What will examiners look for in 2024? What should your financial institution’s regulatory compliance priorities be, and how can you address any weak points?
In February’s webinar, we explored areas of heightened regulatory oversight in 2024. Let’s dive into our recap.
(Note: Fair Lending remains a hot topic – so hot that it had its own webinar: Fair Lending: Get Ready for 2024. Check it out for fair lending expectations and enforcement.)
The agencies are cracking down more aggressively on so-called “junk fees.” The FDIC, OCC, CFPB, and NCUA have all indicated they want to eliminate “authorize positive, settlement negative” fees (or APSNs).
Examiners are also focusing on non-sufficient fund (NSF) fees from bounced checks and representment fees. Thus far, the CFPB has been most aggressive about profit-generating overdraft fees at FIs with over $10 billion in assets by enforcement and through a proposed rule that would increase the regulatory burden by imposing Reg Z requirements.
For example, a $20-billion bank in Virginia recently agreed to refund $5 million in overdraft fees and pay an additional $1.2 million in restitution to the CFPB’s victims' relief fund for allegedly failing to disclose overdraft fees to consumers.
While the CFPB is targeting FIs of $10 billion or more, the agencies will be looking into the overdraft fee programs for smaller and intermediate-sized FIs, as highlighted in the NCUA’s 2024 Supervisory Priorities.
FIs of all sizes need a risk assessment of their account fee and overdraft programs. Does your overdraft program help or harm consumers? Do your disclosures fulfill regulatory expectations?
Related: Risk Assessing Overdraft Programs: Is the Fee Income Worth the Risk?
FIs still get tripped up by Section 8 of the Uniform Residential Loan Application. How can this be?
The problem with Section 8 boils down to the actual collection of demographic information. Bank of America paid a $12 million fine because loan officers failed to ask borrowers for the required information. If your FI has a high number of “information-not-provided" in its HMDA-reportable data, regulators will ask questions.
Complying with fair lending laws requires comparing your number of demographic “information-not-provided" with peer institutions and monitoring individual lenders to establish demographic data collection benchmarks.
FIs also need to be consistent when it comes to cash-out refinancing compared to traditional refinancing. There’s a common misconception that there’s an imposed dollar amount in cash-out vs. standard refinancing, but that’s not true. Your FI must ensure that these loans match your own internal policies and procedures. Many FIs don’t realize that fair lending noncompliance can occur when they fail to comply with their own stated policies, regardless of whether they satisfy existing regulations and laws.
The asset size of your FI doesn’t matter when it comes to BSA risk – it depends on the products and services you offer, your customer base, and your geographic footprint. FIs that engage in cannabis banking or serve cross-border consumers in high-crime areas need to be especially vigilant,
The OCC recently penalized American Express $15 million for failure to comply with Customer Identification Program (CIP) regulations, one of the cornerstones of AML compliance.
Another New York credit union shut its doors when FinCEN discovered a BSA compliance officer violated the law in January 2023. BSA noncompliance poses an existential threat to smaller banks and credit unions.
With that in mind, let’s focus on what your FI can do to mitigate this risk:
Related: The Four Pillars of a Strong BSA/AML Compliance Program
Credit reporting is a significant issue for FIs, and examiners will take a close look at your complaint management program. Handling disputes is an integral part of your overall compliance management system (CMS).
Related: Consumer Complaints Are at an All-Time High. What Are You Doing About Them?
FIs should not wait for the Supreme Court's June 2024 decision on the CFPB to begin planning and budgeting for 1071. Spoiler alert: court watchers do not believe the CFPB’s funding mechanism will be ruled unconstitutional.
Lenders with experience reporting HMDA loans understand how heavy the compliance lift for 1071 will be. Time is a factor, especially for Tier One commercial lenders with at least 2,500 covered credit transactions for calendar years 2022 and 2023
While the effective date of October 1, 2024, for data collection might be pushed back, you need to operate under the reasonable assumption that 1071 is going forward. Congress has already tried (and failed) to pass a bill that would eliminate 1071. Hopefully, you’ve begun implementing the policies and procedures, training officers and staff, and creating a program for 1071 compliance.
Check out our 1071 Resource Center for more information.
Last year, we also received the final rule for CRA modernization. For the April 1, 2024, effective date, banks must delineate facility-based assessment areas as normal. Large banks (with assets greater than $10 billion) must also ensure that their assessment areas include whole (and not partial counties) as stipulated under the new CRA.
Additionally, banks must post their updated public CRA file on their website. Your public file needs to be current and contain all relevant data (comments, branch openings, facility closings, etc.). If you haven’t begun working with your marketing team or the third party that manages your website to include this information, now is the time.
The CFPB will also give us a final verdict on the proposed rule for Section 1033 in 2024. This proposal requires banks and credit unions to make account information available to consumers and authorized third parties.
FIs need to make this data available through developer interfaces to allow third parties and consumers to make account inquiries and gather data. The proposal has been controversial because (according to one interpretation) it would not allow FIs to charge fees to develop and maintain these interfaces. It’s not clear if this is the intention of the proposed rule, but we’ll keep you updated on how this regulation progresses.
Compliance management will take center stage for FIs in 2024. With account fees, consumer lending, and BSA/AML drawing additional attention, FIs must be prepared. At the same time, large regulatory changes from 1071 to CRA modernization will continue to loom over the regulatory landscape in banking.
FIs should focus on updating compliance and risk assessments (accounting for recent changes or innovations), implementing internal compliance monitoring and testing, boosting their third-party risk management programs, and adopting a repeatable regulatory change management framework.
Want even more insights on other regulatory compliance hot topics?
Listen to Our Discussion of 2024 Regulatory Expectations