Financial Services Alert

The SEC proposed amendments (the "Proposed Amendments") to modernize its rule governing auditor independence, that is, Rule 2-01 of Regulation S-X. The SEC has announced that it will hold a hearing on the Proposed Amendments on July 26, 2000. Comments on the Proposed Amendments are expected to be due no later than September 25, 2000.

The Proposed Amendments would make three fundamental changes to the current rule. First, they reduce the number of employees of the audit firms and members of their families whose investments in, or other financial relationships with, an audit client would compromise the independence of the audit firm. Generally, only those audit partners and employees who work on the audit or who are in a position to influence the audit, and their immediate families, could not hold investments in, or have impermissible (as described below) financial relationships with, the audit client. Second, they specify certain financial relationships between the audit client and the audit firm or the audit partners and employees who work on the audit or are in a position to influence the audit, or their immediate families, that would preclude the auditor from being independent. Those relationships include: non-consumer loans to or from the audit client; maintaining checking, savings or brokerage accounts in excess of insured limits; maintaining credit card balances in excess of $10,000; holding individual insurance policies or, for the auditor, professional liability insurance policies; and investments in an investment company or hedge fund that is, or is in the same complex of investment companies and hedge funds as, the audit client. Third, the Proposed Amendments identify certain non-audit services that, if provided to an audit client, would compromise the auditor's independence. Those services include rendering or supporting expert opinions in legal, administrative or regulatory filings or proceedings, and most of those services already are prohibited by other SEC rules as well as the membership rules of the AICPA and the SECPS. Importantly, those services do not include advising clients on internal accounting controls and risk management.

The Proposed Amendments also would amend Item 9 of Schedule 14A under the Securities Exchange Act of 1934 (the "Exchange Act"), and generally would require clients subject to the proxy rules under the Exchange Act to disclose in their annual proxy materials information concerning non-audit services provided by their auditors during the previous fiscal year if the fees for such services exceed the lesser of $50,000 or 10% of the audit fee.

The Federal Reserve Board published for comment a proposal (Docket No. R-1074) (the "Proposal")to revise the Official Staff Commentary to Regulation E ("Reg E"), which implements the Electronic FundTransfer Act. The Proposal provides guidance on the application of Reg E to electronic check conversion programs, bill-payment services and electronic authentication, among other issues, and solicits comment on the application of Reg E to aggregation or "screen-scraping" services . Comments on the Proposal are due by August 31, 2000.

Electronic Check Conversion Transactions. New check conversion programs permit a merchant to scan the MICR (Magnetic Ink Character Recognition) encoding on a consumer’s check and use the information to initiate an electronic debit from the consumer’s account. The Proposal clarifies that although the check used is not considered an access device under Reg E, the transaction is an electronic fund transfer ("EFT") covered by Reg E.

Bill-Payment Services. The Proposal also addresses the application of Reg E to bill-payment services and proposes that a comment be added to Reg E providing that where the consumer initiates payments via computer and the financial institution makes the payment by check, the payment is an EFT, unless the terms of the bill-payment service explicitly state that payment by the bill payer will be made solely via check, draft or similar paper instrument. Additionally, the Proposal provides that transfers initiated by telephone are covered by Reg E if they occur pursuant to a telephone bill-payment or other written plan.

Electronic Re-Presentment of Returned Checks. On the other hand, the Proposal would clarify that a program whereby merchants re-present returned checks electronically ("RCK") is not covered by Reg E because the transfer is initiated by check. The RCK debit must be in the amount of the original check and may not be increased to include a fee. An electronically debited fee would not be a part of the RCK debit and would be an EFT under Reg E, which would have to be authorized by the consumer.

Special Disclosure Timing Rules. In addition, the timing requirements for providing initial Reg E disclosures would be modified under the Proposal for instances where the account-holding institution does not have prior notice of the first EFT. Reg E generally requires that initial disclosures be provided at the time the consumer contracts for the EFT service or before the first EFT is made to or from the consumer’s account. Existing Reg E commentary provides an exception to the disclosure timing rules when the first EFT is a direct deposit and the account-holding institution does not have prior notice of the direct deposit arrangement. The Proposal would expand coverage of the special timing rules to any one-time or recurring credit or debit of which the institution does not have prior notice.

Error Resolution Time Periods Applicable to New Accounts. With respect to the error resolution time periods, the Proposal would revise the commentary to Reg E to provide that a financial institution may only use the longer error resolution time periods for resolving errors on new accounts (extended time frames were permitted for new accounts by Reg E amendments in September of 1998) if the financial institution actually disclosed the longer time periods in its initial and annual Reg E disclosures.

The Authentication Requirement. The Proposal also revises some commentary to Reg E addressing the requirement in Reg E that recurring electronic debits from a consumer’s account be authorized "by a writing signed or similarly authenticated by the consumer." The words "similarly authenticated" were added in 1996 to permit electronic authorizations and other subsequent rulemakings have provided examples of authentication devices. The Proposal revises a comment to provide that any authentication method that provides similar assurance to a paper-based signature (such as a mechanism that identifies the consumer and evidences the consumer’s assent to authorization) will satisfy the "similarly authenticated" requirement. The Proposal indicates, however, that with the recent enactment of the Electronic Signatures in Global and National Commerce Act, the "similarly authenticated" standard in Reg E may become unnecessary. In any event, the Proposal includes revised commentary that provides institutions with more flexibility in establishing authentication methods.

Aggregation Services. Finally, the Board solicits comments on aggregation services, in which an Internet website provides consumers with the ability to view their financial information from multiple sources, such as credit card, securities and deposit accounts. In many instances, the consumer provides the aggregator with account numbers and passwords to access the consumer’s accounts. Comment is solicited on the types of services offered by aggregators (specifically whether aggregators provide bill-payment or other EFT services in addition to information services), whether aggregators and account-holding institutions enter into agreements governing access to information and electronic transfers and the implications of a determination that aggregators are or are not financial institutions.

The FRB, OCC, FDIC, OTS and NCUA together with the Financial Crimes Enforcement Network jointly issued a revised form of Suspicious Activity Report ("SAR" and the "Revised SAR"). Banks and other financial institutions are required to file SARs with law enforcement agencies with respect to known or suspected violations of law, including, among other things, suspected instances of money laundering, check kiting and loan fraud. The Revised SAR is designed to streamline the SAR reporting process by substituting a series of check boxes and yes-and-no questions for sections of the SAR that previously required a narrative description of the suspicious event being reported. The Revised SAR now includes a box to check for "computer intrusions" which is intended to address the need of the law enforcement authorities to collect additional information concerning computer-related suspicious activities. The Revised SAR also provides new guidance on preparing and filing the Revised SAR form. Financial institutions are required to use the Revised SAR forms starting December 31, 2000.