Top Stories

Our monthly review of the Federal Reserve Board's archive of Community Reinvestment Act evaluations found that the Reserve Banks released ten evaluations of state-chartered member banks in the month of October, all with Satisfactory ratings.

The CFPB has announced a consent order filed in an Administrative Proceeding against Navy Federal Credit Union for charging "illegal overdraft fees." The Bureau said that, from 2017 to 2022, Navy Federal charged customers surprise overdraft fees on certain ATM withdrawals and debit card purchases, even when their accounts showed sufficient funds at the time of the transactions. The CFPB is ordering Navy Federal to refund more than $80 million to consumers, stop charging illegal overdraft fees, and pay a $15 million civil penalty to the CFPB’s victims relief fund.

The CFPB said Navy Federal illegally charged it members' accounts in two ways.

1. Charging OD fees on "approved positive, settled negative" or APSN debit card transactions, collecting an average of $44 million a year, in spite of warnings about such fees by federal regulators, including the CFPB and the Federal Reserve Board, as early as 2015.
2. Charging member accounts that received money via Zelle, PayPal, and similar peer-to-peer payment services when Navy Federal's systems showed those funds as immediately available, but the credit union failed to disclose that payments received after 10:00 a.m. Eastern (later 8:00 p.m.) would not actually post to the accounts until the next business day. Some members tried using those funds and were charged OD fees.

In addition to the order's requirement to pay the $15 million civil money penalty and $80 million in refunds to Navy Federal members, it includes a provision banning Navy Federal from charging OD fees for APSN transactions or resulting from delayed posting of funds received from peer-to-peer payment networks.

The Federal Reserve Board has released the Statement of the Federal Open Market Committee following its meeting on November 6 and 7. The committee said that recent indicators suggest that economic activity has continued to expand at a solid pace. Since earlier in the year, labor market conditions have generally eased, and the unemployment rate has moved up but remains low. Inflation has made progress toward the Committee's 2 percent objective but remains somewhat elevated.

The Committee "decided to lower the target range for the federal funds rate by 1/4 percentage point to 4-1/2 to 4-3/4 percent. In considering additional adjustments to the target range for the federal funds rate, the Committee will carefully assess incoming data, the evolving outlook, and the balance of risks. The Committee will continue reducing its holdings of Treasury securities and agency debt and agency mortgage‑backed securities. The Committee is strongly committed to supporting maximum employment and returning inflation to its 2 percent objective."

The implementation note released with the Minutes indicates that the Board of Governors voted unanimously to lower the interest rate paid on reserve balances to 4.65 percent, effective November 8, 2024, and to approve a 1/4 percentage point decrease in the primary credit rate to 4.75 percent, effective November 8, 2024.

The OCC has announced its designation of Dewayne Lott, Ron Pasch, and Tanya Smith as Senior National Bank Examiners.

The Senior National Bank Examiner designation recognizes examiners who have distinguished themselves through high-quality performance and service as field examiners, subject matter experts, and advisors on highly complex and technical bank supervision issues. This is the highest honor bestowed on national bank examiners.

The FTC has reported it has charged Sitejabber, a company offering an AI-enabled consumer review platform, deceived consumers by misrepresenting that ratings and reviews it published came from customers who experienced the reviewed product or service, artificially inflating average ratings and review counts.

Under a proposed order settling the agency’s complaint, Sitejabber will be prohibited from making such misrepresentations in the future and from making other misrepresentations about consumer ratings or reviews.

According to the FTC’s complaint, GGL Projects, Inc., which does business as Sitejabber, collected ratings and reviews for its online business clients from consumers at the time of purchase, before they received or had the chance to experience the products or services they bought. For example, after online customers checked out, they were asked to “rate your overall shopping experience so far” on a 5-star scale and then to “type a quick message about your shopping experience so far.” Sitejabber allegedly used these point-of-sale ratings and reviews to deceptively inflate the average ratings and review counts of its clients on the company’s review platform, claiming that the ratings “indicat[e] that most customers are generally satisfied with their purchases.”

The Federal Housing Finance Agency has announced two partnerships involving Fannie Mae, Freddie Mac, and Federal Home Loan Banks (FHLBanks) to boost awareness and liquidity for programs that expand housing access for tribal communities.

In one partnership, the FHLBank of Des Moines will promote a Freddie Mac mortgage product intended to improve credit access for federally recognized Native American tribes. In the other, Fannie Mae will purchase loans originated through the FHLBank Mortgage Partnership Finance (MPF) program — administered by the FHLBank of Chicago — to increase mortgage liquidity for tribal communities.

• Fannie Mae and FHLBank of Chicago press release
• Freddie Mac and FHLBank of Des Moines press release

Yesterday, the Treasury Department reported that OFAC has designated one individual and one entity who support a corrupt patronage network in Bosnia and Herzegovina (BiH) that is attempting to evade U.S. sanctions.

For the names and identification information of the designated individual and entity, see yesterday's BankersOnline OFAC Update.

The Federal Trade Commission yesterday announced it has filed a complaint against Dave, Inc., a Delaware corporation behind the "Dave" online cash advance app, for allegedly using misleading marketing to deceive consumers about the amount of its cash advances, charging consumers undisclosed fees, and charging so-called “tips” to consumers without their consent.

Dave describes the consumers it targets as being “financially vulnerable” or “financially coping,” including those whose spending exceeds their income, who have minimal savings, and who overdraft their bank accounts frequently. Dave’s advertising is dominated by claims that consumers can receive “up to $500” by using Dave, and that they can do so “instantly.” According to the FTC’s complaint, though, Dave’s service failed to live up to its promises. Despite promising “instant” or “on the spot” access to advances, Dave requires users to pay an “Express Fee” to get instant access to that money that is not disclosed until after the sign-up process is complete and the user has given Dave access to their bank account, according to the complaint. This fee ranges from $3 to $25, and consumers who do not pay the fee have to wait two to three business days to receive their advance.

Dave’s undisclosed charges go beyond this Express Fee, though, according to the complaint. Consumers who take advances from Dave are often charged a surprise fee of 15% of their advance that’s described by Dave as a “tip.” Many consumers are either unaware that Dave is charging them or unaware that there is any way to avoid being charged. Dave’s interface leads consumers to believe that, for every percentage of tip they are giving, Dave is donating an actual healthy meal to a needy child. But, according to the complaint, Dave donates just 10 cents for each percentage in “tip” the consumer clicks on and keeps the rest of the “tip” amount. Dave’s donation does not pay for the food required to actually provide a meal. Dave has reported receiving more than $149 million in revenue for these "tips" alone from 2022 through the first half of 2024. Dave also charges a poorly disclosed $1 monthly "membership fee" charged directly to members' bank accounts, and makes it difficult for consumers to cancel their membership.

The FTC's complaint seeks a permanent injunction, a monetary judgment, and other relief.

The FDIC has announced it will introduce a new online tool to help financial institutions, investors, and other interested groups to identify neighborhoods that could benefit from banking services. The FDIC’s new Minority Banking Opportunity Explorer will be presented at a meeting of the agency’s Minority Depository Institutions (MDI) Subcommittee to the Advisory Committee on Community Banking today.

This new tool supports FDIC’s statutory mission to promote and encourage the creation of new minority depository institutions by assisting financial institution organizing groups with exploring potential business opportunities in areas that may meet the "community served" part of an MDI designation. The tool can also support existing MDIs’ growth by identifying new branch locations or advertising opportunities.

The FDIC has issued Financial Institution Letters with guidance to help financial institutions and facilitate recovery in areas affected by severe weather.

• FIL-78-2024 for financial institutions in areas of South Dakota affected by the Cheyenne River Sioux Tribe severe storm, straight-line winds, and flooding on July 13 and 14, 2024
• FIL-79-2024 for financial institutions in areas of New Mexico affected by a severe storm and flooding on October 19 and 20, 2024

The Federal Trade Commission yesterday announced it has taken action against Global Circulation, Inc. (GCI), a Georgia-based debt collector that tricked consumers into paying more than $7.6 million in bogus debt by threatening them with jail time, harassing their family members, and other unlawful actions. In response to a federal court complaint filed against GCI and its owner, Kenneth Redon III, the court agreed to temporarily halt the company’s operation and ordered it to turn its assets over to a court-appointed receiver.

In its complaint, the FTC alleges that GCI and Redon contacted consumers under a number of fictitious company names, including Total Mediation Solutions, Total Consumer Solutions, and Consumer Impact Recovery. The company’s collectors call consumers out of the blue and threaten them with arrest, wage garnishment, and lawsuits if they don’t pay a supposed debt. However, the debts GCI is attempting to collect either don’t exist at all or are not debts GCI can legally collect. The company’s calls to consumers can be incessant, with some receiving calls multiple times a day, leaving voicemails saying to call about an urgent legal matter. When consumers answer, they’re told that, unless they pay the bogus debts on that phone call using a credit or debit card, they’ll face legal peril.

The complaint alleges that GCI’s deceptive statements and the urgency behind them have helped convince thousands of consumers to pay at least $7.6 million in bogus debts to the company.

FinCEN recently announced that certain victims of Hurricane Milton, Hurricane Helene, Hurricane Debby, Hurricane Beryl, and Hurricane Francine will receive an additional six months to submit beneficial ownership information reports, including updates and corrections to prior reports.

FinCEN has issued the five Notices below extending the filing deadlines for reporting companies that 1) have an original reporting deadline beginning one day before the date the specified disaster began and ending 90 days after that date, and 2) are located in an area that is designated both by the Federal Emergency Management Agency as qualifying for individual or public assistance and by the Internal Revenue Service as eligible for tax filing relief.

Notice regarding—

• Hurricane Milton
• Hurricane Helene
• Hurricane Debby
• Hurricane Beryl
• Hurricane Francine

The FDIC has released a list of 51 banks examined for Community Reinvestment Act compliance whose evaluations were recently made public. Forty-seven of the banks on the list received ratings of Satisfactory. Three banks received Needs to Improve ratings.

We congratulate NorthEast Community Bank, White Plains, New York, on its receipt of a rating of Outstanding.

The CFPB has announced it has filed a Proposed final judgment and order to resolve its case against Townstone Financial for discriminatory lending practices and redlining African American neighborhoods in Chicago.

If entered by the court, the proposed order would prohibit Townstone from taking any actions that violate the Equal Credit Opportunity Act (ECOA) and require the company to pay a $105,000 penalty to the CFPB’s victims relief fund. Today’s action follows lengthy contested litigation and a unanimous July 2024 decision from the United States Court of Appeals for the Seventh Circuit that stated that the ECOA prohibits lenders from discouraging prospective applicants on a prohibited basis from applying for loans.

The Seventh Circuit’s decision held unanimously that “an analysis of the text of the ECOA as a whole makes clear that the text prohibits not only outright discrimination against applicants for credit, but also the discouragement of prospective applicants for credit,” which is consistent with the Bureau’s regulation (Regulation B) interpreting ECOA.

• 2020 Complaint
• 2020 Amended Complaint
• U.S. Court of Appeals Opinion
• Stipulated final judgment and order
• Stipulated dismissal - Sturner

The Federal Housing Finance Agency has announced its issuance of Advisory Bulletin 2024-05, "Affordable Housing Program: Determining the Need for Affordable Housing Program Subsidy In Rental Projects," that simplifies the process for project sponsors to receive Federal Home Loan Bank (FHLBank) funds for affordable housing projects.

The Advisory Bulletin reinforces the importance of scrutinizing funding requests, using rigorous feasibility guidelines based on sound reasoning, to ensure that Affordable Housing Program (AHP) funds support the projects most in need. The bulletin provides for a streamlined compliance process and eliminates uncertainty for project sponsors about the amount of their AHP award. It also provides further clarity to the FHLBanks on determining the need for an AHP subsidy when a rental project includes capitalized reserves and supportive services.

The FBI, the Treasury Department, and the Israel National Cyber Directorate have issued a Cybersecurity Advisory (CSA) to warn network defenders of new cyber tradecraft of the Iranian cyber group Emennet Pasargad, which has been operating under the company name Aria Sepehr Ayandehsazan (ASA) and is known by the private sector terms Cotton Sandstorm, Marnanbridge, and Haywire Kitten.

The group exhibited new tradecraft in its efforts to conduct cyberenabled information operations into mid-2024 using a myriad of cover personas, including multiple cyber operations that occurred during and targeting the 2024 Summer Olympics – including the compromise of a French commercial dynamic display provider. ASA has also undertaken a project to harvest content from IP cameras and used online resources related to Artificial Intelligence. Since 2023, the group has exhibited new tradecraft including the use of fictitious hosting resellers to provision operational server infrastructure to its own actors as well as to an actor in Lebanon involved in website hosting. Recently released reporting from Microsoft indicates this group has demonstrated interest in election-related websites and media outlets, suggesting preparations for future influence operations.

The CSA provides the threat group’s tactics, techniques, and procedures (TTPs), including its leveraging of online resources related to Artificial Intelligence, and indicators of compromise (IOCs). The CSA also highlights similar activity from a previous FBI advisory that was published on 20 October 2022. This new advisory’s information and guidance are derived from FBI investigative activity and technical analysis of this group’s intrusion activity against U.S. and foreign organizations and engagements with numerous entities impacted by this malicious activity.

The authoring agencies recommend all organizations follow guidance provided in the Mitigations section to defend against the Iranian cyber group’s activities.

The Internal Revenue Service on Friday announced that the amount individuals can contribute to their 401(k) plans in 2025 has increased to $23,500, up from $23,000 for 2024. The IRS also issued technical guidance regarding all cost‑of‑living adjustments affecting dollar limitations for pension plans and other retirement-related items for tax year 2025 in Notice 2024-80.

The limit on annual contributions to an IRA remains $7,000. The IRA catch‑up contribution limit for individuals aged 50 and over was amended under the SECURE 2.0 Act of 2022 (SECURE 2.0) to include an annual cost‑of‑living adjustment but remains $1,000 for 2025.

The Securities and Exchange Commission has announced it has charged J.P. Morgan Securities LLC (JPMS) and J.P. Morgan Investment Management Inc. (JPMIM) – both affiliates of JPMorgan Chase & Co. (JP Morgan) – in five separate enforcement actions for failures including misleading disclosures to investors, breach of fiduciary duty, prohibited joint transactions and principal trades, and failures to make recommendations in the best interest of customers.

Without admitting or denying the findings in the SEC’s orders, the two affiliates agreed to pay more than $151 million in combined civil penalties and voluntary payments to investors to resolve four of the ­actions. The SEC did not impose a penalty in one of the actions, taken against JPMS, because JPMS cooperated in the investigation and undertook remedial measures.

SEC Orders:

• J.P. Morgan Securities LLC - 1
• J.P. Morgan Securities - 2
• J.P. Morgan Securities - 3
• J.P. Morgan Investment Management Inc. - 1
• J.P. Morgan Investment Management Inc. - 2

The NCUA has announced it issued three consent orders and one prohibition notice in October permanently prohibiting individuals from participating in the affairs of any federally insured depository institution.

Consent orders were issued to:

• Gloria J. Hall, a former employee of Prairie View Federal Credit Union, Prairie View, Texas
• Diane Stephens, a former employee of Priority First Federal Credit Union, Du Bois, Pennsylvania
• Laurie Allen, a former employee of Vibrant Credit Union, Danville, Illinois

A Notice of Prohibition was issued to Salusthian Lutamile, a former employee of IDB Global Federal Credit Union, Washington, D.C.

The CFPB yesterday announced it has joined with the Centers for Medicare & Medicare Services (CMS) in a joint statement to protect people with Medicare living at or below the poverty line from unlawful medical bills. These people in the Qualified Medicare Beneficiary group represent about one in eight Medicare recipients nationwide. Federal law generally prohibits healthcare providers who accept Medicare from billing these people – referred to as “QMBs” – for cost-sharing, such as co-pays or deductibles.

The agencies' joint statement emphasizes that Traditional Medicare providers and suppliers, Medicare Advantage providers and suppliers, and debt collectors can be sanctioned by CMS or be liable under federal law for improperly billing these recipients. CMS is also releasing new resources clarifying that healthcare providers must refund any improper charges, regardless of whether they received incorrect information about a recipient's QMB status from Medicare Advantage plans.

The joint statement describes the CMS guidance issued yesterday and explains how the laws that the CFPB administers and enforces apply to improper debt collection of QMBs. Specifically, the statement explains:

• Debt collectors may not collect on improper and inaccurate bills targeting Medicare beneficiaries. The Fair Debt Collection Practices Act prohibits collecting bills that are not actually owed or are in the wrong amount.
• Debt collectors may not tarnish credit reports with improper and inaccurate bills. Furnishing inaccurate information may violate the Fair Credit Reporting Act, and may also demonstrate that furnishers do not verify the accuracy of information they furnish.

The CFPB yesterday announced action against VyStar Credit Union for harming consumers through its botched rollout of a new online banking system. In May 2022, VyStar transitioned to a new, dysfunctional online banking platform that made it difficult for credit union members to perform basic banking functions for weeks, with some features unavailable for more than six months. Families incurred fees and costs as a result of these problems. The CFPB is ordering VyStar to ensure that all consumers are made whole. VyStar must also pay a $1.5 million civil penalty to the CFPB’s victims relief fund.

VyStar, formerly known as JAX Navy Federal Credit Union, is a Florida state-chartered credit union headquartered in Jacksonville with 70 branches in Florida and 10 branches in Georgia. VyStar is one of the largest credit unions in the country, with approximately $14.75 billion in total assets and over 980,000 members. In May 2022, VyStar attempted to launch a new virtual banking platform. VyStar anticipated banking services would be inaccessible for several days during the transition to the new platform, but it turned out to be much longer. The new system crashed upon launch because VyStar brought it online prematurely and failed to establish or follow critical processes to ensure its success. The platform was taken offline soon after launch. Upon bringing the system back online, the new platform lacked key banking services, some of which were not restored for months.

For further details, see “VyStar CU pays $1.5M for botched systems upgrades” in BankersOnline’s Penalties pages.

• NCUA Chairman Harper and Board Member Otsuka Statements on CFPB's VyStar Credit Union action

The Federal Emergency Management Agency today published [89 FR 87299] a final rule revising the National Flood Insurance Program's regulations to offer NFIP policyholders who are not required to escrow their premiums and fees for flood insurance the option of paying their annual flood insurance premium in monthly installments.

The rule will become effective December 31, 2024.

FDIC FIL-77-2024, issued yesterday, describes steps intended to provide regulatory relief to financial institutions and facilitate recovery in areas affected by the Havasupai Tribe Flooding August 22–23, 2024..

Yesterday, the Treasury Department reported that OFAC had sanctioned five Mexican nationals and two Mexico-based entities linked to La Linea, a violent Mexico-based drug trafficking organization responsible for trafficking fentanyl and other deadly drugs into the United States.

See BankersOnline’s October 31, 2024, OFAC Update for the names and identifying information of the designated individuals and businesses .

The Federal Reserve System has issued the third 2024 issue of Consumer Compliance Outlook. This issue includes articles on:

• Top Federal Reserve System Compliance Violations in 2023 Under the Flood Disaster Protection Act of 1973
• Top Federal Reserve System Compliance Violations in 2023 Under the Real Estate Settlement Procedures Act and Regulation X
• Consumer Compliance Requirements for Purchasers of Residential Mortgage Loans
• Consumer Compliance Requirements for Servicers of Purchased Mortgage Loans

FinCEN has reported that the Financial Action Task Force (FATF), an intergovernmental body that establishes international standards for anti-money laundering, countering the financing of terrorism, and countering the financing of proliferation of weapons of mass destruction (AML/CFT/CPF), updated its lists of jurisdictions with strategic AML/CFT/CPF deficiencies at the conclusion of its plenary meeting this month. FinCEN said U.S. financial institutions should consider the FATF’s stance toward these jurisdictions when reviewing their obligations and risk-based policies, procedures, and practices.

On October 25, 2024, the FATF added Algeria, Angola, Côte d’Ivoire, and Lebanon to its list of Jurisdictions Under Increased Monitoring and also removed Senegal from the list.

The FATF’s list of High-Risk Jurisdictions Subject to a Call for Action remains the same, with Iran, the Democratic People’s Republic of Korea (DPRK), and Burma subject to calls for action. Iran and DPRK are still subject to the FATF’s countermeasures, while Burma is still subject to the application of enhanced due diligence, but not countermeasures

The Department of the Treasury has announced it has sanctioned 275 individuals and entities involved in supplying Russia with advanced technology and equipment that it desperately needs to support its war machine. Yesterday’s action targets both individual actors and sprawling sanctions evasion networks across 17 jurisdictions, including India, the People’s Republic of China (PRC), Switzerland, Thailand, and Türkiye. In addition to disrupting global evasion networks, this action also targets domestic Russian importers and producers of key inputs and other materiel for Russia’s military-industrial base.

Treasury reported that the Department of State also targeted sanctions evasion and circumvention in multiple third countries, including several PRC-based companies exporting dual-use goods that fill critical gaps in Russia’s military-industrial base and entities and individuals in Belarus related to the Lukashenka regime’s support for Russia’s defense industry. State also targeted several senior Russian Ministry of Defense officials and defense companies and those supporting Russia’s future energy production and exports.

For the names and identification information of the designated parties, see yesterday’s BankersOnline OFAC Update.

A CFPB blog article reports that the Bureau, through JND Legal Administration, has begun distributing refund checks to over 250,000 consumer harmed by leasing company Tempoe, LLC. Tempoe offered point-of-sale financing at major retailers, including Sears and Kmart. The CFPB took action against the company for tricking customers into expensive leasing agreements by hiding the contract terms and costs. Tempoe’s practices left hundreds of thousands of customers on the hook to pay for merchandise they couldn’t afford or return. Tempoe generated approximately $192 million in revenues from about 325,000 consumers from its unlawful conduct.

As a result of the CFPB’s enforcement action, Tempoe was permanently banned from offering consumer leases. They were also required to close any existing lease agreements and release customers from making any further payments on their leased merchandise.

The Federal Trade Commission reports it is sending more than $1 million in refunds to consumers who were allegedly harmed by Rhinelander Auto Center’s junk fees and discriminatory practices.

The FTC and State of Wisconsin took action against Rhinelander Auto and its general manager in 2023, alleging that they regularly charged many customers junk fees for “add-on” products or services without the customer’s consent. The defendants also discriminated against American Indian customers in the cost of financing by adding more “markup” to their interest rates, according to the complaint.

The FTC is sending checks to 7,531 consumers.

The Federal Housing Finance Agency has reported that U.S. house prices rose 0.3 percent in August, according to the FHFA seasonally adjusted monthly House Price Index (HPI). House prices rose 4.2 percent from August 2023 to August 2024. The previously reported 0.1 percent price increase in July was revised upward to 0.2 percent.

For the nine census divisions, seasonally adjusted monthly price changes from July 2024 to August 2024 ranged from -0.1 percent in the East North Central and New England divisions to +0.9 percent in the West North Central division. The 12-month changes were all positive, ranging from +2.4 percent in the West South-Central division to +6.3 percent in the East North Central division.

The Treasury Department has announced the release of the National Strategy for Financial Inclusion in the United States, which identifies objectives and recommendations for policymakers, industry, employers, and community organizations to advance consumer access to safe financial products and services and strengthen financial security. The Strategy was requested in 2023 by Congress and has been informed by Treasury’s research and engagement with experts, community leaders, industry representatives, and other federal agencies, including public input through a Request for Information.

Objectives and key recommendations of the Strategy include:

• Promote access to transaction accounts that meet consumer needs
• Increase access to safe and affordable credit
• Expand equitable access to savings and investments
• Improve the inclusivity of financial products and services provided or backed by the government
• Foster trust in the financial system by protecting consumers from illegal and predatory practices

Treasury invited all stakeholders to engage with this Strategy, to innovate, and to collaborate in creating a more inclusive financial landscape.

• Fact Sheet on the report and recommendations

The Federal Housing Finance Agency has announced updates to several Fannie Mae and Freddie Mac (the Enterprises) policies that are intended to enhance efficiencies and promote cost savings in the single-family mortgage market. These policy updates are the result of engagement with public- and private-sector stakeholders and cover four key policy areas:

• Expanded eligibility for appraisal waivers on purchase loans
• Expanded Uniform Appraisal Dataset (UAD) to include Federal Housing Administration (FHA) data
• Expanded eligibility for Freddie Mac performing loan repurchase alternative pilot
• Advance notice of certain Enterprise pricing increases

Additional information can be found in these press releases:

• Fannie Mae Appraisal Waiver press release
• Freddie Mac Appraisal Waiver press release
• Freddie Mac Performing Loan Repurchase Alternative Pilot press release
• Joint FHFA/HUD press release on expanded scope of public appraisal data

The FDIC has released its list of enforcement actions issued in September 2024. Among the ten actions listed, there were four consent orders, four orders terminating consent orders, and two orders terminating deposit insurance.

The consent orders were issued to:

• Industry State Bank, Industry, TX (jointly issued with the Texas Department of Banking)
• Fayetteville Bank, Fayetteville, TX ((jointly issued with the Texas Department of Banking)
• Citizens State Bank, Buffalo, TX (jointly issued with the Texas Department of Banking)
• International Bank of Chicago, Chicago, IL (jointly issued with the Illinois Department of Financial and Professional Regulation Division of Banking)

The orders terminating deposit insurance were issued to:

• Algonquin State Bank, Algonquin, IL (not engaged in the business of receiving deposits other than trust funds)
• McHenry Savings Bank, McHenry, IL (not engaged in the business of receiving deposits other than trust funds)

Terminations of previous consent orders were issued to LifeSteps Bank & Trust, Union Springs, AL; International Bank of Chicago, Chicago, IL; Sainte Marie State Bank, Sainte Marie, IL; and KansasLand Bank, Quinter, KS.

The Federal Trade Commission on Friday announced a proposed stipulated settlement order against rideshare operator Lyft, Inc. that would require Lyft's claims about drivers’ pay to be based on typical earnings. Lyft has also agreed to back up with evidence any claims it makes about drivers’ pay, clearly notify drivers about the terms of its “earnings guarantee” offers, and pay a $2.1 million civil penalty.

The CFPB has issued Consumer Financial Protection Circular 2024-06, "Background Dossiers and Algorithmic Scores for Hiring, Promotion, and Other Employment Decisions," presenting the question: "Can an employer make employment decisions utilizing background dossiers, algorithmic scores, and other third-party consumer reports about workers without adhering to the Fair Credit Reporting Act (FCRA)?"

The guidance warns that companies using third-party consumer reports — including background dossiers and surveillance-based, “black box” AI or algorithmic scores about their workers — must follow FCRA rules. This means employers must obtain worker consent, provide transparency about data used in adverse decisions, and allow workers to dispute inaccurate information.

The Federal Reserve Board has announced the execution of a written agreement by and among U & I Financial Corp and UniBank (both of Lynnwood, Washington), the Federal Reserve Bank of San Francisco, and Washington Department of Financial Institutions (Tumwater, Washington) addressing certain deficiencies at UniBank, including deficiencies in the bank's consumer compliance risk management program.

The CFPB yesterday announced action against Apple, Inc. ("Apple") and Goldman Sachs Bank USA ("Goldman Sachs") for customer service breakdowns and misrepresentations that impacted hundreds of thousands of Apple Card users. The CFPB found that:

• Apple failed to send tens of thousands of consumer disputes of Apple Card transactions to Goldman Sachs, and when Apple did send disputes to Goldman Sachs, the bank did not follow numerous federal requirements for investigating the disputes
• Apple and Goldman launched Apple Card despite third-party warnings to Goldman that the Apple Card disputes system was not ready due to technological issues
• These failures meant that consumers faced long waits to get money back for disputed charges, and some had incorrect negative information added to their credit reports

The CFPB is ordering Goldman Sachs to pay at least $19.8 million in redress and a $45 million civil money penalty, and Apple to pay a $25 million civil money penalty. The CFPB is also banning Goldman Sachs from launching a new credit card unless it can provide a credible plan that the product will actually comply with the law.

The CFPB also found that Apple and Goldman Sachs misled consumers about interest-free payment plans for Apple devices. Many customers thought they would automatically get interest-free monthly payments when buying Apple devices with their Apple Card. Instead, they were charged interest. In some cases, Apple did not even show the interest-free payment option on its website on certain browsers. Goldman Sachs also misled consumers about the application of some refunds, which led to consumers paying additional interest charges.

Goldman Sachs Group, Inc. (NYSE: GS), is one of the largest financial institutions in the world. It operates Goldman Sachs Bank USA, headquartered in New York City. Goldman Sachs primarily focuses on investment banking and investment management, not consumer finance. Apple Card was Goldman Sachs’s first significant experiment in credit card lending.

• Consent order against Goldman Sachs Bank USA
• Consent order against Apple, Inc.

Yesterday, FinCEN announced it has assessed a $900,000 civil money penalty against Sahara Dunes Casino, LP DBA Lake Elsinore Hotel and Casino (Lake Elsinore) for willful violations of the Bank Secrecy Act and its implementing regulations.

As part of its resolution with FinCEN, Lake Elsinore admitted to willful violations of the BSA, including failing to implement and maintain an effective AML program, failing to file currency transaction reports (CTRs) and suspicious activity reports (SARs), and certain recordkeeping failures. Lake Elsinore’s willful violations of the BSA, which continued for over four and a half years, resulted from decisions made by the card club’s management. In addition to the civil money penalty, Lake Elsinore will also be subject to an AML program review.

• Consent order

FinCEN has announced it has issued alert FIN-2024-Alert003 to financial institutions to counter financing of Hizballah and its terrorist activities. The alert was issued to help financial institutions identify funding streams supporting the Iran-backed Lebanese militia and U.S.-designated Foreign Terrorist Organization (FTO) Lebanese Hizballah. This alert supplements the information related to Hizballah’s financing outlined in FinCEN’s 2024 Advisory on Iran-Backed Terrorist Organizations.

• The financial stability implications of tokenization
• The status report on the G20 Crypto-Asset Policy Implementation Roadmap
• A consultation on a common Format for Incident Reporting Exchange (FIRE)
• G20 Roadmap for Enhancing Cross-border Payments: Consolidated progress report for 2024

The Securities and Exchange Commission has announced charges against four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions. The SEC also charged Unisys with disclosure controls and procedures violations. The companies agreed to pay the following civil penalties to settle the SEC’s charges:

• Unisys — $4 million
• Avaya — $1 million
• Check Point — $995,000
• Mimecast — $990,000

The charges against the four companies result from an investigation involving public companies potentially impacted by the compromise of SolarWinds’ Orion software and by other related activity. According to the SEC’s orders, Unisys, Avaya, and Check Point learned in 2020, and Mimecast learned in 2021, that the threat actor likely behind the SolarWinds Orion hack had accessed their systems without authorization, but each negligently minimized its cybersecurity incident in its public disclosures.

This morning, the CFPB announced it has finalized a rule designed to give consumers greater rights, privacy, and security over their personal financial data. The rule will require financial institutions, credit card issuers, and other financial providers to unlock an individual’s personal financial data and transfer it to another provider at the consumer’s request for free.

The Bureau said that consumers will be able to more easily switch to providers with superior rates and services, and, by fueling competition and consumer choice, the rule will help lower prices on loans and improve customer service across payments, credit, and banking markets. The rule also establishes strong privacy protections, requiring that personal financial data can only be used for the purposes requested by the consumer. It ensures that third parties cannot use consumer data for other purposes that benefit the third party, but that consumers do not want. It also helps move the industry away from “screen scraping,” a still common but risky practice that typically involves consumers providing their account passwords to third parties who use them to access data indiscriminately through online banking portals.

Compliance with the rule, which amends 12 CFR Part 1033, will be implemented in phases, with larger providers subject to the rule sooner than smaller ones. Financial firms will be required to comply based on their size; the largest institutions will have to comply by April 1, 2026, while the smallest covered institutions will have until April 1, 2030. Certain small banks and credit unions are not subject to this rule.

• Executive Summary of Rule

FinCEN has added Filing Trend Data by industry updated through the 2023 calendar year to its Interactive SAR Stats website. The new downloadable data is arranged by industry type, and includes rankings by states/territories and suspicious activities.

The Federal Trade Commission has released its annual report to Congress on the Commission’s recent efforts to protect older adults.

This year’s report describes new scam and fraud trends, FTC cases and rulemakings impacting older adults, and updates on its Pass It On and other outreach programs.

The Financial Stability Board has published reports detailing work to enhance cross-border payments.

• a consolidated progress report for 2024 reporting on a broad range of actions being progressed as part of the G20 Roadmap for Enhancing Cross-Border Payments
• a progress report on the implementation of the Legal Entity Identifier (LEI)
• an annual progress report on meeting the improved user experience targets for cross-border payments

• Press release

The Federal Housing Finance Agency has issued proposed revisions to its regulations addressing boards of directors and overall corporate governance of the Federal Home Loan Banks (Banks) to update and clarify regulatory requirements on a variety of topics including:

• FHFA’s annual designation of Bank directorships
• Bank director eligibility and professional qualifications
• Nomination, election, and removal of Bank directors
• the conduct of System board and committee meetings
• conflicts of interest
• the respective responsibilities of System boards of directors and executive management

Written comments will be accepted for 90 days after publication of the rule in the Federal Register.

• Press release

The OCC has reported it has finalized revisions to its recovery planning guidelines for certain large insured national banks, federal savings associations, and federal branches (banks).

The revisions to the recovery planning guidelines are part of the OCC’s effort to ensure that large banks are adequately prepared for and have developed plans to respond to the financial effects of severe stress, particularly in light of the contagion effects and systemic risks they may pose.

The revisions:

• Expand the recovery planning guidelines to apply to banks with at least $100 billion in assets
• Incorporate a testing standard for recovery plans
• Clarify the role of non-financial risk (including operational and strategic risk) in recovery planning
• Provide covered banks with time frames in which to comply with the recovery planning guidelines, including development of a testing framework and conducting testing

The revisions, published in today's Federal Register at 89 FR 84255, are effective on January 1, 2025, with staggered compliance dates. They will apply to insured national banks, insured Federal savings associations, and insured Federal branches of foreign banks with average total consolidated assets of $100 billion or more.

On Friday, the OCC appointed the FDIC as receiver for The First National Bank of Lindsay, Lindsay, Oklahoma, after identifying false and deceptive bank records and other information suggesting fraud that revealed depletion of the bank’s capital. The OCC also found that the bank was in an unsafe or unsound condition to transact business and that the bank’s assets were less than its obligations to its creditors and others.

The OCC is also referring this matter to the United States Department of Justice, which has a wide variety of tools to hold individuals accountable for criminal acts and focuses on victims in all of its matters.

To protect depositors of the failed bank, the FDIC entered into a purchase and assumption agreement with First Bank & Trust Co., Duncan, Oklahoma, to assume the insured deposits of The First National Bank of Lindsay.

In addition, based on the estimated recoveries of the failed bank assets, the FDIC will make 50 percent of uninsured funds available to those depositors on Monday, October 21, 2024. This amount could increase as the FDIC sells the assets of the failed bank.

As of June 30, 2024, The First National Bank of Lindsay reported total assets of $107.8 million and total deposits of $97.5 million. Approximately $7.1 million of the deposits exceeded FDIC insurance limits; this amount is likely to change once the FDIC obtains additional information from customers.

The FDIC preliminarily estimates that the failure will cost its Deposit Insurance Fund (DIF) about $43 million. The estimate will change over time as the assets are sold. Alleged fraud caused the failure of the bank and cost to the DIF.

The First National Bank of Lindsay is the second bank to fail in the U.S. this year. The last bank failure was Republic First Bank, in Philadelphia, Pennsylvania, on April 26, 2024. The last failure in Oklahoma was The Freedom State Bank, in Freedom, Oklahoma. on June 27, 2014.

The FDIC has issued FIL-76-2024 announcing steps intended to provide regulatory relief to financial institutions and facilitate recovery in areas of Alaska affected by flooding from August 5 to August 6, 2024. The current list of such areas includes Juneau Borough.

The OCC has released enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with banks the OCC supervises.

• Formal Agreement with Axiom Bank, N.A., Maitland, Florida, for unsafe or unsound practices, including those related to the bank’s Bank Secrecy Act/Anti-Money Laundering (BSA/AML) compliance program and violations of 12 CFR 21.21(d)(1) and (d)(3) (BSA/AML internal controls and BSA officer).
• Formal Agreement with First National Bank of Dennison, Dennison, Ohio, for unsafe or unsound practices, including those related to board and management oversight, credit underwriting, and credit administration.
• Formal Agreement with First National Bank of Lake Jackson, Lake Jackson, Texas, for unsafe or unsound practices, including those related to strategic and capital planning, liquidity risk management, and interest rate risk management.
• Formal Agreement with The First National Bank of Waverly, Waverly, Ohio, for unsafe or unsound practices, including those relating to strategic planning, capital planning, and liquidity risk management.
• The previously announced Cease and Desist Order and Civil Money Penalty against TD Bank, N.A., Wilmington, Delaware, and TD Bank USA, N.A., Wilmington, Delaware, for deficiencies in the banks’ BSA/AML compliance program.
• Orders of Prohibition against—
  • Tanya Jazmin Cortez, former Teller and Concierge at Los Angeles County, California, branches of Citibank, N.A., Sioux Falls, South Dakota, for selling confidential bank customer information to a third party, resulting in check fraud and a loss to the bank of approximately $348,000.
  • Alexis LeaAnne Day (f/k/a Alexis LeaAnne Adcock), former Client Relationship Consultant at a Clarksville, Tennessee, branch of U.S. Bank, N.A., Cincinnati, Ohio, for misappropriating approximately $10,000 from a bank ATM.
  • Leronne D. Kornegay, former Associate Banker at a Brooklyn, New York, branch of JPMorgan Chase Bank, N.A., Columbus, Ohio, for engaging in a scheme to steal bank funds and falsely reporting the receipt of counterfeit bills in the bank’s general ledger. The bank suffered a loss of at least $201,000.
  • Lexus Inez Lewis, former Fraud Operations Specialist, at a Jacksonville, Florida, branch of Citibank, N.A., Sioux Falls, South Dakota, resolving the Notice of Charges, in which the OCC alleged, among other things, that Lewis made false representations in her employment application and became employed at the bank in violation of federal law; caused fraudulent transactions totaling at least $389,000 to incur on bank customers’ credit card accounts; and kept bank equipment without authorization. Lewis consented to the Order without admitting or denying the allegations in the Notice.