Question: For a TRID construction loan disclosed as two transactions, what should we disclose as the interest rate if it’s variable we don’t know what the rate will be during the permanent phase?
Answer: If it will have an adjustable rate and the rate is unknown when the Loan Estimate is provided, the bank should disclose the fully-indexed rate, which is the rate calculated using the index and margin at the time of consummation. If the index and margin that will be in effect at consummation must be provided, the fully-indexed rate disclosed may be based on the index in effect at the time the disclosure is delivered.
“1. Interest rate at consummation not known. Where the interest rate that will apply at consummation is not known at the time the creditor must deliver the disclosures required by § 1026.19(e), § 1026.37(b)(2) requires disclosure of the fully-indexed rate, defined as the index plus the margin at consummation. Although § 1026.37(b)(2) refers to the index plus margin “at consummation,” if the index value that will be in effect at consummation is unknown at the time the disclosures are provided under § 1026.19(e)(1)(iii), i.e., within three business days after receipt of a consumer's application, the fully-indexed rate disclosed under § 1026.37(b)(2) may be based on the index in effect at the time the disclosure is delivered. The index in effect at consummation (or the time the disclosure is delivered under § 1026.19(e)) need not be used if the contract provides for a delay in the implementation of changes in an index value. For example, if the contract specifies that rate changes are based on the index value in effect 45 days before the change date, creditors may use any index value in effect during the 45 days before consummation (or any earlier date of disclosure) in calculating the fully-indexed rate to be disclosed. See comment app. D-7.iii for an explanation of the disclosure of the permanent financing interest rate for a construction-permanent loan.”
Comment 37(b)(2): https://www.consumerfinance.gov/rules-policy/regulations/1026/interp-37/#37-b-2-Interp
Question: We have an instance where a customer is wanting to open a benefit account for a fellow church member whose wife has recently become ill. His initial intention was to set the account up under his name and tax ID information and he would direct the funds to the individuals. However, our institution does not typically open these types of accounts and we're hoping for recommendations and/or what is consistent in the banking industry for these types of benefit accounts.
Answer: There are several methods that may be used when opening these types of accounts:
- A simple trust can be drafted, and an account can be opened in the name of the trust. Treat the account as you would treat any account opened under an irrevocable trust agreement.
- An account opened in the name of the persons to be benefitted. Treat the account as you would treat any individual/single-party or joint/multiple-party account. The victim(s) must be authorized to transact on the account.
- An organization actively involved in the process of assisting the family may be willing to open an account in the name of the organization into which the collected funds will be deposited. For example, a local church or other charitable organization assisting the victim(s) may be willing to open and administer the account. Treat the account as you would treat any account opened by an organization.
The three methods described above are the only practical methods which should be considered. However, there are some banks that allow customers to open these types of accounts as informal trust, such as “FBO” or “ITF” accounts. If the bank will consider this, please note the following:
- Treat the account as you would any individual/single-party or joint/multiple party account with a POD.
- The person establishing the account is the owner of the account and the victim is the designated beneficiary. This means that the funds given to the victim to establish the account will not belong to the victim once deposited into this type of account.
- Ownership passes at the death of the account owner to the victim.
- If the victim dies, the funds do not pass to his/her estate. The funds belong to the owner of the account.
- Checks made payable to the victim should not be deposited into this type of account, unless the victim properly endorses the check.
- The owner’s TIN is used for IRS and CIP purposes.
In addition, Compliance Alliance has a thorough cheat sheet regarding benefit and memorial accounts, here.
Question: Our customer received a phone call from someone telling the customer that the customer’s computer was about to be hacked. The person convinced the customer to allow remote sign into the customer’s computer to “stop the hacking process.” In this process, the customer provided both of his debit card numbers and PINs. The fraudster used these to then purchase gift cards. We feel the customer was clearly negligent in this case, but does that help the bank at all?
Answer: Unfortunately, when fraudsters gain access to accounts by persuading consumers to provide their access device (e.g., authorization or authentication code), Regulation E generally considers such situations to be unauthorized electronic fund transfers. Regulation E’s commentary specifically states that “[a]n unauthorized EFT includes a transfer initiated by a person who obtained the access device from the consumer through fraud or robbery.” https://www.consumerfinance.gov/rules-policy/regulations/1005/interp-2/#2-m-Interp-3 Furthermore, according to the commentary, “consumer behavior that may constitute negligence under state law, such as situations where the consumer wrote the PIN on a debit card or on a piece of paper kept with the card, does not affect the consumer’s liability for unauthorized transfers: https://www.consumerfinance.gov/rules-policy/regulations/1005/interp-6/#6-b-Interp-2 Therefore, consumer liability in these instances is generally going to be limited to $50 if the consumer notifies the financial institution of the loss or theft of an access device within two business days of learning of the loss or theft of the access device, or up to a maximum of $500 if the consumer fails to provide notice within that time period.
Question: We have a designated disaster area close by and were wondering which activities in these areas would qualify for CRA Community Development?
Answer: There are a variety of activities relating to designated disaster areas (DDA) that may qualify. Loans, investments/donations, and services that revitalize or stabilize DDAs may be eligible for CRA consideration if the activities (1) help attract new or retain existing businesses or residents; and (2) are related to disaster recovery. For example, qualifying activities could include a loan to a business affected by the disaster that would otherwise have to close; an investment in a municipal bond that will rebuild essential community buildings that were destroyed by the disaster; providing financing for rebuilding needs; or delivering financial expertise to an organization providing housing for displaced residents. The activities must generally occur within 36 months of the disaster declaration to be eligible to receive consideration; however, the agencies can extend this period for exceptional situations, such as where there is a demonstrable need in a particular DDA that requires longer-term assistance. Banks subject to CD evaluation are encouraged to monitor and document activities in DDAs that may be considered in their next CRA exam.
Question: How often does a Bank have to update its BSA risk assessment? Is it still 12 to 18 months?
Answer:It used to be 12-18 months in prior versions of the FFIEC Manual which you can see reflected here:
"Bank’s Updating of the Risk Assessment An effective BSA/AML compliance program controls risks associated with the bank’s products, services, customers, entities, and geographic locations; therefore, an effective risk assessment should be an ongoing process, not a one-time exercise. Management should update its risk assessment to identify changes in the bank’s risk profile, as necessary (e.g., when new products and services are introduced, existing products and services change, higher-risk customers’ open and close accounts, or the bank expands through mergers and acquisitions). Even in the absence of such changes, it is a sound practice for banks to periodically reassess their BSA/AML risks at least every 12 to 18 months."
However, you can see below that this was revised in the current version to reflect that "there is no requirement to update the BSA/AML risk assessment on a continuous or specified periodic basis":
"Generally, risk assessments are updated (in whole or in part) to include changes in the bank’s products, services, customers, and geographic locations and to remain an accurate reflection of the bank’s ML/TF and other illicit financial activity risks. For example, the bank may need to update its BSA/AML risk assessment when new products, services, and customer types are introduced, or the bank expands through mergers and acquisitions. However, there is no requirement to update the BSA/AML risk assessment on a continuous or specified periodic basis."
Question: Is the Bank required to report SBA loans to the credit bureaus?
Answer: The SBA Standard Operating Procedures do set out requirements to report SBA loans to credit reporting agencies, starting on p. 28 here:
"...2. Reports to Credit Reporting Agencies
In accordance with the Debt Collection Improvement Act of 1996, Lenders are required to report information to the appropriate credit reporting agencies whenever they extend credit via an SBA loan. Thereafter, they should continue to routinely report information concerning servicing, liquidation, and charge-off activities throughout the life cycle of the loan. (See Chapter 26 for more information regarding credit reporting requirements for loans in charge-off status.)..."
Question: If the Bank does not use any type of credit report when denying deposit accounts, are we required to provide an adverse action notice?
Answer: If the bank did not use any type of credit report to deny the deposit account application, then an adverse action notice would not be required under the Fair Credit Opportunity Act or under Regulation B, assuming no extension of credit is involved. However, it’s important to consider that notice may still be required under the bank's internal policy, so the bank would want to check there as well and be consistent with what it has done in similar situations in the past.
Question: We have a publicly traded company that wants to open a checking account. I believe the company would be excluded from the beneficial ownership information, but would we still have to collect information for a controlling person?
Answer: If the customer is a publicly traded company, then they're excluded from the definition of "legal entity customer" and you're technically not required to collect either prong of beneficial ownership information from them. Since neither the ownership prong nor the control prong need be collected, the information on the control person would not be required by regulation. As always, it’s best to also check internal and/or investor policies as well, as these can have information collection requirements beyond those in the regulations.
"Legal entity customer does not include
(ii) A person described in § 1020.315(b)(2) through (5) of this chapter; "
31 CFR 1010.230(b)(2): https://www.ecfr.gov/current/title-31/subtitle-B/chapter-X/part-1010/subpart-B/section-1010.230
“§ 1020.315 Transactions of exempt persons.
(b) Exempt person. For purposes of this section, an exempt person is:
(4) Any entity, other than a bank, whose common stock or analogous equity interests are listed on the New York Stock Exchange or the American Stock Exchange or whose common stock or analogous equity interests have been designated as a NASDAQ National Market Security listed on the NASDAQ Stock Market (except stock or interests listed under the separate “NASDAQ Capital Markets Companies” heading), provided that, for purposes of this paragraph (b)(4), a person that is a financial institution, other than a bank, is an exempt person only to the extent of its domestic operations;…”
31 CFR 1020.315(b): https://www.ecfr.gov/current/title-31/subtitle-B/chapter-X/part-1020/subpart-C/section-1020.315#p-1020.315(b)
Question: What is the current open-end threshold for partial exemptions? When does it change?
Answer: The partial exemption open-end threshold is currently 500 transactions in each of the two previous years and is not currently scheduled to change. There is currently a full reporting exemption, which is currently set at 500 transactions in either of the two previous years, but will be decreasing to 200 transactions on January 1, 2022.
(3) ...an insured depository institution or insured credit union that, in each of the two preceding calendar years, originated fewer than 500 open-end lines of credit...is not required to collect, record, or report optional data as defined in paragraph (d)(1)(iii) of this section for applications for open-end lines of credit that it receives, open-end lines of credit that it originates, and open-end lines of credit that it purchases.
12 CFR 1003.3(d)(3) – https://www.consumerfinance.gov/rules-policy/regulations/1003/3/#d-3
The final rule sets the permanent open-end threshold at 200 open-end lines of credit effective January 1, 2022, upon expiration of the temporary threshold of 500 open-end lines of credit.
Home Mortgage Disclosure Rule, p. 3 https://files.consumerfinance.gov/f/documents/cfpb_final-rule_home-mortgage-disclosure_regulation-c_2020-04.pdf
Question: We are considering an arrangement with our construction builder customers where they would get a set amount of “credit” (points) for every spec loan closed with us. The points would be eligible to apply discounts associated for an annual trip with the Bank’s travel club. In other words, each spec loan booked with us will give them credit to use on the trip cost. The obvious consideration here is RESPA Section 8, but I do not feel like it is applicable. Although this involves residential construction, since they will all be spec loans, these will all be commercial customers and transactions.
Answer: The main concern here would be RESPA Section 8, but you are also correct that if these are commercial or business purpose transactions, they are exempt from RESPA. Otherwise, there is not a prohibition in a referral program for commercial loans. The bank would want to thoroughly document the program, as always, and be sure to monitor for any potential consumer loans and Fair Lending or UDAAP issues.
No person shall give, and no person shall accept any fee, kickback or other thing of value pursuant to any agreement or understanding, oral or otherwise, that business incident to or part of a settlement service involving a federally related mortgage loan shall be referred to any person."
Regulation X, § 1024.14(b) – https://www.consumerfinance.gov/policy-compliance/rulemaking/regulations/1024/14/#b
An extension of credit primarily for a business, commercial, or agricultural purpose, as defined by 12 CFR 1026.3(a)(1) of Regulation Z. Persons may rely on Regulation Z in determining whether the exemption applies.
Regulation X, § 1024.5(b)(2) – https://www.consumerfinance.gov/rules-policy/regulations/1024/5/#b-2
Question: Can a bank provide an access device for a home equity line of credit (HELOC)?
Answer: This is permissible, with several risk considerations for the bank. Under Regulation Z, § 1026.2(a)(15)(ii), a debit card that can access a HELOC is a credit card. Additionally, § 1026.12(d)(1), further prohibits the bank from exercising the right of setoff for credit card balances. Therefore, whereas a HELOC without a credit card generally provides a right of setoff, subject to certain requirements, the bank loses this right when providing a debit card to access a HELOC.
Regulation Z, § 1026.2(a)(15) – https://www.consumerfinance.gov/rules-policy/regulations/1026/2/#a-15-ii
Regulation Z, § 1026.12(d) – https://www.consumerfinance.gov/rules-policy/regulations/1026/12/#d