Introduction
The 2022 regulatory agenda impacting the US banking industry is crowded and varied. Banks in the United States and globally have fared well through the Covid-19 pandemic, generally reflecting strong capital and liquidity positions and a strong government response to stabilize financial markets. Apart from that good news, banks and other financial market participants should be mindful of a range of regulatory initiatives that are underway and should gain momentum as new appointees implement the Biden Administration agenda at various regulatory agencies. The following summary highlights several of these initiatives.
Market structure/bank powers
1. Access to Federal Reserve accounts and payment services
Perhaps the most interesting space to watch in 2022 involves access to Federal Reserve Bank accounts and payment services. At issue is this: Some chartering authorities have authorized novel types of bank charters under state banking laws. (Novel charters under federal law are also a possibility.) In many cases, these banks do not have insurance from the Federal Deposit Insurance Corporation (FDIC) and they are not subject to the full range of prudential supervision under federal law to which traditional commercial banks are subject. In addition, their activities otherwise leave them outside the definition of “bank” for the purposes of the federal Bank Holding Company Act and thus the holding companies of these banks (if there is a holding company) are not subject to Federal Reserve Board supervision.
One question that arises is whether the novel banks qualify under the law as eligible to seek Federal Reserve Bank account access. One of the primary goals of the US federal bank supervisory framework is the protection of the payment system to which the novel banks seek access. The failure of a participant bank in the payment system is exactly the type of event that the entire edifice of prudential supervision is meant to address and the novel banks are not part of that system of supervision. At the same time, the Federal Reserve Board has acknowledged the desirability of an efficient, inclusive and innovative payment system. To date, the Federal Reserve has, for the most part, not permitted these novel charters to obtain Federal Reserve Bank account services.
Assuming that a bank qualifies to apply for Federal Reserve Bank account services (an issue that the Federal Reserve may also address with more specificity), a second question that arises is what standards apply to such an application. Banks that are subject to federal bank supervision have generally been viewed as meeting the Federal Reserve’s standards. For other banks, however, the standard is not clear.
As a result, on May 11, 2021, the Federal Reserve Board issued for comment proposed standards (Account Access Guidelines) by which Federal Reserve Banks would judge a request by any bank for Federal Reserve accounts and services. While FDIC-insured banks (and US branch offices of non-US banks) subject to federal supervision would likely meet the Federal Reserve standard, other banks will find it more difficult to meet the standards. What remains to be determined is exactly how those standards will be defined and applied and whether any novel bank will meet the standard. It should be expected that the hurdles that the Federal Reserve imposes will be high, but if the Federal Reserve approves one novel bank under the standards, expect a large number to seek to follow. The Federal Reserve Board accepted comments on its Account Access Guidelines through July 12, 2021.
2. Cryptocurrency developments
Banks and cryptocurrency activities
State and federal banking regulators have been confirming the authority of banks to provide various services with regard to cryptocurrencies. The Office of the Comptroller of the Currency (OCC), the regulator of national banks, issued three interpretative letters in 2020 and 2021 (Letter Nos. 1170, 1172 and 1174) under the Comptroller of the Currency appointed during the Trump Administration. These letters addressed: (i) cryptocurrency custody services, (ii) holding dollar deposits serving as reserves backing stablecoin and (iii) (A) banks acting as nodes on an independent node verification framework and (B) banks engaging in certain stablecoin activities to facilitate payment transactions on a distributed ledger. These letters were affirmed under the Biden Administration in an interpretive letter, dated November 18, 2021 (Letter No. 1179), of the OCC Chief Counsel. Letter No. 1179 confirms that the activities addressed in the prior letters are permissible for a national bank, provided that the bank can demonstrate to its examiners that the bank has controls in place to conduct the activity in a safe and sound manner. This requires demonstrating the establishment of a risk management framework that addresses, among various other risks, risks related to new and evolving technologies, including the risk of hacking, fraud and theft.
In addition to these interpretive letters, the OCC recently took another action in approving a bank charter for a fintech company that revealed its ongoing cautiousness with respect to crypto-oriented services provided by national banks. On January 18, 2022, the OCC approved SoFi’s application to establish a national bank subsidiary. That approval was regarded as another favorable step by the OCC to allow technology companies to have national bank subsidiaries. While SoFI must still be approved by the Federal Reserve Board to be a bank holding company, two aspects of the OCC’s approval were notable. First, the charter granted to SoFi was not the so-called limited-purpose fintech charter which the OCC has promised the fintech sector for years but has yet to approve (the charter preliminarily approved for Paxos in 2021 is a limited-purpose trust bank charter). SoFi was approved for a traditional national bank charter, albeit with a decidedly fintech-oriented business plan. Second, the OCC’s SoFi approval specifically limited SoFi bank’s ability to engage in crypto-asset activities for a period potentially as long as three years without additional OCC approval.
In addition to the OCC’s crypto-related initiatives, the three US federal banking agencies regulators issued a joint statement (November 23, 2021) announcing that they plan to look at a number of issues regarding the crypto-related activities of banks in the coming year. Activities addressed would include: (i) crypto-asset safekeeping and custody, (ii) ancillary custody services (such as staking, facilitating crypto-asset lending and distributed ledger technology governance services), (iii) facilitation of customer purchases and sales of crypto-assets, (iv) loans secured by crypto-assets, (v) issuance and distribution of stablecoins and (vi) activities involving the holding of crypto-assets on a bank’s balance sheet. The issues related to these activities would include safety and soundness, consumer protection, compliance with law and anti-money laundering concerns. With respect to bank-issued stablecoins, an issue that may evolve is whether they may be treated similarly to deposits for purposes of FDIC insurance.
Central bank digital currency
The Federal Reserve Board is in the early stages of considering the merits and feasibility of issuing a central bank digital currency (CBDC). Some Federal Reserve governors have been openly skeptical of the need for a CBDC. Others have advocated for it, noting, among other things, the potential for increasing financial inclusion. On January 20, 2022, the Federal Reserve Board issued a discussion paper regarding the establishment of a CBDC. The Federal Reserve also invited public comments on the discussion paper for 120 days and presented 22 specific questions for discussion. On February 3, 2022, the Federal Reserve Bank of Boston and the Digital Currency Initiative at the Massachusetts Institute of Technology issued a whitepaper with the initial findings of their technological research into a CBDC. What is clear at this point is that the Federal Reserve will not actually issue a CBDC without more specific legislative authority.
3. Bank merger review standards
Mergers and acquisitions among the mega-banks in the United States are generally not possible due to a statutory nationwide deposit cap and other considerations. But merger activity was generally robust last year and the Federal Reserve Board recently approved several significant bank acquisitions, including by those with over US$250 billion in total assets.
The Federal Reserve Board and other federal banking regulators review applications for approval of proposed bank merger and acquisition transactions under specific statutorily enumerated factors . Different statutes apply depending on the banks involved and how the transaction is structured, but the factors are generally similar across statutes. Some have criticized these reviews as not stringent enough and Federal Reserve Board Governor Brainard said that a broader review of its supervisory review framework might be helpful. If the current nominees to the Federal Reserve Board (Sarah Bloom Raskin as vice chair of supervision and Lisa Cook and Philip Jefferson) are approved by the US Senate (which in Raskin’s case is far from a foregone conclusion), Governor Brainard’s call to review merger and acquisition criteria will enjoy additional support.
A proposal approved by three members of the board of directors of the FDIC would seek public comment on various factors that are considered under the Bank Merger Act. For example, one of the factors considered is the convenience and needs of the community to be served by a merged bank and the request would ask whether the impact that branch closings and consolidations may have should be considered. It also questions the rigor of the current practices for reviewing performance under the Community Reinvestment Act. (This request resulted in an internal showdown between the FDIC’s Chairman, who opposed the measure, and three of the board members; the Chairman resigned effective February 4, 2022, and we expect the measure to be formally published soon, which would start the formal public comment period.) While it seems unlikely that the statutory merger review factors will change, the manner in which bank regulators apply those standards may well evolve.
In a related development, the Antitrust Division of the Department of Justice (DOJ) invited comments (through February 15, 2022) on its 1995 Bank Merger Competitive Review guidelines. The DOJ sought comment on what factors should be considered and what additional information banks should submit as part of the merger review process. The DOJ had requested comments on the guidelines in 2020 and the more recent request invited commenters to update their earlier responses. Among the various specific questions on which the DOJ invited comment is how the role of internet-only banks (i.e. those with limited or no physical branch network) should factor into the competitive review analysis.
4. Federal preemption of state law
The National Bank Act generally preempts state laws that significantly interfere with the operations of a national bank. Exactly where the line is drawn is not always clear. For example, several states have enacted laws that require banks to pay interest on mortgage escrow accounts and plaintiffs have filed class-action lawsuits under those state statutes against national banks that have not paid interest on such accounts. National banks have asserted that the federal law preempts the state law, and the OCC has supported the position of the national banks. The plaintiffs won a ruling in the federal court in New York and an appeal is now pending with the federal appeals court for the Second Circuit.
5. Open banking
The United States does not have a standardized legal definition of “open banking” or have as developed or formalized legal regime for “open banking” as some other jurisdictions. However, regulations are under development.
In November 2020, the Consumer Financial Protection Bureau (CFPB) issued an advance notice of proposed rulemaking (ANPR) on “Consumer Access to Financial Records.” The ANPR does not use the term “open banking,” but it generally sought comment on the extent to which a consumer may access his or her financial records through a third-party. Technically, the regulations would implement provisions in Section 1033 of the Dodd-Frank Act (enacted in 2010), which provide that a consumer financial services provider must make available to a consumer information regarding a product that the consumer obtained from the provider. Although the ANPR has not yet been followed by an actual proposed regulation, a proposed regulation is anticipated.
The CFPB had previously issued guidance (October 18, 2017) that relates to open banking: “Consumer Protection Principles: Consumer-Authorized Financial Data Sharing and Aggregation.” In that guidance, which sets forth nine principles, the CFPB generally advocates that the consumer be in control of his or her data and transparency, not the financial institution that may be in possession of the data, while at the same time emphasizing data privacy and security.
Open banking is also the subject of various legislative proposals, although the prospects for the enactment of any such bill remain uncertain.
(For additional information on open banking, please refer to the updated summary of open banking regimes maintained by Norton Rose Fulbright for a number of jurisdictions: Open banking around the world 2021: A global comparative guide.)
6. Banking as a service
Somewhat related to open banking is the concept of “banking as a service,” whereby non-bank, third-party providers team with banks whose deposits are insured by the FDIC to offer banking products to their customers. This has been prevalent in the mortgage lending context where non-bank mortgage providers team with banks to offer mortgages that are initially booked with banks to take advantage of an FDIC-insured bank’s ability under federal law to make loans outside of their home states at rates of interest that may be above the interest rate limits permitted in other states where the borrowers are located (i.e. to export their home state’s interest rate). The originated loan is then sold to the non-bank lender, which itself would not have been permitted to charge the interest rate charged by the bank.
This practice was challenged by states and consumer protection groups and in 2015 the Second Circuit ruled in favor of a borrower whose loan had been acquired by a non-bank lender from a bank. In Madden v. Midland Funding LLC, 786 F.3d 246 (2d Cir. 2015), the Second Circuit held that, upon transfer to a non-bank third-party debt collector, loans originated by a national bank were not entitled to the National Bank Act’s preemption protections. In response to Madden, in 2020, the OCC and the FDIC issued rules (a so-called “Madden fix”) basically designed to validate the principle of “valid when made,” which provides that interest on a bank loan that is permissible when originated shall not be affected by the bank’s subsequent sale of the loan. Several states have challenged those rules in court, with the most recent development being a win for the OCC in a federal district court case in California in a ruling issued on February 8, 2022.
A second challenge to this type of lending is a claim that the bank that originated the loan was not the “true lender” in the first place, and therefore the non-bank involved is not entitled to rely on the interest rate authority available to the bank. The OCC adopted a second regulation (in October 2020) that sought to establish the circumstances under which a national bank would be deemed to be the true lender with respect to a loan. That regulation, however, was overturned by Congress in early 2021 under an obscure process known as the Congressional Review Act. As a result, although the regulation implementing the valid-when-made principle has survived, the ability of non-bank lenders to team with banks in order to make loans that exceed state lending limits remains subject to potential challenge. Moreover, supervisors have other tools to address predatory lending and several consumer groups are urging regulators to take action on this front.
The notion of banking as a service is not limited to loan products. Increasingly non-bank companies are teaming with FDIC-insured banks to offer deposit products that have the benefit of being insured by the FDIC. Some states are very defensive when out-of-state banks, with no branch location in their state, solicit deposits from their citizens. It remains to be seen whether deposit products that are provided on an interstate basis under the banking as a service model will be challenged as a violation of certain state laws.
Prudential supervision and regulation
7. Climate change risk
Climate risk is perhaps the newest risk to receive significant regulatory attention and it appears that a range of practices and requirements will be the subject of ongoing regulatory attention. The United States is still in the early stages of considering climate change in the context of risks posed to banks. The US prudential banking regulators have issued only limited guidance on climate risk (identifying both physical risks and transition risks), but the regulatory landscape is evolving fast. The Federal Reserve Board and the OCC have joined (and the FDIC will likely soon join) the Network of Central Banks and Supervisors for Greening the Financial System. The OCC has issued and requested comment on draft principles for climate-related risk management for large banks (those with more than US$100 billion in total consolidated assets). Comments on the proposal were due by February 14, 2022.
As Biden Administration officials take office or gain control of agency agendas, expect more developments in this area. Regulators are still doing research and establishing an analytical and definitional framework for climate risk, but among the key areas to watch are the extent to which scenario analysis and stress testing will result in additional capital requirements and thus potentially impact bank lending and investment decisions and the extent to which other supervisory initiatives will impact financing of various sectors of the economy. Other financial regulators, such as the Securities and Exchange Commission and the Commodity Futures Trading Commission, are also taking action within their areas of jurisdiction.
8. Cybersecurity
Often cited by bankers and regulators alike as the number one fear that keeps them awake at night, cybersecurity remains a key supervisory concern. Cybersecurity was mentioned first in the Federal Reserve Board’s November 2021 semi-annual Supervision and Regulation Report noting that cyber threats and attacks had increased significantly since the onset of the Covid-19 pandemic.
9. Outsourcing/third-party service providers
Over the years, banks have increasingly relied on third-party service providers for a range of services to support banks’ operations, and the federal banking agencies have from time-to-time issued guidance that addresses various aspects of such outsourcing arrangements. Outsourcing can encompass everything from the marketing of bank products and services to cloud computing solutions. The most comprehensive guidance was issued by the OCC in 2013, supplemented by FAQs issued in 2020. In July 2021, the federal banking agencies jointly issued guidance based on the OCC’s 2013 guidance and 2020 FAQs as proposed interagency guidance and requested public comment. The comment period closed on September 17, 2021 and final guidance is expected this year.
10. Capital requirements
There are several issues to be addressed in the near term. One is the calibration of the leverage capital standards. The leverage requirement is generally based on total assets; it is not a risk-based measure and is generally designed to establish a minimum floor. However, it has become the binding constraint for many banks, due in part to the growth in essentially safe assets on their balance sheets as a result of the Covid-19 pandemic. Calibration of the enhanced supplementary leverage ratio (which applies to the US global systemically important banks) will also likely receive attention. A second area to be addressed is the so-called Basel endgame, or the completion of the Basel III framework for international capital standards that was adopted in response to the 2007-2009 global financial crisis. One of the key pieces is to revise the market risk capital rule to reduce the role of bank internal models in the calculation of capital requirements. Other areas of attention include operational risk and the risks associated with financial derivatives.
Another area of potential attention is the countercyclical capital buffer, which was a part of the Basel III reforms. The existing US risk-based capital rules provide for a countercyclical capital buffer, which is described as a “macroprudential policy tool that the [Federal Reserve] Board can increase during periods of rising vulnerabilities in the financial system and reduce when vulnerabilities recede. It is designed to increase the resilience of large banking organizations when there is an elevated risk of above-normal losses.” Since regulatory provisions for the buffer were adopted in 2013, the Federal Reserve Board (in consultation with the other US federal banking regulators) has set the actual buffer amount at zero. Few other countries have established a buffer either. In the United States, however, former FDIC Chairman Sheila Bair has recently advocated for the institution of a countercyclical capital buffer and it can be expected that this would be a matter of some discussion among US regulators.
11. Anti-money laundering
Compliance with anti-money laundering (AML) and countering the financing of terrorism (CFT) obligations remains a high priority area for banking supervisors (and law enforcement agencies) in the United States. AML/CFT compliance issues also continue to be a key consideration in various crypto-currency initiatives.
Among the areas of AML compliance subject to rulemaking are the following. The Financial Crimes Enforcement Network (FinCEN), a bureau of the US Treasury Department, has issued two proposed rules to implement provisions of the Anti-Money Laundering Act of 2020 and the Bank Secrecy Act. One proposed rule addresses FinCEN’s collection of beneficial ownership information from various types of closely held, domestic and foreign companies into a national registry. Financial institutions are hopeful that ownership information collected in a national registry will significantly alleviate existing due diligence and know your client burdens. However, it remains to be seen whether in setting the parameters for the database, FinCEN will enable individual owners of companies to block their identification information from being made available to financial institutions, whether FinCEN will require companies to identify intermediary entities that stand between the company and its ultimate natural person beneficial owner and whether information obtained from the registry will be sufficient to fulfill an institution’s due diligence obligations with respect to corporate customers.
FinCEN has also issued an advanced notice of proposed rulemaking that would generally require certain persons involved in real estate transactions to report certain types of information to FinCEN. FinCEN has determined that the real estate sector has vulnerabilities that permit illicit actors to launder criminal proceeds through the purchase of real estate. A contemplated regulation would generally not be applicable to banks (which are already subject to extensive AML obligations, including with respect to their real estate financing activities) but would subject other market participants to formal AML requirements. Before issuing a specific proposed regulation, FinCEN is gathering information through the ANPR process.
In addition, FinCEN has issued a proposed rule regarding a limited-duration pilot program that would permit US financial institutions that are subject to suspicious activity reporting obligations to share such reports (SARs) with their overseas offices. If finalized, this rule would essentially put domestic global companies on an equivalent footing with their non-US counterparts with respect to the sharing of SAR information. Comments on the proposal are being accepted through March 28, 2022.
12. The “ancient regulations”
Federal Reserve Board staff have indicated that updates and revisions to several longstanding regulations (e.g., Regulations J, K, O, and Y as well as Regulation W) are under consideration. At this time, no specific proposals have been issued. However, the Federal Reserve has issued FAQs under these (and other) regulations and may continue to do so.
Consumer protection/fair lending
13. Bank product fees
Not only are new consumer financial products and methods of delivery raising consumer protection issues, but long-standing types of fees for various products are attracting new attention. Bank overdraft fees have received significant attention recently; the Acting Comptroller of the Currency set out expectations regarding practices that national banks should consider in assessing overdraft fees (such as providing a grace period before imposing a fee). In addition, the director of the CFPB has raised issues with a range of fees (which he referred to as “junk fees”) charged by banks, mortgage lenders, Fintechs and others that are described as not being subject to competition, such as late fees and overdraft fees. The CFPB has requested public comments on a range of types of fees, with comments due on or before March 31, 2022.
14. Fair lending
Fair lending (anti-discrimination) issues arise in several contexts and fair lending is a priority of the Biden Administration. Given the centrality of homeownership to American economic life, combatting discrimination in the housing market has received significant attention. But law enforcement agencies and banking regulators have also pursued lending discrimination actions in other markets, such as auto lending.
One of the issues to watch in the coming year is the use of artificial intelligence to make credit decisions and the fair lending implications of such use. This is an issue that has been raised in several contexts, including in comments by the director of the CFPB.
Another area to watch involves cases alleging redlining, the practice of financial institutions to not lend into or establish locations in areas with majority-minority populations. An action against one national bank in October 2021 involving redlining was accompanied by a joint announcement by the DOJ, CFPB and OCC of a nationwide initiative to combat redlining by both bank and non-bank lenders.
Separately, the Department of Housing and Urban Development issued a proposed rule in June 2021 to reinstate its 2013 “discriminatory effects” rule under the federal Fair Housing Act. The 2013 rule had been rescinded and replaced during the Trump Administration with a rule that would have made proving discriminatory effects cases much more difficult, but that action was stayed by a federal district court, leaving the 2013 rule in place. The June 2021 proposed rule would essentially recodify the 2013 rule. The comment period on that rulemaking closed in August 2021.
15. Community Reinvestment Act
The Community Reinvestment Act (CRA) is essentially an anti-redlining statute that requires banks to serve all segments of their community, including low- and moderate-income segments. The federal banking agencies have long implemented the CRA with a consistent set of regulations. In June 2020, the OCC issued a separate regulation, but that new regulation was rescinded late last year. The banking agencies are again working on an update to the regulation and a coordinated interagency proposal is expected. Acting FDIC Chairman Gruenberg (who became Acting Chairman on February 7, 2021) listed strengthening the CRA as first on his list of priorities.
The CRA is focused on the geographic market in which a bank has its physical branch offices. One of the key issues is how to adapt the CRA to a world in which banks increasingly serve their customers online rather than through physical branch offices.
In March 2022, the three federal banking agencies and two Federal Reserve Banks (Chicago and San Francisco) will host the national Community Reinvestment Act conference, a biennial conference that addresses various issues and trends arising under the CRA.
How we can help
Our financial services/regulatory team effectively manages our clients’ top concerns: regulation, compliance and enforcement. Our lawyers have built a strong reputation in the market over many years of advising and assisting clients in complex financial services regulatory and enforcement matters.
We represent US and non-US banks and their subsidiaries before US federal and state bank regulatory agencies on a wide variety of matters. We have deep experience in the regulatory framework in which all manner of financial institutions operate globally and can advise clients on the full scope of regulatory requirements and implications for US and non-US owners of US financial firms. We have over 50 lawyers in the United States who represent US and non-US financial institutions in a variety of both compliance and contentious (i.e. enforcement or trial stage) regulatory matters.