Top Story Operations Related

The Federal Financial Institutions Examination Council’s member agencies are making changes to the Uniform Bank Performance Report’s Interest Rate Risk Analysis page on or shortly after February 22, 2025. These changes, being led by the Task Force on Surveillance Systems, are part of a previously announced ongoing multiyear review of Uniform Bank Performance Report content.

More information on the changes to the UBPR Interest Rate Risk Analysis page is available HERE.

The Treasury Department reports that the Financial Action Task Force (FATF) —the global standard-setting body for anti-money laundering, countering the financing of terrorism, and proliferation of weapons of mass destruction—concluded a plenary in Paris.

During the plenary, the FATF discussed ongoing work on evolving proliferation financing and terrorist financing risks, financial inclusion, and standards for domestic and cross-border payments, including agreeing to release draft updates for public consultation. The FATF also agreed to consult the public on an initiative examining complex proliferation financing and sanctions evasion schemes.

The FATF also endorsed changes to its recommendation to further reaffirm the importance of a risk-based approach to assessing and mitigating money laundering and terrorist financing risks, including ensuring preventive or mitigation measures are commensurate with the risks identified.

Finally, the FATF finalized work to help combat the online sexual exploitation of children, a heinous crime that preys on some of society’s most vulnerable. The soon-to-be-published report, based upon contributions from nearly 30 countries, analyzes the financial typologies associated with financial sextortion and live-streamed abuse of children.

• Outcomes of the FATF Plenary, February 21, 2025

OFAC has announced the launch of its new File Finder application for use on the OFAC website. The new browser-based application allows users to search through and efficiently navigate all of OFAC's website content.

Putting the user in control, File Finder searches all static content on OFAC's website (PDF documents, word documents, etc.) by document title, document type, and the contents of each document. Searchable content typically includes general licensees, Federal Register notices, executive orders (and other legal documents), press charts, advisories, specific guidance, as well as many other records.

The OCC has released enforcement actions taken against OCC-supervised financial institutions and individuals now or formerly affiliated with such institutions. The OCC also announced updates to its enforcement action search tool.
 
Formal Agreements with:

• Dearborn FSB, Dearborn, Michigan, for unsafe or unsound practices, including those related to compliance management, fair lending risk management, insider activities, and compensation practices; and violations related to recordkeeping
• Patriot Bank, N.A., Stamford, Connecticut, for violations and unsafe or unsound practices, including those related to strategic planning, capital planning, Bank Secrecy Act/Anti-Money Laundering risk management, payment activities oversight, credit administration, and concentration risk management

Orders of Prohibition against:

• Max M. Bender, former Operations Processor at a Cincinnati, Ohio, location of U.S. Bank, N.A., Cincinnati, Ohio, for misappropriating funds from commercial customer deposits, resulting in a loss of at least $23,000 to the bank
• Justin Cooper, former Bank Teller at a Ramsey, New Jersey, branch of TD Bank, N.A., Wilmington, Delaware, for accessing customer records without authorization and providing customer information to a third party in exchange for money
• Larry DeWitt, former Chief Credit Officer and Lending Officer at BancCentral, N.A., Alva, Oklahoma, for, among other things, failing to secure cash collateral required for certain new market tax credit loans, which caused the bank to violate its legal lending limit, and failing to inform the bank of a customer’s impending withdrawal of millions of dollars on deposit with the bank, which he encouraged, facilitated, and understood could severely impact the bank’s liquidity
• Derek Heaton, former Chief Lending Officer at BancCentral, N.A., Alva, Oklahoma, for failing to secure cash collateral required for certain new market tax credit loans, which caused the bank to violate its legal lending limit
• Jackeline Graves, former Retail Banker at a Port Arthur, Texas, branch of Woodforest National Bank, The Woodlands, Texas, for gaining unauthorized access to bank customers’ personal information and forging their names onto checks to steal at least $14,000
• Mark Tillman, former Loan Officer at Citizens Bank, N.A., Providence, Rhode Island, for, among other things, making false statements and statements of omission to influence the bank’s mortgage lending decisions; failing to review, identify, and escalate red flags in mortgage loan applications or supporting information; and failing to fully disclose the involvement of a mortgage broker and the broker’s fees. An order to Cease and Desist was included

The Financial Accountability and Corporate Transparency (FACT) Coalition has reported that Judge Jeremy D. Kernodle, of the Tyler Division of the U.S. District Court for the Eastern District of Texas, has lifted a preliminary injunction issued in Smith v. United States Department of the Treasury, removing the last legal roadblock to the enforcement of the Corporate Transparency Act (CTA). The decision aligns with another decision made by the Supreme Court in a similar case in January.

FinCEN has updated an Alert on its Beneficial Ownership Information page to say that the "beneficial ownership information (BOI) reporting requirements under the Corporate Transparency Act (CTA) are once again back in effect." FinCEN added that, "because the Department of the Treasury recognizes that reporting companies may need additional time to comply with their BOI reporting obligations, FinCEN is generally extending the deadline 30 calendar days from February 19, 2025 [to March 21, 2025], for most companies. Companies with disaster-relief extensions to dates later that March 21 must meet their later deadline for filing.

Also, FinCEN said that, during the 30-day period, it will assess its options to further modify deadlines, while prioritizing reporting for those entities that pose the most significant national security risks. FinCEN also intends to initiate a process this year to revise the BOI reporting rule to reduce burden for lower-risk entities, including many U.S. small businesses.

FinCEN issued FinCEN Notice FIN-2025-CTA1 to further explain the new deadlines for reporting.

The fourth 2024 issue of the Federal Reserve's Consumer Compliance Outlook (CCO) is now available on the CCO website. This issue includes articles on:

• The Federal Reserve System’s Top-Issued Fair Lending Matters Requiring Immediate Attention and Matters Requiring Attention
• Top Federal Reserve System Compliance Violations in 2023 Under the Equal Credit Opportunity Act
• Top-Cited Federal Reserve System Compliance Violations in 2023 Under the Truth in Lending Act for the TILA RESPA Integrated Disclosure
• Complex Bank-Fintech Partnerships
• Interagency Statement on Elder Financial Exploitation

FinCEN has issued a notice to email subscribers that its Interactive SARs Stats webpage has been updated to include SAR data through calendar year 2024. Interactive SAR Stats is an application that enables users to view FinCEN’s trend data for aggregated counts of defined suspicious activities that financial institutions report to FinCEN.

The Treasury Department this morning reported that OFAC, Australia’s Department of Foreign Affairs and Trade, and the United Kingdom’s Foreign Commonwealth and Development Office are jointly designating Zservers, a Russia-based bulletproof hosting (BPH) services provider, for its role in supporting LockBit ransomware attacks. LockBit, a Russia-based ransomware group best known for its ransomware variant of the same name, is one of the most deployed ransomware variants and was responsible for the November 2023 attack against the Industrial Commercial Bank of China U.S. broker-dealer. BPH service providers sell access to specialized servers and other computer infrastructure designed to evade detection and defy law enforcement attempts to disrupt these malicious activities. OFAC is also designating two Russian nationals — Alexander Igorevich Mishin and Aleksandr Sergeyevich Bolshakov — who are key administrators of Zservers and have enabled ransomware attacks and other criminal activity.

Click here for more information on the individuals and entities designated or otherwise blocked today.

In January, the New York Department of Financial Services announced proposed regulations to enhance consumer protections against unfair overdraft fees. These regulations ensure consumers will no longer be burdened with overdraft fees for minor transactions and require banks to provide timely notifications to consumers about overdraft fees to improve transparency. The proposed rules would affect New York state-chartered banking institutions (banks, trust companies, savings banks, savings and loan associations, and credit unions).

Key highlights:

• Overdraft fees would be prohibited for items of $20 or less, and would be capped at the amount by which the account is overdrawn
• Would set a maximum of three OD fees per day per account, and bar multiple fees for the same transaction
• Would prohibit charging “sustained,” “continuous” or “daily” overdraft fees for each day an overdraft balance is not repaid
• Would ban charging one fee for transferring funds from another account to cover an overdraft and then imposing a second fee for the overdraft itself
• Would prohibit NSF fees for EFTs that the institution declines instantaneously (or nearly so).
• Settling or completing EFTs in a manner that maximizes NSF or OD charges would be banned
• "Authorize positive, settle negative" (APSN) practices would be banned
• Most return deposit items fees would be prohibited
• If a payee represents a debit that was previously charged an NSF fee, subsequent NSF fees for representment of the same item would be banned
• Banking institutions would be required to notify consumers “via the most immediate and rapid means of communication” used by the institution to deliver written notices when an overdraft or NSF fee is likely to be charged in connection with an electronic debit. In addition, banking institutions would need to inform consumers after the first NSF or return deposit item charge in a calendar year, and 30 days in advance of any changes to overdraft or NSF fees.

• NYDFS Press Release

On Friday, Acting FDIC Chairman Travis Hill sent a letter to the Financial Crimes Enforcement Network (FinCEN) expressing support for allowing more flexibility with respect to certain Customer Identification Program (CIP) requirements for bank-fintech partnerships. Specifically, Acting Chairman Hill expressed support for generally allowing the collection of the last four digits of a Social Security number from a customer, rather than the full nine digits -- the approach permitted for credit card customers.

The letter states, “Aligning regulatory requirements to modern onboarding processes is long overdue. Federal authorities have long allowed banks to onboard credit card customers in this way; I support extending this approach more broadly . . . I look forward to working with our regulatory partners to modernize our approach to reflect private sector innovation in providing customer access to financial services.”

[Editor's note: Hill's letter made no mention of the requirement to obtain the full TIN of a customer when the account type (deposit or loan) will require the reporting to the IRS of interest paid to or by the customer.]

• FDIC Press Release