Regulatory Bulletin: August 2016


CFPB Fines Santander $10 Million for Illegal Overdraft Fees

Bank Deceptively Marketed Its Overdraft Service to Consumers, Violated “Opt-in” Rule

In July 2016 the CFPB ruled against Santander Bank, N.A.JUL 14, 2016

The Consumer Financial Protection Bureau (CFPB) has ordered Santander Bank, N.A. to pay a $10 million fine for illegal overdraft service practices.

“Santander tricked consumers into signing up for an overdraft service they didn’t want and charged them fees,” said CFPB Director Richard Cordray. “Santander’s telemarketer used deceptive sales pitches to mislead customers into enrolling in overdraft service. We will put a stop to any such unlawful practices that harm consumers.”
Santander, a national bank based in Wilmington DR operates a network of nearly 700 retail branch offices in Connecticut, Delaware, Massachusetts, New Hampshire, New Jersey, New York, Pennsylvania, and Rhode Island.

According to the CFPB for a period of four years ending in 2014, “Santander marketed and enrolled consumers in its “Account Protector” overdraft service for ATM and one-time debit card transactions, and charged consumers $35 per overdraft. Santander used a telemarketer to call consumers to persuade them to opt in to the overdraft service and rewarded the telemarketer with a higher hourly rate when it hit specified sales targets.”

In 2010, rules went into effect barring banking institutions from charging overdraft fees on ATM and one-time debit card transactions where the consumer did not affirmatively opt in.

As a result of this order Santander not only must pay the $10 million, it must remit to the government any recovery it makes from insurance or claims against agents. And in addition, the bank will have the expense of extensive retraining and future monitoring. The order does not require the bank to compensate consumers who were affected, but does include the following language which suggests that continuing expensive litigation is in process:

Within 30 days of the entry of a final judgment, consent order, or settlement in a Related Consumer Action, Respondent must notify the Regional Director of the final judgment, consent order, or settlement in writing. That notification must indicate the
amount of redress, if any, that Respondent paid or is required to pay to consumers and describe the consumers or classes of consumers to whom that redress has been or will be paid.

The CFPB determined that “Santander marketed its overdraft service deceptively during telemarketing calls and enrolled consumers in overdraft service without their consent in violation of the opt-in rule.” Illegal and improper practices included:

  • Signing consumers up for overdraft service without their consent
  • Deceiving consumers that overdraft service was free
  • Deceiving consumers about the fees they would face if they did not opt in
  • Falsely claiming the call was not a sales pitch
  • Failing to stop its telemarketer’s deceptive tactics

It is pointed out in the ruling that Santander was made aware of the impropriety of it’s actions early on, stopped the prohibited behaviors and then started them up again. The penalty as well as the costs and eventual expenses of making customers whole ought to be an object lesson, the CFPB means business and whether you agree with their interpretations, or not, you violate at your institution’s peril.

The enforcement action includes:

  • Revalidation of all opt-ins associated with the telemarketer
  • Prohibition against the use of a vendor to telemarket overdraft service
  • Increased oversight of all third-party telemarketers
  • Payment of the $10 million penalty into the CFPB’s Civil Penalty Fund

The full text of the CFPB’s consent order is available at:

CFPB Monthly Complaint Report, Vol. 12

The CFPB issues a monthly complaint report. Paying attention can give you a heads-up on future trends. The Report uses a three-month rolling average, comparing the current average to the same period in the prior year. The report also includes company based complaint data with highlighting institutions with the greatest amount of activity. The comparative data shows the increasing and sometimes decreasing frequency of specific categories of complaints. Monitoring your trends and pro-active responses can be helpful if you are ever called on to account for problem activity.

Where appropriate, to account for monthly and seasonal fluctuations. In some cases, we use month-to-month comparisons to highlight more immediate trends. For company-level complaint data, we use a three-month rolling average of complaints sent to companies for response. This company-level complaint data lags other complaint data in this report by two months to reflect the 60 days companies have to respond to complaints, confirming a commercial relationship with the consumer. This is consistent with complaints found in the public Consumer Complaint Database.

This month’s report includes metrics on Volume by product, state and company; Consumer lending by type, state and company; drill-down into auto lending again by type, state and company and a geographic spotlight, this month Arkansas.

Keeping abreast of this data can let you know if you are heading for problems, from consumer advocates or possibly give you insight when you are making meaningful improvements.

The full report can be accessed:

Information Technology Risk Examination (InTREx) Program updated by the FDIC

“The InTREx Program is designed to enhance identification, assessment, and validation of IT in financial institutions and ensure that identified risks are effectively addressed by FI management. FIL-81-2005, Information Technology Risk Management Program (IT-RMP), has been rescinded.”

The InTREx Program is designed to enhance identification, assessment, and validation of IT in financial institutions and ensure that identified risks are effectively addressed.

In July the FDIC updated its information technology and operations risk (IT) examination procedures. The enhanced program provides for cybersecurity preparedness assessment, discloses more detailed examination results while using component rating to provide a more efficient, risk-focused approach.

The program includes:

  • an enhanced, risk-based approach for conducting IT examinations. It will help management teams ensure IT and cybersecurity risks are promptly identified and effectively addressed.
  • an All Uniform Rating System for Information Technology (URSIT) component and composite ratings assigned at each IT examination.
  • an assessment of the financial institution’s cybersecurity preparedness.
  • a streamlined IT Profile that for completion in advance of examinations replacing the IT Officer’s Questionnaire (ITOQ). Note: The IT includes 65 percent fewer questions than appeared on the FDIC’s legacy ITOQ.
  • According to the FDIC the Enhanced Pre-Examination Process includes a revised pre-examination scoping process which is streamlined to focus on emerging risks and technologies. Examiners will complete the InTREx Core Modules, the Cybersecurity Workpaper, and the Information Security Standards Workpaper. Those materials will be used to assess risk and to document examination procedures, findings, and recommendations. Of course, a summary of the overall condition of the IT function supporting the URSIT composite rating will be included on the Examiner Conclusions and Comments page. URSIT component ratings, examination findings, recommendations, management’s responses, including timeframes for corrective action, and supporting comments will be reported on the Information Technology Assessment page.

A link to the announcement including a copy of the InTrex Progam PDF can be accessed at:

Now is the time to review this new material with your IT and security departments.

Note: This Revision applies to all FDIC-supervised institutions.

Joint Statement on the New Accounting Standard on Financial Instruments – Credit Losses

June, 2016

Board of Governors of the Federal Reserve System
Federal Deposit Insurance Corporation
National Credit Union Administration
Office of the Comptroller of the Currency

The Financial Accounting Standards Board (FASB) recently issued this new accounting standard, which introduces the current expected credit losses methodology (CECL) for estimating allowances for credit losses. The new accounting standard allows a financial institution to leverage its current internal credit risk systems as a framework for estimating expected credit losses.

For planning purposes, the implementation dates are:

PBEs that are SEC filers

U.S. GAAP Effective Date:
Fiscal years beginning after December 15, 2019, including interim periods within 2020

Regulatory Reporting Effective Date:
March 31, 2020

Other PBEs (non-SEC filers)

U.S. GAAP Effective Date:
Fiscal years beginning after December 15, 2020, including interim periods within 2021

Regulatory Reporting Effective Date:
March 31, 2021

Non-PBEs (private companies)

U.S. GAAP Effective Date:
Fiscal years beginning after December 15, 2020, including interim periods beginning after December 15, 2021

Regulatory Reporting Effective Date:
December 31, 2021

Early application for all entities

Early application permitted for fiscal years beginning after December 15, 2018, including interim periods within those fiscal years

Some thoughts

“The agencies are determining the nature and extent of supervisory guidance institutions will need during the implementation period, with a particular focus on the needs of smaller and less complex institutions. If institutions have issues or concerns about implementing the new accounting standard, they should discuss their questions with their primary federal supervisor.”

The Transition

This change will require, depending upon the complexity of your institution, discussions with the board of directors, industry peers, external auditors, and supervisory agencies how best to implement the new accounting standard in a manner appropriate to each institutions’ individual characteristics.

It is not too early to begin planning for this change that could impact capital.

Copy of the notice can be found at:

Did you note a letter from:


On the subject of Off-site Review of Loan Files?
The Letter announce that state member banks (SMBs) and foreign banking organizations (FBOs) with less than $50 billion in total assets now have an option to have Federal Reserve examiners review loan files off-site during full-scope or target examinations. The request can be granted provided the SMB or FBO and can send legible and sufficiently comprehensive loan information to the Reserve Bank in a secure manner. It applies to all state member banks and U.S. branches and agencies of foreign banking organizations with less than $50 billion in total assets.

The purpose of this letter is to announce to state member banks (SMBs) and U.S. branches and agencies of foreign banking organizations (FBOs) with less than $50 billion in total assets that there is an option to have Federal Reserve examiners review loan files off-site during full-scope or target examinations. Federal Reserve examiners may conduct an off-site loan review provided the SMB or FBO is amenable to such an arrangement, and the SMB or FBO can send legible and sufficiently comprehensive loan information to the Reserve Bank in a secure manner.

Process for Determining if an SMB or FBO can Participate in the Off-Site Loan Review Program

The Letter states: The Reserve Bank will consider the following when determining whether an off-site review of loan files is appropriate for a particular institution.

  • Will the institution submit the loan file data using a secure transmission method such as cloud-based collaboration products, secure email services, encrypted removable media, virtual private networks, or remote desktop control services?
  • Is the institution able to provide loan data and imaged loan documents that are legible, easily viewable, and properly organized to allow for timely review by examiners?
  • Are the loan files comprehensive to allow an examiner to come to a conclusion as to the appropriate rating of a credit without having to request additional information from the institution?

“However, the Reserve Bank may decline a request if it has justifiable reasons to believe that an off-site review would impede the examiners from efficiently and effectively assessing the institution’s asset quality and credit risk management process.”

Security of Loan File Data Submitted to the Reserve Banks
Loan file data obtained will continue to be handled in accordance with existing Federal Reserve information security requirements. Reserve Banks are advised to explain their procedures and practices for safeguarding loan file data to an SMB or FBO considering participation in the off-site loan review program, including procedures for coordinating off-site loan reviews with state banking agencies.

Adjustments to the Examination Process
Off site loan reviews can be a benefit to your institution as they can reduce the amount of disruption that accompanies the installation of an exam team. However, institutions should be mindful of the need to have we organized and fully digitized loan files prior to embarking on this program. Examiners will expect to have all file data securely transmitted well before the exam date.

A copy of the letter can be accessed at:

Consumer Financial Protection Bureau Monthly Complaint Snapshot Spotlights Credit Card Complaints

The CFPB used it’s July 2016 broadcast to highlight consumer complaints about credit cards. The Monthly Complaint Report, which can be found at: details that credit cards are currently used by more than half of adult consumers in the United States. These consumers who collectively totaled over $700 billion in credit card debt at the beginning of 2015 have filed over 97,00 complaints with the bureau and they are being taken seriously.

The CFPB notes that Consumers perceive unfairness in credit decisions, are confused over how payments are applied to accounts with multiple balances, believe credit card fees not adequately disclosed to consumers and that they are misled about offers for reward programs.

If you are issuing cards, or are even just offering consumers branded cards with your institution’s logo on them, consider whether you are leaving your institution open to negative press or worse if you have a consistent problem with any one issue with your credit card customers. The CFPB is a fact of life and you have better ways to spend your time than being their target.

Make sure that any complaints you have a responsibly dealt with and that you are not consistently hearing the same problem from a series of customers or consumers.

Do you need Guidance on CRA?

This month the Agencies Released Final Revisions to Interagency Questions and Answers Regarding Community Reinvestment

Are you up to date on CRA? If not, look at this recent Q&A

July, 2016

The federal bank regulatory agencies with responsibility for Community Reinvestment Act (CRA) rulemaking today published final revisions to “Interagency Questions and Answers Regarding Community Reinvestment.” The Questions and Answers document provides additional guidance to financial institutions and the public on the agencies’ CRA regulations.

The new and revised guidance addresses questions raised by bankers, community organizations, and others regarding the agencies’ CRA regulations in the following areas:

  • Availability and effectiveness of retail banking services.
  • Innovative or flexible lending practices.
  • Community development-related issues, including: (i) economic development; (ii) community development loans and activities that revitalize or stabilize underserved nonmetropolitan middle-income geographies; and (iii) community development services.
  • Responsiveness and innovativeness of an institution’s loans, qualified investments, and community development services.

There are over 40 questions and answers ranging from “Is the list of special purpose institutions exclusive?” to “Is inclusion on the list of institutions that are scheduled to undergo CRA examinations in the next calendar quarter determinative of whether an institution will be examined in that quarter?”

It’s time to review the Q&A to see if your institution is in conformity. Maybe they have hit on one of your local issues, but probably not. Don’t assume you are doing it right. Being caught off base can be an expensive lesson. If you need guidance, put in a call to Kevin Kane at FRC, 212 849 6828.

Find the document at:

Identifying, Accepting and Reporting Brokered Deposits

The above Financial Institution Letter applies to all FDIC-insured financial institutions that use brokered deposits.

How often does your institution get asked the question “do you have any brokered deposits?”

Is the answer you give consistent and correct?

Are you aware of updates in these areas since the FAQs were issued in January 2015?

  • Business professionals and deposit referral programs;
  • Deposits gathered though “dual hatted,” “dual” and “call center” employees (as explained in the FAQs), or contractors;
  • Deposits underlying government-sponsored prepaid or debit card programs;
  • Whether certain nonmaturity deposits are brokered; and
  • Actions an IDI should take if it holds certain brokered deposits and falls below well capitalized for PCA purposes.

Take a few moments to confirm that your institution is RIGHT on brokered deposits.

The following links provide more guidance:

Study on Core Deposits and Brokered Deposits

Advisory Opinion on Brokerage Services

Frequently Asked Questions on Identifying, Accepting and Reporting Brokered Deposits

Identifying, Accepting and Reporting Brokered Deposits: Frequently Asked Questions (Updated June 30, 2016; Revised July 14, 2016)

If you have further questions, call Kevin Kane at FRC, 212 849 6828

Were you away for the Fourth of July?

Did you miss FDIC Letter FIL-45-2016
Consolidated Reports of Condition and Income

Subject to approval by the U.S. Office of Management and Budget, these Call Report revisions will take effect September 30, 2016, or March 31, 2017, depending on the change.

FDIC says “Statement of Applicability to Institutions under $1 Billion in Total Assets: This Financial Institution Letter applies to all FDIC-supervised commercial and savings banks, including community institutions. Institutions under $1 billion in total assets should benefit from the burden-reducing changes. Because of the nature of the new and revised Call Report data items, they should have a limited impact on community institutions.”

Revisions approved by the FFIEC include:

  • Deletions of certain existing data items in five schedules;
  • Increases in existing reporting thresholds and the establishment of a new threshold for certain data items in six Call Report schedules;
  • Instructional revisions pertaining to the reporting of gains (losses) on certain equity securities and the custodial bank deduction for assessment purposes; and
  • New and revised data items and information, some of which are of limited applicability. These revisions involve Chief Executive Officer contact information, the Legal Entity Identifier, preprinted captions for itemizing components of certain data items, extraordinary items, time deposit data, external auditing programs, fair value option loans, trading revenue, “dually payable” deposits in foreign branches, and supplementary leverage ratio data.

Institutions should review FIL-44-2016 for further information about the Call Report revisions taking effect in September 2016 and March 2017.

Copy available at: FIL-45-2016 – PDF


This entry was posted on Monday, August 8th, 2016 at 3:31 pm and is filed under Articles, Regulatory Insights. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.

  • « Older Entries
  • Newer Entries »