All Categories

    Your Weekend Briefing: Statute of Maggie Walker, First Black Woman Founder of Bank, Unveiled to Cheering Crowds

    Statute of Maggie Walker, First Black Woman Founder of Bank, Unveiled to Cheering Crowds, Richmond Free Press

    Richmond residents and officials rejoiced Saturday morning as the long-awaited statue of hometown hero Maggie Lena Walker was unveiled.

    Mrs. Walker, the daughter of a former slave, was the first African-American woman to charter and operate a bank in the United States. Despite the many obstacles of the time, the leader of the Independent Order of St. Luke benevolent society published the St. Luke Herald newspaper beginning in 1902, founded the St. Luke Penny Savings Bank in 1903, opened a department store Downtown in 1904, and was a civil rights activist who encouraged community uplift and empowerment through education, voting and supporting black-owned businesses.

    With a strong tug by Richmond Mayor Levar M. Stoney, sculptor Antonio “Toby” Mendez of Maryland and Mrs. Walker’s great-great-granddaughter Liza Mickens, off flew a black drape covering the 10-foot bronze statue.

    The figure of Mrs. Walker and the accomplishments and contributions of the woman it represents were met by applause from the hundreds of people gathered around the plaza at Broad and Adams streets in Downtown where the statue stands.

    “Many Richmonders have ancestors who began their careers not as servants, but as bank tellers, accountants, sales people, auditors and insurance writers because of Grandma Walker,” Ms. Mickens said in brief remarks to the crowd.

    “Many Richmonders are here today, swelling with pride along with her family, as we unveil this statute of a woman, marking her own accomplishments on the streets of our city which she dearly loved.”

    Dozens in the audience nodded and voiced their assent as the 19-year-old Ms. Mickens, one of about 30 Walker descendants at the ceremony, fought back tears to continue.

    “Today, Maggie Walker stands here in her rightful place, in the heart of Richmond standing over her city. She stands as a marker to the gateway of Jackson Ward, a place where, through her hard work, she inspired her race as well as her gender to pursue a better life.”

    The plaza dedicated to Mrs. Walker has pedestals and paving that detail her many roles and accomplishments in the city before her death in 1934.

    Unveiled on what would have been Mrs. Walker’s 153rd birthday, the statue is the first in Richmond singularly devoted to a woman. Read More.


    Don’t get burned by coming CDD rule: Exploring the enforcement implications of FinCEN’s new “fifth pillar”, Banking Exchange

    FinCEN’s issuance of the final customer due diligence (CDD) rule in May 2016 significantly altered the Bank Secrecy Act / Anti-Money Laundering (BSA/AML) compliance landscape.1

    Insured depository institutions, among other covered financial entities, must comply with the rule by May 11, 2018. The rule will change banks’ day-to-day business operations by requiring risk-based procedures for conducting customer due diligence on all customers. However, beyond this, the new rule presents potential regulatory and enforcement-related consequences.

    From a regulatory perspective, a bank’s failure to satisfactorily incorporate the “fifth pillar” into its BSA program could lead to supervisory action and, ultimately, to enforcement action by the federal banking agencies (OCC, FDIC, and the Federal Reserve). 

    Regulatory requirements and consequences

    Prior to issuance of FinCEN’s new rule, a bank’s BSA/AML program consisted of four pillars: a system of internal controls; independent testing; a BSA officer responsible for day-to-day compliance; and training for appropriate personnel.2 

    The new rule adds a fifth pillar: appropriate risk-based procedures for conducting ongoing CDD, to include, at a minimum:

    • Understanding the nature and purpose of customer relationships for developing a customer risk profile.
    • Conducting ongoing monitoring to identify and report suspicious transactions . 
    • On a risk basis, maintaining and updating customer information.

    The risk-based procedures must incorporate the new rule’s key focus: the identification and verification of beneficial owners of legal entity customers, such as a corporation, LLC, or general partnership. 

    Of the four core elements of the CDD rule, three elements are essentially required by existing BSA program requirements. In addition to a customer identification program (CIP), the internal controls pillar of the BSA compliance program implicitly requires banks to understand the nature and purpose of customer relationships and to conduct ongoing monitoring for reporting suspicious transactions.4

    An additional new categorical requirement of the CDD rule requires verifying the identity of the natural persons who are the beneficial owners of a legal entity customer. The rule sets forth two tests for identifying beneficial owners:5

    • Equity ownership of 25% or more of the legal entity (the “ownership test”), or
    • “Significant responsibility to control, manage, or direct” the customer (the “control test”).

    Since FinCEN’s requirements apply to “new accounts” opened on or after May 11, 2018,6 banks will need to have written procedures in place to collect identifying information on between one and five beneficial owners.

    The ownership test will require verification of the identity of between zero and four individuals, while under the control test, the identity of a single individual, such as a CEO or a CFO, will need to be verified.

    A bank may “rely on the information supplied by” the legal entity customer regarding the identities of its beneficial owners, provided that the individual certifies as to the accuracy of the information.7

    However, a bank may face regulatory criticism if its procedures are not reasonably designed to verify the identity of beneficial owners when it has knowledge of facts that “would reasonably call into question the reliability of such information.”

    At a minimum, the procedures must contain the elements required for the CIP rule. As a practical matter it may be hard for banks to know how far they will have to go to verify a beneficial owner’s identity in these situations and meet examiners’ expectations.

    The requirement for banks to update customer information, on a risk basis, may also present challenges. When, in the course of ordinary monitoring, a bank identifies information that is relevant to assessing or reevaluating the risk posed by the customer, it must update the customer information, including beneficial ownership information.

    Because updating customer information does not occur on a continuous or periodic basis, examiners and banks may disagree on the types of events that should prompt such updates. Compliance staff will need to make real-time judgment calls that examiners may second-guess in hindsight. Read More.

    For even $teeper $avings, order our $500 BSA Bundle 


    3 New Fall BSA Programs for the Low Price of $500

    How the BSA Bundle Works

    1. Add all three (3) BSA programs to your cart: New BSA Customer Due Diligence Rules + New BSA Officer Training + BSA Risk Assessments 

    2. Apply code "BSAbundle" at checkout.

    3. Celebrate - Congratulations! You just saved hundreds!


    Five state regulators enter into settlement agreement with debt collectors for alleged federal and state law violations, Consumer Finance Monitor

    Regulators from the states of Connecticut, Idaho, Massachusetts, Minnesota and North Dakota (“Participating States”) have entered into a settlement agreement with three affiliated debt collection companies to settle allegations that the companies engaged in collection activities that violated the Fair Debt Collection Practices Act, the FTC Act, and state laws and regulations.  The settlement requires the companies to pay $500,000 to be divided equally among the Participating States.

    The agreement indicates that the companies were licensed as collection agencies under the laws of the Participating States.  It also indicates that the Participating States began a multi-state examination of the companies that was conducted concurrently with a targeted review by the CFPB of one of the companies’ federal student loan debt collection activity.  The initial examination review period covered collection activity from February 11, 2013 to February 27, 2015, with consideration also given to activity outside of that period.

    In addition to alleging that all of the companies failed to provide access to collection records and submit timely and complete responses to requested information in violation of state statutes and regulations, the agreement alleges that one of the companies engaged in the following unlawful conduct:

    • To meet revenue goals, the company’s agents were directed to make calls to telephone numbers that previously had been designated as “do not call” and to mark the accounts with a special identifier to avoid disciplinary action for violations of law and company policy.  The agreement alleges that such calls violated various FDCPA provisions, such as those limiting third party calls and calls to a consumer at his or her place of employment.  It further alleges that the calls constituted unfair conduct in violation of the Consumer Financial Protection Act’s UDAAP prohibition and also violated specified state statutes and regulations.
    • The company failed to credit payments made by check on the day the check was received and instead delayed credit until the check cleared, which typically took four to five days.  The agreement alleges that such conduct violated the FDCPA prohibition on collecting amounts that are not expressly authorized by the agreement creating the debt or permitted by law, was an unfair or abusive practice in violation of Section 5 of the FTC Act, was unfair, deceptive, or abusive behavior in violation of the CFPA’s UDAAP prohibition, and violated specified state statutes and regulations.

    State regulators do not have authority to directly enforce the FDCPA or Section 5 of the FTC Act.  However, many state debt collection statutes (such as the Connecticut statute) require debt collectors to comply with the FDCPA.  Under Section 1042 of the CFPA, state regulators are authorized to bring a civil action to enforce the CFPA’s UDAAP prohibition against state-licensed entities. Read More.


    Judge denies Navient’s dismissal request, The Daily News

    PENNSYLVANIA — a U.S. District Court judge has denied Navient’s request to dismiss the case filed against it.

    Judge Robert Mariani announced last week that he found the Consumer Financial Protection Bureau was within its authority to bring a case against Navient and that there is no unconstitutionality with how the Bureau behaved in bringing the case.


    The CFPB filed a lawsuit against Navient in January. It named 11 charges against the loan collector for deception and misrepresentation of loan program policies.

    Pioneer Credit Recovery, located in Wyoming County, is a subsidiary of Navient and is named in the case as part of the alleged wrongdoing.

    The claim is that “Pioneer collectors routinely overstated the benefits of the (student loan) rehabilitation program by claiming that all negative information on a borrower’s credit history would be removed and all collection fees would be forgiven,” the documents state.

    However, according to the documents, some but not all negative information on a borrower’s credit history is removed.

    The investigation to bring the charges was years in the making.

    Then in April, Navient filed to have the case dismissed, saying that the CFPB had essentially overstepped its bounds and behaved unconstitutionally.

    Who’s making the rules?

    Part of Navient’s argument is that the CFBP acted before a rule was in place — basically putting the cart before the horse.

    But according to Mariani, under the Dodd-Frank Wall Street Reform and Consumer Protection Act, “there appears to be no reason by the CFPB cannot base an enforcement action on a violation of this provision in federal law.”

    He added that other language in the Act would allow the CFPB to “commence a civil action.”

    More specifically, Navient was concerned with the word “declare” in some of the Act’s provisions. To Navient, according to court documents, “declare” would require the CFPB to declare a rule first which would then determine what kind of behavior is unlawful.

    “In the end, Navient is unable to point to any clear language in the statutory scheme that requires the CFPB to first engage in rulemaking before bringing an enforcement action for unfair, deceptive, or abusive acts or practices,” Mariani wrote. “The plain meaning of the statutory language provides that the CFPB has both the power to engage in rule making ... and litigation ... to address unfair, deceptive or abusive acts or practices.”

    Mariani adds that this ruling is also in line with how other courts have ruled in similar situations.

    In the final argument to this point, Mariani wrote: “In sum, the Court finds no merit in Navient’s assertion that the CFP Act requires the CFPB to engage in rulemaking before initiating an enforcement action, or that Navient lacked fair notice of what the CFP Act proscribes.” Read More.


    Breaking Down the TRID Fix: It's the Same with Affiliates, Only Different, NAFCU

    As we tackle the painful job of picking apart the CFPB's TRID "Fix" final rule, we are reminded again of the Bureau's deep appetite for technical minutiae. It's a regulation in the style of ancient filigree, complex to behold and not particularly easy to use. Identifying and absorbing these hyper-intricate changes is just step one in the mission to actually understand what will change for credit unions who have to use this rule.

    So, today, we are going to look at one piece of the amendments: clarification regarding costs paid to affiliates for which there is no applicable tolerance.

    Paragraph 19(e)(3)(iii) Amounts Paid To Affiliates

    Paragraph 19(e)(3)(iii) is the paragraph that describes the five categories of charges for which there is no applicable tolerance or comparison to the Closing Disclosure to determine good faith. Currently, it reads like this:

    "(iii) Variations permitted for certain charges. An estimate of the following charges is in good faith if it is consistent with the best information reasonably available to the creditor at the time it is disclosed, regardless of whether the amount paid by the consumer exceeds the amount disclosed under paragraph (e)(1)(i) of this section 

    (A) Prepaid interest;

    (B) Property insurance premiums;

    (C) Amounts placed into an escrow, impound, reserve, or similar account;

    (D) Charges paid to third-party service providers selected by the consumer consistent with paragraph (e)(1)(vi)(A) of this section that are not on the list provided pursuant to paragraph (e)(1)(vi)(C) of this section; and

    (E) Charges paid for third-party services not required by the creditor. These charges may be paid to affiliates of the creditor.12 C.F.R. § 1026.19(e)(3)(iii) (Emphasis added).

    As you can see, the phrase "[t]hese charges may be paid to affiliates of the creditor" is attached only to subparagraph (E). In the proposal, the Bureau stated:

    "The Bureau understands that there is uncertainty whether all five of the § 1026.19(e)(3)(iii) categories include charges paid to affiliates of the creditor or if only the § 1026.19(e)(3)(iii)(E) category (i.e.,charges paid for third-party services not required by the creditor) includes charges paid to affiliates of the creditor. The Bureau believes there are reasonable arguments to support either of those interpretations under the current rule but is proposing to change the rule prospectively so that all five categories expressly include charges paid to affiliates." 81 Fed. Reg. 54332.

    In exchange for choosing the more expansive of these possible interpretations, the CFPB is adding a caveat: a charge paid to an affiliate must be "bona fide" in order for it to have no applicable tolerance rules. The Bureau stated that this addition was intended to limit any potential harm associated with allowing variations without regard to tolerances on charges paid to affiliates.

    In the final rule, the Bureau moves the phrase addressing affiliates out of sub-paragraph (E) and into paragraph 19(e)(3)(iii) itself, and adds the language about the charges being bona fide:

    "(iii) Variations permitted for certain charges. An estimate of any of the charges specified in this paragraph (e)(3)(iii) is in good faith if it is consistent with the best information reasonably available to the creditor at the time it is disclosed, regardless of whether the amount paid by the consumer exceeds the amount disclosed under paragraph (e)(1)(i) of this section. For purposes of paragraph (e)(1)(i) of this section, good faith is determined under this paragraph (e)(3)(iii) even if such charges are paid to affiliates of the creditor, so long as the charges are bona fide: […]" 81 Fed. Reg. 37768 (Emphasis added).

    The final rule also adds new comment 4 to paragraph 19(e)(3)(iii), which describes that a charge is bona fide if it is "lawful and for services that are actually performed.” Read More.


    Loss of top cyber officials spells challenge for Trump, The Hill

    The Trump administration has lost a handful of individuals serving in top cybersecurity roles across the federal government in recent weeks, even as it has struggled to fill top IT positions.

    The developments present hurdles for the new administration and speaks to the longstanding challenge the federal government faces in competing with the private sector for top tech talent.

    Among those resigning is Richard Staropoli, a former U.S. Secret Service agent who served as chief information officer (CIO) of the Department of Homeland Security for just three months before announcing abruptly that he would leave.

    Staropoli, who as recently as June forecast big plans to reorganize the department’s information technology office, will officially leave the post at the start of September, turning the role over to his deputy on a temporary basis.

    The Office of Personnel Management (OPM) is also about to lose its top IT official, with news that CIO Dave DeVries has resigned from his position and will leave in September after about a year on the job.

    OPM has been under intense scrutiny from lawmakers and others since 2015, when it was revealed that a breach of its data systems resulted in personal information on more than 21 million Americans being exposed to Chinese hackers.

    A spokesperson for the agency confirmed DeVries’s resignation, which was first reported last week, attributing his decision to family considerations. OPM does not yet have information on who will serve as interim or acting CIO, the spokesperson said.

    On Friday, the Navy will lose its CIO.

    However, Rob Foster, who has served in the role for more than two years, is transitioning to another role in the federal government — moving to fill the deputy CIO role at the National Credit Union Administration.

    The cybersecurity coordinator for President Obama’s White House said the administration can survive the turnover, but that it could cause long-term problems.

    “As a general rule, the immediate departure of a few individuals is not going to make a difference in the federal government’s overall vulnerability over the short term,” said Obama cybersecurity coordinator Michael Daniel.

    “When you have personnel vacancies at the top, the impact is felt on long-term cybersecurity efforts and incident response,” he said. “For the first, you don’t have someone to drive the needed policy changes and oversee implementation. For the second, you don’t have a leader to manage the response efforts.”

    The Environmental Protection Agency’s chief information security officer (CISO) is also reportedly stepping down this month. Sean Kelley, who has been on the job since January, is said to be taking a position at the IT and defense company Leidos. The agency did not return a request for confirmation of his resignation.

    Experts say the longer these positions remain unfilled, the tougher it will be to enact policy changes, including those laid out in President Trump’s executive order on strengthening cybersecurity signed in May.

    “It can really paralyze an organization until new leadership [arrives],” said James Norton, who served in a cybersecurity role at the Department of Homeland Security during the George W. Bush administration.

    Specific authorities of CIOs range from agency to agency, though they are broadly tasked with overseeing policy and security decisions when it comes to their individual government body’s IT infrastructure. Some CIOs are political appointments, while others are not.

    Several occupants of these positions are currently serving on an acting basis, including those at the Departments of Commerce, Transportation and Veterans Affairs and the Environmental Protection Agency.

    “It is definitely incumbent on the administration to have every position filled by the end of the year,” said Norton. “If they’re not able top do that, I think that’s troubling.”

    Trump has made some progress filling federal cybersecurity-related roles. White House homeland security adviser Tom Bossert, on board since the start of the administration, is widely credited with spearheading Trump’s cybersecurity executive order. The administration has also brought on Rob Joyce, a former National Security Agency official, to manage the federal government’s cybersecurity policy efforts at the National Security Council. Read More.