Error Resolution and Peer-to-Peer Transfers Services
The pandemic has pushed more and more people toward using Peer-to-Peer Transfers (P2P) services, like Cash App, Paypal, and Zelle. These apps allow users to link their deposit account to the app and use the app to transfer funds to others. Scammers have increasingly been enticing people to use these apps to transfer funds to them, which has led more customers to report these transactions to their bank as an error under Reg. E. Our Hotline staff answers many questions about the bank’s role in investigating and correcting potential errors involving these P2P services. As these apps have been growing in popularity in recent years, it is important the bank understands its regulatory responsibility when it comes to errors involving these apps.
Regulation E generally governs electronic funds transfers (EFTs) and the dispute resolution process when a customer disputes an EFT with the bank. For our purposes though, Reg. E provides a handy provision in § 1005.14(a) that may shift the responsibility for error resolution from the bank to the P2P service provider:
“A person that provides an electronic fund transfer service to a consumer but that does not hold the consumer’s account is subject to all requirements of this part if the person:
(1) Issues a debit card (or other access device) that the consumer can use to access the consumer’s account held by a financial institution; and (2) Has no agreement with the account-holding institution regarding such access.”
The first prong of our analysis is whether the P2P issues an access device. This prong is easy to satisfy in our situation since the P2P app itself is an access device since it can be used to initiate EFTs. If your customer can link their deposit account to one of these apps and then use the app to transfer funds, this section may apply.
Second, we look to whether there the bank and the P2P service provider have contracted with one another. For most apps, there is no contract present. However, you’d need to confirm before using this section of Reg. E to deny your customer’s dispute claim. If you have an agreement with the P2P service provider, then the Reg. E general requirements will apply to the bank and you will also need to review the contractual provisions regarding disputes. If you don’t have an agreement with the P2P service provider, they may be responsible for error resolution involving the EFTs they facilitate under Reg. E.
You may want to review your Reg. E procedures to make sure your staff is asking the appropriate questions when a customer disputes a transaction. Gathering the appropriate information may tell you whether the above provision can help. You can find a great refresher of your Reg. E responsibilities here, a tool to calculate your liability and the appropriate timing here, and tools to help you communicate with customers about Reg. E in our Reg. E toolkit. If you have any questions about this, Compliance Alliance is here for you.
GSE Patches, We’re Depending on You
The CFPB estimates that approximately 16% of all first-lien mortgage loans are made under the GSE patch. That is nearly a million loans per year made under this temporary Reg Z provision.
Back in June 2020 the CFPB issued two Notices of Proposed Rulemaking in which they sought to 1) extend the sunset/expiration date of the GSE patch, and 2) revise the definition of a qualified mortgage.
The GSE patch has a built-in sunset/expiration provision of whenever the GSEs exit federal conservatorship or January 10, 2021, whichever comes first. In October 2020, the CFPB issued the first of these rules, the final rule to extend the sunset/expiration provision of the GSE patch.
This final rule extends the sunset/expiration date for the GSE patch QMs, while not disturbing the existing provision that the GSE patch will expire when the GSEs exit conservatorship. Under this final rule, the GSE patch will expire on the earlier of: 1) the date that the GSEs exit conservatorship , or 2) the mandatory compliance date specified in the yet to be published final rule which will revise the qualified mortgage definition. So, the GSE patch QMs will continue to live on beyond January 10, 2021, but for exactly how long is unclear. As long as the GSEs continue under conservatorship, lenders will have to wait for the CFPB’s general QM revision rule to start the clock on the expiration of the GSE patch QM rules.
This GSE patch final rule does not affect FHA, VA or USDA qualified mortgages. Additionally, the expiration of the GSE patch QM will not affect the QM status of a loan if the loan was made or the loan application was received before the extended sunset/expiration date, and the loan will be a QM for the remainder of the loan’s term.
For a little background on qualified mortgages and the GSE patch, after Dodd-Frank’s established the ability-to-repay (ATR) requirements and qualified mortgage requirements, the CFPB issued the ATR/QM rule. This rule created categories of QM loans, including the general QM and the temporary GSE QM (GSE patch), with the GSE patch giving lenders the flexibility to make loans to individuals who do not meet all of the general QM requirements.
The general QM has, among other requirements, a prohibition against balloon payments, a prohibition of a loan term greater than 30 years and a requirement that the borrower’s debt-to-income ratio (DTI) not exceed 43%. However, as was previously mentioned, nearly 16% of all first-lien mortgage borrowers in the U.S. have a DTI that exceeds 43%, creating the need for the GSE patch.
The GSE patch QMs are loans that comply with certain specified general QM requirements and are also eligible for purchase by Fannie Mae or Freddie Mac (collectively, the GSEs). Under the GSE patch provision, a loan can still be a QM even if the borrower’s DTI exceeds 43%, as long as the borrower meets the GSE’s requirements and underwriting criteria. In addition, income and debt for these loans are generally verified using GSE standards, rather than the Appendix Q standards used for the general QM.
This October 2020 final rule is effective on December 28, 2020. For additional information on the proposed revisions to the definition of qualified mortgage and the final changes to the GSE patch, see the CFPB’s Executive Summary of the October 2020 Rule, the October 2020 GSE patch extension final rule, as well as the CFPB’s June 2020 Notice of Proposed Rulemaking.
Understanding Your Fair Lending Risk
Regulatory fair lending expectations are not going away any time soon. In fact, the Comptroller of the Currency (“OCC”) recently announced their Fiscal Year 2021 Bank Supervision Operating Plan, which includes the following supervisory priority and objective: “Fair lending examinations and risk assessments, including risks associated with 2020 pandemic-related loan accommodations and loss mitigation efforts and new technology used in underwriting processes.”
Although this priority is specific to the OCC, it’s likely other banking regulators, such as the Federal Deposit Insurance Corporation (“FDIC”) and the Federal Reserve Board (“FRB”) will be following suit as the Consumer Financial Protection Bureau (“CFPB”) regularly examines for fair lending compliance at large financial institutions.
Before we get into what steps a bank can take to prepare itself for fair lending examination, it is important to remember what fair lending is about.
Fair Lending is a collection of rules that comprise the centric idea to prohibit discrimination on a protected basis. Fair Lending is comprised of the Equal Credit Opportunity Act (“ECOA”) as the primary rule, the Fair Housing Act (“FHA”), which is focused on residential real estate transactions, and various interagency guidance. Both rules set out a list of protected classes and types of discrimination.
A bank should consider and evaluate fair lending during each step of a loan transaction. This includes how a bank offers, advertises, and provides loan products, marketing, setting terms, loan officer discussions, monitoring and re-evaluating whether a loan is right for the borrower. This life-of-loan approach to determine whether a bank practice may raise potential discrimination concerns is important for demonstrating a robust fair lending compliance program.
Now, let’s look at some best practices to help you ace your exam:
Know your story. The bank should be able to provide an in-depth description of the historical documentation of meeting the needs of its borrower and the community, including any deficiencies that may appear based on analysis of data, such as from the Home Mortgage Disclosure Act (“HMDA”) public data.
Formal fair lending program. The Bank should implement appropriate policies and procedures to lead team members down the path to fair lending compliance.
Fluid risk assessment process. A risk assessment only paints a picture at a point in time, so the risk assessment process needs to be something that occurs on a regular basis to support the bank’s ongoing fair lending efforts.
Risk-based approach. The bank should identify the highest fair lending compliance risks and make them the priority for controls, policies, and procedures. Once the bank’s fair lending program reduces the highest risks to acceptable levels, then it can move on to lower risks.
Training. Banks should provide annual fair lending training to all team members involved in the lending life-cycle, to help educate them on how to identify and reduce fair lending risks.
By following these best practices, a bank should be in a good position to identify its potential fair lending risk, act to mitigate the fair lending risk according to its defined risk appetite and pass any regulatory examination with flying colors.
Managing Changes
Things change. Despite the view of the general public of banking as a somewhat traditional, unchanging business, those inside the industry know that change happens often, happens quickly, and sometimes happens without warning. I’d bet we could all recall a time when there was an unexpected regulatory change that disrupted the way we do things and left us struggling to keep up. For many of us, that’s the story of 2020. So, what do we do about all of this change?
The solution to the problem of change is to have an effective change management program. A change management program helps identify changes and helps determine how to appropriately respond to changes, particularly changes to laws and regulations. This is a program that helps banks effectively implement changes to products and services as well. It is essential that a bank’s Board of Directors and senior management establish a process that is effective, efficient and repeatable for managing change. Similar to many areas of compliance, there is not a one-size-fits-all solution, and a truly effective change management system will need to be tailored to the bank’s size, risk profile and complexity of the bank’s products and services. An effective change management program will identify changes, establish which parties are responsible for which changes, create action items and deadlines, test the planned changes, and evaluating the effectiveness of changes after implementation.
One key area in which change occurs, that institutions are often forced to be reactive, rather than proactive, is in the area of changes to laws and regulations. Any time there are new requirements, it can have significant effects on operations, products and services offered, as well as the responsibilities of bank staff. When things change, not only is it important to determine what to do, but also who will do what in response.
Another key area in which change occurs is the products and services offered. Sometimes these changes occur due to regulatory changes, other times changes happen to be more competitive in the marketplace, and sometimes changes take place to realign the bank’s offerings with the bank’s vision and mission. Institutions must continually evolve with consumer needs and expectations as not to be left behind. Robust and fluid change management programs ensure that banks are smoothly launching new products and effectively implementing new services.
A third key area in which change occurs is technology, which affects everyone but often at different times and with different intensity. Managing technology changes at the bank can include large-scale changes like system conversion and innovative changes like embracing fintech developments. Technology changes often also involve new third-party relationships which also reaffirms the necessity for vendor management and oversight. Technology changes are now a normal part of bank’s business models. The appropriate management of technological changes will help institutions operate smoothly and comply with laws and regulations.
Every bank is expected to have a process in place to ensure sufficient and timely responses to the changes that effect the bank’s compliance, and an effective program will likely look different at different institutions. Smaller community banks may have a streamlined process, whereas larger banks may have a much more complex program.