The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (the Act) dramatically changed the financial regulatory landscape with broader and more stringent consumer financial protection laws. But one area that the Act does not appear to have changed is National Bank Act (NBA) preemption of state consumer financial laws.
Federal preemption of state laws is important because preemption allows national banks to adhere to one set of federal consumer protection standards instead of 50 state standards. The Dodd-Frank Act provides that the NBA preempts specified state consumer financial laws only if the state law:
discriminates against national banks;
“prevents or significantly interferes” with the exercise of a national bank’s powers “in accordance with the legal standard for preemption” set forth by the Supreme Court in Barnett Bank of Marion County, N.A. v. Nelson, 517 U.S. 25 (1996); or
is preempted by other federal law.
The second provision worried banks and caused much debate in Congress because consumer advocates sought in the legislative process to establish a new, higher standard for NBA preemption than prior to the Dodd-Frank Act. These concerns have been eased in the year since the Dodd-Frank preemption provisions became effective. Instead of heightening the preemption standard, the Office of the Comptroller of the Currency (OCC) and federal courts have generally interpreted the Act’s “prevents or significantly interferes” provision as merely clarifying the pre-existing preemption standard.
The OCC is the federal agency charged with interpreting the Dodd-Frank preemption provisions and supervising national banks. In a final rule issued in July of 2011, the OCC concluded that, “the Dodd-Frank Act does not create a new, stand-alone ‘prevents or significantly interferes’ preemption standard, but rather incorporates the conflict preemption legal standard and the reasoning that supports it in the Supreme Court’s Barnett decision.” In other words, the Act did not work any meaningful change in the standard for NBA preemption.
Importantly, most courts have thus far reached the same conclusion as the OCC.* Two district court opinions have included brief statements suggesting that Dodd-Frank may somehow have changed the NBA preemption standard, but neither of these courts ultimately made a definitive ruling on this basis.
In short, while it is still too early to say conclusively that the OCC’s view of the Dodd-Frank preemption provisions will prevail in the courts, the early signs are positive and consistent with the view that the Dodd-Frank Act did not change the NBA preemption standard.
* See, e.g., Baptista v. JP Morgan Chase, N.A., 640 F.3d 1194, 1197 (11th Cir. 2011) (treating the Act as having no effect on NBA preemption standards); U.S. Bank , N.A. v. Schipper, 812 F. Supp. 2d 963, 968 n.1 (S.D. Iowa 2011) (concluding that the Act “did not materially alter the standard for preemption the Court must apply”); Parks v. MBNA America Bank, N.A., 2012 WL 2345006 (Cal. June 21, 2012) (“In 2010, the Dodd-Frank Act codified the significant impair test articulated in Barnett Bank.”)
The dual challenges of the regulatory and earnings environments present financial institutions with an opportunity to build a new model that may help them thrive in the coming years.
As they consider moving forward, how do institutions avoid reactive, haphazard, and uncoordinated sets of firefights as they respond to the new rules and regulations? Complexity can be overwhelming and compliance resources are often scattered and in short supply. If financial institutions want to stay ahead of both the regulations and the competition, if they aim to be stronger, safer, more focused, and able to generate acceptable returns for their shareholders, it may behoove them to consider adopting three concurrent strategies:
Create an enterprise-wide regulatory ‘air traffic controller’
Restructure the business
Increase transparency by creating world-class information management and analytical capabilities
For access to the full report from Deloitte, which provides perspective on the new regulatory environment, observations on how the industry is responding, and a three-point strategy for institutions to consider, click here.
While there is much in the Dodd-Frank Act that doesn’t apply to banks under $10 billion in assets, directors at smaller banks should still be worried about other things—like how they’re viewed by their regulators, how they approach risk and how they discharge their responsibilities.
That was the message coming out of a regulatory panel at Bank Director’s Bank Audit Committee Conference last month in Chicago.
A supervisor at the Federal Reserve’s Division of Bank Supervision and Regulation, Pamela Martin, told the crowd that Dodd-Frank isn’t geared toward institutions below $10 billion in assets. As an example, she said that the Federal Reserve has no intention of requiring stress tests to community banks.
Dodd-Frank mandates that banks above $10 billion in assets establish a board level risk committee, and banks above $50 billion in assets must have both a risk committee and a chief risk officer.
“I would doubt we would be more stringent than what we’ve already proposed,’’ Martin said.
However, the newly created Consumer Financial Protection Bureau (CFPB), which was authorized by Dodd-Frank, will take complaints from consumers and businesses about all banks, not just big banks.
Charles Vice, the commissioner of the Kentucky Department of Financial Institutions, who also spoke on the panel, said some rulemaking by the CFPB will impact banks of all sizes, but he didn’t see the agency “having time to go after community banks” specifically.
During the panel discussion, the regulators talked about the importance of enterprise risk management, and of taking a thorough approach to analyzing the bank’s risks and trying to anticipate future scenarios that could impact the bank.
“It doesn’t have to be these complex diagrams that consultants publish,’’ Martin said. “You need to understand the risks you’re taking and do something about it.”
Vice said that a small bank doesn’t necessarily need a chief risk officer. “Even if you don’t have a dedicated employee, at least your senior management and board should be looking at your risk and how to mitigate it and manage it,’’ he said.
Innovation and Risk
One potential area of risk is new business and investments.
Martin said she was concerned that banks had a lot of cash on their balance sheets and might invest in risky ways. She also is concerned whether banks understand new business lines or new geographic areas they might expand into.
“Why are you going into this market, or how are you going to make money and do you have the capital to support this new activity?” she said. “We’re paying attention to the fact that you’re in a low profitability environment. That’s not going to change anytime soon. Understand the risk you’re taking and how you will support the risk you’re taking.”
One of the ways that regulators assess the job that the board is doing is by reading committee minutes. Vice said his department’s pre-exam work includes reading audit committee minutes and reports. His department will change the focus of the exam depending on the examiners’ comfort level with audit committee work, he said.
Regulators also look at the scope of the external audit. If it doesn’t look like internal or external audit work is robust enough, they’ll take a deeper look at the audit and whether the audit committee discussed results and had a game plan to deal with audit recommendations, Vice said.
Martin concurred that the Federal Reserve likes to see lots of discussion reflected in the audit committee minutes.
She said the bank isn’t downgraded for not having lots of discussion included in the minutes, but a robust discussion is an plus. If there are any issues uncovered in the audit, those ought to be addressed.
“We want the bank to identify the problems,’’ she said. “You don’t have to solve them immediately. You don’t necessarily have to solve them the next time the exam comes around, but we want to see progress.”
This week, regulators released the public sections of the “living wills” of nine of the world’s largest financial institutions, plans that were submitted to the Federal Deposit Insurance Corp. and Federal Reserve Board and required by Section 165(d) of the Dodd-Frank Act. The first round of resolution plans marks an important step in Dodd-Frank compliance efforts, with more than 100 additional institutions facing a similar requirement before the end of 2013. [Editor’s note: The rule generally applies to bank holding companies with more than $50 billion in assets as well as systemically important non-bank financial services companies.] As second- and third-round filers—whose respective deadlines are based on asset size—embark on this challenging but valuable task, they should keep in mind the following lessons learned from the first round:
1. Understand the Key Players. Resolution planning involves different groups whose input feeds into the ultimate work product.
The Resolution Plan Team—The project managers of the resolution planning process and their team run the process. The resolution plan team serves as an information aggregator, project driver and thought leader for the bank’s process. The team typically includes senior legal, treasury, and risk management executives, as well as project managers, outside advisors and data compilers.
The Front Office—The business people intimately familiar with each of the institution’s core business lines and critical operations are needed to provide the institutional knowledge at the crux of the plan, design resolution strategies, identify barriers or obstacles to resolution and develop assumptions.
The Regulators—The FDIC, Federal Reserve Board, and potentially other regulators can be expected to engage in frequent dialog with the resolution plan team as the plan is being developed.
2. Allocate Sufficient Time and Resources. Resolution planning is a new and time consuming process. Advance planning combined with an early start is an absolute must. For example, banks subject to the July 1, 2013 deadline should establish their teams, develop their process and select their advisors no later than September 2012 to allow for sufficient execution time.
3. Develop Integrative Strategies. The resolution plan team should hold a series of meetings with key front office leadership to learn from each other and develop integrative strategies that take into account the likely effects of insolvency proceedings on ongoing business operations. Initially, the team will educate others about resolution planning, while the front office team will educate the resolution plan team about their particular business functions. This should naturally evolve into an ongoing dialog to identify concerns and refine strategies as the process unfolds.
4. Frame Fundamental Assumptions. A company must identify the fundamental assumptions underlying its plan. Through such assumptions, a company may focus the project by reducing the number of variables and mitigating those beyond its control. Initial assumptions should be revisited at critical points throughout the process to ensure they remain valid as the resolution plan is developed.
5. Identify Operational and Financial Commonalities. Many business lines and operations have common assumptions, obstacles, interconnections and strategies. It is incumbent on the resolution plan team to identify these and develop a consistent approach.
6. Recognize Practical Limitations. The resolution planning process simply cannot eliminate all systemic risk or provide a solution for every issue that may potentially cause a disruption to U.S. financial markets. When an impediment to resolvability needs to be addressed, the team should work diligently to find one or more practical mitigating measures (as opposed to an “ideal” solution). Regulators recognize that there may be issues that cannot be solved at this point in time, including some outside of any one bank’s control, but they expect these issues to be identified nonetheless.
7. Facilitate Dynamic Discussions. As resolution planning is still in its formative years, the plan may change and evolve, requiring lots of discussion and attention. It will evolve through both internal dialog (i.e., discussions between the resolution plan team and the front office) and external dialog (i.e., discussions between the firm and regulators), as well as regulators’ review of resolution plans. These discussions are important to ensure that everyone, including the front office, remains consistent and current on evolving regulatory expectations.
The upside is there are no “right” answers and no prescribed solutions to any issue. Further, at least for the first round of resolution plan filers, regulators have suggested that no initial resolution plans will fail.
8. Blend Disclosure with Advocacy. A resolution plan is necessarily part disclosure and part advocacy. Though banks are required to demonstrate that they are resolvable, a financial institution can also use its resolution plan to advocate preferred solutions to horizon issues and educate the regulators about their operations to facilitate future discussions on M&A transactions and new product lines.
9. Reflect and Improve. Firms should embrace resolution planning as a means to examine all aspects of the operation and, by doing so, identify means to improve efficiencies and reduce operational costs throughout the organization. This “forced introspection” can be equally useful to optimize risk management strategies on an entity-wide basis as different scenarios are considered.
Resolution planning is a new frontier for banks and regulators alike. Poor planning and execution can easily cause the process to become unduly burdensome, whereas advanced planning, lots of introspection, and the strategic blend of disclosure and advocacy can result in an efficient process that yields benefits to the institution beyond resolution planning.
With the Dodd-Frank Act’s Volcker rule coming into effect next month and placing limitations on big banks’ trading abilities, we asked bank attorneys across the country what they thought would really come from this change. Although many different possible scenarios were cited, it was almost unanimous that all the attorneys believe the Volcker rule is likely to cause more damage than good. From hurting the efficiency of our markets to heightening other risks and limiting diversification, one must wonder, is the Volcker rule really going to be a good thing for the health of the financial system?
Will the Volcker rule achieve its intended goal of lowering the risk profile of large banks by prohibiting them from engaging in proprietary trading activities?
The Volcker rule is unlikely to achieve its intended goal because it is so difficult to distinguish proprietary trading from hedging and market-making. Banks are already limited by the types of instruments and securities they can trade in for their own account by Section 16 of the Glass-Steagall Act, which remains in effect as Section 24(7) of the National Bank Act. The most likely effect is that systemic risk may increase as market liquidity decreases, as banks and their affiliates maintain smaller securities inventories, consistent with the Volcker rule proposals. This could widen securities’ bid/ask price spreads, and make the markets less efficient. This will also have an adverse effect on smaller financial institutions which depend upon larger banks and their trading desks for their investment securities purchases and sales.
—Chip MacDonald, Jones Day
Rules are destined to be broken. Like so many well-intentioned laws and regulations, the Volcker rule might end up doing exactly the opposite of what is intended—that is, increasing the risk profiles of large banks, through hedging and other transactions with higher risks than old-fashioned proprietary trading activities. Can you identify any proprietary trading investments that have caused losses in the same ballpark as JPMorgan’s recently acknowledged losses or the hedge fund Long-Term Capital Management’s losses back in 1998? These losses illustrate that the financial marketplace can be a tough taskmaster when seemingly well-thought-out investment strategies, by some very smart traders, run into the ever-changing real world marketplace. No one has a lock on what will work best in the future financial marketplace, but savvy, conservative bankers with competent advisors usually do all right in the long-run.
—Doug McClintock, Sara Lenet, Alston & Bird
I am generally skeptical of the Volcker rule’s purported benefits to bank safety and soundness. I think appropriate capital, leverage, and liquidity requirements—when combined with a robust risk management framework and culture inside each institution—will do far more to lower the risk profile of large banks. Moreover, the Volcker rule in its current form only compounds the problem by requiring regulators and market participants to make, in some cases, spurious distinctions between and among proprietary trading, market making and hedging.
—Heath Tarbert, Weil, Gotshal & Manges LLP
Certainly the Volcker rule will restrain bank proprietary activities, and any reduction of activities reduces risk profiles to a degree. However, after a point, protection turns to paralysis. Years after Dodd-Frank, there still has been no evidence that proprietary trading contributed to the financial crisis, and the rules could put U.S. banks at a competitive disadvantage, particularly with respect to their worldwide operations.
—Greg Lyons, Debevoise & Plimpton
It is too early to determine the ultimate scope of the Volcker rule. Regardless of the ultimate shape of the Volcker rule, the real key is whether financial institutions can set appropriate risk tolerances, monitor adherence and stay within them. The leaders of the bank regulatory agencies recently were questioned by the Senate Banking Committee in the aftermath of the JPMorgan Chase & Co. $2 billion-plus trading losses. The regulators were unanimous that risk neither should be nor could be removed from banking. The focus on hyper- technical rules, such as those promulgated in draft form to enforce the Volcker rule, rather than on risk management principles and practices, is misplaced.
—Peter Weinstock, Hunton & Williams
By completely taking away proprietary trading and investment in and sponsorship of private equity, hedge and other similar private funds, the Volcker rule inappropriately concentrates investment and other risk in other activities and asset classes, all of which have run into calamities in the past. For example, subprime lending is not barred by the Volcker rule. We will not be well-served in the long run by having the largest and most sophisticated U.S. financial institutions become one or two-trick ponies. That said, the Volcker rule is upon us and, in the absence of final regulations, we are spending lots of time with clients developing conformance plans with our divining rods.
For community banks, these are interesting times. The economic recovery hasn’t gained enough steam for institutions to be able to count on solid returns. Many banks also face a lingering credit crunch as access to capital remains restricted nearly four years after the Troubled Asset Relief Program. In fact, more than 350 institutions, many of them community banks, still have TARP and many of them are having trouble raising the capital needed to repay government funds. To top it all off, the coming implementation of the Dodd-Frank Act has created uncertainty—although community banks were exempted from some of the law’s more stringent requirements, there are still concerns that even smaller institutions will eventually be held to the same standard.
Against this backdrop, the work of audit committees has taken on added importance. With a slim margin of error and a shifting regulatory landscape, verifying that the proper internal controls and compliance measures are in place can be the difference between thriving, barely surviving, and falling behind the competition. Here are the top three issues that audit committees of community banks need to have on their radar for the coming year.
1. Don’t Neglect Audit Fundamentals
Audit committee members should approach their annual audit not as a routine exercise but as an opportunity to reassert their independence, neutrality and objectivity. Although audit committee members are well acquainted with their institution’s strengths and weaknesses, they should force themselves to adopt an impartial perspective when assessing external audit findings.
With this in mind, audit committee members should make sure the external auditor is asking the right questions and verify that the audit is being conducted with a healthy dose of skepticism. By dispensing with preconceptions about their institution, committee members can remain open to all answers, explore all possibilities—and more important—be prepared to take the actions necessary to address any issues the external audit uncovers. Furthermore, members can help promote a culture of strong internal controls by demonstrating their commitment to a thorough audit.
2. Try to Anticipate What Comes Next
As regulations and requirements continue to evolve, audit committees needn’t wait for the Federal Reserve or other agencies to release guidance to get a sense of the potential impact on their institution. Fortunately, seeing the future doesn’t have to involve a trip to a psychic for a tarot card reading. The following sources can provide important hints of what to expect.
The Center for Audit Quality, based in Washington, D.C., regularly publishes insight and the latest developments. Its board includes leaders from public auditing firms and it is affiliated with the American Institute of Certified Public Accountants.
The business press, both in its coverage and the mix of stories, can be a barometer of where policymakers and enforcement agencies are directing their focus.
3. Be Forthright in Communicating About Negative Audits
Community banks, by the very nature of their close relationship with customers and local businesses, must take special care in explaining audit findings. In the event of a negative or potentially damaging audit, audit committees can play an instrumental role in developing a communications strategy, particularly since an audit can uncover complex or arcane issues that may be difficult for other bank executives or the public to understand.
Across all communications channels—from press releases and investor relations calls to Securities and Exchange Commission filings—committee members should work to be sure that the information is consistent. Moreover, an institution should strive to demonstrate that it embraces accountability and transparency. The tone and messaging can help send a powerful signal that the bank has nothing to hide and is taking the necessary steps to address issues. Information on performance that goes beyond the financial statements is important to maintaining confidence in your institution. For example, non-GAAP key performance indicators such as customer retention and assets under management can offer context and help allay any fears among the public.
By remaining objective, proactive and transparent, the audit committees of community banks can help their institutions stay nimble in the face of changing conditions while instilling confidence in local customers.
Now that the worst of the financial crisis is behind them, bank boards might think they can finally breathe a sigh of relief. Except that they can’t. More than 350 people attending the Bank Director Audit Committee Conference June 7-8 in Chicago learned about the new challenges facing audit committees this year—from new regulations regarding risk and compensation, to the struggle that many banks face trying to build capital and grow revenue and earnings in a difficult economic environment. Participants also received instruction on how to identify and root out large-scale internal fraud, one of the worst threats to the bank’s survival, as well as an update on trends in liability and insurance for bank directors.
“The conversation has shifted,” said Robert Fleetwood, a bank attorney with Barack Ferrazzano Kirschbaum & Nagelberg LLP in Chicago, who spoke at the conference. “Now, it’s more of a ‘thank God we survived.’ Once you can label yourself a survivor, you can think about the next three to five years.”
Several directors spoke at the conference about their challenges and solutions at a wide range of banks, from the Bank of Tennessee in Kingsport with just $650 million in assets to $20-billion asset SVB Financial Group in Santa Clara, California, which has offices in China, India and the United Kingdom.
Regulation and capital will be huge areas of concerns during the next few years, as most of the rules coming out of the Dodd-Frank Act haven’t been finalized yet. Plus, many banks still lack sufficient capital to acquire other institutions. Risk management will be an area of heightened focus for regulators and banks, the vast majority of which don’t have a separate risk committee. As part of that, even though stress testing is only required for banks above $10 billion in assets, the Federal Deposit Insurance Corp. this month published a guide to stress testing for community banks.
However, Pamela Martin, a senior supervisory financial analyst in the supervision division of the Federal Reserve, tried to calm worries at the conference about increased regulation and pressure to comply with rules designed only for the bigger banks.
“Dodd-Frank is really geared at the largest institutions and it’s not designed for community banks,’’ she said. “We have no intention of applying this to community banks, including stress tests.”
Speakers at the conference also talked about how to handle risk on the audit committee and ferret out fraud.
“If I served on a bank board, I would want to know someone served as [the chief risk officer],” said James Shreiner, a senior executive vice president at Fulton Financial Corp, a $16.5-billion bank holding company based in Lancaster, Pennsylvania. “They might have 10 other jobs that they do but [banks] need to have someone who is responsible for risk and not have that be someone responsible for the revenue side.”
Knowing what the bank’s risks are, including the potential for fraud inside and outside the bank, is a particular focus for audit committee members.
“People are more willing to take a risk. Profits are down. Loans are down,’’ said Wynne Baker, the head of the banking practice at KraftCPAs in Nashville. “You want to be in business five years from now and so you want to make sure you have the right tone at the top.”
Much has been made of the trading mishap at JPMorgan Chase & Co.’s London office, resulting in current estimates of a $3 billion loss to the company or more. But what is at stake here is not so much JPMorgan’s financial health, which doesn’t appear in question, but future regulation of the financial sector.
JPMorgan CEO Jamie Dimon has been arguing publicly against certain kinds of regulation, including the Volcker rule, which would limit proprietary trading by the big banks.
“I think it’s unnecessary, especially when you add it on top of all the other [regulation],’’ Dimon reiterated this week before a U.S. Senate committee, where he spent two hours explaining his company’s trading mistake.
Welcome to the new age, where big banks will have to answer questions not just from their shareholders and customers, but from Congress as to what went wrong with their business and who knew what, and when.
Critics are using JPMorgan’s trading loss, which occurred in the division that invests customer deposits, to argue the Volcker rule ought to be strict and tough on banks.
Regulators have missed 67 percent of their rulemaking deadlines in implementing the Dodd-Frank Act, according to the Davis Polk law firm. Much remains to be written that will affect companies such as JPMorgan and smaller banks as well.
That’s why the public charades are so interesting.
“In the political world, it’s going to be hard for regulators to embrace a looser process rather than a stricter process,’’ says Harold P. Reichwald, a partner in Los Angeles at the law firm Manatt, Phelps & Phillips. “This incident with JPMorgan will have the effect of creating a heightened sensitivity on the part of regulators to pressure the banks they regulate to have a more formal approach to risk management.”
Michael Klausner, a professor with the Rock Center for Corporate Governance at Stanford University, thinks the JPMorgan trading loss really shouldn’t be a regulatory concern.
“Even if you had a 50 times greater hit to capital, you’d still not have a systemic event,’’ he says. “As a policy matter, what we worry about is a systemic event, or what would have an impact on other banks.”
JPMorgan says its capital levels remain strong and it will be profitable in the second quarter, despite the loss.
Klausner says that you can make the argument that the trading loss is serious enough threaten the CEO’s job and the value of the company’s stock, but as a regulatory matter, “it’s trivial.”
But nowadays, banks such as JPMorgan are addressing their business activities to a much wider audience than shareholders.
Among Dimon’s details about what went wrong with the risk management process at the chief investment office (CIO):
CIO’s strategy for reducing the synthetic credit portfolio [e.g. credit default swaps] was poorly conceived and vetted. The strategy was not carefully analyzed or subjected to rigorous stress testing within CIO and was not reviewed outside CIO.
In hindsight, CIO’s traders did not have the requisite understanding of the risks they took. When the positions began to experience losses in March and early April, they incorrectly concluded that those losses were the result of anomalous and temporary market movements, and therefore were likely to reverse themselves.
Personnel in key control roles in CIO were in transition and risk control functions were generally ineffective in challenging the judgment of CIO’s trading personnel. Risk committee structures and processes in CIO were not as formal or robust as they should have been.
CIO, particularly the synthetic credit portfolio, should have gotten more scrutiny from both senior management and the firm-wide risk control function.
Dimon detailed the company’s response to the “incident,” which included replacing much of its top investment management team and chief risk officer for the division. It also included establishing a new risk committee just for the chief investment office.
Sen. Charles Schumer, D-New York, asked Dimon during the hearing why the risk committee of the board missed what was happening in the trading office.
“Some questions have been raised about the oversight of your risk committee,’’ he said. “Why didn’t it do its job?”
Dimon said if management didn’t catch it, then the risk committee couldn’t. That sounds reasonable, but now the risk committee must find out why it wasn’t learning about the risks that the bank was taking. Dimon said the bank will learn from its mistake. So the question is now: What will regulators make of it?
Robert Fleetwood is part of the financial institutions group and is the head of the group’s securities law practice area at law firm Barack Ferrazzano Kirschbaum & Nagelberg LLP in Chicago. Here, he talks about the increasing demands for capital and the trickle down impact of the Dodd-Frank Act, topics for the upcoming Bank Audit Committee Conference in June.
What are the kinds of questions you think audit committee members should be thinking about?
Many of our clients, particularly our private community banks, have recently been asking: “Where will we be in five years? What do we need to be thinking about?” With today’s regulatory environment, signs of recovery in the general economy and continued advances in technology, these are critical questions that all directors should be asking. I will be participating in a peer breakout focused on community banks at Bank Director’s upcoming Bank Audit Committee Conference to discuss some important issues for audit committee members. Capital is of particular importance for all banks and I will discuss potential future capital requirements and what institutions can be doing now. I will address the role of the audit committee in risk management and the emergence of full risk committees. I will also talk about the mergers and acquisitions process and what all organizations should consider, whether or not they may participate in an M&A transaction.
Two of my partners will also speak at the conference. Joseph Ceithaml will participate in a breakout session regarding best practices that audit committees should consider to improve performance and will touch on topics including committee responsibilities, charters, the agenda-setting process, communication between meetings and committee membership. Additionally, John Geiringer will speak on some important regulatory issues, including recent Federal Deposit Insurance Corp. lawsuits and what boards of banks can learn from them to improve their practices.
Will regulators require higher levels of capital in the future? How can community organizations access capital?
There continues to be debate about whether capital is king to a financial institution’s health and well-being, or whether other factors, such as liquidity, are actually more important. Regardless of one’s viewpoint, it is clear that regulators and investors place a heavy emphasis on capital levels and that this will continue into the future. Basel III, Dodd-Frank and the unquantified “regulatory expectation” will shape what future capital requirements will be for all institutions, regardless of size. Not only are higher capital levels expected, but the components of capital will also change, with a clear bias toward more permanent common equity. A key question for community banks is whether they will need to raise additional capital to implement their strategic plans and, if so, how will they raise the necessary amount. Many community banks have relied on directors and existing shareholders for additional capital. Changes to the private placement rules included in the recently adopted Jumpstart Our Business Startups Act (the JOBS Act) may make it easier for banks to solicit others in their community for additional capital.
Will Dodd-Frank have a significant impact on community banks? What do audit committee members need to know?
The Dodd-Frank Act has certainly played a significant role in financial institutions’ strategic planning over the past two years. However, there is still uncertainty over Dodd-Frank, with many questioning how it will be completely implemented and affect community financial institutions. There is also the potential impact of the upcoming elections and events outside the U.S. financial services industry. Almost two years after the enactment of Dodd-Frank, about 75 percent of the required rulemaking has yet to be completed. Of the rules that have been completed, only about half have become effective. Over the last six months, regulatory agencies have begun to promulgate some of the major systemic risk rules that primarily affect the largest financial institutions. Many of the controversial proposals that attract most of the media attention are geared toward these larger institutions, including the Volcker Rule, capital stress testing and the preparation of the so-called institutional “living wills.”
Many of the rules that will ultimately be developed under the Act will likely have a trickle-down effect on smaller institutions, either through actual regulation or prudential supervisory guidance. Additionally, regulators are currently focused on consumer compliance issues, with the new Consumer Financial Protection Bureau leading the way, and many of those rules are becoming more subjective in nature, making monitoring and ensuring compliance more difficult. With all of this uncertainty, all directors, including audit committee members, will need to closely monitor regulatory developments and continue to plan for increased regulatory and compliance costs.
You probably thought the Consumer Financial Protection Bureau (CFPB) was just focused on, well, consumer protection, but the new agency has an important voice on certain compensation matters as well. And the beleaguered home mortgage industry, which really doesn’t need any more challenges right now, is waiting on the bureau to clarify whether mortgage loan origination compensation rules—first adopted by the Federal Reserve Board in September 2010 under Regulation Z—prevents the payment of performance bonuses to mortgage loan originators (or, to lapse into industry jargon, MLOs) as part of a non-qualified incentive compensation plan.
Rulemaking authority for Regulation Z, otherwise known as the Truth in Lending Act, was transferred to the CFPB by the Dodd-Frank Act, and in December 2011 the bureau issued interim final rules that recodified the Fed’s earlier restrictions on mortgage loan origination compensation. On the face of it, those restrictions were fairly straightforward. “Subject to certain narrow restrictions, the Compensation Rules provide that no loan originator may receive (and no person may pay to a loan originator), directly or indirectly, compensation that is based on any terms or conditions of a mortgage transaction,” according to CFPB Bulletin 2012-02, released on April 2 of this year.
In an official staff commentary issued by the Fed shortly after the rule was adopted, compensation was defined to include salaries, commissions and annual or periodic bonuses. Terms and conditions were deemed to include a loan’s interest rate, loan-to-value ratio or prepayment penalty.
I suppose it makes sense in our hyper-regulated world that the CFPB’s consumer protection authority would extend to MLO compensation because one of the more pernicious industry practices is steering, where borrowers—often low income people with poor credit histories—are unknowingly directed toward a more expensive mortgage that provides higher compensation to the originator than a cheaper loan.
Rod Alba, vice president and senior regulatory counsel at the American Bankers Association in Washington, says that up to this point the Fed’s commentary—including its amplification of “compensation” and “terms and conditions”—was easy enough to understand. But the commentary also stated that MLO compensation may not be based on a “proxy” for a term and condition. The CFPB bulletin explained it thusly: “[C]ompensation may not be based on a factor that is a proxy for a term and condition, such as a credit score, when the factor is based on a term and condition such as the interest rate on a loan.”
For Alba and others, that statement leaves too much to the imagination. “What the hell is a proxy?” he asks. “Well, a proxy is anything that would stand in the place of a term and condition. The problem with that is no one knows what it means. It was brought up in the commentary to the rule, not in the rule itself.”
More specifically, it’s unclear how banks can structure an incentive compensation program for their MLOs that won’t end up violating the rule. Alba worries that that any plan based on a profitability metric—whether it’s the profitability of a mortgage operation or even the bank itself—could run afoul of the rule if profitability is later judged to be an impermissible proxy. The regulatory rationale, I suppose, is that MLOs might still be tempted to engage in abusive practices like steering if they stand to gain under a performance-driven bonus plan that benefits the entire bank.
“Performance-based bonuses do fall into [the] proxy [definition] because the bonuses are derived from the loans,” Alba says. “That means [performance-based] bonuses are gone.”
“When they inherited this [from the Fed], the bureau didn’t clarify it,” adds Alba. “This rule is a mess!”
The CFPB has tried to provide some clarity about the compensation rule. In Bulletin 2012-02, the bureau states that banks “may make contributions to qualified plans like for loan originators out of a pool of profits derived from loans originated by employees under the Compensation Rules.” This would include 401(k) plans, which are the primary retirement programs for most employees today.
However, the bulletin did not provide guidance about how the rules apply to non-qualified plans like the ones that Alba is worried about.
Another confusing issue is the definition of an MLO. Is it someone who underwrites home loans? Or would the MLO designation also apply to, say, a branch manager who referred the borrower to an underwriter and might have played some role in negotiating the loan? If the latter turns out to be the case, then they would also fall under the rules and might not be eligible for a bonus paid out by a non-qualified plan.
Susan O’Donnell, a managing director at New York-based Pearl Meyer & Associates, relates the case of a client bank whose CEO might not be eligible to receive a bonus based on the bank’s performance because he has a license to originate loans and thus could be considered an MLO.
“If you fall into that category, then you can’t participate in any program that is tied to the profitability of the bank,” O’Donnell says.
How soon this mess gets cleaned up is anyone’s guess. In Bulletin 2012-02, the bureau points out that Dodd-Frank contains a provision that also deals with mortgage origination compensation and it must adopt a final rule to satisfy that requirement by Jan. 21, 2013. The bureau anticipates providing “greater clarity on these arrangements” in connection with that effort. But does that mean banks will be operating in the dark in terms of their MLO incentive compensation plans until next January? We don’t know.
The CFPB did not respond to an interview request on the matter. Neither did the Office of the Comptroller of the Currency, which along with the Federal Deposit Insurance Corp. (FDIC), has enforcement authority for Regulation Z at banks under $10 billion in assets. A spokesman for the FDIC declined to make an agency official available for an interview, but he did send along a Financial Institution Letter—FIL-20-2012—that was sent out to FDIC-supervised banks on April 17, 2012.
The FDIC’s letter framed the issue in pretty much the same fashion as the CFPB bulletin, and acknowledged that the CFPB has yet to provide any guidance about non-qualified incentive compensation plans for MLOs.
The letter concluded with this vague statement, which was probably meant to clarify the FDIC’s own enforcement perspective on MLO bonus plans, but probably didn’t clarify anything: “FDIC Compliance Examiners will review institution compensation programs in light of the Compensation Rules, and consider the specific facts of the institution’s compensation program, the totality of the circumstances at each financial institution, and the institution’s efforts to comply with the Compensation Rules.”