To no surprise, the 4^th quarter of 2013 demonstrated the continued increase of formal enforcement actions by federal regulatory agencies for financial institutions and nonbank financial institutions alike. Large civil money penalties are connected to these enforcement actions. Not to mention, the number of informal enforcement actions likely reached heightened records.

What are enforcement actions?

Federal regulators employ the use of enforcement actions as a standardized way for communicating deficiencies in a financial institution’s condition and for outlining corrective actions necessary to return the financial institution to sound condition and full compliance with laws and regulations. Enforcement actions usually establish timetables for required corrections to be resolved.

Can you identify the types of enforcement actions?

Each federal regulator follows policies and procedures for the initiation of an enforcement action. While the agencies may take a different approach as to whether an enforcement action should be instituted or the degree of severity of an enforcement action, the agencies all use similar enforcement tools and each agency labels these actions differently.  Also, keep in mind, that state banking regulators have the authority to generate enforcement actions, which for state-chartered institutions could result in dual enforcement actions. It’s important to recognize the various types of enforcement actions in the event that your financial institution may need to respond if an enforcement action is presented by your federal regulator. Also, it’s a good business practice to briefly analyze enforcement actions as they are released (more on this later).

There are two broad classifications of enforcement actions: informal and formal. Federal regulators utilize a variety of informal tools used in less serious circumstances; examples include:

• Commitment letters
• Board resolutions
• Memoranda of understanding
• Safety and soundness plans

Informal actions are not public and are not enforceable in court. While informal actions may seem minor; left unresolved, they can become a perpetual thorn and can evolve into much more serious actions.

Formal enforcement actions are enforceable and various actions include:

• Consent Orders
• Temporary Cease and Desist Orders
• Cease and Desist Orders
• Removal and Prohibition Orders
• Written Agreements
• Prompt Corrective Action Directives
• Safety and Soundness Orders
• Suspension/Termination of Insurance
• Civil Money Penalties

Because of the public nature of formal enforcement actions as well as the costs of corrective measures to comply with the action, a financial institution’s reputation is at stake. With the increase and severity of enforcements and the civil money penalties that follow, it is imperative that financial institutions take preventative measures to protect their reputations.

Why the increase in enforcement actions?

Since the financial crisis of 2007, we have witnessed a number of significant compliance breakdowns and the subsequent importance on consumer protection. State and federal regulators are now more vigilant evidenced by historic high rates of enforcement actions, and this trend may continue.  While enforcement actions are one of the unfortunate consequences of the financial crisis, your financial institution does not have to be one of the casualties.

Understand what’s being enforced – do you know?

With the Dodd-Frank Wall Street and Consumer Protection Act (Dodd-Frank Act) rollout, the spotlight is directed more towards consumer protection in all facets of financial services including fair lending, unfair and deceptive abusive acts and practices (UDAAP), and mortgage lending, not to mention others. As we’ve all experienced, financial institutions undergo regularly scheduled examinations. As regulators find deficiencies, dependent on the nature, scope and seriousness, regulators have a menu of options to issue informal or formal enforcement actions. The issues that typically arise from such examinations include capital, asset quality or management from the safety and soundness arena; or, BSA/AML compliance and consumer protection issues regarding compliance with consumer protection laws and regulations.

Just during the 4^th quarter of 2013 we’ve seen the following enforcement actions surrounding:

• Multiple flood enforcement actions
• Regulation B violations resulting in civil money penalties
• Various actions for BSA/AML compliance and OFAC
• HMDA penalties
• Various fair lending actions
• UDAAP violations
• Multiple nonbank entities and consumer protection concerns

Examples of Recent Actions

Here are examples of enforcement actions taken during the fourth quarter of 2013:

• UDAAP
• In December 2013 the OCC, CFPB and FDIC coordinated their actions and issued separate orders against several American Express companies under their regulatory supervision for billing and marketing practices violating Section 5 of the Federal Trade Commission Act, 15 U.S.C., section 45(a)(1), which prohibits unfair and deceptive acts or practices, including its marketing and delivery of certain “credit card add-on” products. The combined orders, with previously completed reimbursements, resulted in restitution of approximately $59.5 million to more than 335,000 consumers.
• In December 2013 the CFPB joined with the authorities in 49 states and the District of Columbia in filing a proposed court order requiring the country’s largest nonbank mortgage loan servicer, Ocwen Financial Corporation, and its subsidiary, Ocwen Loan Servicing, to provide $2 billion in principal reduction to underwater borrowers. The consent order addresses Ocwen’s systemic misconduct at every stage of the mortgage servicing process. Ocwen must also refund $125 million to the nearly 185,000 borrowers who have already been foreclosed upon and it must adhere to significant new homeowner protections.
• Fair lending
• In December 2013 the CFPB and Department of Justice filed a joint complaint and proposed Consent Settlement Order against National City Bank for charging higher prices on mortgage loans to African-American and Hispanic borrowers than to similarly creditworthy white borrowers between the years 2002 and 2008. The Order would require PNC Bank, National Association, the successor-in-interest to National City Bank, to establish a settlement fund to pay $35 million in restitution to harmed African-American and Hispanic borrowers.
• In December 2013 the CFPB in conjunction with the Department of Justice announced an order requiring Ally Financial Inc. and Ally Bank to pay $80 million in damages to harmed African-American, Hispanic, and Asian and Pacific Islander borrowers, plus $18 million in penalties. The CFPB and DOJ determined that more than 235,000 minority borrowers paid higher interest rates for their auto loans between April 2011 and December 2013 because of Ally’s discriminatory pricing system.
• In November 2013 HUD announced that MortgageIT, Inc., an indirect subsidiary of Deutsche Bank, agreed to pay $12.1 million under a Conciliation Agreement with HUD, to resolve allegations that the residential lender discriminated against African American and Hispanic borrowers seeking mortgage loans. HUD had alleged that the lender’s practices contributed to minority borrowers being charged higher APRs and fees than similarly-situated white borrowers, and denied minority applicants loans more often than similarly-situated white applicants.
• BSA/AML/OFAC
  • In December 2013 the FRB announced the payment of $50 million by the Royal Bank of Scotland (RBS) to settle potential civil liability for apparent violations of the Iran, Sudan, Burma, and Cuba sanctions programs. In separate actions, OFAC announced a settlement of $33 million, which is deemed satisfied by the payment to the Fed; and the New York State Department of Financial Services announced its own settlement of $50 million with RBS. The RBS payment to the Federal Reserve will be passed on to the U.S. Treasury.
  • In November 2013 the Treasury announced a $91,026,450 settlement—a record amount outside of the banking industry—with Weatherford International Ltd. and its subsidiaries and affiliates regarding potential liability for violations of Cuban Assets Control, Iranian Transaction and Sanctions, and Sudanese Sanctions regulations. The base penalty for the 586 violations totaled over $107 million. OFAC determined that Weatherford’s conduct was willful, and various executives and senior management knew or had reason to know of the conduct that led to the violations. The penalty was mitigated because Weatherford had not been subject to prior OFAC penalties, took significant remedial steps to ensure future compliance, and substantially cooperated with OFAC’s investigation.

Do you know what to analyze when reviewing enforcement actions?

Reviewing enforcement actions does not have to be a lengthy or time-consuming process. It is a good business practice to peruse actions to glean any information that may shine light on any deficiencies in your compliance program. Self-identified deficiencies may be treated differently by your regulator. Each regulator releases enforcement actions and it is highly recommended to register your email address for news alerts with each agency. Listed below are steps to take in analyzing enforcement actions:

• What specific laws and/or regulations were involved?
• If available, what violations of law created the action?
• Were the actions taken by the financial institution that led to the enforcement action willful neglect?
• Were consumers harmed and how?
• What compliance program deficiencies were noted? Look for any of the following findings:
  • Deficient compliance management systems
  • Inadequate internal controls
  • Insufficient monitoring
  • Ineffective policies, procedures and practices
  • Deceptive marketing practices
  • Discrimination
  • Inadequate due diligence and oversight of third parties/service providers
  • Deficient internal audit function
  • Lack of staff/employee training
  • Insufficient consumer complaint process
• What steps are required to correct the compliance program deficiencies?

What preventative measures can you take to avoid the spotlight of a formal enforcement action?

As the saying goes ‘an apple a day keeps the doctor away’.  The same is true here. Acting with diligence in maintaining a compliant compliance program goes along way. While the following list is not exclusive, consider these tips of prevention:

• Make sure your compliance program for consumer compliance and BSA/AML is strong:
  • Have you completed or have in place updated risk assessments for appropriate areas, such as BSA/AML, overall compliance management, fair lending, UDAAP, service providers/third-party relationships?
• Maintain strong internal controls and monitoring systems (manual or automated) that allows for early identification of risks or other issues. Central to strong internal controls are strong policies, procedures and practices. ‘Strong’ is repeatedly emphasized here for a reason!
• Utilize your internal audit function which allows you to continuously monitor the bank’s condition and your compliance program. In conjunction, what do external audits reveal? Make sure to immediately address any issues identified by internal and/or external auditors. Self-identified issues are less costly to correct, especially compared to costs involved with formal enforcement actions and your reputation may be spared.
• Should any deficiencies be discovered by regulators, address those issues promptly.

While it appears that the economy continues to recover, regulators will maintain their vigilance by utilizing all enforcement tools to enforce rules and regulations. Maintain a system of sound governance, a strong compliance management system, and strong internal controls.