Top Story Operations Related

FinCEN has updated one of the alerts on its Beneficial Ownership Information Reporting webpage to acknowledge the Supreme Court's January 23, 2025, stay of a nationwide injunction issued by a federal judge in Texas (Texas Top Cop Shop, Inc. v. McHenry—formerly, Texas Top Cop Shop v. Garland).

Although various reports have suggested that the SCOTUS action would allow FinCEN to again require entities subject to the regulation to file reports, FinCEN's Alert notes a separate nationwide order issued by a different federal judge in Texas (Smith v. U.S. Department of the Treasury) still remains in place, and reporting companies are not currently required to file beneficial ownership information with FinCEN despite the Supreme Court’s action in Texas Top Cop Shop.

Reporting companies also are not subject to liability if they fail to file this information while the Smith order remains in force. However, reporting companies may continue to voluntarily submit beneficial ownership information reports.

The NCUA has reported that the president has designated NCUA Vice Chairman Kyle S. Hauptman as the thirteenth Chairman of the NCUA Board.

Mr. Hauptman listed his priorities as chairman in the NCUA's press release. Among them were—

• "Codifying our procedures to protect Americans from regulation-by-enforcement. For example, no enforcement action should ever set — even clarify — policy. In America and other free societies, the sequence is: set speed limits, then give speeding tickets (no one has any obligation to be aware of someone else’s ticket)."
• Re-assessing NCUA policies that may, even inadvertently, dissuade credit unions from serving low-income areas. This includes language around overdraft policies, particularly for credit unions located in states with especially punitive government late fees/penalties.
• Right-sizing credit unions’ obligations where possible under the Bank Secrecy Act, including NCUA’s regulations surrounding Suspicious Activity Reports.”

Last week, the CFPB released a Compendium of Recent CFPB Guidance, including CFPB Circulars, Bulletins, Advisory Opinions, and Interpretive Rules issued from November 2021 through December 2024. The Compendium comprises 42 documents issued by the Bureau during that period for a total of 363 pages in a PDF format.

The Financial Crimes Enforcement Network (FinCEN) recently published [90 FR 5629, 1/17/2025] a final rule to reflect inflation adjustments to its civil money penalties (those within the jurisdiction of FinCEN). The increased maximum penalties listed became effective on January 17, 2025. The current maximum penalties can be found in FinCEN's regulations at 31 C.F.R. § 1010.821.

The NCUA has released a research note that provides an analysis of statistics for overdraft and non-sufficient funds fees, and observations on the relationship between overdraft and non-sufficient funds fees and other revenues.

The Note highlights two observations:

• Credit unions with higher combined overdraft and NSF fees per member do not seem to have lower fees per member for other services
• Credit unions with higher combined overdraft and NSF fee revenues do not seem to be using those fees to “subsidize” better interest rates

The NCUA’s Office of the Chief Economist will continue to analyze evolving trends in overdraft and NSF fees revenue as additional data become available.

The FDIC announced on Friday that the Pulaski Savings Bank of Chicago, Illinois, was closed by the Illinois Department of Financial and Professional Regulation (IDFPR) due its unsafe and unsound condition and an impaired capital position. The IDFPR appointed the FDIC as receiver. To protect depositors, the FDIC entered into a purchase and assumption agreement with Millennium Bank of Des Plaines, Illinois, to assume all deposits of Pulaski Savings Bank.

The FDIC preliminarily estimates that the failure will cost its Deposit Insurance Fund (DIF) about $28.5 million. The estimate will change over time as assets are sold. Suspected fraud caused the higher estimated cost to the DIF.

The Office of the Comptroller of the Currency has issued its January 2025 announcement of enforcement actions. Included were:

• The previously announced Cease and Desist Order against Bank of America, N.A., for violations and unsafe or unsound practices related to the bank's BSA/AML and sanctions compliance programs
• The previously announced Order of Prohibition and Order for Civil Money Penalty against Claudia Russ Anderson and Orders to Cease and Desist and Orders for Civil Money Penalty against David Julian and Paul McLinko, all former executives at Wells Fargo Bank, N.A.
• An Order of Prohibition against Brian Hernandez, a former financial services representative at a Queens, New York, branch of TD Bank, N.A., Wilmington, Delaware, for accessing the accounts of two elderly bank customers and making unauthorized ATM withdrawals totaling at least $187,000
• An Order of Prohibition against De'Anna Herrell, a former teller at and Atlanta, Georgia, branch of Wells Fargo Bank, N.A., Sioux Falls, South Dakota, for cashing a series of checks that she knew or had reason to know were fraudulent, resulting in a loss of at least $117,000 to the bank
• An Order of Prohibition against Cassandra Meadows, a former lead customer service representative at a Plainfield, Indiana, branch of Fifth Third Bank, N.A., Cincinnati, Ohio, for misappropriating at least $15,000 from the bank’s vault and the accounts of three bank customers, including an elderly customer’s account
• An Order of Prohibition against Nakyra Singletary, a former customer service and support representative at PNC Bank, N.A., Wilmington, Delaware, for providing confidential bank customer information to a third-party not employed by the bank, resulting in the misuse of customer information, fraud against bank customers, and a loss of at least $47,000 to the bank
• An Order of Prohibition and Cease and Desist Order against David Wu, a former loan officer at Sterling Bank and Trust, FSB, Southfield, Michigan, and current mortgage broker. While employed as a loan officer at Sterling, Wu did not disclose that he originated loans for clients of his closely held mortgage brokerage company. As a mortgage broker, Wu also used fraudulent means, including making false statements, concealing or otherwise not disclosing his role and fees, impersonating both applicants and their purported employers, and providing fraudulent or falsified documents, to cause Citizens Bank, N.A., Providence, Rhode Island, to originate mortgage loans for his clients and himself.

The OCC also updated its enforcement actions search tool to allow users to search for enforcement actions issued since 2012 by subject matter and to easily view subject matters covered in those actions. This update provides additional transparency into and search capability for the contents of the public enforcement action database.

The Federal Trade Commission has announced it has finalized changes to the Children’s Online Privacy Protection Rule to set new requirements around the collection, use and disclosure of children’s personal information and give parents new tools and protections to help them control what data is provided to third parties about their children.

The final rule requires parents to opt in to third-party advertising and includes other changes to address the emerging ways that consumers’ data is collected and used by companies, and particularly how children’s data is being shared and monetized.

The COPPA Rule, which first went into effect in 2000, requires certain websites and other online services to obtain verifiable parental consent before collecting, using or disclosing personal information from children under 13. It also provides other important rights for parents, including the right to require operators to delete personal information collected from their children, and imposes independent obligations on covered operators, for example with respect to data minimization and data retention.

The FTC's final rule makes several changes to the COPPA rule, including:

• Requiring opt-in consent for targeted advertising and other disclosures to third parties
• Limits on data retention
• Increasing Safe Harbor programs' transparency
• Amendments to several definitions, including expanding the definition of personal information to include biometric identifiers as well as government-issued identifiers

The final rule will become effective 60 days of its publication in the Federal Register. Compliance will be mandatory one year after publication.

The CFPB has updated its Electronic Fund Transfer FAQs. New Transactions Coverage question 6 asks whether the compulsory use prohibition applies to tips, and is directed to employers whose employees receive compensation in the form of tips or gratuities. After explaining its reasoning, the CFPB's answer is "... employers are prohibited by EFTA and Regulation E from requiring workers to establish an account with a particular financial institution to receive tips."

The CFPB on Thursday announced it has ordered Block, Inc., the operator of the peer-to-peer payments app Cash App, to refund and pay other redress to consumers up to $120 million and pay a penalty of $55 million into the CFPB’s victims relief fund. The Bureau found that Block employed weak security protocols for Cash App and put its users at risk. While Block is required by law to investigate and resolve disputes about unauthorized transactions, the company’s investigations were woefully incomplete. Block directed users — who had suffered financial losses as a result of fraud — to ask their bank to attempt to reverse transactions, which Block would subsequently deny. Block also deployed a range of tactics to suppress Cash App users from seeking help, reducing its own costs.

Specifically, the CFPB found that Block:

• Failed to provide effective customer service for Cash App, including by failing to provide live telephone agents, which prevented consumers from being able to have their financial issues addressed in a proper and timely fashion and resulted in fake customer service lines through which consumers’ information would be stolen, in a manner that was unfair in violation of the Consumer Financial Protection Act of 2010 (CFPA).
• Failed to take timely, appropriate, and effective measures to prevent, detect, limit, and address fraud on the Cash App platform in a manner that was unfair in violation of the CFPA.
• Used the card network chargeback process as a substitute for fulfilling its obligations under the Electronic Fund Transfer Act (EFTA) and Regulation E to investigate and resolve disputes about unauthorized transactions in a timely manner in violation of the CFPA’s prohibition on unfair practices.
• Engaged in deception by misrepresenting that it protected consumers from unauthorized transfers and had a telephone line to report such unauthorized transfers.
• Failed to comply in multiple ways with the requirements of EFTA and Regulation E, including regarding error resolution.