Beltway Report
MOU on Supervisory Coordination
Five federal supervisory agencies released a Memorandum of Understanding (MOU) clarifying how the agencies will coordinate their supervisory activities, consistent with the Dodd-Frank Act. Section 1025 of the Dodd-Frank Act requires that the CFPB and the prudential regulators—the FRB, FDIC, NCUA, and OCC—coordinate important aspects of their supervision of institutions with more than $10 billion in assets and their affiliates. The MOU is intended to establish coordination and cooperation between the CFPB and the prudential regulators, minimize unnecessary regulatory burden, and decrease the risk of conflicting supervisory directives. Under the MOU, the agencies will coordinate examinations and other supervisory activities and share certain material supervisory information.
First Impressions
Banking organizations required to file resolution plans, or "living wills," received some additional instruction on July 3, 2012, when the FDIC and FRB released the public portions of the living wills that had been submitted on July 2, 2012. These submissions marked the first wave of filings, those by nine banking institutions with U.S. operations and $250 billion or more in nonbank assets. The living wills are required by section 165(d) of the Dodd-Frank Act, and the requirement extends to all banking organizations with $50 billion or more in consolidated assets. The $50 billion threshold applies to assets located outside the U.S. as well as within; as a result, more than 90 foreign banking organizations (FBOs) are expected to file resolution plans.
The next wave of filings will come ashore on July 1, 2013, when banking organizations with $100 billion or more in total nonbank assets must submit living wills. The remainder of the organizations subject to the requirement must submit living wills by December 31, 2013. The FDIC has made available the public sections of the initial resolution plans submitted to the FDIC and FRB under Title I of the Dodd-Frank Act. Firms in this group include U.S. bank holding companies with $250 billion or more in total nonbank assets and foreign-based bank holding companies with $250 billion or more in total U.S. nonbank assets. Although the public portions of the resolution plans that were filed on July 2, 2012, do not give much indication of exactly how any of those filing organizations might be resolved, they do contain important information for those organizations required to file resolution plans next year. For a more in-depth discussion, please review our client alert at: http://www.mofo.com/files/Uploads/Images/120705-Living-Wills-Public-Portions-Released.pdf .
Once Burned, Twice Shy
The Basel Committee on Banking Supervision published its Compilation of Capital Disclosure Requirements (Disclosure Rules) setting forth a uniform scheme for Basel II banks to disclose the composition of their regulatory capital. These rules are intended to be implemented by national supervisors by June 30, 2013, and affected banks will be expected to comply with all but one of the new requirements for any balance sheet financial statements published after that date. One fully phased-in requirement, a "common disclosure template," becomes effective on and after January 1, 2018. In announcing these rules, the Basel Committee noted that the financial crisis revealed the difficulties that market participants and national supervisors had in their efforts to undertake detailed assessments of banks' capital positions and make cross-jurisdictional comparisons, as a result of "insufficiently detailed disclosure" by banks and a lack of consistency in reporting between banks and across jurisdictions. The Disclosure Rules are intended to address these perceived disclosure deficiencies, and promote uniform and meaningful capital disclosures within and across national jurisdictions. Basel II banks in the U.S. can expect future banking agency rulemaking to implement the Disclosure Rules. These rules presumably will be integrated with the disclosure provisions in the new capital and resolution planning regulations. Review of the announcement should not be limited to Basel II banks in the U.S., however; as with other Basel standards, the Disclosure Rules may lead to new disclosure requirements for a large number of non-Basel II banks in the U.S. For a more in-depth look at the issue, please review our client alert at: http://www.mofo.com/files/Uploads/Images/120627-New-Basel-Disclosure-Rules.pdf .
Proposed Capital Rules
On June 12, 2012, the OCC, FRB, and FDIC proposed for comment, in three separate but related proposals, significant changes to the U.S. regulatory capital framework: the Basel III Proposal, which applies the Basel III capital framework to almost all U.S. banking organizations; the Standardized Approach Proposal, which applies certain elements of the Basel II standardized approach for credit risk weightings to almost all U.S. banking organizations; and the Advanced Approaches Proposal, which applies changes made to Basel II and Basel III in the past few years to large U.S. banking organizations subject to the advanced Basel II capital framework. Comments on the three proposals were due September 7, 201 For a more in-depth look at the proposals, please review our client alerts at: http://www.mofo.com/files/Uploads/Images/120613-Federal-Banking-AgenciesRegulatory-Capital-Proposals-Summary.pdf and http://www.mofo.com/files/Uploads/Images/120613Banking-Agencies-New-Regulatory-Capital-Proposals.pdf .
Appraisals for Higher-Risk Mortgages
The FRB, CFPB, FDIC, FHFA, NCUA, and OCC issued a proposal to establish new appraisal requirements for "higher-risk mortgage loans." This would implement amendments to the Truth in Lending Act enacted by Dodd-Frank. Under Dodd-Frank, mortgage loans are higher-risk if they are secured by a consumer's home and have interest rates above a certain threshold. For higher-risk mortgage loans, the proposal would require creditors to use a licensed or certified appraiser who prepares a written report based on a physical inspection of the interior of the property. The proposal would require creditors to disclose to applicants information about the purpose of the appraisal and provide consumers with a free copy of any appraisal report. Creditors would also have to obtain an additional appraisal at no cost to the consumer for a home-purchase higher risk mortgage loan if the seller acquired the property for a lower price during the past six months, which would address fraudulent property flipping by seeking to ensure that the value of the property being used as collateral legitimately increased. Comments on the proposal are due October 15, 2012.
Some Reprieve on Getting Stressed
The OCC, FDIC, and FRB separately announced that they are considering a delay of the implementation timeline for the annual capital-adequacy stress testing requirement under Section 165 of the Dodd-Frank Act for banks and other covered financial institutions with consolidated assets between $10 billion and $50 billion. The changes would delay implementation until September 2013 for covered institutions with total consolidated assets between $10 billion and $50 billion. Under a proposed rule, financial institutions with more than $10 billion in assets would have to conduct annual capital-adequacy stress tests. As proposed, the stress-testing requirements would become effective immediately upon the issuance of a final rule. The proposed rule is still under consideration at this time. The agencies are considering a timeline under which covered institutions with assets from $10 billion to $50 billion would be required to conduct initial stress tests in accordance with the rule in late 2013. The delay would help ensure that all covered institutions have sufficient time to develop sound stress-testing programs.
Regulation HH
The FRB announced the approval of a final rule establishing risk-management standards for certain financial market utilities (FMUs) designated as systemically important by the Financial Stability Oversight Council. The final rule also establishes requirements for advance notice of proposed material changes to the rules, procedures, or operations of certain designated FMUs. FMUs, such as payment systems, central securities depositories, and central counterparties, provide the infrastructure to clear and settle payments and other financial transactions. The final rule implements two provisions of Title VIII of the Dodd-Frank Act. It establishes risk-management standards governing the operations related to the payment, clearing, and settlement activities of designated FMUs, except those registered as clearing agencies with the SEC or as derivatives clearing organizations with the CFTC. The risk management standards are based on the recognized international standards developed by the Committee on Payment and Settlement Systems (CPSS) and the Technical Committee of the International Organization of Securities Commissions (IOSCO) that were in existence at the time of the proposed rulemaking, which were incorporated previously into the Board's Policy on Payment System Risk. The final rule became effective on September 14, 2012.
Corporate Debt Securities Investment Ban
The FDIC issued a final rule that prohibits federally insured state and federal savings associations from acquiring or holding a corporate debt security when the security's issuer does not have an adequate capacity to meet all financial commitments under the security for the projected life of the security. The rule was issued under Section 939(a) of the Dodd-Frank Act and released as a Financial Institution Letter. Before acquiring a corporate debt security, and periodically thereafter, a savings association must determine that an issuer has adequate capacity to meet all financial commitments under the security for the projected life of the security. FDIC standards of creditworthiness will be satisfied if an issuer presents a low risk of default and is likely to make full and timely repayment of principal and interest. A due diligence analysis may include consideration of internal analyses, third-party research, and analytics including internal risk ratings, the default statistics of external credit rating agencies, and other sources of information appropriate for the particular security. The range and type of specific factors an institution should consider will vary depending on the particular type and nature of the security. The FDIC does not expect the final rule to change the scope of permissible corporate debt securities investments. That is, if a corporate bond was a permissible investment prior to this final rule (because it was rated in one of the four highest categories), a bond with similar default probabilities will be permissible under this rule. The rule applies to all savings associations regardless of asset size, and savings associations must be in compliance with this rule by January 1, 2013.
Can You Keep a Secret?
The FDIC issued a Financial Institution Letter in which it discouraged insured depository institutions from passing on fees to customers as "deposit insurance fees," "FDIC fees," or other similarly described fees. While institutions are not prohibited from passing on the costs of deposit insurance to customers, they should refrain from "specifically designating that a customer fee is for deposit insurance" and from stating or implying that the FDIC is charging such a fee [to the customer]. By passing on FDIC fees to customers, an institution could violate the prohibition against disclosure of confidential examination and supervisory information, as the fees imposed by the FDIC reflect its risk-based supervisory evaluation of the applicable institutions. Moreover, fees labeled as "FDIC fees" may be misleading if "they are not reasonably related to the proportional cost of deposit insurance allocable to a particular customer...." Institutions usually try to recoup the costs of deposit insurance by imposing such charges on business customers and do not charge the fees to consumer accounts.
SCRA Violations Take Center Stage
The OCC announced enforcement actions against Capital One, N.A., and Capital One Bank (USA), N.A., for violations and compliance deficiencies related to the Servicemembers Civil Relief Act (SCRA). The enforcement actions require the banks to take prompt action to correct deficiencies in their SCRA compliance programs. First, the enforcement actions require the banks to improve their policies and procedures for determining whether servicemembers who request certain benefits provided by the SCRA are eligible for such benefits, ensuring that the SCRA benefits are calculated correctly, and verifying the military status of servicemembers prior to seeking or obtaining a default judgment. Second, the enforcement actions require the banks to ensure the retention of accurate and complete records that document the basis for decisions regarding servicemembers' eligibility for SCRA benefits or protections, and to develop and implement a comprehensive SCRA training program for employees. Third, the enforcement actions require the banks to establish robust oversight of and controls over their third-party vendors that provide marketing, sales, delivery, servicing, and fulfillment of services for the banks' financial products, such as credit card accounts, mortgage loans, motor vehicle finance loans, and consumer loans and lines of credit. The OCC's actions also require the banks to engage an independent firm to identify all servicemembers who were eligible for SCRA benefits or protections and who were financially harmed by the banks' violations of the SCRA.
Bureau Report
Can Maine and Tennessee Take Gift Card Breakage?
On August 21, 2012, the CFPB published a notice of intent to make a pre-emption determination on whether provisions of abandoned property laws in Maine and Tennessee that require issuers to remit unused gift card funds to the state prior to the time at which funds must be made available to the consumer under the federal EFTA should be preempted. In issuing the Notice, the CFPB is exercising its authority under Section 922 of the EFTA, which provides that the "Bureau shall, upon its own motion or upon the request of any financial institution, State or other interested party...determine whether a State requirement is inconsistent or affords greater protection." In making its determination, the CFPB will examine whether the state laws provide additional protections for consumers, or if the two sets of laws could exist in tandem. The comment period closes on October 22, 2012. For a summary of the notice, please see our client alert at: http://www.mofo.com/files/Uploads/Images/120824-CFPB.pdf .
CFPB Issues Compliance Bulletin on Marketing of Add-on Products
At the same time the CFPB brought its first official enforcement action against credit card giant Capital One regarding the sale of payment protection and credit monitoring services, also known as add-on products, the CPFB released guidance for other financial institutions regarding the marketing of add-on products. Though the title of the release specifically mentions the marketing of these products in relation to credit cards, the release's text clarifies that the CFPB expects all consumer financial services providers to adhere to the guidance's standards, regardless of what product the providers offer. For additional information, see our client alert at: http://www.mofo.com/files/Uploads/Images/120720-Add-on-Products.pdf .
CFPB Casts a Broad Supervisory Net over the Consumer Reporting Market
On July 17, 2012, the CFPB finalized its rule defining larger participants in the consumer reporting context. The rule casts a broad supervisory net, aggregating annual receipts from affiliated entities and alerting larger participants that CFPB considers its supervisory jurisdiction to extend to all of a covered person's activities, and not just those that caused it to be designated as a larger participant. For additional information, see our client alert at: http://www.mofo.com/files/Uploads/Images/120717-CFPB-Defining-Larger-Participants.pdf .
The CFPB also released examination guidance. The CFPB's exam procedures marked the Bureau's first major attempt to exercise its statutory authority to supervise larger participants. In the procedures, examiners are instructed to review how consumer reporting agencies that are larger participants use information, handle consumer complaints, and prevent fraud and identity theft. For additional information, see our client alert at: http://www.mofo.com/files/Uploads/Images/120905-CFPB-Examination-Procedures-for-Larger-Participants.pdf .
Announcement of CFPB Advisory Board
In September, the CFPB announced the first slate of members for its Consumer Advisory Board. In addition to several consumer advocates, members include regulators and industry representatives, such as Donna Tanoue (former chair of the FDIC), Ellen Seidman (former director of the OTS), Jo Ann Barefoot (formerly a deputy Comptroller of the Currency), Jane Thompson (former head of financial services at Walmart), and Josh Silverman (current President for U.S. Consumer Services with American Express).
CFPB Proposes Two New Rules for Mortgage Servicers
August 10. The CFPB is implementing requirements on servicers included in the Dodd-Frank Wall Street Reform and Consumer Protection Act. The agency had announced in April it was reaching out for input.
Under the latest proposals, servicers would be required to provide regular statements that would include a breakdown of payments by principal, interest, fees, and escrow, as well as warnings about fees. In addition, servicers would have to provide earlier disclosures before the interest rate adjusts for most adjustable-rate mortgages.
Transparency in Force-Placed Insurance
The CFPB is proposing more transparency in the process of putting in place "force-placed insurance."
Servicers are responsible for ensuring borrowers maintain property insurance. If the borrower does not insure, the servicer has the right to purchase insurance to protect the lender's interest in the property.
However, this force-placed insurance is typically more expensive than insurance the borrower could privately purchase. So, the CFPB proposal requires servicers to give advance notice and pricing information before charging consumers for the insurance.
Under the proposal, the servicer would have to notify a borrower twice before the servicer charges the borrower for the insurance —first, at least 45 days before, and then again at least 15 days before. "These notices would have to provide the borrower with a good faith estimate of how much the force-placed insurance would cost," the CFPB said.
The servicer would also be required to end the insurance within 15 days if it gets evidence that the borrower has the necessary insurance and the insurer would refund the force-placed insurance premiums In another part of the proposal, the CFPB wants to require servicers to establish reasonable procedures to provide accurate and up-to-date information to borrowers. "They would have to submit accurate legal documents that comply with applicable law, help borrowers on options to avoid foreclosure, and provide oversight of their contractors and foreclosure attorneys," the CFPB said.
Furthermore, servicers would be required to address borrower concerns about possible errors. "They would have to acknowledge the notification of the error within five days and conclude an investigation within 30 days," the CFPB said. "Shorter timeframes would be imposed with respect to errors relating to foreclosures or payoffs."
CFPB Receives Fewer Credit Card Complaints Than Anticipated
In September 2012, in testimony at a Senate Banking Committee hearing, CFPB Director Richard Cordray indicated that the CFPB had not taken as many complaints about credit cards as it anticipated when it began collecting complaints last year. The Dodd-Frank Act requires the CFPB to provide information to Congress regarding consumer complaints. The CFPB developed its database to disclose the complaint data it receives and began publishing the data on its website so the data "can be analyzed by all interested parties." Initially, only complaints about credit cards were accepted, but the CFPB later expanded the database to accept complaints on other financial products and services, including mortgage loans, student loans, vehicle loans, and bank accounts. At present, however, only the detailed data concerning credit card complaints are made public. The CFPB began collecting credit card complaint data on the day the agency began operations, July 21, 2011. As of July 1, 2012, the data included approximately 18,800 credit card complaints. By comparison, there are approximately 386 million credit card accounts in the U.S., so the complaint rate is only 0.0049 percent. Despite industry objections, including concern that releasing the complaint data may actually mislead, rather than inform, consumers because the data are is incomplete, unrepresentative, and unverified, the CFPB published the credit card complaint data.
The CFPB Strikes Again
On September 24, 2012, the FDIC and CFPB released the terms of their joint consent order with Discover Bank regarding the bank's sales of credit card add-on products. The release marks the culmination of a more than year-long investigation by the FDIC and CFPB, something which Discover had previously disclosed through SEC filings. The consent order details Discover's practices and products, which include sales of payment protection, credit score tracking and identity theft protection products from December 2007 through August 2011. Discover sold these products through a combination of both internal staff and third-party vendors, marking a slight distinction from the Capital One consent order. Pursuant to the order, Discover will refund approximately $200 million in fees to current and former customers, as well as pay a $14 million fine, evenly split between the U.S. Treasury and the CFPB's Civil Penalty Fund.
Links to the order and the FDIC's accompanying press release may be found below. Please contact Leonard Chanin, Andrew Smith and Obrea Poindexter.
Joint FDIC-CFPB Consent Order with Discover
Operations Report
Terrible Twos
On July 21, 2012, the Dodd-Frank Act turned two years old. The Act required several hundred new regulations and, not surprisingly for a statute of this magnitude and complexity, the regulators have not been able to keep full pace with the timeline in the statute. Nevertheless, major regulations are taking shape, including those for systemically important banks and financial institutions, swaps and derivatives, and consumer protection. For additional information, read our anniversary publication at: http://www.mofo.com/files/Uploads/Images/120703DoddFrank-Year2Book.pdf .
The Volcker Rule Goes Overseas
U.S. financial regulators figure the Volcker Rule is such a good idea we shouldn't keep it all to ourselves. So, we won't. In general, if a non-U.S. institution has a branch or agency office in the U.S. or controls a bank chartered in the U.S., then all operations of the institution are covered by the Rule. For example, the Rule would allow a U.S. agency to force a non-U.S. banking organization to cease a non-U.S. activity on the ground that the activity is "high risk." For additional information, read our client alert at: http://www.mofo.com/files/Uploads/Images/120611Extraterritoriality-Volcker-Rule.pdf .
Regulatory Capital Proposals
In probably the most important bank regulatory development of the summer, the Federal banking agencies proposed three sets of regulatory capital requirements based largely on new international standards known as Basel III. Perhaps the most significant feature of the Proposal is that it will extend large parts of a regulatory capital regime that was originally intended only for large, internationally active banks to all U.S. banks and their holding companies, other than the smallest bank holding companies.
The first proposed set of regulations, known as the Basel III Proposal, calls generally for higher-quality capital, including proportionally greater amounts of common stock, through a new measurement known as the common equity Tier 1 ratio. The second proposal, known as the Standardized Approach Proposal, would impose new and generally higher capital charges that likely will cause banks to limit home mortgage lending and restrict commercial real estate lending. The third proposal, known as the Market Risk Proposal, seeks to strengthen the charges on assets traded by large banks. Comments on the proposals are due by Oct. 22, 2013. The agencies have a self-imposed deadline of Dec. 31, 2012, to issue a final rule, but they are unlikely to meet the deadline.
For additional information, read our client alert at: http://www.mofo.com/files/Uploads/Images/120613-Federal-Banking-Agencies-Regulatory-Capital-Proposals-Summary.pdf .
Living Wills
On July 2, 2012, five of the largest U.S. bank holding companies and four of the largest foreign banking organizations submitted proposed "living wills" to the FRB and FDIC. The living wills explain how a banking institution could be wound down if it became insolvent or becomes unmanageable stress. Much of the content of the living wills is confidential, but the public portions describe governance structures that the organizations have set up to deal with a crisis. The U.S. regulators still have much to do, particularly in working with their foreign counterparts. For additional information, read our client alerts at http://www.mofo.com/files/Uploads/Images/120629-Living-Wills-The-First-Submissions.pdf and http://www.mofo.com/files/Uploads/Images/120705-Living-Wills-Public-Portions-Released.pdf
Arbitration Report
Cal Court Kiboshes Anti-Concepcion Contentions
After Concepcion, plaintiffs have attempted to argue that the Federal Arbitration Act does not pre-empt state statutes that expressly permit class actions. A California appellate court said "no" to those arguments, holding that the FAA pre-empts any statutory right to a class action under California's Consumers Legal Remedies Act. See Caron v. Mercedes-Benz Financial Services USA LLC et al., 208 Cal. App. 4th 7 (2012). The CLRA expressly authorizes consumers to bring a class action to enforce the Act's provisions and declares that "any waiver by a consumer of [its] provisions ... is contrary to public policy and shall be unenforceable and void." Cal. Civ. Code § 1751. Still those claims must be arbitrated. Welcome to the drum circle
Gentry Still Alive in California Post-Concepcion and Stolt-Nielsen
In Truly Nolen of America v. Superior Court, 208 Cal. App. 4th 487 (2012), theCalifornia Court of Appeal held that theCalifornia Supreme Court's holding in Gentry v. Superior Court, 42 Cal. 4th 443(2007), is still binding even after the U.S.Supreme Court's decisions in Concepcion and Stolt-Nielsen. Gentry held that a courtcan decline to enforce a class waiver,but still enforce an arbitration agreementif consideration of factors such as themodest size of the potential individualrecovery supports that result. Thoughfinding Gentry's rationale to have beenput into doubt by Concepcion, the Court ofAppeal found itself constrained by Gentry.So, Gentry is thus alive and well for now.
Federal Legislation to Ban Arbitration of Debt Collection
Though little has happened in Congresswith respect to the Arbitration FairnessAct (H.R. 1873 and S. 987), which wouldinvalidate all mandatory pre-disputeagreements to arbitrate employment,consumer and civil rights disputes,Congress has been busy on otherfronts. On May 17, Rep. Barney Frank(D-MA) introduced legislation (H.R.5794, the "Fair Debt Collection PracticesClarification Act") that would prohibit debt collectors from using arbitration as a means of collecting a debt unless the consumer agrees in writing to resolve the matter by arbitration after collection activities are initiated and a legal action or dispute arises. No comparable legislation has been introduced in the Senate.
Federal Legislation to Ban Arbitration as Condition of Receiving Loan Modification
Rep. Maxine Waters (DCA) has introduced legislation (H.R. 1567) that would amend RESPA to prohibit the mortgagee from requiring homeowners to waive rights to file suit or to agree to arbitration as a condition of accepting an offer of loss mitigation activities upon default of the homeowner. No further action has been taken since the bill was referred to the House Financial Services Committee.
Mortgage Report
Jumping on the Bandwagon
California was the first state to enact foreclosure legislation codifying provisions in the National Mortgage Settlement. The law requires mortgage servicers to ensure borrowers have a "meaningful opportunity" to be considered for foreclosure prevention alternatives. New hoops to jump through in the foreclosure process, more delays in that process, loan modification procedures, and the threat of very large penalties and payment of attorney's fees are all part of the package. Smaller (i.e., more likely to be local) servicers are exempt from the more onerous requirements. We predict more litigation as well as pre-emption challenges to follow. Want the details? Read our client alert at http://www.mofo.com/files/Uploads/Images/120711-CAForeclosure.pdf .
New Guidelines for Communications with Military Homeowners
Financial regulators issued new guidance aimed at increasing disclosures to homeowners actively serving in the military. The FRB, FDIC, OCC, CFPB, and NCUA recommended in June that loan servicers provide additional disclosures to servicemembers who receive a permanent change of station (PCS). The CFPB said the guidance aims to ensure that servicers give "clear, accurate, and timely information about available options such as loan modification or short sale." The CFPB noted that each year, about one-third of servicemembers receive a PCS. Related legislation is also working its way through Congress. Senate Bill 3323, the "Military Family Home Protection Act of 2012," would expand current protections for servicemembers by providing additional foreclosure relief and imposing a 12-month stay of foreclosure under certain circumstances. The bill is currently in committee. The House has already approved a similar bill.
10th Circuit: TILA Statute of Repose Means What It Says
In Rosenfield v. HSBC Bank NA, the Tenth Circuit rejected as untimely a homeowner's bid to rescind her mortgage under TILA. Rosenfield argued that even though she sued one month after TILA's three-year statute of repose expired, her earlier notice of rescission ought to save her claim. The CFPB filed an amicus brief on the borrower's behalf. The Tenth Circuit drew a clear line: a borrower must file a rescission claim within three years of origination, and that's that. To hold otherwise, it said, would cause uncertainty, delay foreclosure sales, and hurt the housing market. The decision sets up a circuit split. As we reported in our Summer 2012 newsletter, the Fourth Circuit recently held in Gilbert v. Residential Funding LLC that TILA does not create a hard stop at three years.
Oh Say Can You OCC
The OCC and FRB issued a new framework that could force banks to rescind foreclosures or pay out more than $125,000 each to homeowners harmed by foreclosure errors. Eligible borrowers may also receive foreclosure suspension and loan assistance. There's no cap on the total payout. Banks have already been doing comprehensive reviews of their foreclosure activity in 2009 and 2010, including working with independent consultants and changing their mortgage servicing practices. This is all on top of the nearly $400 million in civil penalties lenders have already paid the OCC. And it's not over yet: borrowers recently got two more months to ask for review of foreclosure. The new deadline is September 30, 2012.
HAMP Litigation in Its Terrible Twos
As night follows day, litigation over the Home Affordable Modification Program (HAMP) began soon after the program launched in mid-2009. As we've previously reported, plaintiffs have pursued a variety of claims, but the core theory is that borrowers who received a HAMP Trial Payment Plan (TPP) were guaranteed a permanent loan modification, regardless of whether or not they actually qualified under HAMP guidelines. About a third of these cases were dismissed outright, and a few of those decisions have now made their way to the appellate courts. The Fourth and Eleventh Circuits and the California Court of Appeal held that the TPP does not promise a permanent modification. The Seventh Circuit held differently, but based its decision on the fact that the servicer countersigned the TPP. The Ninth Circuit is expected to issue a decision in the next few months.
Proposed "Disparate Impact" Rule Looms
Put on your beer goggles. HUD appears to be poised to issue an aggressive new rule under the Fair Housing Act. The rule would authorize the government and private plaintiffs to sue lenders based on lending practices with an alleged "disparate impact" on protected classes—even if there is no evidence that the lender intended to discriminate. The rule would also shift the burden onto defendants to prove that the challenged practice has a "necessary and manifest relationship" to "legitimate, non-discriminatory interests." Even if the lender clears that hurdle, a plaintiff could still win by identifying a theoretical, alternative policy with a "less discriminatory effect." We're continuing to monitor, but we note for now that the Fair Housing Act may not even authorize disparate claims. The Supreme Court was about to decide the question in Magner v. Gallagher, but the defendant the City of St. Paul dropped the appeal because it was concerned its win would "completely eliminate 'disparate impact' civil rights enforcement."
Privacy Report
Federal Cybersecurity Effort Stalled Before Recess
Although the issue of cybersecurity and securing the nation's critical cyber infrastructure received heightened attention in the Senate since the last Newsletter, the various Senate bills remain stagnant. The primary bill that received consideration in the Senate has been S. 3414, introduced by Senator Lieberman. S. 3414, among other things, would create what has been dubbed as a "voluntary" program lead by the Department of Homeland could choose to enroll and comply. The Republican alternative sponsored by Senator McCain would take a narrower approach and focus on improving information sharing between the government and private sector without imposing a new regime for protection of systems and assets. In light of election year politics, the chance of passage of cybersecurity legislation during this Congress is slim. Even if the Senate were to miraculously pass a bill this year, the conference process likely would be complicated by the fact that the House passed bills are significantly narrower in scope to S. 3414.
FTC Enforcement Authority Called into Question
On August 27, 2012, Wyndham Hotel & Resort filed a motion to dismiss the FTC's case in federal court against the company. Specifically, the FTC commenced an enforcement action against Wyndham under Section 5 of the FTC Act for failure to maintain reasonable and appropriate data security protections. Wyndham, in its motion to dismiss, argues that the FTC does not have the authority under Section 5 of the FTC Act to regulate private companies' data security practices. This case, which has the potential to be the first litigated Section 5 case, could be significant. The FTC frequently uses the threat of litigation to induce companies to settle Section 5 data security cases. If the court were to agree with Wyndham's arguments, it would be a significant blow to the FTC, which historically has used Section 5 as a mechanism to bring data security enforcement actions against companies that are not otherwise subject to the FTC's Safeguards Rule issued under the GLBA.
FFIEC Cloud Computing Guidance
On July 10, 2012, the Federal Financial Institutions Examination Council (FFIEC) issued a joint interagency statement on the use by financial institutions of outsourced cloud computing services, and the key risks associated with such services. In general, the FFIEC considers cloud computing as a migration from owned resources to shared resources in which client users receive information technology services, on demand, from third-party service providers via the Internet "cloud." In this regard, the FFIEC clarified that risk management principles of the IT Handbook relating to outsourcing apply equally to outsourced cloud computing. For example, vendor management, information security, audits, legal and regulatory compliance, and business continuity planning are key elements of sound risk management and risk mitigation controls for cloud computing. For additional information, read our client alert at: http://www.mofo.com/files/Uploads/Images/120711-Federal-Financial-Agencies-Issue-Cautionary-Statement.pdf .
First Circuit Finds Bank's Security Commercially Unreasonable
On July 3, 2012, the First Circuit reversed a lower court's ruling finding that a bank's information security requirements were not commercially reasonable security controls under Article 4A of the UCC. In the case at issue, a construction company sued its bank after more than $500,000 of fraudulent wire transfers were made from the company's account. Article 4A of the UCC, critical to the decision, allocates the risk of loss for unauthorized electronic transfers to the bank that receives the transfer order if the bank's information security controls are not "commercially reasonable." Of note, the bank, at the time of the incident, was reportedly in compliance with the FFIEC multi-factor authentication guidance.
Federal Court Rejects Plaintiffs' Claims Relating to Countrywide Breach
On July 12, 2012, a federal court dismissed litigation against Countrywide and Bank of America relating to a 2008 Countrywide security breach. Similar to other breach related litigation, the court found that, among other things, the plaintiffs (who had opted out of a class action settlement) had failed to present a reasonable basis for recovery for the "risk of future identity theft." among other things, the plaintiffs (who had opted out of a class action settlement) had failed to present a reasonable basis for recovery for the "risk of future identity theft." among other things, the plaintiffs (who had opted out of a class action settlement) had failed to present a reasonable basis for recovery for the "risk of future identity theft."
Vermont Owes $2 Million to Data Miners
On July 17, 2012, a federal court awarded three data mining companies $2.2 million in attorney fees and expenses after successfully challenging a Vermont law in the U.S. Supreme Court. The Vermont law prohibited pharmacies from selling or disclosing information identifying physicians and the medications that they prescribe for marketing purposes. In June of last year, the Supreme Court held that the Vermont law violated freedom of speech rights under the First Amendment.
California AG Creates Privacy Enforcement and Protection Unit
On July 19, 2012, California Attorney General Kamala Harris announced the creation of a new unit within the Department of Justice's eCrime Unit: Privacy Enforcement and Protection Unit. The Unit's mission is broad in scope: to enforce federal and state laws regulating the collection, retention, disclosure, and destruction of private or sensitive information by individuals, organizations, and the government, including financial privacy, health privacy, identity theft, and security breach laws. The Unit will be staffed by six dedicated prosecutors.
NAAG Lists Digital Privacy as Top Priority
On June 22, 2012, the newly elected president of the National Association of Attorneys General ("NAAG"), Maryland Attorney General Douglas Gansler, indicated that "privacy in the digital age" would be the signature issue of his term. In this regard, the AG indicated that his initiative will bring the "legal weight of [NAAG] to investigate, educate and take necessary steps to ensure that the Internet's major players protect online consumer privacy while balancing their legitimate business interests."
NY Amends SSN Law
On August 14, 2012, the New York Governor signed into a law a bill (A. 8992) amending the existing New York SSN law. Among other things, A. 8992 provides that a business may not require an individual to disclose her SSN (or any number derived from her SSN) for any purpose unless an exception applies. In this regard, A. 8992 includes a wide variety of exceptions permitting the collection of SSNs, including collection by financial institutions. For example, A. 8992 permits the collection of SSNs for identity verification and fraud purposes and for any business function permitted under the GLBA.
Plastics Report
FRB Final Rule on Debit Interchange Fraud-Prevention Adjustment
On August 3, 2012, the FRB published its final rule to allow an adjustment for fraud prevention costs in calculating debit interchange fees. Like the interim final rule, the final rule allows a debit card issuer to receive or charge an amount of no more than 1 cent per debit card transaction (in addition to interchange) if the issuer develops and implements policies and procedures reasonably designed to reduce the occurrence of, and costs to all parties from, fraudulent electronic debit transactions. To receive an adjustment, an issuer will have to annually review its fraud-prevention policies and procedures, and their implementation, and notify the payment card networks that the issuer is in compliance with the FRB's standard. An issuer also will need to update its policies and procedures as necessary in light of their effectiveness and, as currently required, in light of changes in the types of fraud and available methods of fraud prevention.
Preemption Report
Slam Dunk
The California Supreme Court held in a unanimous opinion that the NBA pre-empts California's statute that specifies detailed disclosure rules for convenience checks. Parks v. MBNA America Bank, N.A., 54 Cal.4th 376 (2012). A MoFo team provided amicus support to MBNA America Bank on behalf of the American Bankers Association and the California Bankers Association in a ruling that will provide powerful ammunition to national banks in future cases. The opinion quotes at length from arguments in the amicus brief in rejecting the lower court's holding that, to establish preemption, a bank must make a "factual showing" that the disclosure requirement significantly impairs a banking power. For more information, see our client alert at: http://www.mofo.com/files/Uploads/Images/120622-Parks-v-MBNA.pdf .
Same Words, Different Result
Labels seem to be winning the day in preemption battles across the country. California federal courts have almos tuniformly held a state statute requiring servicers to contact borrowers regarding foreclosure alternatives is preempted by OTS regulations as state-law regulation of mortgage "processing, origination, and servicing." Although this same category of state statutes also is expressly preempted by the OCC regulations, a California federal court held recently that the same statute is not preempted by those regulations. The court relied on the OTS's decision to occupy the field, but did not explain how the statute constitutes mortgage servicing under one set of regulations, but not the other. Tamburri v. Suntrust Mortgage, Inc., 2012 U.S. Dist. LEXIS 86360 (N.D. Cal. 21, 2012).
At Least They're Consistent
A California appellate court ruled the same state-law foreclosure statute discussed in the previous entry is not preempted by the NBA and OCC regulations. Skov v. U.S. Bank National Association, 207 Cal. App. 4th 690, 699-702 (2012). The court followed and relied on the reasoning of an earlier appellate court ruling that the statute was not preempted by HOLA and the OTS regulations in light of the limited burden of complying and the narrow remedy for non-compliance. It is unclear whether either court's analysis survives the California Supreme Court's ruling in Parks v. MBNA.
Be Careful What You Ask For
A federal court in San Francisco held FCRA preempts a state-law UDAAP claim for injunctive relief based on a FCRA violation. Quadrant Information Services, LLC v. LexisNexis Risk Solutions, Inc., 11- 6648, 2012 U.S Dist. LEXIS 108589 (N.D. Cal. Aug. 2, 2012). Because Congress specified in FCRA that only the FTC could seek equitable relief, the court concluded plaintiff could not evade this limitation by seeking an injunction under state law.
Who's at the Table?
The players: non-federally chartered institution who originated the mortgage loan; federal thrift that table funded the loan and took possession of the note the day after it closed; and borrower who contends the loan violated a state predatory lending law that imposed disclosure and other requirements on "high-dollar loans," as defined by the statute. Does federal preemption apply? Yes, according to a Massachusetts bankruptcy court. In re Thomas (Thomas v. Citimortgage, Inc.), 10-40549, 2012 Bankr. LEXIS 3924 (Bankr. D. Mass. Aug. 27, 2012). The court concluded the federal thrift's advance of the loan funds and the assignment of the loan to the federal thrift made it the "functional equivalent of the original lender." Id. at *19. As a result, the court rejected the borrower's claims for violation of a state predatory lending statute that imposed requirements on "high-cost loans," finding they were preempted by federal law.
Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.
© Morrison & Foerster LLP. All rights reserved
