Top Story Compliance Related

The Securities and Exchange Commission has announced it has charged registered broker-dealer Deutsche Bank Securities Inc., a subsidiary of Deutsche Bank AG, for failing to file certain Suspicious Activity Reports (SARs) in a timely manner. Deutsche Bank Securities has agreed to pay a $4 million civil penalty to settle the SEC’s charges.

According to the SEC’s order, Deutsche Bank Securities received requests in connection with law enforcement or regulatory investigations or litigation that prompted it to conduct SARs investigations. However, the SEC’s order finds that, in certain instances from April 2019 to March 2024, Deutsche Bank Securities failed to conduct or complete the investigations within a reasonable period of time, including at least two instances where Deutsche Bank Securities took more than two years to file the SARs.

The CFPB published [89 FR 104398] a final rule in today's Federal Register amending the official commentary to its Regulation Z to make annual adjustments to the asset-size thresholds exempting certain creditors from the requirement to establish an escrow account for a higher-priced mortgage loan (HPML). The exemption threshold for creditors and their affiliates that regularly extended covered transactions secured by first liens is adjusted to $2.717 billion (up from $2.640 billion) and the exemption threshold for certain insured depository institutions and insured credit unions with assets of $10 billion or less is adjusted to $12.179 billion (up from $11.835 billion).

The amendments will be effective on January 1, 2025. They have been incorporated into the BankersOnline Regulations page for § 1026.35 of Regulation Z.

The Department of the Treasury has released a report following its 2024 Request for Information (RFI) on the Uses, Opportunities, and Risks of Artificial Intelligence (AI) in Financial Services, which summarizes key themes from respondent feedback and recommends several next steps.

The report highlights increasing AI use throughout the financial sector and underscores the potential for AI – including Generative AI – to broaden opportunities while amplifying certain risks, such as risks related to data privacy, bias, and third-party providers. The report builds on Treasury’s work on AI-related cybersecurity risks in the financial sector, including its March 2024 report.

The CFPB has announced it has brought suit against the operator of Zelle and three of the country's largest banks for failing to protect consumers from widespread fraud on America’s most widely available peer-to-peer payment network.

In its Complaint filed with the U.S. District Court for the District of Arizona, the CFPB alleges that Early Warning Services, LLC, which operates Zelle, along with three of its owner banks—Bank of America, JPMorgan Chase, and Wells Fargo—rushed the network to market to compete against growing payment apps such as Venmo and CashApp, without implementing effective consumer safeguards. Customers of the three banks named in today’s lawsuit have lost more than $870 million over the network’s seven-year existence due to these failures. The CFPB’s lawsuit describes how hundreds of thousands of consumers filed fraud complaints and were largely denied assistance, with some being told to contact the fraudsters directly to recover their money. Bank of America, JPMorgan Chase, and Wells Fargo also allegedly failed to properly investigate complaints or provide consumers with legally required reimbursement for fraud and errors. The CFPB is seeking to stop the alleged unlawful practices, secure redress and penalties, and obtain other relief.

Early Warning Services, LLC is a financial technology and consumer reporting company based in Scottsdale, Arizona. Early Warning Services designed and operates the Zelle network. It is co-owned by seven of the largest banks in the United States: Bank of America, Capital One, JPMorgan Chase, PNC Bank, Truist, U.S. Bank, and Wells Fargo.

Zelle allows near-instant electronic money transfers through linked email addresses or U.S.-based mobile phone numbers, known as “tokens.” Users can create multiple tokens across different banks and quickly reassign them between institutions, a feature that the CFPB alleges has left consumers vulnerable to fraud schemes. The CFPB alleges that Bank of America, JPMorgan Chase, Wells Fargo, and Early Warning Services violated federal law through critical failures including leaving the door open to scammers, allowing repeat offenders to hop between banks, ignoring red flags that could prevent fraud, and abandoning consumers after fraud occurred.

• Press Call Remarks of CFPB Director Rohit Chopra

The FDIC, OCC, and Federal Reserve Board have jointly announced the 2025 updated Community Reinvestment Act (CRA) "small bank" and "intermediate small bank" asset-size thresholds.

As a result of the 2.91 percent increase in the Consumer Price Index for Urban Wage Earners and Clerical Workers (CPI-W) for the period ending in November 2024, the CRA asset-size thresholds for small banks and intermediate small banks are:

• A small bank is an institution that, as of December 31 of either of the prior two calendar years, had assets of less than $1.609 billion.
• An intermediate small bank is a small institution with assets of at least $402 million as of December 31 of both of the prior two calendar years and less than $1.609 billion as of December 31 of either of the prior two calendar years.

These thresholds are in effect from January 1, 2025, through December 31, 2025. A list of the current and historical asset-size thresholds is available here.

• Federal Register Notice

The OCC has released a list of enforcement actions taken against national banks and federal savings associations (banks), and individuals currently and formerly affiliated with banks the OCC supervises.

• A Formal Agreement with the The Fairfield National Bank, Fairfield, Illinois, for unsafe or unsound practices, including those related to staffing and training, credit risk rating, credit underwriting, credit administration, loan review, allowance for credit losses, and a violation related to failure to file true and correct Reports of Condition and Income.
• A Formal Agreement with The First National Bank of Williamson, Williamson, West Virginia, for unsafe or unsound practices, including those related to staffing, capital planning, strategic planning, interest rate risk management, audit committee oversight, allowances for credit losses, credit administration, and commercial credit.
• The Cease and Desist Order against USAA, Federal Savings Bank that we reported in yesterday's Top Stories.
• A Notice of Charges for an Order of Prohibition against Armando De Leon, former Store Manager at a Hialeah, Florida, branch of TD Bank, N.A., Wilmington, Delaware, alleging, among other things, that while he was a bank employee, De Leon submitted fraudulent Payment Protection Program loan applications that received over $80,000 in funding.
• A Notice of Charges for Order of Prohibition against Emily M. Niedwiecky, former Senior Customer Service Representative at a Raleigh, North Carolina, Auto Operations Center of Wells Fargo Bank, N.A., Sioux Falls, South Dakota, alleging, among other things, that Niedwiecky falsely disputed with the bank approximately $22,000 in purchases she made with her personal debit cards.
• An Order of Prohibition against Wendell Pialet, former Business Relationship Manager at a San Diego, California, branch of JPMorgan Chase Bank, N.A., Columbus, Ohio, for accepting a bribe to open a bank account that was to be used to receive proceeds from fraudulent Paycheck Protection Program loans.

The Federal Reserve Board has announced a written agreement between Lineage Financial Network, Inc., Franklin, Tennessee, and the Federal Reserve Bank of Atlanta.

The Treasury Department issued three news releases yesterday to announce OFAC actions:

• Continued pressure on Houthi procurement and financing schemes: OFAC sanctioned a dozen individuals and entities based in multiple jurisdictions, including the head of the Houthi-aligned Central Bank of Yemen branch in Sana’a, for their roles in trafficking arms, laundering money, and shipping illicit Iranian petroleum for the benefit of the Houthis. OFAC also identified five cryptocurrency wallets associated with Islamic Revolutionary Guard Corps-Qods Force (IRGC-QF)-backed Houthi financial official Sa’id al-Jamal (al-Jamal), who operates under the aliases “Khrpi,” “Ahmad Sa’idi,” and “Hisham,” among others.
• Maintaining pressure on Iranian shadow fleet: OFAC imposed sanctions on four entities and three vessels involved in the trade of Iranian petroleum and petrochemicals, which generate billions of dollars’ worth of revenue for the Iranian regime. Treasury also announced concurrent action by the State Department against four entities in multiple jurisdictions involved in the movement of Iranian petroleum.
• Sanctions against Georgian Ministry of Internal Affairs officials: OFAC sanctioned two Georgian officials from Georgia’s Ministry of Internal Affairs which has engaged in brutal crackdowns on media members, opposition figures, and protesters — including during demonstrations throughout 2024.

For the names and identification information of the designated parties, see yesterday's BankersOnline OFAC Update.

The Financial Crimes Enforcement Network (FinCEN) has reported it has issued an Alert [FIN-2024-Alert005] to raise awareness of fraud schemes abusing FinCEN’s name, insignia, and authorities for financial gain. These FinCEN-specific fraud schemes include scams that exploit beneficial ownership information reporting; misuse FinCEN’s Money Services Business Registration tool; or involve the impersonation of, or misrepresent affiliation with, FinCEN and its employees.

The alert provides guidance to the public on how to identify and avoid these scams and provides typologies and red flag indicators to help financial institutions detect, prevent, and report potential suspicious activity to FinCEN. The public is reminded that any solicitations from individuals or entities abusing FinCEN’s name, insignia, or authorities, or impersonating a FinCEN employee should be reported to Treasury’s Office of Inspector General and the Federal Trade Commission.

Suspicious Activity Reports concerning these fraud schemes should reference FinCEN's alert by including the key term "“FIN-2024-FINCENSCAMS” in SAR field 2 (Filing Institution Note to FinCEN) and the narrative. Financial institutions should also select SAR field 34(z) (Fraud – Other) and include any other relevant terms, including “BOI Scam,” “MSB Scam,” and/or “FinCEN Imposter Scam” in the text box, as applicable.

The Department of the Treasury yesterday reported that OFAC had sanctioned two entities and two individuals for their role in developing and procuring components for sensitive navigational systems for the Iranian military. Concurrent with this action, the U.S. Department of State designated one individual and two entities involved in Iranian UAV and missile development.

Treasury also reported that OFAC had designated three individuals and four entities in Bosnia and Herzegovina (BiH) that form part of U.S.-designated Republika Srpska (RS) President Milorad Dodik’s (Dodik) financial network and enable the Dodik family’s continued attempts to evade sanctions. OFAC's action also targets a BiH politician who serves as a key enabler of Dodik’s corruption and destabilizing political agenda. OFAC also designated Viktor Pavlovich Perevalov for operating or having operated in the construction sector of the Russian Federation economy.

For the names and identification information of the designated parties, see yesterday's BankersOnline OFAC Update.