How Innovative Banks Manage Cannabis-Related Businesses

The number of banks providing financial services to cannabis-related businesses (CRBs) has doubled in the last two years according to filings from the Financial Crimes Enforcement Network.

But, once a bank answers the philosophical question of whether it wants to participate in the cannabis industry, it must consider the more difficult question of how. Technology firms have sprung up to help banks fill this need, but assessing the value propositions of these solutions in such a nascent, complex industry can be a challenge.

Alan Hanson helped establish one of the first cannabis banking programs in the nation as the general counsel of Salem, Oregon-based Maps Credit Union back in 2014. In his experience, software “can gather the data, but really can’t evaluate the data” needed to manage CRB risk.

Many new compliance solutions gather data by tying into the point-of-sale systems used by CRBs and the seed-to-sale tracking systems run by the states. Hanson, now a Portland, Oregon-based attorney at Gleam Law, says these tools can typically match CRB sales to the deposits that come into the bank. However, they can’t always assess vital information, like where that money goes when it leaves a CRB account. For that, it’s important to have compliance staff that has a handle on their cannabis clients’ operations and vendor networks.

For example, if a CRB client misallocated funds from their dispensary to their grow operation, a well-trained banker could spot the discrepancy based on the use of funds to purchase special lights or tubing that aren’t required for a dispensary operation. Those types of distinctions can be harder for technology platforms to detect.

Technology is most helpful for managing the processes associated with onboarding, ongoing document collection, case management and reporting.

Some institutions, like Narragansett Financial Corp. bank unit BayCoast Bank, leverage their existing Bank Secrecy Act (BSA) solution — Verafin — for reviewing suspicious, flagged activities. The Swansea, Massachusetts-based bank supplements the BSA process with quarterly audits and support from employees with experience in both compliance and customer service. For more specialized monitoring tasks, the $1.9 billion bank uses spreadsheets and other traditional methods. As BayCoast’s number of CRB clients grows, so does its team. Chief Risk Officer Gary Vierra oversees the CRB program and estimates the bank needs one full-time employee for every eight to 10 CRB clients.

Other banks are looking to CRB-specific tools to help them get into cannabis banking without materially growing headcount. That was one of the goals for Marlborough, Massachusetts-based Main Street Bank, which has just over $1 billion in assets. It selected technology from Shield Compliance to help manage its CRB program.

Potential clients told the bank they needed a simple, single place to manage documentation requests and other communication with the bank. This led Main Street to select Shield, which provides automated compliance and document collection workflows in addition to BSA functions. Main Street’s team liked that the Shield interface mirrored Verafin, which the BSA team was already using, and estimated that the platform enabled it to launch its CRB program with about a third of the staff they would have needed otherwise.

CRB-specific compliance tools are gaining traction within banks, but there are other “silver bullet” solutions financial institutions should be wary of. The biggest one is companies that claim to help CRBs accept credit and debit card payments.

Currently major card brands do not allow CRBs to participate in their networks; forcing them to rely on cash causes significant, practical issues for these businesses and their banks. To address that pain point, some companies circumvent the prohibition by coding transactions in such a way that the networks do not recognize them as being linked to cannabis purchases — essentially masking the transactions as something else. “That’s not the way we do business,” Vierra says, “and most of the cannabis companies don’t want to do business that way either.”

Cannabis banking presents opportunities for banks to increase fee income and broaden their deposit base among a profitable niche. But with those opportunities comes the challenge of creating a compliant program for serving complex businesses. Technology can help, but banks need a solid understanding of the industry to succeed.

Potential Technology Partners:

Shield Compliance

Built by a former banker, Shield Compliance helps financial institutions manage CRB operations in a format that’s familiar to compliance officers.

Abaca

This company’s compliance specialists follow up on suspicious activity for the bank, and assist with identifying and vetting potential CRB clients.

Green Check Verified

This compliance platform provides a wealth of information to help banks understand the cannabis banking landscape nationally and within local markets.

Learn more about the technology providers in this piece by accessing their profiles in Bank Director’s FinXTech Connect platform.

Seven Costs of Saying “No” to Cannabis Banking

Ask the typical bank executive why their institution isn’t providing banking services to state-legal cannabis-related businesses (CRBs), and you will likely hear a speedy retort along these lines:

“We’re not allowed to — it’s still federally illegal.”

“We would love to, but we don’t know enough about that industry to manage the risk.”

“We don’t think our customers would want our name and reputation associated with that.”

On the surface, these prudent practices make perfect sense. A complex legal landscape, inability to assess regulatory risk and desire to protect the institution’s reputation are compelling reasons to stay far away from cannabis-related proceeds. But there are hidden costs to saying “no” to cannabis banking. These hidden costs accrue to CRBs, the communities in which they are located, the financial institutions that avoid them and potentially society at large.

Community Risks

Community risks stem from direct and indirect sources. The obvious risks, such as the increased potential for crime and the resulting challenges to law enforcement, are frequently cited. The indirect risks are less obvious, such as a community’s inability to identify or collect appropriate taxes on CRB proceeds.

Cash on hand invites crimes of opportunity. A retail location that is known to have large volumes of cash on hand produces a seductive temptation for the criminal element.

Cash is easy to conceal from revenue officials. Fewer dollars in the public coffers are the inevitable outcome when revenue goes uncollected. In its “Taxing Cannabis” report, the Institute on Taxation and Economic Policy indicates that tax evasion and ongoing competition from illicit marijuana operations remain an ongoing concern in legal use states.

Opportunity Costs

Early adopters have demonstrated that the cannabis industry is willing and able to accept higher price points from financial institutions in exchange for the safety and convenience of obtaining traditional banking services. Your bank’s avoidance means forfeiting both short-term and long-term opportunities to generate fee income while giving others a head start on future business opportunities.

Cost of lost fee income. It is not uncommon to hear of small financial institutions generating multimillion-dollar annual fee income from CRB accounts. In less-established markets, accounts yield monthly fees based on their average deposit balances.

Cost of missing out. Just like its social media counterpart — FOMO or fear of missing out — COMO is real. If 5% to 10% of your peers are already banking CRBs, imagine what will happen as the next 10% step in. And then the next 10% after that. Before the real race has even begun, you’ve ceded some portion of the addressable market simply by not being present in the market today.

Economic Costs

The suppression of legal cannabis businesses weakens their potential to inform decisions and progress. Anecdotal and scientific evidence supports that mental and physical health benefits can be derived from responsibly sourced and properly administered cannabis-based products. Data from countries that are moving quickly to align public policy with sentiment and science on these issues indicates that sustainable economic benefits are possible.

Cost of falling behind in medical and other scientific research and advances. In 2018, 420Intel identified six countries for their cannabis research: Spain, Canada, the Czech Republic, Uruguay, the Netherlands and Israel. This type of research cannot be conducted in the United States because of federal prohibitions that require clearing multiple regulatory hurdles, at great cost.

Costs of pain and suffering to those in need of relief. Even if your personal belief sets don’t allow you to explore cannabis topics with an open mind, you need look no further than your media feeds or internet searches to find immeasurable examples of individuals who claim that using cannabis or cannabinoids have provided them with physical and mental health benefits.

Cost of lost economic growth potential. While exact numbers are hard to come by, there more than 110 studies taking place in Israel alone, funded at rates in the six and seven figures apiece. BNN Bloomberg reported that Canada’s legalized cannabis sector contributed $8.26 billion to its gross domestic product in its first 10 months of national legalization.

So before your bank decides the risks of saying “yes” to banking CRBs is still too high, pause to consider the risks you’re allowing to affect your institution and local community when you say “no.” Perhaps it’s time to take a fresh look at whether CRB banking is for you.

Coronavirus Sparks CECL Uncertainty

Even before COVID-19, the first quarter of 2020 was shaping up to be an uncertain one for large public banks. Now, it could be a disaster.

There is broad concern that the current expected credit loss standard, which has been effective since the start of 2020 for big banks, will aggravate an already bad situation by discouraging lending and loan modification efforts just when the new coronavirus is wreaking havoc on the economy. Congress is poised to offer banks temporary relief from the standard as a part of its broader relief act.

Section 4014 of the Coronavirus Aid, Relief, and Economic Security Act, or CARES Act, would give insured depository institutions and bank holding companies the option of temporarily delaying CECL implementation until Dec. 31, 2020, or “the date on which the public emergency declaration related to coronavirus is terminated.”

Congress’ bill comes as the Financial Accounting Standards Board has already rebuffed the efforts of one regulator to delay the standard.

On March 19, Federal Deposit Insurance Corp. Chairman Jelena McWilliams sent a letter to the board seeking, among other requests, a postponement of CECL implementation for banks currently subject to the standard and a moratorium for banks with the 2023 effective date.

McWilliams wrote that a moratorium would “allow these financial institutions to focus on immediate business challenges relating to the impacts of the current pandemic and its effect on the financial system.”

FASB declined to act on both proposals. “We’re continuing to work with financial institutions to understand their specific challenges in implementing the CECL standard,” wrote spokesperson Christine Klimek in an email to me later that day.

It’s not an overstatement to say that the standard’s reporting effective date could not come at a worse time for banks — or that a potential delay necessitating a switch back to the incurred loss model may be a major undertaking for banks scheduled to report results in the next several weeks.

“Banks are being tasked with something pretty complex in a very short timeframe. And of course, this is the first period that they’re including these numbers and a lot of the processes are brand new,” says Reza Van Roosmalen, a principal at KPMG who leads the firm’s efforts for financial instruments accounting change. “They’ve practiced with parallel runs. But you’re immediately going to the finals without having had any other games. This is the hardest situation you could be in.”

CECL has been in effect since the start of the new year for large banks and its impact was finally expected to show up in first-quarter results. But the pandemic and related economic crisis creates major implications for banks’ allowances and could potentially influence their lending behavior.

The standard requires banks to reserve lifetime loan losses at origination. Banks took a one-time adjustment to increase their reserves to reflect the lifetime losses of all existing loans when they switched to the standard, deducting the amount from capital with the option to phase-in the impact over three years. Afterwards, they adjusted their reserves using earning as new loans came onto the books, or as their economic forecasts or borrowers’ financial conditions changed. The rapid spread and deep impact of COVID-19, the bulk of which has been experienced by the U.S. in March, has led to a precipitous economic decline and interest rate freefall. Regulators are now encouraging banks to work with borrowers facing financial hardship.

“For banks, [CECL is] going to be a true test for them. It’s not just going through this accounting standard in the macroeconomic scenario that we’re in,” says Will Neeriemer, a partner in DHG’s financial services group, pointing out that the change comes as many bankers adjust to working from home or in shifts to keep operations running. “That is almost as challenging for them as going through the new standard for the first time in a live environment.”

The concern is that CECL will force allowances to jump once more at the beginning of the standard as once-performing loans become troubled all at the same time. That could discourage new lending activity — leading to procyclical behavior that mirrors, rather than counters, economic peaks and troughs.

It remains to be seen if that would happen if Congress doesn’t provide temporary accounting and provisioning relief, or if some banks decline the temporary relief and report their results under CECL. Regardless, the quarter will be challenging for banks.

“It’s temporary relief and it’s only for this year. It keeps the status quo, which I think is important,” says Lawrence Kaplan, chair of the bank regulatory group in Paul Hasting’s global banking and payments systems practice. “You don’t have to have artificial, unintended consequences because we’re switching to a new accounting standard during a period where there are other extraordinary events.”

Bracing for Changes in the Bank Control Rules

Executives and directors at public banks need to prepare for new rules this spring that will make it easier for investors to accumulate meaningful stakes in their companies.

The Federal Reserve Board has approved an update to the control framework for investors in banks or bank holding companies that goes into effect April 1. The update comes as the marketplace undergoes a structural shift in flows from active fund management to passive investing. The changes should make it easier for investors — both passive and active — to determine whether they have a controlling influence over a bank, and provides both banks and investors with greater flexibility.

“Anything that’s pro-shareholder, a bank CEO and board should always be happy to support,” says Larry Mazza, CEO at Fairmont, West Virginia-based MVB Financial, which has $1.9 billion in assets. “The more shareholders and possible shareholders you can have, it’s very positive for the owners.”

The Fed last updated control rules in 2008. This update codifies the regulator’s unwritten precedent and legal interpretations around control issues, which should increase transparency for investors, says Joseph Silvia, a partner at Howard & Howard.

“The goal of the regulators is to make sure that they understand who owns those entities, who runs those entities and who’s in charge, because those entities are backed by the Federal Deposit Insurance Corp.,” he says. “The regulators take a keen interest, especially the Fed, in who’s running these entities.”

The question of who controls a bank has always been complicated, and much of the Fed’s approach has been “ad hoc,” Silvia says. The latest rule is largely a reflection of the Fed’s current practice and contains few changes or surprises — helpful for banks and their investors that are seeking consistency. Large shareholder should be able to determine if their stakes in a bank constitute control in a faster and more-straightforward way. They also may be able to increase their stakes, in some circumstances. Silvia specifically highlights a “fantastic,” “wildly helpful” grid that breaks down what the regulator sees as various indicia of control, which observers can find in the rule’s appendix.

“A lot of investors don’t like the pain of some of these regulations — that helps and hurts. [The] regulation creates predictability and stability,” Mazza says. “Where it hurts is that investors may not go forward with additional investments, which hurts all shareholders.”

Shareholders, and banks themselves that may want to take stakes in other companies, now have increased flexibility on how much money they can invest and how to structure those investments between voting and non-voting shares, as well as how board representation should figure in. Silvia says this should advance the conversations between legal counsel and investors, and spare the Fed from weighing in on “countless inquires” as to what constitutes control.

“Both banks and shareholders will likely benefit from the changes, as it could lower the cost of capital for banks while allowing for a greater presence of independent perspectives in the board room,” wrote Blue Lion Capital partner and analyst Justin Hughes in an email. Blue Lion invests in bank stocks.

The change impacts active and passive investors, the latter of which have grown to be significant holders of bank stocks. Passive vehicles like exchange-traded and mutual funds have experienced $3 trillion in cumulative inflows since 2006, while actively managed funds have seen $2.1 trillion in outflows, according to Keefe, Bruyette & Woods CEO Tom Michaud. Passive ownership of bank stocks has increased 800 basis points since 2013, representing 17.1% of total shares outstanding in the third quarter of 2019. Some funds may be able to increase their stakes in banks without needing to declare control, depending on how the investments are structured.

Still, banks may be concerned about the potential for increased activism in their shares once the rule goes into effect. Silvia says the Fed is familiar with many of the activists in the bank space and will watch investment activity after the rule. They also included language in the final update that encourages investment vehicles who have not been reviewed for indicia of control from the Fed to get in touch, given than no grandfathering was provided to funds that had not been reviewed.

“They’re not really grandfathering any investments,” Silvia says. “There’s not a lot of additional protection.”

If nothing else, the rule is a chance for bank executives and directors to revisit their shareholder base and makeup and learn more about their owners, he adds. They should keep track if the makeup of their shareholders’ stakes changes once the rule goes into effect, especially investors that may become activists.

Key Considerations with the Community Bank Leverage Ratio

Banking regulators have adopted a final rule offering community banks the ability to opt in to a new, simplified community bank leverage ratio. The CBLR is intended to eliminate the burden associated with risk-based capital ratios, and became effective on Jan. 1, 2020.

Congress amended provisions of the Dodd-Frank Act to provide community banks with regulatory relief from the complexities and burdens of the risk-based capital rules. Agencies including the Office of the Comptroller of the Currency, Federal Reserve and Federal Deposit Insurance Corp. were directed to promulgate rules providing for a CBLR between 8% and 10% for qualifying community banking organizations (QCBO). These banks may opt-in to the framework by completing a CBLR reporting schedule in their call reports or Form FR Y-9Cs.

In response to public comments, the final rule includes a few important changes from the proposed one, including:

  • The adoption of Tier 1 capital, instead of tangible equity, as the leverage ratio numerator.
  • A provision allowing a bank that elects the CBLR framework to continue to be considered “well capitalized” for prompt corrective action (PCA) purposes during a two-quarter grace period, if its leverage ratio is 9% or less but greater than 8%. At the end of the grace period, the bank must return to compliance with the QCBO criteria to qualify for the CBLR framework; otherwise, it must comply with and report under the generally applicable capital rules.

To be eligible, a QCBO cannot have elected to be treated as an advanced approaches banking organization. It must have: (1) a leverage ratio (equal to Tier 1 capital divided by average total consolidated assets) greater than 9%; (2) total consolidated assets of less than $10 billion; (3) total off-balance sheet exposures of 25% or less of total consolidated assets; and (4) a sum of total trading assets and trading liabilities 5% or less of total consolidated assets.

If a QCBO maintains a leverage ratio of greater than 9%, it will be considered to have satisfied the generally applicable risk-based and leverage capital requirements, the “well capitalized” ratio requirements for purposes of the PCA rules and any other capital or leverage requirements applicable to the institution.

QCBOs may subsequently opt-out of the CBLR framework by completing their call report or Form FR Y-9C and reporting the capital ratios required under the generally applicable capital rules. A QCBO that has opted out of the leverage ratio framework can opt back in by meeting the discussed qualifying criteria discussed above.

The leverage ratio provides significant regulatory relief to QCBOs that would otherwise report under the risk-based capital rules. Opting-in to the CBLR allows a qualifying bank to be considered “well capitalized” under the PCA rules through one simple calculation (assuming the organization is not also subject to any written agreement, order, capital directive or PCA directive). Additionally, calculating the community bank leverage ratio involves a measure already used by banks for calculating leverage: Tier 1 capital.

The cost of adoption is low as well. If qualified, a bank simply has to adopt the new leverage ratio in its call reports or Form FR Y-9C. And the two-quarter grace period offers further flexibility. For instance, if a QCBO engages in a major transaction or has an unexpected event that impacts the 9% leverage ratio, the bank will be able to reestablish compliance with the CBLR without having to revert to the generally applicable risk-based capital rules. Since the CBLR is voluntary, it is within each qualifying bank’s discretion whether the benefits are sufficient enough to adopt the new rule.

Qualifying banks should be aware that opting in to the community bank leverage ratio essentially raises its well-capitalized leverage ratio requirements under the PCA rules from 5% to 9%. These banks must ensure their leverage ratios are above 9% or find themselves attempting to comply with both the CBLR and the risk-based capital rules.

It has been suggested that the CBLR may create a de facto expectation from the agencies that a properly capitalized qualifying bank should have a leverage ratio greater than 9%. Though the agencies emphasized that the CBLR is voluntary, community banks eligible to adopt the rule should be thoughtful in their decision to use it. While qualifying banks can opt in and out of the new leverage ratio, the agencies noted that they expect such changes to be rare and typically driven by significant changes, such as an acquisition or divestiture of a business. The agencies further indicated that a bank electing to opt out of the CBLR framework may need to provide a rationale for opting out, if requested.

While the community bank leverage ratio will be useful in reducing regulatory burdens for qualifying community banking organizations, its adoption does not come without risk. 

“The Biggest Threat to the Deposit Insurance Fund I’ve Ever Seen”


rates-6-28-19.pngA little-known rule called the national rate cap is putting community banks in a bind.

The cap tries to set a high-water mark for rates by calculating a weekly average of advertised interest rates for specific deposit products at branches, plus 75 basis points. This wasn’t a problem when interest rates were dropping or staying steady, but the higher rate environment has now inadvertently handicapped community banks as they compete for deposits.

Bankers say the rate cap, calculated and enforced by the Federal Deposit Insurance Corp., is unrealistically low compared to corresponding market rates. The difference could also make some banks appear riskier if examiners bring up deposit rates in exams.

Peoples Bank in Magnolia, Arkansas, uses wholesale funding to make loans for its low- to middle-income customers who lack deposits, says CEO Mary Fowler. The bank, which is well capitalized and has $200 million in assets, offers attractive rates to bring in and retain many of those funds.

The only problem? More than 90 percent of certificates of deposit (CDs) at Peoples Bank pay a rate that is higher than the rate cap.

“I call [these] traditional deposits, because they’re core as long as you’re paying the best rate in town. But we have to pay market rates for it,” she says.

Other banks are in a similar position, as higher rates have caused the national rate cap to lag the yield on Treasury securities of similar durations. This puts bankers like Fowler in a tough spot. They need to offer rates above the cap to attract or maintain deposits, but doing so invites skepticism from regulators. The FDIC declined to comment.

“Why would a customer get a CD from me when I can only hypothetically pay the national rate cap?” says Joseph Kiley III, president and CEO of Renton, Washington-based First Financial Northwest, a well-capitalized bank with $1.3 billion in assets. He points out that, at times, Treasuries paid more than 100 basis points above the rate cap.

National Rate Cap.png

Bankers say the cap also creates tension with examiners, who see it as a proxy for “potentially volatile” deposits. That’s because the rule, which should only apply to a small subset of thinly capitalized institutions, has become standard across the industry.

Examiners ask executives at healthy banks what they would do with these higher-rate deposits if the bank lost capital and was forced to abide by the cap, says John Popeo, a principal at the consultancy Gallatin Group. Popeo is a former FDIC regulator who helped resolve failed banks after the financial crisis, and represents institutions across the country that are well capitalized and do not have any immediate regulatory issues.

He says examiners are not threatening a regulatory downgrade but want to see how the bank would fund itself in the event it is no longer well capitalized. For some banks, the answer isn’t pretty.

The cap could lead to systemic problems if too many banks dip below well-capitalized levels during an economic downturn, as the FDIC prohibits less-than-well-capitalized banks from offering rates above the cap.

“When they pull your funding, you’re done,” Kiley says. “[Your bank is] just going to bleed to death.”

The FDIC has begun the process of changing the rate cap calculation, but Fowler worries that an economic downturn that threatens bank capital levels could come faster than regulators’ correction. She has been in banking for decades and says the rate cap is “the biggest threat to the deposit insurance fund I’ve ever seen.”

Executives from Peoples Bank wrote five comment letters on the request for proposal. Fowler points out that the FDIC calculated the cap using only Treasury yields prior to 2009, at which point it changed its approach.

In calculating the rate cap now, the FDIC uses an average of prevailing deposit rates at bank branches, but excludes credit unions, negotiated rates and special offers from the calculation. Using branches means that big banks are overrepresented, and online banks paying market-leading rates are underrepresented. Fowler says the FDIC should change this. She thinks it should compare the current approach to the old Treasury approach, and select the rate that’s higher.

Kiley questions whether a rate cap is an antiquated notion but hopes any change will account for how customers interact with banks and rate-shop in the digital age. If the rate cap continues to exist, he would prefer that the FDIC use wholesale funding rates from institutions like the Federal Home Loan Bank.

“We are living in a world where we pretend folks walk into branches and say ‘Hi’ to the teller … and wave to their money in the vault,” he says. “Everyone banks like they buy from Amazon.com. I don’t think there should be a rate cap.”

Weighing the Value of a Bank Holding Company


governance-6-24-19.pngIn May, Northeast Bank became the fourth banking organization in two years to eliminate its holding company. Northeast joins Zions Bancorporation, N.A., BancorpSouth Bank and Bank OZK in forgoing their holding companies.

All of the restructurings were motivated in part by improved efficiencies that eliminated redundant corporate infrastructure and activities. The moves also removed a second level of supervision by the Federal Reserve Board. Bank specific reasons may also drive the decision to eliminate a holding company.

Zions successfully petitioned to be de-designated as a systemically important financial institution in connection with its holding company elimination. In its announcement, Northeast replaced commitments it made to the Fed with policies and procedures relating to its capital levels and loan composition that should allow for more loan growth in the long run.

Banks are weighing the role their holding companies play in daily operations. Some maintain the structure in order to engage in activities that are not permissible at the bank level. Others may not have considered the issue. Now may be a good time to ask: Is the holding company worth it?

Defined Corporate Governance
Holding companies are typically organized as business corporations under state corporate law, which often provides more clarity than banking law for matters such as indemnification, anti-takeover protections and shareholder rights.

Transaction Flexibility
Holding companies provide flexibility in structuring strategic transactions because they can operate acquired banks as separate subsidiaries. This setup might be desirable for potential partners because it keeps the target’s legal and corporate identity, board and management structure. But even without a holding company, banks can still preserve the identity of a strategic partner by operating it as a division of the surviving bank.

Additional Governance Requirements
A holding company’s status as a separate legal entity subjects it to additional corporate governance and recordkeeping requirements. A holding company must hold separate board of directors and committee meetings with separate minutes, enter into expense-sharing and tax-sharing agreements with its bank subsidiary and observe other corporate formalities to maintain separate corporate identities. In addition, the relationship between the holding company and its subsidiary bank is subject to Section 23A and Section 23B of the Federal Reserve Act, an additional regulatory compliance burden.

Additional Regulatory Oversight
Holding companies are also subject to the Fed’s supervision, examination and reporting requirements, which carry additional compliance costs and consume significant management attention. The Fed also expects bank holding companies to serve as a source of financial strength to their subsidiary banks, an expectation that was formalized in the Dodd-Frank Act.

Diminished Capital Advantages
Historically, holding companies could issue Tier 1 capital instruments that were not feasible or permissible for their bank subsidiaries, such as trust preferred securities and cumulative perpetual preferred stock. They also enjoyed additional flexibility to redeem capital, an advantage that has largely been eliminated by the Basel III rulemaking and Fed supervisory requirements. A holding company with existing grandfathered trust preferred securities or with registered DRIPs may find them useful capital management tools. Holding companies with less than $3 billion in consolidated assets that qualify under the Small Bank Holding Company and Savings and Loan Holding Company Policy Statement are not subject to the Fed’s risk-based capital rules. These companies are permitted to have higher levels of debt than other holding companies and banks.

Broader Activities, Investments
Bank holding companies, especially those that elect to be financial holding companies, can engage in non-banking activities and activities that are financial in nature through non-bank subsidiaries that are bank affiliates. In some cases, these activities may not be bank permissible, such as insurance underwriting and merchant banking. The Fed also has authority to approve additional activities that are financial in nature or incidental or complementary to a financial activity on a case-by-case basis.

Bank holding companies can also make passive, non-controlling minority investments that do not exceed 5 percent of any class of voting securities in any company, regardless of that company’s activities. By comparison, banks are limited to making investments in companies that are engaged solely in bank-permissible activities or must rely on authorities such as community development or public welfare authority to make investments. Banks may also have limited leeway authority to invest in specific securities or types of securities designated under the applicable state banking law or by the applicable state banking regulator.

Banks that are not interested in activities or investment opportunities available to holding companies may be less concerned about eliminating the structure. But an organization that engages in activities at the holding company level that are not permissible for banks or that desires to maintain its grandfathered rights as a unitary savings and loan holding company may not wish to eliminate its holding company.

Operating without a holding company would result in more streamlined regulatory oversight, corporate governance and recordkeeping processes. But a holding company provides the flexibility to engage in activities, to make investments and to create structures that a bank may not. Bank boards should weigh these costs and benefits carefully against their strategic and capital management plans.

A Former Regulator Shares His Advice for Boards


regulator-6-13-19.pngDeveloping a positive relationship with regulators is important for any bank. How can banks foster this?

There’s no one better to answer this question than a former regulator.

Charles Yi served as general counsel of the Federal Deposit Insurance Corp. from 2015 to 2019, where he focused on policy initiatives and legislation, as well as the implementation of related rulemaking. He also served on the FDIC’s fintech steering committee.

In this interview, Yi talks about today’s deregulatory environment and shares his advice for banks looking to improve this critical relationship. He also explains the importance of a strong compliance culture and what boards should know about key technology-related risks.

Yi, now a partner at the law firm Arnold & Porter, in Washington, D.C., spoke to these issues at Bank Director’s Bank Audit & Risk Committees Conference. You can access event materials here.

BD: You worked at the FDIC during a time of significant change, given a new administration and the passage of regulatory relief for the industry. In your view, what do bank boards need to know about the changes underway in today’s regulatory environment?
CY: While it is true that we are in a deregulatory environment in the short term, bank boards should focus on prudent risk management, and safe and sound banking practices for the long term. Good fundamentals are good fundamentals, whether the environment is deregulatory or otherwise.

BD: What hasn’t changed?
CY: What has not changed is the cyclical nature of both the economy and the regulatory environment. Just as housing prices will not always go up, [a] deregulatory environment will not last forever.

BD: From your perspective, what issues are top of mind for bank examiners today?
CY: It seems likely that we are at, or near, the peak of the current economic cycle. The banking industry as a whole has been setting new records recently in terms of profitability, as reported by the FDIC in its quarterly banking profiles. If I [were] a bank examiner, I would be thinking through and examining for how the next phase of the economic cycle would impact a bank’s operations going forward.

BD: Do you have any advice for boards that seek to improve their bank’s relationship with their examiners?
CY: [The] same thing I would say to an examiner, which is to put yourself in the shoes of the other person. Try to understand that person’s incentives, pressures—both internal and external—and objectives. Always be cordial, and keep discussions civil, even if there is disagreement.

BD: What are some of the biggest mistakes you see banks make when it comes to their relationship with their examiner?
CY: Even if there is disagreement with an examiner, it should never become personal. The examiner is simply there to do a job, which is to review a bank’s policies and practices with the goal of promoting safety and soundness as well as consumer protection. If you disagree with an examiner, simply make your case in a cordial manner, and document the disagreement if it cannot be resolved.

BD: In your presentation at the Bank Audit & Risk Committees Conference, you talked about the importance of projecting a culture of compliance. How should boards ensure their bank is building this type of culture?
CY: Culture of compliance must be a focus of the board and the management, and that focus has to be communicated to the employees throughout the organization. The incentive structure also has to be aligned with this type of culture.

Strong compliance culture starts at the top. The board has to set the tone for the management, and the management has to be the example for all employees to follow. Everyone in the organization has to understand and buy into the principle that we do not sacrifice long-term fundamentals for short-term gain—which in some cases could end up being [a] long-term loss.

(Editor’s note: You can learn more about building a strong culture through Bank Director’s Online Training Series, Unit 16: Building a Strong Compliance Culture.)

BD: You served on the FDIC’s fintech steering committee, which—in a broad sense—examined technology trends and risks, and evaluated the potential impact to the banking system. Banks are working more frequently with technology partners to enhance their products, services and capabilities. What’s important for boards to know about the opportunities and risks here?
CY: Fintech is the next frontier for banking, and banks are rightly focused on incorporating technology into their mix of products and services. One thing to keep in mind as banks increasingly partner with technology service providers is that the regulators will hold the bank responsible for what the technology service provider does or fails to do with regard to banking functions that have been outsourced.

BD: On a final note: In your view, what are the top risks facing the industry today?
CY: I mentioned already the risks facing the industry as we contemplate the downhill side of the current economic cycle. One other issue that I know the regulators are and have been spending quite a lot of time thinking about is cybersecurity. What is often said is that a cyber event is not a question of if, but when. We can devote volumes of literature [to] talking about this issue, but suffice for now to say that it is and will continue to be a focus of the regulators.

Arnold & Porter was a sponsor of Bank Director’s Bank Audit & Risk Committees Conference.

Addressing the Top Three Risk Trends for Banks in 2019



As banks continue to become more reliant on technology, the risks and concerns around cybersecurity and compliance continue to grow. Bank Director’s 2019 Risk Survey, sponsored by Moss Adams LLP, compiled the views of 180 bank leaders, representing banks ranging from $250 million to $50 billion in assets, about the current risk landscape. Respondents identified cybersecurity as the greatest concern, continuing the trend from the previous five versions of this report and indicating an industry-wide struggle to fully manage this risk.

Other top trends included the use of technology to enhance compliance and the potential effect of rising interest rates. Here’s what banks need to know as they assess the risks they’ll face in the coming year.

Cybersecurity
Regulatory oversight and scrutiny around cybersecurity for banks seems to be increasing. Agencies including the Securities and Exchange Commission are focused on the cybersecurity reporting practices of publicly traded institutions, as well as their ability to detect intruders. The Colorado legislature recently passed a law requiring credit unions to report data breaches within 30 days. It’s no surprise that 83 percent of respondents said their concerns about cybersecurity had increased over the past year.

Most of the cybersecurity risk for banks comes from application security. The more banks rely on technology, the greater the chance they face of a security breach. Adding to this, hackers continue to refine their techniques and skills, so banks need to continually update and improve their cybersecurity skills. This expectation falls to the bank board, but the way boards oversee cybersecurity continues to vary: Twenty-seven percent opt for a risk committee; 25 percent, a technology committee and 19 percent, the audit committee. Only 8 percent of respondents reported their board has a board-level cybersecurity committee; 20 percent address cybersecurity as a full board rather than delegating it to a committee.

Compliance & Regtech
Utilizing technological tools to meet compliance standards—known as regtech—was another prevalent theme in this year’s survey. This is a big stress area for banks due to continually changing requirements. The previous report indicated that survey respondents saw increased expenses around regtech. This year, when asked which barriers they encountered around regtech, 47 percent responded they were unable to identify the right solutions for their organizations. Executives looking to decrease costs may want to consider whether deploying technology could allow for fewer personnel. When this technology is properly used, manual work decreases through increased automation.

Other compliance concerns for this year’s report included rules around the Bank Secrecy Act and anti-money laundering. Seventy-one percent of respondents indicated they implemented or plan to implement more innovative technology in 2019 to better comply with BSA/AML rules.

Compliance with the current expected credit loss standard was another area of concern. Forty-two percent of respondents indicated their bank was prepared to comply with the CECL standard, and 56 percent replied they would be prepared when the standard took place for their bank.

Interest Rate & Credit Risk
The potential for additional interest rate increases made this a new key issue for the 2019 report. When asked how an interest rate increase of more than 100 basis points, or 1 percent, would affect their banks’ ability to attract and retain deposits, 47 percent of respondents indicated they would lose some deposits, but their bank wouldn’t be significantly affected. Thirty percent indicated an increase would have no impact on their ability to compete for deposits.

However, 55 percent believed a severe economic downturn would have a moderate impact on their banks’ capital. In the event of such a downturn, deposits and lending would slow, and banks could incur more charge-offs, which would impact capital. This fluctuation can be easy to dismiss, but careful planning may help reduce this risk.

Assurance, tax, and consulting offered through Moss Adams LLP. Investment advisory services offered through Moss Adams Wealth Advisors LLC. Investment banking offered through Moss Adams Capital LLC.

How Innovative Banks Keep Up With Compliance Changes


compliance-6-5-19.pngBankers and directors are increasingly worried about compliance risk.

More than half of executives and directors at banks with more than $10 billion in assets said their concerns about compliance risk increased in 2018, according to Bank Director’s 2019 Risk Survey. At banks of all sizes, 39 percent of respondents expressed increasing concern about their ability to comply with changing regulations.

They’re right to be worried. In 2018, U.S. banks saw the largest amount of rule changes since 2012, according to Pamela Perdue, chief regulatory officer for Continuity. This may have surprised bankers who assumed that deregulation would translate to less work.

“The reality is that that is not the case,” she says. “[I]t takes just as much operational effort to unwind a regulatory implementation as it does to ramp it up in the first place.”

Many banks still rely on compliance officers manually monitoring websites and using Google alerts to stay abreast of law and policy changes. That “hunt-and-peck” approach to compliance may not be sufficiently broad enough; Perdue said bankers risk missing or misinterpreting regulatory updates.

This potential liability could also mean missed opportunities for new business as rules change. To handle these challenges, some banks use regulatory change management (RCM) technology to aggregate law and policy changes and stay ahead of the curve.

RCM technology offerings are evolving. Current offerings are often included in broader governance risk and compliance solutions, though these tools often use the same manual methods for collecting and processing content that banks use.

Some versions of RCM technology link into data feeds from regulatory bodies and use scripts to crawl the web to capture information. This is less likely to miss a change but creates a mountain of alerts for a bank to sort through. Some providers pair this offering with expert analysis, and make recommendations for whether and how banks should respond.

But some of the most innovative banks are leveraging artificial intelligence (AI) to manage regulatory change. Bank Director’s 2019 Risk Survey revealed that 29 percent of bank respondents are exploring AI, and another 8 percent are already using it to enhance the compliance function. Companies like San Francisco-based Compliance.ai use AI to extract regulatory changes, classify them and summarize their key holdings in minutes.

While AI works exponentially faster than human compliance officers, there are concerns about its accuracy and reliability.

“I think organizations need to be pragmatic about this,” says Compliance.ai chief executive officer and co-founder Kayvan Alikhani. “[T]here has to exist a healthy level of skepticism about solutions that use artificial intelligence and machine learning to replace what a $700 to $800 an hour lawyer was doing before this solution was used.”

Compliance.ai uses an “Expert in The Loop” system to verify that the classifications and summaries the AI produced are accurate. This nuanced version of supervised learning helps train the model, which only confirms a finding if it has higher than 95 percent confidence in the decision.

Bankers may find it challenging to test their regulatory technology systems for accuracy and validity, according to Jo Ann Barefoot, chief executive officer of Washington-based Barefoot Innovation Group and Hummingbird Regtech.

“A lot of a lot of banks are running simultaneously on the new software and the old process, and trying to see whether they get the same results or even better results with the new technology,” she says.

Alikhani encourages banks to do proofs of concept and test new solutions alongside their current methodologies, comparing the results over time.

Trust and reliability don’t seem to be key factors in bankers’ pursuit of AI-based compliance technology. In Bank Director’s 2019 Risk Survey, only 11 percent of banks said their bank leadership teams’ hesitation was a barrier to adoption. Instead, 47 percent cited the inability to identify the right solution and 37 percent cited a lack of viable solutions in the marketplace as the biggest deterrents.

Bankers who are adopting RCM are motivated by expense savings, creating a more robust compliance program and even finding a competitive edge, according to Barefoot.

“If your competitors are using these kinds of tools and you’re not that’s going to hurt you,” she says.

Potential Technology Partners

Continuity

Combines regulatory data feeds with consultative advice about how to implement changes.

Compliance.ai

Pairs an “Expert in the Loop” system to verify the accuracy of AI summaries and categorization

OneSumX Regulatory Change Management from Wolters Kluwer

Includes workflows and tasks that help banks manage the implementation of new rules and changes

BWise

Provides impact ratings that show which parts of the bank will be impacted by a rule and the degree of impact

Predict360 from 360factors

Governance risk and compliance solution that provides banks with access to the Code of Federal Regulations and administrative codes for each state

Learn more about each of the technology providers in this piece by accessing their profiles in Bank Director’s FinXTech Connect platform.