Top Story Technology Related

The Office of the Comptroller of the Currency reports it is issuing a Request for Information (RFI) on the key challenges and barriers faced by community banks in the adoption and implementation of digital banking solutions.

The OCC said it supports the strengthening and modernization of community banks and aims to facilitate community banks’ safe, sound, and fair transition to digital banking, including with regard to arrangements with technology providers and supporting a level playing field. The RFI will help the OCC better understand the specific obstacles that community banks encounter in their efforts to modernize operations, enhance customer experience, and remain competitive in an increasingly digital financial services environment.

Comments on the RFI will be accepted for 45 days following Federal Register publication.

The California Department of Financial Protection and Innovation (DFPI) has issued a Consent Order against Hatch Bank, a state-chartered, FDIC-insured, Banking as a Service (BaaS) sponsor bank, requiring its Board of Directors to strengthen its supervision and direction of bank management, and its monitoring of the bank's AML/CFT program. The order results from a March 2024 Report of Examination by the DFPI and FDIC that identified unsafe or unsound banking practices, reportedly connected to the bank's third-party-fintech business model.

The case is of importance as it may be one of the first times that a state has pursued a state-chartered BaaS bank on its own, instead of jointly with a federal agency involved. In this case, the order was issued only by the California DFPI. To date, no parallel enforcement action has been issued by the FDIC. In addition, the timing for remediation in the order is very short compared to what we have traditionally seen.

The bank is ordered to revise its written AML/CFT risk assessment to accurately reflect the bank's fintech partnerships, customer types, volumes, and geographies within 60 days. Within 90 days, it must also improve its policies for internal controls, transaction alert review and SAR processes, customer due diligence, monitoring model evaluations, and staffing adequacy.

The bank must also make periodic reviews of every vendor or fintech partner that provides BSA functions such as customer due diligence, monitoring, case management, etc.

On April 29, Acting Comptroller of the Currency Rodney E. Hood discussed the role of artificial intelligence in financial services in recorded remarks at the National Fair Housing Alliance’s Responsible AI Symposium.

In his remarks, Acting Comptroller Hood highlighted the OCC's work to ensure AI and other technologies are used ethically and responsibly within the banking industry. He also discussed the OCC’s work to promote innovation in the banking system through Project REACh.

The Social Security Administration (SSA) on Friday announced it is taking steps to provide a significant enhancement for "my Social Security" account holders, by introducing secure digital access to their Social Security number (SSN). This innovative feature is designed to provide the American public with a modernized, secure, and accessible alternative to the traditional physical SSN card.

The digital SSN feature will allow account holders to conveniently display their SSN, when needed, for reasons other than handling Social Security matters. This enhancement will provide individuals who have forgotten their SSN or misplaced their SSN cards a simple solution allowing them to securely view their SSN online through the my Social Security portal. This will reduce their need for an in-person visit and/or having to wait to receive their SSN card through the mail. They will be able to access it via my Social Security on their mobile devices. By providing a secure digital option, SSA aims to reduce the risk of lost or stolen cards and enhance the overall user experience.

[Editor's Note: There does not appear to be any mention of this enhancement yet on the my Social Security portal.]

On May 24, 2024, the CFPB filed a "Statement of Interest in Support of Plaintiff" in a lawsuit brought by New York Attorney General against Citibank N.A. [see "CFPB argues Reg E protects consumers from some wire transfer fraud," May 30, 2024]. The filing sought to advance a new interpretation of the Electronic Funds Transfer Act that would functionally amend Regulation E.

The Bureau has now concluded that this filing was highly irregular and inappropriate. Agencies cannot amend regulations through litigation filings, which do not give fair notice to regulated parties or follow the requirements of the Administrative Procedure Act. The Bureau thus disclaims the positions advanced in the filing and has moved the Court to withdraw it.

Various sources have reported that Paul R. Paoletta, Chief Legal Officer for the CFPB, has released a memo to Bureau staff outlining new supervision and enforcement priorities for 2025. In the memo, Paoletta listed these key points, as recently reported in Troutman Pepper Locke's Consumer Financial Services Law Monitor:

Reduction in Supervisory Exams
The Bureau will decrease the overall number of supervisory exams by 50% to reduce the cost of running businesses and consumer prices. The focus will be on conciliation, correction, and remediation of harms subject to consumer complaints.

Shift Back to Depository Institutions
The CFPB will shift its focus back to depository institutions. In 2012, 70% of the Bureau’s supervision focused on banks and depository institutions, but this has since changed, with over 60% of examinations performed on nonbanks. The Bureau aims to return to the 2012 proportion and focus on the largest banks and depository institutions.

Focus on Actual Fraud
The Bureau will prioritize cases involving actual fraud against consumers, with identifiable victims and measurable damages. Key areas include:

• Mortgages (highest priority)
• FCRA/Reg V related to data furnishing violations
• FDCPA/Reg F related to consumer contracts/debts
• Various fraudulent overcharges and fees
• Inadequate controls to protect consumer information resulting in actual loss

Redress for Tangible Harm
The CFPB will focus on getting money back directly to consumers rather than imposing penalties to fill the Bureau’s penalty fund.

Support for Service Members and Veterans
The Bureau will prioritize providing redress to service members, their families, and veterans.

Respect for Federalism
The Bureau will deprioritize participation in multi-state exams unless required by statute and minimize duplicative enforcement where state regulators are already engaged.

Coordination with Other Federal Agencies
The CFPB will eliminate duplicative supervision and coordinate exam timing with other federal regulators.

Avoidance of Novel Legal Theories
The Bureau will not pursue supervision under novel legal theories and will focus on areas clearly within its statutory authority.

Fair Lending Enforcement
The Bureau will not engage in redlining or bias assessment supervision based solely on statistical evidence. It will pursue matters with proven intentional racial discrimination and identified victims.

The Federal Reserve Board has announced the withdrawal of guidance for banks related to their crypto-asset and dollar token activities and related changes to its expectations for these activities. These actions ensure the Board's expectations remain aligned with evolving risks and further support innovation in the banking system.

The Board is rescinding—

• SR 22-6/CA 22-6: Engagement in Crypto-Asset-Related Activities by Federal Reserve-Supervised Banking Organizations
• SR 23-8 / CA 23-5: Supervisory Nonobjection Process for State Member Banks Seeking to Engage in Certain Activities Involving Dollar Tokens (withdrawn)

The Board and the FDIC are joining the Office of the Comptroller of the Currency in withdrawing from two 2023 statements jointly issued by the federal bank regulatory agencies regarding banks' crypto-asset activities and exposures. The Board will work with the agencies to consider whether additional guidance to support innovation, including crypto-asset activities, is appropriate.

• Joint Statement on Crypto-Asset Risks to Banking Organizations (withdrawn)
• Joint Statement on Liquidity Risks to Banking Organizations Resulting from Crypto-Asset Market Vulnerabilities (withdrawn)
• Related FDIC Press Release

The Federal Trade Commission has approved a final consent order against accessiBe Inc. and accessiBe Ltd., for falsely claiming their plug-in accessWidget can make any website compliant with Web Content Accessibility Guidelines (WCAG). The order prohibits accessiBe from making misleading claims and requires the company to pay $1 million.

The FTC’s January 2025 proposed complaint alleged that despite the company’s claims, accessWidget did not make all user websites WCAG-compliant and these claims were false, misleading, or unsubstantiated. In addition, the complaint alleged that accessiBe deceptively formatted third-party articles and reviews to appear as if they were independent opinions and failed to disclose the company’s material connections to the supposedly objective reviewers.

The final order bars accessiBe from representing that its automated products can make any website WCAG-compliant or can ensure continued compliance with WCAG over time, unless it has the evidence to support such claims.

BankingDive reported yesterday that Coinbase is considering applying for a federal bank charter, according to a company spokesperson, as cryptocurrency firms seek to capitalize on recent regulatory easing. The BankingDive article said that Coinbase is one of four crypto companies identified by the Wall Street Journal Monday as currently planning to seek a bank charter, alongside crypto custodian BitGo and stablecoin issuers Circle and Paxos.

Last month, the OCC rescinded a Biden-era requirement that banks obtain supervisory non-objection before engaging in crypto-related activities. One benefit crypto firms would see after obtaining a bank charter is direct access to the payments system.

FDIC Financial Institution Letter FIN-11-2025, issued yesterday, announces that the FDIC is changing the virtual data room (VDR) contractor used to market failing financial institutions. Beginning in May 2025, the FDIC will begin using the ShareVault VDR, instead of the current vendor, DFIN Solutions Venue. for all new projects. The change is the result of a competitive bidding process.

The FDIC has used VDRs to market failing institutions since 2000. A VDR is a secure web site that the FDIC populates with information about failing insured institutions. The FDIC gives qualifying financial institutions access to the VDR, which helps them determine their interest in purchasing a failing financial institution and evaluate the offering. Users must first sign a confidentiality agreement before they gain entry to the VDR.