authorized users are unrelated to each other and do not share a common address or anything else. This pattern of activity is consistent with synthetic identification creation. The How should explain to the reader the method the subject used that made his/her activity unusual.

Organization of SAR narrative

Now that you have an idea about what you should include in your SAR, I will address how you should organize the SAR. Drawing from experience, federal auditors/investigators go straight to the narrative. The first thing they read is the introductory paragraph. This paragraph should tell federal investigators why they should keep reading. Therefore, the first paragraph should include the subject’s name, type of unusual activity, type of account, total amount in question, date range, and why the behavior is unusual.

The next paragraph is where you describe the steps you took to investigate/analyze the account. It is here that you would mention what occurred, where it occurred, and any KYC, CDD, or EDD performed on the account, and the findings prior to the filing. Also, if you are filing a continuing SAR on the same person or business, then you should include in your SAR narrative the prior SAR ID and a brief summary of what the prior SAR concerned. This lets federal investigators know right away that the person has multiple SARs filed on them.

The final paragraph of the narrative is the conclusion. In this paragraph the bank should mention any number of items including: the account balance, credit limit at the opening date and whether that has increased or decreased since that time, date the account was opened, and its current status, i.e., whether it is open or has been closed. If the account has been terminated, add the closure date. You will also include how the application was submitted—in person, by mail, by phone, or internet. If it was done online, then include the IP address if available. If the application was submitted in person, by mail, or over the phone, then include the city and state where the application was received. If applicable, state the amount of the institution’s loss. I realize that all this information can be found in various fields on the SAR form but placing it in the conclusion makes it accessible to federal investigators without having to scroll up and down between pages. Think about how much “joy” you get from scrolling up and down in Reg Z to interrelate the information, and you will understand why I recommend consolidating it in one location.

General good practices

Writing the SAR should not be complicated. Just remember you are telling a story. Do it the same way as you would tell a story to your friend, your child, or a stranger at a bar. The story must be logical for it to make sense to the other person. If your story is choppy or does not make sense, then the person is going to walk away. Similarly, if your SAR does not make sense, the federal investigators are going to walk away from it and move on to the next narrative.

When I was writing a SAR, I would literally highlight each sentence and read it. It helped me understand what I wrote frame by frame rather than looking at the entire narrative. If necessary, the bank may have a “dedicated review team” to read over the narrative to make sure it flows smoothly and to eliminate grammatical and mathematical errors.

If you do not have an expensive software program to run the math, then develop an Excel spread sheet. There are a lot of helpful videos on YouTube to teach you how to write formulas in Excel. Never do math manually. It will suck up all your time and make your eyes cross. I did that originally, and it was not efficient.

This is where the employer can play a role. There is an Excel certification program through Microsoft. Employers can incentivize their employees to enroll in it. I think this is a practical certification for employees to obtain, especially when the institution does not have the funds to purchase software to run the SAR calculations.

Do not criminalize account holders for using services your institution offers. What do I mean by that statement? For example, your bank offers overseas wire transfers, and people use this service. As a result, people who trigger the system for overseas wire transfers get slammed with a SAR because the activity is inherently unusual. A service offered should not result in a penalty unless this is out of the ordinary course of activity/business for the subject. Not every person who conducts an overseas wire transfer is worthy of a SAR. Some institutions would say “Let’s just file a SAR on that person or that entity; what is the worst thing that could happen?” This is a lazy way of conducting business because you are increasing your institution’s workload as well as that of the federal investigators. As bank officials, we should not be taking the easy way out when we cannot reach a decision on whether a SAR should be filed. Do more research and analysis on the account until you reach a decision.

Some institutions do not set a SAR filing limit. This means an institution files numerous SARs on the same person or entity for the same activity. This results in unnecessary work for the bank. It would be a good idea to institute policy and procedure regarding a set number of SARs and establish a cut off number. For example, the subject keeps alerting the system for structuring for more than a year and requiring multiple continuation SARs. If the bank’s policy sets the maximum number of SARs for the same person or activity at some reasonable number, and when that number is reached, the account will be considered for closure due to noncompliance with terms and conditions of an account, SAR workload can be decreased. It is imperative that you document the steps and the reasons why the bank decided to close the account.

When writing numbers in the SAR narrative such as dates, it is important to use the full date. Follow the standard practice of using MM/DD/YYYY. Why should you do it this way? The reason is: Federal investigators aggregate the dates, and it is easier for the system to recognize and pick up those dates in this format.

Things not to say

In the narrative, do not refer to a cardholder or accountholder as the “suspect.” I read many SARs that refer to the cardholder as the suspect; this is simply incorrect.  In order to designate a suspect, you must do a lot of investigation. I do not mean just digital investigation, but actual physical investigation, which we are simply not equipped to do. We are not law enforcement personnel, and only law enforcement can designate who is a suspect. Refer to the cardholder as a subject. If the cardholder is not the subject of the investigation, then just refer to them as cardholder or accountholder. You would state in the SAR “John Smith, (‘the subject’), is a credit cardholder.” Thereafter, you can refer to John simply as the subject.

Another thing to avoid is the use of your bank’s internal terminologies. For instance, your bank has a money market deposit account denominated as a “Super Saver Account” or refers to certain real estate loans held in portfolio as “IB mortgages.” Do not incorporate your company’s internal terminology into the SAR narrative. This is important. While these terms make sense to you, the reader who is unfamiliar with your company’s internal lingo is left scratching his/her head. Keep the SAR in plain English using terms that everyone understands. For example, do not say “John Smith triggered the golden standard.” This terminology will make sense to you, but to an outsider, it means nothing. If the golden standard is the cash advance report, then just say, “John Smith triggered the cash advance report.”

Finally, refrain from using the term “suspicious activity.” This phrase implies that the cardholder is doing something illegal. It’s better to say, “unusual activity.” If a cardholder triggers the system once or twice, does that make his/her activity “suspicious?” The answer is no. It means that the cardholder conducted a transaction that was unusual when compared to his/her spending pattern. “Suspicious” is a strong word that we should not use lightly. We are not law enforcement agents who are qualified to deem activity “suspicious”; instead, our job is to aid and assist law enforcement in doing theirs.

Conclusion

If you follow the approach that I highlighted in answering the Who, What, When, Where, Why, and How questions, the SAR narrative will look noticeably different. Remember you are telling a story to a stranger who has no information other than what you are providing them. Tell a story that any layperson can follow and understand; keep it simple. If you would like to brainstorm ideas with me about how to create a SAR template for your institution, I would be happy to help. Just reach out to the OBA Legal and Compliance Team and get connected.

EGRRCPA Status Update (Part 1)

By Andy Zavoina

On May 24, 2018, the president signed the Economic Growth, Regulatory Relief, and Consumer Protection Act (EGRRCPA), also sometimes referred to as S.2155. EGRRCPA is intended to relieve pressure on community banks, appropriately assigning risk where there is more chance of loss. Larger banks have more cost efficiencies and can also absorb more loss without any disruption to their bottom lines. For example, the CFPB estimated in its HMDA rulemaking that the additional costs on banks with minimal complexity (those providing relatively few mortgages) would be roughly $23 per application for closed-end mortgages. It would be just $.10 to $.20 cents for banks producing greater volumes of loans. Estimates of EGRRCPA‘s effects were that 85% of banks would have received a HMDA exemption, but the vast majority of mortgage loans would still be reported. The result is that the fair lending uses for HMDA data will be preserved because the high-volume reporters are the main sources of those data.

This update will serve as a reference for those sections that have been implemented or are well on the way. There is a good deal of progress.

EGRRCPA is broken into six titles, each dedicated to a separate topic:

  1. mortgage credit,
  2. regulatory relief for community banks and increased access to credit for customers,
  3. the credit reporting industry and access to credit especially by servicemembers, veterans, students
  4. holding companies,
  5. capital, and
  6. student borrowers.

Here are the updates so that you can ensure compliance, lending, finance and operations are all working from the same recipe.

Section 103Synopsis – In response to a lack of qualified appraisers, this section amends FIRREA to exempt general requirements for independent home appraisals in rural areas where the bank has contacted three state-licensed or state-certified appraisers who could not complete an appraisal in a reasonable amount of time. Loans less than $400,000 would not require an appraisal, but if there is no appraisal the ability to sell a loan would be restricted.

Effective Date: Not stated, .but regulatory changes are needed for implementation

Update: A notice of Proposed Rulemaking was published in the Federal Register on December 7, 2018, raising the threshold for residential real estate transactions requiring an appraisal to $400,000 from the current $250,000 threshold. This proposal requires that residential real estate transactions exempted by the threshold include an evaluation consistent with safe and sound banking practices. Evaluations provide an estimate of the market value of real estate, but appraisal regulations do not require evaluations to be prepared by state licensed or certified appraisers.

The proposal would also require institutions to review appraisals for compliance with the USPAP, as mandated by the Dodd-Frank Act.

Certain High-Priced Mortgage Loans would still require appraisals and not be exempted by this rule and not eligible for the appraisal exception. Other exceptions also apply:

  1. The property must be located in a rural area;
  2. The financial institution must retain the loan in portfolio, subject to exceptions; and
  3. Not later than three days after the Closing Disclosure is given to the consumer, the financial institution or its agent must have contacted not fewer than three state certified or state licensed appraisers, as applicable, and documented that no such appraiser was available within five business days beyond customary and reasonable fee and timeliness standards for comparable appraisal assignments.

https://www.fdic.gov/news/board/2018/2018-11-20-notice-sum-c-fr.pdf

Section 104: Synopsis – HMDA was amended so that banks that originated fewer than 500 closed-end mortgages and fewer than 500 open-end mortgages in each of the last two years and have a Satisfactory or better CRA rating will essentially enjoy a roll back of some rules to pre-2018. This allows the banks reporting fewer loans to avoid in-depth reporting requirements.

Update: On October 10, 2018, the FDIC published FIL-58-2018 addressing the Interpretive and Procedural Rule on Partial Exemptions from HMDA Requirements from the CFPB. This applies to banks with total assets less than $1 billion.

The Bureau’s rule provides clarifications related to the following matters:

  • Data Points Covered by the Partial Exemptions: The rule identifies 26 data points covered by the partial exemptions and 22 other data points that all HMDA reporters must collect, record, and report.
  • Loans Counted Toward the Partial Exemptions’ Thresholds. The Bureau interprets the terms “closed-end mortgage loan” and “open-end line of credit” in the Economic Growth Act to include only those closed-end mortgage loans and open-end lines of credit that otherwise are reportable under Regulation C.
  • Exception Based on Community Reinvestment Act Examination Reports. The Bureau interprets the Act to provide that the determination of which CRA examinations are the two most recent is made as of December 31 of the preceding calendar year.
  • Non-Universal Loan Identifier. If an IDI eligible for a partial exemption chooses not to report a universal loan identifier, the IDI must report a non-Universal Loan Identifier unique within the IDI.
  • Permissible Optional Reporting of Exempt Data Points. An eligible IDI may voluntarily report data points that are covered by the Act’s partial exemptions. However, if the IDI reports any data field for such a data point, it must report all data fields associated with that data point. For example, if an IDI voluntarily reports street address for a transaction, it must also report zip code, city, and state for that transaction.

On May 2, 2019, the Bureau proposed HMDA threshold and other changes in a Notice of Proposed Rulemaking (NRPM) and an Advanced Notice of Proposed Rulemaking (ANPR).

For closed-end mortgage loans, the NPRM proposes two alternatives that would permanently increase the coverage threshold from 25 to either 50 or 100 closed-end mortgage loans. For open-end lines of credit, it would extend for another two years the current temporary coverage threshold of 500 open-end lines of credit. Once that temporary extension expires, the NPRM would set the open-end threshold permanently at 200 open-end lines of credit.

The ANPR solicits comments about the costs and benefits of collecting and reporting the data points the 2015 HMDA Rule added to Regulation C and certain preexisting data points that the 2015 HMDA Rule revised. The ANPR also seeks comments about the costs and benefits of requiring that institutions report certain commercial-purpose loans made to a non-natural person and secured by a multifamily dwelling.

The NPRM is available at: https://files.consumerfinance.gov/f/documents/cfpb_nprm-hmda-regulation-c.pdf

The ANPR is available at: https://files.consumerfinance.gov/f/documents/cfpb_anpr_home-mortgage-disclosure-regulation-c-data-points-and-coverage.pdf

The comment periods on both the NPRM and ANPR have been extended to October 15, 2019.

Section 203: Synopsis – The Bank Holding Company Act was amended to exempt certain banks from the “Volcker Rule” when they have less than $10 billion in assets, and trading assets and liabilities comprising not more than 5% of total assets (the Volcker Rule prohibits banking agencies from engaging in proprietary trading or entering into certain relationships with hedge funds and private-equity funds); and

Section 204: Synopsis –  Volcker Rule restrictions on entity name sharing are eased in specified circumstances.

Effective Dates 203 & 204: Effective upon enactment but requires regulatory amendments.

Update: December 18, 2018 – The FDIC, FRB, OCC, SEC, and the U.S. Commodity Futures Trading Commission issued a notice of proposed rulemaking to amend regulations implementing the Volcker Rule consistent with the statutory amendments made by Sections 203 and 204. These statutory amendments modified the Volcker Rule to exclude certain community banks from the Volcker Rule and to permit banking entities subject to the Volcker Rule to share a name with a hedge fund or private equity fund that it organizes and offers under certain circumstances. The FDIC issued FIL-86-2018 regarding the proposal.

The changed made by EGRCCPA provide that the Volcker Rule does not apply to an institution that does not have (A) more than $10 billion in assets and (B) trading assets of more than 5%. This is a two-pronged test. Yahoo Finance provided an analysis of the statute and the proposal and argues that failing either criterion A or B would appear to be enough to qualify for the exemption, because (A and B) is not true if either A or B is false. However, under the regulation, both A and B must be false in order to qualify for the exemption. This could provide grounds for an institution that has more than $10 billion in assets, but trading assets of less than 5% of their assets, to challenge the statutory authority for applying the Volcker Rule to them. That did not appear to be the intent of the law and a court may have to decide that if a case was presented to it.

Based on September 30, 2018, call report data, this change to the Volcker Rule would exempt approximately 97.5% of the 5,486 U.S. depository institutions. Only 0.15% of depository institutions had trading assets equal to at least 5% of their total assets.

Section 201: Synopsis – The banking agencies must develop Community Bank Leverage Ratios (the ratio of a bank’s equity capital to its consolidated assets) and set a threshold of between 8 and 10% for well capitalized banks with assets of less than $10 billion. (This is currently 5%.)  Banks that exceed this ratio shall be deemed to be in compliance with all other capital and leverage requirements. The agencies may consider a company’s risk profile when evaluating whether it qualifies as a community bank for purposes of the ratio requirement.

Effective Date: The effective date is not stated, but regulatory changes are needed.

Update:  A Notice of Proposed Rulemaking was issued by the OCC, FRB and the FDIC, on November 28, 2018, and published February 8, 2019. This request for comment would simplify regulatory capital requirements for qualifying community banking organizations. The comment period ended in April 2019.

Community banks would be eligible to elect the community bank leverage ratio framework if it has less than $10 billion in total consolidated assets, limited amounts of certain assets and off-balance sheet exposures, and a community bank leverage ratio greater than 9 percent. A qualifying community banking organization that has chosen the proposed framework would not be required to calculate the existing risk-based and leverage capital requirements. Such a community banking organization would be considered to have met the capital ratio requirements to be well capitalized for the agencies’ prompt corrective action rules provided it has a community bank leverage ratio greater than 9 percent.

Section 202: Synopsis – The Federal Deposit Insurance Act will be amended to exclude reciprocal deposits of an insured depository institution from certain limitations on prohibited broker deposits if the total reciprocal deposits of the institution do not exceed the lesser of $5 billion or 20% of its total liabilities. The bank must have a composite condition of outstanding or good and be well capitalized. These deposits are also subject to limitations on interest rates paid. This will allow smaller banks previously hampered by FDIC premiums to compete with larger banks for larger deposit accounts.

Effective Date: Upon enactment, but regulatory changes are required.

Update: The FDIC published a proposed rule on September 12, 2018. As proposed, a well-capitalized and well-rated bank would not be required to treat reciprocal deposits as brokered deposits up to the lesser of 20 percent of its total liabilities or $5 billion. A bank that is not both well-capitalized and well-rated may also be able to exclude reciprocal deposits as brokered deposits under certain circumstances.

On December 18, 2018, the FDIC authorized publication of (1) the final rule on the treatment of reciprocal deposits, and (2) the advance notice of proposed rulemaking inviting comment on all aspects of the FDIC’s brokered deposit and interest rate regulations. https://www.fdic.gov/news/news/financial/2018/fil18087.html

On March 8, 2019, the FDIC made technical amendments to the preamble of a final rule published in the Federal Register on February 4, 2019. The final rule relates to a limited exception for a capped amount of reciprocal deposits from treatment as brokered deposits. As published, several industry participants raised concerns about the meaning of a sentence in the preamble of the final rule. To avoid potential confusion, the FDIC amended the language effective when these clarifications were published.

The FDIC recognizes that the statute only limits the amount of reciprocal deposits an institution may ‘‘receive’’ in order to be considered an agent institution.

Watch for Part 2 next month.

We’ll wrap up our EGRRCPA status update in our August 2019 Legal Briefs.

June 2019 OBA Legal Briefs

  • FDCPA
  • New stuff!
  • Changes in UCCC amounts effective 7/1/19
  • CFPB’s Spring 2019 Regulatory Agenda

FDCPA

By Andy Zavoina

The Fair Debt Collection Practices Act (FDCPA) is a new hot topic. I’ve already heard you thinking. “but that affects third party collectors and I’m collecting only debts owed to us, so it doesn’t apply.” But that may not be the case very soon. The FDCPA has been with us since 1977 and the “collection landscape” has been through a complete transformation since then. Answering machines were not yet popular, and no one thought about email, voicemail and text messaging. On top of that the lending landscape is greatly different as well. Technologies have changed, cultures have changed, and the existing rules are antiquated. When there was a question that tried to apply 1977 rules to a twenty-first century situation, many debtors and collectors turned to the courts for answers, because there was no federal authority writing rules under the FDCPA or “owning” them. The Federal Trade Commission issued interpretations, but they were not binding, and court rulings were not consistent, adding to the confusion on all sides.

The Consumer Financial Protection Bureau (CFPB) was assigned authority under the Dodd-Frank Act to address this issue and they published an interim rule in 2011 (made final in 2016) that covered the process for states to apply for exemption from the federal statute based on the existence of a similar state law or regulation. The Bureau also issued an advance notice of proposed rulemaking asking for information on debt collection procedures (the comment period and an extension expired in February 2014). Now, in 2019, we get proposed rules intended to update the FDCPA regulation, but we must recognize these first proposals are informed by comments that are already at least five years old (and by the Bureau’s experience in regulating – and litigating in the debt collection space. It is a slow pace by which we’ve reached this proposal, but it’s time to make a hole on your bookshelf or hard drive for Regulation F, as that is the FDCPA’s new home.
Many readers will also recall most banks could ignore the law and those early proposals because they were all directed at third party debt collectors working debts owed to others, like those your bank may send out. The CFPB had planned to later release a second version which would be similar but directed at first party collectors. Then the dominant parties in Washington changed and that second version was put on the shelf and retired. Many bankers breathed a sigh of relief believing they had dodged a bullet at a time when they were dealing with major changes in lending regulations.

Another task the CFPB has is to handle complaints from consumers. Consistently, when reports are compiled about these complaints, debt collection issues rank in the top two and historically is the number one complaint from consumers. Yes, I hear you, deadbeats will complain to try and get out of their debts. But there are far too many cases of collectors attempting to collect more money than is owed and on debts for which the person is not obligated to pay for one reason or another. The sheer volume of complaints tells everyone the system is broken and needs to be fixed. On May 21, 2019, round three started and we have a serious contender in this proposal which is open for comment through August 19, 2019.

Here is the rub. The advance copy of the new proposal is 538 pages long and you will not want to read it for entertainment no matter how much of a page turner it is. [The official Federal Register (single-spaced, small print) publication of the proposal is 145 pages of small print!] The proposal still defines a debt collector as a third-party collector and some bankers will stop there, because that means the proposed rule will not apply to them.

But it will, and here is why. Regulatory agencies and debtor’s attorneys have many arrows in their quivers, and they will shoot you where it hurts – right in the wallet — with whichever penalty works and costs you the most. We have seen this with other cases such as Regulation E. Some banks disclose that they follow Regulation E but then impose additional requirements. This is deceptive, and this is when the violation can be considered an Unfair, Deceptive or Abusive Act or Practice (UDAAP). The FDCPA proposal defines certain actions as abusive and deceptive and when, as a matter of law, an action is defined as such, you can reasonably anticipate those practices to then be enforced as UDAAP violations – even against first-party creditors. And this is one reason why banks should be familiar with the proposal and consider submitting a comment letter on issues management feels strongly about.

Another reason is that the bank will be in a better position to arrange for debts owed to them to be collected by third parties when it knows the rules up front and has, for example, complied with E-SIGN rules so that electronic communications are already approved by the debtor. It is easier when making a loan to complete the E-SIGN requirements and authorizations than when collecting it. CFPB Director Kathleen L. Kraninger said, “As the CFPB moves to modernize the legal regime for debt collection, we are keenly interested in hearing all views so that we can develop a final rule that takes into account the feedback received.” The CFPB is willing to accept your thoughts on the proposal; consider offering them.

The CFPB exists to protect consumers and as noted above, it receives many thousands of complaints about debt collections. There is no gray area, the goal of this FDCPA proposal is to strengthen those consumer protections. When I started in banking, my primary function was that of debt collector. I remember well how debtors dodged my calls and I was not alone. One “war story” I heard from a hard-core third-party collector was about when he called a residence and a child answered. Parents dodging calls had their kids answer often. He was told Mommy was not home by the little girl so he proceeded to befriend her a bit and then asked if she could write down a phone number for her mommy. He told her step by step, find mommy’s purse and get her lipstick and write this number on the wall!

In a very big Servicemembers Civil Relief Act case, the debtor reported, “…he and his wife began receiving debt collection calls. They report that Chase was sometimes calling three times a day; calls were made between 4 and 6 a.m. …” The Federal Trade Commission reports common tactics debt collectors use include telling a debtor he or she had committed a crime, like check fraud, and unless they paid the debt, they could be arrested, be sued, have their wages garnished and go to jail. Many collectors have harassed debtors, even after being provided with evidence that the debts had already been paid off. Some would illegally contact family, friends, and employers about past due debts. These bad apples are the catalyst for the strengthening of the FDCPA. It is intended to protect debtors from harassment and provide better information and processes to dispute a debt.

To accomplish this, the proposal would set limits on the number of weekly calls debt collectors can make to the debtor and clarify how they can communicate with the debtor. Additionally, it requires them to provide certain additional information about the debt to the debtor as a means of validation. The proposal would establish bright-line rules as to telephone communication by limiting debt collectors to no more than seven weekly attempts to reach a consumer about a debt. Once they reach a consumer, the collectors may have just one telephone conversation per week with that consumer about the debt. The regulation would clarify a consumer is protected by requiring debt collectors to send the debtors specific disclosures about the debt and additional consumer protections. The proposal would also clarify how debt collectors can communicate with consumers via voicemails, emails and text messages, and how consumers who don’t want to receive such communication can opt out. The proposed regulation would prohibit collectors from suing on debts that they knew or should have known had expired. And collectors will be prohibited from reporting consumer debt to a credit bureau until after they have informed the consumer.

Early in the proposal it states, “The proposal focuses on debt collection communications and disclosures and also addresses related practices by debt collectors.” This is evidenced with regards to debt servicing requirements lenders are already familiar with which was a point of conflict some years ago between mortgage servicing disclosures and the FDCPA. RESPA and mortgage servicing requirements promote communication with a borrower as to where the loan is, whom to pay, when, etc. The CFPB wrote the mortgage servicing rules in a way that enables loan servicers to send required communications without violating the FDCPA. To do this, the CFPB included a variety of exceptions and alterations to the mortgage servicing rules to avoid FDCPA risk.

The servicing rules have been evolving throughout this FDCPA update process. The CFPB issued Bulletin 2013-12 clarifying the interactions between the servicing rules and the FDCPA. Most recently, the CFPB issued the 2016 amendments to the mortgage servicing rules (effective in 2017 and 2018), which narrowed certain of the FDCPA-related exceptions.

Along with the 2016 servicing rule amendments the CFPB issued an Interpretive Rule which provided a safe harbor from FDCPA liability for complying with certain servicing rules. In general terms, the Interpretive Rule stated that: (1) communicating with a confirmed successor-in-interest (CSII), in accordance with the rules, does not violate the FDCPA prohibition on third party collection communications; (2) certain early intervention communications with a delinquent borrower, despite an FDCPA cease communication request, does not violate that provision of the FDCPA; and (3) communicating with a consumer regarding loss mitigation, despite an FDCPA cease communication request, does not violate that provision of the FDCPA, if the dialogue was initiated by the consumer.

The mortgage-specific provisions of the proposed debt collections rules, in part, pick up where the Interpretive Rule left off.

To reinforce what was in the Interpretive Rule, this proposal includes a special definition of a “consumer” for purposes of § 1006.6 dealing with decedent debt accounts. Definitions are still in § 1006.2. In the Interpretive Rule, the CFPB took the position that the special definition of a “consumer,” for specific purposes includes a type of individuals with whom a servicer needs to communicate about the mortgage loan.

Under the proposal, these persons would be deemed a “consumer” as it relates to: (1) the prohibitions regarding unusual or inconvenient times or places; (2) the prohibitions regarding consumers represented by an attorney; (3) the prohibitions regarding a consumer’s place of employment; (4) the prohibitions on communication with a consumer after a refusal to pay or cease communication notice; (5) communications with third parties; and (6) opt-out notices for electronic communications or attempts to communicate. In addition, this special definition of “consumer,” applies to the prohibited communication media provisions in the new Section 1006.14(h).

Speaking of definitions, “debt” is generally defined as it is under the Act, but the proposal adds a new category of debt called a “Consumer Financial Product or Service Debt,” which is a term incorporated from the Dodd-Frank Act. The idea is that certain of the rules apply to “debts,” and others to “Consumer Financial Products or Service Debts”.

The proposal allows for alternate content in the validation notice for loans subject to the mortgage periodic statement requirement in Reg Z, (§ 1026.41). Validation notices issued for these mortgages can omit certain items including the itemization date, amount of debt on the itemization date and the itemization of the current amount of the debt in a tabular format. This content can only be omitted, however, if the debt collector provides a copy of the most recent periodic statement provided to the consumer in accordance with Reg Z along with the validation notice and refers to the periodic statement in the validation notice. The Official Staff Commentary in the proposal contains a sample. All other validation notice will still be required.

The proposal clarifies how debt collectors may use technology to communicate with the debtors. Many technologies are new as compared to the FDCPA, voicemail, email and text messages to be specific and were not originally addressed in 1977. While these may now be used under the proposal, the debtors will also be allowed to opt-out or “unsubscribe” as it is sometimes referred to. There have been court cases involving calling an old cell number as an example and that counting it as a “call” so there is a new safe harbor proposed for unintentional communications with third parties via email or text message. Collectors must avoid using communications means that debtors request not be used. This is not dissimilar to a debtor now saying to not call again but revert to mail or some other method. Calls to cell phones and electronic communications generally are subject to the FDCPA’s prohibition on communicating at unusual and inconvenient times and places and collectors may still not use a debtor’s email that is known, or should be known, to be provided by that debtor’s employer. As to social media, only private messaging systems may be used to contact a debtor.

As to electronic disclosures, collectors must provide disclosures which can be retained/stored by the debtor. E-SIGN rules must be followed to utilize e-disclosures, and E-SIGN compliance is more easily done in advance than by a collector unless the debtor wants to follow these procedures and use electronic media. The bank should take care to ensure its E-SIGN agreement is transferable and follows the loan if it is assigned to a third-party collector.

Spanish and other foreign language notices may be used. Collectors may include an option for debtors to request notices in Spanish. They may provide validation notices in any language, so long as it is accompanied by an English notice or such English notice was already provided.

The number of calls and conversations will now be limited as noted above. This relates to the consumer protection and reduction of harassment goals of the revisions. The CFPB studied data from its Debt Collection Consumer Survey to determine how many times debtors were being contacted and found 14 percent of the time it would be 8 or more times per week. This was an estimated 6.9 million debtors. Collectors will be allowed no more than seven telephonic attempts per week to reach a debtor about a specific debt. Once a telephone conversation between the collector and debtor takes place, the collector must wait at least a week before calling the debtor again. Making payment arrangements for two days after the call will not allow an exception. There appears to be no limit on the number of emails or text messages that may be sent.

The proposal defines how debt collectors can provide required disclosures electronically. Collectors would be required to provide consumers with a disclosure containing information about the debt and related consumer protections including, for example, an itemization of the debt and plain-language information about how a consumer may respond to a collection attempt, including by disputing the debt. Additionally, the proposal requires the disclosure to include a “tear-off” that consumers can send back to the collector to respond to the collection attempt.

Collectors will be prohibited from providing information about a debt to a credit reporting agency unless the collector has communicated information about the debt to the debtor by, for example, sending the consumer a letter.

There is a series of cases referred to in the proposal as the Foti line and under these a voicemail message from a collector must contain certain information referred to as the “mini-Miranda.” Because the message must include information about the debt, leaving messages with the mini-Miranda could lead to liability if a third party hears the message. The proposed rule provides that no information regarding a debt is conveyed and no FDCPA “communication” occurs when debt collectors convey only the individual debt collector’s name, the consumer’s name, and a toll-free method that the consumer can use to reply to the collector.

Some prohibited practices in the proposal include one of the most litigated problems, time-barred debts. Debts have an expiration date set by individual states. After that defined period the debt is no longer collectible. Collectors may not transfer debts they know or should know have been paid or settled, have been discharged in bankruptcy or are associated with an identity theft report. They may not sue or threaten suit on time-barred debts or debts the collector should know are out-of-statute and no longer collectible.

For more information formulated in a tabular format, the CFPB has published, “Fast facts: Proposed Debt Collection Rule” on its website.

New stuff!

By Pauli D. Loeffler

OBA Legal/Compliance team’s new intern

We are excited to welcome Roy Adams as our intern this summer. Roy is a student at Oklahoma City University’s School of Law and will graduate next May. Before attending law school, Roy coordinated and assisted state/federal regulators and independent auditors, conducted case analysis, identified unusual financial activities, and wrote SAR narratives as required by the federal regulation. He monitored and tracked AML/BSA high-risk accounts, conducted EDD, and is well-versed in CIP/KYC policy and procedure. Roy will be contributing both in answering your emails and writing articles for the OBA Legal Briefs. He’s already working on an article for next month’s Legal Briefs.

New OBA Legal Links content

In the March 2018 OBA Legal Briefs, I talked about the OBA’s website update and provided you with a list of Templates, Forms, and Charts available on the Legal Links page. Several more have been added in addition to other updated content. Check it out!

Changes in UCCC amounts effective 7/1/19

By Pauli D. Loeffler

Sec. 1-106 of the Oklahoma Uniform Consumer Credit Code in Title 14A (the “U3C”) makes certain dollar limits subject to change when there are changes in the Consumer Price Index for Urban Wage Earners and Clerical Workers, compiled by the Bureau of Labor Statistics, U.S. Department of Labor. You can download and print the notification from the Oklahoma Department of Consumer Credit by clicking here.

It is also accessible on the OBA’s Legal Links page under Resources once you create an account with the OBA. You can access the Oklahoma Consumer Credit Code and the changes in dollar amounts for prior years from links on the Legal Links page as well.

Increased Late Fee

The maximum late fee that may be assessed on a consumer loan is the greater of (a) five percent of the unpaid amount of the installment or (b) the dollar amount provided by rule of the Administrator for this section pursuant to § 1-106. As of July 1, 2019, the amount provided under (b) will increase by $.50 to $26.00.

Late fees for consumer loans must be disclosed under both the UC3 and Reg Z. For a bank to be able to impose any late fee, the consumer must agree to it in writing. Any time a loan is originated, deferred or renewed, the bank is given the opportunity to obtain the borrower’s consent in writing to the increased late fee set by the Administrator of the Oklahoma Department of Consumer Credit. However, if a loan is already outstanding and is not being modified or renewed, a bank has no way to unilaterally increase the late fee amount if it states a specific amount in the loan agreement.

On the other hand, the bank may take advantage of an increase in the dollar amount for late fees if the late-fee disclosure is worded properly, such as:

“If any installment is not paid in full within ten (10) days after its scheduled due date, a late fee in an amount which is the greater of five percent (5%) of the unpaid amount of the payment or the maximum dollar amount established by rule of the Consumer Credit Administrator from time to time may be imposed.”

§ 3-508B Loans

Some banks make small consumer loans based on a special finance-charge method that combines an initial “acquisition charge” with monthly “installment account handling charges,” rather than using the provisions of § 3-508A with regard to maximum annual percentage rate. § 3-508A is the section containing provisions for a “blended” rate by tier amounts under (1)(a) as well as the alternative of using a flat 25% APR under (1)(b). § 3-508A is NOT subject to annual adjustment without statutory amendment.

The permitted principal amounts for § 3-508B is adjusting from $1,530.00 to $1,560.00 for loans consummated on and after July 1, 2019.

Sec. 3-508B provides an alternative method of imposing a finance charge to that provided for Sec. 3-508A loans. Late or deferral fees and convenience fees as well as convenience fees for electronic payments under § 3-508C are permitted, but other fees cannot be imposed. No insurance charges, application fees, documentation fees, processing fees, returned check fees, credit bureau fees, or any other kind of fee is allowed. No credit insurance even if it is voluntary can be sold in connection with in § 3-508B loans. If a lender wants or needs to sell credit insurance or to impose other normal loan charges in connection with a loan, it will have to use § 3-508A instead. Existing loans made under § 3-508B cannot be refinanced as or consolidated with or into § 3-508A loans, nor vice versa.

As indicated above, § 3-508B can be utilized only for loans not exceeding $1,560.00. Further, substantially equal monthly payments are required. The first scheduled payment cannot be due less than one (1) calendar month after the loan is made, and subsequent installments due at not less than 30-day intervals thereafter. The minimum term for loans is 60 days. The maximum number of installments allowed is 18 months calculated based on the loan amount as 1 month for each $10.00 for loan amounts between $155.95 and $364.00 and $20 for loan amounts between $364.01 – $1,560.00.

Lenders making § 3-508B loans should be careful and promptly change to the new dollar amount brackets, as well as the new permissible fees within each bracket for loans originated on and after July 1st. Because of peculiarities in how the bracket amounts are adjusted, using a chart with the old rates after June 30 may result in excess charges for certain small loans and violations of the U3C provisions.

Since §3-508B is “math intensive,” and the statute both online or in a print version does not show updated acquisition fees and handling fees, you will find a modified version of the statute with the 2019 amounts on the Legal Links page UCCC Section 3-508B – Effective July 1, 2019. Again, you will need to register an account with the OBA in order to access it.

The acquisition charge authorized under this statute is deemed to be earned at the time a loan is made and shall not be subject to refund. Provided, however, if the loan is prepaid in full, refinanced or consolidated within the first sixty (60) days, the acquisition charge will NOT be deemed fully earned and must be refunded pro rata at the rate of one-sixtieth (1/60) of the acquisition charge for each day from the date of the prepayment, refinancing or consolidation to the sixtieth day of the loan. The Department of Consumer Credit has published a Daily Acquisition Fee Refund Chart for 2019 and prior years with links on this page. Further, any if a loan is prepaid, the installment account handling charge shall also be subject to refund. A Monthly Refund Chart for handling charges for can be accessed on the page indicated above, as well as § 3-508B Loan Rate (APR) Table.

§ 3-511 Loans

I frequently get calls when lenders receive a warning from their loan origination systems that a loan may exceed the maximum interest rate. Nearly always, the banker says the interest rate does not exceed the alternative non-blended 25% rate allowed under § 3-508A according to their calculations. Usually, the cause for the red flag on the system is § 3-511. This is another section for which loan amounts may adjust annually. Here is the section with the amounts as effective for loans made on and after July 1, 2019, in bold type.

Supervised loans, not made pursuant to a revolving loan account, in which the principal loan amount is $5,200.00 or less and the rate of the loan finance charge calculated according to the actuarial method exceeds eighteen percent (18%) on the unpaid balances of the principal, shall be scheduled to be payable in substantially equal installments at equal periodic intervals except to the extent that the schedule of payments is adjusted to the seasonal or irregular income of the debtor; and

(a) over a period of not more than forty-nine (49) months if the principal is more than $1,560.00, or

(b) over a period of not more than thirty-seven (37) months if the principal is $1560.00 or less.

The reason the warning has popped up is due to the italicized language: The small dollar loan’s APR exceeds 18%, and it is either a single pay or interest-only with a balloon.

Dealer Paper “No Deficiency” Amount

If dealer paper is consumer-purpose and is secured by goods having an original cash price less than a certain dollar amount, and those goods are later repossessed or surrendered, the creditor cannot obtain a deficiency judgment if the collateral sells for less than the balance outstanding. This is covered in Section 5-103(2) of the U3C. This dollar amount was previously $5,100.00 and increases to $5,200.00 on July 1.

CFPB’s Spring 2019 Regulatory Agenda

by John S. Burnett

The CFPB recently announced the Spring 2019 updates to its regulatory agenda.

In the short term, the Bureau intends to issue an extension for the underwriting requirements compliance date in its Payday Loan rule. We’ll see what happens in the next few weeks.

Other items on the Agenda:

• December 2010 – proposed rule on public disclosure of HMDA data
• January 2020 — resume pre-rule work on data collection on women-owned, minority-owned, and small business lending
• Before November 2020 – Final determination on reconsideration (read: rescission) of the underwriting requirements of the Payday Loan rule.
• In pre-rulemaking stage: Rulemaking to bring “Property Assessed Clean Energy” (PACE) loans under the ability-to-repay and general civil liability provisions of the Truth in Lending Act.
• Further refinements to Regulation C implementing HMDA

May 2019 Legal Briefs

  • What to say and not say
  • Dead beneficiaries
  • Dead joint tenants
  • Funds belong to an estate
  • Watch your fees

What to say or not say

By Mary Beth Guard

Last summer, while on a trip to Indiana, I got an “urgent” call forwarded from my home phone to my cell phone from a large money center bank that we had a credit card account with. The stressed-sounding individual said that the bank did not have all my personal identifying information and my card privileges would be terminated unless I went in person to one of the bank’s branches and presented acceptable ID and supplied additional information.

Hmmmmmm. The nearest branch of this bank was at least 200 miles away from where I was at the time, so a little visit just wasn’t going to happen. But here’s the thing. We had opened the credit card account in 1987 with a different financial institution. My husband was the accountholder and I merely had user privileges on a convenience card on the account. A number of years ago, the credit card portfolio of the original issuer was acquired by the bank calling me. We had always paid the balance in full each month by the payment due date and at the time I received their phone call, not only was there no outstanding balance, but we hadn’t used the card in close to six months.
I will admit, I blew off the phone call and didn’t give it another thought until we got back home to Oklahoma. When we returned from Indiana, there was a large envelope with serious paperwork in it, all marked URGENT, all indicating that if I did not get myself to a branch of their bank somewhere with identifying documents in the very near future, they would close out the credit card account. Yes, I ignored that, too.

Another phone call followed. The bank’s representative sounded so desperate and exasperated that I imagined him being hooked up to electrodes controlled by some lunatic that would sizzle and burn the bank’s rep if I didn’t immediately capitulate to his request.

Color me curious. I had to know what prompted the crazy calls. Why, after all those years, would the bank suddenly decide they needed to get to know me better? With thirty years of usage history and payments, their neural network software could easily construct a profile of me, just based upon my spending history, and the databases to which they had access would fill in the blanks. I had questions.

The next time the dude called, I went into interrogation mode. “Why do you need more identifying information on me?” I asked. “Because we don’t have it,” he responded. “Well, that’s because 30+ years ago when my husband designated me as an individual he wanted to have a card on his account, you didn’t request or require detailed information on me.” “Yes,” he said, “That is true, but now we need that information.”

“Need.” That is a special word (one that my husband sometimes claims I don’t know the meaning of – but that’s another story). So, the bank “needs” that information. Wow! Who knew?! I had more questions.

“So, why do you need the information?” The guy got all serious as he attempted to answer and he did something one should never do (unless, of course, it is true): he attempted to justify his actions by saying that they were required by law. Oops. He overplayed his hand as he told me in a very authoritative-sounding voice that “the recently passed USA PATRIOT Act required all financial institutions to go back and review their records to ensure they had complete, up-to-date identifying information on all of their accountholders.”

I picked the low-hanging fruit first, pointing out that I wasn’t an actual accountholder, but merely an authorized user on the account. It didn’t matter, he insisted. I was viewed as a “customer” and they needed the information.

So, I moved on. “About this ‘recently passed USA PATRIOT Act,’ wasn’t that law actually enacted around 2002?” “Well, I’m not sure, that could be right – but a new rule on beneficial ownership requires us to get additional information.” Okay, he was really stepping in it at that point.

“Yeah. That beneficial ownership rule requires you to obtain information on the beneficial owners of certain legal entities. This is a consumer account. No entities are involved. How does that rule come into play?” I queried. “And on existing customers, what is the trigger for pursuing additional information?”

“Lady, I cannot take the time to educate you about all the laws and rules our bank has to comply with. Just let me assure you, we must obtain this information and you must present your drivers license at one of our branches.” [Those of you who know I have never had a drivers license are chuckling at this point. Those of you who have attended one of my new accounts programs are replaying in your minds the part where I talk about the fact that not everyone has a drivers license, whether due to a disability, lack of desire (or, in my case, knowing I would be really bad at being behind the wheel of a motor vehicle), thus the proper thing to say when CIPing a customer via the documentary verification method is “We will need to see acceptable ID, such as a drivers license, state ID, passport, or similar unexpired, government issued photo ID.”]

Okay, if he didn’t have time to educate ME about the laws and rules, perhaps I should take the time to educate him? Naaa. Life’s too short to provide free clues to the clueless.

Here is the bottom line: The bank had decided to require more information than any law or regulation actually required them to obtain and they were doing so without a specific regulatory trigger. It is certainly within the bank’s right to determine what it wants to know about its customers and it can seek that information at any time, but it needs to couch the request properly as being driven by the bank – not as being crammed down the bank’s throat by the government. When you make an assertion to the wrong person that a statute or a rule mandates something, someone is going to call you out on it and you’re going to lose all credibility.

He could have said “Our bank is working hard and going beyond what many other banks do In order to protect accounts against fraud or abuse and to fight terrorism. In connection with that effort, the bank is taking steps to ensure it knows who is really using its products and services. In any instance where we don’t find complete identifying information on a customer, we are working to address that. Our bank wants to be able to say that it knows the true identity of each and every customer, so that means going back to accounts established when the standards for identity verification were minimal and working to bring the information in our records up to current standards for each customer.”

Employees should know, for any customer requirement or limitation, what the source is: law, regulation, policy, generally accepted banking practice – and should be careful not to misstate the origin.

There are various times when specific things should be said:

– When a safe deposit box is being rented, the bank employee should say “You will want to read through your safe deposit box rental agreement so that you understand your rights and responsibilities. Also, because the contents of the box are known only to you, you may wish to talk to your insurance agent about obtaining insurance on the contents of your box.

– When a customer who has had an individual account appears to want to add someone to it and make it a joint account, it would be ideal for the bank employee to first have an opportunity to speak to the individual account owner alone (outside the presence of the person who is going to be added) to ensure they understand the ramifications of bringing someone on as a joint owner. The bank employee could say “There are two options for adding someone to your account. Let me explain the differences so you can decide which alternative best meets your needs. You could add Sydney as an authorized signer. If you put him on as an authorized signer, he is regarded as your agent and his transactions on the account should be for your benefit. He would not be an owner of the account and could not use it for his personal banking business. For example, he should not be allowed to deposit items made payable to him into the account. If we receive a garnishment or levy relating to Sydney’s debts, funds from the account would not be sent to those creditors because the funds would be deemed to belong to you – not to Sydney. If you wanted the funds in your account to pass to Sydney upon your death, you could designate him (and whomever else you desire) as Pay on Death beneficiar(y)ies.” Then the employee would go on to explain joint ownership. “If you instead make Sydney a joint owner, he will have co-equal rights to you on the account. It will legally be treated as his account just as much as it is considered yours. He would not be bound to act for your benefit. He could act for his own benefit and can use the account for any lawful purpose. He can make deposits of checks payable to him, he can have direct deposits and can set up auto debits. Once you name him a joint owner, you cannot remove him. To sever the joint account relationship, you would have to close the account and open a new one in just your name.” I recommend this “eyes wide open” foundation to informed consent because of the many scenarios we have dealt with over the years where a customer thinks it’s “their account” and the joint owner is just on there to do their bidding, not realizing that once it gets made a joint account, all that is out the window.

– When a customer is opening a new account, the required disclosures (Reg E, CC, P, etc.) must be provided before the account relationship is established (i.e., before they sign on the dotted line of the signature card.) The thinking of Congress and the regulators is that the disclosures provide important and useful information that should be used in deciding whether to go through with the account opening. As soon as you know the type of account the person is contemplating opening, you print out and hand them the disclosures. If it is a consumer account, you say “Please look over these disclosures that are required by federal law. They will help you understand how quickly you will have access to your funds after a deposit, what our privacy policy and practices are, what to do in the event of a problem with a direct deposit or an electronic funds transfer, such as an auto-debit from your account or a transaction with an ATM or debit card. Plus, they will tell you about the rate [if interest-bearing], fees, and terms on your new account.”
There are other times when certain things should NOT be said. Never commit the bank to a specific course of action until all the facts are known. For example, a wonderful customer comes in all upset saying that a forged check for $12,000 was paid on their account. At that point, when that is all you know, you need to simply say “I am so sorry to hear this. We will look into this right away.” If you ordinarily would think “great customer, forged check, we need to return their money” – not so fast. When you begin your investigation, you may learn the forged check was paid over a year ago, so your bank would have no liability because of the one year bar. You may very well make a business decision to give the money back anyway, but legally you would not be required to, so the factors that go into your decision-making will be different.
Be sympathetic but absolutely noncommittal in any situation where you need to dig for facts before liability can be ascertained – such as where a customer claims unauthorized ACH transactions occurred, a payment wasn’t credited properly on a loan account, they were charged fees they should not have been charged, their deposit was misencoded, an endorsement was bogus – whatever. If you make any kind of statement that could be misconstrued by the customer as meaning that you will take care of their loss, you are going to have a reputation issue to deal with if you decide not to do so.

Dead beneficiaries

By Mary Beth Guard

If your bank is proactive about asking customers whether they wish to designate one or more POD beneficiaries (and I certainly hope you are, because it is an important option under Oklahoma law for allowing funds in a deposit account to pass without going through probate), I would wager a guess that lurking in your deposit accounts are POD beneficiaries that are no longer living, and that is not a good thing. Here’s why.

Section 901 of the State Banking Code (6 O.S. §901) provides the authority for designation of pay on death beneficiaries on deposit accounts held by individuals. It provides various choices:

1. The accountholder can designate one or more individuals as beneficiaries;

2. The accountholder can designate one or more trusts as beneficiaries;

3. The accountholder can designate one or more charitable organizations (i.e., non-profit organizations that are tax exempt under IRS Code Section 501(c)(3) as beneficiaries;

4. The accountholder can designate a mix of eligible beneficiaries – for example, naming 7 individuals, two charitable entities, and a trust. Whenever there are multiple POD beneficiaries on an account, each receives an equal share.

Under paragraph (B)(1) of Section 901, when a deposit has been set up as POD, on the death of the account owner the funds are to be paid to the designated beneficiaries, BUT if an individual named beneficiary is not living, the funds must go to the estate of the named beneficiary. Just think about that. The reason your customer set up POD beneficiaries in the first place was so the funds in the account could pass to whomever they designate without having to go through court. Easy, quick, no cost. But if a beneficiary predeceases the account owner, that throws a giant crimp in the works because that beneficiary’s share will need to go to the beneficiary’s estate. We’ve had some circumstances where the beneficiary predeceased the account owner by twenty years and the estate proceeding for the beneficiary had been concluded many years earlier. In other situations, there was never an estate proceeding. So, figuring out how to get the funds out of the bank and into the hands of the rightful parties becomes a real challenge.

How do you avoid this dilemma? Here are some possible courses of action:

 Any time you become aware that an individual named as a POD beneficiary on one of your customer’s accounts has passed away, send a letter to your customer (or talk to the customer in person or by phone) to say: “We were sorry to hear of Jack’s passing and want to convey our condolences. You know, Jack is a pay on death beneficiary on your account. If you don’t change that, when you die the funds will have to go to Jack’s estate and may require a court proceeding, which is probably not what you want. We would be happy to assist you in updating your beneficiary designations.”

 Use a statement stuffer (or online banking message) to say: “Have you updated your Pay on Death Beneficiary designations? Under Oklahoma law, if a beneficiary dies before the accountholder, the funds must go to the beneficiary’s estate. To avoid that, update your beneficiaries to remove any who have passed away and add one or more new beneficiaries of your choice.”

 Do a proactive review of your POD accounts to identify those that had beneficiaries designated more than ten years ago. Consider making phone calls or sending letters or putting a message on the system for a CSR to chat with the customer next time they are in the lobby or branch to do a “welfare check” on the beneficiaries and to see if the customer wants to make any changes – even where the beneficiaries are still alive and kicking.

There is also another alternative. The statute itself provides authority to designate one primary POD beneficiary and one or more contingent beneficiaries. It says, in pertinent part:

If any named primary beneficiary is not living, the share of that beneficiary shall instead be held for or paid to the estate of that deceased beneficiary unless contingent beneficiaries have been designated by the account owner as allowed by paragraph 4 of this subsection.

3. Each P.O.D. beneficiary designated on a deposit account shall be a primary beneficiary unless specifically designated as a contingent beneficiary.

4. If there is only one primary P.O.D. beneficiary on a deposit account and that beneficiary is an individual, the account owner may designate one or more contingent beneficiaries for whom the funds shall be held or to whom the funds shall be paid if the primary beneficiary is not living when the last surviving owner of the account dies. If there is more than one primary P.O.D. beneficiary on a deposit account, contingent beneficiaries shall not be allowed on that account.

5. If the only primary P.O.D. beneficiary is not living and one or more contingent beneficiaries have been designated as allowed by paragraph 4 of this subsection, the funds shall be held for or paid to the contingent beneficiaries in equal shares, and shall not belong to the estate of the deceased primary beneficiary. If the only primary beneficiary is not living, and a contingent beneficiary or contingent beneficiaries have been designated as allowed by paragraph 4 of this subsection, but one or more designated contingent beneficiaries are also not living, the share that otherwise would belong to any deceased contingent beneficiary shall instead be held for or paid to the estate of that deceased contingent beneficiary…

7. If only one primary P.O.D. beneficiary has been designated on a deposit account, the account owner may add the following, or words of similar meaning, in the style of the account or in the account agreement: “If the designated P.O.D. beneficiary is deceased, then payable on the death of the account owner to (Name of Beneficiary), (Name of Beneficiary), and (Name of Beneficiary), as contingent beneficiaries, in equal share.”

8. Adjustments may be made in the styling, depending upon the number of owners of the account, to allow for survivorship rights, and the number of beneficiaries. It is to be understood that each beneficiary is entitled to a proportionate share of the account proceeds only after the death of the last surviving account owner, and after payment of account proceeds to any secured party with a valid security interest in the account. In the event of the death of a beneficiary prior to the death of the account owner, the share of that beneficiary shall go to the estate of that beneficiary. Unless one or more contingent beneficiaries have been designated to take the place of that beneficiary as provided in paragraph 4 of this subsection. All designated primary P.O.D. beneficiaries shall have equal shares. All designated contingent P.O.D. beneficiaries shall have equal shares as if the sole primary beneficiary is deceased.

Let’s look at an example of how the primary/contingent thing would work. Let’s say Shirley wants to put her sister Wanda on her account as POD beneficiary. Shirley and Wanda are each in their mid-80s and while Shirley is in great shape, Wanda is a big ball of medical issues and it’s not likely she will live to see too many more trips around the sun. Knowing all this (and I dare say some of you community bankers could practically complete genealogical charts and medical histories on some of your customers because you get to know them so well!), when Shirley wants to designate Wanda as her POD beneficiary, she could make Wanda the primary beneficiary and name contingent beneficiaries. That way, if Wanda dies before Shirley does, Shirley doesn’t have to come in and change anything. The contingent beneficiaries will click into first place.

If it were me, any time a customer wants to designate just one beneficiary, I would gently urge them to also name contingent beneficiaries at the same time.

Think about the many times you have dealt with accounts of deceased customers. In instances where the customer had carefully chosen and kept updated POD beneficiaries, there is a good feeling knowing that the funds are able to pass, hassle-free, to the customer’s chosen recipients.

Dead joint tenants

By Mary Beth Guard

Want to see me cringe? Tell me something like “Lola and Wayne Flintner had a joint account. Wayne died. We’ve kept the joint account open so Lola can deposit checks payable jointly, and she can also deposit any checks payable to Wayne.” Can you hear me loudly moaning “NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO!”?

“What is the problem?” you might ask, adding, “We’ve done it this way for years.”

Deposit accounts are governed by law and by the terms of the deposit account agreement. When you have an account that is joint tenancy with right of survivorship and one of the two joint owners passes away, the joint tenancy terminates by virtue of the contract terms. The terms specify that if one of the joint owners dies, the account and the funds in it automatically become the property of the surviving joint owners. So, Wayne dies. The joint ownership of the account ceases. It is now an individual account owned solely by Lola.

“Yes,” you tell me, “We realize it will become Lola’s account, but we hold off on having her sign a new signature card because we know there are checks she wants to deposit.”

Let me be perfectly clear. It is not going to “become” Lola’s individual account at a future point in time. It became an individual account owned by Lola as soon as Wayne died.

“But the signature card is marked ‘joint account’ and both their names are on it!” you exclaim.

“Yes,” I reply, but under contract law and the terms of the deposit agreement, it is now a sole ownership account. That is what all the parties – the bank, Lola, Wayne – agreed to at the account inception. That’s how that account “works” from a legal standpoint.

If there is a check payable to Wayne that was issued after he died or even one issued before his death that simply didn’t get deposited while he was alive, the check now belongs to Wayne’s estate. And if a check arrives and is jointly payable to Wayne and Lola, his ghost can’t endorse it and it is therefore non-negotiable. It needs to either be reissued, or Lola needs to endorse it over to Wayne’s estate and the representative for Wayne’s estate needs to handle it.

What’s the harm? (That’s what you’re thinking, right? You’re thinking Wayne would want Lola to get the money.) The harm is that you are converting the check. You are taking funds that belong (in whole or in part, depending upon whether the check is payable to Wayne individually or jointly) to Wayne’s estate and you are doing posthumous estate planning, deciding for yourself that you are going to divert the funds from the estate and give them to Lola. You don’t have the legal right to do so and you could face liability.

Who would care?

 Creditor’s of Wayne’s estate. They stand first in line to make claims against any assets.

 If there are no creditors (or if there are plenty of other assets to satisfy creditors), then the beneficiaries under Wayne’s will (which may or may not include Lola) would be next in line.

 If Wayne didn’t leave a will, his heirs would be entitled to the assets in his estate, after payment of creditors.

Funds belonging to an estate

by Mary Beth Guard

My aunt passed away recently and a check payable to her arrived at my cousin’s house a few weeks later. Her will named my cousin executor, but because she had already disposed of the bulk of her assets through other means (joint tenancy with right of survivorship, having assets in her trust, POD accounts, etc.) it did not appear that any probate was going to be necessary, so my cousin endorsed the check as “Estate of so-and-so” then signed his name, followed by “Executor.” He wanted to deposit it into his personal account.

The bank asked for copies of the court documents appointing him Executor. Of course, there were none. Not only that, if he had been the Executor and was trying to put the check into his personal account, the bank would have been on notice of breach of fiduciary duty under Section 3-307 of the Uniform Commercial Code. Correctly, the bank refused to accept the deposit. Not surprisingly, my cousin was infuriated. The way he looked at it, there were no creditors, he and his sister were to receive everything via his mother’s stated wishes in her will. Once he understood the reasoning, he still wasn’t happy, but he was better able to accept it.

I wish I could say that he managed to get the check reissued, but the reality is that he sent to his sister for deposit into the small bank in Kansas where she does business. She signed underneath his endorsement and no one raised any objection to sticking it into her account. Argh. That bank obviously was either oblivious to the risk or was willing to take the risk, due to the small amount of the check, the large balance in the account, and the long-term customer relationship. I just rolled my eyes because I know when the next one comes in and my cousin strikes out when trying to deposit it, we will hear the old familiar refrain: “But my sister’s bank accepted one like it, why can’t you?” Now you know why.

Watch your fees

By Mary Beth Guard

When is the last time you reviewed the fees your bank charges? It’s time to take a close look. The number one complaint from customers these days is excessive or hidden fees. I receive a number of different email reports of current litigation and court decisions and I’m seeing a definite trend of lawsuits, class action and otherwise, from consumer — as well as even a few commercial customers, alleging that fees were wrongly charged. In some instances, the plaintiffs assert the fees were not contracted for or were not properly disclosed. In others, they allege the fees are onerous. Start your review and next time we’ll examine specific problematic fee practices.

April 2019 OBA Legal Briefs

  • Complaints
  • MLA SNAFU
  • Convenience fees on loan payments

Complaints

By Andy Zavoina

“We just don’t get complaints, we pride ourselves on customer service.” That may be true at some bank, perhaps one with a unicorn as a mascot, but I’ll wager most banks have customers who are unhappy about NSF and other account fees, being denied a loan, or a slow drive-up lane, or who feel that the bank should be open until 8 p.m. Regardless, even if your bank really has no complaints here are two reasons there should be a complaint monitoring system in place.

First, the revised Risk-Focused Compliance Supervision Program considers this critical. In November 2016 the FFIEC updated Uniform Interagency Consumer Compliance Rating System (CCRS). The FFIEC member agencies Ithe Fed, FDIC, NCUA, OCC and CFPB) implemented the updated rating system on consumer compliance examinations for exams after March 31, 2017. The CCRS is divided into three major categories and twelve assessment factors. The second category, used to evaluate a bank’s Compliance Program, has four assessment factors, one of which is Consumer Complaint Response. More on that in a moment, but suffice it to say that your regulatory agency wants your bank to have a plan to detect and resolve complaints if there was a “wrong” involved. How does the bank know there was a complaint? It trains staff to detect, resolve and learn from them.

Second, it only takes one complaint to get your bank on a Department of Justice or class action suit radar. Let’s examine a few real-life cases of complaints and enforcement actions. Keep in mind that these are a few we know of because they were in the mainstream media. How many smaller actions were there that we just didn’t hear about or the results were confidential, in a bank Report of Examination, and we just couldn’t hear about them?

The first case created problems for California Auto Finance (CAF). There was a single complaint made by a servicemember to the DOJ that her car was repossessed while she was on active duty. This single complaint lead to an $80,000 consent order with a record payment of $30,000 to one servicemember. Here’s a summary of what happened:

DOJ received a complaint in November 2016 from Army Private Andrea Starks. CAF had repossessed Starks’ car from her grandmother’s home the first day Starks was in basic training. Was this a case of a repossession agent on the hunt for Starks’ car and finding it unknowingly a day late, after she was protected by the Servicemembers Civil Relief Act (SCRA)? Not really, because Starks had notified CAF that she was enlisting, so they were made aware of her status and as a large subprime lender, surely, they are keenly aware of SCRA protections, or so you would think. In March 2018, the DOJ filed a lawsuit against CAF alleging violations of the SCRA, because there had been no court order allowing the repossession to take place. CAF then had to provide a list of all repossessions from December 2011 until December 2018. How long would it take your bank to provide such a list for a seven-year period?

Analysis of this list revealed a second repossession. Army Specialist Omar Martinez was in his first month of active duty when his car was repossessed. Prior to entering the military Martinez had also notified CAF of his employment change and again, CAF should have been aware of the SCRA protections. Because of the repossession’s impact on Martinez’ credit, he was unable to purchase a new car and had to rely on rideshares and taxis for over a year. According to the DOJ press release, CAF reached a private settlement with Starks. As part of the consent order, CAF agreed to pay Martinez $30,000. That’s the highest amount the DOJ has ever recovered for one servicemember.

CAF in fact did not have an SCRA compliance policy or procedures in place. In addition to the $30,000 paid to Martinez, the consent order requires CAF to train all its employees about SCRA requirements if they are involved in servicing covered loans or repossessing collateral. The consent order was still pending court approval in March 2019. This case started with a single complaint. CAF had received no others.

In the second example, a lawsuit was filed in July 2016 alleging that COPOCO Community Credit Union had violated the SCRA by repossessing cars owned by protected servicemembers without first obtaining court orders allowing it to do so. In July 2017 COPOCO and the DOJ entered into an agreement requiring the credit union to change its policies and compensate four servicemembers whose cars were repossessed in violation of the SCRA, $10,000.

This case was launched after the DOJ received a complaint from Alyssa Carriveau, the wife of U.S. Army Private First Class Christian Carriveau, alleging that COPOCO had repossessed their car, along with their two-year-old daughter’s car seat, from the driveway of their home. (Note, the DOJ and media emphasized the car seat. That’s a nice reputational knife in the back because it isn’t as though a repo agent will knock on the debtor’s door and ask them to clean out the vehicle before it is taken away.) Carriveau initially believed her car was stolen, but she later learned it had been “repoed.” Her husband, PFC Carriveau, was away at military training at the time and she was not able to get to work without the vehicle. The DOJ investigation showed COPOCO had no policies for SCRA compliance. After filing the lawsuit, the DOJ discovered three additional repossessions that violated the SCRA.

The agreement called for the Carriveaus, whose car was returned the day after repossession, to be credited $5,000 to the balance of their motor vehicle loan and to receive a lump sum $2,500 paid to them directly.

As for the other servicemembers, who COPOCO claimed never even made any claim against them, each would be awarded $10,000, less any amounts that were past due at the time of repossession which were still owed. They would also receive the amount of lost equity in the repossessed vehicle and interest accrued on the lost equity. COPOCO also paid a $5,000 penalty to the DOJ. Again, one complaint started this case.

In our third example, Wells Fargo reached a $4 million settlement with the DOJ. Like the two prior cases, this involved repossessions. This may be low hanging fruit for the DOJ as the tests are fairly simple — was the debtor a covered servicemember, and was there a court order issued allowing the repossession?

This case began when the DOJ received a complaint from the Army’s Legal Assistance Program alleging that Wells Fargo had repossessed Army National Guardsman Dennis Singleton’s car while he was preparing to deploy to Afghanistan. Wells Fargo repossessed the car, sold it at a public auction and then tried to collect a deficiency balance of over $10,000 from Singleton. While seeking assistance with debt consolidation, Singleton met with a National Guard attorney and learned about his rights under the SCRA. The attorney requested information from Wells Fargo about the original loan and repossession and asked for copies of the correspondence and Singleton’s payment history. Wells Fargo never responded to that request and the attorney requested the DOJ’s assistance. The ensuing investigation revealed 413 repossessions of vehicles owned by covered servicemembers. There was also a companion enforcement order from the OCC which assessed a $20 million civil money penalty and required Wells Fargo to make restitution to servicemembers harmed by the bank’s SCRA.

Staff from each of these lenders could have handled these cases differently and the outcomes could have been dramatically different. This is why bank staff needs to be trained and know how to handle complaints while recognizing those complaints which should be elevated for immediate attention to others at the proper level in the organization. Recognizing a problem that may be an anomaly with low risk differs from a systemic problem, which is likely to be widespread, and an isolated complaint concerning a subjective error differs from a complaint alleging a violation of law.

So let’s go back to the CCRS and determine what your bank needs to do as to complaint resolution, because it will influence your compliance management system rating. Assigned ratings range from 1 to 5, reflecting an increasing order of concern. The CCRS ratings are as follows:

• 1 reflects a strong CMS and the bank takes action to prevent violations of law and consumer harm.

• 2 is a satisfactory CMS that shows the bank is managing consumer compliance risk for the products and services offered and limits violations of law and consumer harm.

• 3 indicates a deficient CMS, and the bank has an increased risk with products and services and a recognized inability to limit violations of law and consumer harm.

• 4 reflects a CMS seriously deficient at managing risk with the bank’s products and services and/or at preventing violations of law and consumer harm. “Seriously deficient” indicates fundamental and persistent weaknesses in crucial CMS elements and severe inadequacies in core compliance areas necessary to operate within the scope of statutory and regulatory consumer protection requirements and to prevent consumer harm.

• 5 reflects a CMS critically deficient at managing risk for the bank’s products and services offered and/or at preventing violations of law and consumer harm. “Critically deficient” indicates an absence of crucial CMS elements and a demonstrated lack of willingness or capability to take the appropriate steps necessary to operate within the scope of statutory and regulatory consumer protection requirements and to prevent consumer harm.

As to the CCRS section specifically addressing complaint responses, the FFIEC provided the criteria used to evaluate a 1 to 5 rating. These are the benchmarks that will be used for your rating.

1. Processes and procedures for addressing consumer complaints are strong. Consumer complaint investigations and responses are prompt and thorough.

• Management monitors consumer complaints to identify risks of potential consumer harm, program deficiencies, and customer service issues and takes appropriate action.

2. Processes and procedures for addressing consumer complaints are adequate. Consumer Complaint investigations and responses are generally prompt and thorough.

• Management adequately monitors consumer complaints and responds to issues identified.

3. Processes and procedures for addressing consumer complaints are inadequate. Consumer complaint investigations and responses are not thorough or timely.

• Management does not adequately monitor consumer complaints.

4. Processes and procedures for addressing consumer complaints and consumer complaint investigations are seriously deficient.

• Management monitoring of consumer complaints is seriously deficient.

5. Processes and procedures for addressing consumer complaints are critically absent. Meaningful investigations and responses are absent.

• Management exhibits a disregard for complaints or preventing consumer harm.

In particular, pay attention to management’s responsibilities. Upper management will not be responsible to investigate or reply to complaints. But it will be responsible for establishing the culture, supported by sound policies, procedures and training that will determine the bank’s rating. Management must be involved in complaint management and compliance must provide periodic reports describing what is happening.

Other than improved customer satisfaction, what incentive does a bank have to work harder on complaint resolutions? In addition to being recognized for a better CMS rating, your CCRS rating helps define your examination schedule. As an example, a small (<$250M) FDIC-examined bank with a 1 or 2 rating is due to be examined each 30-36 months, while a 3-rated bank can expect an exam each 12-24 months.

Larger FDIC banks with a 1 or 2 rating are recommended for a compliance examination each 24-26 months while those with a 3 should expect an exam on a 12-24-month interval.

MLA SNAFU

By Andy Zavoina

I was disturbed by a recent question involving the Military Lending Act (MLA). The actual question was not difficult but playing the part of my 4-year-old grandson I would ask, “why” and to that answer, “why” and so on. This can be done to get to the root of a problem, and it is something auditors should do often. At the crux of the matter, this bank misinterpreted a provision of the law and the consequences could be severe.

Let’s get some housekeeping out of the way first. The law I’m addressing is actually the Department of Defense regulation “Limitations on Terms of Consumer Credit Extended to Service Members and Dependents (under Military Lending Act)” and is commonly referred to as the MLA.

When a covered loan is made to a covered borrower there are disclosures which must be made, and legally required terms of the contract between the bank and the borrower. The nature of the problem here started with the basics, so let’s review some of those. A “covered borrower” (§232.3(g)) is a person who, at the time they become obligated on a consumer credit transaction is:

1. A regular or reserve member of the Army, Navy, Marine Corps, Air Force, or Coast Guard, serving on active duty under a call or order that does not specify a period of 30 days or fewer, or such a member serving on Active Guard and Reserve duty as that term is defined in 10 U.S.C. 101(d)(6), or

2. A dependent of someone meeting the qualifications of the above. There is more to the definition of a dependent but typically this would be a spouse. For the particulars, review 232.3(g) and 10 USC 1072(2) but a quick test would be if they have a dependent ID card, they are a dependent.

Consumer credit (§ 232.3(f)(1)) means credit offered or extended to a covered borrower primarily for personal, family, or household purposes, that is:

(i) Subject to a finance charge; or

(ii) Payable by a written agreement in more than four installments.

That is a very broad definition, but the Department of Defense (DoD) included exceptions. For these purposes, consumer credit does not mean:

1. A residential mortgage, which is any credit transaction secured by an interest in a dwelling, including a transaction to finance the purchase or initial construction of the dwelling, any refinance transaction, home equity loan or line of credit, or reverse mortgage;

2. Any credit transaction that is expressly intended to finance the purchase of a motor vehicle when the credit is secured by the vehicle being purchased;

3. Any credit transaction that is expressly intended to finance the purchase of personal property when the credit is secured by the property being purchased;

4. Any credit transaction that is an exempt transaction for the purposes of Regulation Z (other than a transaction exempt under 12 CFR 1026.29) or otherwise is not subject to disclosure requirements under Regulation Z; and

5. Any credit transaction or account for credit for which a creditor determines that a consumer is not a covered borrower by using a method and by complying with the recordkeeping requirement set forth in § 232.5(b).

Exceptions 2 and 3 above can be problematic. When read as above a lender may believe a purchase money loan is exempted and that was the root of my banker question. The DoD has published additional guidance on the MLA and these sections in particular. Without having to revise the MLA, it was clarified through a Question and Answer document that a lender must understand what the DoD considers “to finance the purchase of” a motor vehicle or personal property. Here is the guidance:

Question: Does credit that a creditor extends for the purpose of purchasing a motor vehicle or personal property, which secures the credit, fall within the exception to “consumer credit” under 32 CFR 232.3(f)(2)(ii) or (iii) where the creditor simultaneously extends credit in an amount greater than the purchase price of the motor vehicle or personal property?

Answer: The answer will depend on what the credit beyond the purchase price of the motor vehicle or personal property is used to finance. Generally, financing costs related to the object securing the credit will not disqualify the transaction from the exceptions, but financing credit-related costs will disqualify the transaction from the exceptions.

Section 232.3(f)(1) defines “consumer credit” as credit offered or extended to a covered borrower primarily for personal, family, or household purposes that is subject to a finance charge or payable by written agreement in more than four installments. Section 232.3(f)(2) provides a list of exceptions to paragraph (f)(1), including an exception for any credit transaction that is expressly intended to finance the purchase of a motor vehicle when the credit is secured by the vehicle being purchased and an exception for any credit transaction that is expressly intended to finance the purchase of personal property when the credit is secured by the property being purchased.

A credit transaction that finances the object itself, as well as any costs expressly related to that object, is covered by the exceptions in § 232.3(f)(2)(ii) and (iii), provided it does not also finance any credit-related product or service. For example, a credit transaction that finances the purchase of a motor vehicle (and is secured by that vehicle), and also finances optional leather seats within that vehicle and an extended warranty for service of that vehicle is eligible for the exception under § 232.3(f)(2)(ii). Moreover, if a covered borrower trades in a motor vehicle with negative equity as part of the purchase of another motor vehicle, and the credit transaction to purchase the second vehicle includes financing to repay the credit on the trade-in vehicle, the entire credit transaction is eligible for the exception under § 232.3(f)(2)(ii) because the trade-in of the first motor vehicle is expressly related to the purchase of the second motor vehicle. Similarly, a credit transaction that finances the purchase of an appliance (and is secured by that appliance), and also finances the delivery and installation of that appliance, is eligible for the exception under § 232.3(f)(2)(iii).

In contrast, a credit transaction that also finances a credit-related product or service rather than a product or service expressly related to the motor vehicle or personal property is not eligible for the exceptions under § 232.3(f)(2)(ii) and (iii). For example, a credit transaction that includes financing for Guaranteed Auto Protection insurance or a credit insurance premium would not qualify for the exception under § 232.3(f)(2)(ii) or (iii). Similarly, a hybrid purchase money and cash advance credit transaction is not expressly intended to finance the purchase of a motor vehicle or personal property because the credit transaction provides additional financing that is unrelated to the purchase. Therefore, any credit transaction that provides purchase money secured financing of a motor vehicle or personal property along with additional “cashout” financing is not eligible for the exceptions under § 232.3(f)(2)(ii) and (iii) and must comply with the provisions set forth in the MLA regulation.

When the MLA was revised many bankers believed GAP insurance could be financed with the loan and that this met the raw definition in the law. The DoD was explicit in its interpretation that financing the GAP insurance would disqualify the exemption and therefore require disclosures and certain contract terms to include a cap of 36 percent on the Military Annual Percentage Rate (MAPR). The MAPR is similar to the Annual Percentage Rate under Reg. Z except that it is more inclusive and therefore is generally greater than the APR.

If a bank missed the finite terms in the DoD guidance document which will be used to interpret the law, there could be severe consequences, found in section 232.9 (Penalties and Remedies) of the MLA.

Violators are subject to criminal and civil penalties under the rule. Moreover, consumer credit contracts that are not in compliance with the rule will be deemed void from inception.

(a) Misdemeanor. A creditor who knowingly violates 10 U.S.C. 987 as implemented by this part shall be fined as provided in title 18, United States Code, or imprisoned for not more than one year, or both.

(b) Preservation of other remedies. The remedies and rights provided under 10 U.S.C. 987 as implemented by this part are in addition to and do not preclude any remedy otherwise available under State or Federal law or regulation to the person claiming relief under the statute, including any award for consequential damages and punitive damages.

(c) Contract void. Any credit agreement, promissory note, or other contract with a covered borrower that fails to comply with 10 U.S.C. 987 as implemented by this part or which contains one or more provisions prohibited under 10 U.S.C. 987 as implemented by this part is void from the inception of the contract.

(d) Arbitration. Notwithstanding 9 U.S.C. 2, or any other Federal or State law, rule, or regulation, no agreement to arbitrate any dispute involving the extension of consumer credit to a covered borrower pursuant to this part shall be enforceable against any covered borrower, or any person who was a covered borrower when the agreement was made.

(e) Civil liability

(i) In general. A person who violates 10 U.S.C. 987 as implemented by this part with respect to any person is civilly liable to such person for:

(ii) Any actual damage sustained as a result, but not less than $500 for each violation;

(iii) Appropriate punitive damages;

(iv) Appropriate equitable or declaratory relief; and

(v) Any other relief provided by law.

(2) Costs of the action. In any successful action to enforce the civil liability described in paragraph (e)(1) of this section, the person who violated 10 U.S.C. 987 as implemented by this part is also liable for the costs of the action, together with reasonable attorney fees as determined by the court.

(3) Effect of finding of bad faith and harassment. In any successful action by a defendant under this section, if the court finds the action was brought in bad faith and for the purpose of harassment, the plaintiff is liable for the attorney fees of the defendant as determined by the court to be reasonable in relation to the work expended and costs incurred.

(4) Defenses. A person may not be held liable for civil liability under paragraph (e) of this section if the person shows by a preponderance of evidence that the violation was not intentional and resulted from a bona fide error notwithstanding the maintenance of procedures reasonably adapted to avoid any such error. Examples of a bona fide error include clerical, calculation, computer malfunction and programming, and printing errors, except that an error of legal judgment with respect to a person’s obligations under 10 U.S.C. 987 as implemented by this part is not a bona fide error.

(5) Jurisdiction, venue, and statute of limitations. An action for civil liability under paragraph (e) of this section may be brought in any appropriate United States district court, without regard to the amount in controversy, or in any other court of competent jurisdiction, not later than the earlier of:

(i) Two years after the date of discovery by the plaintiff of the violation that is the basis for such liability; or

(ii) Five years after the date on which the violation that is the basis for such liability occurs.

So, if a lender misinterprets the requirements of the MLA, especially if this has been done for an extended period (these major changes to the MLA were effective in October 2016). and if that lender was active, that simple misinterpretation can have huge consequences.

What does it mean to void the contract? This could require a lender to refund all the fees and interest paid by the borrower and hopefully walk away with a recovery of the principal. But do not forget the other damages the covered borrower may collect. If the borrower is successful in court, the lender could also be liable for the court costs and attorney’s fees. Plus, this was an active lender and there may be hundreds, even thousands of loans that could be voided and included in a class action suit.

The penalties that can be enforced by regulators likely depend on the size of the lender, the severity of the violations, the lender’s initial attempts to comply with the MLA and its prior history of compliance. At the end of the day, these are not issues management wants to address. It is far simpler to stay abreast of the laws, regulations, interpretive guidance and to put in place audit controls which provide prompt corrective actions.

Convenience fees on loan payments

By Pauli Loeffler

Oklahoma Senate Bill 1151 was enacted in 2017 to permit supervised lenders (federal regulated financial institutions and lenders licensed by the Oklahoma Department of Consumer Credit that make loans with APRs exceeding 10%) to charge consumer borrowers convenience fees for electronic loan payments effective November 1, 2018. The statute is found in Title 14A O.S. § 3-508C. You can read the statute here.

The statute allows supervised lenders to charge a fee for convenience payments made by debit card, electronic funds transfer, electronic check or other electronic means for loans subject to §§ 3-508A and 3-508B. Section 3-508A provides the maximum interest rate at consummation for most consumer loans. It does not apply to the vast majority of real estate secured loans, loans for education, and consumer loans exceeding the threshold amount which is the same for both the U3C and Reg Z. It also does not apply to agricultural, commercial, or loans to other than natural persons, e.g. trusts. Section 3-508B provides an alternative method of imposing a finance charge to that provided for § 3-508A loans, but until the enactment of § 3-508C prohibited all fees other than late fees and deferral fees.

So, what does § 3-508C allow? The bank can impose and collect a convenience fee on an electronic payment transaction as long as the fee does not exceed the actual cost incurred by the lender or four percent (4%) of the electronic payment transaction, whichever is less. “Actual costs” is defined as the actual third-party costs incurred for the processing of payments made by electronic means. Note that if the bank is a subsidiary of the entity processing the payment, the parent entity is considered a third-party. If the installment payment being made is $25.00, the bank will only be able to charge the borrower $1 and isn’t a real money maker if the actual cost exceeds that amount.

The bank must provide the consumer the option to make payments on a loan by check, cash, or money order directly to the lender in order to avoid the imposition of a convenience fee. If the bank wants to charge the consumer a convenience fee for various types of electronic payment transactions, it must fully disclose the fee either in the loan disclosures or at the time of the specific electronic payment transaction. Even if the bank discloses the fee in the loan documents, before the bank can charge a convenience fee, it must notify the customer of the amount of the fee prior to completing the electronic payment transaction as well as provide the customer an opportunity to cancel the transaction without incurring a fee. This applies regardless of whether the request is made via telephone (train your employees) or online (“A convenience fee in the amount of $x.xx will be assessed… Click “cancel” if you do not wish to proceed with payment”). Finally, the convenience fee is NOT refundable if the customer elects to proceed with payment. It is advisable to notify the customer of this fact as well.

March 2019 OBA Legal Briefs

  • HMDA Reference Chart
  • Flood Update

HMDA Reference Chart

by Andy Zavoina

If your bank is a HMDA bank, congratulations, you’re a survivor and the 2018 Loan Application Register (LAR) is put to bed. I won’t mention that a first quarter review for 2019 is due in just a few weeks.

In a helpful way, the Consumer Financial Protection Bureau (Bureau) recently issued a resource document, the “Reportable HMDA Data: A Regulatory and Reporting Overview Reference Chart for HMDA Data Collected in 2019.” This reference chart may just help you out as you dig into this year’s HMDA records. The document includes changes to Reg C since HMDA was revised in 2015, through and including changes effective January 1, 2019, in accordance with the Economic Growth, Regulatory Relief, and Consumer Protection Act (EGRRCPA).  The latest Filing Instructions Guide (FIG) is referenced, and the document also includes information helping smaller filers know what to file as “not applicable” or “exempt.” This is an exemption applicable to the new data categories required by the Dodd-Frank Act and the HMDA rule as adopted by the Bureau when the bank’s applicable mortgage loans are below certain thresholds and certain Community Reinvestment Act rating criteria are met. More on this below, in case you are not sure if you meet the criteria. This chart does not replace the 2019 FIG, however, and it should be referenced for filing and LAR entry guidance as well.

As for banks qualifying for some LAR entry exemptions, there are several criteria which must be met. For closed-end mortgage loans, the partial exemption will apply if the bank originated fewer than 500 of these loans in each of the two prior calendar years.  For home equity lines of credit (HELOCs), the partial exemption will apply if the bank originated fewer than 500 HELOCs in each of the two prior calendar years.  The HELOC change will not initially affect reporting because, for 2018 and 2019, the threshold to report HELOCs is 500 transactions in each of those two calendar years under a temporary rule issued by the Bureau.

Even if your bank originates loans or HELOCS below the applicable threshold, HMDA’s partial exemption from reporting the new HMDA data categories does not apply if your bank received “Needs to Improve” rating during each of its two most recent CRA exams, or “Substantial Noncompliance” on its most recent CRA examination. Both the loan volume and CRA tests must be met.

The 2019 Chart provides information on how a lender opting to not report a Universal Loan Identifier for an application or loan under the exemption would report a Non-Universal Loan Identifier for the application or loan. It also includes additional guidance on reporting of the Credit Scoring Model and the reporting of the Automated Underwriting System result. The 38-page Chart may be found here: https://s3.amazonaws.com/files.consumerfinance.gov/f/documents/cfpb_reportable-hmda-data_regulatory-and-reporting-overview-reference-chart-2019.pdf

Not related to the 2019 Chart, I’d like to bring out some recent HMDA and HMDA-related questions which may be of interest to bankers. The first addresses the new Uniform Residential Loan Application (URLA). Many bankers have asked when it should be used. The short answer is, beginning July of this year. According to Fannie Mae, as of February 26, 2019, it has published the final Direct Underwriter Specification of the test period, along with other updated resources supporting the redesigned URLA/Form 1003.

The URLA/Form 1003 is a standard form adopted by Fannie Mae and Freddie Mac (the Government-Sponsored Enterprises (GSEs

Fannie Mae also updated a FAQ page. Here are a few of importance to banks:
12) When will the GSEs require the updated AUS datasets to be delivered?

On February 1, 2020, lenders will be required to submit new applications using the updated AUS datasets based on MISMO v3.4. Applications received before February 1, 2020, that have not closed (e.g., loans for new construction) will be accepted in the existing data formats (1003 v3.2 flat file and MISMO v2.3.1 format for DU and the MISMO v2.4 for LP) until February 1, 2021, when only the datasets based on MISMO v3.4 may be submitted. This will provide lenders with the opportunity to close out their existing pipeline of loans which were previously submitted in the existing data formats.

An “Optional Use Period” for the updated AUS datasets begins on July 1, 2019, and ends on February 1, 2020. The GSEs recommend the industry use this time to:

  • Test POS/LOS updates
  • Test System dependencies to ensure the new data format flows through systems
  • Check Integration with the GSEs
  • Conduct training and plan for implementation rollout
  • Update policies and procedures as well as any customization they may need to do to support the new datasets.

Lenders may begin testing loan file submissions with each GSE at any time.

During the optional use period, the GSEs’ AUS systems will continue to accept the legacy formats (Fannie Mae: 1003 3.2 flat file, MISMO v2.3.1 / Freddie Mac: MISMO v2.4).

13) What should I be doing now to prepare for the redesigned URLA and updated AUS specifications?

The specific steps you should be taking at any given time will vary based on where your organization is in the planning and implementation process, but the following are some actions, at a high level, that will help you prepare:

  • Identify any data on the redesigned URLA that you do not currently collect and develop a plan to obtain that data.
  • If you use a technology solution provider, reach out to them to ensure they have copies of the updated AUS specifications. Determine the type and timeframe of testing you need to conduct with your vendor and work with them to understand when they expect to be ready to produce and receive the new data interface files. Remember, you are not mandated to start submitting loan application submission files to the GSEs’ AUS systems until February 1, 2020.
  • If you maintain your own system, work with internal technical and business analysts to scope and schedule the tasks necessary to process the updated AUS specifications.
  • Regularly check each GSE’s URLA/ULAD web page for additional updates to the AUS specifications to ensure you are using the most recent version. Reach out to your GSE representatives, as needed, to confirm requirements and arrange testing with the GSEs.

24) Can a lender submit the current AUS formats with the redesigned URLA? UPDATED

No, the redesigned URLA cannot be used with the existing AUS formats; new formats must be used due to the differences in the data collection between the redesigned URLA and the old URLA. The redesigned URLA may be used starting July 2019. Lenders using the redesigned URLA must use the updated AUS Specifications for each GSE – for Fannie Mae, DU Specification MISMO V3.4, and for Freddie Mac, Loan Product Advisor v5.0.0n.

The entire FAQ can be found at https://www.fanniemae.com/content/faq/urla-ulad-faqs.pdf.

Another question asked if the URLA/Form 1003 was required to be used for mortgage loans? The answer is No, it is not. It may be required by investors, however, as the URLA/Form 1003 is a “standardized” and accepted form; but if the bank has the required information for its real estate loan there is no format that is required under Regs B, C or Z, only certain pieces of information. The URLA/Form 1003 meets the information requirements.

As an example, national banks are overseen by the Office of the Comptroller of the Currency (OCC). National banks not subject to HMDA that received 50 or more home loan applications during the previous calendar year may choose either of the two recordkeeping systems. They may maintain HMDA-like records, or record and maintain the Monthly Home Loan Activity Format under the Fair Housing Home Loan Data System (12 CFR 27). This includes the number of applications received, closed, denied, and withdrawn. More specific information includes:

  • Application information including:
    – date of application
    – type of loan (purchase, construction-permanent, refinance)
    – any government insurance and type
    – is it an application or inquiry
    – case number
    – race/national origin
    – property location (complete street address and census if located in one in which the bank has an office)
  • If an appraisal is completed:
    • The appraised value; and
    • The census tract number, where available, for those properties that are in a Metropolitan Statistical Area (MA) in which the bank has a home office or branch office.
  • Disposition of loan application using the following categories:
    • Withdrawn before terms were offered;
    • Withdrawn after terms were offered;
    • Denied;
    • Terms offered and accepted by applicant(s).
  • If final terms are offered, whether or not accepted:
    • The loan amount.
    • Whether private mortgage insurance is required, and if so, the terms of the insurance.
    • Whether a deposit balance is required, and if so, the amount.
    • The note (simple) interest rate.
    • The number of months to maturity of the loan offered.
    • Points,
    • Commitment date.
  • The type of mortgage using the following categories:
    • Standard Fixed Payment;
    • Variable Rate;
    • Graduated Payment;
    • Rollover;
    • Other.
  • The name or identification of the bank office where the application was submitted.
  • Whenever credit is denied, copy of the Equal Credit Opportunity Act credit notice and statement of credit denial.
  • Any additional information used by the bank in determining whether or not to extend credit, or in establishing the terms.

As luck would have it, this information would be in your loan file and much of it would be on your URLA/Form 1003. National banks must attempt to gather the application information. I once asked my OCC examiner what “attempt to gather” meant and he replied that if we used the URLA/Form 1003 with the applicants, then we have met that “attempt to gather” standard.

Now, the longer answer to the original questions as to when may a bank start using the new URLA/Form 1003, the effective date on the form itself is July 2019 and it should not be used before that. The GSEs will require the use of the redesigned URLA for all new loan applications in February 2020, so your bank has time to train and adopt the new form. Now is the time to review the new form and understand what the changes are, what new data is requested, and how you will begin using the form. Your investors may be communicating with you already as to requirements they may have on usage.

Another HMDA question was about a credit score used by an investor. This investor required the credit score from a particular credit reporting agency and if the applicant or co-applicant had no score, to use 555 and both applicants’ scores were averaged with that single result being used in the credit decision. For example, Applicant 1 does not have a credit score and Applicant 2 has a score of 777. The average is calculated as 555+777=1332/2=666. The credit score is now 666. Is this reported on the LAR?

Generally, I would say the bank needs to report the scores from the bureau on the first two applicants. The methodology of the investor is separate from HMDA. But the plain text of Reg C says, as to the LAR entry: “(i) Except for purchased covered loans, the credit score or scores relied on in making the credit decision and the name and version of the scoring model used to generate each credit score.”

And the FIG states, “1. Credit Score of Applicant or Borrower. Enter, in numeral form, the credit score, or scores relied on in making the credit decision for the applicant or borrower, or of the first co-applicant or co-borrower, as applicable. If Regulation C requires your institution to report a single score that corresponds to multiple applicants or borrowers, report the score in either the applicant field or the co-applicant field. Or, enter the applicable Code from the following:

Code 7777—Credit score is not a number
Code 8888—Not applicable
Code 9999—No co-applicant
Code 1111—Exempt”

The bank used an average score, but also used a proxy score when no score existed. I question the categorization of “555” as credit score because for Reg C, a credit score means “a numerical value or a categorization derived from a statistical tool or modeling system used by a person who makes or arranges a loan to predict the likelihood of certain credit behaviors, including default (and the numerical value or the categorization derived from such analysis may also be referred to as a “risk predictor” or “risk score”); and

(ii) does not include—

(I) any mortgage score or rating of an automated underwriting system that considers one or more factors in addition to credit information, including the loan to value ratio, the amount of down payment, or the financial assets of a consumer; or

(II) any other elements of the underwriting process or underwriting decision.”

The bank and/or investor need to justify the proxy score, in my opinion, if it is to be reported. This may already be justified somewhere by the investor. You should ask the investor about it.

The commentary to Reg C at 1003.4(a)(15)3 has an example on this question, stating: “3. Credit score—multiple applicants or borrowers. In a transaction involving two or more applicants or borrowers for whom the financial institution obtains or creates a single credit score and relies on that credit score in making the credit decision for the transaction, the institution complies with § 1003.4(a)(15) by reporting that credit score for the applicant and reporting that the requirement is not applicable for the first co-applicant or, at the financial institution’s discretion, by reporting that credit score for the first co-applicant and reporting that the requirement is not applicable for the applicant. Otherwise, a financial institution complies with § 1003.4(a)(15) by reporting a credit score for the applicant that it relied on in making the credit decision, if any, and a credit score for the first co-applicant that it relied on in making the credit decision, if any. To illustrate, assume a transaction involves one applicant and one co-applicant and that the financial institution obtains or creates two credit scores for the applicant and two credit scores for the co-applicant. Assume further that the financial institution relies on a single credit score that is the lowest, highest, most recent, or average of all of the credit scores obtained or created to make the credit decision for the transaction. The financial institution complies with § 1003.4(a)(15) by reporting that credit score and information about the scoring model used for the applicant and reporting that the requirement is not applicable for the first co-applicant or, at the financial institution’s discretion, by reporting the data for the first co-applicant and reporting that the requirement is not applicable for the applicant. Alternatively, assume a transaction involves one applicant and one co-applicant and that the financial institution obtains or creates three credit scores for the applicant and three credit scores for the co-applicant. Assume further that the financial institution relies on the middle credit score for the applicant and the middle credit score for the co-applicant to make the credit decision for the transaction. The financial institution complies with § 1003.4(a)(15) by reporting both the middle score for the applicant and the middle score for the co-applicant.”

In this case I would still consider inquiring with the investor how the 555 was derived and how it qualifies as a credit score. If your bank is faced with this, it may also consider calling HMDA Help to determine if this is an acceptable method when only “one credit score is used.” That rule is typically applied when a tri-merge report is accessed and only one of the three scores is used. In this case you have one score and one proxy and then you average them, so it is a different application of this rule. The commentary also indicates how a bank reports when it “obtains or creates a single credit score and relies on that credit score in making the credit decision for the transaction” to ensure that this proxy is acceptable in the first place.

Credit scores must be supported by a statistically sound methodology. Any bank using a proxy number and reporting it as a credit score should be familiar with how it is derived and its proper and authorized use. HMDA does provide examples and one validated model may be used to create another. But the bank needs to know that what was done is compliant when the bank is making decisions based on one or more score models.

As this article goes to press in early March, I do notice some email auto-responses from compliance professionals who were heavy into HMDA indicating they’ll reply when they return from vacation. Take a rest, you’ve earned it. But as you prepare for Q1-2019 LAR reviews, be aware of the tools and the rules for 2019 records.

Flood Update

By Andy Zavoina

On February 12, 2019, the OCC, FRB, FDIC, FCA and NCUA (the Agencies), jointly published final rules on required acceptance of private flood insurance pursuant to the Biggert-Waters Act.  These rules will be effective July 1, 2019. The 90-page rule document has four main objectives:

  1. It implements the Biggert-Waters Act (from 2012) requirements that banks accept private flood policies that meet the criteria specified in the Act.
  2. It allows your bank to rely on an insurer’s written assurances that a private flood insurance policy does meet the Biggert-Waters criteria.
  3. It allows your bank to accept private flood insurance policies that do not meet the Biggert-Waters Act criteria, under certain conditions.
  4. It allows your bank to accept certain flood coverage plans provided by mutual aid societies, subject to agency approval.

The National Flood Insurance Program (NFIP) was first authorized in 1968. If you have been in real estate lending for any length of time, you are aware that the NFIP is in one of two states— funded, or not funded—and the latter means there is difficulty in closing loans requiring flood insurance.  As an example, just before the December-January federal government shutdown, the NFIP was temporarily funded. There was some confusion over whether flood insurance policies could be issued but that was resolved, and they could be. When the government reopened in late January, there was no additional funding for the NFIP, so as you read this, keep in mind the latest reauthorization for the NFIP expires on May 31, 2019.

The Biggert-Waters Act intended that by requiring banks to accept private insurance flood policies, the risk from payouts could be spread to other than the federal government. Initially the wording and practices in the industry made this difficult and that it why it has taken nine years to reach a final rule. But we are not out of the woods yet.

This final rule permits your bank to exercise discretion to accept flood insurance policies issued by private insurers as well as plans providing flood coverage issued by mutual aid societies, such as Amish Aid organizations, that do not meet the statutory definition of “private flood insurance.” This acceptance is subject to certain restrictions. Congress explicitly provided for private flood insurance to fulfill this requirement instead of the Standard Flood Insurance Policy (SFIP) from the NFIP, if the private flood insurance met the conditions defined in the statute.

The law (42 USC 4012a(b)(7)), defines private flood insurance. You can find the law here: https://www.law.cornell.edu/uscode/text/42/4012a.

The problem is that some insurance companies polices may not conform to this definition, it is not yet known if they will be made to conform, and banks may choose to not accept them as they fail to meet the mandatory acceptance criteria. The Agencies did not provide much latitude to allow nonconforming policies and the result is that some states insurance laws will have restrictions conflicting with these rules, such as to the filing of claims or cancellation of policies. The Agencies understand this and even stated in the final rule that “The Agencies recognize that there may be conflicts between the definition of ‘private flood insurance’ and State laws, and that the laws of certain States may prevent flood insurance policies issued by companies regulated by these States from meeting the definition of ‘private flood insurance.’ In such cases, regulated lending institutions are not required to accept policies that comply with State laws and conflict with the definition of ‘private flood insurance.’ However, as discussed in greater detail below, regulated lending institutions may still exercise their discretion to accept certain policies issued by private flood insurers, even if the policies do not conform to the definition of ‘private flood insurance.’ ”

The final rule does require some small changes to the statutory definition of private flood insurance and that is the Agencies’ way of adding clarity as an aid to compliance. As an example, the final rule adopted the proposed language as, “… the proposed rule defined ‘private flood insurance’ consistent with the statutory definition, with some clarifying edits, to mean an insurance policy that: (1) is issued by an insurance company that is licensed, admitted, or otherwise approved to engage in the business of insurance in the State or jurisdiction in which the property to be insured is located, by the insurance regulator of that State or jurisdiction or, in the case of a policy of difference in conditions, multiple peril, all risk, or other blanket coverage insuring nonresidential commercial property, is recognized, or not disapproved, as a surplus lines insurer by the State insurance regulator of the State or jurisdiction where the property to be insured is located; (2) provides flood insurance coverage that is at least as broad as the coverage provided under a standard flood insurance policy issued under the NFIP (SFIP), including when considering deductibles, exclusions, and conditions offered by the insurer; (3) includes a requirement for the insurer to give written notice 45 days before cancellation or non-renewal of flood insurance coverage to the insured and the regulated lending institution, or a servicer acting on the institution’s behalf; (4) includes information about the availability of flood insurance coverage under the NFIP; (5) includes a mortgage interest clause similar to the clause contained in an SFIP; (6) includes a provision requiring an insured to file suit not later than one year after the date of a written denial for all or part of a claim under a policy; and (7) contains cancellation provisions that are as restrictive as the provisions contained in an SFIP.”  This is very close to 42 USC 4012a(b)(7), linked above.

The term “as broad as” is used in the final rule and the law. The final rule provides that your bank need not accept policies with additional exclusions unless the exclusions actually provide more coverage to the policyholder, so it works in the policyholder’s favor, but takes nothing away from the bank. As an example, an SFIP policy will define what a covered “flood” is and a private policy must be as rigid but may go further and include more flood-like events in the coverage. The private policy must include the same types of coverage such as the building and contents at a minimum, but can include more. The deductibles must be no higher than an SFIP policy allows and the excluded losses can be no more restrictive than an SFIP policy, but can have variances that favor the policyholder and bank.

Recognizing that not all banks, especially smaller ones, may have personnel with the skillsets to recognize and compare the differences between a private policy and an SFIP policy, there is a compliance aid for mandatory acceptance.  Your bank may determine that a policy meets the definition of “private flood insurance” without further review so long as a prescribed statement is included within the policy or as an endorsement to the policy: “This policy meets the definition of private flood insurance contained in 42 U.S.C. 4012a(b)(7) and the corresponding regulation.” This statement need not be present to accept a policy, but if it is, the bank’s responsibilities are met as to ensure the compliance requirements are met. Note that a policy cannot be rejected simply because the statement is not there.

The bank does have discretionary acceptance authority if the policy does meet certain criteria:

(i) It provides coverage in the amount which must be at least equal to the lesser of the outstanding principal balance of the designated loan or the maximum limit of coverage available for the particular type of property under the Act;

(ii) Is issued by an insurer that is licensed, admitted, or otherwise approved to engage in the business of insurance by the insurance regulator of the State or jurisdiction in which the property to be insured is located; or in the case of a policy of difference in conditions, multiple peril, all risk, or other blanket coverage insuring nonresidential commercial property, is issued by a surplus lines insurer recognized, or not disapproved, by the insurance regulator of the State or jurisdiction where the property to be insured is located;

(iii) Covers both the mortgagor(s) and the mortgagee(s) as loss payees, except in the case of a policy that is provided by a condominium association, cooperative, homeowners association, or other applicable group and for which the premium is paid by the condominium association, cooperative, homeowners association, or other applicable group as a common expense; and

(iv) Provides sufficient protection of the designated loan, consistent with general safety and soundness principles, and the [financial institution] documents its conclusion regarding sufficiency of the protection of the loan in writing.

Why would a bank determine a private policy is not adequate? The Agencies note some factors but this is not a complete list. Consider:

  1. whether the flood insurance policy’s deductibles are reasonable based on the borrower’s financial condition;
  2. whether the insurer provides adequate notice of cancellation to the mortgagor and mortgagee to ensure timely force placement of flood insurance, if necessary;
  3. whether the terms and conditions of the flood insurance policy with respect to payment per occurrence or per loss and aggregate limits are adequate to protect the regulated lending institution’s interest in the collateral;
  4. whether the flood insurance policy complies with applicable State insurance laws; and
  5. whether the private insurance company has the financial solvency, strength, and ability to satisfy claims.

The final rule is available here, https://www.fdic.gov/news/news/press/2019/pr19006a.pdf . It certainly includes more information than is in this summary especially as to mutual aid societies which we do not have the space to discuss and may not be of key interest to our readers.

February 2019 OBA Legal Briefs

  • TILA-RESPA FAQs
  • Service member complaints
  • Authorized signers
  • 2nd Amendment Auditors

TILA-RESPA FAQs

By Andy Zavoina

In early February 2019 the Consumer Financial Protection Bureau (Bureau) released four Frequently Asked Questions pertaining to integrated disclosures under Truth in Lending and the Real Estate Settlement Procedures Act (TILA-RESPA or TRID). It starts with the standard disclosure that there is no substitute for reading and interpreting both the regulations, Reg Z for TILA and Reg X for RESPA as well as the official interpretations (Commentaries) that accompany each. These FAQs are clarifying the regulations and commentaries without being an official part of either. These may be considered official guidance from the owner of the regulation, the Bureau.

Question 1 addresses changes affecting the Closing Disclosure after it has already been delivered, and redisclosure with the possibility of a delay in the closing date.

“If there is a change to the disclosed terms after the creditor provides the initial Closing Disclosure, is the creditor required to ensure the consumer receives a corrected Closing Disclosure at least three business days before consummation?”

And the typical compliance answer is, “it depends.” The official answer is that there are three scenarios in which the consumer MUST receive the corrected Closing Disclosure at least three days prior to closing. In the event you have one of these three scenarios, you must be prepared to make a new disclosure and potentially to delay and reschedule the closing to ensure the redisclosure is received by the consumer at least three business days before the closing.

  1. If the change results in an inaccurate annual percentage rate.
  2. If loan product information which is required by TRID to be disclosed becomes inaccurate.
  3. If a prepayment penalty is added.

If your change is anything other than one of these three, you should redisclose to the consumer, no later than closing, but there is no need to delay the closing as the three-day advance disclosure requirement will not apply. (Review 1026.19(f)(2)(i).)

Question 2 helps provide guidance as to when the consumer’s overstated APR is going to decrease, is redisclosure necessary? This would seem to be advantageous to the borrower, but not necessarily if it means a delay in closing the loan. Some interpretations of the rule indicate redisclosure is required, even if the three-day waiting period to closing could be harmful to the consumer. The actual question is,

“Is a creditor required to ensure that a consumer receives a corrected Closing Disclosure at least three business days before consummation if the APR decreases (i.e., the previously disclosed APR is overstated)?”

And again, the Bureau tells us “it depends.” In this case it depends on whether, according to Reg Z, the APR which was previously disclosed on the consumer’s Closing Disclosure was accurate or not.

If the overstated APR is accurate under Reg Z:

  • the lender must provide a corrected Closing Disclosure,
  • the lender may, however, provide the revised disclosure at or before consummation and there is no requirement for a new three business-day waiting period. This generally means the closing need not be rescheduled.
    (Refer to 1026.19(f)(2)(i))

If the overstated APR is not accurate under Reg Z:

  • Because the APR is not accurate, the bank must ensure that a consumer receives a corrected Closing Disclosure at least three business days before consummation. Depending on how far in advance the correction was noted, the closing may have to be re-set.
    (Refer to 1026.19(f)(2)(ii))

The Reg Z rules for finance charge accuracy on mortgage loans may be found under 1026.18(d)(1): “In a transaction secured by real property or a dwelling, the disclosed finance charge and other disclosures affected by the disclosed finance charge (including the amount financed and the annual percentage rate) shall be treated as accurate if the amount disclosed as the finance charge:

(i) Is understated by no more than $100; or

(ii) Is greater than the amount required to be disclosed.

The Reg Z rules for APR accuracy on mortgage loans may be found under 1026.22(a)(4)-(5) which (of course) refer to other sections of Reg Z but I’ve condensed them in this explanation below:

“(4) If the annual percentage rate disclosed in a transaction secured by real property or a dwelling varies from the actual rate determined in accordance with paragraph (a)(1) of this section (which addresses how an APR is calculated), in addition to the tolerances applicable under paragraphs (a)(2) and (3) of this section (generally the APR for a regular loan is accurate if it is within .125 percent above or below a properly calculate APR, and an irregular loan is within .25 percent above or below the properly calculated APR), the disclosed annual percentage rate shall also be considered accurate if:

(i) The rate results from the disclosed finance charge; and
(ii)(A) The disclosed finance charge would be considered accurate under §1026.18(d)(1) (just recapped above) or § 1026.38(o)(2), as applicable; or
(B) For purposes of rescission, if the disclosed finance charge would be considered accurate under § 1026.23(g) or (h), whichever applies.

“(5) Additional tolerance for mortgage loans. In a transaction secured by real property or a dwelling, in addition to the tolerances applicable under paragraphs (a)(2) and (3) of this section, if the disclosed finance charge is calculated incorrectly but is considered accurate under § 1026.18(d)(1) or § 1026.38(o)(2), as applicable, or § 1026.23(g) or (h), the disclosed annual percentage rate shall be considered accurate:

(i) If the disclosed finance charge is understated, and the disclosed annual percentage rate is also understated but it is closer to the actual annual percentage rate than the rate that would be considered accurate under paragraph (a)(4) of this section;

(ii) If the disclosed finance charge is overstated, and the disclosed annual percentage rate is also overstated but it is closer to the actual annual percentage rate than the rate that would be considered accurate under paragraph (a)(4) of this section.”

Finance charge and APR accuracy are related but measured differently and are different for mortgages than other loans. The Bureau’s document refers to an older edition of the Consumer Compliance Outlook (CCO First Quarter 2011)  which makes understanding the rules easier with some examples. This CCO document refers to older citations of Reg Z using the Federal Reserve’s “226” reference. Simply substitute the current Bureau citation of “1026” if you want to review Reg Z directly. This means 226.23 is reviewed under 1026.23, as an example.

Question 3 asks if EGRRCPA changed the period between providing the Closing Disclosure and consummation of a mortgage loan. Specifically, “Does Section 109(a) of the Economic Growth, Regulatory Relief, and Consumer Protection Act affect the timing for consummating a transaction if a creditor is required to provide a corrected Closing Disclosure under the TRID Rule?”

Current TRID rules require a three-day waiting period between the delivery of the Closing Disclosures and the actual closing. If a redisclosure is required, the three-day period may have to be re-started (see the discussion of Questions 1 and 2). Section 109 of EGRRCPA will allow a waiver of this period if the annual percentage rate is decreasing. This could allow a timely closing and better loan terms for the borrower.

The Bureau provided an emphatic “No” and went on to clarify Section 109(a) titled, “No Wait for Lower Mortgage Rates,” amends Section 129(b) of the Truth in Lending Act (TILA). TILA Section 129(b) requires certain disclosures which must be provided for high cost mortgage loans (HCML) and the waiting periods required as a gap between disclosure and consummation of an HCML. (Refer to 15 U.S.C. § 1639 and Reg Z’s 1026.31, .32, and 34.)

If the APR is disclosed according to TRID and it becomes inaccurate, the bank must ensure that the consumer receives the corrected Closing Disclosure at least three business days before consummation of the mortgage loan. This requirement comes from 1026.19(f)(2)(ii) and is to comply with TILA Section 128, (15 U.S.C. § 1638,) and is separate and distinct from the waiting period requirement in TILA Section 129(b). This means Section 109(a) of EGRRCPA did not create an exception to the waiting period requirement under TILA Section 128. It does not affect the timing for consummating transactions after a creditor provides a corrected Closing Disclosure under the TRID Rule.

But all is not lost. Refer to question 1 again. An overstated APR is not inaccurate if it results from the disclosed finance charge being overstated, and a bank is not required to provide a new three business day waiting period. As a result, if the disclosed APR decreases due to a decrease in the disclosed interest rate, a bank is not required to provide a new three business day waiting period under the TRID Rule. So, this rule hasn’t changed, but the Bureau has reminded us of the three circumstances which do re-set the three-business day clock.

Question 4 (Model Forms). The Bureau added one question pertaining to the use of “older” model forms and a safe harbor when there are regulatory changes. “Does a creditor’s use of a model form provide a safe harbor if the model form does not reflect a TRID Rule change finalized in 2017?”

Possibly a surprise, the Bureau said “Yes.” The Bureau noted when finalizing the 2017 changes to the TRID Rule (sometimes referred to as “TRID 2.0”), that a bank is deemed to comply with the disclosure requirements associated with the Loan Estimate and Closing Disclosure if the bank uses the appropriate model form and properly completes it with accurate content.
Reg Z’s Appendix H includes model forms with headings, subheadings, and other fields required by Reg Z, at 1026.37 and 1026.38. These blank model forms for the Loan Estimate are H-24(A) and (G) and H-28(A) and (I). The Closing Disclosure model forms are H-25(A) and (H) through (J), and H-28 (F) and (J). Blank forms are also in Appendix H.

For example, the regulatory text provides that the percentage amount required to be disclosed on the Loan Estimate line labeled “Prepaid Interest (___ per day for __ days @__ %)” is disclosed by rounding the exact amount to three decimal places and then dropping any trailing zeros that occur to the right of the decimal point. (refer to 1026.37(g)(2)(iii) and (o)(4)(ii).) However, on page 2 of model form H-24(C), section F, the interest rate disclosed (4.00%) on the line for prepaid interest includes two trailing zeros that occur to the right of the decimal point. Thus, a creditor could claim the safe harbor by disclosing the interest rate on the “Prepaid Interest” line by including two trailing zeros, or otherwise could comply with § 1026.37(o)(4)(ii) by rounding the exact amount to three decimal places and dropping any trailing zeros that occur to the right of decimal point. For example, if the interest rate for the transaction being disclosed is four percent, the creditor could claim the safe harbor by disclosing “4.00%” (consistent with the model form) although it also could disclose “4%” (consistent with the regulatory text and commentary).

It is very likely that the bank has a vendor providing the software to generate both the Loan Estimate and the Closing Disclosure and that these forms can only be produced in accordance with the requirements set forth by Reg Z. But at least the Bureau has listened and possibly seen a few of these errors and dismissed them as inconsequential. There is no pass to violate Reg Z, but at least good faith efforts that meet them in part will be recognized.

Action Plan: The bank should consider developing a training session and or memo and circulating it to all loan, compliance, and audit staff who are involved in TRID loan closings. This will help ensure each person understands each of the four questions and answers. It is recommended that emphasis be placed on Closing Disclosures and their timing.

Ask yourself if amendments are needed to the bank’s loan procedures as a result of this, should this be incorporated into regular training and audit workpapers, has the bank agreed with these interpretations or could there be loans which, if reviewed today. would be in violation of Reg Z and RESPA? If so, is there any corrective action that could be taken? (In the case of most timing violations, these could not be completely corrected, but were new Closing Disclosures provided at all, and would this be an indicator that the training mentioned above is now more important?) Lastly, review the forms produced for the Loan Estimate and Closing Disclosure to determine if the forms meet Reg Z requirements with some new standards. Most banks have not been examined in detail for TRID requirements. This FAQ document may clarify issues for lenders and examiners alike, which may now increase digging into mortgage loan files.

Servicemember Complaints

By Andy Zavoina

In January, the Consumer Financial Protection Bureau (Bureau) released its “Annual Report” from the Office of Servicemembers Affairs. It covered April 2017 through August 2018 and while the Bureau logged nearly 49,000 complaints from servicemembers and the top three categories were credit reporting, debt collection, and mortgages, I want to review one item from the “Emerging issues and continuing trends in the financial marketplace for servicemembers” section. Servicemembers do not understand add-on products, which are optional, or the features and the limitations of these products they may purchase and finance, meaning they pay for them for several years.

Add-on products can easily cost hundreds and hundreds of dollars and, when financed, lower the equity in the car. But there is an add-on to help cover that event too. In particular, GAP insurance is becoming an issue. You know the sales pitch, “cars depreciate, and we are financing most of your cost, so GAP insurance fills the gap between what you owe and what the car is worth if this baby is stolen or totaled…” But one servicemember bought the GAP protection and was stationed overseas. This is very common with the military and he wanted to take his car. He had to get permission from the lender, in writing, to ship the car. It was totaled, and there was a gap. But the policy doesn’t cover a loss outside the United States. Based on this report we may anticipate more pressure on GAP insurance.

Under the Military Lending Act (MLA), a loan to purchase a vehicle is exempt from MLA restrictions when the vehicle purchased is the collateral for the loan, and there are no extra funds loaned – that is, it’s just to buy the vehicle. And that’s the rub. The Department of Defense rules include in the Military APR calculation “Any fee for a credit-related ancillary product sold in connection with the credit transaction for closed-end credit or an account for open-end credit; (Refer to 232.4(c)(ii)) If this fee is in the MAPR, it can disqualify the “no extra funds” exception and the GAP cost contributes to the 36 percent MAPR limit as well. Some banks believed GAP was excluded, and they would accept the risk of financing that. Other banks sought counsel’s opinion and believe that getting GAP insurance after the car is purchased allows the exception because the GAP isn’t a part of the original transaction.

In August 2018, the Trump administration was “testing the waters” to get a definitive clarification and allowance on the GAP insurance issue for the MLA. There was some initial resistance. One must ask, if they want a specific provision to allow GAP insurance, that is a good indicator that it is currently included. The DoD has not offered conclusive guidance. But with civil and criminal penalties in the MLA (232.9) which includes considering the loan contract void from inception, banks should carefully evaluate the risks of financing GAP and considering it a qualified exception under the MLA. The complaints servicemembers make and the lack of coverage will not help lenders.

Authorized Signers

By Pauli Loeffler

We get a lot of questions about authorized signers but for some reason, there hasn’t been a Legal Briefs article on the topic – until now.

Who is an authorized signer? An authorized signer is anyone who does not own a deposit account but has been received authorization of the owner to do so. Authorized signers include:

  1. Convenience signers on
    a) Consumer accounts
    b) Sole proprietorships
  2. Signers authorized to act for entities such as:
    a) Corporations
    b) LLCs
    c) General partnerships
    d) Limited partnerships
    e) Joint ventures
    f) Trusts
    g) Foundations
    h) Federal, state, county, and municipal government/agencies and their subdivisions
    i) Unincorporated associations such as: Churches, Little league teams, POM teams, Band parents, etc.
  3. Fiduciaries authorized to act by appointment as a/an
    a) Attorney in Fact (“AIF”)
    b) Representative Payee
    c) Federal Fiduciary
    d) Custodian (UTMA)
    e) Guardian
    f) Receiver
    g) Conservator
    h) Personal representative of an estate

This is not an exhaustive list. I also need to point out that authorized signers listed under number 2 owe fiduciary duties to the account owner just as do those listed under number 3, but other than an AIF, all those listed under number three have a duty to regularly report either to a court (Guardian, Receiver, Conservator, and Personal representative of an estate), the appointing agency (Representative Payee, Federal Fiduciary), or the account owner/parent (Custodian). For convenience signers listed under number 1, there is neither a specific duty nor any legal requirement to report to the account owner.

What can ALL authorized signers do? All authorized signers may make deposits and write checks. All authorized signers may obtain information on an account all the way back to the time that the account was opened if they remain authorized signers on the account. Once an authorized signer is removed, the only way s/he can obtain any information on an account is either by 1) obtaining consent of the owner or 2) by way of a subpoena.

An authorized signer may stop payments on a check or close the account as provided by the UCC, Tit. 12A O.S. §4-403. If the authorized signer closes the account, the check will ALWAYS be made payable to the account owner.

What things can’t an authorized signer do? With certain exceptions granted under bylaws, operating agreements, partnership agreements, trusts, etc., an authorized signer cannot add an authorized signer nor remove another authorized signer. Authorized signers, with a couple of exceptions, cannot add or change pay on death beneficiaries on an account that allows PODs (neither rep payee nor federal fiduciary accounts for VA allow PODs). I have seen a few Power of Attorney/Durable Power of Attorney documents that do permit this, but the document must specifically provide this power, and that is very, very rare. PODs named by the owner before being subject to the guardianship may remain on the account, but any change would require a specific court order. On the other hand, PODs (in Oklahoma) are allowed on all UTMAs not established by a court, and a custodian can add or change the POD. If it is a court-ordered UTMA, the court order will need to name one or more PODs for the account to have a POD.

Can authorized signer change the address for statements? The best practice is to confirm the address change with the account owner if the account is not a guardianship, rep payee, federal fiduciary, UTMA, receivership, conservatorship, estate, or custodian of a UTMA. For entities that are required to register with the Secretary of State (corporations, LLCs, and limited partnerships), a change of principal place of business will need to be filed. This can be confirmed online. Unincorporated associations are not required to file with the Secretary of State. Partnerships are not required to file anything with the SoS other than if they are operating under a fictitious name, so you need to confirm authority for the change. On the other hand, if you know the grantor of a durable power of attorney is now in the hospital or has dementia and in a nursing home, changing the address by the AIF does not require confirmation by the account owner. However, if a guardian who isn’t the AIF has been appointed, the bank should inform the guardian who must account to the court. Note the appointment of guardian does not automatically revoke a durable power of attorney, however, the guardian can choose to either leave it in place or revoke it.

If we have a joint account and one of the joint owners’ names “John Doe” as AIF, what can we do? The joint owner cannot deny the AIF access to information nor making transactions on the account. The bank can certainly inform the joint owner that an AIF has been added, but she/he cannot deny the authority granted, nor remove the AIF. The joint owner can close the account and open a new one as a sole owner. S/he cannot remove the AIF from the joint account any more than s/he could remove the owner that executed the POA.

A personal representative is asking for information on an account of a deceased owner that had a joint owner or POD. What information can the bank provide? The personal representative “stands in the shoes” of the decedent. Whatever information the deceased owner could have asked for until the time of death, the bank can provide to the personal representative.

When a new rep payee or federal fiduciary is named, can s/he have information on the former account? No. The only way the new rep payee or federal fiduciary can obtain this information is with the consent of the predecessor or through a subpoena of the records.

2nd Amendment Auditors

By Pauli Loeffler

Let’s start with a bit of background: Statutes permitting concealed carry of handguns with permits have been on the books for a long time in Oklahoma, since 1995 to be exact. “Open carry” statutes became effective November 1, 2012. Although the statutes have been amended since that time, for the most part, the rules remain the same. Title 21 O.S. §1277 covers certain places where both concealed and open carry are prohibited except for certain individuals. Title 21 O.S. § 1289.7a prohibits the property owner, tenant, employer, or business entity from maintaining, establishing, or enforcing any policy or rule prohibiting any person, except a convicted felon, from transporting and storing firearms or ammunition in a locked motor vehicle, or from and storing firearms or ammunition locked in or locked to a motor vehicle on any property set aside for any motor vehicle. Motorcycles are defined as a vehicle, but it would be impossible to lock a more than a handgun in one, and if it was a larger weapon, say a shotgun, or rifle, a thief will take both the bike and the weapon (unless he has bolt cutters).

These “2nd Amendment Auditors” have been posting videos on social media involving engagements with a variety of businesses including Bank of Oklahoma, courthouses, and a staged a rally at The Gathering Place, a privately-funded park that was assigned to Tulsa County’s River Parks Authority. Whether a bank chooses to allow handguns inside the bank by anyone who is not federal, state, or local law enforcement (“peace officers” under Sec. 1289.23 of Tit. 21) without regard to whether they are on or off duty, it is up to the bank to decide.

The bank should have policy on whether handguns permitted under the statute are allowed in the bank. If these are not permitted, the bank must post signage to that effect. Legally, the bank is free to refuse entry into the building to anyone other than as indicated previously. To avoid problems, the greeter at the bank needs to know whom to contact in the event someone disregards the notice (security, an officer of the bank) that is designated to deal with the person disregarding the notice.

Whether the bank permits handguns or not, if it becomes the target of a “2nd Amendment Audit,” it should have some protocol for dealing with the person or persons to get them out of the lobby and into a private office or conference room for the appropriate person to discuss the bank’s stance. There should be more than one knowledgeable officer of the bank that knows and understands the reasons behind the bank’s policy and, more importantly, can remain calm and composed in talking to these “auditors.”

If the bank prohibits handguns, the person dealing with the auditors will state that the bank is complying with the Oklahoma statutes and has chosen to prohibit handguns inside the bank by its policy. If asked to justify the bank’s policy (which is a question you can easily anticipate), certainly protecting bank customers and employees was part of the policy decision. You can anticipate the “auditor” retorting that law-abiding citizens with permits are there to protect these people. Rather than engaging in fruitless debate and asking for statistics to prove the “auditor’s” point, probably the strongest argument is that most law enforcement overwhelmingly hates open carry because in an incident it is very hard to tell the good guys from the bad guys. It makes containment infinitely more difficult for law enforcement (the “good guys” regardless of the “auditor’s” view of the “Right to Bear Arms.”)

Whether you are “Joe Public” or a 2nd Amendment Auditor, supporting law enforcement is inarguably a good position. I will add that while law enforcement officers and soldiers are well-trained on how to protect their weapon from someone grabbing it, this is not the case with the average permit holder. Also, while I enjoy hunting quail, pheasant and ducks, as a customer, having someone come into the bank lobby with a gun and two clips on his belt as happened in the BOK incident would make me very nervous, but that is my personal point of view.

The other and larger problem with 2nd Amendment Auditors is that they do not really seem to care what the state law is but rather jump to the U.S. Constitution and the Bill of Rights. Now you have two lay persons arguing Constitutional law for the entertainment of their followers on social media.

This brings us to the “no recording in the bank” issue in the BOK video. As far as recording conversations, it isn’t illegal to record a conversation without obtaining consent of other parties to the discussion. This is provided in 18 U.S.C. § 2511(d) which states: it “shall not be unlawful for a person not acting under color of law to intercept a wire, oral, or electronic communication where such person is a party to the communication or where one of the parties to the communication has given prior consent to such interception[.]” So while the law places certain conditions on persons acting under color of law — that is, acting on behalf of the government — to record conversations, federal law allows private citizens to do so unless it is for the purpose of any criminal or tortious act. Showing up to ask questions is neither a criminal nor a tortious act. The Oklahoma statute mirrors the federal statute.

The bank can have a policy of not allowing audio recordings which is applied to everyone. Such policy is very unlikely to hold up in a “whistle blower” suit against the bank, but that isn’t involved here.

Banks almost universally have prohibitions against filming video (or even taking photographs) inside the bank for security reasons. A bank wants to avoid paving the way for potential robbers, kidnappers, terrorists, etc. to plan to target the bank. Criminals can study photos and video to identify the location and angles of security cameras, determine how many employees there are, figure out vantage points from which they could control hostages, doorways through which to make their escape, etc.

January 2019 OBA Legal Briefs

  • New year, new SAR
  • Required year-end housekeeping
  • FEMA NFIP snafu
  • Residential appraisal threshold unchanged (yet)

New year, new SAR

By Andy Zavoina

This time of the year many bankers are providing staff, management and their boards some annual updates and training. This may include security, Bank Secrecy Act and compliance topics. With recent events, one possible addition to what you might usually be discussing comes to mind. The Suspicious Activity Report (SAR) has been updated. SAR version 1.1 is being replaced with version 1.2. The effective date for this change was January 1, 2019. FinCEN will no longer accept older versions of the SAR form, so you cannot avoid this new requirement.

There have been numerous changes to the SAR form. Internally some banks prefer to use worksheets for employees who want to call attention to an activity which may lead to the submission of a SAR. If your bank does this, have you updated your internal worksheets and explained the changes to staff?

Perhaps the biggest change is the addition to the SAR of the new “cyber event” question. This is applicable to events happening to either the bank or a bank customer. It is the new field 42 and it may be used when there is an attempted digital denial of service (DDoS), attempt to hack the bank’s wire system or website, and for customers it may include account takeovers or fraudulent transfer instructions.

With these new requirements come new opportunities, to excel or to err. Training in advance and using controls to verify everyone understands the new form helps ensure you won’t be SAR-ry later.

Overview: Here is an overview of the form changes from version 1.1, to 1.2:

• Part I of the SAR 1.1 to 1.2 is changed in that the fields are renumbered but the content has stayed the same.

• Part II of the SAR form is the section that provides information on the suspected suspicious activity included in the report. This part includes several changes, as follows:

o Question 32 (formerly 29) is specific to structuring and has a few changes. Specifically, the phrase “or cancels” has been added to options “a” and “b.” For example, item “a” currently states that the subject “alters transaction to avoid BSA recordkeeping requirement.” The option now states “alters or cancels transaction to avoid BSA recordkeeping requirement.” The second change is that option “c,” which was about cancelled transactions, has been removed. The available options went from seven to six.

o The fraud question (was #31, now #34) has a few changes. A new option “b,” “Advanced Fee,” was added as were new options “j” and “l” which now include “Ponzi scheme” and “Securities fraud” respectively. Option “g,” “Healthcare” is now expanded to read “Healthcare/Public or private health insurance.”

o The question for casinos (was #32, now #35) also has a few changes but is of little interest to banks and we will ignore it here.

o The options on Other Suspicious Activity (was question #35, now #38) has three additions and two deletions. “Human Smuggling,” option “g” is added as is “Human Trafficking,” option “h.” The third addition was option “q,” “Transaction(s) involving foreign high-risk jurisdiction.” Deleted from SAR 1.1 were options “i,” “Misuse of ‘free look’/cooling off/right of rescission” and “q,” “Unauthorized electronic intrusion.”

o The question (was #37, now #40) on “Securities/Futures/Options” expanded from five options to six. Former option “b” on “Market manipulation/wash trading” was split adding a separate entry, option “e” for “Wash trading.”

o The “Mortgage Fraud” question (was #38, now #41) adds two new options and amends one other Added were option “a,” “Application Fraud,” and option “e,” “origination fraud.” Option “c” will add “short sale” to foreclosure fraud for a new entry, “Foreclosure/Short sale fraud.” Removed from SAR.1 was option ”d,” “Reverse mortgage fraud” and options were renumbered.

o A new category, “Cyber-event” becomes question #42. Option “a” is “Against the Financial Institution(s)” while item “b” is “Against the Financial Institutions customer(s).” Item “z” will be added to include an entry for “Other.”

o Option “n,” “Penny stocks/Microcap securities” under the question “Were any of the following product type(s) involved in the suspicious activity?” (was #39, now #45) removed the term “Penny Stocks” and “Microcap securities” is now option “m.” Also added was option “f,” “Deposit account.”

o Question #44 “IP Address” was removed.

o The question on “Types of securities and futures” (was #50, now #54) was expanded from 10 to 12 options. Added were “Execution-only broker securities” and “Self-dealing broker securities.”

• Under Part IV, question #83 is now #80, “Types of securities and futures” and it has similar additions as above in Part III. Added were “Execution-only broker securities” and “Self-dealing broker securities” as the options available went from 13 to 15.

• There were no changes to Part V.

Safe Harbor: The Safe harbor rules for SARs have not changed. Federal law (31 U.S.C. 5318(g)(3)) provides financial institutions complete protection from civil liability for all reports of suspicious transactions made to appropriate authorities, including supporting documentation, regardless of whether such reports are filed pursuant to a regulatory requirement or on a voluntary basis. Specifically, the law provides that a financial institution, and its directors, officers, employees, and agents, that make a disclosure of any possible violation of law or regulation, including in connection with the preparation of suspicious activity reports, “shall not be liable to any person under any law or regulation of the United States, any constitution, law, or regulation of any State or political subdivision of any State, or under any contract or other legally enforceable agreement (including any arbitration agreement), for such disclosure or for any failure to provide notice of such disclosure to the person who is the subject of such disclosure or any other person identified in the disclosure.”

Confidentiality: SARs are also confidential. The SAR and any information that would reveal the existence of the SAR are confidential and may not be disclosed except as specified in 31 U.S.C. 5318(g)(2) and in FinCEN’s regulations (31 CFR Chapter X).

Prohibition on Disclosures by Financial Institutions: Federal law (31 U.S.C. 5318(g)(2)) provides that a financial institution, and its directors, officers, employees, and agents who, pursuant to any statutory or regulatory authority or on a voluntary basis, report suspicious transactions to the government, may not notify any person involved in the transaction that the transaction has been reported.

• Provided that no person involved in the suspicious activity is notified, 31 CFR Chapter X clarifies that the following activity does not constitute a prohibited disclosure:

• Disclosure of SAR information to certain governmental authorities or other examining authorities that are otherwise entitled by law to receive SAR information or to examine for or investigate suspicious activity, including:

o FinCEN;

o Any Federal, state, or local law enforcement agency;

o Any Federal regulatory agency that examines the depository institution for compliance with the BSA;

o Any state regulatory authority that examines the depository institution for compliance with state laws requiring compliance with the BSA.

o A U.S. bank or savings association may share a SAR with its controlling company (whether domestic or foreign). The sharing of a SAR or, more broadly, any information that would reveal the existence of a SAR, with a head office or controlling company (including overseas) promotes compliance with the applicable requirements of the BSA by enabling the head office or controlling company to discharge its oversight responsibilities with respect to enterprise-wide risk management, including oversight of a depository institution’s compliance with applicable laws and regulation.;

• Disclosure of the underlying facts, transactions, and documents upon which a FinCEN SAR is based; and

• For those institutions regulated by a Federal functional regulator (Federal bank regulatory agencies, the Securities and Exchange Commission (SEC), and the Commodity Futures Trading Commission (CFTC)), the sharing of SAR information within an institution’s corporate organizational structure, for purposes that are consistent with the Bank Secrecy Act, as determined by regulation or guidance.

What may be shared:

• the disclosure of the underlying facts, transactions, and documents upon which a SAR is based, including, but not limited to, disclosures related to filing a joint SAR and in connection with certain employment references or termination notices; and

• the sharing of a SAR, or any information that would reveal the existence of a SAR, within a depository institution’s corporate organizational structure for purposes consistent with Title II of the BSA, as determined by regulation or in guidance.

Prohibition on Disclosures by Government Authorities: Federal law (31 U.S.C. 5318(g)(2)) also provides that an officer or employee of any Federal, state, local, tribal, or territorial government within the United States who has knowledge that such report was made, may not disclose to any person involved in the transaction that the transaction has been reported, other than as necessary to fulfill the official duties of such officer of employee. FinCEN’s regulations clarify that “official duties” must be consistent with Title II of the Bank Secrecy Act and shall not include the disclosure of a SAR, or any information that would reveal the existence of a SAR, in response to a request for disclosure of non-public information or a request for use in a private legal proceeding, including a request pursuant to 31 CFR § 1.11.

The confidentiality of SARs needs some additional explanation. At the end of the day, the bank’s staff must remain in a UFO frame of mind in that “we can neither confirm nor deny anything on this matter.” This fact remains regardless of recent events. Last October the U.S. Attorney for the Southern District of New York had a FinCEN employee, Natalie Mayflower Sours Edwards, arrested. She was charged with unlawfully disclosing Suspicious Activity Reports to a member of the media, in violation of 31 U.S.C. § 5322 and 18 U.S.C. § 371. Each carries a maximum sentence of five years in prison. This appears to be the first criminal case based solely on the release of the confidential SAR information.

There have been two other prosecutions related to SAR information being released, but there were additional charges in those. In 2011, Frank Mendoza, who was a former bank employee. was convicted of an illegal SAR disclosure. Mendoza was charged with approaching the subject of a SAR filed by Mendoza’s bank from whom he solicited a bribe and to whom he offered assistance at the bank. Mendoza disclosed that a SAR was filed by the bank and he advised the subject of the SAR that a federal criminal investigation was imminent. The subject of the SAR reported the bribery solicitation to the FBI and Mendoza was arrested. Mendoza was found guilty of disclosing the existence of a SAR and accepting a bribe. He was sentenced to six months’ incarceration and assessed a civil money penalty of $25,000 by FinCEN.

In another case from the U.S. Attorney for the Southern District of New York, Robert Lustyik, a former Special Agent with the FBI, was charged in 2013 with disclosing confidential SAR information. In his case there was also an element of bribery. Lustyik allegedly sold SARs and other confidential law enforcement information in exchange for personal payments.

In this most recent case, Edwards, who is also claiming whistleblower status, disclosed SARs in encrypted email to a reporter. The SARs related to the U.S. Office of Special Counsel’s investigation of Paul Manafort, President Trump’s former campaign manager. The reporter wrote stories based in part on the SAR information.
Addressing the confidentiality requirements of a SAR is potentially an add-on to any training done on the new SAR requirements and the new form itself. Both promise to be issues which will be reviewed.

Required year-end housekeeping

By Andy Zavoina

As we enter the new year. you would think it is time to relax, say goodbye to 2018, and start off 2019 with a clean slate. But it does not quite work that way. It is time to ask yourself if all the little things are done, all the housekeeping items that could impact your 2019.

Reg E § 1005.8 – If your consumer customer has an account to or from which an electronic fund transfer can be made, an error resolution disclosure is required. There is a short version that you may have included with each periodic statement, or the longer version that is sent annually. Electronic disclosures under E-SIGN are allowed here. This may also be a good time to review §1005.7(c) and determine if any electronic fund transfer services were added, and if they were disclosed as required.

The same review advice applies if you are using E-SIGN, because some E-SIGN agreements that specify what will be disclosed electronically are very narrowly drawn. Is your agreement narrow or broad, and are you disclosing things electronically that the agreement may not allow for?

Reg P § 1016.5 – Remember the requirements for the annual privacy notice were modified in late 2015 and finalized this year. As a result, your bank’s procedure may have changed. The Fixing America’s Surface Transportation (FAST) Act, enacted on December 4, 2015, amended Title V of the Gramm-Leach-Bliley Act (GLBA). While it took two years, the Reg now provides an exception so that banks meeting certain conditions are not required to send annual privacy notices to customers. We wrote about this in the December 2018 Legal Briefs if you want more information.

When your customer’s account was initially opened, you had to accurately describe your privacy policies and practices in a clear and conspicuous manner. Ensure that your practices have not changed and that the notice you are providing accurately describes your practices.

If you still need to provide annual notices, for Reg P and the Privacy rules, annually means at least once in any period of 12 consecutive months during which that relationship exists. You may define the 12-consecutive-month period, but you must apply it to the customer on a consistent basis, so this is not necessarily a December or January issue, but it could be. And each customer does not have their own “annual date.” If a consumer opens a new account with you in February, you provide the initial privacy notice then. That is year one. You can provide the annual privacy notice for year two at any time, up until December 31 of the second year.

It is important to note that unlike most other regulatory requirements, Reg P doesn’t require E-SIGN compliance for web-based disclosures. You can use e-disclosures on your bank web site when the customer uses the web site to access financial products and services electronically and agrees to receive notices at the web site, and you post your current privacy notice continuously in a clear and conspicuous manner on the web site. So, the demonstrable consent requirements and others in E-SIGN’s 101(c) section do not apply, but there must still be acceptance to receive them on the web. Alternatively, if the customer has requested that you refrain from sending any information regarding the customer relationship and your current privacy notice remains available to the customer upon request this method is acceptable.

Although Reg P is not specific as to a requirement for training in the Reg, the FRB Exam Manual specifically lists “Adequacy and regularity of the institution’s training program” as one of the factors to consider in determining the adequacy of the financial institution’s internal controls and procedures to ensure compliance with the privacy regulation.

BSA annual certifications – Your bank is permitted to rely on another financial institution to perform some or all the elements of your CIP under certain conditions. The other financial institution must enter into a contract requiring it to certify annually to your bank that it has implemented its AML program.

OFAC reporting. Banks must report all blocked accounts to OFAC within ten days of the event and annually by September 30, concerning those assets blocked (see form TD F 90-22.50). Make sure that report is on your calendar.

IRAs, IRS Notice 2002-27 – If a minimum distribution is required from an IRA for a calendar year and the IRA owner is alive at the beginning of the year, the trustee that held the IRA on the prior year-end must provide a statement to the IRA owner by January 31 of the calendar year regarding the required minimum distribution.

Reg Z thresholds and updates – These changes are effective January 1, 2019. You should ensure they are available to staff or correctly hard coded in your systems:

• the exemption threshold increased from $55,800 to $57,200

• The CARD Act penalty fees safe harbor amount in section 1026.52(b)(1)(ii)(A) remains at $28;

• The CARD Act penalty fees safe harbor amount in section 1026.52(b)(1)(ii)(B) remains at $39;

• The HOEPA total loan amount threshold that determines whether a transaction is a high cost mortgage is changed to $21,549;

• The HOEPA total points and fees dollar trigger amount is changed to $1,077;

• As of the effective date, a covered transaction is not a qualified mortgage unless the transaction’s total points and fees do not exceed 3 percent of the total loan amount for a loan amount greater than or equal to $107,747; $3,232 for a loan amount greater than or equal to $64,648 but less than $107,747; 5 percent of the total loan amount for loans greater than or equal to $21,549 but less than $64,647; $1,077 for a loan amount greater than or equal to $13,468 but less than $21,549; and 8 percent of the total loan amount for a loan amount less than $13,468.

Annual escrow statements § 1024.17 – For each escrow account you have, you must provide the borrower(s) an annual escrow account statement. This statement must be done within 30 days of the completion of the escrow account computation year. This need not be based on a calendar year. You must also provide them with the previous year’s projection or the initial escrow account statement, so they can review any differences. If your analysis indicates there is a surplus, then within 30 days from the date of the analysis you must refund it to the borrower if the amount is greater than or equal to $50. If the surplus is less than that amount, the refund can be paid to the borrower, or credited against the next year’s escrow payments.

Fair Credit Reporting Act – Affiliate marketing opt-out § 1022.27(c) – Affiliate marketing rules in Reg V place disclosure restrictions on you and opt out requirements. Each opt-out renewal must be effective for a period of at least five years. If this procedure is one your bank is using, are there any expiration dates for the opt-outs and have these consumers been given an opportunity to renew their opt-out?

Fair Credit Reporting Act – FACTA red flags report – Section VI (b) (§ 334.90) of the Guidelines (contained in Appendix J) require a report at least annually on your Red Flags Program. This can be reported to either the board of directors, an appropriate committee of the board, or a designated employee at the senior management level.

Regulation O, Annual Resolution §§ 215.4, 215.8 – To comply with the lending restrictions and requirements of Reg O § 215.4, you must be able to identify the “insiders.” “Insider” means an executive officer, director, or principal shareholder, and includes any related interest of such a person. An “affiliate” is any company of which a member bank is a subsidiary or any other subsidiary of that company. Your insiders are defined in Reg O by title unless the Board has passed a resolution excluding certain persons. You are encouraged to check your list of who is an insider, verify that against your existing loans, and ensure there is a notification method to keep this list updated throughout the year.

Reg BB (CRA), content and availability of public file § 228.43 – Your Public File is required to be updated and current as of April 1 of each year. Many banks update it continuously, but it’s good to check. [Note: Citation is to Federal Reserve Reg BB. The OCC and FDIC have their own, identical requirements/]

HMDA and CRA notices and recordkeeping – HMDA and CRA data are gathered separately by banks subject to the requirements, and both Reg C and Reg BB have reporting requirements for the Loan Application Registers (LAR). Each must be submitted by March 1 for the prior calendar year. If you are a reporter of either LAR ,you should start verifying the data integrity now to avoid stressing over the process at the end of February.

Training – An actual requirement for training to be conducted annually is rare, but annual training has become the industry standard and may even be stated in your policies. There are six areas that require training (this doesn’t mean you don’t need other training, just that these regulations have stated requirements).

• BSA (12 CFR §§ 21.21(c)(4), 208.63(c)(4), and 326.8(c)(4) Provide training for appropriate personnel.

• Bank Protection Act (12 CFR §§21.3(a)(3), 208.61(c)(1)(iii), and 326.3(a)(3) Provide initial and periodic training

• Reg CC (12 CFR §229.19(f)) Provide each employee who performs duties subject to the requirements of this subpart with a statement of the procedures applicable to that employee

• Customer Information Security found at III(C)(2) (Pursuant to the Interagency Guidelines for Safeguarding Customer Information, training is required. Many banks allow for turnover and train as needed, imposing their own requirements on frequency.)

• FCRA Red Flag (12 CFR 222.90(e)(3) Train staff, as necessary, to effectively implement the Program

• Overdraft protection programs your bank offers. Employees must be able to explain the programs’ features, costs, and terms, and to explain other available overdraft products offered by your institution and how to qualify for them. This is one of the “best practices” listed in the Joint Guidance on Overdraft Protection Programs issued by the OCC, Fed, FDIC and NCUA in February 2005 (70 FR 9127, 2/24/2005), and reinforced by the FDIC in its FIL 81-2010 in November 2010.

• Sect 303 of EGRRCPA requires training for the bank and staff to have immunity from liability for qualified individuals at banks who, in good faith and with reasonable care, disclose the suspected exploitation of a senior citizen to a regulatory or law-enforcement agency. The content is specified in the Act and must be provided “as soon as practicable” and “not later than 1 year after the date on which the individual becomes employed” by the bank. There is no reference to refresher training.

Security, Annual Report to the Board of Directors – (12 CFR §§ 21.4, 208.61(d) and 326.4) The Bank Protection Act requires your bank’s Security Officer to report at least annually to the board of directors on the effectiveness of the security program. The substance of the report must be reflected in the minutes of the meeting. The regulations don’t specify if the report must be in writing, who must deliver it, or what information should be in the report. It is recommended that your report span three years and include last year’s historical data, this year’s current data and projections for the next year.

Information Security Program part of GLBA – Your bank must report to the board or an appropriate committee of the board at least annually. The report should describe the overall status of the information security program and the bank’s compliance with these Guidelines. The reports should discuss material matters related to the program, addressing issues such as: risk assessment; risk management and control decisions; service provider arrangements; results of testing; security breaches or violations and management’s responses; and recommendations for changes in the information security program.

Annual MLO Registration § 1007.102 – Mortgage Loan Originators must go to the online Registry and renew their registration. This is done between November 1 and December 31. Check, in particular, any MLO who took vacation during that 60-day period, and may have neglected to renew. There is a re-registration window (for an extra fee) each year. This is also a good time to plan with management and Human Resources those MLO bonus plans. Section 1026.36(d)(1)(iv)(B)(1) of Reg Z allows a 10 percent aggregate compensation limitation on total compensation which includes year-end bonuses.

Miscellaneous – Some miscellaneous items you may address internally in policies and procedures include preparation for IRS year-end reporting, vendor due diligence requirements including insurance issues and renewals, documenting ORE appraisals and sales attempts, risk management reviews, records retention requirements and destruction of expired records, and a designation by the Board of the next year’s holidays. And don’t forget to determine whether there has been a review of those not yet extending vacation or “away time” to the five consecutive business days per the Oklahoma Administrative Code 85:10-5-3 Minimum control elements for bank internal control program.

FEMA NFIP snafu

by John S. Burnett

On Thursday, December 27, the Federal Emergency Management Agency announced that the National Flood Insurance Program (NFIP) was suspended, and no new flood insurance policies could be issued during the partial government shutdown that began at midnight on December 21. The agency and the Department of Homeland Security were immediately hit with a flood (pun intended) of calls and emails reminding FEMA leaders that Congress had passed, and the president had signed – on December 21 – a bill extending authority for the NFIP through May 31, 2019. Evidently, the message about the program extension hadn’t reach FEMA management, which had to “walk back” its announcement on Friday evening, December 28.

Earlier on the 28th, the Fed, OCC and FDIC issued a statement reminding banks that they can continue making loans on properties in flood zones in periods when flood coverage isn’t available, referencing guidance issued in 2010. Since lapses in the NFIP authorization have become commonplace, we recommend keeping a copy of that guidance when the next NFIP hiatus hits. In the meantime, just chalk up the FEMA announcements of last week to a case of “READY, FIRE, AIM.”

Residential appraisal threshold unchanged (yet)

by John S. Burnett

A phone call we fielded on New Year’s Eve prompted this status reminder on the federal appraisal requirements. Of course, there was the April 9, 2018, doubling the $250,000 threshold for commercial real estate transactions to $500,000. The lower figure had been in place since 1994, and the agencies had proposed to increase it to $400,000, but later determined that doubling the threshold to $500,000 made sense given inflation and the minimal effect the increase would have on safety and soundness of financial institutions.

At the time, the agencies left the $250,000 threshold for residential appraisals in place, except for residential construction loans secured by multiple one-to-four family residential properties (which would be considered commercial transactions).

On December 7, the agencies proposed to increase the residential real estate transaction threshold from $250,000 to $400,000, and to include the hardship exemption for residential property in certain rural areas under EGRRCPA (to require evaluations for those exempt transactions). In addition, the proposal would implement the Dodd-Frank Act amendment to Title XI requiring appropriate review of appraisals for federally related transactions for USPAP compliance.

Comments on the December 7 proposal are due by February 5, 2019. Watch for a final rule no sooner than mid- to late-February.

December 2018 OBA Legal Briefs

  • IOLTA accounts
  • SCRA – What not to do
  • Privacy – Reg. P update
  • Notes on beneficial ownership

IOLTA accounts

By Pauli Loeffler

Since July 1, 2004, the Oklahoma Supreme Court has required all attorneys and law firms in Oklahoma to set up mandatory Interest on Lawyers’ Trust Accounts (IOLTAs) with interest payable to the Oklahoma Bar Foundation, with a few exceptions. In spite of the fact that these accounts have been around more than 14 years, the OBA Compliance Team still gets questions about documentation, how to set them up, etc. OBA’s former general counsel Charles Cheatham presented a seminar for both bankers and lawyers at the Oklahoma Bar Association in 2004, and but this is the first Legal Briefs article on the subject.

The Oklahoma Rules of Professional Conduct for Attorneys is found in Title 5, and the specific Rule covering IOLTAs is in Sec. 1.15 covering Safekeeping Property. It can be found at this link: http://www.oscn.net/applications/oscn/DeliverDocument.asp?CiteID=454073

Are banks required to offer IOLTAs? No, banks are not required to offer these accounts. This is a business/marketing decision and/or a public relations decision.  It could be a charitably-motivated decision based on the charitable or non-profit activities supported by the interest on IOLTA accounts paid to the Oklahoma Bar Foundation (“OBF”). The OBF promotes “Prime Partner Banks” (banks that pay the highest interest rates and waive fees) to Oklahoma attorneys. It also has an “IOLTA Honor Roll.” You can find OBF’s IOLTA Guidelines here:  http://www.okbarfoundation.org/iolta/for-financial-institutions/iolta-for-financial-institution-guidelines/

What funds go into an IOLTA? All unearned legal fees, unincurred expenses, and third‐party monies in connection with the representation should be deposited into an IOLTA. This typically means, for example, retainers (until the monies are earned), flat fees (until the monies are earned), filing fees, deposition and expert witness expenses.  Settlement proceeds to the lawyer and client or others may also go into the trust account for distribution.

An IOLTA is designed to operate as a pooled account for client balances that, if invested separately for each client, probably could not earn net income. Oklahoma lawyers and law firms are required to place client or third party funds that are nominal in amount or to be held for a short period in an interest-bearing pooled trust account when these client balances are large enough to earn some net interest for the OBF. The only funds of the attorney that may be commingled with those of the client or third party are those for the sole purpose of paying bank service charges such as a monthly maintenance fee or minimum balance required. NSF charges, stop payment charges, negative collected charges, wire transfer fees, fees for certified or cashier’s checks, electronic service fees, check and deposit slip printing costs and all other charges should be charged to the operating account rather than netted against interest earned on the IOLTA. Note: a garnishment or levy against a lawyer or law firm will NOT attach to an IOLTA.

Are IOLTAs mandatory for all lawyers/law firms? No, there are some exceptions:

  1. Only lawyers that hold client or third‐party funds regarding a representation must have trust accounts. If legal fees are received after the work is already done, i.e., the fees are already earned, the money would go into an operating account.
  2. If no financial institution offers IOLTA accounts in the community where the principal office of the lawyer or law firm is located, or the banks routinely charge more in fees than any interest generated, or it is otherwise not feasible, the lawyer is excused from establishing an IOLTA but is urged to consult with OBF first.
  3. If the funds are to be held for a long period of time or are non-nominal in amount so that the client would receive a positive net return , the lawyer or law firm should advise the client that the funds may be deposited in an account that pays interest to the client.

Note that the second and third exceptions will still require the attorney or law firm to establish some form of trust account. Under the second exception, it would not be styled as an IOLTA but rather under the SSN or EIN of the lawyer or law firm and styled like “John Doe & Associates Client Trust.”  Under the third exception, it would be titled under the client’s SSN or EIN, styled like “Jimmy Smith Settlement, Jim Bob Williams, agent” and the interest would be paid/reported to the client.

What account products can be used for an IOLTA? Originally, the only type of account available in 2004 that could be used for an IOLTA was a NOW account because an IOLTA must be an interest-bearing checking account allowing unlimited transactions. While For Profit entities aren’t eligible for NOW accounts, the Federal Reserve issued an opinion in 1984 that any IOLTA account can be set up as a NOW account provided the Attorney General of the state issue an opinion that all interest paid on an IOLTA account under that state’s program belongs to a charitable entity. The OBF meets this requirement. Since the Dodd-Frank Act in 2011 authorized interest-bearing checking accounts, these may be used as well, but ordinarily NOW accounts pay a higher rate and should still be the choice.

As far as the account styling, the OBF requires the use of its EIN: 73-0710244. This number is used because the OBF is the recipient of any interest paid on the account. This can raise another issue since the name of the attorney or law firm will be used on the account which results in a TIN/Name mismatch.  In this case, there is a special exception to the general rule:  Under Treasury Reg. Section 1.6049-4(c) (1), no Form1099-INT is required to be filed with respect to interest paid to an organization exempt from taxation such as the OBF. Therefore, if the bank has an easy way to do so, it should suppress the filing of 1099s on all IOLTA accounts, which will totally eliminate the bank’s problem with potential name/TIN mismatches on 1099s.  The styling of the account can be anything that is descriptive, such as Smith & Wesson, PLLC — IOLTA Account or Smith & Wesson, PLLC — IOLTA Client Trust Fund.

On the other hand, if the bank cannot easily suppress the 1099 reporting on such an account, it should be careful to style the account in such a manner that  the EIN reported to the I.R.S. will match the name on the first line of the account’s styling, something like Oklahoma Bar Foundation IOLTA Account (Smith & Wesson, PLLC)

Regardless of how a bank styles the accounts, it is important to get “IOLTA” or Client Trust if the second exception noted above applies and an IOLTA is not required. The reason for the special styling is for deposit insurance purposes.  If the account style indicates that funds are held in a special capacity rather than as funds of the business itself, the customer will be allowed to prove who the underlying owners of the money are, and each will be insured separately for $250,000.

What forms are involved? In order to be an “approved” bank for attorney trust accounts, whether the account is an IOLTA or not, the bank must execute the Trust Account Overdraft Reporting Agreement (“TAORA”). This agreement was mandated in 2009, and it will come from the Oklahoma Bar Association’s General Counsel. The TAORA covers both IOLTAs and lawyer/law firm escrow, trust, or client trust fund accounts that aren’t IOLTAs. Only one agreement needs to be executed by the bank and will cover for all branches.

The TAORA requires the bank to notify the attorney or law firm promptly any time there is an overdraft or dishonor for insufficient funds. It also requires the bank to notify the Oklahoma Bar Association’s General Counsel in these situations and has provisions on how this should be done.

For IOLTAs, the bank will also see the IOLTA Notice to Financial Institution & Oklahoma Bar Foundation “Compliance Statement,” which will be filled out by the attorney and/or the bank but is only signed by the attorneys or authorized signers on the account. Yes, a non-attorney may be a signer on an IOLTA. It’s a very old joke that goes back pre-IOLTA: “Can anyone be a signatory on the trust account?” “Yes, anyone you want to trust your license to.”

Beneficial ownership. IOLTAs are not statutory trusts. Start by understanding who your customer is. The attorney’s clients do not own the account even though they may beneficially own (some of) the funds in the account. And the bar association doesn’t own the account, either. The account is owned by the attorney (in the case of a sole practitioner) or law firm. If your customer is a sole practitioner, there is no legal entity involved and the rule can’t apply. But if the customer is a law firm, a partnership, limited liability partnership (LLP), limited liability company (LLC), professional corporation (PC), etc., it is a legal entity, and you will apply the Beneficial Ownership regulation just as you would for any other legal entity customer.

CTRs. Let’s say an attorney brings in funds from one or more clients and is depositing cash over $10,000 into the IOLTA, so a CTR is required. Would we be required to ask for the client name(s) in this case? Yes, you need to request the names of the client name(s). See FIN-1989-R005. If you get any push back, we suggest that the bank cite the regulatory requirement for the CTR and the provision for penalties for anyone causing the filing of a CTR with incomplete information, along with a suggestion that the information requested does not fall under attorney-client privilege in the first place.

SCRA – What not to do

By Andy Zavoina

Here is what the headline in Military.com said, “Credit Union to Pay for Seizing Vehicles of Service Members” and many newpapers near the credit union carried similar headlines after the Department of Justice (DOJ) took the CU to task in United States v. Hudson Valley Federal Credit Union. The decision in the case was filed November 2, 2018. The headlines were dated November 3, but you know they had been working on what happened and why for some time. The lawsuit was filed in the U.S. District Court for the Southern District of New York in December 2016. It started when two servicemembers filed private lawsuits over the repossession of their vehicles. When it comes to drawn-out court actions such as this, time is money. Researching files is money. Writing new policies and procedures and training is money. These headlines mean reputation risk and potentially lost customers. There is no “win-win” as the institution seems to lose on all accounts.

The complaint alleged the Hudson Valley Credit Union violated the Servicemembers Civil Relief Act (50 U.S.C. 3901 et seq.) by repossessing vehicles of servicemembers without first obtaining a court order. Sections 3931 and 3932 of the SCRA impose certain requirements.

Section 3931 applies when you have a civil proceeding against a servicemember and that person cannot appear in the court.

Default judgments you may obtain require a certification/affidavit from you that the customer is or is not in the military service. Facts to support your position should be provided. The requirement for an affidavit may be satisfied by a statement, declaration, verification, or certificate, in writing, subscribed and certified or declared to be true under penalty of perjury.

If your customer is in the service, the court will appoint an attorney to represent them. They will attempt to locate the customer and cannot waive any defense they have if they cannot locate them.

If the court is not able to determine if your customer is in the service, it can specify the amount of a bond that you will need to obtain before a judgment will be entered.  If the customer is later found to be in the service, the bond will be available to indemnify the customer against any loss or damage suffered by reason of the judgment in the event it is set aside in whole or in part.

Upon a motion of the customer’s attorney, or upon the court’s own motion, a stay of proceedings of 90 days will be granted if there may be a defense and it can’t be presented without the defendant, or the customer’s attorney can’t reach them to determine if there is a good defense.

Under Section 3932, when your customer is in the military or is within 90 days after discharge/release, but you are able to serve notice upon them and have done so, the court may stay the proceedings for not less than 90 days when a letter or other communication from the customer outlines how their military duty materially affects their ability to appear before the court and states a date when they will be available. Alternatively, the customer’s commanding officer may indicate that their military duty prevents their appearance and leave is not currently authorized.

An additional stay may be granted when the customer cannot appear. No time limit is specified for this. If the court refuses to grant the stay, an attorney will be appointed by the court to represent the customer.

Past actions indicate that when the 90-day stay expires the court will evaluate the servicemember’s needs and responsibilities and could allow the repossession or could require reimbursement of some or all of the payments already made. It could renew the stay (a distinct probability if the servicemember is currently unable to attend court), or may order an equity payment. This means the bank would be required to compensate the servicemember for the difference between the value of the car and the balance of the debt before repossessing the car. Paying back a past due borrower can be a hard pill to swallow but the SCRA is intended to protect the servicemember and will typically not favor the bank.

Staying out of SCRA problems is the easiest way to avoid swallowing that pill. Having a sound policy and procedures is the start, along with effective training. It was noted that Hudson Valley Credit Union did not have a policy prior to 2014. Not having a policy is a common thread in the DOJ enforcement actions. If your bank does not have one, it should. Customers indicating they are potentially covered by the SCRA should be reviewed. In the Hudson Valley case, the DOJ noted that two requests for SCRA protections were denied. One servicemember was serving in South Korea but his girlfriend contacted Hudson Valley “multiple times” and while the bank, or credit union in this case, can require a copy of the orders, being aware of SCRA protections should have caused precautions. Another servicemember claimed to have contacted the CU to request relief from his monthly payments before starting a six-month deployment. He claimed his car was then repossessed without any court order and sold at auction. He was billed $16,700 for the repossession costs.

Does your bank required orders from the servicemember to categorize them as “covered?” Alternatively, many banks verify the status of a customer by comparing that customer’s information (individually or by batching the Central Information File) to the database maintained by the Department of Defense. The banking agencies expect banks to use the Defense Manpower Data Center (DMDC) database. The DMDC database has improved and recent changes to the SCRA provide a safe harbor when using this, so keep your records of the search.

In the Hudson Valley case the DOJ initially found nine accounts from July 2008 until February 2014 that violated the SCRA prohibitions on repossession without court order, but proceeded on only seven cases. Six of the seven servicemembers will receive $10,000 and compensation with interest. The remaining servicemember had the car returned within a day of the repossession and will receive $5,000. Hudson Valley Credit Union is also paying a $30,000 civil money penalty as a part of the DOJ settlement agreement and will provide SCRA training to its employees. Additionally, it will report to the DOJ any SCRA complaints received, which you can imagine will be scrutinized extensively.

Reconsider the above and focus on the fact that the case was filed in 2016, and the DOJ went back through files to at least 2008. The SCRA policy did not exist at that time and that was a consideration in the enforcement action. Being proactive helps mitigate risks. All banks should implement consistent procedures for determining when someone is eligible for benefits under the SCRA. Some benefits apply to pre-service obligations, some to pre- and post-service.  Remember that commercial accounts are included in SCRA protections, but not under the Military Lending Act so separate the two or draw a distinction when needed. Be aware of rules applicable to reservists getting orders who do have some protections, but not all.

Design your foreclosure and repossession procedures to ensure counsel and bank employees are following all requirements, to include completion of all background research and proper notice as required.

If your SCRA policy, procedures or training are weak, you can only change the present and future.

Privacy – Reg. P update

By Andy Zavoina

The Bureau of Consumer Financial Protection issued its final rule to adopt changes to Regulation P. This was issued in August 2018 and was finalized in September (link is below). Reg P has the requirements under which banks issue privacy notices to its customers. This final rule implements new timing requirements for sending annual privacy notices regarding banks who no longer qualify for the exception and eliminates the “alternative delivery” option for annual privacy notices.

The new rule creates an exception permitting banks to not send an annual privacy notice under limited circumstances. Banks sharing only non-public personal information with nonaffiliated third parties and have no obligation to provide an opt-out will benefit from the final rule.

The changes are intended to align Reg P with the 2015 changes to the Gramm Leach Bliley Act (GLBA). Under this Act, banks were required to send a privacy notice to all customers every 12 months without exception. The law changed, and many banks changed at that time, but now Reg P has been updated as well. The final rule created an exception so that banks meeting two conditions will be exempted.

(1) The bank only shares nonpublic personal information with nonaffiliated third parties where there is no obligation to offer an opt-out.

(2) The bank must not have changed its “policies and procedures with regard to disclosing nonpublic personal information” from the policies and procedures outlined in the most recent privacy notice sent to the consumer.

Under the GLBA, there is no requirement to provide an opt-out notice to customers where personal information is shared with:

  • service providers performing functions on the company’s behalf,
  • non-affiliated third parties who perform joint marketing on the bank’s behalf; or
  • if the disclosure is necessary to “effect, administer, or enforce a transaction.”

This exception only applies to annual privacy notices and does not impact the requirements for providing the initial privacy notices or amended notices when a change is made.

The final rule also adopted new timing requirements for issuing annual privacy notices. If your bank has made changes to its privacy policies and procedures and no longer qualifies for the exception, the timing requirements are to issue an annual privacy notice either before implementing those changes or within 100 days after adopting a policy or practice that eliminates the notice, when the changes did not trigger a required delivery of a revised privacy notice.

Lastly, the Bureau eliminated the “alternative delivery” method for annual privacy notices. Under the “alternative delivery” method, banks were permitted to meet the annual privacy notice requirement in certain circumstances by posting a copy of the annual notice on their websites. The Bureau recognized that many of the requirements permitting the “alternative delivery” method were the same as the requirements to qualify for the new annual privacy notice exception and, therefore, the method was now considered moot.

We have recommended following the revised GLBA since it was enacted, and we have not heard of regulators conflicting with that. But the Reg P final rule now makes it official and clear.

https://www.federalregister.gov/documents/2018/08/17/2018-17572/amendment-to-the-annual-privacy-notice-requirement-under-the-gramm-leach-bliley-act-regulation-p

Notes on beneficial ownership

By John S. Burnett

When we last visited this topic in August, FinCEN’s second temporary exceptive relief was about to be issued. Then, on September 7, 2018, just as a 30-day temporary administrative ruling was ending, FinCEN issued Ruling FIN-2018-R004, “Exceptive Relief from Beneficial Ownership Requirements for Legal Entity Customers of Rollovers, Renewals, Modifications, and Extensions of Certain Accounts” indicating it is permanent (at least until it changes).

BSA and compliance officers jumped all over the newest ruling, hoping it answered their concerns about renewals and rollovers. And they quickly realized that FinCEN’s “exceptive relief” wasn’t the panacea they had hoped for. And, as is always the case, the definitions are where the keys to FinCEN’s ruling are found.

In the opening paragraph of the ruling, FinCEN gave us fair warning that there is a “catch” involved. In fact, it would be fair to say that FinCEN carved out exceptions from its exceptive relief.

Certificates of deposit

The first item to receive exceptive relief is listed as a “rollover of a certificate of deposit (as defined below).” That sent readers of the ruling to the page 3, where FinCEN tucked away its definition (I’ve included in brackets a footnote that’s part of the definition):

“For purposes of this Ruling, a certificate of deposit (CD) is a deposit account that has a specified maturity date, but cannot be withdrawn before that date without incurring a penalty. [The definition of “CD” for the purposes of this Ruling differs from the definition of “time deposit” in Regulation D of the Board of Governors of the Federal Reserve System (Reserve Requirements of Depository Institutions, 12 CFR Part 204); see 12 CFR 204.2(c)(i).] During the term of the CD, a customer cannot add additional funds to the CD. The term of a CD may vary from a week to several years. At the end of the term, when the CD matures, the customer is entitled to the amount deposited and any interest that has accrued; the customer may also have the ability to elect to either renew or close the account. Typically, the account will automatically renew absent affirmative action by the customer to close the account.”

The sentence in bold italics excludes any CD account that a bank allows the depositor to add to during its term. That’s probably not a crippling exception, but it does mean that banks need to be careful they aren’t applying the FinCEN exceptive relief to a CD that doesn’t qualify for it.

Loans and lines of credit

The next two types of accounts receiving exceptive relief are renewals, modifications or extensions of a loan or commercial line of credit or credit card account. For starters, most bankers had felt that loan modifications or extensions weren’t new accounts at all, so it was a bit of a surprise seeing them itemized as something getting exceptive relief. But it’s the limitations placed on the exceptions that warrant careful attention. In these cases, the description of these credit accounts on the very first page of the ruling create some very broad exclusions from the types of “renewals, modifications and extensions” that get exceptive relief:

  • “A renewal, modification, or extension of a loan (e.g., setting a later payoff date) that does not require underwriting review and approval;
  • A renewal, modification, or extension of a commercial line of credit or credit card account (e.g., a later payoff date is set) that does not require underwriting review and approval

How many business loans does your bank make that can be renewed without additional underwriting or approval? They would have to be loans written with an understanding up front that they would be renewed, perhaps as seasonal inventory is liquidated. But an extension or modification? Either would almost always require underwriting, approval or both.

Safe deposit box rentals

I was in the camp that never thought that safe deposit rental renewals were new accounts. But apparently FinCEN felt they were, but they gave exceptive relief on them anyhow. No strings on this item (not that it comes up often).

So, the industry got exceptive relief, but not everything it hoped for. There is apparently some discussion at FinCEN about taking another look at the subject to see if there is anything else it can include in the exceptions, but we’ll just have to keep our eyes peeled and hope for the best. In the meantime, banks need to make sure they don’t overstep in their adoption of the exceptive relief in their policies and procedures.

Estate accounts

The question of whether decedent estates are legal entity customers subject to the Beneficial Ownership rules has come up a few times in the last several months. Apparently, there is a belief that estates register with the state and obtain EINs, so they must therefore be legal entity customers. That’s simply not the case.

While it is true that an estate is a different legal “person” from the individual who died, an estate is not an entity like a corporation or LLC. Estates don’t register with the Secretary of State (or similar public state office) to be created; they are “created,” if you will, by the death of an individual. If they are to be probated, they file with the Probate Court. The Probate Court is part of a state’s court system, but it is not part of, or related to, the Secretary of State’s office. So, no, a decedent’s estate is not a legal entity customer under the Beneficial Ownership rules.

Single-member LLCs

The IRS, on its website, says that it treats a single-member LLC as a sole proprietor if it elects “disregarded entity” status for taxation purposes. So, if the IRS says it’s a sole proprietorship and sole proprietors are excluded from the Beneficial Ownership rule, then banks can exclude single-member LLCs, right?

WRONG! First, because not all single-member LLCs elect “disregarded entity” status. Next, the IRS treating an LLC as a sole proprietor for tax purposes doesn’t make it a sole proprietor under the law, and certainly not under FinCEN’s Beneficial Ownership rules. This is like the old flawed suggestion that a single-member LLC can have a NOW account because the IRS lets it use the single member’s SSN.

Depending on IRS rules to determine whether a customer is a legal entity customer under the Beneficial Ownership rules is like consulting a physics professor about brain surgery. You could live to regret it!

November 2018 OBA Legal Briefs

  • Revocable trusts deposit insurance
  • Complaints update
  • The loan estimate and “no cost” loans

Revocable trusts deposit insurance

By Pauli Loeffler

A bit over a decade ago, the FDIC made changes to its deposit insurance coverage for trusts. Charles Cheatham wrote about the changes for the October 2008 OBA Legal Briefs, and there have really been no changes since then. However, bankers often have difficulty in knowing whether a particular trust is fully covered, so this article will revisit the topic.

The general rule. So what is the formula for calculating the deposit insurance coverage for trusts? The general rule is that the amount of FDIC insurance is: number of grantors (or owners for informal trusts) times the number of beneficiaries times $250,000 (the Standard Maximum Deposit Insurance Amount or SMDIA). NOTE: NEVER use the number of trustees in determining deposit insurance. For instance, Georgia Brown is the grantor of the George Brown Revocable Trust, but both she and her husband are trustees. The trust has three beneficiaries, so the amount is 1 (grantor) x 3 (beneficiaries) x $250,000 = $750,000 deposit insurance.

Formal and informal trusts. A formal trust is one is evidenced by a written document generally prepared by an attorney for estate planning.  A formal trust, such as the one used in the example above, does not require that the beneficiaries be named in the bank’s records but must be made available by the trustee if the bank fails. The rule is different for informal trusts (POD, ITF, and Totten Trusts) where there is no actual written trust. With informal trusts, the PODs must be in the bank’s records.

Aggregation. Formal and informal trusts are subject to aggregation. Jim and Margaret Anderson are the grantors of the Anderson Family Trust, and their three children, Betty, Bud, and Kathy a/k/a Princess are the beneficiaries of the trust account at your bank. Jim and Margaret also are joint owners of an account and the three children are PODs on that account. The funds in the two accounts will be aggregated in determining deposit insurance coverage. The maximum amount would be 2 x 3 x $250,000 = $1,500,000, as provided under the general rule.

Exception to the general rule. An exception to the general rule comes into play with regard to how the coverage limit is determined when the aggregate amount in revocable trusts exceed five times the SMDIA ($1,250,00) and there are more than five beneficiaries. If there are multiple grantors, the five times SMDIA will be multiplied by the number of grantors/owners. For instance, If there are two grantors/owners the exception will apply when: the aggregate amount in revocable trusts exceeds 10 times the SMDIA ($2.5 million) and there are more than five beneficiaries. Note that both criteria must be met for the exception. For instance, if Fred Flintstone is the grantor of the Fred Flintstone Family Trust which has six beneficiaries, and the amount in the trust is $1,000,000, the exception does not apply since the aggregate amount does not exceed $1,250,000 (five times the SMDIA), so you follow the general rule. Or Jackie, Tito, Jermaine, Marlon and Michael Jackson are the owners of an account with a single POD beneficiary. The exception would not apply since the number of beneficiaries does not exceed five, so again, the account would be subject to the general rule. When the exception does come into play, then you must know the amount each beneficiary is to receive in order to determine whether the entire deposit is covered by FDIC insurance.

Who can be a beneficiary. There is an additional problem in calculating deposit insurance coverage, since who qualifies as a beneficiary for FDIC insurance purposes is different from who can be named as a POD beneficiary under Sec. 901 of the Oklahoma Banking Code. For FDIC insurance, a beneficiary must be a natural person or a charitable or other non-profit entity (tax exempt) under the Internal Revenue Code. On the other hand, Oklahoma allows not only natural persons and charitable/non-profits, but also trusts, to be PODs. If John Smith names his revocable trust as POD, this is fine under Oklahoma POD provisions, but the account will not be considered an informal trust account for purposes of FDIC coverage. If John Smith names Jimmy Jones, Roger Simms, and his revocable trust as POD beneficiaries, it will be an informal trust under state law, but only insured for a maximum of $500,000 rather than $750,000 since the trust is not counted for coverage purposes.

The situation gets even more complicated if the exception to the general rule comes into play because the bank will need to know how much each beneficiary will receive in order to calculate deposit insurance coverage. When there are multiple POD beneficiaries named, Sec. 901 of the Banking Code requires that all beneficiaries receive equal shares, e.g., if there are four beneficiaries, each will receive 25%, so this is simple. However, a formal trust is not subject to the same constraints, and beneficiaries may receive different amounts or percentages.

EDIE. FDIC’s Electronic Deposit Insurance Estimator can be accessed here. In most cases, EDIE will do the math for you and provide the answer, but if the exception discussed above applies, it isn’t designed to calculate coverage. You will have to work it out on paper.

Finally, if one of multiple grantors die, and the trust becomes irrevocable, it remains subject to this section rather than the one covering FDIC insurance for irrevocable trusts. However, the amount of deposit insurance will decrease as a result of the death of a grantor. This will also be true if one of the beneficiaries dies. Sec. 330.3 provides:

(j)  Continuation of insurance coverage following the death of a deposit owner. The death of a deposit owner shall not affect the insurance coverage of the deposit for a period of six months following the owner’s death unless the deposit account is restructured. The operation of this grace period, however, shall not result in a reduction of coverage. If an account is not restructured within six months after the owner’s death, the insurance shall be provided on the basis of actual ownership in accordance with the provisions of § 330.5(a)(1).

The FDIC rule for deposit insurance coverage for trusts as well as other account categories can be found in 12 CFR 330. You should be aware that the FDIC has the final word on coverage. For very complex situations, we recommend the customers contact the FDIC for a determination.

Complaints update

By Andy Zavoina

Complaints from your customers can act as a barometer for their satisfaction with your products and services, as well as the fees you charge for them. Complaints can be an early warning to poor or illegal practices within your bank and this is especially critical when the bank has a third-party vendor selling to the bank’s customers. For these reasons, you have to implement a procedure to recognize and respond to complaints and inquiries as well as keep certain records of them as well as supporting documentation.

Just as the bank keeps records of the complaints it receives, so does your regulator. The Bureau of Consumer Financial Protection (Bureau), which regulates the larger banks and others in our industry is the only one regularly preparing an analysis of these complaints and distributing them to the public. This is important, because it not only allows your bank to compare itself to other banks in the country, but it allows you to compare yourself to other banks in your state. You have the capability to access the Bureau’s database and extract tons of data that you can filter in many, many ways.

Then there are times when the Bureau produces a recap and saves you all that trouble of filtering data. The Bureau recently released its latest update, the October 2018 “Complaint snapshot: 50 state report.” As is typical of the Bureau, it is less focused on a specific and recent period such as 12 or six months of history and instead starts off with the period of January 1, 2015 through June 30, 2018.

This is a high-level overview, but it is an excellent recap of complaints the Compliance Department can use both for information and as a model to present your data and comparisons to the bank’s management and the board. Remember, these are excellent benchmarks for comparison in addition to your own statistics from the prior year or years, and a prior period within the last year. In case you are already wondering, for the period of this Bureau report Oklahoma saw 7,663 complaints. Those of you with banks to the north may be interested in the 5,776 complaints for Kansas or the whopping 92,530 complaints in Texas. Yes, if you have expanded to the Lone Star state you may need more than an Excel spreadsheet. Texas, California and Florida and the three states with more than 100,000 complaints. If you want to handle the fewest complaints, Wyoming is the place to be with only 978 complaints on record. That is just over 23 complaints per month for Wyoming, 2,199 for Texas and a manageable 182 for Oklahoma. Of course, you already see a pattern – the greater a state’s population, the greater its share of the complaints lodged with the Bureau.

Nationwide there were 495,000 complaints in this 42-month period. That is an average of more than 27,000 per month and the same issue is still leading the most popular category, debt collection. Even though the 2016 to 2017 trend shows this declining 4 percent, it still has the largest volume with more than 302,000 complaints.

The biggest issue with debt collections is not the frequency of calls or the rude person demanding money, but about debts not owed. For those collecting debts of third parties, the Fair Debt Collections Practices Act requires a confirmation of the debt or the consumer’s ability to at least contest it. That appears to not be happening as much as it should.

Earlier reports from the Bureau indicate several concerns pertaining to debt collections. In the May 2018 spotlight on debt collections it was noted that 39 percent of the complaints were on debts the consumer said were not owed. There may be some crossover to the second issue below on credit reporting, as many consumer complaints involved debts showing on a credit report that the consumer was not aware of. They often indicated that neither the creditor nor the amount owed were familiar to them. Some consumers said the credit reports were generated before there was any debt confirmation and others said they asked for confirmation but received no response. And then there were those complaints about the communication tactics used. Frequent and repeated calls before 8 a.m. and after 9 p.m. were not uncommon, even after requests were made to not use the telephone for contact any longer.

Even if the bank is not directly subject to the Fair Debt Collections Practices Act, there are many parts of the Act that can be followed as a best practice. It may not be necessary to confirm every debt when the bank knows its borrower, but if the collector is not familiar with the person and the lender cannot provide verification, in this age of identity theft a confirmation is a good foundation for collecting money owed the bank. If a consumer requests that they not be called at a particular place or time, when can they be contacted by phone? If they refuse telephone contact, how else can the bank contact them? In the “olden days” a collector may have been hesitant to give up telephone contact without a fight, but with number blocking a click away for the consumer, this may be a demand the bank yields to quickly today. Sometimes it’s best to get back to the basics, contact the consumer, figure out the cause of the delinquency, determine if those conditions still exist, get a collection application to negotiate repayment terms, and from there see if those terms can be met or if collateral repossession is an option.

Fair Credit Reporting Act issues are now involved in a larger number of complaints per year than debt collections (31 percent as compared to 26 percent) at the Bureau. They have not only overtaken debt collection issues; from 2016 to 2017 they increased by 12 percent. Almost 274,000 complaints filed with the Bureau since 2015 involve incorrect information on a credit report.

Some consumers believed the inaccurate credit reports are a result if identity theft. There were many reports in the 2017 recap alleging consumers contacted the credit bureau and/or the creditor before contacting the Bureau to complain about mis-information on a credit report. In some instances, the proper reports were filed including police reports, but the issues remained. After that, the consumer went to the Bureau, which indicated a good success rate with the credit bureau following standard procedures and correcting errors. There were also complaints about credit scores, as it seems many consumers believe there is one credit score for them. When what they hear from a creditor differs from what they thought they had based on a credit report or an app on their phone, they tend to occasionally complain as well. This category also rose after the Equifax data breach. These related not only to the breach itself, but the confusion over credit freezes, the cost of those credit freezes (these pre-dated the now mandatory procedures we detailed in last month’s Legal Briefs) and the lack of customer support from Equifax.

The third major complaint category includes mortgages. There were 155,000 martgage complaints made since 2015, and 12 percent of the 2017 complaints involved mortgage loans (down from 18 percent the year prior). Making the mortgage payment was the issue 40 percent of the time so this partially relates to the Collections discussion above in addition to servicing issues.

Contacting mortgage servicers was difficult for consumers. They claimed they could not reach a point of contact they were directed to, and that servicers simply do not respond to them, or when they do, inaccurate or incomplete information is provided. Sometimes the servicer simply cannot answer the consumer’s question. Modifying loans through a servicer is problematic and draws complaints, especially when the account is handed from one point of contact to another and there is unclear guidance and documentation concerning requirements for loss mitigation programs.

Loss mitigation programs and collections are typically departments apart from lending. They should have clear policies, procedures and trained personnel. These are typically issues at bigger banks, but similar problems on workout loans can be seen in smaller banks. Training and centralized guidance will help any bank or servicer in this area.

As for credit card accounts, from 2015 through 2017 there were 90,000 complaints and in 2017, they represented 8 percent of total complaints handled by the Bureau. The major problem (22 percent of the time) was with the purchases shown on the periodic statement.

The last major category deals with deposit accounts. Account management was the primary issue 71 percent of the time. Although limited to 88,000 in the three-year period, 8 percent of the 2017 complaints involved deposit products, down from 10 percent in 2016. These problems included unauthorized fund transfers, provisional crediting of accounts, stop payment of preauthorized electronic fund transfers, and resolving errors. Another issue with deposit accounts was the incentive programs often used to capture and retain deposit accounts. When the rules are more detailed and clouded with “if this, then that” decisions than the simple ads made them out to be, consumers are not happy.

A strong Reg E policy and procedures will go a long way to mitigate these complaints. Turnover of bank staff sometimes makes this hard, but training is a key issue followed by easy to follow procedures. As to incentives, following the Keep It Simple method and losing the red tape will help avoid complaints as well as potential Unfair or Deceptive Acts or Practices (UDAP) claims.

Oklahoma followed the national trends with the same five areas of complaints. The following are those areas, the number of complaints from 2015 to 2017, and the percentage of complaints during the last two years:

  • debt collection, 2,760 complaints, 33% in 2017, 37% in 2016
  • credit reporting, 1,673 complaints, 26% in 2017, 16% in 2016
  • mortgages, 930 complaints, 10% in 2017, 14% in 2016
  • credit cards, 538 complaints, 7% in 2017, 7% in 2016
  • checking/savings, 5 complaints, 33% in 2017, 6% in 2016

Credit reporting was the only area to increase from 2016 to 2017 and that was a 10 percent increase. Part of your internal analysis should be to compare how your bank’s complaints compare to these numbers. That is a question you should be able to answer for management, the board and your examiners.

What can you do with all this complaint data? You analyze it, you discuss it with management, with the board, with different branch locations, business lines and marketing. The bank has within its grasp the ability to read the perceptions customers have of the bank (which may have been shared with the public – your potential customers) in its own complaints data, the Bureau’s database and quite likely on social media. When the bank is aware of these perceived shortcomings, it can counter them with changes when products, services and fees can be improved, or with proactive marketing which counter these perceptions, especially if they are incorrect or incomplete. Lessening the reasons for customer to complain is good customer service and this translates to retention of those customers and a stable income stream, which also allows the bank to sell more accounts and grow. It’s also good for your Community Reinvestment Act program.

The loan estimate and ‘no-cost’ loans

By John S. Burnett

It’s been just over three years since lenders first had to use a loan estimate and closing disclosure to comply with the TILA/RESPA Integrated Disclosure (TRID) rule. Before the October 3, 2015, effective date and since, there’s been a debate over how best (read: compliantly) to prepare the loan estimate for a mortgage loan when the lender is promoting “no-cost” or “low-cost” loans.

Pricing for such loans vary from lender to lender, but the common thread is that the lender waives some or all its own fees and/or pays for common third-party costs, such as the costs of credit reports or appraisals.

Surely, there should be one right way to disclose such a loan! The debate  over whose way is the right way continues. Here are the two approaches that have been advocated:

The minimalist approach. Using the words from § 1026.37(f) and (g) as justification, (e.g., § 1026.37(f)(1):“ …an itemization of each amount…that the consumer will pay to each creditor and loan originator …”), this approach omits from the loan estimate any cost that the lender will not directly impose on the borrower. So, for example, if the lender intends not to charge the borrower for an appraisal, there will be no entry for an appraisal on the loan estimate, although the actual cost of the appraisal will appear on the closing disclosure, either as a specific lender credit or charged to the borrower and offset with a general lender credit.

The ‘costs and credits’ approach. Other lenders are of the opinion that even the costs that the lender will absorb as part of its “no-cost loan” promotions should appear on the loan estimate, so that applicants get the full picture and see costs that are likely buried in pricing for the loan. These lenders also find support for their position in the regulation. The first mention of “no-cost” loans in § 1026.37 or its commentary is in comment 37(g)(6)(ii)-2 (referring to the “Lender Credits” line in Section J of the loan estimate):

  1. Credits or rebates from the creditor to offset a portion or all of the closing costs. For loans where a portion or all of the closing costs are offset by a credit or rebate provided by the creditor (sometimes referred to as “no-cost” loans), whether all or a defined portion of the closing costs disclosed under § 1026.37(f) or (g) will be paid by a credit or rebate from the creditor, the creditor discloses such credit or rebate as a lender credit under § 1026.37(g)(6)(ii). The creditor should ensure that the lender credit disclosed under § 1026.37(g)(6)(ii) is sufficient to cover the estimated costs the creditor represented to the consumer as not being required to be paid by the consumer at consummation, regardless of whether such representations pertained to specific items.

When TRID 1.0 was published in 2013, the Bureau offered the following in its discussion on lender credits under section 1026.37(g)(6). You’ll find it in the paragraph starting here.

To merely ignore services that are most likely going to be obtained if a creditor intends to pay for the service would be an unreliable standard for a consumer. Information regarding the services for which the consumer will be likely to pay, either directly or through a higher interest rate, may be useful to consumers when comparison shopping or understanding the nature of the mortgage loan transaction.

Pros and cons of the minimalist approach. Omitting from the loan estimate the costs that the lender intends to pay for the consumer has some positive aspects:

  • It’s certainly easier
  • It produces a simpler loan estimate
  • There’s no concern about providing a larger-than-needed lender credit that can cause problems at closing if costs were overestimated

On the other hand, there is the risk that an examiner will refer to comment 37(g)(6)(ii)-2 and the Bureau’s TRID 1.0 discussion of section 1026.37(g)(6)(ii) and cite the lender for failing to disclose information “regarding the services for which the consumer will be likely to pay, either directly or through a higher interest rate.”

Pros and cons of the “costs and credits” approach. Including on the loan estimate the costs that the lender intends to pay or waive for the consumer avoids the one significant concern about the “minimalist” approach. It may also provide more useful information since the consumer can see how much the lender credits may cost in terms of rate and APR (which may tend to be higher than at competing lenders if costs are “buried” in the loan’s pricing) and may be a more informed shopper for the mortgage loan (to the extent that consumers actually shop).

The challenge when using this approach is to pin down as accurately as possible the costs that will apply to the loan (this is supposed to happen for all loan estimates, anyhow) and to disclose lender credits offsetting the costs to be waived or absorbed without making the credits too high. Some lenders have been known to over-estimate some closing costs to avoid tolerance violations at closing, and when they disclose lender credits to offset those closing costs, have found themselves “hoist on their own petards,” having to honor the estimated lender credit amount, while avoiding tolerance cures on the services themselves. That makes it all the more important to fine-tune the cost estimates and lender credit to avoid cures required from either direction.

Of the two approaches, the “costs and credits” approach is the one supported by the regulation and commentary and is the least vulnerable to being cited by examiners.

Avoiding the lender credits ‘lock-in’

Using the “costs and credits” approach can result in having to honor a high estimate of lender credits if the lender isn’t careful. But lenders don’t have to be “locked in” to their estimated lender credits if they understand that a lender credit estimate can be reduced under certain circumstances. Lenders already know about reducing lender credits in connection with pricing changes, such as the execution of a rate lock, because there is a discussion of those adjustments in comment 19(e)(3)(iv)(D)-1.

Contrary to rumor, a change in interest rate-dependent charges is not the only reason that a revised loan estimate (or closing disclosure) can be used to change the estimated lender credits that will be compared with total actual lender credits at closing to determine good faith tolerance. It happens to be the only example provided in the commentary, but there are other possibilities.

In the prefatory text that accompanied “TRID 1.0” at publication, the Bureau said in its analysis of comment 19(e)(3)(i)-5:

With respect to whether a changed circumstance or borrower-requested change can apply to the revision of lender credits, the Bureau believes that a changed circumstance or borrower-requested change can decrease such credits, provided that all of the requirements of § 1026.19(e)(3)(iv) … are satisfied.

Changed circumstances are enumerated in § 1026.19(e)(3)(iv)(A) and (B), and include:

  1. An extraordinary event beyond the control of any interested party or other unexpected event specific to the consumer or transaction;
  2. Information specific to the consumer or transaction that the creditor relied upon when providing the original [loan estimate] and that was inaccurate or changed after the disclosures were provided;
  3. New information specific to the consumer or transaction that the creditor did not relay on when providing the original [loan estimate]; or
  4. The consumer is ineligible for an estimated charge previously disclosed because a changed circumstance described in items 1, 2 or 3 affected the consumer’s creditworthiness or the value of the security for the loan.

A borrower-requested change that revises the credit terms or the settlement can cause an estimated charge to increase.

Because lender credits are treated as negative charges to the consumer, a reduction in lender credits is therefore an increase in charges to the consumer. Therefore, if a changed circumstance or consumer-requested change results in a reduced charge for a service that the lender has agreed to pay for with a lender credit, the lender credit can be reduced dollar-for dollar with the cost of the service if the lender provides a revised loan estimate showing the updated costs and reduced lender credit within three business days of learning of the changed circumstance or consumer-requested change.

Here’s an example: The creditor has agreed to pay for the credit reports and appraisal fee in connection with a loan subject to TRID rules. It issues a loan estimate showing a credit report charge of $30 and an appraisal fee of $500, both disclosed costs based on the best information available to the creditor at the time of the loan estimate. A lender credit of $530 was also disclosed. Several days later, the creditor learns that the appraisal will be completed by a new appraiser trying to break into the market at a cost of $400. The creditor provides a revised loan estimate within three business days reflecting the credit report charge of $30 and an appraisal fee of $400, and lender credits of $430. The revised loan estimate successfully adjusts the lender credits amount (which increased the costs to the borrower by $100, to offset the $100 reduction in appraisal costs).

In order to successfully use this method to adjust the estimated lender credits for good faith comparison purposes, the creditor must carefully document that the lender credits on the loan estimate are specific credits for specified costs, document when the creditor learned of the changed circumstance or borrower-requested change that resulted in the reduced specified cost(s), and document when the revised loan estimate was provided.

October 2018 OBA Legal Briefs

  • UTMA accounts
  • Loans to minors
  • SCRA update
  • FCRA credit freeze update

UTMA accounts

By Pauli Loeffler

In the September 2018 OBA Legal Briefs, I wrote about deposit accounts that can be opened for a minor as owner or co-owner. This month, we look at the other important account offering for minors, accounts opened under the Oklahoma Uniform Transfer to Minors Act (UTMA).

The UTMA statutes are located in Title 58 (the Probate Code), §§ 1201 – 1224. A UTMA will have language stating the funds are held by “_________________ (name of custodian) as custodian for __________________ (name of minor) under the Oklahoma Uniform Transfers to Minors Act.”  Unlike the minor accounts described last month, the minor has no transactional authority. Further, the minor, at least during the term of the UTMA, cannot receive information about the account without the consent of the custodian or an order of a court.

Here are some pertinent points regarding UTMAs:

  • Once funds are transferred to a UTMA, the transfer is irrevocable. If Grandma gets mad at Johnny, or he doesn’t live up to her expectations, she cannot take the funds back.
  • The custodian is a fiduciary and must use the funds solely for the benefit of the minor. S/he cannot pledge the UTMA account for security to make improvements to the house s/he owns even if the minor resides there, or to purchase a car titled in the custodian’s name used to take the minor to school, football practice, etc. On the other hand, the UTMA account could be pledged to buy a car titled in the minor’s name provided s/he has a driver’s license.
  • There can be only one custodian and one minor and one UTMA created. Court-ordered UTMAs do not necessarily follow this rule.
  • The UTMA account can be a CD, MMDA, savings account, NOW account, or DDA. Court ordered accounts generally must be interest-bearing.
  • There is no prohibition on allowing the custodian to have a debit card. This is up to bank policy. Since the minor does not have transactional authority on the account, if the custodian requests a debit card for the minor, it is problematic. However, since the funds will be used by and for the benefit of the beneficiary, this is also up to the bank.
  • PODs are allowed on UTMAs. If it is a court-ordered UTMA, the court will have to specifically name a POD beneficiary, which is rarely done.
  • The transferor of the funds creating the UTMA or the custodian may designate successor custodians. If s/he does not, the custodian may name a successor other than the transferor. If neither the transferor nor the custodian names a successor and the beneficiary is at least 14 years of age, s/he may name a successor who is an adult member of the minor’s family, a guardian of the minor, or a trust company. But, if this is not done within 60 days of the ineligibility, death, or incapacity of the custodian, a guardian (a person appointed by a court) becomes the successor. If there is no guardian or the guardian declines, the transferor, the legal representative (e., the personal representative of the estate, guardian, or conservator) of the transferor or custodian, an adult member of the minor’s family or any other interested person (e.g., the bank) can petition the court to designate a guardian.
  • The custodian shall pay the funds to the minor when the minor reaches the age of 18 unless at the time of transfer of funds a time is specified after the minor reaches the age of 18 but not later than when the minor reaches age 21. In other words, if no age is mentioned, the custodian is required to disburse to the minor at age 18.

Courts routinely order the establishment of a UTMA for minors when the minor is entitled to money under a settlement for injuries in an accident, when entitled to death benefits under a worker’s compensation death claim or as beneficiary of a life insurance policy, and similar situations.  The court order will establish who is the custodian and will control the transactions allowed. Most such court orders will require a further order of the court for the custodian to make any withdrawals during minority, and the bank needs to lock down the account to prevent withdrawals without such an order.

On the other hand, most if not all these court-ordered UTMAs specifically give the bank the power to pay the minor directly as soon as s/he attains the age of 18 which avoids “the custodian who just won’t let go” problem. This comes up quite frequently. Grandma who established and is the custodian of the UTMA isn’t pleased with how the grandson has turned out and won’t disburse the funds. We know of instances where the “minor” is now in his mid- or late twenties and even one who was 35 years old, and the funds were still in the UTMA.

So, the age for disbursement arrives and the custodian does not disburse. The bank reminds the custodian that the time has come, and the custodian has the duty to pay the funds, but the custodian balks and says the kid is irresponsible, and s/he is going to hold on to the funds. I have no problem with the bank notifying the aged-out minor of the UTMA and informing him of § 1221 procedures that allow the bank to release the funds directly to him. Here’s the statutory language:

C. To the extent the custodial property consists of deposit accounts held at a financial institution, if the minor reaches the age for release and the custodian does not make a timely transfer of the property to the minor, the minor may make a request for the account-holding financial institution to intervene. The request from the minor shall be signed, dated and in writing, and shall state that the minor has reached the age for release and the custodian has refused to distribute the remaining funds to the minor after being asked to do so by the minor after the minor was entitled to them. Upon receiving the minor’s request, the financial institution may send a written demand to the custodian to transfer to the minor the funds in any Oklahoma Uniform Transfers to Minors Act deposit account. If the custodian does not make the distribution within thirty (30) days from the date of the financial institution’s demand, the financial institution shall have the authority to close the account and pay out the funds directly to the minor without any liability or recourse from any parties.

The minor starts the ball rolling, by giving the bank a signed, dated, written request stating that the minor (or former minor) has reached the age for release and the custodian has refused to distribute the funds to the minor after being asked to do so.

Then the bank sends a written demand to the custodian to transfer the funds to the minor, giving the custodian 30 days to do so. A template for the letter is accessible on the OBA Legal Links webpage here.

If the custodian comes in to close the account at some point before the 30 days have past, the custodian cannot do a cash withdrawal, and the check must be payable to the named minor ONLY. If the minor is present and wants to open a joint account with the custodian, that’s fine.

Loans to minors

By Pauli Loeffler

I have “borrowed” some of the following from Charles Cheatham, former OBA General Counsel who wrote on this subject for the OBA Legal Briefs nearly two decades ago, but that article is no longer accessible online.

As I indicated in the 2018 September Legal Briefs, Title 15 covers contracts and Sections 11 and 12 contain the provisions about a minor’s capacity to enter into them. Sec. 11 states: “All persons are capable of contracting, except minors, persons of unsound mind, and persons deprived of civil rights…”  § 12 provides: “Minors and persons of unsound mind have only such capacity as is defined by the statutes of this State.” Further, § 19 of Title 15 allows the guardian of a minor to disaffirm a contract during his minority, and allows the minor to disaffirm a contract for one year after reaching majority UNLESS (per §21) a statute has relieved him of the disability of minority to enter into the contract.

The question of loans to minors most often comes up when Dad wants to buy a car for the minor and wants to jump start junior’s credit history by having the child as a co-borrower. The problem is that such a loan is not legally enforceable against the child, and the bank can report neither good nor bad payment history to the credit bureaus. A debt that the minor can disaffirm such that it is void from the beginning is a debt that the minor never owed; and therefore, the minor’s payment, nonpayment or late payment of such a debt cannot be counted against his credit history.

So when can a minor enter into a loan and be legally bound?

Educational loans.

15 O.S. § 33 allows a minor to obtain an educational loan and to be bound by the contract (disaffirmation will not apply) provided he is:

  • At least sixteen years of age, and either
    • has written approval of his parent or guardian, or
    • is not residing with a parent or guardian.

The educational loan must be for the purpose of directly furthering the minor’s education at an educational institution.  Any college, high school, technical, vocational, or professional school meets the definition of “educational institution.”  Before making the loan, the bank must obtain certification in writing that the minor is enrolled, or accepted for enrollment, at the educational institution. If the requirements are met, an educational loan is binding upon both the minor and any guarantor or co-maker.

Let’s consider an example: A 17-year-old high school student applies for a loan to buy a calf for an FFA project.  The student’s vo-ag teacher, who is the FFA sponsor, offers to be either a co-maker or a guarantor on the loan. The minor lives at home under the care of his parents. The loan to buy the calf is “for the purpose of furthering the minor’s education” if his vo-ag class requires he have a livestock project as part of his grade. Provided that the student gets a) written approval from his parents to apply for the loan, b) a letter from his high school verifying his enrollment, and c) a letter stating that raising the calf is a requirement for his vo-ag class, then the bank can make the loan and fall within the parameters of § 33., and the loan would be binding on both the minor and the vo-ag teacher whether s/he is a co-maker or a guarantor.

An example with the opposite result occurs if the bank fails to obtain written verifications from the high school or parental permission since the minor lives with the parents. There is another problem if the minor is the only direct debtor and the vo-ag teacher is a guarantor. The minor would not be legally bound, nor would the teacher be. An early Oklahoma court case states that disaffirmance of a contract by a minor nullifies the contract and renders it void from the beginning; and after the minor has disaffirmed the contract, anyone can take advantage of such disaffirmance. The promissory note signed by the minor is deemed void from the beginning if it is disaffirmed, and so the vo-ag teacher’s guaranty agreement will be treated as void from the beginning.  He has guaranteed a note that is no longer binding, and it is if neither the note nor the vo-ag teacher’s guaranty ever existed.

On the other hand, if the vo-ag teacher or another adult is a co-maker/cosigner on the note the result is different. S/he will be liable on the note regardless of whether it is an educational loan with proper certifications or a loan to buy a car, a motorcycle, a PS-4, etc. because s/he has direct liability on the note not extinguished by the minor’s disaffirmance.

Contracts for necessities.

Under 15 O.S. §20, a minor can enter into a binding loan not subject to disaffirmance when it is “…to pay the reasonable value of things necessary for his support, or that of his family, entered into by him when not under the care of a parent or guardian able to provide for him or them.” There is very little case law under this statute other than minors’ contracts to pay attorney’s fees to obtain or preserve assets of the minor AREN’T necessary for the minor’s support, but if the contract is to pay an attorney to defend the minor in a criminal prosecution, they are.

Let’s say the minor has a job, is not living with his parent or guardian, and the parents/guardian cannot support him. He needs a loan to pay for utilities or rent or medical care. Presumably, such a loan is binding. Or a loan to a young married couple, both 17, not living with their parents would be an “enforceable loan” if made for the specific purpose of buying “necessaries.”

Emancipation.

10 O.S. § 91 gives the district courts the authority to confer the “right of majority” upon a minor to enter into binding contracts as if he had already reached the age of 18.  Emancipation makes the minor an “adult” for purposes of making contracts, but s/he is not an “adult” for all purposes. For instance, s/he is still required to attend school if s/he has not graduated. Note that marriage of a minor does not in and of itself emancipate a minor in Oklahoma although this is the case in other states.

SCRA update

By Andy Zavoina

Here is an SCRA update most of us almost missed. H.R. 5515, the John McCain National Defense Authorization Act for Fiscal Year 2019 became Public Law No. 115-232 on August 13, 2018. Of key importance to us is section 600 which amended the proof of military service in order to qualify for the interest rate reduction afforded in section 207 of the Servicemembers Civil Relief Act (50 U.S.C 3937). This article will explain the changes, as well as provide a refresher for certain SCRA requirements.

Here is how SCRA § 207(b)(1) now reads, after the Sec. 600 amendment:

(1) PROOF OF MILITARY SERVICE.—

(A) IN GENERAL.—Not later than 180 days after the date of a servicemember’s termination or release from military service, in order for an obligation or liability of the servicemember to be subject to the interest rate limitation in subsection (a), the servicemember shall provide to the creditor written notice and a copy of—

(i) the military orders calling the servicemember to military service and any orders further extending military service; or

(ii) any other appropriate indicator of military service, including a certified letter from a commanding officer.

(B) INDEPENDENT VERIFICATION BY CREDITOR.—

(i) IN GENERAL.—A creditor may use, in lieu of notice and documentation under subparagraph (A), information retrieved from the Defense Manpower Data Center through the creditor’s normal business reviews of such Center for purposes of obtaining information indicating that the servicemember is on active duty.

(ii) SAFE HARBOR.—A creditor that uses the information retrieved from the Defense Manpower Data Center under clause (i) with respect to a servicemember has not failed to treat the debt of the servicemember in accordance with subsection (a) if—

(I) such information indicates that, on the date the creditor retrieves such information, the servicemember is not on active duty; and

(II) the creditor has not, by the end of the 180-day period under subparagraph (A), received the written notice and documentation required under that subparagraph with respect to the servicemember.

What Section (1)(A) is telling us is that a servicemember now has 180 days from the date they are released from the service to make a claim for the reduced interest rate of 6 percent. It also states the request must be in writing, must include a copy of the servicemembers orders calling them to active duty and if applicable, orders extending the original so the creditor will have a better understanding of the time served. The servicemember should also have a final set which will define the date they were released. These dates often vary from the prior set because the servicemember has to out-process from their duty station and possibly travel to a final location for out-processing from the service itself. Those arrangements could not be controlled perhaps years earlier when a prior set of orders was issued. The Defense Manpower Data Center (DMDC) database is an excellent control mechanism for verification of military service dates.

A substitute for copies of the servicemember’s orders (Sec. (1)(A)(ii)) is a certified letter from the servicemember’s commanding officer. This term “certified letter” is not defined but in its purest United States Postal Service form would be “a special USPS service that provides proof of mailing via a receipt to the sender.

In the SCRA context, “certified letter” could also mean a letter certifying the servicemember’s status.

The prior SCRA language in § 3937(b)(1) already included the 180-day period, but the certified letter from a commanding officer is a new alternative for invoking the rate reduction.

As a refresher, the application of the cap becomes retroactive to the date the servicemember was placed on active duty.  Even if the debt was paid in full before the servicemember invoked their rights, a re-amortization and refund could be owed based on the date they were under protection of the Act until their release.

These requirements apply to an obligation or liability bearing interest at a rate in excess of 6 percent per year that is incurred by a servicemember, or the servicemember and the servicemember’s spouse jointly, before the servicemember enters military service shall not bear interest at a rate in excess of 6 percent —

(A)       during the period of military service and one year thereafter, in the case of an obligation or liability consisting of a mortgage, trust deed, or other security in the nature of a mortgage; or

(B)       during the period of military service, in the case of any other obligation or liability.

The “obligation” is most commonly a loan but can also be an overdraft. Overdraft fees generally exceed 6 percent but are not expressed in that manner. It is more cost effective to waive those fees than to compute and collect 6 percent interest on them.

A pre-service credit card balance today of a servicemember must be reduced if it exceeds 6 percent. Charges made tomorrow (or at any time during or after military service) are not pre-service and thus not subject to the cap. Once the borrower is in military service, the borrower knows what their debt service capacity is, and they are not expected to overextend themselves.

Interest also includes fees under the SCRA, including late fees. If a valid request is made and the bank has to re-amortize a debt, if the rate is reduced to 6 percent, there is no room for any fee, so all should be waived. The fees should also be waived going forward. If the bank opts to reduce the interest rate lower than 6 percent, there may be room for fees but verify your effective rate.

Section 3937(b)(1)(B) is new. It now authorizes what many banks adopted as a best practice after so many enforcement actions against other banks. In the last few years when a bank was cited for violations of the SCRA, the corrective actions put in place were intended to do more than was required by the law. This included not waiting for a servicemember to make a claim for the interest rate reduction and proactively looking for signs that they may qualify. One way to accomplish this is verification through the DMDC database mentioned above. It has been fine-tuned more and more for accuracy and to reduce update latency. Banks can verify servicemembers individually or in batches. Many banks adopted the batch processing method and check the banks CIF records against the database on a monthly basis. New hits could be shown active duty immediately on bank records or contact and verifications would be initiated with the customer.

Section (B) reinforces the confidence in the DMDC database and says officially that these records may be used in place of military orders or the commanding officer’s certified letter. A bank using this will have a safe harbor so long as the database record shows the date the bank inquired and that the customer is not shown on active duty, and the bank has not received a copy of the orders or certified letter by the end of the 180 day period.

The biggest takeaway in this revision to the law is the safe harbor and confidence in the DMDC database. This is essentially a variation of the database used for Military Lending Act verifications your bank does or the credit bureau you use for such verifications. The credit bureaus update files once daily against the database, but those records are updated by the DMDC more often than that. The MLA database has more information on dependents than the SCRA database. Once, when speaking with the DMDC I inquired as to why a bank could not use just the MLA database and keep it simple. I was cautioned that the two are different and SCRA inquiries should go to that database, and MLA inquiries to that specific database. Regardless of which database you are using for its intended purpose, you must retain your records so that you always have proof of verification in the event there is ever any doubt. And ensure that when a positive match is found, it is noted on a central file as the SCRA status can affect loans, overdrafts and safe deposit boxes. Always check the database prior to a foreclosure or repossession.

Recent SCRA enforcement action

Last November, the U.S. Department of Justice (DOJ) filed a lawsuit in U.S. District Court for the Western District of Washington. The DOJ alleged that Northwest Trustee Services, Inc. violated the SCRA in its foreclosure processes.  The complaint alleges that since 2010, Northwest completed foreclosures on at least 28 homes owned by servicemembers without obtaining the required court orders in advance.

(Northwest is now a defunct company which had described itself as a full-service trustee company providing foreclosure services to mortgage lenders in the Western United States. Last December it closed and is in the process of liquidation in a state court.)

Section 303 of the SCRA (50 U.S.C. 3953) affects pre-service obligations only and states that a court may stay proceedings involving mortgages and trust deeds if the action is filed while the person is in military service or within one year after such service.  Sale, foreclosure or seizure of property isn’t valid except with a court order if made during military service or one year thereafter.

Marine veteran Jacob McGreevey of Vancouver, Washington, submitted a complaint to the DOJ’s Servicemembers and Veterans Initiative in May 2016.  Northwest had foreclosed on McGreevey’s home in August 2010. That was than two months after he was released from active duty in Operation Iraqi Freedom.  McGreevey sued his mortgage servicer, PHH Mortgage, and Northwest in 2016 but a U.S. District Court Judge accepted PHH and Northwest’s argument that McGreevy had waited too long to file his case. McGreevey had been unaware of his SCRA protections until shortly before filing his suit. It was dismissed because of that six-year gap.  The DOJ’s investigation indicated McGreevy was not the only SCRA foreclosure without a court order and the investigation went as far back as 2010.

In addition to monetary damages for affected servicemembers, the SCRA provides for civil monetary penalties of up to $60,788 for the first offense and $121,577 for each subsequent offense of this section.

On September 27, 2018, the DOJ announced it has finally reached a settlement in this case. Under the terms of the settlement, service members who had their homes illegally foreclosed may get compensation of up to $125,000. The company’s total required payout to service members is $750,000, according to DOJ. 

FCRA Credit Freeze Update

By Andy Zavoina

The Economic Growth, Regulatory Relief, and Consumer Protection Act’s (EGRRCPA) Section 301 required consumer reporting agencies to provide consumers with free credit freezes and to notify them of this availability. It established provisions for placement and removal of freezes.

This new rule was effective September 21, 2018, and added a new paragraph to the FCRA, § 605A(i). (The updated FCRA is available at https://www.bankersonline.com/regulations/fcra-605a)

A “security freeze” on a credit report prevents new creditors from accessing the credit file and others from opening accounts in the consumer’s name until the consumer lifts the freeze. Because most businesses will not open credit accounts without checking an applicant’s credit report, a freeze can stop identity thieves from opening new accounts in that consumer’s name. Note that this applies to new creditors, so if a consumer has an existing credit relationship with your bank. Your bank will have access to the file. If you have a new customer applying for credit, asking if they have placed a freeze for any reason would be a good practice, because it must be lifted for you to check that credit file. That lift could slow down the application processing time. Now that this is a free service, expect more freezes from consumers who are proactively preventing identity theft.

After the Equifax data breach many consumers wanted to put a freeze on their credit files. There were reports that the consumer may have been charged for this, when placing it was necessitated by the credit bureau’s lax security. Then placing it initially became free but lifting and reinstating the freeze may have triggered a fee. Amendments to the FCRA have changed this.

The EGRRCPA requires that whenever the FCRA requires a consumer to receive either the “Summary of Consumer Rights” or the “Summary of Consumer Identity Theft Rights,” a notice regarding the new security freeze right must be included. The “Summary of Consumer Rights” is a summary of rights to obtain and to dispute information contained in the consumer’s report and to obtain credit scores. The “Summary of Consumer Identity Theft Rights” is a summary of rights of identity theft victims. Both are available at consumerfinance.gov in English and Spanish.

EGRRCPA also extended the duration of fraud alerts on a consumer’s credit report from 90 days to one year. The fraud alert requires your bank to get the consumer’s approval before opening a new account.

This section of EGRRCPA was effective September 21 Most of the burdens here are on the credit reporting agencies, but the effects may be felt in your bank, and not only when a consumer who has frozen his credit file applies to you for credit. Your bank’s Human Resources department is required to provide a copy of the “Summary of Consumer Rights” when they turn down an application for employment based on information in a consumer report from a credit reporting agency. Those notices need to be updated to the most current version.

September 2018 OBA Legal Briefs

  • Deposit accounts for minors
  • HMDA filing update for small reporters

Deposit accounts for minors

By Pauli D. Loeffler

We get a lot of emails and calls regarding minors as owners on accounts and UTMAs. There are various OBA Legal Briefs articles covering aspects of these accounts in piecemeal fashion, but some of them are not easy to locate, and there are some that pre-date those accessible on the OBA’s Legal Briefs webpage. For your convenience, spawned by my laziness or efficiency depending on your point of view, I decided to cover all aspects of contracting with minors for deposit accounts in this article, and to cover UTMAs in an article in next month’s Legal Update.

Minor’s legal capacity to contract

The Oklahoma statutes governing contracts is found in Title 15, The first thing you need to know is how do you determine when a person ceases to be a minor. This is covered by § 13, which determines who is considered a minor and when the period of minority ends:

  • Minors, except as otherwise provided by law, are persons under eighteen (18) years of age.
  • The period thus specified must be calculated from the first minute of the day on which a person is born to the same minute of the corresponding day completing the period of minority.

Sections 11 and 12 contain the provisions about capacity to enter into contracts.

15 O.S. § 11

All persons are capable of contracting, except minors, persons of unsound mind, and persons deprived of civil rights

However, § 12 provides: “Minors and persons of unsound mind have only such capacity as is defined by the statutes of this State.” Deposit account agreements, loans, leases, operating agreements, partnership agreements, POD designations, operating agreements for LLCs, and a myriad of other agreements are all contracts. Unless there is a statutory exception granting the minor the legal capacity to enter into the contract, the contract may be unenforceable.

Minor as sole owner

Since July 1, 1997, the Oklahoma Banking Code in Title 6, § 903.1 has provided an exception to the general rules set out above and allows a minor who is the sole owner of a deposit account to have the legal capacity to enter into an account agreement. Note that there is an identical statute in Title 18 that covers Savings Associations (S&Ls). This is what the statute says:

A. Except as otherwise provided by this section, a bank or credit union lawfully doing business in this state may enter into a deposit account with a minor as the sole and absolute owner of the account and may pay checks and withdrawals and otherwise act with respect to the account on the order of the minor. A payment or delivery of rights to a minor who holds a deposit account evidenced by a receipt or other acquittance signed by the minor discharges the bank or credit union to the extent of the payment made or rights delivered.

B. If the minor is the sole and absolute owner of the deposit account, the disabilities of minority are removed for the limited purposes of enabling:

1. The minor to enter into a depository contract with a bank or credit union; and

2. The bank or credit union to enforce the contract against the minor, including collection of overdrafts and account fees and submission of account history to account reporting agencies and credit reporting bureaus.

C. A parent or legal guardian of a minor may deny the minor’s authority to control, transfer, draft on, or make withdrawals from the minor’s deposit account by notifying the bank or credit union in writing. On receipt of the notice by the bank or credit union, the minor may not control, transfer, draft on, or make withdrawals from the account during minority except with the joinder of a parent or legal guardian of the minor.

D. If a minor with a deposit account dies, the receipt or other acquittance of the minor’s parent or legal guardian discharges the liability of the bank or credit union to the extent of the receipt or other acquittance, except that the aggregate discharges under this subsection may not exceed Three Thousand Dollars ($3,000.00).

E. Subsection A of this section does not authorize a loan to the minor by the bank or credit union, whether on pledge of the minor’s savings account or otherwise, or bind the minor to repay a loan made except as provided by subsection B of this section or other law or unless the depository institution has obtained the express consent and joinder of a parent or legal guardian of the minor. This subsection does not apply to an inadvertent extension of credit because of an overdraft from insufficient funds, returned checks or deposits, or other shortages in a depository account resulting from normal banking or credit union operations.

Subsection B above. grants the minor the legal capacity to contract and be bound by the terms of the agreement. It also permits the bank to take legal action to enforce the account agreement contract for overdrafts and charge-offs and report the minor to credit reporting agencies, ChexSystems, etc.  Deposit accounts subject to the statute include DDAs, saving accounts, MMDAs, NOW accounts, and CDs. [Going off topic a bit, but related: A minor CAN have an IRA only if s/he has legitimate earned income in at least the amount of the contribution made to the IRA.]

Note that there is no minimum age for a minor as sole owner of such an account. Most minors are capable of signing the account agreement and signature card by the age of 8, perhaps earlier (but note that a minor who can’t sign the agreement cannot open an account). The bank can determine its own policy on types of deposit accounts a minor as sole owner may have based on the age of the minor.

Subsection C.  gives the parent or legal (“court-appointed”) guardian the ability to restrict transactions by the minor by notifying the bank in writing to require the parent or guardian’s approval of the transaction.  However, this does not mean the parent/guardian is a joint owner or authorized signer on the account who can make transactions. The minor is still the sole owner, and the parent/guardian has no direct access to make transactions on the account.

The relief from the disability to contract due to minority for a deposit account is not all encompassing. The minor cannot designate a POD based on language in subsection D. This restriction makes sense since an unemancipated minor (“emancipation” will be discussed in a subsequent article covering loans to minors) does not have the legal capacity to execute a will to dispose of real and personal property in the event s/he dies. If the minor dies, the bank may pay the parent or legal guardian of the minor an amount not exceeding $3,000 without obtaining an Affidavit of Heirs, and just by obtaining a receipt, the bank is relieved of any liability. If the account(s) held by the minor in sole ownership exceed $3,000, then the Affidavit of Heirs under § 906 of the Banking Code could be used unless the amount exceeds $50,000 or the minor died a resident of a state other than Oklahoma.

The first sentence of subsection E. states that the statute does not cover loans. Since the statute was last amended in 2000 prior to the 2005 Joint Guidance on Overdraft Protection Programs, and because I believe the statute would be narrowly construed by a court, I would not offer a minor as sole owner overdraft protection and certainly not the option to “opt-in” to ODP. I also don’t believe the statute permits the minor to add an authorized signer either. The owner of the account is liable for overdrafts and returned items, but not the signer even if the signer caused the overdraft. We recommend that the bank obtain a guaranty and indemnity agreement from the parent or legal guardian of the minor regarding the account

Another issue with minors, whether the minor is sole owner or not, is issuing a debit card since 1) the statute is silent on whether the minor is relieved of the disability of minority to enter into the debit card agreement, and 2) the statute does not have any effect on Visa/MC age requirements (review your contract).  I suggest that the parent/legal guardian sign the Visa/MC agreement, and guaranty and indemnity agreement of the parent or legal guardian should also specifically cover any debit card issued.

Joint with minor 

I know that most if not all banks offer adult joint with minor accounts, but I really hate them. I regret that a question regarding these accounts instantly makes me ballistic and launch into my standard rant “Why I hate joint with minor accounts: let me count the ways.” Truthfully, there are a lot of issues, but no, they don’t happen frequently. However, the risks and possible liability are real and do happen.

Joint with minor accounts are permitted in Oklahoma under Sec. 901 subsection A. of the Banking Code. Unlike minor as sole owner accounts, there is no statutory provision relieving the minor from the disability of minority allowing the minor to enter into the account agreement nor add authorized signers, PODs, opting into OPD, etc. Further, § 19 of Title 15 provides:

In all cases other than those specified herein, the contract of a minor may be disaffirmed by the minor himself, either before his majority or within one (1) year’s time afterwards; or, in case of his death within that period, by his heirs or personal representatives. Provided, that any minor between the ages of sixteen (16) and eighteen (18) who has paid for any repairing, supplying or equipping on any type of a motor vehicle may disaffirm said contract in like manner only by restoring the consideration to the party from whom it was received.

So, the bank has a contract that is 1) not binding on the minor AND 2) can be voided by a guardian during the child’s minority or disaffirmed by the minor for a year after the minor reaches age 18. For this reason, we recommend the bank always have an indemnity agreement to cover both the period of minority and the one-year period during which the contract may be disaffirmed.

There are also other concerns with this type of account. Let’s say we have a minor who has a job, or is depositing birthday, Christmas, or allowance money into the account. It’s a joint account, and the adult spent the money. Or same situation, but there is garnishment, levy, or attachment against the adult (it is highly unlikely the minor would have creditors issuing these). Poof! The minor’s money is gone. Since the minor lacked legal capacity to enter into a joint account agreement, he could sue the bank if funds he has earned or received as presents are taken by the adult or a creditor of the adult, AND he will have a year after reaching majority to disaffirm the contract and sue the adult and the bank.  Or let’s say the account is overdrawn, and the minor turns 18. Rather than be liable for the overdrafts, he disaffirms the contract. Keep in mind, that because the minor lacked capacity to enter into the joint account agreement, the bank cannot report him to credit bureaus, ChexSystems, etc., or pursue collection of the overdraft.

Now, let’s look at joint with minor accounts from the adult owner’s perspective. The minor as joint owner can withdraw any or all the funds or close the account just as any joint owner can.  The adult has no way to control this other than to close the account before the minor spends all the funds or closes the account. If the account is overdrawn by the minor, the adult’s credit or ability to pass ChexSystems or similar systems will be affected.

But wait there’s more… There are other issues with these joint accounts. Often the adult will request that the minor be the primary on the account, but I recommend the bank’s policy prohibit doing this to prevent the adult, who is the actual source of the funds, from evading taxes. I fully understand that the majority of joint with minor accounts are non-interest bearing and even those that are interest-bearing do not generate much, if any, reportable interest. Usually, the adult is not making the request for an illegal purpose, but I have encountered several instances when the reason for the request is to evade taxes. It is simpler to say, “No, our policy requires the adult be the primary on the account,” rather than discover the MMDA which was opened with a deposit $500 dollars now has a balance of $225,000, or the $5000 CD has over the years been increased at maturity to $400,000, and then having to file a SAR because the bank realizes a crime is being committed.

One question regarding joint with minor accounts that comes up with some frequency is: What should the bank do when the adult dies leaving the minor as sole owner of the account? If the bank offers minor as sole owner of the account, the answer is simple: contact the parent or legal guardian of the minor to get the recommended guaranty and indemnity agreement signed, have the minor sign a new account agreement and signature card, and let the parent or guardian choose whether to restrict the minor’s transactions or not.

On the other hand, if your bank does not offer minor as sole owner accounts, things aren’t quite so simple.  The funds belong to the minor. The same statute that permits joint with minor accounts authorizes the bank to pay the minor. Section 901 provides:

A. When a deposit has been made or shall hereafter be made in any bank in the names of two or more persons, payable to any of them or payable to any of them or the survivor, such deposit, or any part thereof, or any interest thereon, may be paid to either of the persons, whether one of such persons shall be a minor or not, and whether the other be living or not; and the receipt or acquittance of the person so paid shall be valid and sufficient release and discharge to the bank for any payment so made.

The statue says “may be paid…” which indicates that the act is “permitted” rather than “required.” However, the word “shall” is used in the next clause regarding the bank’s liability. In other words, if the bank chooses to pay the minor and minor signs a receipt that s/he has received the funds, the bank IS discharged from any liability for the payment.

Let’s say the surviving minor on the account is old enough to be able to sign his name and the amount in the account is $200. In this situation, I don’t have a problem closing the account and paying the minor in cash or by check. That’s a simple and easy solution for the bank that does not offer minor as sole owner accounts, and the bank is protected by the minor signing the receipt.

On the other hand, let’s say the amount in the account is $25,000, and Jimmy Smith, the minor. is a year or more shy of his 18th birthday.  Mom shows up at the bank without Jimmy wanting a check. The funds belong to Jimmy, not to Mom. The check will have to be made payable to “Jimmy Smith, a minor,” and Jimmy isn’t there to sign a receipt to protect the bank. You can suggest that rather than having to make Jimmy come in, the bank will be happy to open a UTMA for Jimmy with Mom as the custodian. But let’s say the bank knows Mom has a gambling problem, creditors after her, or has had one or more charged off accounts or loans with your bank, and Mom isn’t likely to comply as a fiduciary and use the funds solely for Jimmy’s benefit. If Jimmy is an older teen and Mom brings Jimmy in to sign the receipt, at least you can advise him that the money is his, not his Mom’s or anyone else’s. In an extreme case, the bank could interplead the funds, and the court would order a UTMA that would restrict any withdrawals without a further order of the court until the minor reached age 18, at which point most such court-ordered UTMAs direct the bank to pay the aged-out minor directly.

I will note this problem also presents itself when a minor is named as POD. One way to avoid this situation is to suggest the account owner include language like the following in the POD designation: “Jane Doe, as custodian for Jimmy Smith under the Oklahoma Uniform Transfers to Minors Act.” It is a good idea to add a successor or alternate custodian using the following language: “If Jane Doe dies, is incapacitated, declines the appointment, or resigns, then William Brown shall be the successor custodian.” In the event, Jimmy is already age 18 when the owner dies, the bank will pay Jimmy directly since a UTMA cannot be created if the person is over the age of 18.

Next month, I’ll address the other major type of account for minors, the UTMA (Uniform Transfers to Minors Act) account.

HMDA filing update for small reporters

By Andy Zavoina

A lot has happened to HMDA filing for small reporters under Section 104 of EGRRCPA, the Economic Growth, Regulatory Relief and Consumer Protection Act (f/k/a S.2155) since June. Section 104 modifies the Home Mortgage Disclosure Act so that a bank originating fewer than 500 closed-end mortgages and fewer than 500 open-end mortgages in each of the last two years with a Satisfactory or better CRA rating won’t need to report the new data fields added for loans and applications with final action dates in 2018. This allows small reporter banks to avoid the in-depth reporting requirements.

Since June the agencies first issued guidance (OCC Bulletin 2018-19) that began to address the Loan Application Register (LAR). The agencies devised an obvious “fix” that many in the industry had overlooked. Instead of two separate LAR formats – one for regular reporters and one for small reporters, new entry codes will be used by the partially exempt filers to indicate the bank is exempt from reporting a field’s data. This was an excellent solution for software vendors and banks alike as the only updates required are field codes.

Two resources all HMDA banks should have are the Guide to HMDA Reporting 2018 edition (https://www.ffiec.gov/hmda/guide.htm) and the latest HMDA Filing Instruction Guide (FIG) which was updated last month, August 2018 (https://s3.amazonaws.com/cfpb-hmda-public/prod/help/2018-hmda-fig-2018-hmda-rule.pdf).

Another key document which should be read and saved is the August 31, 2018, final rule (https://files.consumerfinance.gov/f/documents/bcfp_hmda_interpretive-procedural-rule_2018-08.pdf) issued by the Bureau of Consumer Financial Protection. This 31-page document will clarify the requirements of HMDA revisions made by Section 104(a) of the EGRRCPA.

Bankers have asked about optionally reporting data. While this is permissible, we need to ask “why?” From the final rule, “Accordingly, the HMDA platform will continue to accept submissions of a data field that is covered by a partial exemption under the Act for a specific loan or application as long as those insured depository institutions and insured credit unions that choose to voluntarily report the data include all other data fields that the data point comprises. For example, if a partially exempt institution reports a data field that is part of the property address data point (such as street address) for a partially exempt loan or application, it will report all other data fields that are part of the property address data point (including zip code, city, and State) for that transaction in accordance with the 2018 FIG.”

If a bank has the option to enter the code for being exempted, why take any unnecessary risk that an error will be made when voluntarily reporting data? There is the requirement that more than perhaps just one field must be completed, and this increases the risks of there being an error.

In fact, the final rule clarifies several points in section IV. Permissible Optional Reporting. The Bureau believes some banks may opt to complete the LAR as though it was not exempt as a precaution. Whether a partial exemption applies to a bank’s lending activity for the current calendar year depends on its origination activity in each of the preceding two years and, in some cases, this cannot be determined until just before data collection must begin for the current calendar year. For example, whether a partial exemption applies to closed-end loans for which final action is taken in 2019 depends on the number of closed-end loans originated by the bank in 2017 and 2018. So, the bank might not know until the end of 2018 what information needs to be collected in 2019 for reporting in 2020. Compliance officers will need to work closely with Loan Administration on the current counts of applicable loans and with management as it projects loan volumes for these products in the coming year as well. Before the year end, based on real numbers and projections it may be necessary to train staff proactively for any new reporting requirements through a loss of exemption, unless the bank opts to report voluntarily. So, the choice is yours to accept the risk of errors when reporting voluntarily, or to rush staff into year-end training in preparation for anticipated reporting requirements in the next calendar year.

It should be pointed out here that none of the data points covered by the partial exemption call for information that is normally not available in a mortgage loan file. The real difference in procedures between full filing HMDA reporters and partially exempt small reporters is the extraction of the information for the data points covered by the partial exemption and inserting the information in the HMDA data file.

V. Loans Counted Toward Partial Exemptions’ Thresholds clarifies that only loans and lines of credit which are otherwise HMDA reportable contribute to the threshold exemption count.

Section 104(a) does not define a “closed-end mortgage loan” or an “open-end line of credit.” It does not specify whether these terms include loans or lines of credit that would otherwise not be subject to HMDA reporting. The Bureau believes that the terms “closed-end mortgage loan” and “open-end line of credit” as used in the Act are best interpreted to include only those closed-end mortgage loans and open-end lines of credit that would otherwise be reportable under HMDA. This is information Loan Administration needs in providing Compliance with the contributing loan count mentioned earlier.

VI. Data Points Covered by the Partial Exemptions defines the data points exempted banks will not have to report. There is a table on page 18 of the final rule, linked above, that depicts the applicable and exempt data points. There are 26 data points listed in the first column of the table which fall under the exemption:

  • Universal Loan Identifier (ULI)
  • Property Address
  • Rate Spread
  • Credit Score
  • Reasons for Denial (except for OCC-regulated banks – see below)
  • Total Loan Costs or Total Points and Fees
  • Origination Charges
  • Discount Points
  • Lender Credits
  • Interest Rate
  • Prepayment Penalty Term
  • Debt-to-Income Ratio
  • Combined Loan-to-Value Ratio
  • Loan Term
  • Introductory Rate Period
  • Non-Amortizing Features
  • Property Value
  • Manufactured Home Secured Property Type
  • Manufactured Home Land Property Interest
  • Multifamily Affordable Units
  • Application Channel
  • Mortgage Loan Originator Identifier
  • Automated Underwriting System
  • Reverse Mortgage Flag
  • Open-End Line of Credit Flag
  • Business or Commercial Purpose Flag

Those data points will still be in the filing format (small reporters will use the same HMDA filing format used by all other HMDA filers), but each of those data points will have a new valid input value – either “Exempt” for alphanumeric fields or  “1111” for numeric-only fields –-  to signify that the reporter qualifies for the partial exemption and is not reporting the data point.

OCC-regulated institutions will be required to complete the data points for Reasons for Denial, even if they qualify for the partial exemption, because the OCC requires that information to be included under its own separate rule.

The 22 data points shown in the second column on page 18 of the final rule are those that are still required to be reported by all reporting banks:

  • Application Date
  • Loan Type
  • Loan Purpose
  • Preapproval
  • Construction Method
  • Occupancy Type
  • Loan Amount
  • Action Taken
  • Action Taken Date
  • State
  • County
  • Census Tract
  • Ethnicity
  • Race
  • Sex
  • Age
  • Income
  • Type of Purchaser
  • HOEPA Status
  • Lien Status
  • Number of Units
  • Legal Entity Identifier

The Bureau will still require that each loan be assigned a unique ID number (a Non-Universal Loan Identifier, or NULI) that can’t be reused for any purpose. It isn’t a Universal Loan Identifier and doesn’t have to include the bank’s Legal Entity Identifier or check digits. It can be up to 22 characters long (including any check digit), using letters, numerals or a combination of letters and numerals, but must be unique within the reporting institution, and must not include any information that could be used to directly identify that applicant or borrower (such as name, date of birth, SSN, official government-issued driver’s license or identification number, alien registration number, passport number, or employer or taxpayer identification number). Use of a check digit as part of the NULI is optional.

Partially exempt filers can use the NULI to complete the ULI data point for each loan reported. As noted in the second list above, all reporters, including those with the partial exemption, will still need to use their Legal Entity Identifier to identify themselves (it replaces the Respondent ID in pre-2018 filings).

Disqualification for exemption by CRA ratings

A bank is not eligible for the partial exemption if it has received a rating of “needs to improve” for each of its two most recent CRA evaluations, or a rating of “substantial noncompliance” on its most recent evaluation. Under the Bureau’s interpretive and procedural rule, each institution must check its two most recent CRA ratings as of December 31 of the preceding year to determine whether it can use the partial exemption.

For example, in 2020, the preceding December 31 is December 31, 2019. If the bank received a rating of “needs to improve” during each of its two most recent CRA evaluations that occurred on or before December 31, 2019, the bank is not eligible for the special exemption during 2020.

Similarly, if the bank received a “substantial noncompliance” rating in its most recent CRA evaluation on or before December 31, 2019, it will not be eligible for the partial exemption in 2020.

Effective Dates

The amendments to HMDA made by section 104 of EGRRCPA became effective on enactment, May 24, 2018. The Interpretive and Procedural Rule was effective on publication in the Federal Register, on September 7, 2018.  Despite the May 24 and September 7 effective dates, section 104 of EGRRCPA relieves banks and credit unions that are eligible for a partial exemption under the Act of the obligation to report certain data in 2019 that may have been collected before May 24, 2018. So, a partial exemption covers all applications and loans with final action dates on or after January 1, 2018, for eligible reporters.

August 2018 OBA Legal Briefs

  • FinCEN exemptive relief ending
  • UDAAP – The long-term risk
  • Speaking of UDAAP: TCF overdrafts update
  • Voicemail, phone call, and email etiquette
  • Loans to candidate campaigns

FinCEN exemptive relief ending

By John S. Burnett

On May 16, FinCEN issued a ruling (FIN-2018-R002) providing a “90-day limited exemptive relief” from the obligations of the Beneficial Ownership Requirements for Legal Entity Customers. The relief postponed application of the beneficial ownership requirements only with respect to “certain financial products and services that automatically rollover [sic] or renew,” namely, certificates of deposit [CDs or time deposits] or loan accounts.

The 90-day postponement was back-dated to start May 11 (the “applicability date” of the rule for covered financial institutions and expires August 9, 2018. Although FinCEN said in the ruling that during the period of exemptive relief, it would determine whether and to what extend additional exemptive relief may be appropriate for the automatic rollovers or renewals of these accounts established before May 11 but expected to roll over or renew after that date, we have heard nothing from FinCEN as of August 2, one week before the expiration date.

Affected accounts

Despite hopes that FinCEN had intended to provide the exemptive relief for loan renewals and automatic rollovers of CD accounts, FinCEN made it clear to several bankers who questioned the wording of the ruling that its wording was intentional: “automatically” was intended to apply to both CD rollovers and loan renewals. Most bank loans to legal entities don’t renew automatically (there may be exceptions for some open-end lines), so the exemptive relief applied essentially to auto-rolling CDs.

What banks should be doing now

With only a day or two before the scheduled end of exemptive relief, banks should not be betting on FinCEN to extend the August 9 deadline. If it happens, fine, but the only responsible way to proceed in the absence of any word from FinCEN is to assume that compliance with the beneficial ownership requirements will be required beginning Friday, August 10. Certificates of beneficial ownership should be obtained for each new account (including rollovers of CDs and renewal of loans) for legal entity customers covered by the requirements. When the new account, rollover or renewal is of an automatic rollover CD or of a loan, the financial institution should include a statement in the certification of beneficial ownership that the legal entity agrees to notify the financial institution of any change in the information in the certification. To the extent that the financial institution has no knowledge of facts that would reasonably call into question the continued reliability of the ownership information, the financial institution can consider that agreement to notify the institution the equivalent of the certification or confirmation from the customer for future rollovers or renewals of the CD or loan.

More about that statement

Financial institutions are reporting that some vendors have included the “agreement to notify” statement as part of the boilerplate language of the certification of beneficial ownership signed for all legal entity customers for all types of accounts. You should be aware, however, that you cannot rely on such a statement for renewals or rollovers of any accounts other than loans and auto-rolling CDs. And even for those accounts, the “agreement to notify” only applies to the certification it’s included in; you can’t use an “agreement to notify” given in connection with an auto-rolling CD to cover the requirement for a certification of beneficial ownership when the legal entity customer opens another account (e.g., a new payroll checking account or a safe deposit box lease).

Keep alert for developments

FinCEN can and is likely to (eventually) change some or all the advice in this article. Be alert for notices from the OBA Compliance Team or others that announce any movement from FinCEN on its exemptive relief or any other aspect of the Beneficial Ownership Requirements for Legal Entity Customers rule.

UDAAP – The long-term risk

By Andy Zavoina

Those who have worked in compliance for some time may remember a rule that examiners would not cite you for a violation found today, which existed at the last exam, when it was not found. There was some controversy, which may be what led to that rule changing, because the rule was “last exam” and not “last compliance exam,” so even an Information Technology exam reset the penalty clock for a Reg Z violation.

Those days are gone as penalties can easily be levied against a bank for many reasons and when the violation is found, not necessarily when it happened. The pendulum has definitely swung to the other side and Unfair, Deceptive, or Abusive Acts or Practices (UDAAP, from the Bureau and UDAP, without “Abusive” from the Federal Trade Commission) is an arrow the examiners have in their quivers that can be used under many conditions. This article reviews some samples of UDA(A)P-centered enforcement actions. But before we look at those cases, it’s helpful to understand what acts or practices might be considered unfair, deceptive or abusive.

The UDAP terms (under section 5 of the Federal Trade Commission Act) unfair and deceptive have largely been defined in enforcement actions and court cases. Most past enforcement actions involving banks have centered around marketing and advertising of products and services but in the last eight years or so, we’ve seen increased use of this enforcement arrow by both the FTC and federal financial institution regulators. Also, section 1031 of the Dodd-Frank Act gave the Bureau and state attorneys general enforcement authority for unfair, deceptive or abusive acts or practices of persons or entities under their regulatory purview.

An unfair act or practice is one that:

a) causes or is likely to cause substantial injury to consumers;

Substantial injury usually involves monetary harm. Monetary harm includes, for example, costs or fees paid by consumers as a result of an unfair practice. An act or practice that causes a small amount of harm to a large number of people may be deemed to cause substantial injury.

b) the injury is not reasonably avoidable by consumers; and

An act or practice is not considered unfair if consumers may reasonably avoid injury. Consumers cannot reasonably avoid injury if the act or practice interferes with their ability to effectively make decisions or to take action to avoid injury. If material information about a product, such as pricing, is modified after, or withheld until after, the consumer has committed to purchasing the product, the consumer cannot reasonably avoid the injury. Moreover, consumers cannot avoid injury if they are coerced into purchasing unwanted products or services or if a transaction occurs without their knowledge or consent.

A key question is whether an act or practice hinders a consumer’s decision-making. Not having access to important information could prevent consumers from comparing available alternatives, choosing those that are most desirable to them, and avoiding those that are inadequate or unsatisfactory. And, if almost all market participants engage in a practice, a consumer’s incentive to search for better terms is reduced, and the practice may not be reasonably avoidable.

c) The injury is not outweighed by countervailing benefits to consumers or to competition.

To be unfair, the act or practice must be injurious in its net effects — that is, the injury must not be outweighed by any offsetting consumer or competitive benefits that also are produced by the act or practice. Offsetting consumer or competitive benefits of an act or practice may include lower prices to the consumer or a wider availability of products and services resulting from competition.

A representation, omission, act or practice is deceptive when-

  1. The representation, omission, act, or practice misleads or is likely to mislead the consumer;
  2. The consumer’s interpretation of the representation, omission, act, or practice is reasonable under the circumstances; and
  3. The misleading representation, omission, act, or practice is material. This applies when it misleads or is likely to mislead the consumer.

Written disclosures may be insufficient to correct a misleading statement or representation, particularly where the consumer is directed away from qualifying limitations in the text or is counseled that reading the disclosures is unnecessary. Likewise, oral or fine print disclosures or contract disclosures may be insufficient to cure a misleading headline or a prominent written representation. Similarly, a deceptive act or practice may not be cured by subsequent truthful disclosures.

Acts or practices that may be deceptive include: making misleading cost or price claims; offering to provide a product or service that is not in fact available; using bait-and-switch techniques; omitting material limitations or conditions from an offer; or failing to provide the promised services.

An abusive act or practice:

a) Materially interferes with the ability of a consumer to understand a term or condition of a consumer financial product or service or

b) Takes unreasonable advantage of:

  • A lack of understanding on the part of the consumer of the material risks, costs, or conditions of the product or service;
  • The inability of the consumer to protect its interests in selecting or using a consumer financial product or service; or
  • The reasonable reliance by the consumer on a covered person to act in the interests of the consumer.

Combined, this definition of abusive indicates terms, disclosures and advertisements for products need to be clear and easily understood without reliance on micro-font footnotes or other disclosures that may be “legalese” or have “hidden” terms. It also tells us that the more complex a product or service is, the more it may need to be explained and this will also depend on the market it is provided for. Lastly, it says the bank must act in the best interest of the consumer. It will not be enough to say, “we made the full disclosure, so we are covered for liability.”

Marklebank

In September 2011 the Marklebank in Markle, Indiana, received a civil money penalty of $82,500 from the FDIC. Marklebank established and followed procedures for the resolution of EFT errors that were contrary to the bank’s disclosures concerning error resolution for these products and in violation of Reg E. The bank appears to have used model disclosures and to have had approved policies and procedures that conformed to the requirements of Reg E, but in practice they did something different.

From The Journal Gazette – “Mike Marhenke, president and CEO of Independent Alliance Banks Inc. [a two-bank holding company that owns Grabill Bank and MarkleBank], said the issue revolved around whether bankers could require customers to file a police report before giving temporary credit for unauthorized withdrawals from their accounts.

Staff at both banks under his watch required police reports because they simply missed that provision in the detailed regulations banks are required to follow, Marhenke said.

“The last compliance exam, we were doing the same thing, and (inspectors) didn’t say a thing,” Marhenke said.”

Under Reg E there is a very short list of specific requirements a consumer needs to satisfy to file a claim. Filing a police report is not one of them. A bank cannot add to requirements specified in the law. And just because a violation wasn’t caught in a prior exam, doesn’t mean it will not be caught on any exam after that. When the bank states it will follow Reg E, and it then requires more than is allowed, the examiners classify that as a UDAP problem.

It could have been filed as a Reg E penalty. While there are criminal penalties under Reg E (15 USC 1693 Sect. 917), I’ve never heard of that being imposed on anyone. Civil penalties (15 USC 1693, Sect. 916) include actual damages, individual actions of $100 to $1,000 and class action penalties of $500,000 or 1% of the banks net worth plus court and attorney fees. A penalty from a regulatory agency for Reg E would be under 15 USC 1693 sections 910, 915, 916, 917. Under UDAP (FTC Act Sec. 5) the penalty can be $41,484 per violation (adjusted for inflation annually). As arrows in a quiver go, a UDAP arrow can do more damage than a Reg E arrow and with an $82,500 fine under UDAP, this bank learned a lesson.

While there should not be an acceptable penalty amount to justify a noncompliant product or service, some people will include the cost of a violation as a factor. Suffice it to say that if what is being done could qualify as unfair, deceptive, or abusive, the penalty for UDAP or UDAAP must also be considered, as that may be the arrow shot at the bank.

Community Trust Bank

UDAP/UDAAP has no real statute of limitations. The Bureau asserts that, while a three-year statute of limitations applies when it brings cases in federal court, no period of limitations applies in its own administrative tribunal. Community Trust Bank, Inc. of Pikesville, Kentucky was hit with a UDAP penalty on July 25, 2018. Key points in this Federal Reserve enforcement action are that the bank will pay at least $4.75 million in penalties and restitution. The penalty arises from add-on products of a minimal cost, but reaches back to 1994. That was 24 years ago (some reading this article were not yet born).

What Community Trust Bank was doing was offering deposit account add-on products to consumers. These products were bundled which included benefits such as payment card protection, lost key protection, and medical emergency data cards and the costs ranged between $2 and $10 per month. In its marketing accountholders were lead to believe  that the full bundle of benefits would be effective when they enrollment. In fact, the accountholders had to take certain steps after they enrolled to receive some of the benefits. The bank did not adequately disclose this two-step enrollment process to the accountholders and the accountholders would billed regardless of benefit activation. Approximately 4,270 accounts were involved. Compare these actions to the definitions above and it is easy to see consumers were not informed and were misled. While the fees paid were not large, they were paid by a large group and over a very long period.

 

Speaking of UDAAP: TCF overdrafts update

By John S. Burnett

TCF National Bank, Wayzata, SD, is a $23 billion-asset bank with 335 branches in Arizona, Colorado, Illinois, Michigan, Minnesota, South Dakota and Wisconsin. In January 2017, the CFPB sued the bank for tricking consumers into costly overdraft services. The Bureau alleged that TCF designed its application process to obscure the fees and make overdraft service seem mandatory for new customers to open an account. The CFPB also believes that TCF adopted a loose definition of consent for existing customers to opt them into the service, and pushed back on any customer who questioned the process. The lawsuit sought redress for consumers, an injunction to prevent future violations, and a civil money penalty.

The Bureau’s complaint alleged that TCF violated the Electronic Fund Transfer Act and Regulation E and the Consumer Protection Act (part of the Dodd-Frank Act), claiming that TCF was engaged in unfair, deceptive or abusive acts or practices (UDAAP).

In 2009, TCF’s management is alleged to have estimated that about $182 million in annual income was “at risk” because of the Regulation E opt-in rule. In its complaint, the Bureau said the bank’s CEO had named his boat “Overdraft.”

In September 2017, a U.S. district judge narrowed the scope of the case, dismissing counts regarding disclosures around electronic fund transfers (stating that neither the EFT Act nor Regulation E mentions deceptive practices relating to the Regulation E opt-in procedures). The judge also limited the Bureau’s ability to “reach back” to earlier that July 21, 2011 (the creation date of the Bureau) for TCF actions that might constitute UDAAP.

In July 2018, the Bureau announced the filing of a proposed settlement with TCF over the allegations that the bank’s actions were unfair, deceptive or abusive.  The bank has agreed to pay $25 million in restitution to affected customers, and a $5 million civil money penalty ($3 million of it satisfied by payment of a $3 million penalty imposed by the OCC under the settlement).

Voicemail, phone call, and email etiquette

By Pauli D. Loeffler

We on the OBA Compliance Team get hundreds of voicemails, phone calls, and emails every month, and this article is really a rant about things that drive us crazy, and why.

Voicemail.  When we are on a call from another banker, grabbing lunch or a cup of coffee, or answering the call of nature, your call will go to voicemail.  While there are quite a few of you whose voices I recognize immediately (I have been doing this for more than 14 years, and you call regularly or have reached “frequent flyer” status), more than 90% of you don’t fall into that category. Recently, one of the OBA Compliance Team spent 15 minutes tracking down “Kerri” at a member bank who left a voicemail, and the name sounded like Terri on the voicemail. The banker left no last name, no department, no branch, no extension number. We know you want your question addressed as quickly as possible, and you can help us do that: 1) leave your full name and the name of your bank, 2) Your phone number and extension (if you have one), the branch or department name, and 3) your question. Please speak slowly and clearly. A message is worthless if we can’t understand it.

The description of your question is important. We realize that you may not have time to go into all the details when leaving a voicemail (you will have 3 to 5 minutes for your message when you reach voicemail). Frankly, I generally only make it through a couple of minutes of a long message, since I generally get to hear it a second time when I call back. To save both you and us time, if you give us the topic, such as account without POD or deceased POD, CTR, perfection of security interest, right of rescission, HMDA, flood, etc., we know what area of compliance or law we will need to address. If you give us the salient details, such as whether the POD died before the owner, when a check was deposited and/or returned, whether the drawer’s signature or the indorsement was forged, whether the check was a counterfeit or not, etc., we are better prepared to answer your question when we return your call.

Phone calls. My main complaint in this area is when the banker has not pulled together all the information needed to address the question before making the call (or leaving the voicemail). For instance, some banks have designated a point person to answer questions, and if s/he doesn’t know the answer, s/he is the one to make the call. Often the information has been provided by another employee at a branch who has the document or has met with the customer, and the point person does not have the document or the information needed for us to answer the question when s/he calls. For instance, the customer has presented a power of attorney naming two individuals as attorneys-in-fact, and the question is: “Do they both have to act together?” The point person does not have the POA, and I need to know whether there is an “and” or an “or” between the names, or perhaps the POA is naming one to be the successor if the first declines, dies, becomes incompetent, etc. We now get to spend several minutes while the point person contacts the branch to get the POA while other calls are rolling to voicemail, or a call back will be needed after the POA comes through. The point here is: please have all information including documents available before making the call or get the branch employee with direct knowledge on the line with us to save time.

Certain introductory phrases give me pause, such as: “I have a quick question.” This causes me to take a deep breath, cross my fingers, and hope that 1) it is a quick question meaning uncomplicated facts and/or circumstances, and 2) I have a quick answer. Another one is: “I’m sure you’ll know the answer off the top of your head.” There is about a decent chance I will, but sometimes the question will require research. “We have a situation…” is a common opening statement. Sometimes the “situation” is easily fixed, other times it is a SNAFU or FUBAR. The ultimate “situation” is SNAFUBAR (no one should have to deal with more than one of those in a lifetime). [Note: I realize that later in this article I rant about the use of acronyms. I needed to keep the article to a PG rating, so I leave it you to ask someone or use the internet to look these up. The third term I personally coined.]

A recurring challenge is the caller (or emailer) who has to be cross-examined like an adverse witness to get information needed for a correct response. Let’s say the customer is deceased, the bank knows it, and a check has been presented for payment. The banker wants to know whether to pay the check. This is one everyone on the OBA Compliance Team knows the answer to off the top of his or her head, however, the banker does not provide the facts we need. We then have to ask a series of questions. 1) What date was the check written? 2) What was the customer’s date of death?  3) On what date was the check presented for payment? 4) Did a joint owner or POD request a stop payment?

UCC Sec. 4-405 answers the question: the bank may, but is not required to, pay or certify a check written on or before the date of death, presented within 10 days of date of death, unless ordered to stop payment by a person claiming an interest in the account.

Emails. We on the OBA Compliance Team can be a picky lot, but there are some complaints that are justified. First, please do not use all caps! This indicates you are shouting (even if you aren’t), and it reminds us of telegrams. More importantly, the use of all caps makes for difficulty in reading.

Another problem we encounter is the use of certain fonts, such as script fonts, which are lovely to look at but very hard to read. Certain fonts such as Arial, Times New Roman, and Calibri are much easier to read than Garamond, Cambria, or Comic Sans (the Nickelback of fonts).  And yes, you can choose to have “stationery,” but it can make your email more difficult to read. Some are worse than others, but patterns, dark colors, and left side bleeds or patterns are the worst, at least in my personal opinion.  I am all for personalization, but if you choose Evergreen, Industrial, Deep Blue, Marble Desk, Currency (which sounds perfect for a banker) or the like, please restrict them to your personal emails rather than for business use.

Speaking of personalization, some bankers seem to be going incognito or hiding in the witness protection program. We need to know who you are and who you represent. We get some emails that do not contain a bank or business name, an address, or a phone number and extension for the bank or sender (see voice mail, above), just the name of the banker (sometimes just a first name!) Sure, we can Google the email address, but this should never be necessary. Your signature block should give us the information, especially a phone number, since sometimes a question is easier to answer that way, particularly if we need more information than you’ve included in the email.

As bankers, we are used to acronyms and abbreviations such as DTI, FIRREA, TISA, ETIL, LTV etc. However, we often get emails using acronyms or abbreviations that leave us scratching our heads, and we have no clue what they mean. If a Google search doesn’t enlighten us, we are forced to ask the banker to give us the definition before we can provide a response. Other times we can figure it out by the context in which it is used. For instance, the abbreviation “EX-WD” apparently meant “expressly withdrawn” in the context of a loan application.

Banks are creative in assigning names to deposit accounts. For instance, a bank will name an account Super NOW Account. I know what a NOW account is per Reg D, but it turns out the attributes of the account are really those of an MMDA. This isn’t a problem, but the name doesn’t give me the information I need.

Subject lines serve a useful purpose. I personally hate it when the subject line is “Question” without more. I have an overwhelming desire to change it when I respond to “Answer.” “HELP!” as the subject line is just as bad.  A blank subject line is also annoying.  I had a coworker who refused to put anything in the subject line, and you never knew if the email was about a significant problem or just a reminder to turn the light off in the bathroom if you are the last to leave the building. Helpful hint: Emails without a subject are often victims of spam filters in some email systems.

Sometimes the subject line used is ambiguous. For instance, “CRA” in a subject line can mean either “Community Reinvestment Act” or “Credit Reporting Agency.” Each member of our team has certain areas of expertise; Andy Zavoina is fluent in Community Reinvestment Act-speak while with minor exceptions, I will have to spend time doing research.

Something that bothers all of us on the team is when a banker replies to a prior email, changes topics, but does not change the subject line. For instance, the subject line is HMDA, the question has been answered, and instead of sending a new email with the appropriate topic in the subject line, the banker hits “reply” rather than starting a new email, leaves the subject line “as is,” but the new question is about right of rescission.  Preferably, you should start from scratch and with a new email rather than just change the subject line.

I hope my little rant has proven to be both entertaining and helpful.

Loans to candidate campaigns

By Pauli D. Loeffler

  1. Are there any regulations relating to loaning money to candidates for campaigning? We have not had this occur before and we want to make sure we aren’t missing anything.
  2. Sec. 808 of the Oklahoma Banking Code provides:
  3. Prohibition against political expenditures. It is unlawful for any bank to make a contribution or expenditure in connection with any election to any political office, or in connection with any primary election or political convention or caucus held to select candidates for any political office, or for any candidate, political committee, or for any other person to accept or receive any contribution prohibited by this section (Section 808A)…

While contributions are prohibited, loans are not. From the State Office Candidate Guide 2017-2018, starting on page 26, similar provisions apply to county and municipal candidates).

Permissible Loans

Candidates may receive loans from three sources:

  1. A commercial financial institution
  2. A non-commercial financial institution
  3. The candidate

Loans by Commercial Financial Institutions

A candidate committee may receive a loan from a commercial financial institution. A loan from this entity is not considered a contribution if (1) the entity normally engages in the business of making loans, (2) the loan is made in the regular course of business, and (3) the loan is made on the same terms as are ordinarily made available to the public. Rule 2.65.

 

 

July 2018 OBA Legal Briefs

  • Reefer madness
  • Update: campaign committee, PAC and political party accounts
  • More on the Beneficial Ownership Rule
  • Policies – Part 2
  • EGRRCPA and HMDA
  • AML/BSA Q&As

Reefer madness

By Pauli Loeffler

Even before State Question 788 passed, we received a lot of questions about banking marijuana related businesses (“MRBs”) mostly dealing with businesses selling CBD (short for “cannabidiol”) oil, and medical marijuana (“MMJ”) will shortly be available by prescription.

CBD Oil. Many banks are dealing with customers selling THC-free (no THC detectable) CBD for which no prescription is needed. The customer who markets THC-free CBD needs to ensure that the product sold has been independently tested, and the test results to show it is THC-free, to be legal.

What makes all this so complicated is that the cannabis sativa plant produces numerous compounds including THC (“tetrahydrocannabinol” – the psychoactive compound) which causes the high as well as CBD (non-psychoactive). In other words, the plant used to produce hemp (used for rope, cloth, etc.) is the same plant used to produce medical marijuana. Plants whether grown for hemp or marijuana contain both THC and CDB, but the difference is hemp legally grown by a licensed grower can only have a very low concentration of THC when tested (.3% in Colorado – in fact one hemp grower’s entire crop had to be destroyed when it exceeded the limit). On the other hand, medical (and recreational) marijuana is cultivated for high THC of 12% or higher. The sticky part is whether THC-free CBD is “marijuana related,” and if so whether this is marijuana related business. This is something the bank needs to ask its examiner.

Other issues concern the FDA and the FTC. The FDA’s interest is that CBD is not marketed as a drug without preapproval, that is, not offered and intended to diagnosis, cure, mitigate, treat, or prevent disease. The FTC is interested in truthfulness of claims regarding health benefits made without competent and reliable scientific testing as well as deceptive advertising. Both the FDA and the FTC can freeze and take assets of the marketers.

An additional complication which applies not only to CBD oil retailers (if such customers are MRBs) but also to MMJ growers and dispensaries is the fact that, although FinCEN issued guidance regarding MRBs, the guidance was based on the Department of Justice’s Cole Memo which was rescinded in January this year, so there is some question whether the guidance is still valid. You will want to read these two articles:

https://www.dorsey.com/newsresources/publications/client-alerts/2018/01/fincen-guidance-on-banking-marijuana

https://www.banklawmonitor.com/2018/02/update-doj-rescinds-the-cole-memo-fincen-guidance-still-in-effect-for-now/

I would also add that I’ve seen a display of CBD oil at the WalMart checkout counter and elsewhere. It is quite possible that several of your current customers are also selling it.

There is one more consideration:  If the customer is selling the product online, there may be the additional problem of charge-backs. I am aware of a consumer’s ACH to purchase CDB oil being denied for risk by the processor.

MMJ. Mary Beth is in the planning stage to present some sessions for the OBA on what may be done and under what conditions, as well as what cannot be done. Hopefully, these plans will be solidified soon and on the OBA calendar.

At this point, the bank has to make a policy decision on whether or not to bank MRBs. At the end of the day, the federal laws prohibit banking an illegal business. There are proposed rules for licensing growers, processors, dispensaries, transporters, and patients. All growers, processors, and dispensaries must register with the Oklahoma Bureau of Narcotics and Dangerous Drugs. The Final Draft of the Rules can be found here. The Rules are 76 pages long and are slated for a vote by the board of the Oklahoma State Department of Health (“OSDH”) on July 10, 2018, which will be live-streamed. Once the Rules are approved, applications will be available July 26, 2018 (see FAQs). OSDH will not accept or process applications until August 25, 2018. The OSDH will respond to all applicants within 14 days on the denial or approval of the completed application packets.

One thing to keep in mind is dispensaries are cash intensive and will generally have ATMs on the premises.

 

Update: campaign committee, PAC and political party accounts

By Pauli Loeffler

Although I covered this topic in the May 2016 OBA Legal Briefs, since we are getting numerous calls and emails, I am taking this opportunity to reiterate a couple of points and provide an update on a rule change that has occurred.

All accounts need an EIN.  A recurring question we receive is whether the candidate’s social security number can be used as the tax identification number on the account. The answer is:  No! An EIN is required.  If a candidate shows up saying otherwise or directs the banker setting up the account to the Q&A  on the Oklahoma Ethics Commission’s (OEC’s) webpage, the customer and the banker might believe otherwise.

While it is true that the OEC does not require an EIN, the IRS has the final word:

Political parties; campaign committees for candidates for federal, state or local office; and political action committees are all political organizations subject to tax under IRC section 527…

A political organization must have its own employer identification number (EIN), even if it does not have any employees.

Authorized signers/debit cards. There was a change in Rule 2.95 Campaign Depository Account Requirements, effective May 26, 2017. 

Rule 2.95. Campaign Depository Account Requirements.

Every candidate committee, political action committee and political party committee shall maintain a campaign account in each campaign depository in the name of the committee as it is registered with the Commission. All contributions to a committee except in-kind contributions, including contributions by a candidate to his or her candidate committee, shall be deposited in a campaign account. All expenditures made by a committee shall be made on a check or by debit card, signed by the candidate, Treasurer or Deputy Treasurer of a candidate committee and by the Treasurer or Deputy Treasurer of a political action committee. Provided, however, a candidate may authorize other individuals to sign checks or debit cards for the candidate’s committee; however, the candidate, the Treasurer and Deputy Treasurer shall remain responsible for the lawful expenditure of committee funds. Checks for a political action committee shall include the identification number of the committee assigned by the Commission. A campaign account may earn interest paid by the financial institution in which the account is maintained, but campaign funds shall not be invested in any other way. Contributions from corporations, labor unions, a limited liability company that has one or more corporate members or a partnership that has one or more corporate partners shall not be commingled with other contributions made to a candidate committee, a limited committee or a political party committee.

 

More on the Beneficial Ownership Rule

By John S. Burnett

To follow up on May’s Legal Briefs, here is some additional important information on FinCEN’s Beneficial Ownership requirements.

FinCEN’s temporary ‘exceptive’ relief

Bankers across the country must have grabbed FinCEN’s attention, somehow, about automatic rollover CD and loan renewals, because just days after the May 11 “applicability” date for FinCEN’s Beneficial Ownership Requirements rules, the agency issued “temporary limited exceptive relief” in the form of a 90-day delay (from May 11 until August 9. 2018) in the applicability date for certificate of deposit and loan accounts that automatically roll over or renew, established before May 11. In its Ruling FIN-2018-R002 (https://www.fincen.gov/sites/default/files/2018-05/FinCEN%20Ruling%20CD%20and%20Loan%20Rollover%20Relief_FINAL%20508-revised.pdf}, FinCEN said that, during the delay, it would determine “whether and to what extent additional exceptive relief may be appropriate” for such accounts.

I am not aware of any loan services or products that automatically renew. As a practical matter, then, FinCEN’s exceptive relief really only applies to auto-rollover CD accounts. You should be obtaining certifications of beneficial ownership in connection with loan renewals. Those certifications should include the statement by the legal entity that it will notify the bank in the event of any change in the ownership information they are certifying. That will allow future renewals of that loan only without recertification.

You should assume that there will be no extension of the exceptive relief, or additional relief forthcoming, and continue to press legal entities with CD accounts to provide you with certifications of beneficial ownership in advance of their next maturity date that falls on or after August 9. You also should obtain with each of those certifications the legal entity’s statement that it will notify the bank if any of the information in the certification changes.

Most importantly, remember that the agreement to notify the bank in the event of a change in beneficial ownership information only applies to the specific CD or loan in connection with which you obtained it. It does not apply to other CDs or loans of that entity customer. It also does not apply to any new CDs opened by, or extensions of credit made to, those entity customers. You still must obtain a certificate (with the agreement to notify the bank) for each new CD account (new money) or new extension of credit (non-renewal).

Entity as trustee of owner

In May’s discussion, you saw that, when a trust is the beneficial owner of the legal entity customer, the individual trustee is to be identified as the beneficial owner (his/her name (labeled as “trustee” if possible), address, DOB and SSN or other identifying number), and if there are co-trustees or multiple trustees, identify only one of them. But what if the trustee is an entity, such as a bank trust department or a law firm? Question 20 in the April 3, 2018, FAQs informs us that when a trust owns 25% or more of the legal entity customer, “the beneficial owner for purposes of the ownership prong is the trustee, regardless of whether the trustee is a natural person or a legal entity,” but … “where a natural person does not exist for purposes of the ownership prong, a natural person would not be identified.” Since only natural persons are to be identified as beneficial owners, no individual should be identified as the owner of the trust’s “piece” of the legal entity customer. You do, however, have to obtain the name of a control-prong individual for the legal entity customer.

Estates as customers

Do you need to obtain beneficial ownership information for a decedent’s estate? What happens if 25% or more of a legal entity customer is owned by the estate of a deceased individual? Is the personal representative of the estate identified as the beneficial owner? Are the heirs in the will also beneficial owners? Those are all questions we’ve received concerning the Beneficial Ownership rule.

Those questions are great examples of a need to go back to the definitions in the regulation. In these questions, there is an evident misunderstanding of what a “legal entity customer” is. Apparently, there is confusion between a need to probate an estate via the state’s court system and the filing of documents with the Secretary of State (or similar office) to form a legal entity. Those are two entirely different and separate processes. One is a beginning; the other, an ending.

A decedent’s estate is not a legal entity customer under the Beneficial Ownership rule. So, if you are opening an account for an estate, rule simply won’t apply.

Estate as owner of a legal entity customer

If John Jones is the 100% beneficial owner of Jones & Sons, Inc., on June 10, and dies on June 15, on June 16 John Jones’s estate will be the beneficial owner (for the ownership prong) if your bank has to renew a loan to Jones & Sons, Inc., pending settlement of the estate. Following the example of a trust as owner previously discussed, the estate’s personal representative should be listed as the beneficial owner. There will also be a control prong individual, who may or may not be the personal representative, depending on whether the company continues to operate.

If ownership of Jones & Sons, Inc., is transferred from the estate to James Jones and John Jones Jr. when the estate is settled, they then become the beneficial owners of the business, but not until they actually have ownership of the company (when the corporate stock is transferred from the estate to them).

 

Policies – Part 2

By Andy Zavoina

In Part 1 of this article (May 2018 Legal Briefs), I discussed how important policies and procedures can be by using the pending Department of Justice suit against a southern California auto dealer to illustrate what can happen when you fail to have a key policy and procedures to implement it.

In Part 2, I’ll discuss a list of key bank policies and some basics on writing and maintaining them.

Policies lists

A policies list should include those technically required, and those that the bank has determined it needs based on the business it does. There is no “one size fits all” listing of policies because policies should be based on the products and services offered, the volume of each and the clientele of the bank.

Banking agencies do not have detailed lists of the policies actually required to operate a bank. I do have a list of policies the Office of the Comptroller of the Currency (OCC) requires of a de novo bank plus new additions created by new and revised laws. This should be an excellent starter document to compare against a list of policies your bank has.

  1. Lending
  2. Funds Management, Investment Securities, & Interest Rate Risk
  3. Fiduciary (Trust banks)
  4. Capital
  5. Internal/External audits
  6. Insider Activities (Reg O) *
  7. Compliance Program *
  8. Branch Closing *
  9. BSA (AML/CDD/EDD/CIP, including beneficial ownership) *
  10. Securities Transactions (for Broker-Dealers)
  11. Board Supervision
  12. Disaster Recovery *
  13. Privacy and Security *
  14. SAFE policy (see 12 CFR 1007.104) *
  15. FCRA (see 12 CFR 1022.42(a)-(c) and App E integrity of info) *
  16. FCRA (see 12 CFR 1022.82(c) (address discrepancies) *
  17. RESPA (see 12 CFR 1024.38(a) – requires reasonable policies and procedures) *

An “*” indicates a policy Compliance is often involved in. Newer requirements include a citation.

Writing and maintaining policies

Policies are often written by bank staff, reviewed by management and approved by the bank’s board. A policy should be succinct as it is broad and provides general guidance on the bank’s requirements. A procedural document on the other hand is very detailed, describes finite steps the bank requires to comply with the policy and is approved by management because it may change more frequently than a policy. In the end both documents must be employed throughout the bank and each improves decision making and answers common questions.

A common question on policies is how to keep them current and how often they need to be updated and approved. I recommend coordinating with the entire bank, Lending, Operations, Finance, Marketing, Compliance, etc. One person should be a Point of Contact (POC) for all of these policies but that does not make this person responsible for each. Create a list and include information such as the policy name, responsible department, the senior manager over the department and therefore the policy, and the date it was last updated. Break the list down so that at the board’s request, these are presented annually, semiannually, quarterly or monthly by dividing the policy count by the periods available for review.

If there is a new policy requirement or a revision such as the beneficial ownership rules added to the Bank Secrecy Act, those must be approved to implement the policy revisions as soon as possible. All others should be reviewed annually, even if the implementing rule or regulation has not changed. This is because the board needs an opportunity to revisit them and ensure that each is still guiding the bank in the direction the board wants to go.

The POC with the master list should be able to schedule the policies for review and inform the responsible areas a few months in advance that a policy they are responsible for will be reaffirmed at board meeting on a scheduled date. They should be updated as needed so that at least a month in advance the board can be advised which polices they will see at their next meeting, specified by date. If the bank has an intranet or other media to provide copies electronically, use that or indicate where and when copies will be available for review in advance of the meeting. In either case, contact information for a person knowledgeable about the policy should be listed in case the director has any questions. Then on the meeting date, the vote on the policy is fast and simple although it is advised that the knowledgeable persons on the policies being reaffirmed be available for last minute questions from board members.

 

EGRRCPA and HMDA

By John Burnett

With enactment (as Public Law 215-174) of the Economic Growth, Regulatory Relief, and Consumer Protection Act, formerly known as S. 2155, we received the expected flurry of questions about what section 104 of the Act (Home Mortgage Disclosure Act Adjustment and Study) means for smaller-volume HMDA filers.

The Bureau, FDIC and OCC have issued some preliminary guidance information on the impact of section 104 on HMDA filing. If your bank is a HMDA reporter and you think it meets the criteria for the partial filing exemption in Section 104 for small reporters (originated fewer than 500 closed-end loans or fewer than 500 open-end loans in each of the two preceding calendar years, and didn’t receive a rating of “needs to improve” in its two most recent CRA evaluations or a rating of “substantial noncompliance” in its more recent CRA evaluation), don’t change what you’ve been doing, yet.

Section 104 provides a partial exemption to qualified financial institutions (see previous paragraph), allowing them to omit from their filings SOME of the data fields that were added to HMDA filing requirements under Regulation C beginning with 2018 data filed in 2019. Exactly what that means for HMDA filers isn’t crystal clear yet, but here’s what we do know, based on the guidance from the Bureau, FDIC and OCC:

  1. There will be no change in the LAR format for data collected in 2018. The same data fields will be filled by filers who are not affected by section 104 and those who receive the partial exemption.
  2. Filers with the partial exemption will enter an “exemption code” for the affected fields.
  3. The exemption code and the affected fields will be specified in a revised Filing Instructions Guide (FIG) that the Bureau expects to release later this summer.
  4. All LARs use the same HMDA platform. A beta version of the HMDA platform for submission of 2018 data will be available later this year for filers to test.
  5. Banking agencies have said they will not require resubmission of 2018 data reported in 2019 unless there are material errors, and that they don’t anticipate penalties for errors on 2018 data as long as there is a good faith effort to comply.

What you should be doing now

First, go back to the start of this article to find the criteria that qualify a “small reporter.” Check your origination numbers for closed-end and open-end HMDA-subject loans and dig out your two most recent CRA evaluation ratings. If you qualify as a small reporter, start talking with your vendor for the software you use to create your LARs for submission to find out what plans it has, if any, to make the change-over as easy as possible (even positive changes take effort). And keep your eyes peeled for the promised updated Filing Instructions Guide, due later this summer.

AML/BSA Q&As

By Paul Loeffler

We get a lot of emails on a variety of topics at compliance@oba.com. This month, we are going to share some touching on the Anti-Money Laundering/Bank Secrecy Act.

CTRs

Q. We received cash from a law firm that deposited $12,500; $10,000 went into the operating account and $2,500 into the IOLTA account. Do we need to ask the law firm for information on who the $2,500 benefited, or are we ok since it is under $10,000?

A. You report both deposits because they are conducted by the same individual (and because they are both conducted on behalf of the law firm). Because you have to report the IOLTA deposit, you must report the person on whose behalf it was completed. There are two such persons: the law firm and the law firm’s client.

Q. We have a new DBA account that has filed for a fictitious registration in Oklahoma with an Oklahoma address. The parent entity is organized in Texas. Do we use the Texas information and address for the parent, the Oklahoma address and the Oklahoma Secretary of State filing number for the fictitious name?

A. If you are asking about item 20 (source used to verify identity), use the Texas documents because you are reporting on a Texas entity.

Q. How do you complete CTR in the following scenario?

Customer withdraws 10,000 at teller, $140 at bank owned ATM, and  $140+$3 fee at foreign ATM.

Do you include the Foreign ATM amount? If so, do you add a second location page with the $143 on the cash out in item #42?

A. Since you know about it, you file on it. Add a second location page with the foreign ATM, showing a withdrawal of $140 (the $3 was a fee, and s/he didn’t get it in cash).

Q. Do we need to list the beneficiary as the name of the revocable trust (the account name) with the trustee as the conductor? Both have the conductor and the trust use the same Tax Identification Number. The bank’s processor will not allow us to use both.

A. If the trustee is the grantor, the transaction really only benefited the trustee as an individual. I would ignore the trust altogether.

Q. We have a County Inmate Trust account (the County deputies bring in the cash, and we had a cash transaction that triggered the teller to do a CTR. The Tax Identification Number for the account is for the County Treasurer. We think this would be exempt from CTR reporting but just wanting to make sure.

A. The account is held by an exempt “person,” a unit of local government. However, the title of the account suggests that the cash was being deposited on behalf of individuals (inmates). If more than $10,000 in cash was deposited on behalf of any one or more individuals, you would file and include information on those individuals.

Q. With the new CTR form, it is required to show the amount of cash transacted at each branch. I have a situation that cash transactions at foreign ATMs done on the same day which require a CTR. My question is how and where should I show the cash on the locations since they were not done at our bank owned ATMs?  I included it in the bottom section as cash out but received an error saying branch totals had to equal total amount of cash out.  I hope this makes since.

A. Completing the Part III (Transaction Location) portion of a CTR involving a foreign ATM (I assume you refer to an ATM not owned by your bank, not an ATM outside the U.S.) is something that FinCEN is decidedly unhelpful with. A good friend who sent FinCEN an email with detailed questions about such an ATM transaction got a voice mail that didn’t offer much guidance other than “you should be able to get this information.”

Here’s what I suggest:

Item 38 – If the ATM is a bank ATM, select depository institution. If it’s not a bank ATM or if you don’t know who owns/operates it, select “Other” and insert “Non-bank ATM” in the “Other (specify): field

Item 29 – If it’s a bank and you know who its regulator is, select it. Otherwise, use “Unknown”

Item 38 – No entry

Item 30 – Insert what you know about the name of the ATM owner/operator, whether it’s a bank or not

Item 32 – Check the unknown box

Items 32 – 35 – Address of the ATM from your transaction info

Item 36 – Look up the ZIP Code on the USPS website. Use only five digits.

Item 37 – Select the USA or territory name. There is no instruction for completing this field if the ATM is outside the US and territories.

Item 40 – No entry

If you can’t complete the CTR with that information, contact FinCEN for guidance.

SARs

Q. We received a multi-county Grand Jury Subpoena with a list of documents including any Suspicious Activity Reports filed. I know we must comply with the Right to Financial Privacy Act both Federal and State. However, our legal counsel found the following information, which I’ve never seen before, below. There are no SARs for this particular customer, but would you recommend I notify the FDIC about the request?

12 CFR §353.  Reports and Records.

(g)  Confidentiality of suspicious activity reports. Suspicious activity reports are confidential. Any bank subpoenaed or otherwise          requested to disclose a suspicious activity report or the information contained in a suspicious activity report shall decline to produce the suspicious activity report or to provide any information that would disclose that a suspicious activity report has been prepared or filed citing this part, applicable law (e.g., 31 U.S.C. 5318(g)), or both, and notify the appropriate FDIC regional office (Division of Supervision and Consumer Protection (DSC)).

A. I do suggest that you notify the FDIC. They may want to remind the issuing district attorney of 31 U.S.C. 5318(g). In your answer to the subpoena, you can simply answer that the bank has not filed any SARs on the target of the subpoena.

If, as you research for the subpoena, you identify activity in your customer’s accounts that you believe to be suspicious, you may decide to file a SAR after responding to the subpoena. Make certain that you do not mention the subpoena in the SAR.

Q. I have a customer that is bringing in checks written on the same date and in consecutive number order all written under $8,000.00 from a local business. This structuring is avoiding CTRs. The question is should I file the report on both the business and the customer together in one SAR or should it be two separate SARs?

A. The pattern of this activity certainly looks like structuring. If your customer is cashing the checks, you would, of course, be filing CTRs when appropriate. But if your customer is scheduling the cashing of the checks so that no more than one check is cashed each business day, it really looks suspect.

This is all part of one pattern of activity, regardless of the “players.” It would be more helpful to law enforcement — should they choose to follow up — if you pack this into a single report so that both parties are identified, even if one isn’t mentioned until the narrative.

June 2018 OBA Legal Briefs

• Deregulation is a reality
• Consumer loan dollar amounts adjust July 1

Deregulation is a reality

By Andy Zavoina

On May 24, 2018, President Trump signed into law, the “Economic Growth, Regulatory Relief and Consumer Protection Act” (the “Regulatory Relief Act,” P. Law 115-174, formerly S. 2155). It eases some of the regulatory restrictions imposed since the financial crisis and by the Dodd-Frank Act. It was written to assist small and medium sized banks, but it’s not all news of deregulation as it also brings back and makes permanent some other requirements. This article will provide an overview of what the Regulatory Relief Act will do for compliance and why it should be reviewed for your compliance management planning.

The Act is broken into six sections, or Titles, dedicated to separate topics — mortgage credit, access to credit, protections for veterans, consumers and homeowners, holding companies, capital, and student borrowers. This article will highlight changes important to compliance and generally discuss other areas so that for change management it can more easily be determined who in the bank needs to provide attention to them. Several sections not relating to banks are omitted in this overview.

Different sections will have different implementation dates. Some changes were effective upon enactment while others have scheduled dates and still others will require action from regulatory agencies and new rules. Of the sections with effective dates, the delays range from 30 days to 18 months or more. It’s important to note that just because a change is effective now, it may not be necessary (or even possible) to change a policy or procedure until the regulatory agencies publish new rules or modify existing ones.

Title I comprises nine sections designed to amend laws that are believed to have hampered mortgage loan production and reduced the availability of mortgages to consumers.

Section 101 effectively creates a new qualified mortgage option for banks with assets of less than $10 billion that originate and hold the mortgage in its portfolio, and consider and document the borrower’s qualifications including income, debts, and other financial resources available. The Ability to Repay analysis need not include Reg Z’s Appendix Q. Terms of the mortgage must comply with requirements pertaining to prepayment penalties and fees, and there could be no negative amortization or interest-only terms.  Such a mortgage, if later sold, must be transferred to a similarly qualified lender or it will lose its status under this qualified mortgage option.

Section 102 — [Omitted]

Section 103 amends FIRREA to exempt loans under $400,000 from general requirements for independent home appraisals in rural areas where the bank has contacted three state-licensed or -certified appraisers who could not complete an appraisal in a reasonable amount of time. Without an appraisal, the ability to sell a loan would be restricted.

Section 104 amends HMDA so that banks originating fewer than 500 closed-end mortgages and fewer than 500 open-end mortgages in each of the last two years and Satisfactory or better CRA ratings will submit data under something similar to pre-2018 rules. This section is effective immediately but will still require CFPB action because we don’t know if the reporting change is retroactive to the first of the year, or how the change will be implemented.

Section 105 –allows a credit union to extend a member business loan with respect to a one- to four-family dwelling, regardless of whether the dwelling is the member’s primary residence. The NCUA has already amended its rules to implement this change.

Section 106 amends the SAFE Act to allow certain state-licensed mortgage loan originators licensed in one state to temporarily work in another state while waiting for approval in that new state.  MLOs who move from a bank where licensing was not required to a nondepository institution (where they do need to be state licensed) get a grace period to complete the necessary licensing. This section is effective in November 2019, 18 months after enactment.

Section 107 — [Omitted]

Section 108 – Banks with assets of less than $10 billion and which made 1,000 or fewer first lien mortgages annually on principal dwellings will be exempt from TILAs escrow requirements. This change requires a Bureau Regulation Z amendment before it’s effective.

Section 109 – Current TRID rules require a three-day waiting period between the delivery of the Closing Disclosures and the actual closing. If a redisclosure is required, the three-day period may have to restart. Reg Z will be amended to  allow a waiver of this period if the APR is decreasing due to a second offer of credit from the lender.

Title II has 17 sections and focuses on regulatory relief for community banks and increasing access to credit for their customers. Many of these provisions are based on reducing or creating thresholds that are favorable to smaller banks.

Section 201 will provide community banks a less complex capital and leverage regime.

Section 202 amends the Federal Deposit Insurance Act to exclude reciprocal deposits of an insured depository institution from certain limitations on prohibited broker deposits within specified limits. This change will allow smaller banks previously hampered by FDIC premiums to compete with larger banks for larger deposit accounts.

Section 203 amends the Bank Holding Company Act to exempt community banks from the “Volcker Rule,” which prohibits banking agencies from engaging in proprietary trading or entering into certain relationships with hedge funds and private-equity funds. The exemption is for banks with less than $10 billion in assets, and trading assets and liabilities of not more than 5% of total assets.

Section 204 eases Volcker Rule restrictions on entity name sharing in specified circumstances.

Section 205 will allow depository institutions with less than $5 billion in assets to satisfy reporting requirements with a shorter or simplified Call Report for the first and third quarters of each year.

Section 206 will permit federal savings associations with assets under $20 billion to operate under the OCC with the same rights and duties as national banks, without requiring a change in charter. OCC regulations will be required to complete this change.

Section 207 Increases the threshold separating small bank and savings and loan holding companies for supervisory purposes from $1 billion to $3 billion in the Fed’s “Small Bank Holding Company and Savings and Loan Holding Company Policy Statement.”

Section 208 will include American Samoa, the Commonwealth of the Northern Mariana Islands, and Guam in the definition of “State” in the Expedited Funds Availability Act. Reg CC’s one-day extension for certain deposits in noncontiguous states or territories will also apply to these territories. Effective 30 days after enactment, or June 23, 2018.

Section 209 — [Omitted]

Section 210 raises the asset threshold from $1 billion to $3 billion allowing more banks to be eligible for an 18-month examination cycle. Regulators will have to determine if qualified banks already scheduled for an exam under the 12-month cycle will be rescheduled for the longer 18 months.

Section 211 — [Omitted]

Section 212 — [Omitted]

Section 213 permits banks to use a scan of, make a copy of, or receive the image of a driver’s license or identification card in connection with new accounts established via the Internet. (It is not immediately clear if this authority allows a military identification card to be copied.)

Section 214 allows a bank to classify certain commercial credit facilities that finance the acquisition, development, or construction of commercial properties as regular commercial real estate exposures instead of high volatility commercial real estate (HVCRE) exposures for risk-weighted capital requirement calculations, and limits the federal banking agencies’ ability to impose higher capital standards with respect to HVCRE exposure.

Section 215 requires the Social Security Administration (SSA) to develop a database for verification of consumer information upon request by a certified financial institution.  Verifications will be provided only with the consumer’s consent (electronic signatures permitted) and in connection with a credit transaction or other circumstance under FCRA § 604. Users of the database shall pay system costs as determined by the SSA.

Section 216 – Treasury will report on the risks of cyber threats to banks and capital markets.

Section 217 – The Federal Reserve Act will be amended to lower the maximum allowable amount of surplus funds of the Federal Reserve banks.

Title III will impact the credit reporting industry and access to credit especially by servicemembers, veterans, students and those borrowing for energy efficiency projects.

Section 301 will increase the length of time a consumer reporting agency must (under FCRA) include a fraud alert in a credit file from the current 90 days to at least one year.

It will also require consumer reporting agencies to provide a consumer with free credit freezes and to notify them of this availability. Also creates requirements related to the protection of the credit records of minors.  This section is effective 120 days after enactment, or September 21, 2018.

Section 302 will require that medical debt may not be included in a veteran’s credit report until one year has passed from when the medical service was provided. It also provides enhanced abilities for veterans to dispute medical debts to be covered by VA. It also requires credit reporting agencies to provide free credit monitoring to active duty military members that would alert them to material changes in their credit scores. This section is effective one year after enactment, or May 24, 2019.

Section 303 will provide immunity from liability to appropriately trained individuals at banks who, in good faith and with reasonable care, disclose suspected financial exploitation of a senior citizen to a regulatory or law-enforcement agency. The bank will not be liable with respect to the disclosures made. Training is required before immunity is provided; the bank may provide that training.

Section 304 repeals the sunset provision of the Protecting Tenants at Foreclosure Act (which expired 12/31/2014), restoring notification requirements and other protections related to the eviction of renters in certain foreclosed properties. Effective 30 days after enactment, or June 23, 2018.

Section 305 — [Omitted]

Section 306 – [Omitted]

Section 307 – The CFPB must extend ability-to-repay regulations to Property Assessed Clean Energy (PACE) loans, which retrofit homes for energy efficiency but are often financed at high interest rates.

Section 308 – [Omitted]

Section 309 is intended to enhance consumer protections for veterans. The VA may not guarantee a refinanced home loan, unless a specified minimum time period has passed (210 days after the existing loan’s first payment, and the date the sixth payment is made) between the original loan and the refinancing. The borrower must to be able to “recoup” upfront fees in the form of lower monthly payments within 36 months. The new interest rate must be a certain minimum level below the rate of the original loan and the lender would have to provide the borrower with a net tangible benefit test showing how that the borrower would benefit from the refinancing. This section is effective as of enactment although the VA has 180 days to write implementing regulations.

Section 310 affects the use by FNMA and Freddie Mac of credit scores as a condition for purchase of a mortgage. This section is effective 180 days after enactment, or November 20, 2018.

Section 311 – The GAO is directed to report on foreclosures, homeownership, and mortgage defaults in Puerto Rico before and after Hurricane Maria.

Section 312 – [Omitted].

Section 313 – The one-year grace period during which a servicemember is protected from foreclosure after leaving military service is made permanent in the Servicemembers Civil Relief Act (SCRA).

Title IV is targeted at large banks and addresses changes in Bank Holding Company (BHC) rules.

Section 401 – The Financial Stability Act of 2010, is amended with respect to nonbank financial companies supervised by the FRB and certain bank holding companies, to:

  • increase the asset threshold at which certain enhanced prudential standards shall apply, from $50 billion to $250 billion, while allowing the FRB discretion in determining whether a financial institution with assets equal or greater than $100 billion must be subject to such standards;
  • increase the asset threshold at which company-run stress tests are required, from $10 billion to $250 billion;
  • and increase the asset threshold for mandatory risk committees, from $10 billion to $50 billion.

This section is effective 18 months after enactment, or November 2019.

Section 402 requires the appropriate federal banking agencies to exclude, for purposes of calculating a custodial bank’s supplementary leverage ratio, funds of a custodial bank that are deposited with a central bank. The amount of such funds may not exceed the total value of deposits of the custodial bank linked to fiduciary or custodial and safekeeping accounts.

Section 403 – The Federal Deposit Insurance Act will now require certain municipal obligations to be treated as level 2B liquid assets if they are investment grade, liquid, and readily marketable. Under current law, corporate debt securities and publicly traded common-equity shares, but not municipal obligations, may be treated as level 2B liquid assets (which are considered to be high-quality assets).

Title V addresses capital formation. It is omitted from this overview.

Title VI provides protections for student borrowers.

Section 601 amends TILA (and Reg Z) to revise provisions relating to cosigners of private student loans. Specifically, this prohibits a creditor from declaring a default or accelerating the debt of a private student loan on the sole basis of the death or bankruptcy of a cosigner to such a loan and directs loan holders to release cosigners from any obligation upon the death of the student borrower. (This makes private student loans more like federal student loans.) Affects loan agreements entered into on or after November 20, 2018.

Section 602 – The FCRA will allow a person to request the removal of a previously reported default regarding a private education loan from a consumer report if the lender chooses to offer a loan-rehabilitation program that requires a number of consecutive on-time monthly payments demonstrating renewed ability and willingness to repay the loan, and the consumer meets those requirements. A consumer may obtain such rehabilitation benefits only once per loan.

Section 603 – The Financial Literacy and Education Commission will establish best practices for teaching financial literacy skills at institutions of higher education.

Consumer loan dollar amounts adjust July 1

By Pauli D. Loeffler

Sec. 1-106 of the Oklahoma Uniform Consumer Credit Code  in Title 14A (the “U3C”) makes certain dollar limits subject to change when there are changes in the U.S. Consumer Price Index for Urban Wage Earners and Clerical Workers.   You can download and print the notification from the Oklahoma Department of Consumer Credit by clicking here.  You will also be able to access it on the OBA’s Legal Links page under Resources once you create an account with the OBA. In fact, you can access the Oklahoma Consumer Credit Code as well as the changes in dollar amounts for prior years from that webpage.

Increased Late Fee

The maximum late fee that may be assessed on a consumer loan is the greater of (a) five percent of the unpaid amount of the installment or (b) the dollar amount provided by rule of the Administrator for this section pursuant to § 1-106. As of July 1, 2018, the amount provided under (b) will increase by $.50 to $25.50.

Late fees for consumer loans must be disclosed under both the UC3 and Reg Z. In order for a bank to be able to impose any late fee, the consumer must agree to it in writing. Any time a loan is originated, deferred or renewed, the bank is given the opportunity to obtain the borrower’s consent in writing to the new $25.50 portion of the late-fee formula.  However, if a loan is already outstanding and is not being modified or renewed, a bank has no way to increase the amount of late fee that the consumer has previously agreed to pay a set amount in the loan agreement.

On the other hand, the bank may take advantage of an increase in the dollar amount for late fees if the late-fee disclosure is worded properly, such as:

“If any installment is not paid in full within ten (10) days after its scheduled due date, a late fee in an amount which is the greater of five percent (5%) of the unpaid amount of the payment or the maximum dollar amount established by rule of the Consumer Credit Administrator from time to time may be imposed.”

3-508B Loans

Some banks make small consumer loans based on a special finance-charge method that combines an initial “acquisition charge” with monthly “installment account handling charges,” rather than using the provisions of § 3-508A with regard to maximum annual percentage rate. Section 3-508A contains provisions for a “blended” rate by tier amounts under (1)(a) as well as the alternative of using a flat 25% APR under (1)(b). § 3-508A is NOT subject to annual adjustment without statutory amendment.

The permitted principal amounts for § 3-508B was $1,500.00 but is adjusting to $1,530.00 for loans consummated on and after July 1, 2018.

Section 3-508B provides an alternative method of imposing a finance charge to that provided for § 3-508A loans. NOTE: The section prohibits the imposition of additional fees. No insurance charges, application fees, documentation fees, processing fees, returned check fees, credit bureau fees, or any other kind of fee is allowed  other than late or deferral fees. Further, no credit insurance can be sold in connection with in § 3-508B loans.  If a lender wants or needs to sell credit insurance or to impose other normal loan charges in connection with a loan, it will have to use § 3-508A instead.  The bank must also take into consideration that existing loans made under § 3-508B cannot be refinanced as or consolidated with § 3-508A loans, or vice versa.

As indicated above, § 3-508B can be utilized only for loans not exceeding a certain dollar amount which will be $1,530.00 on July 1. Further, substantially equal monthly payments are required. § 3-508B is a difficult statute to parse and understand, and I hope to make it understandable, but I have to re-educate myself annually.

The first scheduled payment cannot be due less than one calendar month after the loan is made, and subsequent installments due at not less than 30 day intervals thereafter. The minimum term for loans is 60 days (so far, so good). The maximum number of installments allowed is 18 months calculated based on the loan amount as 1 month for each $10.00 for loan amounts between $152.64 and $357.00 and $20 for loan amounts $357.01 – $1,530.00. Here is a slightly modified version of the statute that you may enable a better understanding of these math intensive loans:

(1) On loans having a principal of $1,530.00 or less, a supervised lender (banks and licensed lenders) may charge in lieu of the loan finance charges specified in Section 3-508A, the following amounts:

(a) on any amount up to and including 152.95, a charge may be added at the ratio of $5.10 for each $25.50 of principal;

(b) on any loan in an amount in excess of $152.96 up to and including the amount of $178.50, there shall be allowed an acquisition charge for making the loan not in excess of one-tenth (1/10) of the amount of the principal. In addition thereto, an installment account handling charge shall be allowed not to exceed $15.30 per month;

(c) on any loan of an amount in excess of $178.51 but not more than $375.00, there shall be allowed an acquisition charge for making the loan not in excess of one-tenth (1/10) of the amount of the principal. In addition thereto, an installment account handling charge shall be allowed not to exceed $17.85 per month;

(d) on any loan of an amount in excess of $375.01 but not in excess of $510.00, there shall be allowed an acquisition charge for making the loan, not in excess of one-tenth (1/10) of the amount of the principal. In addition thereto, an installment account handling charge shall be allowed not to exceed $20.40 per month.

(e) on any loan in an amount in excess $510.01 of up to and including the amount of $765.00, there shall be allowed an acquisition charge for making the loan not in excess of one-tenth (1/10) of the amount of the principal. In addition thereto, an installment account handling charge shall be allowed not to exceed $22.95 per month;

(f) on any loan of an amount in excess of $750.01 but not more than $1,530.00, there shall be allowed an acquisition charge for making the loan not in excess of one-tenth (1/10) of the amount of the principal. In addition thereto, an installment account handling charge shall be allowed not to exceed $25.50;

(2) The maximum term of any loan made under the terms of this section shall be one (1) month for each Ten Dollars ($10.00) of principal up to a maximum term of eighteen (18) months. Provided, however, that under subsections (e) and (f) the maximum terms shall be one (1) month for each Twenty Dollars ($20.00) of principal up to a maximum term of eighteen (18) months.

(3) The minimum term of any loan made under the terms of subsections (b) through (f) of this section shall be no less than sixty (60) days. Any loan made under the terms of this section shall be scheduled to be payable in substantially equal installments at not less than thirty-day intervals, with the first installment to be scheduled to be due not less than one (1) calendar month after the date such loan is made.

(4) Loans made under this section may be refinanced or consolidated according to the provisions of this section, notwithstanding anything in this act to the contrary. When a loan made under this section is refinanced or consolidated, installment account handling charges on the loans being refinanced or consolidated must be rebated pursuant to the provisions regarding rebate on prepayment (Section 3-210 of this title) as of the date of refinancing or consolidation. For the purpose of determining the amount of acquisition and installment account handling charges permitted in relation to the refinancing or the consolidation of loans made under this section, the principal resulting from the refinancing or consolidation is the total of the unpaid balances of the principal of the loans being refinanced or consolidated, plus any new money advanced, and any delinquency or deferral charges if due and unpaid, less any unearned acquisition and installment account handling charges imposed in connection with loans being refinanced or consolidated.

(5) On such loans under this section, no insurance charges or any other charges of any nature whatsoever shall be permitted.

(6) Except as otherwise provided, the acquisition charge authorized herein shall be deemed to be earned at the time a loan is made and shall not be subject to refund. Provided, however, in a loan made under this section which is prepaid in full, refinanced or consolidated within the first sixty (60) days, the acquisition charge under this section will not be fully earned at the time the loan is made, but must be refunded pro rata at the rate of one-sixtieth (1/60) of the acquisition charge for each day from the date of the prepayment, refinancing or consolidation to the sixtieth day of the loan. On the prepayment of any loan under this section, the installment account handling charge shall be subject to the provisions of Section 3-210 of this title as it relates to refunds. Provisions of Section 3-203 of this title as it relates to delinquency charges and Section 3-204 of this title as it relates to deferral charges shall apply to loans made under the section.

Lenders making “508B” loans should be careful and promptly change to the new dollar amount brackets, and the new permissible fees within each bracket on July 1st. Because of peculiarities in how the bracket amounts are adjusted, using a chart with the old rates after June 30 (without shifting to a revised chart) might result in excess charges for certain small loans and violations of the U3C provisions. The Department of Consumer Credit has provided a 3-508B Loan Chart including Refunds in prior years, and there will be a link on the OBA’s “Oklahoma law-related links” page when it is provided.

American Bank Systems (“ABS”) used to annually update its § 3-508B pricing calculator but hasn’t done so since 2015, but since there were no changes in dollar amounts for 2016, it was accurate until July 1, 2017. However, ABS did provide a § 3-508B “Loan Pricing Matrix” for 2017, (link on OBA Legal Link webpage) and hopefully will do so again for 2018. ABS also has provided a § 3-508A “Maximum Annual Percentage Rate Chart” for many years including 2017, and once it is out for 2018, a link will be provided on the OBA Legal Links page for this handy Matrix.

3-511 Loans

I get calls when lenders get a warning from their loan origination systems that a loan may exceed the maximum interest rate, but invariably the banker says the interest rate does not exceed the alternative non-blended 25% rate allowed under 3-508A according to their calculations. Usually, the cause for the red flag on the system is § 3-511, for which loan amounts also adjust annually. Here is the section with the amounts as effective for loans made on and after July 1, 2018, in bold type. The italicized portion of the statute is nearly always the reason for the notification:

Supervised loans, not made pursuant to a revolving loan account, in which the principal loan amount is $5,100.00 or less and the rate of the loan finance charge calculated according to the actuarial method exceeds eighteen percent (18%) on the unpaid balances of the principal, shall be scheduled to be payable in substantially equal installments at equal periodic intervals except to the extent that the schedule of payments is adjusted to the seasonal or irregular income of the debtor; and

(a) over a period of not more than forty-nine (49) months if the principal is more $1,530.00, or

(b) over a period of not more than thirty-seven (37) months if the principal is $1530.00 or less.

Dealer Paper “No Deficiency” Amount

If dealer paper is consumer-purpose and is secured by goods having an original cash price less than a certain dollar amount, and those goods are later repossessed or surrendered, the creditor cannot obtain a deficiency judgment if the collateral sells for less than the balance outstanding. This is covered in Section 5-103(2) of the U3C. This dollar amount was previously $5,000.00 and increases to $5,100.00 on July 1.

May 2018 OBA Legal Briefs

  • Beneficial ownership rules update
  • Policies
  • Appraisals

Beneficial ownership rules update

By John S. Burnett

By the time you read this, the May 11, 2018, compliance date for FinCEN’s Beneficial Ownership requirements will be only a couple of days away or already have past. As you know by now, FinCEN issued a second set of FAQs on the Beneficial Ownership requirements and the rest of its Customer Due Diligence rule on April 3. And, as the compliance date looms closer and closer, the number of questions that we have fielded on the rule has grown ever larger.

In this article, I will address some of the questions we have handled most often, from Oklahoma bankers and others.

Under the rule, when a legal entity customer opens a new account on or after May 11, 2018, the bank must obtain from the legal entity customer the names and identity information of up to four beneficial owners of the legal entity and of an individual in control of the entity. The bank then has to verify the identities of those individuals and maintain records of the information supplied by the customer and of the bank’s verification.

To understand the rule, you have to know what types of customer relationships are covered, what constitutes a new account and what the terms “legal entity customer” and “beneficial owner” mean.

Accounts covered

What is an account under the Beneficial Ownership requirements? The list is exactly the same as the list of accounts covered by the Customer Identification Program (CIP) requirements. In fact, rather than provide a separate definition, the Beneficial Ownership rule says to use the definition in § 1020.100(a) of FinCEN’s regulations, which is the definition of account for purposes of the CIP rules.

A formal banking relationship established to provide or engage in services, dealings, or other financial transactions including a deposit account, a transaction or asset account, a credit account, or other extension of credit. Account also includes a relationship established to provide a safety [Sic; should be “safe”] deposit box or other safekeeping services, or cash management, custodian, and trust services.”

There are some exceptions to the definition. If there is no formal banking relationship established, there is no account. So, check cashing, wire transfers and sales of checks or money order aren’t “accounts.” Also excluded are accounts that the bank “acquires through an acquisition, merger, purchase of assets, or assumption of liabilities,” and accounts opened for the purpose of participating in an employee benefit plan under ERISA.

Related question: If your bank purchases a loan to a legal entity customer from an auto dealer, do you need to obtain beneficial ownership information on the legal entity customer?

Answer: It depends. If the dealer is the creditor and you purchased the loan, the transaction qualifies as a “purchase of assets” for exclusion from the definition of “account,” and won’t be subject to the beneficial ownership rules. But if the dealer extends the credit as your agent, the bank is the creditor, the loan transaction is an account under the CIP and beneficial ownership rules, and you will have to obtain a beneficial ownership certification from the legal entity customer.

New account

The beneficial ownership rule doesn’t apply to accounts opened before May 11, 2018 (you may need to obtain beneficial ownership information on some of these pre-existing accounts later). It applies to new accounts on or after May 11. It’s important to understand that FinCEN’s definition of “new account” doesn’t agree with a banker’s perspective. That’s because FinCEN considers loan renewals and renewal of auto-rollover certificates of deposit to be new accounts, too. On the other hand, bankers often refer to an extension of a safe deposit box lease as a renewal, but FinCEN has not said that a lease extension is a new account. That’s because there isn’t really a renewal involved. There is only a periodic payment on an “at will” lease.

If loan renewals and rollovers of CDs are new account events, does your bank need to obtain a new certification of beneficial ownership for each renewal or rollover if the account relationship is with a legal entity customer? Not necessarily! FinCEN created an optional “workaround” that you can use to avoid having to get a new certification with each rollover or renewal. You can have the legal entity customer sign a statement on or with the next certification (or a later certification if you don’t add it to the first certification after May 11) that the legal entity customer agrees to notify your institution if any of the information on the certification changes. That statement will allow that certification to cover the current and all future rollovers/renewals of the CD/loan until the legal entity customer notifies you the information has changed or until your bank has reason to believe that it’s no longer correct.

Without the statement, you will need a new certification of beneficial ownership at each rollover/renewal of the account.

Legal entity customer

The beneficial ownership requirements only apply to a “legal entity customer” as that term is defined in the regulation. A legal entity customer is a—

  • Corporation
  • Limited liability company (LLC)
  • Other entity created by the filing of a public document with a Secretary of State or similar state office, including a business trust, or any similar entity formed under the laws of a foreign jurisdiction
  • General partnership
  • Limited partnership

“Legal entity customer” does not include a sole proprietorship (including a sole proprietorship of spouses, when allowed under state law, who have not formed a partnership), an unincorporated association, or natural persons opening accounts on their own behalf. A trust (other than a statutory or business trust created by a public filing with a Secretary of State or similar office) is also not a legal entity customer.

Excluded entities. There is also a lengthy list of specific exclusions from the definition of legal entity customer in § 1010.230(e)(2) of the regulation. The list includes businesses that are legal entities that are subject to federal or state regulation and information on their beneficial ownership and management is available from federal or state agencies. You should review that section of the regulation for the complete list, but I’m highlighting here three groups in that list, because of the numbers of questions we have received about them.

The first group of excluded entities includes financial institutions regulated by a federal functional regulator (Federal Reserve Board, OCC, FDIC, NCUA, etc.), banks regulated by a state banking regulator, bank holding companies, and savings and loan holding companies.

The second group includes state-regulated insurance companies. These are companies that issue insurance policies, not insurance agencies that sell those policies.

And the third group are “persons” that are exempt from CTR filing requirements under § 1020.315(b)(2) through (5) of FinCEN’s regulations. These are commonly referred to as “phase one” CTR exemptions, which include:

  • Any department or agency of the United States, of any State, or of any political subdivision of any State. This includes federal agencies, a state, the District of Columbia, a tribal government, state agencies, county, city or local government bodies, public school districts, etc.
  • An entity established under federal, state or local law or under an interstate compact between two or more states, that exercises governmental authority
  • Any entity other than a bank whose common stock or other equity interests are listed on the New York Stock Exchange, American Stock Exchange or whose common stock or equity interests have been designated as a Nasdaq National Market Security (with exceptions noted in the rule) and subsidiaries of such entities at least 51% owned by such entities.

If any of the excluded entities opens a new account with your institution, you are not required to obtain beneficial ownership information from them.

Beneficial owner

There are two “prongs” in the regulation’s definition of “beneficial owner,” the ownership prong and the control prong.

Ownership: An individual who owns, directly or indirectly, 25% or more of the equity interest in the legal entity customer. Direct ownership means the individual’s equity interest in the legal entity is not through another entity such as a trust, corporation, LLC, etc. Indirect ownership means that the individual is an owner of an entity that is an owner of the legal entity customer.

Example 1: John Jones, Mary Smith and Harry Comick each own 1/3 of ABC Inc. John, Mary and Harry are direct owners, each with a 33-1/3% interest, and each would be a beneficial owner of ABC Inc.

Example 2: DEF LLC is 50% owned by DEF Inc. and 50% owned by Jones & Smith, Inc. There are no individuals with direct ownership of DEF LLC. The sole owner of DEF Inc. is Harry Comick; Mary Smith and John Jones each own half of Jones & Smith, Inc. Therefore, Comick, Smith and Jones are (indirect) beneficial owners of DEF LLC. Harry Comick owns all of DEF Inc. and its 50% ownership of DEF LLC, so he is a 50% beneficial owner of DEF LLC. Mary Smith and John Jones each own half of Jones & Smith, Inc., and its 50% ownership of DEF LLC, so they are each 25% beneficial owners (50% of 50%) of DEF LLC.

There may be so many individual owners (directly or indirectly) that none of them owns 25% of your legal entity customer. In such cases, there would be no individuals identified as a beneficial owner under the ownership prong. And, because 25% ownership is the threshold for listing a beneficial owner, there won’t be more than four such individuals under the ownership prong.

Some banks may have adopted a risk-based policy of identifying individuals with less than 25% ownership (for example, they may use an ownership percentage threshold of 20% or 10%), and they may list more than four beneficial owners under the ownership prong. Such banks are exceptions. The regulation requires that the threshold can’t be greater than 25%, and most banks will use the 25% threshold.

If a trust owns directly or indirectly 25% or more of a legal entity customer, the regulation requires that the trustee (one trustee if there is more than one) of the trust be listed as the beneficial owner (labeled as trustee), and you don’t need to get any other information on owners of the trust.

If an excluded entity (one listed in § 1010.230(e)(2), discussed earlier) is a direct or indirect owner of 25% or more of the legal entity customer, no individual needs to be identified as a beneficial owner with respect to the excluded entity’s ownership.

Beneficial owners may be, but do not have to be, signers on the account being opened or other accounts of the legal entity customer.

There are two “special cases” in the regulation for which you aren’t required to obtain ownership prong information from a legal entity customer:

  • A pooled investment vehicle operated or advised by a financial institution that’s not an excluded entity under § 1010.230(e)(2), because ownership of these vehicles is so fluid and frequently changing that it’s impractical to track.
  • Any legal entity that is established as a nonprofit corporation (or similar entity) and has filed organizational documents with the appropriate state authority, since such entities don’t have owners. Approval as a charity under IRS rules is not a requirement.

Legal entity customers fitting either of those “special case” descriptions must, however, provide the name of a control-prong individual (see below).

Control: The rule also defines as a beneficial owner under the control prong a single individual with significant responsibility to control, manage, or direct the legal entity customer. Examples in the regulation include an executive officer or senior manager (chief executive officer, chief financial officer, chief operating officer, managing member, general partner, president, vice president, treasurer) or other individual who regularly performs similar functions.

The title of the individual is not important (although it is one of the pieces of information to be collected); the individual’s duties or responsibilities for the legal entity customer are what matters. In the case of a local office, store or branch (not a franchisee) of a larger company, the control prong individual won’t be a local manager. He or she should be someone at the corporate level with control, management or direction responsibilities.

The individual identified under the control prong may be, but does not have to be, a signer on the account, and may or may not be an owner of the entity.

Two-part process

The legal entity customer (the individual opening the account) is to provide the names and identity information for the individuals identified under the ownership and control prongs of the rule. The information to be supplied includes the same information you are to collect on an individual open a new account under the CIP rules:

  • Name (and title for control-prong individual)
  • The individual’s residential or business street address (the same rules applicable to the CIP address requirement apply here)
  • Date of birth
  • Identifying number (SSN for U.S. persons; SSN, passport number and issuing country, or other similar number, including an alien ID card number or the number and issuing country of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard).

The representative of the legal entity customer must certify, to the best of his/her knowledge, the completeness and accuracy of the information provided.

The bank is required to verify the identity of the individuals listed in the certification. The bank is not required to make its own inquiry into the beneficial ownership of the entity unless it has information leading the bank to doubt the completeness or accuracy of the information provided.

The bank’s verification of the identity of the individuals should use methods similar to those used in the bank’s CIP (the same rules describing the resources to be used apply to both CIP and Beneficial Ownership). They don’t have to be identical processes. For example, you are permitted under the Beneficial Ownership rules to accept a copy of an ID document, and you cannot use a consumer report (as defined under the Fair Credit Reporting Act), because you don’t have a permissible purpose to pull such a report under these rules. You may use identity-verification services that provide information that isn’t a consumer report.

Timing

You are required to obtain a certification of beneficial ownership at or prior to the time the new account is opened. This includes renewal or rollovers of loans and auto-rollover CDs (but see the “workaround” discussion under “New accounts” earlier in this article).

If the legal entity customer does not provide a certification of beneficial ownership at or prior to opening the account, the account should not be opened. There is no grace period. If you aren’t able to get a certification of beneficial ownership at or before a loan renewal or CD rollover, you should not complete the loan renewal or CD rollover unless an earlier certification included the statement described in the “workaround” discussion and you don’t have information calling the earlier certification into question.

Ideally, the bank’s verification of identities will also be completed before the new account is opened. However, you can permit it to be completed within a reasonable time after the new account is opened. You should keep that reasonable time as short as possible.

If you are unable to verify the identity of an individual listed as a beneficial owner (ownership or control prong), you must take steps to check the information supplied by the legal entity and other reasonable extra steps (including, perhaps, contacting the individual owner(s)) to complete the verification. If the extra steps still don’t complete the verification of identity, your bank should have a procedure in its program for closing the account, when possible. At minimum, no renewal or rollover of the account should be permitted until verification of identity of the owner(s) can be completed.

Form, format and content of certification

You do not have to use the form in Appendix A to § 1010.230. The Appendix A form is not a “safe harbor” form. Its principal purpose is to indicate the information that is to be supplied by the legal entity and to indicate the need for a certification of that information. It also includes instructions to the legal entity’s representative that you should consider including in whatever form and format your bank uses.

You can collect the beneficial ownership information from the legal entity in any way you wish as long as you are able to document the certification and comply with the recordkeeping requirements of the rule, which are virtually identical to those applicable to CIP records.

Policies

By Andy Zavoina

Before your eyes begin to glaze over I need to explain to you why I am writing about policies your bank must have (and those it should have). There are few “required” policies and many, many more policies your bank should have based on what your bank does in the marketplace. Policies provide direction to staff, typically from senior management and the board of directors. They are based on the goals of the bank, its strategic plan for where it wants to be in the future and how it wants to get there. Policies answer questions.

An examiner or consultant may suggest the bank have a policy on a topic for one of three reasons:

  1. It is a requirement in a law or regulation.
  2. It would be good to have this guidance because this issue comes up frequently.
  3. It would be good to have this guidance because this issue comes up infrequently, but the risks due to non-compliance are high.

Here is the impetus for this article, and it is IMPORTANT. The Department of Justice (DOJ) has sued an auto dealer because it repossessed one vehicle without a court order. It was aware of the borrower’s military status, but it had no Servicemembers Civil Relief Act (SCRA) policy. The DOJ maintained that, absent a policy and procedures, the lender does not know if it has violated the law other times. Although there has been only one complaint, DOJ is proceeding as though there is a pattern or practice of violations.

For years bankers have heard that examiners want banks to have a policy addressing the SCRA. National banks have been told to expect exams on the SCRA each time examiners are in the bank. Many banks have told me they have very few or no SCRA designated loans. This puts the need for a policy pertaining to the SCRA in category three above.

I must ask those banks: Without a policy or procedures, how does a bank employee know when a customer calls and mentions “active duty” or “joining the service” or anything similar, whether the whole account relationship needs to be flagged as subject to SCRA protections? How does the bank know before it implements a repossession order or foreclosure proceedings whether a borrower is protected under the SCRA? Policies and procedures are called for because they can guide employees to listen for buzzwords about being in the service, to search the military database to verify SCRA protected status, to recognize that the protections on a vehicle are different than those on a mortgage and to understand that an overdraft and a safe deposit box may also be subject to SCRA protections.

What about banks that do very little business with servicemembers? I recently asked a banker if her bank had a National Guard unit nearby, and she answered “Yes.” So, they have a lot of National Guardsmen but few active duty military. Bear in mind that in April 2018, the Defense Secretary signed an authorization, as requested by the president, for up to 4,000 National Guard troops to be activated for border security. These guardsmen will be activated but likely for short periods of time. Many guard units could be activated to protect the border on a rolling basis.

Revisiting the definition of “military service” in the SCRA and commentary I have added from my teaching documents, National Guard and military service includes, “service under a call to active service authorized by the President or the Secretary of Defense for a period of more than 30 consecutive days under section 502(f) of title 32, United States Code, for purposes of responding to a national emergency declared by the President and supported by Federal funds (normally Title 32 activation is not for more than 30 days and often Title 32 is not considered military service);”

Each bank would need to be familiar with the orders, but these Guardsmen will be paid by federal dollars based on what I have read and are being called up by the president and there is a good chance that if they serve more than 30 days they could be entitled to these SCRA protections. This means it is an excellent time to revisit the SCRA if the bank has not done so recently.

The March 28, 2018, case that prompted this article is United States vs California Auto Finance (CAF), Case No. 8:18-cv-00523. CAF is a large sub-prime lender in Southern California and the southwest. The suit alleges CAF repossessed a servicemember’s car after being made aware the borrower was in the service.

Andrea Starks purchased a car in Glendale, AZ in September 2015. She made her first payment in October 2015 which was pre-service and meets the requirements for SCRA protection. She enlisted in April 2016 and reported for active duty on May 9, 2016, the same day her vehicle was repossessed. Two days after enlisting she provided CAF with a copy of her orders. She would not have been protected as a reservist being called to active duty based on receipt of her orders, but rather when she met the definition of “military service” which, in this case, would be when she was paid by the government. Had the vehicle been repossessed the day before, Starks would not have been technically protected. CAF sold the vehicle on or about May 25, 2016.

This was the single complaint against CAF made by Starks to the DOJ in November 2016. There were no other complaints against CAF mentioned. In describing the violations committed by CAF, the DOJ explains the facts it reviewed in its investigation, which began in December 2016.

  • The Defense Manpower Data Center (DMDC) is a free database allowing lenders to determine is a person is protected under the SCRA. The CAF did not verify her status prior to repossessing the vehicle. (It would be interesting to know if Starks would have been shown as currently serving, being her first day.) Regardless, CAF had already been given a copy of Starks orders by Starks herself.
  • This was pre-service debt under the SCRA.
  • No court order was obtained prior to the act of repossessing the vehicle.
  • The CAF believed at the time, and still as of this court filing, that only deployment orders would have provided protections to a servicemember. (This is incorrect. It is the act of serving, whether that be in the continental United States or overseas.)
  • The CAF had and still has no policies or procedures to provide staff with SCRA compliance guidance.
  • Because of a demonstrated lack of knowledge and guidance (the policy or procedures) the DOJ stated they “may have repossessed motor vehicles without court orders from other servicemembers” and as such viewed this as a pattern or practice of violating the SCRA protections and requirements of the SCRA. This means that Starks and other servicemembers have suffered damages.
  • The actions of CAF were “intentional, willful, and taken in disregard for the rights of servicemembers.”

This case begs for a discussion on the requirement for having a policy and procedures. Of the three reasons stated above, the SCRA would fit under reason two or three because there is no legal requirement for a policy in the Act. Examiners have been urging banks to create them and to ensure that repossession and foreclosure procedures are expressed, trained on and followed under the SCRA rules. Some banks may have resisted creating such documents because it would be one more thing to keep up with and they didn’t feel it was needed because it wasn’t required, and the low volume of accounts did not demand it. The DOJ might be accused of practicing regulation by enforcement. In many cases however, a servicemember can be viewed as close to a protected person under fair lending laws as any minority because they do have unique rights that lender must be aware of. The fact that the lender violated the law, expressed a misunderstanding of the requirements, and demonstrated no desire to immediately remedy the issues it created did not help. The CAF did not create a policy or procedures to provide guidance or repossession requirements and it did not attempt to replace the vehicle or compensate Starks when the problems came to light.

It is important to note the fact that the CAF is not being penalized because it did not have an SCRA policy which is not legally required; it is being pursued because it incorrectly interpreted the SCRA requirements, had no guidance information from which to operate, and did not attempt to correct those deficiencies after it was being investigated for violations. Another important note is that “ignorance is not bliss.” Because there was no policy or procedures to follow, CAF could not say it has tracked or provided special handling for SCRA protected loans. Even though there was only a single complaint against CAF, its own lack of knowledge is forcing the CAF to prove it is innocent on multiple counts of a violation. There is no evidence proving this repossession and sale was part of a pattern or practice, but the CAF cannot prove otherwise. Whether you agree with the DOJ position or not, the CAF will pay to settle this claim or pay to prove its innocence.

In Part 2 to this article, I’ll provide a list of key bank policies and discuss how policies can be written and kept current.

Appraisals

By Andy Zavoina

On April 2, 2018, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency issued a final rule that increased the threshold for commercial real estate transactions requiring an appraisal from $250,000 to $500,000.

Originally the 1994 figure of $250,000 was going to be raised to $400,000 but it was determined that the $500,000 limit would further reduce the regulatory burden and the number of transactions requiring appraisals while not exposing the loans to excessive risk.

The bank may now use evaluations for those loans up to the new limit if desired. Evaluations can provide the market value of real estate that will secure a loan while avoiding the need for a formal appraisal prepared in accordance with the Uniform Standards of Professional Appraiser Practices (USPAP). They do not have to be completed by a state licensed or certified appraiser. Evaluations can both expedite the loan process and reduce costs when commercial real estate is involved.

Note that this change is for commercial accounts and not loans for 1-4 family residential properties.

https://content.govdelivery.com/accounts/USFDIC/bulletins/1e469ff