Read highlights about the key regulatory updates and explore more information on each.
On June 28, the CFPB finalized amendments to the agency's mortgage servicing regulations. The CFPB's new rules establish temporary safeguards designed to ensure borrowers have more time to explore options before a potential foreclosure. This includes new loan options and home sales. The rules also allow servicers to offer streamlined loan modifications and require them to communicate certain loan options to borrowers. The rules exclude small loan servicers and will take effect on August 31, 2021.
For more information visit:
https://files.consumerfinance.gov/f/documents/cfpb_covid_mortgage-servicing_final-rule_2021-06.pdf
On July 30, the CFPB announced that two final rules issued under the Fair Debt Collection Practices Act will take effect on November 30, 2021. The two rules at issue are the October 2020 Debt Collection Rule, which focuses on the use of communications related to debt collection, and the December 2020 Debt Collection Rule, which clarifies the disclosures that debt collectors must provide to consumers. The CFPB previously issued a proposal in April 2021 that would have extended the effective dates to January 29, 2022, to give parties more time to comply as a result of the COVID-19 pandemic. The CFPB has now determined that such an extension is unnecessary.
For more information visit:
https://www.consumerfinance.gov/about-us/newsroom/cfpb-confirms-effective-date-for-debt-collection-final-rules/
On June 30, the Federal Financial Institutions Examination Council ("FFIEC") issued a new guidance booklet titled "Architecture, Infrastructure, and Operations." The FFIEC booklet may have implications for financial institutions' cybersecurity compliance. It provides financial institution examiners, such as the CFPB, guidance for evaluating the risk profile of a company's information technology infrastructure and operations. Specifically, the booklet acknowledges the changing technological landscape and increasing need for security in architectural design, infrastructure implementation, and operation of information technology.
The complete FFIEC Information Technology Examination Handbook is available here:
http://ithandbook.ffiec.gov/
On July 30, the CFPB announced that two final rules issued under the Fair Debt Collection Practices Act will take effect on November 30, 2021. The two rules at issue are the October 2020 Debt Collection Rule, which focuses on the use of communications related to debt collection, and the December 2020 Debt Collection Rule, which clarifies the disclosures that debt collectors must provide to consumers. The CFPB previously issued a proposal in April 2021 that would have extended the effective dates to January 29, 2022, to give parties more time to comply as a result of the COVID-19 pandemic. The CFPB has now determined that such an extension is unnecessary.
For more information visit:
https://www.consumerfinance.gov/about-us/newsroom/cfpb-confirms-effective-date-for-debt-collection-final-rules/
On August 5, the CFPB released an Interpretive Rule to assist the mortgage industry in determining whether to treat June 19, 2021, as a federal holiday or a business day for compliance purposes with time-sensitive borrower protections. Regulation Z of the CFPB's mortgage rules establishes timing requirements, calculated in business days, for when borrowers must receive certain disclosures and when borrowers have the right to cancel some mortgages. For rescission of certain mortgages, whether June 19, 2021, counts as a federal holiday or a business day depends on when the relevant time period for the mortgage began. Specifically, if the period began on or before June 17, 2021, then June 19 was a business day. If the period began after June 17, 2021, then June 19, 2021, was a federal holiday.
For more information visit:
https://files.consumerfinance.gov/f/documents/cfpb_juneteenth-holiday_interpretive-rule_2021-08.pdf
On August 11, the FFIEC issued guidance that provides financial institutions with examples of risk management principles and practices for access and authentication. Specifically, it supports a financial institution's adoption of layered security, highlights the weaknesses of single-factor authentication and includes examples of authentication controls, and provides a list of government and industry resources and references to assist financial institutions. The guidance also notes the need for strong risk management controls for third parties, such as data aggregators and consumer permissioned entities, to access business and consumer financial information.
For more information visit:
https://files.consumerfinance.gov/f/documents/cfpb_authentication-access-financial-institution-services-systems_guidance_2021-08.pdf
On August 12, the FTC submitted a comment on the Board of Governors of the Federal Reserve System's (Federal Reserve Board) proposed rulemaking on Regulation II. The proposed rulemaking would clarify that Regulation II applies to both transactions in which a credit card is present and transactions in which it is not, such as pay-by-phone or other electronic payment options. Regulation II implemented changes made to the EFTA under the Dodd-Frank Wall Street Reform Act of 2010. Specifically, those changes required debit card issuers to enable at least two unaffiliated debit card networks to permit merchants an option for routing electronic debit card transactions. The FTC's comments also asked the Federal Reserve Board to prevent debit card networks from paying incentives to debit card issuers for routing electronic transactions in a manner favorable to the particular debit card network.
For more information visit:
https://www.ftc.gov/policy/advocacy/advocacy-filings/2021/08/ftc-staff-comment-board-governors-federal-reserve-system
Risk Management Solutions Group (RMSG) offers a comprehensive suite of regulatory and compliance services for community and midsize banks. Customized to your unique business needs, our consulting services are delivered by experienced subject matter professionals—all at an accessible price.