REGULATORY DEVELOPMENTS
FDIC SEEKS COMMENT ON SUPERVISORY APPROACH TO EXAMINATIONS DURING PANDEMIC
The FDIC has requested public comment on its supervisory approach to examinations during the COVID-19 pandemic. The FDIC conducts periodic safety and soundness examinations of state chartered insured depository institutions that are not members of the Federal Reserve System, for which the FDIC is the primary federal supervisory agency, pursuant to Section 10(d) of the Federal Deposit Insurance Act. This statute require that each federal banking agency conduct a full-scope on site examination of each institution it supervises at least once every twelve months, but it permits a longer 18-month examination cycle for certain qualifying institutions. The request for public comment notes that FDIC examiners have long used to technology to perform certain aspects of examinations offsite but notes that the agency directed that all examination activities be conducted offsite as a result of the pandemic. The request seeks public comment on “what worked well in the offsite examination context” to enable the FDIC to streamline and improve the efficiency of examinations going forward.
FDITECH LAUNCHES TECH SPRINT TO MEASURE AND TEST BANK OPERATIONAL RESILIENCY
On August 16, the FDIC’s tech lab, FIDTECH, announced a “tech sprint,” tasking financial institutions, particularly community banks, with identifying a set of measures, data, tools or other capabilities to use to determine and test their operational resilience against a disruption. FIDTECH is launching the tech sprint due to an increasing number of attacks to the U.S. financial sector’s information technology systems and a concern over the sector’s preparedness. The goal is to encourage financial institutions to think creatively to figure out how to create stronger operational resiliency in the banking industry against various cyber threats. Ultimately, FIDTECH hopes this first of many tech sprints will both improve sector-wide resilience and maintain public confidence in the stability of the U.S. financial sector.
If a financial institution wishes to participate in the tech sprint, they should submit an application once FIDTECH opens registration. After a review of the submissions, FIDTECH will invite a select number of teams to develop proposed solutions. The teams will then make presentations to a panel of judges. The presentations will be publicized and winners in various categories will be chosen. There are no monetary prizes.
NEW GUIDANCE ON AUTHENTICATION AND ACCESS TO FINANCIAL INSTITUTION SERVICES AND SYSTEMS
The FFIEC recently issued new guidance titled Authentication and Access to Financial Institution Services and Systems. The new guidance replaces previously issued guidance regarding authentication in an internet banking environment and addresses assessment of risk related to access and authentication, authentication practices for various types of users and effective use of multi-factor authentication and other equivalent controls.
“We hope to excite the imaginations of those who see the tremendous possibilities innovation can bring to our banking system. I challenge participating teams to think at a deeper level about how we can harness the power of technology to create a more inclusive financial system.”
– FDIC Chief Innovation Officer Sultan Meghji
FINRA REMINDS FIRMS OF THEIR SUPERVISORY OBLIGATIONS RELATED TO OUTSOURCING TO THIRD-PARTY VENDORS
On August 13, FINRA issued a Notice reminding firms of their supervisory obligations when utilizing third-party vendors that perform core business and regulatory oversight functions (the Notice). While the Notice does not create new legal or regulatory requirements or new interpretations of existing requirements, it reiterates that member firms are obligated to establish and maintain a supervisory system, including written supervisory procedures, for any activities or functions performed by third-party vendors, including any sub-vendors that are reasonably designed to achieve compliance with applicable securities laws and regulations and with applicable FINRA rules.
FINRA ALERTS FIRMS TO A PHISHING EMAIL CAMPAIGN USING MULTIPLE IMPOSTER FINRA DOMAIN NAMES
On August 13, FINRA issued a Special Alert warning member firms of an ongoing phishing campaign involving fraudulent emails purporting to be from FINRA and using one of at least three imposter FINRA domain names:
The fraudulent email asks the recipient to click a link to “view request” and provide information to “complete” that request, noting that “late submission may attract penalties.” FINRA warns that none of these domain names are connected to FINRA and recommends that anyone who clicked on the link to immediately notify the appropriate individuals in their firm of the incident.
LIQUIDITY: UPDATED COMPTROLLER’S HANDBOOK BOOKLET AND RESCISSIONS
On August 16, the OCC issued an updated “Liquidity” booklet of the Comptroller’s Handbook, which is prepared for use by OCC examiners in connection with the examination and supervision of national banks, federal savings associations, and federal branches and agencies of foreign banking organizations (collectively, banks). The updated handbook: discusses risks associated with liquidity; includes information and examination procedures about liquidity coverage ratio and net stable funding ratio requirements; reflects changes in regulations since the booklet was last updated; reflects relevant OCC issuances published since the booklet was last updated; includes clarifying edits regarding supervisory guidance, sound risk management practices, or legal language; and revises certain content for general clarity.
LITIGATION & ENFORCEMENT
SUPREME COURT PARTIALLY BLOCKS NEW YORK EVICTION MORATORIUM; BLOCK OF FEDERAL EVICTION MORATORIUM LIKELY TO FOLLOW
Eviction moratoria at both the state and federal levels are appearing increasingly vulnerable. On August 12, the U.S. Supreme Court partially enjoined New York’s eviction moratorium, concluding that the state’s “self-certification” procedure likely violates due process. A renewed challenge to the U.S. Centers for Disease Control and Prevention’s moratorium is expected to land at the Supreme Court by the beginning of next week. While the Court narrowly declined to enjoin the prior iteration of the federal moratorium at the end of June, the Court will likely block the new moratorium.
Read the client alert for Goodwin’s take on these developments.
