OCC Identifies Safety and Soundness Risks to National Banks and Federal Savings Associations and Supervisory Priorities

Ballard Spahr LLP
Contact

A new report issued by the federal Office of the Comptroller of the Currency (OCC) identifies top safety and soundness risks to national banks and federal savings associations, as well as OCC supervisory priorities for the next 12 months. Semiannual Risk Perspective for Spring 2015 reflects bank financial data as of December 31, 2014. Although the report is directed at banks supervised by the OCC, it should not be ignored by state-chartered depository institutions.

Following are key risks and supervisory priorities identified by the OCC.

Cybersecurity

Banks and their employees, customers, and third-party service providers are vulnerable to evolving cyber threats that can compromise data or systems and allow criminals to illegally obtain personally identifiable data. OCC examiners will review a bank’s program for assessing and mitigating such threats and vulnerabilities. OCC reviews will include assessments of data and network protection practices, business continuity practices, risks from vendors, and compliance with any new guidance. (The Federal Financial Institutions Examination Council recently released its Cybersecurity Assessment Tool to help financial institutions identify cybersecurity risks and determine their level of cybersecurity preparedness. The OCC announced it will incorporate the Assessment Tool into its examinations of financial institutions subject to its jurisdiction in late 2015. Ballard Spahr has scheduled an August 4, 2015 webinar on the Assessment Tool)

Use of Third Parties

To lower overhead expenses, banks are outsourcing critical functions to third-party providers without establishing the risk management processes necessary for appropriate oversight and controls to monitor associated risks. An assessment of a bank’s operational risk by OCC examiners will include a focus on third-party risk management. The OCC, the other federal banking regulators, and the Consumer Financial Protection Bureau (CFPB) have been beating this drum for several years.

Compliance

Banks are subject to high compliance risk that includes:

1) Bank Secrecy Act/Anti-Money Laundering (BSA/AML) risks (with the OCC observing that “BSA programs at some banks have failed to develop or incorporate appropriate controls as products and services have evolved, and insufficient resources and expertise have been devoted to BSA/AML in some banks.”);

2) risk of unfair or deceptive practices arising from the use of third parties to conduct all or a portion of consumer credit-related product development, implementation and fulfillment (with the OCC noting the failure of a number of banks to exercise adequate risk management and controls when developing and offering add-on products to customers);

3) fair lending risk arising when banks engage a third party to conduct all or a portion of the application or underwriting process or make decisions regarding terms or pricing; and

4) risk created by the need for banks to implement significant changes to policies and procedures to comply with the new Truth in Lending Act/Real Estate Settlement Procedures Act integrated mortgage disclosure requirements that become effective October 3, 2015.

OCC examiners will review a bank’s BSA/AML program and controls and the effort of bank management to maintain an effective program. For large banks, OCC examiners will coordinate with the CFPB to determine compliance with consumer laws, regulations, and guidance, and continue to assess compliance with the Flood Protection Act and the Servicemembers Civil Relief Act. For both large and smaller banks, OCC examiners will assess a bank’s effectiveness in identifying and responding to risks created by new products, services, or terms and, with regard to fair lending, assess a bank’s “efforts to meet the needs of creditworthy borrowers” and monitor its compliance with the Community Reinvestment Act, fair lending laws, and other consumer protection laws.

Other top safety and soundness risks identified by the OCC include loosening of underwriting standards in response to competitive pressures (particularly in leveraged lending, indirect auto finance, and commercial loans) and vulnerabilities arising from the low interest rate environment.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Ballard Spahr LLP | Attorney Advertising

Written by:

Ballard Spahr LLP
Contact
more
less

Ballard Spahr LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide