What Crypto’s Falling Dominoes Could Mean for Banks

On Nov. 11, the cryptocurrency exchange FTX declared bankruptcy. It’s a saga that’s played out through November, but here’s the bare bones of it: After a Nov. 2 CoinDesk article raised questions about FTX and a sister research firm, a rival exchange, Binance, announced on Nov. 6 its sale of $529 million of FTX’s cryptocurrency. In a panic, customers then sought to withdraw $6 billion and by Nov. 10, FTX CEO Sam Bankman-Fried was trying to raise $8 billion to keep the exchange alive.

This isn’t just a modern version of the old-fashioned bank run. FTX’s new CEO, John J. Ray III — who led the restructuring of Enron Corp. in 2001 — stated in a filing that he’s never seen such a “complete failure of corporate controls” in his 40 years of experience. “From compromised systems integrity and faulty regulatory oversight abroad, to the concentration of control in the hands of a very small group of inexperienced, unsophisticated and potentially compromised individuals, this situation is unprecedented,” he said.

The fallout promises serious ramifications for the digital assets space — and may impact some banks. BlockFi, another cryptocurrency exchange that was bailed out by FTX last summer, filed for bankruptcy protection on Nov. 28. Those two bankruptcies have impacted Memphis, Tennessee-based, $1.3 billion Evolve Bank & Trust, which operates a banking as a service platform for fintechs including FTX.

The bank stated its exposure to FTX was in deposit accounts for a limited number of FTX customers, whose funds would be released once Evolve gets approval from the bankruptcy court handling the FTX case. Evolve also issued credit cards for BlockFi customers through a relationship with Deserve; those accounts were suspended. “Evolve has no financial exposure to BlockFi or to the credit card program they marketed,’’ Evolve said in a statement Thursday.

“To be clear, Evolve did not lend to FTX or their affiliates; we do not have corporate or deposit accounts with FTX or their affiliates; we do not lend against crypto; we do not offer crypto custodial services; and, we do not trade crypto,” Evolve said in an earlier statement to customers. Evolve also said the bank has never invested or transacted in crypto.

A larger bank also appears to be impacted. La Jolla, California-based Silvergate Capital Corp., with $15.5 billion in assets, said in a statement that its FTX exposure was less than 10% of its $11.9 billion in digital assets deposits; it later said that BlockFi deposits comprised less than $20 million. However, funds from digital assets clients make up 86% of Silvergate’s deposit base, according to its most recent earnings presentation. The rest are brokered, explains Michael Perito, a managing director at Keefe, Bruyette & Woods. And now, he says, “their targeted core customer base is under a lot of stress.” As a result, Kroll Bond Ratings Agency placed Silvergate’s ratings on watch downgrade on Nov. 21.

“As the digital asset industry continues to transform, I want to reiterate that Silvergate’s platform was purpose-built to manage stress and volatility,” said Alan Lane, CEO of Silvergate, in a press release. The bank declined comment for this article.

FTX may be the worst but it’s not the only crypto-related incident this year; it’s not even the first bankruptcy. The volatility has resulted in what has been dubbed a crypto winter, marked by a steep decline in prices for digital assets. The price for bitcoin peaked on Nov. 8, 2021, at $67,567. As of Nov. 29, 2022, that value hovered just above $16,000, with a market cap of $316 billion.

Even if banks don’t hold cryptocurrency on their balance sheets, there are many ways that a chartered institution could be directly or indirectly connected. Erin Fonté, who co-chairs the financial institutions corporate and regulatory practice at Hunton Andrews Kurth, advises all banks to understand their potential exposure.

She also believes that crypto could be at an inflection point. “Some of the non-sexy elements of financial services are the ones that keep you safe and stable and able to operate,” says Fonté. “It’s the compliance function, it’s the legal function, it’s proper accounting and auditing, internal and external. It’s all those things that banks do day in and day out.”

That could result in more regulation around crypto, and more opportunities for banks. “A lot of people are getting hurt, and have gotten hurt this year,” says Lee Wetherington, senior director of corporate strategy at Jack Henry & Associates. “That gets legislative attention and that certainly gets regulatory attention.”

What Could Change
Legislation could target crypto exchanges directly, but legislators are also looking at the banking sector. In a Nov. 21 letter, the Senate Banking Committee urged bank regulators to continue monitoring banks engaged in digital assets. They specifically called out SoFi Technologies, which acquired a chartered bank in February 2022 and subsequently launched a no-fee cryptocurrency purchase option tied to direct deposits. “SoFi’s digital asset activities pose significant risks to both individual investors and safety and soundness,” wrote the legislators. “As we saw with the crypto meltdown this summer … contagion in the banking system was limited because of regulatory guardrails.”

In a statement on SoFi’s Twitter account, the company maintained that it has been “fully compliant” with banking laws. “Cryptocurrency remains a non-material component of our business,” SoFi continued. “We have no direct exposure to FTX, FTT token, Alameda Research, or [the digital asset brokerage] Genesis.”

Currently, the Federal Reserve and Federal Deposit Insurance Corp. require notification from banks engaged in crypto-related activities; the Office of the Comptroller of the Currency takes that a step further, requiring banks to receive a notice of non-objection from the agency. More regulation is likely, says Fonté, and could include investor and consumer protections along with clarity from the Securities and Exchange Commission and Commodity Futures Trading Commission. “There’s a lot that’s going to come out there that is going to reshape the market in general, and that may further define or even open up additional avenues for banks to be involved if they want to be,” she adds.

Opportunities in crypto and a related technology called blockchain could include retail investment products, international payments capabilities or trade settlement, or payments solutions for corporate clients that leverage blockchain technology — such as those offered by Signature Bank, Customers Bancorp and Silvergate.

The risks — and opportunities — will vary by use case. “We’re being presented with entirely new risks that haven’t existed in the past,” says John Epperson, a principal at Crowe LLP.

Banks could be seen as a source of safety and trust for investors who remain interested in cryptocurrency. Larry Pruss, managing director of digital assets advisory services at Strategic Resource Management, believes banks could win back business from the crypto exchanges. “You don’t have to compete on functionality. You don’t have to compete on bells and whistles. [You] can compete on trust.”

James Wester, director, cryptocurrency at Javelin Strategy & Research, believes that with the right technology partners, banks can approach cryptocurrency from a position of strength. “We understand this stuff better,” he explains. “We understand how to present a financial product to our consumers in a safer, better, more transparent way.”

Wetherington recommends that banks consider cryptocurrency as part of a broader wealth offering. He’s visited bank boardrooms that have looked at how PayPal Holdings and other payments providers offer users a way to buy, sell or hold digital assets, and whether they should mimic that. And they’ve ultimately chosen not to mirror these services due to the reputational risk. “You can’t offer buy, hold and sell of a single asset class that is materially riskier than any number of more traditional asset classes,” he says. “If you’re going to offer the ability to buy, hold and sell a cryptographic monetary asset, you should also be making available the opportunity to buy, hold and sell any other type of asset.”

But all banks could consider how to educate their customers, many of whom are likely trading cryptocurrencies even if it’s not happening in the bank. “Help those customers with things like tax implications … or understanding how crypto may or may not fit into things that their retail customers are interested in. That’s one of the things that financial institutions could do right now that would be good for their customers,” says Wester. “There’s a real need for education on the part of consumers about [this] financial services product.”

Current Compliance Priorities in Bank Regulatory Exams

Updated examination practices, published guidance and public statements from federal banking agencies can provide insights for banks into where regulators are likely to focus their efforts in coming months. Of particular focus are safety and soundness concerns and consumer protection compliance priorities.

Safety and Soundness Concerns
Although they are familiar topics to most bank leaders, several safety and soundness matters merit particular attention.

  • Bank Secrecy Act/anti-money laundering (BSA/AML) laws. After the Federal Financial Institutions Examination Council updated its BSA/AML examination manual in 2021, recent subsequent enforcement actions issued by regulators clearly indicate that BSA/AML compliance remains a high supervisory priority. Banks should expect continued pressure to modernize their compliance programs to counteract increasingly sophisticated financial crime and money laundering schemes.
  • In November 2021, banking agencies issued new rules requiring prompt reporting of cyberattacks; compliance was required by May 2022. Regulators also continue to press for multifactor authentication for online account access, increased vigilance against ransomware payments and greater attention to risk management in cloud environments.
  • Third-party risk management. The industry recently completed its first cycle of exams after regulators issued new interagency guidance last fall on how banks should conduct due diligence for fintech relationships. This remains a high supervisory priority, given the widespread use of fintechs as technology providers. Final interagency guidance on third-party risk, expected before the end of 2022, likely will ramp up regulatory activities in this area even further.
  • Commercial real estate loan concentrations. In summer 2022, the Federal Deposit Insurance Corp. observed in its “Supervisory Insights” that CRE asset quality remains high, but it cautioned that shifts in demand and the end of pandemic-related assistance could affect the segment’s performance. Executives should anticipate a continued focus on CRE concentrations in coming exams.

In addition to those perennial concerns, several other current priorities are attracting regulatory scrutiny.

  • Crypto and digital assets. The Federal Reserve, the Office of the Comptroller of the Currency, and the FDIC have each issued requirements that banks notify their primary regulator prior to engaging in any crypto and digital asset-related activities. The agencies have also indicated they plan to issue further coordinated guidance on the rapidly emerging crypto and digital asset sector.
  • Climate-related risk. After the Financial Stability Oversight Council identified climate change as an emerging threat to financial stability in October 2021, banking agencies began developing climate-related risk management standards. The OCC and FDIC have issued draft principles for public comment that would initially apply to banks over $100 billion in assets. All agencies have indicated climate financial risk will remain a supervisory priority.
  • Merger review. In response to congressional pressure and a July 2021 presidential executive order, banking agencies are expected to begin reviewing the regulatory framework governing bank mergers soon.

Consumer Protection Compliance Priorities
Banks can expect the Consumer Financial Protection Bureau (CFPB) to sharpen its focus in several high-profile consumer protection areas.

  • Fair lending and unfair, deceptive, or abusive acts and practices (UDAAP). In March 2022, the CFPB updated its UDAAP exam manual and announced supervisory changes that focus on banks’ decision-making in advertising, pricing, and other activities. Expect further scrutiny — and possible complications if fintech partners resist sharing information that might reveal proprietary underwriting and pricing models.
  • Overdraft fees. Recent public statements suggest the CFPB is intensifying its scrutiny of overdraft and other fees, with an eye toward evaluating whether they might be unlawful. Banks should be prepared for additional CFPB statements, initiatives and monitoring in this area.
  • Community Reinvestment Act (CRA) reform. In May 2022, the Fed, FDIC, and OCC announced a proposed update of CRA regulations, with the goal of expanding access to banking services in underserved communities while updating the 1970s-era rules to reflect today’s mobile and online banking models. For its part, the CFPB has proposed new Section 1071 data collection rules for lenders, with the intention of tracking and improving small businesses’ access to credit.
  • Regulation E issues. A recurring issue in recent examinations involves noncompliance with notification and provisional credit requirements when customers dispute credit or debit card transactions. The Electronic Fund Transfer Act and Regulation E rules are detailed and explicit, so banks would be wise to review their disputed transaction practices carefully to avoid inadvertently falling short.

As regulator priorities continue to evolve, boards and executive teams should monitor developments closely in order to stay informed and respond effectively as new issues arise.

Growth Milestone Comes With Crucial FDICIA Requirements

Mergers or strong internal growth can quickly send a small financial institution’s assets soaring past the $1 billion mark. But that milestone comes with additional requirements from the Federal Deposit Insurance Corp. that, if not tackled early, can become arduous and time-consuming.

When a bank reaches that benchmark, as measured at the start of its fiscal year, the FDIC requires an annual report that must include:

  • Audited comparative annual financial statements.
  • The independent public accountant’s report on the audited financial statements.
  • A management report that contains:
    • A statement of certain management responsibilities.
    • An assessment of the institution’s compliance with laws pertaining to insider loans and dividend restrictions during the year.
    • An assessment on the effectiveness of the institution’s internal control structure over financial reporting, as of the end of the fiscal year.
    • The independent public accountant’s attestation report concerning the effectiveness of the institution’s internal control structure over financial reporting.

Management Assessment of Internal Controls
Complying with Internal Controls over Financial Reporting (ICFR) requirements can be exhaustive, but a few early steps can help:

  • Identify key business processes around financial reporting/systems in scope.
  • Conduct business process walk-throughs of the key business processes.
  • For each in-scope business process/system, identify related IT general control (ITGC) elements.
  • Create a risk control matrix (RCM) with the key controls and identity gaps in controls.

To assess internal controls and procedures for financial reporting, start with control criteria as a baseline. The Committee of Sponsoring Organizations (COSO) of the Treadway Commission provides criteria with a fairly broad outline of internal control components that banks should evaluate at the entity level and activity or process level.

Implementation Phases, Schedule and Events
A FDICIA implementation approach generally includes a four-phase program designed with the understanding that a bank’s external auditors will be required to attest to and report on management’s internal control assessment.

Phase One: Business Risk Assessment and COSO Evaluation
Perform a high-level business risk assessment COSO evaluation of the bank. This evaluation is a top-down approach that allows the bank to effectively identify and address the five major components of COSO. This review includes describing policies and procedures in place, as well as identifying areas of weakness and actions needed to ensure that the bank’s policies and procedures are operating with effective controls.

Phase One action steps are:

  • Educate senior management and audit committee/board of directors on reporting requirements.
  • Establish a task force internally, evaluate resources and communicate.
  • Identify and delegate action steps, including timeline.
  • Identify criteria to be used (COSO).
  • Determine which processes and controls are significant.
  • Determine which locations or business units should be included.
  • Coordinate with external auditor when applicable.
  • Consider adoption of a technology tool to provide data collection, analysis and graphical reporting.

Phase Two: Documenting the Bank’s Control Environment
Once management approves the COSO evaluation and has identified the high-risk business lines and support functions of the bank, it should document the internal control environment and perform a detailed process review of high-risk areas. The primary goals of this phase are intended to identify and document which controls are significant, evaluate their design effectiveness and determine what enhancements, if any, they must make.

Phase Three: Testing and Reporting of the Control Environment
The bank’s internal auditor validates the key internal controls by performing an assessment of the operating effectiveness to determine if they are functioning as designed, intended and expected.  The internal auditor should help management determine which control deficiencies, if any, constitute a significant deficiency or material control weakness. Management and the internal auditor should consult with the external auditor to determine if they have performed any of the tests and if their testing can be leveraged for FDICIA reporting purposes.

Phase Four: Ongoing Monitoring
A primary component of an effective system of internal control is an ongoing monitoring process. The ongoing evaluation process of the system of internal controls will occasionally require modification as the business adjusts. Certain systems may require control enhancements to respond to new products or emerging risks. In other areas, the evaluation may point out redundant controls or other procedures that are no longer necessary. It’s useful to discuss the evaluation process and ongoing monitoring when making such improvement determinations.

Overdraft Fees Are Getting a Much-Needed Overhaul

Overdraft fees have been a significant source of noninterest income for the banking industry since they were first introduced in the 1990s. But these “deterrent” fees are on the chopping block at major financial institutions across the country, putting pressure on smaller banks to follow suit. 

Overdraft and non-sufficient funds (NSF) fees brought in an estimated $11 billion in revenue in 2021, according to the Financial Health Network, significantly down from $15.5 billion in fee revenue in 2019. As the industry responds to ongoing regulatory pressure on top of increased competition from neobanks and disruptive fintechs, that downward trend is expected to continue. 

For larger banks, those with more than $10 billion in assets, overdraft fee income has trended downward since 2015. Christopher Marinac, director of research at Janney Montgomery Scott, reported on this back in December 2021 after noting overdraft fees had declined for 23 quarters and expects this trend to continue into 2022. Despite the decline, regulators continue to focus on them, citing their role in the growth of wealth inequality. 

“[R]egulators have clearly sent a signal that they want those fees to either go away or be less emphasized,” Marinac says. “Like a lot of things in the regulatory world, this has been an area of focus and banks are going to find a way to make money elsewhere.”

For an industry that has evolved so rapidly over the last 10 years, overdraft fees represent a legacy banking service that has not adapted to today’s digital banking customer or the realistic cost to service this feature, says Darryl Knopp, senior director of portfolio marketing at the credit rating agency FICO. Knopp believes that an activities-based cost analysis would show just how mispriced these services actually are. It’s one reason why neobanks such as Chime have attracted customers boasting of lower fees. If banks were to think about overdrafts as access to short-term credit, that would change the pricing conversation to one of risk management. 

“Banks are way more efficient than they were 30 years ago, and they need to understand what the actual costs of these services are,’’ Knopp says. “The pricing has not changed since I got into banking, and that’s why [banks] are getting lapped by the fintechs.” 

Overdrafts aren’t going to disappear overnight, but some banks are getting ahead of the trend and taking action. Bank of America Corp., Wells Fargo & Co., and JPMorgan Chase & Co., which together brought in an estimated $2.8 billion in overdraft and NSF fee revenue in the first three quarters of 2021, recently announced reduced fees and implemented new grace periods, according to the Consumer Financial Protection Bureau. Capital One Financial Corp. announced the elimination of both overdraft and NSF fees back in December and Citigroup’s Citibank recently announced plans to eliminate overdraft fees, returned item fees, and overdraft protection fees. 

In April, $4.2 billion First Internet Bancorp of Fishers, Indiana, announced the removal of overdraft fees on personal and small business deposit accounts, but it continues to charge NSF fees when applicable. Nicole Lorch, president and chief operating officer at First Internet Bank, talked to Bank Director’s Vice President of Research Emily McCormick about the decision to make this change. She says overdrafts were not a key source of income for the bank and the executives wanted to emphasize their customer-centric approach to service. First Internet Bank’s internal data also found that overdraft fees tended toward accidental oversight by the customers, whereas NSF fees were more often the result of egregious behavior. 

“In the case of overdrafts,” says Lorch, “it felt like consumers could get themselves into the situation unintentionally, and we are not in this work to create hurdles for our customers.”

For banks that are grappling with the increased pressure to tackle this issue, there are other ways to get creative with overdraft and NSF fees. Last year, PNC Financial Services Group introduced its new “Low Cash Mode” offering, which comes with the Spend account inside of PNC’s Virtual Wallet. Low Cash Mode alerts customers to a low balance in their account. It gives customers the flexibility to choose which debits get processed, and provides a grace period of 24 hours or more to address an overdraft before charging a fee.

Banks that want to keep pace with the industry and are willing to take a proactive approach need to find ways to offer more personalized solutions. 

“The problem is not the overdraft fee,” says Ron Shevlin, chief research officer at Cornerstone Advisors. “It’s a liquidity management problem and it’s bigger than just overdrawing one’s account. Banks should see this as an opportunity to help customers with their specific liquidity management needs.” 

He says it’s time for the industry to move away from viewing overdrafts as a product and start thinking of it as a solutions-based service that can be personalized to a customer’s unique needs.

  • Bank Director Vice President of Research Emily McCormick contributed to this report.

Regulators Focus on Sales Practices: Responding to Heightened Scrutiny


Regulators-2-13-17.pngFederal and state regulatory enforcement actions and unprecedented fines for alleged fraud—fraud that apparently originated with sales incentive compensation plans—have left bank executive management teams and boards wondering if the same thing could be happening at their institutions. These concerns are shared by banking regulators, as evidenced by the flurry of activity, including testimonies, speeches and information requests, in the fourth quarter of 2016.

Given the huge media attention to one bank’s alleged misdeeds, bank executive management teams and boards are wondering if the same thing could be happening at their institutions.

Excessive risk-taking, without proper risk management and controls, often has been cited as one of the root causes of the recession that begin in late 2007. Progress certainly has been made since the financial crisis, particularly in fostering a healthy compliance culture, committing to effective risk management and governance, and improving how customers are treated. However, the issues associated with sales and incentive plans have thrust these concerns back into the open to be scrutinized by the public, policymakers, law enforcement and regulatory agencies.

The 2010 Guidance on Sound Incentive Compensation Policies
In June 2010, the Office of the Comptroller of the Currency (OCC), the Federal Reserve, the Federal Deposit Insurance Corporation (FDIC), and the Office of Thrift Supervision published their final Guidance on Sound Incentive Compensation Policies in the Federal Register. The guidance applies to all banking organizations supervised by the OCC, the FDIC and the Federal Reserve, regardless of the size of banking organization.

The guidance is based upon three key principles about incentive compensation arrangements, namely that they should:

  1. Provide employees with incentives that appropriately balance risk and financial results in a manner that does not encourage employees to expose their organizations to imprudent risks.
  2. Be compatible with effective controls and risk management.
  3. Be supported by strong corporate governance, including active and effective oversight by the banking organization’s board of directors.

The guidance, as well as other similarly focused rulemaking activities, clearly indicates that incentive-based compensation arrangements now are under the microscope. Every bank should review its incentive-based compensation arrangements to make sure they are in compliance with the applicable regulations.

What’s My Exposure?
Bank executives and directors who are trying to determine their entity’s exposure related to sales incentive programs need their bank to undergo a risk assessment focused on common activities that are aligned to their bank’s sales incentive practices. If the assessment reveals problems with improper behavior, the bank then must determine its level of exposure.

A comprehensive approach to assessing exposure should encompass the following high-level areas and analyze associated data at a level sufficient to identify whether improper behaviors are occurring:

  • Review accounts, products and services offered to consumers or small businesses through all channels (including branches, phone, internet and private banking).
  • Analyze incentive program payments by product or service provided.
  • Consider noncash incentive programs.
  • Ensure reports are issued by internal audit, front-line self-assessments or an external party that cover sales practices or account opening or closing procedures.
  • Establish policies, procedures and reports of concerns with sales practices or account opening or closing procedures resulting from employee terminations or exit interviews, whistleblower or ethics hotlines or consumer complaints.
  • Develop training program materials for employees who sell products and services.
  • Institute policies, procedures and detection controls specific to account opening and closing metrics.

It is important that assessment and data analysis activities include third-party risk management programs to identify and effectively manage risks related to third parties that are involved in opening and maintaining customer accounts.

In addition, banks should consider performing culture assessments to determine if there are conflicting elements or subcultures that are misaligned. Many banks change their cultures by sequentially aligning strategies, structures, processes, rewards and people practices.

Actionable Information
With assessment information in hand, executives and boards are better able to make informed decisions and take appropriate actions necessary to help protect the bank and its customers. Depending on the assessment results, the bank then might need to take the following steps to mitigate the risk:

  • Further investigate the areas for which the exposure assessment identifies improper behavior or potential fraud.
  • Test the design and operating effectiveness of existing controls to prevent and detect account origination, servicing and termination fraud as well as unfair, deceptive, or abusive acts and practices (UDAAP) within the sales process.
  • Develop and implement new controls within the sales, account origination, servicing and termination processes.
  • Review incentive compensation plans and their governance processes.
  • If necessary, reshape overall compensation plans to eliminate incentives that could lead to a higher likelihood of fraud and undue risk-taking.
  • Design and implement systems or functions to identify, measure, monitor and control risk-taking and standards of behavior.

What to Know About the New Fintech Charter


fintech-12-13-16.pngDon’t expect an onslaught of fintech companies rushing to become banks. The recent announcement that the Office of the Comptroller of the Currency would begin accepting applications for special purpose national bank charters from fintech companies was met with gloom from some in the banking industry, and optimistic rejoicing from others.

For now, the impact on banking and innovation seems unclear, but the hurdles to obtaining a national banking charter will be significant, and include compliance with many of the same regulations that apply to other national banks, possibly dissuading many startup fintech companies from even wanting one. On the other hand, larger or more established players may find it worth the added regulatory costs to boost their marketing and attractiveness to investors, says Cliff Stanford, an attorney at Alston & Bird. Plus, fintech firms can avoid the mélange of state-by-state banking rules and regulations by opting for a national banking charter instead. So don’t be surprised if a Wal-Mart, Apple or Google decides to get a banking license, along with some other, less well known names. The online marketplace lender OnDeck has already said it was open to the possibility of a national bank charter.

The OCC is offering fintech companies the same charter many credit card companies and trust companies have. Basically, the institution has to become a member of the Federal Reserve, and is regulated as a national bank with the same capital standards and liquidity requirements as others. The company has to provide a detailed plan of what products and services it intends to offer, a potential hurdle for a nimble start-up culture more accustomed to experimentation than regulation. “They will have a high bar to meet and they might not be able to meet those requirements,” Stanford says.

However, if the special purpose bank doesn’t accept deposits, it won’t need to comply with the same regulations as banks insured by the Federal Deposit Insurance Corp., which means it is exempt from the Community Reinvestment Act (CRA). Although nondepository institutions would not have to comply with the CRA, the OCC described requirements to make sure the fintech companies follow a plan of inclusion, basically making sure they don’t discriminate, and promote their products to the underserved or small businesses. This has caused some consternation among community banks.

“Why should a tiny bank have to comply with CRA and a big national bank across America does not have to comply?’’ says C.R. “Rusty” Cloutier, the CEO of MidSouth Bancorp, a $1.9 billion asset bank holding company in Lafayette, Louisiana. “If they want a bank charter, that’s fine. Let’s just make sure they play by the same rules.”

The Independent Community Bankers of America, a trade group, put out a press release saying it had “grave” concerns about what it called a “limited” bank charter. “We don’t want a charter that disadvantages one set of financial institutions,’’ says Paul Merski, an executive vice president at the ICBA. “We aren’t against innovation. But we want to make sure some institutions aren’t put at a disadvantage.”

Richard Fischer, an attorney in Washington, D.C., who represents banks, says he doesn’t think a fintech charter is a threat to banks. The Wal-Marts and Apples of the world will do what they want to do, whether or not they have a bank charter. Wal-Mart, which abandoned attempts to get a special purpose banking charter in 2007, already has a sizeable set of financial services, although it partners with banks that do have a charter, such as Green Dot Corp. in Pasadena, California.

Could a new fintech charter lead to fewer bank partnerships with fintech companies, as the fintech companies can cut out the need for a bank? Possibly. But it could also lead to more bank partnerships, as some banks, especially small or midsized banks, become more comfortable with the risk involved in doing business with a fintech company that has a national banking charter.

Jimmy Lenz, the director of technology risk at Wells Fargo Wealth and Investment Management, a division of Wells Fargo & Co., says he’s optimistic that a charter could create more products and services.

“I don’t see this cutting the pie into smaller slices,’’ he says. “I think they will be cutting a bigger pie. I don’t see the banks coming out on the short end of this.” Others said that the competition to banks coming from fintech companies already exists, and won’t go away if you don’t offer a federal charter for fintech companies. “The competition is already there,’’ Stanford says.

Should You Do Business With Marketplace Lenders?


Lenders-12-9-16.pngThe shift away from the traditional banking model—largely due to technological advances and the growing disaggregation of certain bank services—has contributed to the rise of the marketplace lending (MPL) industry. The MPL industry, in particular, offers consumers and small businesses the means by which to gain greater access to credit in a faster way. MPL, despite its increasing growth, has managed to stay under the radar from regulatory oversight until recently. However, in a short span of time, federal and state regulators—the Department of the Treasury, Office of the Comptroller of the Currency (OCC), Consumer Financial Protection Bureau (CFPB), the Federal Deposit Insurance Corporation (FDIC) and California Department of Business Oversight, for example—have begun to weigh the benefits and risks of MPL, with the OCC, for example, going so far as to announce its intention to grant special purpose national bank charters to fintech companies.

Given the evolving nature of the industry and its regulation, in this article, we discuss three key issues for MPL participants to consider. First, we discuss the regulatory focus on the third-party lending model. Second, we consider the potential fair lending risks. Third, we focus on considerations related to state usury requirements. We conclude with a few thoughts on what to expect in this changing landscape.

Third-Party Lending Model
The MPL model traditionally operates with three parties: the platform lender, the originating bank and investors purchasing the loans or securities. Based on the reliance on originating banks in the MPL structure, the FDIC, CFPB and others increasingly have considered the risks to banks from these third-party relationships. In particular, regulators appear to be concerned that banks may take on additional risk in these relationships, which are potentially similar to the lending model rejected by a U.S. District Court judge earlier this year when deciding CashCall was the real lender in dispute, not a tribal lender set up in South Dakota. Thus, the FDIC, for example, in its recent Guidance for Managing Third-Party Risk, asks institutions engaged in such third-party relationships to appropriately manage and oversee these third-party lenders before, during and after developing such a relationship. In addition, certain originating banks have also taken to retaining some of the credit risk to mitigate concerns that the MPL may be considered the true lender.

Fair Lending
Another potential area to consider relates to fair lending risks regarding extensions of credit in certain geographical areas, underwriting criteria and loan purchase standards. For example, the potential for fair lending risk may increase particularly with respect to the data collected on borrowers for underwriting purposes, for example, where the use of certain alternative criteria may inadvertently result in a disparate impact to protected classes. In addition, restrictions on lending areas or the types of loans sold to investors similarly could pose such issues.

State Usury Requirements
The recent Second Circuit decision in Madden v. Midland Funding LLC also highlights potential uncertainty regarding the MPL model. In Madden, the Second Circuit determined that a debt collection firm, which had purchased a plaintiff’s charged-off account from a national bank, was not entitled to the benefit of the state usury preemption provisions under the National Bank Act, despite originally being available to the originating national bank. Madden was appealed to the Supreme Court, which declined to hear the case. Thus, Madden has the potential to limit the ability for MPL firms to rely on their originating banks to avoid complying with state-by-state interest rate caps, as federal preemption would no longer apply to those loans later transferred to or acquired by such nonbank entities. Further, Madden increases the uncertainty regarding the originated loans that MPL firms may later sell to (or issue securities for) investors. While some lenders have chosen to carve out the Second Circuit (New York, Connecticut and Vermont) for lending and loan sale purposes, there is the continued risk that the decision may set a precedent in other circuits.

Conclusion
Even with the increasing scrutiny of the MPL industry, regulators appear to recognize the benefits of access to credit for borrowers. For example, the OCC, CFPB and the Treasury have indicated that any increase in regulation should be balanced with fostering innovation. This may be a potential signal on the part of regulators to adopt a framework by which financial innovation is incorporated into the traditional banking model. Thus, looking forward, we think the regulatory uncertainty in this space provides the opportunity for MPL participants to take a proactive approach in shaping regulatory policy for the industry.

Why Growth Matters for CRE Concentration Risk


Community banks are contending with the increasing risk profile of and regulatory scrutiny around commercial real estate (CRE) concentrations. Indeed, the regulatory community telegraphed in December 2015 their intentions of focusing bank examinations on concentration management, and since then, the FDIC has noted an increase in matters requiring board attention (MRBAs) associated with concentrated loan exposures. Additionally, the Office of the Comptroller of the Currency raised its regulatory stance on CRE lending from “monitoring status” to “an area of additional emphasis.” To explain their renewed attention, the regulators cited intense loan growth, sharp rent-rate and valuation increases, competitive pressures and an easing in underwriting standards eerily similar to the lead-up to the Great Recession—during which many community bank failures were driven by construction & development (C&D) and CRE concentrations.

While there is evidence that this renewed attention has shifted many banks’ CRE underwriting stance to a net tightening position, this has yet to have a material impact on C&D and CRE loan outstandings. A trend analysis across all commercial and savings banks shows intense increases in both C&D and non-C&D regulatory CRE.

Growth Rates By Type of Asset for All Commercial and Savings InstitutionsCRE-loans-small.png

Note the sharp difference between C&D (red) and non-C&D Regulatory CRE (orange): the Great Recession saw a precipitous drop in C&D balances, but multifamily and other property (i.e., non-owner-occupied CRE) increased in total outstandings during and after the Great Recession with growth since the recession of 142.5 percent and 49.3 percent respectively.

It is constructive to highlight that growth rates—while sometimes overlooked—are explicitly part of the 2006 CRE regulatory guidelines. Those guidelines stipulate that an institution is only in excess of the CRE guideline if CRE as a percent of capital is greater than or equal to 300 percent and the institution’s CRE portfolio has increased by 50 percent or more during the prior three years.

The regulators have repeatedly pointed out that—unlike many other regulatory prescriptions and proscriptions—the CRE guidelines are not limits. The FDIC has noted that because “community banks typically serve a relatively small market area and generally specialize in a limited number of loan types, concentration risks are a part of doing business” and the OCC specifically caveated that the “guidance does not establish specific limits on CRE lending; rather, it describes sound risk management practices that will enable institutions to pursue CRE lending in a safe and sound manner.”

In this context, growth may be the most important element of the CRE guidelines because it quantifies the potential that portfolio size may outstrip the risk management infrastructure (spanning credit, capital, strategic, compliance and operational components) to support that lending. In cases of aggressive growth (whether you are above or below the other regulatory CRE criteria), it is that much more important to establish proactive and robust credit risk monitoring and management.

Luckily, as the CRE guidance is now quite mature, industry-wide best practices exist to aid in this exercise:

  1. Monitor the risk for all of your bank’s credit concentrations—not just CRE and C&D.
  2. Analyze and segment your entire portfolio by at least the “regulatory big three” of product, geography and industry. It is also constructive to slice-and-dice by vintage, underwriting bands, branch, etc.
  3. For each segment, calculate and monitor growth rates along with percent of risk-based capital and asset quality (and consider establishing management triggers and thresholds on these key risk indicators).
  4. Analyze your portfolio hierarchically so high-level trends are digestible for boards of directors while the detail can be drilled through so the results are tactically relevant to management and even individual loan officers. Banking is a relationship business, and risk analytics should lead to action that may start with a borrower conversation.
  5. Especially in the current relatively benign credit environment and in situations where loan growth may obfuscate asset quality deterioration, monitor leading indicators of risk like underwriting policy exceptions, loan review downgrades, covenant violations, valuation trends and average underwriting attributes.
  6. Perform portfolio and firm-wide loss stress testing to quantify the loss potential under hypothetical and severe conditions. Roll such stress test results through your balance sheet and income statement to assess the impact on earnings and capital adequacy.
  7. Where your portfolio analytics or portfolio-wide stress tests identify sensitive concentrations, perform loan-level stress testing.
  8. Incorporate credit concentration risk within your allowance for loan losses (ALLL)—remember that concentration risk is one of the nine subjective qualitative and environmental risk factors laid out by the 2006 Interagency Guidance on the ALLL and reaffirmed by FASB’s CECL standards update.

Online Lenders: Finding the Right Dance Partner


lenders-1.png

An increasing number of banks are conceding that innovations introduced by online lenders are here to stay, particularly the seamless, fully digital customer experience. Also, online upstarts have grown to understand that unseating the incumbents may well be heavy-going, not the least because of the difficulties of profitably acquiring borrowers. The result is that both sides have opened up to the potential for partnership, viewing one another’s competitive advantages as synergistically linked. We see five types of partnership emerging.

1) Buying loans originated on an alternative lender’s platform
In this option, alternative lenders securitize loans originated on their platform to free up capital to make more loans while removing risk from their balance sheets. Banks then purchase these securitized loans as a way to diversify investments. This type of partnership is among the most prolific in the online small business lending world, with banks such as JPMorgan Chase, Bank of America and SunTrust buying assets from leading online lenders. The benefits of this option include the ability to delineate the type of assets the bank wants to be exposed to, and potential for a new source of balance sheet growth. However, the downside include may include the difficulty of assessing risk, as alternative lenders are less likely to share details of proprietary underwriting technology. Moreover, the lack of historical data on alternative lenders’ performance means limited access to data on how these investments will fare in a downturn.

2) Routing declined loan applicants to an alternative lender or to an online credit marketplace
Banks decline the majority of customers who apply for a loan. This partnership option allows such banks to find a home for these loans by referring declined borrowers directly to an online lender or credit marketplace like Fundera, which may be more capable of approving the borrower in question. The advantages of this approach include the ability of the bank to provide their customers with access to a wider suite of products through a vetted solution, a reduced need to expand the bank’s credit box and increased revenue in the form of referral fees. Examples of this type of partnership are few and far between in the United States. Thus far, OnDeck has partnerships of this nature with BBVA and Opus Bank. In our view, a big reason why more banks haven’t followed suit is the loss of control over a borrower’s experience, since agreements typically require a full customer handoff to the alternative lender. In addition, regulators have become increasingly reticent to endorse such agreements, with guidance from the Office of the Comptroller of the Currency and Federal Deposit Insurance Corp. being particularly restrictive.

3) Making the bank’s small business product line available through an online marketplace
Marketplace players, like Fundera, aim to empower borrowers with the tools needed to shop and compare multiple credit products from a curated network of reputable bank and non-bank lenders. They can be natural partners for traditional banks, as they can be lender agnostic, offering banks an opportunity to compete head-to-head with online lenders to acquire customers. Banks can choose to make any and all of their small business product lines (e.g. term loans, SBA loans, lines of credit, credit cards) available. Examples of this include partnerships with Celtic Bank, LiveOak and Direct Capital (a division of CIT Bank) currently have with Fundera. This option allows a bank to explore digital distribution of products within their lending portfolio, as well as the opportunity to acquire a high-intent, fully packaged borrower that comes from outside the bank’s existing footprint. In addition, this option enables banks to offer products only to the customers which meet eligibility criteria set by the bank (e.g., industry, state, credit box). The downsides of this option can be the upfront investment in technology required by banks to integrate with a marketplace lender.

4) Utilizing an alternative lender’s technology to power an online application
In this option, the alternative lender or lending-as-a-service provider powers a digital application, collecting all the application information and documentation that a bank requires to underwrite a small business loan. Capital, however, is still deployed by the bank. Examples of this partnership type include the collaboration between lending solutions provider Fundation and Regions Bank. This improves the usability of a traditional lender’s products by giving business owners the flexibility to apply online. This partnership also provides access to technology that is difficult and costly for a bank to develop. It may also reduce dependency on paper documents while reducing time to complete a loan application. The downsides of this option are that it can require deployment of significant resources for compliance and due diligence.

5) Utilizing an alternative lender’s technology to power an online application, loan underwriting and servicing
In addition to powering a digital application, the alternative lender can provide access to its proprietary technology for pricing, underwriting and servicing. As with option four, however, capital is still deployed by the bank. The example that comes closest to this type of partnership is the partnership between OnDeck and JPMorgan Chase. This option gives a bank access to underwriting technology that may be costly for them to develop on its own. By leveraging this technology, the bank may also be able to address segments of the market that would have been deemed uncreditworthy by its existing, more conventional underwriting process. Banks should only move forward with this option if they trust an alternative lender’s underwriting criteria, and the bank believes that the alternative lender can meet their compliance requirements.

Severance Pay May Be Forbidden, Court Rules


severance-pay-8-31-16.pngNo one wants to imagine bad times for the bank. But it makes sense to plan in advance, just in case. Your bank needs to motivate and keep the executive management team in place during difficult times, and one way to ensure this is to put in place a competitive compensation package when times are good.

A troubled bank can have significant restrictions imposed on its executive compensation programs. In particular, 12 C.F.R. Part 359 (Part 359) broadly prohibits the payment of, or entering into an agreement for the payment of, any golden parachute payment without prior regulatory approval. For an overview of Part 359, see our BankDirector.com article dated September 23, 2011.

A decision in July of 2016 from the U.S. Court of Appeals for the 8th Circuit once again confirms the view of the “impossibility” of severance pay under Part 359 and serves as a reminder that prior planning can help a bank to work within those rules.

Overview of Von Rohr
Jerry Von Rohr was a long-serving senior executive at Reliance Bank, serving lastly as chief executive officer before Reliance terminated his employment. At the time, the bank was subject to Part 359. Von Rohr claimed he was entitled to compensation for a year following the effective date of his termination. Because it was subject to Part 359, Reliance asked the Federal Deposit Insurance Corp. (FDIC) whether the claimed payment could be made to Von Rohr. The FDIC advised that the payment would be a “golden parachute payment” under Part 359, which Reliance could not make without prior FDIC approval. Reliance declined to make the requested payment. Von Rohr filed a lawsuit against Reliance and the FDIC. He alleged breach of contract and requested a declaration that federal law does not prohibit the payment. The trial court upheld the FDIC’s determination and granted summary judgment to Reliance on the breach of contract claim. The appeals court affirmed the trial court’s decision.

In granting summary judgment to Reliance, the court affirmed the trial court’s finding that the FDIC’s determination made Reliance’s performance under Von Rohr’s contract “impossible.”

In upholding the FDIC’s determination that any post-employment payment to Von Rohr under his employment agreement would be a golden parachute because it would be a payment “for services he did not render,” the appeals court made clear that whether or not something is called severance or a “golden parachute” is irrelevant to the analysis as to whether it is prohibited under Part 359. Von Rohr had argued that the payment he was due was simply his compensation for the remainder of the term of his contract, not a payment solely and specifically contemplating his termination. The court indicated that, if it accepted Von Rohr’s view, it would “create a giant loophole” in the prohibitions of Part 359. The intent of the regulatory scheme is to prevent troubled banks from draining their already low resources with payments to terminated executives who may have been responsible for the bank’s condition. It would not serve that intent to allow artful drafting to avoid it.

Von Rohr also claimed that the FDIC’s position is in conflict with its consistently held view that Part 359 does not preclude payment of damages for statutory claims (e.g., discrimination, whistleblower retaliation, etc.). The court dismissed this claim by acknowledging the FDIC’s view on statutory claims and noting that Von Rohr was raising a contractual claim, not a statutory claim.

Planning Opportunities
Significantly, exempt from the scope of the prohibition of Part 359 are payments under tax-qualified retirement plans, benefit plans, bona fide deferred compensation plans and nondiscriminatory severance plans, as well as those required by statute or payable following death or disability.

In particular, Part 359 exempts bona fide deferred compensations and nondiscriminatory severance plans only where such arrangements have been in place at least (and not modified to increase benefits within) one year prior to the troubled condition designation.

Between bona fide deferred compensation, nondiscriminatory severance and death or disability benefits, a bank should be able to build the basics of an attractive compensation package for a member of executive management. However, many banks put off current consideration of these types of arrangements for one reason or another. The Von Rohr case should serve as a reminder that Part 359 is inflexible. Therefore, banks should consider today whether to implement such arrangements.

Finally, should a bank find itself involved in litigation related to an executive’s termination, it should remember that Part 359 does not prohibit payment of damages for statutory claims.