Financial Services Law -- Jan 17, 2014

by Manatt, Phelps & Phillips, LLP

In This Issue:

Community Banks and the Volcker Rule: What’s Next?

For now, banks that have investments in CDO securities that are issued by funds that are invested in trust preferred securities (TruPS CDOs) have dodged a bullet. On Dec. 10, 2013, federal regulators issued the long-anticipated final Volcker Rule. An implementation of Section 619 of the Dodd-Frank Wall Street Reform and Consumer Protection Act, the Rule establishes limitations on proprietary investment and trading activities on the part of banking entities that benefit from federal deposit insurance.

In something of a surprise, the final rule provided that financial institutions must phase out their investments in TruPS’ CDOs. Being forced to divest themselves of these holdings, even though not required until a compliance period that will start in 2015, would, in the minds of some accounting departments, have required an immediate accounting hit, as the banks would have to recharacterize such investments as being available for sale, rather than held for portfolio. For banks that had invested in TruPS CDOs prior to the financial crisis and held them on their books at prices higher than the current price, the accountants warned, it would be necessary to recognize a loss reflecting that reduced value, even before the required time for divestiture.

The response was fast and furious. Legislation was introduced in both the House and Senate, seeking a carve-out or exemption allowing banks to continue to hold the CDOs. A bi-partisan group of Senators sent a letter to Treasury Secretary Jack Lew and Federal Reserve Chairman Ben Bernanke, arguing that the “Volcker Rule is not the appropriate vehicle for the regulators to revisit how community banks manage their portfolios of TruPS.” And the American Bankers Association filed a lawsuit seeking suspension of the controversial provision.

The outcry led to a joint statement from the Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency, the Federal Deposit Insurance Corporation, and the Securities and Exchange Commission on December 27, 2013 that the regulators planned to reconsider, followed by an interim final rule by those same regulators issued on January 14, 2014.

Under this new rule, TruPS CDOs may be retained by a banking entity provided all of these things are true:

  • The TruPS CDO was established, and the security held by the bank was issued, before May 19, 2010.
  • The banking entity reasonably believes that the offering proceeds received by the TruPS CDO were invested primarily in trust preferred securities and subordinated debt instruments that were themselves issued by a mutual holding company or a depository institution holding company before May 19, 2010, the issuer of which had total consolidated assets under $15 billion as of the end of each reporting period within the year preceding the date of issuance.
  • The banking entity acquired the interest in the TruPS CDO on or before Dec. 10, 2013.

Why it matters: For banking entities that hold TruPS CDOs this will largely avert the need to sell those securities or to recognize losses for accounting purposes. It will be important to check that all of the conditions are satisfied, as to the nature of the TruPS CDO, the date of issuance and the primary character of the underlying TruPS held by the CDO. Since TruPS CDOs acquired after Dec. 10, 2013 will not benefit from this new rule, there will be little appetite for their purchase within the banking industry.

To read the new rule, click here.

For a list of 86 TruPS CDOs identified by the regulators as meeting the criteria for exclusion from the Volcker Rule’s prohibition, click here.

Time to Get Social

Financial institutions can begin 2014 with live tweeting, Facebook posts, or maybe some blogging, directed by the recently released guidance on social media from the Federal Financial Institutions Examination Council.

On behalf of its members – the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, and the Consumer Financial Protection Bureau – the FFIEC released final supervisory guidance in “Social Media: Consumer Compliance Risk Management Guidance.”

Effective immediately, the final guidance largely tracked the original proposal released for public comment last year, offering covered entities – banks, savings associations, credit unions, and nonbank entities supervised by the CFPB – an explanation of various federal regulations and laws applicable to social media communications.

Defining social media as “a form of interactive online communication in which users can generate and share content through text, images, audio, and/or video,” the FFIEC offered examples ranging from micro-blogging sites like Twitter and Facebook to consumer review sites like Yelp to photo and video sites like Flickr and YouTube to virtual worlds like Second Life and social games like FarmVille.

One clarification from the proposal: Messages sent via e-mail or text message, standing alone, do not constitute social media, the FFIEC said, although messages sent via a social media channel are considered social media.

With input from company-wide sources (like information security, legal, human resources, and marketing), a financial institution should establish a risk management program related to social media “commensurate with the breadth” of the level of its involvement in social media. The program should feature a governance structure with clear roles and responsibilities and policies and procedures regarding the use and monitoring of social media, as well as compliance with the relevant consumer protection laws and regulations, specifically addressing how to handle the risks of online postings, edits, replies, and retention, according to the guidance.

Other considerations include employee training (including defining the scope of permissible and impermissible social media activities), audit and compliance functions, and a process for handling third-party relationships in the context of social media.

Interaction via social media is by nature more informal and dynamic, the FFIEC noted, which presents compliance, legal, operational, and reputational risks for covered entities. For example, a financial institution that posts an advertisement on its Facebook page featuring a triggering term such as “bonus” must then satisfy the disclosure requirements found in the Truth in Savings Act, like the minimum balance required to obtain the advertised bonus.

Financial institutions should also use care not to run afoul of the Equal Credit Opportunity Act and the Fair Housing Act, the FFIEC cautioned, and avoid collecting information via social media regarding a borrower’s race, color, religion, national origin, or sex.

Attention should also be paid to the impact of the Bank Secrecy Act and Anti-Money Laundering program, particularly in the context of virtual worlds and the increasing use of Internet games to launder money.

On a bright note for financial institutions, the guidance clarified the scope of comments received from the public that must be maintained under the Community Reinvestment Act’s two-year lookback requirement. “[C]omments about the institution made on the Internet through sites that are not run by or on behalf of the institution are not necessarily deemed to have been received by the depository institution and would not be required to be retained,” the FFIEC explained. “Rather, the institution should retain comments made on sites run by or on behalf of the institution that specifically relate to the institution’s performance in helping to meet community credit needs.”

Another major area of focus for financial institutions is privacy. Laws like the Gramm-Leach-Bliley Act, the Children’s Online Privacy Protection Act, the Telephone Consumer Protection Act, the CAN-SPAM Act, and the Fair Credit Reporting Act all present varying considerations regarding notification to consumers about the collection and use of information via social media as well as appropriate contact.

Separate from legal and compliance risks, the guidance also set forth reputational risks like brand identity and fraud, a serious issue for a bank subject to a phishing or spoofing attack. An inadequate response to consumer complaints or questions on social media can also turn into a PR nightmare for a financial institution (just look at JPMorgan’s recent Twitter foray).

The guidance noted the need for covered entities to conduct the appropriate due diligence prior to working with third parties in the social media context, referencing additional tips on third-party relationships from its member agencies, including the OCC’s recently released guidance.

To read the final guidance, click here.

Why it matters: The FFIEC emphasized that the guidance did not create new duties for covered entities, but is intended to help financial institutions make their way through the ever-expanding world of social media. The guidance also emphasized that because the scope of involvement on social media varies by financial institution, entities must conduct an individualized risk analysis. “Each institution is responsible for carrying out an appropriate risk assessment and maintaining a risk management program that is appropriate and tailored to the particular institution’s size, activities, and risk profile,” the FFIEC explained, specifically disclaiming a “one size fits all” approach. “The revised guidance clarifies and points to the longstanding principle that financial institutions are expected to assess and manage the risks particular to the individual institution, taking into account factors such as the institution’s size, complexity, activities, and third party relationships.” Financial institutions would be well served to familiarize themselves with the document and, if they haven’t already, establish relevant policies and procedures for the social media ecosystem.

Auto Lender to Pay $98 Million to Resolve Discriminatory Lending Action

In the first joint fair lending action in the indirect auto lending context by the Consumer Financial Protection Bureau and the Department of Justice, Ally Bank and its parent, Ally Financial Inc., agreed to pay $98 million to settle charges of discriminatory lending in violation of the Equal Credit Opportunity Act. The settlement represents the federal government’s largest auto loan discrimination settlement in history and the third largest ever in a DOJ fair lending action.

An examination conducted from September 2012 through November 2012 revealed pricing disparities in the company’s portfolio for loans made to qualified African-American, Hispanic, and Asian and Pacific Islander borrowers, the CFPB said. Ally finances auto loans by setting a minimum interest rate at which it will finance or purchase a retail installment contract from a dealer based on the borrower’s objective credit-related factors. The dealer then has the discretion to vary the initial interest rate (or buy rate) within certain limits and receive a greater payment from Ally on loans that include a higher interest rate markup.

As compared to equally qualified white borrowers, African-Americans were charged approximately 29 basis points more in dealer markup; Hispanic borrowers were charged approximately 20 basis points and Asian and Pacific Islanders approximately 22 basis points more in dealer markup, according to the action. The CFPB shared its findings with the DOJ, which made similar findings based upon its own investigation of Ally’s pricing of automobile retail installment contracts.

Importantly, the agencies based their allegations on a disparate impact theory and did not claim that Ally intentionally discriminated against any borrowers. The company’s policy – while facially neutral – permitted dealers to set prices that resulted in qualified members of the three minority groups paying more for credit on average than similarly-situated white borrowers, the DOJ and CFPB contended.

“Whether or not Ally consciously intended to discriminate makes no practical difference,” Richard Cordray, director of the CFPB, said in a press release. “In fact, we do not allege that Ally did so. Yet the outcome, and the harm to consumers, is the very same here.”

Ally, one of the largest indirect automobile finance companies in the country (according to the DOJ and CFPB, the company works with roughly 12,000 dealers nationwide) also failed to monitor dealers for pricing disparities and neglected to provide dealer training in fair lending, the agencies said.

Pursuant to the final consent order between the parties filed in Michigan federal court, Ally agreed to pay an $18 million penalty and provide an additional $80 million dollars as a settlement fund for the roughly 235,000 borrowers identified by the agencies as having been subjected to the alleged discriminatory practices between April 2011 and December 2013.

The settlement also requires Ally to improve its monitoring and compliance programs intended to prevent future discrimination – including dealer education about the ECOA and the establishment of a dealer compensation policy that will limit the maximum spread between Ally’s buy rate and the contract rate. Ally agreed to conduct quarterly and annual analyses of retail installment contract pricing data for prohibited disparities resulting from Ally’s dealer compensation policy and promised to take “prompt corrective action” against dealers who trigger concerns regarding pricing disparities, up to termination of a dealer relationship.

Ally could be relieved of its compliance obligations under the order if it drops the traditional dealer markup model and moves to “a non-discretionary dealer compensation structure,” the CFPB explained, like using a flat rate per borrower.

The company released a statement that it “does not engage in or condone violations of law or discriminatory practices, and based on the company’s analysis of its business, it does not believe that there is measurable discrimination by auto dealers. Regardless, Ally takes the assertions by the CFPB and DOJ very seriously and has agreed to the terms in the orders.”

To read the consent order, click here.

Why it matters: The order reinforces that the auto lending industry is squarely on the CFPB’s radar. In addition to the Ally settlement, the agency previously released guidance for auto lenders in which it cautioned that indirect lenders could be liable under a disparate impact theory. The order and CFPB guidance demonstrate the government’s willingness to bring fair-lending actions against auto lenders even absent evidence of discriminatory intent. In addition, while the settlement does not require Ally to eliminate the practice of allowing dealers to mark up loans, it seeks to encourage auto lenders to implement a dealer compensation plan without discretionary dealer pricing. In the event that an auto lender or finance company continues to allow dealers to exercise discretion over the interest rates they charge consumers, the order serves as a strong reminder to maintain robust monitoring and compliance programs to prevent, or promptly remedy, any unlawful pricing disparities.

Bank Can’t Compel Arbitration in Consumer Suit, California Court Rules

Providing a valuable lesson to financial institutions hoping to rely upon arbitration provisions, a California federal court held that a bank failed to establish that a customer was provided with adequate notice of the agreement and denied a motion to compel arbitration.

Alleging violations of the Telephone Consumer Protection Act and California’s Unfair Competition Law, Madeline Martin sued Wells Fargo in California federal court. Martin claimed the bank repeatedly called her cellphone without consent.

Wells Fargo responded with a motion to compel arbitration. Although the Complete Advantage Checking account at issue was opened by Martin in 1987 without an arbitration agreement, the contract included language from the bank that it “reserve[d] the right to change any of the charges, fees or other information contained in this disclosure. However, we will send you a notice at least 15 days before the effective date of any change in charges, fees, or interest computation.”

In December 2011, Wells Fargo amended the contract, it told the court. Customers were notified in two ways: by use of a billing statement insert titled “Important Change in Terms Notice” which included the text of the arbitration provision, as well as publication of the insert as a disclosure provided when customers logged into their accounts between Dec. 1, 2011 and May 31, 2012.

But Martin denied ever receiving or seeing the bank’s notice and claimed she had no recollection of logging into her online account during the six-month period.

Holding that Wells Fargo had failed to meet its evidentiary burden, U.S. District Court Judge Susan Illston denied the motion to compel arbitration, finding that the bank failed to sufficiently establish that Martin actually saw or received the notice.

While Martin was on the list targeted to receive the insert, the bank “stops short of making a definitive statement the insert containing the arbitration provision was mailed,” and Wells Fargo did not provide the court “with any legal precedent to support the premise that ‘targeting’ an individual to receive a mailing constitutes proper notice,” the court said.

Receiving the notice online would have been acceptable but Martin denied logging into her account and the bank did not produce evidence to contradict her position. Again, the bank stated that the disclosure was published online and “Martin ‘would have received [it] upon logging into her account’ but not that Martin actually did log in and see the disclosure,” Judge Illston wrote.

“On the present record at this stage in the proceedings, Wells Fargo has not met its burden to demonstrate Martin received proper notice of the changes to her account agreements,” she concluded.

The court also questioned whether the addition of an arbitration agreement was a fair amendment to the 1987 contract between the parties. Reading the original contract in its entirety, the judge interpreted the phrase “charges, fees or other information” to reserve the bank’s right to change “charges, fees or interest computation” only – not to add an arbitration provision. “The original terms do not indicate the addition of an arbitration agreement was ‘a modification whose general subject matter was anticipated when the contract was entered into,’” Judge Illston wrote. “Had Wells Fargo, the drafting party, intended its initial agreement to allow for the subsequent addition of an arbitration provision, it could have included those terms within the 1987 agreement.”

To read the decision in Martin v. Wells Fargo Bank, click here.

Why it matters: Martin arguably places some practical limits on what has been a string of court decisions enforcing arbitration provisions. Businesses seeking to amend their contracts with consumers to add arbitration provisions should amend their old contracts often and ensure that the amendment is disclosed in such a way as to ensure proof of consumer receipt and acceptance

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Manatt, Phelps & Phillips, LLP | Attorney Advertising

Written by:

Manatt, Phelps & Phillips, LLP

Manatt, Phelps & Phillips, LLP on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.