Banking Law
FinCEN and OFAC Issue First Joint Action in Cryptocurrency Market
By Rachael L. Aspery & Aaron Kouhoupt, McGlinchey Stafford, PLLC
On October 11, 2022, the Financial Crimes Enforcement Network (“FinCEN”) and the Office of Foreign Assets Control (“OFAC”) acted in parallel to issue the first joint action in the cryptocurrency market against Bittrex. Bittrex was a convertible virtual currency (“CVC”) platform with offices primarily in Washington State and was licensed as a money services business (“MSB”) with FinCEN. As a licensed MSB, Bittrex was required to develop, implement, and maintain an effective anti-money laundering (AML) program that was reasonably designed to prevent money laundering and the potential financing of terrorist activities.
OFAC entered into the largest settlement in its history ($24 million) claiming that Bittrex processed transactions that violated OFAC sanctions. OFAC identified that Bittrex conducted more than 116,000 transactions, valued at over $260 million, with entities and individuals located in jurisdictions subject to comprehensive OFAC sanctions, including transactions with entities and individuals operating from OFAC-sanctioned jurisdictions such as Iran, Cuba, Sudan, Syria, and the Crimea region of Ukraine.
In addition, FinCEN assessed a $29 million civil money penalty against Bittrex for alleged violations of the Bank Secrecy Act and FinCEN’s implementing regulations between February 2014 and December 2018. FinCEN found that Bittrex failed to maintain an effective AML program to appropriately address the risks associated with the products, geographies, and services it offered, including anonymity-enhanced cryptocurrencies. It also failed to implement effective transaction monitoring, with Bittrex relying on as few as two employees, with minimal AML training and experience, to review all transactions on the platform for suspicious activity. This was despite transactions sometimes totaling more than 20,000 per day. Bittrex also failed to develop and implement sufficient risk-based controls for high-risk CVCs, such as anonymity-enhanced cryptocurrencies, and failed to file suspicious activity reports where required.
Ensuring your Bank Secrecy Act and OFAC Programs contain the proper level of staffing, monitoring, training, and reporting necessary based on the risk profile of your business operations and products remains critical to ensure compliance with these foundational federal laws and regulations. Failure to do so can result in significant fines as evidenced by the joint action against Bittrex.
FinCEN Issues Final Rule Establishing Beneficial Ownership Information Requirements
By Rachael L. Aspery & Amy Greenwood-Field, McGlinchey Stafford, PLLC
On September 29, 2022, the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) issued a final rule that establishes a beneficial ownership information (BOI) reporting requirement that will require reporting companies to report information about their respective beneficial owners to FinCEN, effective January 1, 2024. This reporting requirement will be in addition to the current state level requirements for submission of entity formation information.
Generally, the businesses subject to the BOI reporting requirement will include most corporations, limited liability companies, and other entities created in or registered to do business in the United States. A defined “reporting company” will be required to file its BOI report with FinCEN to identify itself and its beneficial owners (including entities and individuals) who exercise “substantial control” over the reporting company, or who own or control at least twenty-five percent “ownership interest” of the company. “Reporting companies” that are created or registered before January 1, 2024, will have one year—until January 1, 2025—to file their initial reports, while reporting companies created or registered after January 1, 2024, will have thirty days after receiving notice of their creation or registration to file their initial reports. Reporting companies will also have thirty days to report any changes in reporting information.
However, certain entities engaged in various financial services activities (including but not limited to: securities issuers, investment advisers, broker dealers, banks and their holding companies, credit unions, money transmitters, and insurance companies) that are already subject to ownership reporting and oversight by other federal and/or state agencies are specifically excluded from these additional reporting requirements. Also excluded from the definition of a “reporting company” is any entity with a U.S. operating presence that employs more than twenty employees on a full-time basis in the United States and that has filed a U.S. federal tax return in the previous year demonstrating more than $5,000,000 in gross receipts or sales in the aggregate.
The adoption and implementation of the final rule is important for both domestic prevention of financial crime and international consensus in moving toward transparency. Domestically, the final rule was designed to enhance the strength and transparency of the U.S. financial system in order to deter and prevent criminal actors from utilizing shell companies to launder money or hide assets.
In concert with publishing the final rule, FinCEN also published a fact sheet. It appears that it will also publish guidance aimed to assist reporting companies in complying with the final rule and to establish guidelines as to who will have access to reported data, although it is expected that access to the reported information will ultimately be available to law enforcement, the intelligence community, regulators, and financial institutions.
Consumer Finance
Fifth Circuit Rules the CFPB’s Funding Structure Unconstitutional, Strikes Down Payday Lending Rule
By Eric Mogilnicki & Tyler Smith, Covington & Burling LLP
On October 19, 2022, the Fifth Circuit Court of Appeals held, in a challenge to the Payday Lending Rule of the Consumer Financial Protection Bureau (CFPB), that the Consumer Financial Protection Act’s mechanism for funding the CFPB violates the Constitution. Under the CFPA, the Bureau receives funding through the Federal Reserve fund, which is itself funded via bank assessments. According to the Court, this “double insulation” of the Bureau from the Congressional appropriations process violates the Constitution’s separation of powers. The Court vacated the Payday Lending Rule as a “product of the Bureau’s unconstitutional funding scheme.”
This opinion is likely to create substantial uncertainty going forward. The logic behind the Court’s action, striking down the Payday Lending Rule because improper funding contributed to its development, seems applicable to a wide range of Bureau activities, including CFPB regulations and pending supervisory and enforcement matters.
Director Chopra Issues Statement Supporting Proposed FDIC Rulemaking Intended to Reduce Bailout Risk in Large Domestic Banks
By Eric Mogilnicki & Tyler Smith, Covington & Burling LLP
On October 18, 2022, CFPB Director Rohit Chopra issued a statement in support of a proposed Federal Deposit Insurance Corporation (FDIC) rule intended to reduce risks to the economy posed by excessive concentration in banking. Specifically, the FDIC issued an advanced notice of proposed rulemaking seeking comments on whether systemically important banks should be required to issue a minimum amount of unsecured, long-term debt to insulate against bailout risk in the event of a bank failure. In supporting the proposal, Chopra cautioned against using the measure to justify a relaxed merger review process and counseled that the move to reduce the risks associated with bank failures should be coupled with measures intended to reduce the likelihood of such failures, including more exacting enforcement of prudential requirements.
CFPB Submits Annual Report to Congress on College Banking and Credit Card Agreements
By Eric Mogilnicki & Blair Hotz, Covington & Burling LLP
On October 13, 2022, the Bureau submitted its annual report to Congress on College Banking and Credit Card Agreements. Required under the Credit Card Accountability, Responsibility, and Disclosure Act, the report reviews agreements and data covering more than 1.2 million student checking and credit card accounts that are governed by partnerships between institutions of higher education and financial services providers.
The report identifies several key takeaways from this data, including that:
- financial service companies and their partner schools appear to offer and promote products that are more expensive than what students could receive from other provider or, in some cases, at the same financial institution;
- some students are being directed to lists of account options that do not appear to comply with Department of Education regulations (e.g., some students were told that their financial aid payments might be delayed if they did not select a college-sponsored account);
- some higher education institutions do not appear to prominently post required disclosures on the institution’s website; and
- the number of agreements, overall payments from issuers to institutions, and open accounts pursuant to agreements related to college credit cards continue to decrease, and agreements with alumni associations continue to represent most of such agreements, payments, and accounts.
In an accompanying press release, CFPB Director Chopra added that “many college-sponsored financial products cost students more than accounts that are readily available on the open market. . . . Today’s report suggests that there is more work to do to ensure that students are not steered into school-endorsed products with junk fees. We will continue to work with the Department of Education to help students find the best possible products.”
The Department of Education released blog post discussing the Bureau’s report and findings, along with a Dear Colleague Letter reminding higher education institutions of their regulatory obligations in overseeing such arrangements with financial institutions.
Director Chopra Proposes Regulation of the Stablecoin Market
By Eric Mogilnicki & Tyler Smith, Covington & Burling LLP
At an October 3, 2022, meeting of the Financial Stability Oversight Council (“FSOC”), CFPB Director Rohit Chopra delivered prepared remarks highlighting the risks posed by, and recommending heightened regulation of, the stablecoin market. The director’s speech focused on a FSOC report outlining the risks associated with the digital asset industry. According to Chopra, stablecoins pose more imminent financial stability risks than other kinds of digital assets, especially as large technology companies and P2P platforms explore the possibility of developing their own stablecoins. To mitigate these risks, Director Chopra suggests that the FSOC promulgate additional regulations of the stablecoin industry, noting that the FSOC could designate activities conducted within stablecoin arrangements as (or as likely to become) systemically important payment, clearing, and settlement activities under Title VIII of the Dodd-Frank Act.
U.S. Chamber of Commerce Files Lawsuit Challenging CFPB’s UDAAP Guidance
By Eric Mogilnicki & Blair Hotz, Covington & Burling LLP
On September 28, 2022, the Chamber of Commerce, American Bankers Association, Consumer Bankers Association, and other trade groups filed a lawsuit against the Bureau and CFPB Director Chopra in the United States District Court for the Eastern District of Texas. The lawsuit challenges recent updates that the Bureau made to its examination manual on unfair, deceptive, or abusive acts and practices (“UDAAPs”), which now characterizes discriminatory conduct as “unfair” under the Dodd-Frank Act.
The plaintiffs allege that the Bureau’s changes to the examination manual are invalid for several reasons, including that:
- the Dodd-Frank Act does not give the Bureau statutory authority to characterize discriminatory practices as UDAAPs;
- the changes violated the Administrative Procedures Act because they were not subject to a proper notice-and-comment process; and
- the Bureau’s ability to self-fund violates the Appropriations Clause of the U.S. Constitution because it prevents Congress from exercising its power to check the Executive Branch by approving appropriations.
CFPB Rescinds No-Action Letter and Compliance Sandbox Policies
By Eric Mogilnicki & Blair Hotz, Covington & Burling LLP
On September 27, 2022, the Bureau published a Statement on Competition and Innovation. The statement rescinds the Bureau’s “Policy on No-Action Letters” and “Policy on the Compliance Assistance Sandbox.” Both policies were designed to foster innovation and adopted towards the end of the tenure of CFPB Director Kathy Kraninger. The Policy on No-Action Letters allowed individual companies and trade associations to apply for a no-action letter from the Bureau advising the recipient that the Bureau would not make supervisory findings or bring an enforcement against it with respect to certain matters. Similarly, the Policy on the Compliance Assistance Sandbox provided individual companies the opportunity to innovate with some protection from liability under federal consumer financial laws.
The Bureau offers only a conclusory explanation for this change in policy: “[t]he CFPB determined that the Policies do not advance their stated objective of facilitating consumer-beneficial innovation. The CFPB also determined that the existing Policies failed to meet appropriate standards for transparency and stakeholder participation. The CFPB is developing new approaches to facilitate the development of new products and services.”