Just how momentous a regulatory year was it?

S.2155 dominated the headlines, but there was plenty of other regulatory news in 2018. We look at the compliance year in review.

By Mary Thorson Wright

What a year it’s been for community bank regulation. The Economic Growth, Regulatory Relief, and Consumer Protection Act (S.2155) was in the headlines, and its real-world impact is beginning to take shape. The year brought many other challenges, and, predictably, community banks met them with robust efforts to plan, implement, test and monitor for changes and ongoing compliance.

Home Mortgage Disclosure Act (HMDA)

HMDA recordkeeping and reporting was the 800-pound compliance gorilla this year. Many 2015 HMDA Final Rule changes became effective in 2018. Covered community banks worked to perfect data collection, recording, reporting and disclosure revisions they prepared in 2017.

At $470 million-asset First State Bank in Winchester, Ohio, chief risk officer Tim Grooms encountered some implementation issues with the LOS application, and the community bank uses a compliance software program as a second-line check. The bank enhanced its monitoring efforts, increased sample sizes and stepped up the frequency of checks to confirm the integrity of the data collection and reporting process.

Changes to institutional coverage became effective Jan. 1, 2018. The HMDA Rule adopted a uniform loan-volume threshold for all institutions of at least 25 covered closed-end mortgage loan originations, or at least 500 covered open-end lines of credit in each of the two preceding calendar years, and the asset size, location, federally related and loan activity tests.

The types of covered transactions were also modified. Reporting now generally includes closed-end mortgage loans and open-end lines of credit secured by a dwelling. Dwelling-secured business-purpose loans and lines of credit are covered only if they are home purchase loans, home improvement loans or refinancings. Agricultural-purpose or other specifically excluded transactions are not covered, even if they are dwelling-secured, and home improvement loans are covered only if they are secured by a dwelling.

Quick stat


Members of the Senate and House of Representatives who voted to approve S.2155 in 2018

The rule brought sweeping changes to reportable data. The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (Dodd-Frank) required financial institutions to report new data points and authorized the Consumer Financial Protection Bureau (CFPB) to require additional information. The CFPB’s final rule for HMDA reporting included 25 new data points, 14 fields revised from prior requirements and nine unchanged data points, bringing the total to 48 unique data fields. Jan. 1, 2018, marked the effective date for collection of expanded and revised data to be reported in 2019.

Richard Tripp, compliance officer at $985 million-asset First Volunteer Bank in Chattanooga, Tenn., found that, even with months of planning and preparation, some of the changes were more difficult than expected, particularly in platform implementation.

“We found the technical changes for most reporting fields easy to implement,” he says. “However, others, like debt to income and combined loan to value, were more complex and more difficult to implement and train.”

“With every new rule,” observes Tripp, “the most difficult piece is applying the rules to situations not addressed by the rule or any of its associated guidance. Our most beneficial process was follow-up, in-person training with our loan officers to discuss the issues we found while monitoring the first month of collection.”

Regulation B–Equal Credit Opportunity Act Data Collection

In October 2017, Regulation B was amended in regards to when and how a creditor may collect information about the applicant’s ethnicity, race and sex. Affected creditors are primarily those making mortgage loans subject to Regulation B §1002.13 (collecting government monitoring information), for purchase and refinance transactions involving an applicant’s primary residence. The revision allows creditors to collect an applicant’s information using either the aggregate ethnicity and race categories, or disaggregated ethnicity and race categories and subcategories of Appendix B to Regulation C as amended by the 2015 HMDA Final Rule.

“We introduced a new form that made the data-collection process clearer,” says Grooms. “We also have a centralized first-line review of real estate loans for data collection, whether they are HMDA-reportable or not.”

BSA/AML Customer Due Diligence Rules

In May 2018, enhanced Bank Secrecy Act/anti-money laundering (BSA/AML) rules became effective to clarify and strengthen customer due diligence (CDD). Financial institutions must determine the identity of the individuals (beneficial owners) who own or control legal entity customers.

At First Volunteer Bank, the software vendors provided the new due diligence questions to account-opening programs, and the community bank enhanced its BSA program accordingly. “We employed controls to train, enforce and monitor the new due diligence questions,” says Tripp. “We provided detailed training to all account-opening employees and sent notices to all existing business customers.”

The Financial Crimes Enforcement Network (FinCEN) names four core elements of CDD as a fifth pillar to an institution’s BSA/AML program: (1) Customer identification and verification; (2) beneficial ownership identification and verification; (3) understanding the nature and purpose of customer relationships to develop a customer risk profile; and (4) ongoing monitoring for reporting suspicious transactions and, on a risk basis, maintaining and updating customer information.

Banks must maintain written procedures reasonably designed to identify and verify the beneficial owners of legal entity customers, and have appropriate risk-based procedures to conduct ongoing CDD; monitor to identify and report suspicious transactions; and, based on risk, maintain and update customer information. In September, FinCEN made permanent exceptive relief from beneficial owner requirements for certain account rollovers and renewals.

Prepaid Accounts and the Electronic Fund Transfer Act (Regulation E) and Truth in Lending Act (Regulation Z)

In October 2016, the CFPB issued a final rule creating federal consumer protections for prepaid financial products under Regulations E and Z. The rule amends Regulation E, making a minor modification to Regulation Z for accounts with an overdraft feature. Compliance with the prepaid rule (originally set for Oct. 1, 2017) will begin April 1, 2019, and prepaid account issuers were required to submit all their prepaid account agreements to the CFPB beginning Oct. 1, 2018.

Compliance management and oversight

The industry is feeling the effects of political and administrative changes in Washington, D.C. In February, the CFPB released a strategic plan for 2018–2022. The plan imposes financial discipline, reduces wasteful spending and restricts the agency’s enforcement authority. While a limited number of community banks are under the direct supervision of the CFPB, financial institutions on a broad scale could be affected by changes in the agency’s rulemaking authority.

In May 2018, Congress passed S.2155: the Economic Growth, Regulatory Relief, and Consumer Protection Act. Some of the more noteworthy provisions are aimed at less intrusive reporting and examination practices, including:

  • permitting less regulatory oversight for banks between $50 billion and $250 billion in assets
  • exempting banks with less than $10 billion in assets from some rules
  • requiring federal regulators to take the size of banks into account when constructing regulations.

How might this regulatory “easing” affect community banks’ compliance program administration? Probably not much, according to both Grooms and Tripp.

Tripp welcomes regulatory relief but says his community bank has not adjusted or loosened its compliance risk tolerance in response. He adds, “Our compliance program continues to focus on enhanced methods for internal monitoring to identify and correct issues in a ‘real-time’ or more timely manner.”

“We will benefit from a few of the changes [in S.2155], but many are coming too late.”
—Tim Grooms, First State Bank

“We will benefit from a few of the changes,” says Grooms, “but many are coming too late. For instance, we’ve implemented systems and trained our staff for the HMDA changes, and the relief would require us to undo much of what we’ve worked diligently on for the past year or more. We do see a shift back from Dodd-Frank to allow community banks to help communities and customers.

“In any case, we have strong management support for compliance as a valuable element of risk management,” he adds, “and we’ll continue to evaluate, enhance and apply our program to mitigate that risk.”

Mary Thorson Wright, a former Federal Reserve examiner, is a freelance writer in Virginia.