Federal Reserve Announces Extension of Conformance Period under Section 13 of the Bank Holding Company Act

On July 7, 2016, the Federal Reserve announced that it will extend until July 21, 2017 the conformance period for banking entities to divest ownership in certain legacy investment funds and terminate relationships with funds that are prohibited under Section 619 of the Dodd-Frank Act, commonly known as the Volcker Rule. The Board had announced in December 2014 that it would make this extension to provide for orderly divestitures and to prevent market disruptions. This is the final of the three one-year extensions that the Board is authorized to grant.

In making this announcement, the Federal Reserve emphasized that: "This extension would permit banking entities additional time to divest or conform only 'legacy covered fund' investments, such as prohibited investments in hedge funds and private equity funds that were made prior to December 31, 2013. This extension does not apply to investments in and relationships with a covered fund made after December 31, 2013 or to proprietary trading activities; banking entities were required to conform those activities to the final rule by July 21, 2015."

The Federal Reserve also noted that the Office of the Comptroller of the Currency, the Federal Deposit Insurance Corporation, the Securities and Exchange Commission, and the Commodity Futures Trading Commission: "plan to administer their oversight of banking entities under their respective jurisdictions in accordance with the Board's conformance rule and this extension of the conformance period."

Finally, the Board noted that: "upon the application of a banking entity, the Board is permitted under section 619 to provide up to an additional five years to conform investments in certain illiquid funds, where the banking entity had a contractual commitment to invest in the fund as of May 1, 2010." Release.

Interim Final Rule Regarding Inflation-Adjusted Civil Money Penalties

On July 1, 2016, the Office of the Comptroller of the Currency (OCC) published an interim final rule that amends its rules of practice for national banks and federal savings associations to adjust the maximum amount of each civil money penalty ("CMP") within its jurisdiction. The effective date of the rule is August 1, 2016, and the adjustments apply only to penalties assessed on or after such date. The interim final rule includes revisions to charts that set forth the inflation-adjusted maximum CMPs and an addition of a new penalty that makes it unlawful for a creditor who extends credit or provides services for a consumer credit transaction secured by the consumer's principal dwelling to engage in acts that violate the appraiser independence requirements, among other changes. Press Release. Interim Final Rule.

NY DFS Adopts Final Anti-Terrorism and Anti-Money Laundering Regulation

On June 30, 2016, the New York Department of Financial Services ("NY DFS") adopted a final anti-terrorism and anti-money laundering regulation (the "Final Regulation") that requires institutions subject to regulation by the NY DFS to maintain programs to monitor and filter transactions for potential Bank Secrecy Act ("BSA") and anti-money laundering ("AML") violations and prevent transactions with sanctioned entities.

Of particular significance is that under the Final Regulation, which will be effective January 1, 2017, relevant regulated NY DFS institutions are required to review their transaction-monitoring and filtering programs and ensure that they are reasonably designed to comply with risk-based safeguards. These institutions also must adopt (at the institution's option) an annual board resolution or senior officer compliance finding to certify compliance with the Final Regulation beginning April 15, 2018. The resolution or finding must state that documents, reports, certifications and opinions of officers and other relevant parties have been reviewed by the board of directors or senior official to certify compliance with the Final Regulation.

The proposed version of the Final Regulation, which was issued on December 1, 2015, included a much more draconian requirement that a senior financial executive annually deliver an unqualified certificate to the NY DFS that his or her institution "has sufficient systems in place to detect, weed out, and prevent illicit transactions" and that he or she has reviewed the compliance programs of the regulated Institution, or caused them to be reviewed, and that such programs comply with all of the requirements of the proposed regulation. The provisions of the proposed regulation are discussed in the December 22, 2015 Orrick Alert.

The NY DFS noted in its announcement of the Final Regulation that: "The risk-based rule adopted by DFS today takes into consideration comments that were submitted by the financial services industry and others during the extended comment period for the previously-proposed regulation, which ended March 31, 2016."

Institutions must maintain supporting data for the certification, for review by NY DFS, for five years.

The key requirements of the Final Regulation include the following:

Annual Board Resolution or Senior Officer Compliance Finding
To ensure compliance with the requirements, each regulated institution shall adopt and submit to the Superintendent a board resolution or senior officer compliance finding by April 15 of each year. Each regulated institution shall maintain for examination by DFS all records, schedules and data supporting adoption of the board resolution or senior officer compliance finding for a period of five years.

Maintain a Transaction Monitoring Program
Each relevant regulated institution shall maintain a reasonably designed program for the purpose of monitoring transactions after their execution for potential BSA/AML violations and Suspicious Activity Reporting. The system, which may be manual or automated.

Maintain a Watch List Filtering Program
Each relevant regulated institution shall maintain a reasonably designed filtering program for the purpose of interdicting transactions that are prohibited by federal economic and trade sanctions.

On July 6, 2016, Moody's published its rating methodology for European Social Housing Providers. Report.

On July 5, 2016, Fitch updated its global surveillance criteria for structured finance CDOs. Report.

On July 1, 2016, Fitch updated its criteria for rating structured finance servicers. Report.

On July 1, 2016, Fitch released updated criteria for new-issue U.S. and Canadian multiborrower CMBS. Report.

SEC Proposes Rule Requiring Investment Advisers to Adopt Business Continuity and Transition Plans

On June 28, 2016, the Securities and Exchange Commission proposed a new rule that would require registered investment advisers to adopt and implement written business continuity and transition plans. In announcing the proposed rule the SEC stated that: "The proposed rule is designed to ensure that investment advisers have plans in place to address operational and other risks related to a significant disruption in the adviser's operations in order to minimize client and investor harm."

The risks identified by the SEC include: business disruptions – whether temporary or permanent – such as a natural disaster, cyber-attack, technology failures, and the departure of key personnel.

The proposed rule also would require an adviser's plan to include policies and procedures addressing the following specified components: maintenance of systems and protection of data; pre-arranged alternative physical locations; communication plans; review of third-party service providers; and plan of transition in the event the adviser is winding down or is unable to continue providing advisory services.

The proposed rule and rule amendments also would require advisers to review the adequacy and effectiveness of their plans at least annually and to retain certain related records.

In addition to the proposed rule, SEC staff issued related guidance addressing business continuity planning for registered investment companies, including the oversight of the operational capabilities of key fund service providers.

The proposed rule can be found by clicking here. Comments are due on or before September 6, 2016.

Appellate Court Affirms Dismissal of Certain Claims against Trustee

On July 5, 2016, the First Department of the Appellate Division of the Supreme Court of the State of New York affirmed the partial grant of Bank of New York Mellon's ("BNY") motion to dismiss certain claims brought by RMBS investors arising from BNY's alleged failure to perform its duties as RMBS trustee. While the court affirmed partial denial of BNY's motion to dismiss the negligence claims as duplicative of the contract claims, it also affirmed that portion of the trial court's order granting BNY's motion to dismiss portions of those negligence claims to the extent they are predicated on the incorrect assumption that a trustee owes a duty to (i) monitor other PSA counterparties' performance of basic non-ministerial tasks; and/or (ii) put its "nose to the source" to uncover improper counterparty conduct. The First Department also held that the trial court should have dismissed contract claims against BNY alleging a breach of the alleged duty to notify PSA counterparties of loan seller representation and warranty breaches, as they had not been sufficiently alleged. It also affirmed dismissal of all breach of fiduciary duty claims. Motion.

Delegated Regulation on Recovery and Resolution Planning under BRRD Published in OJ

On July 8, 2016, the Commission Delegated Regulation ((EU) 2016/1075) supplementing the Bank Recovery and Resolution Directive (2014/59/EU) ("BRRD") on recovery and resolution planning, was published in the Official Journal of the EU ("OJ"). The Delegated Regulation details regulatory technical standards ("RTS') outlining the following:

• the content of recovery plans, resolution plans and group resolution plans;
• the minimum criteria that the competent authority is to assess regarding recovery plans and group recovery plans;
• the conditions for group financial support;
• the requirements for independent valuers;
• the contractual recognition of write-down and conversion powers; and
• the procedures and contents of notification requirements and of notice of suspension and the operational functioning of the resolution colleges.

It is hoped that the above RTS will be included in a single Delegated Regulation to ensure coherence between the provisions dealing with the resolution framework laid down in the BRRD.
The Delegated Regulation was adopted by the Commission on March 23, 2016. It comes into force twenty days after publication in the OJ and as such on July 28, 2016.

Cyber Security: European Parliament Formally Adopts Network and Information Security Directive at Second Reading

On July 6, 2016, the European Parliament plenary session formally adopted the Network and Information Security Directive ("NIS Directive") at second reading.

Securing network and information systems in the EU is fundamental to keep the online economy running and to ensure prosperity. The NIS Directive is the key instrument supporting Europe's cyber resilience. The aim of the NIS Directive is to bring cybersecurity capabilities at the same level of development in all EU member states and ensure that exchanges of information and cooperation are efficient, including at a cross border level.

The NIS Directive also stipulates security obligations for operators of essential services, including transport, health and finance and digital service providers, such as online marketplaces, search engines and cloud services. Any disruption to the services provided by essential operators poses a severe risk to society and the economy and therefore the requirements will be stronger for such operators than for digital service providers. Each member state will also be required to designate one or more national authorities and lay down a strategy to deal with cyber threats.

The NIS Directive will now be published in the OJ and will enter into force on the twentieth day after publication. The EU member states will then have 21 months to transpose the NIS Directive into their national laws and six further months to identify operators of essential services.

For further information, please see the European Parliament press release.

European Commission Calls for Further Technical Advice from EBA on Prudential Regime for Investment Firms under CRD IV

On July 6, 2016, the EBA published a call for advice, dated June 13, 2016, that it has received from the European Commission relating to the prudential requirements applicable to investment firms under the Capital Requirements Regulation (Regulation 575/2013) ("CRR") and the CRD IV Directive (2016/36/EU) (together referred to as CRD IV).

The EBA already provided advice on this matter to the Commission in December 2015, in which it broadly concluded that the current prudential regime for investment purposes is not adequate. To better inform the Commission's decision, it is seeking further technical advice from the EBA on the details of the high level recommendations set out in the December 2015 advice. It has asked the EBA to provide advice on the following:

• the criteria and thresholds for each of the three proposed classes of investment firm;
• the design and calibration of all relevant aspects of a new prudential regime for the three proposed classes of investment firm;
• the application of the CRD IV remuneration requirements to the different proposed classes of investment firm, and if whether the proposed new classes would affect the applicability of the CRD IV corporate governance rules; and
• any other issues or inconsistencies the EU competent authorities have identified in implementing the rules relating to investment firms.

The EBA is to consult with ESMA when preparing its advice. The deadline for preparing the advice on the analysis relating to class one investment firms is September 31, 2016. The EBA must prepare its final report on the substantive content and calibration of the proposed regimes for the different classes of investment firms to the Commission by June 30, 2017.