Compliance Corner

FSA Times’ Compliance Corner is a resource for financial services auditors to keep up to date on changing regulations and requirements affecting them, as compiled by Asa Sum and Scott Werner,  members of Protiviti’s global financial services and regulatory risk consulting practice.

 

FinCEN Clarifies Currency Transaction Reporting Aggregation Rule
 

On March 16, 2012, the Financial Crimes Enforcement Network (FinCEN) issued guidance regarding currency transaction reporting (CTR) aggregation for businesses with common ownership. Under the Bank Secrecy Act (BSA), FinCEN already requires financial institutions to aggregate multiple currency transactions to the extent that they have knowledge that the transactions are by, or on behalf of, any one person and exceed US $10,000 during any one business day.

The guidance emphasizes that it is not enough to presume that separately incorporated entities are necessarily operating independently of each other. Importantly, FinCEN notes that it is up to the financial institution to determine whether multiple businesses that share a common owner are, in fact, being operated independently. Once a financial institution determines that the businesses are not operating independently (e.g.,the bank accounts of one business are repeatedly used to pay the expenses of another business), then it should aggregate the separate transactions of these businesses; otherwise, transactions should be not be aggregated.

Internal auditors should validate whether their institutions have controls in place to, 1) identify common owners of multiple companies, 2) determine that such companies are not operating independently of each other, and 3) validate whether the cash transactions of such companies should be aggregated.
 

New Mortgage Servicing Standards Surface from Historic $25 Billion Settlement
 

On March 12, 2012, federal banking agencies and state attorneys general reached a US $25 billion settlement agreement with the nation’s five largest residential mortgage servicers. The settlement provides financial relief to homeowners and enumerates specific servicing standards for each of these servicers to address perceived servicing deficiencies, including:

  • Ceasing foreclosure abuses (e.g., “robo-signing,” improper notarization).
  • Improving oversight of foreclosure processing, including third-party vendors.
  • Implementing procedures to ensure that homeowners are evaluated for other loan mitigation options before foreclosure proceedings are initiated.
  • Restricting banks from foreclosing while the homeowner is being considered for a loan modification.
  • Creating a single point of contact for borrowers seeking information about their loans and ensuring adequate staff to handle calls.
  • Establishing procedures and a timeline for reviewing a loan modification application and providing homeowners the right to appeal denials.

Other financial institutions should evaluate their own servicing practices in relation to the standards set forth in these settlement agreements. As a matter of preparedness and meeting agency expectations, financial services internal auditors should incorporate elements of the new servicing standards into their existing servicing and foreclosure-related audit test plans. Auditors should evaluate these new servicing standards to their institutions’ existing servicing and foreclosure-related processes to help identify and address any potential weaknesses. 
 

Payday Lending Compliance Examination Procedures
 

On Jan. 19, 2012, the Consumer Financial Protection Bureau (CFPB) published payday loan examination procedures in response to consumer risks involved with short-term, small-dollar credit lending —commonly known aspayday lending, though such products are not limited to the typical payday lenders but also may be offered by traditional depository institutions. While payday lenders typically market these loans to consumers as a convenient means of bridging cash-flow shortage between pay or benefit checks, these products and services usually come with high costs. The CFPB’s examination procedures comprise five primary modules covering a payday loan’s lifecycle: 

  1. Marketing practices.
  2. Application and origination.
  3. Payment processing and sustained use of credit.
  4. Collections, accounts in default, and consumer reporting.
  5. Third-party relationships and information sharing.

Internal auditors should ensure their audit test plans incorporate the modules using a risk-based approach, and they should evaluate their companies’ control environment against the new examination procedures to determine whether regulatory requirements and expectations are being met.
 

CFPB Finalizes Rules for Remittance Transfer
 

Annually, tens of billions of dollars are remitted from the United States to individuals and businesses in foreign countries. As a result of the Dodd-Frank Wall Street Reform and Consumer Protection Act, Congress expanded the scope of the Electronic Funds Transfer Act to regulate consumer disclosures related to remittance transfers. In February 2012, the CFPB amended Regulation E to implement these provisions, effective February 2013. The CFPB’s final rule requires:

  • Disclosures. Each sender of a remittance transfer must receive consistent, reliable disclosures about the pricing of the transfer, the amount of currency sent to the recipient, and the date the funds will be available to the recipient.
  • Right to Cancel. Consumers who send remittances will have the right to cancel a transaction within 30 minutes after making payment to initiate the remittance transfer.
  • Error Resolution Procedures. Remittance transfer providers must implement dispute resolution procedures to respond to consumer disputes regarding such transfers.

Financial institutions that provide remittance transfer services should review and evaluate their existing control environment against the final rule and implement any necessary changes. Internal auditors should evaluate whether their institutions in fact provide such services, assess the sufficiency of their institution’s implementation efforts, and take steps to update their audit universe accordingly to include these services and requirements as appropriate.