The Nutter Bank Report is a monthly electronic publication of the firm's Banking and Financial Services Group and contains regulatory and legal updates with expert commentary from our banking attorneys.

Headlines
1. FDIC Issues Guidance to State Banks on Permissible Activities
2. Division of Banks Answers FAQs on New Flood Insurance Law
3. FFIEC: Banks Should Mitigate Cybersecurity Risk by Participating in FS-ISAC
4. Federal Banking Agencies Provide Guidance on Leveraged Lending
5. Other Developments: Money Services Businesses, Deposit Insurance and Sick Time

1. FDIC Issues Guidance to State Banks on Permissible Activities

According to new guidance issued by the FDIC, if a state bank or its subsidiary engages in an activity that the OCC has determined to be permissible for a national bank or its subsidiary, the state bank must maintain certain documentation of that determination if it does not submit an application or notice to the FDIC under Part 362 of the FDIC's rules and regulations. The November 19 guidance, released as FDIC Financial Institution Letter FIL-54-2014, explains that such documentation may take the form of a legal opinion from the bank's counsel, a copy of a relevant statute or OCC regulation, a copy of a relevant OCC circular, bulletin, order, or interpretive letter, or other written documentation satisfactory to the FDIC. According to the guidance, if an activity has been deemed permissible for a national bank but subject to certain conditions or restrictions imposed by the OCC, a state bank generally must abide by the same conditions or restrictions if it wishes to conduct the activity without first obtaining FDIC approval. Documentation that the state bank has satisfied (and continues to satisfy) any such conditions or restrictions should likewise be included in the bank's files. All such documentation is subject to examination by the FDIC, and the FDIC may require the bank to file an application or notice if the FDIC determines that the activity has not been determined to be permissible for a national bank or if the state bank fails to satisfy the OCC's conditions or restrictions.

     Nutter Notes: Part 362 implements the provisions of the Federal Deposit Insurance Act that restrict and prohibit state banks and their subsidiaries from engaging in activities and making investments that are not permissible for national banks or their subsidiaries. For the purpose of the FDIC's guidance and Part 362, the term "activities permissible for a national bank" refers to any activity authorized for national banks under any statute including the National Bank Act, and activities recognized as permissible for a national bank in regulations or written interpretations of the OCC. A state bank that wishes to engage in an activity permissible for a national bank, subject to the same conditions or restrictions imposed by the OCC, is not required to file an application or notice with the FDIC. However, a state bank that wishes to engage in an activity that has not been determined by the OCC to be permissible for a national bank must file an application or notice in accordance with the FDIC's regulations at Part 362 even if the activity is authorized by applicable state law. The guidance notes that some activities are exempt from Part 362 and, as a result, the documentation requirements described in the guidance. For example, Part 362 generally does not cover activities conducted other than as principal, real estate used (or intended to be used) as bank facilities, public welfare investments, or equity investments acquired in connection with debts previously contracted. The guidance reminds banks to ensure that exempt activities are conducted in a safe and sound manner.

2. Division of Banks Answers FAQs on New Flood Insurance Law

The Division of Banks has published answers to frequently asked questions to provide guidance on the Division's implementation of Chapter 177 of the Acts of 2014, An Act Further Regulating Flood Insurance ("Chapter 177"), which was signed into law on July 23, 2014 and became effective on November 20. According to the Division's November guidance, the Division intends to issue regulations under Chapter 177, which will include a form of model notice to satisfy the written notice requirements in Chapter 177. The Division included a sample form of notice with the answers to frequently asked questions for use by creditors until the Division's regulations become effective. Prior to the effective date of the implementing regulations and the model notice, the Division said that the notice required by Chapter 177 may be combined with another disclosure or notice. The Division's guidance advises that any such combined disclosure containing the notice required by Chapter 177 must be provided to the purchaser or owner of the subject real estate at the time the purchaser or owner is notified of the need to purchase or pay for flood insurance in accordance with the timing requirements of the new law. The provisions of Chapter 177 apply to loan applications received on or after November 20 and to any loan application that was pending on November 20 for which the determination of the need to purchase flood insurance was made on or after November 20. Chapter 177 also applies to any existing mortgage on residential property as of November 20 that is not located in a special flood hazard area designated by the Federal Insurance Administrator as of that date, but becomes designated as within a special flood hazard area after that date.

     Nutter Notes: Chapter 177 prohibits creditors and creditors' representatives from requiring flood insurance that is greater than the balance of a residential mortgage loan, includes coverage for contents, or that includes a deductible of less than $5,000. The provisions of Chapter 177 (codified at Massachusetts General Laws chapter 183, section 69) apply to purchase money mortgages, subordinate liens, home equity lines of credit, and home equity loans. Chapter 177 also requires that creditors, creditors' representatives, and insurance producers provide borrowers with a notice about flood insurance coverage before flood insurance is purchased. Creditors and creditors' representatives are required to comply with Chapter 177 before the Division finalizes regulations to implement the new law, including the notice requirements. The Division has issued proposed regulations to implement Chapter 177, and has scheduled a public hearing on the proposed regulations for December 16, 2014. Among other things, the proposed regulations would require a creditor to accept, upon request by the owner of the subject property, a reduction in the amount of flood insurance coverage upon renewal of the required flood insurance policy to an amount equal to the outstanding principal mortgage balance at the beginning of the year in which the renewal would become effective. 

3. FFIEC: Banks Should Mitigate Cybersecurity Risk by Participating in FS-ISAC

The Federal Financial Institutions Examination Council ("FFIEC"), on behalf of the federal banking agencies, has released observations from the recent cybersecurity assessment conducted by the FFIEC and recommended that banks and other regulated financial institutions participate in the Financial Services Information Sharing and Analysis Center ("FS-ISAC"). The FS-ISAC is a non-profit, information-sharing organization established by the financial services industry to share physical and cybersecurity threat and vulnerability information. The FS-ISAC issues physical and cybersecurity threat alerts and other critical information to financial institutions, including analyses and recommended solutions from security experts. According to the FFIEC, the banking agencies expect financial institutions of all sizes to monitor and maintain sufficient awareness of cybersecurity threats and vulnerability information to evaluate risk and respond accordingly. This requires financial institution management and third party technology service providers to put in place methods for obtaining, monitoring, sharing and responding to threat and vulnerability information about rapidly evolving cybersecurity risks, according to the FFIEC.

     Nutter Notes: During the summer of 2014, the FFIEC member agencies conducted a cybersecurity assessment at more than 500 community banks and other financial institutions to evaluate the institutions' preparedness to mitigate cybersecurity risks. The assessment supplemented regularly scheduled examinations and built upon certain supervisory expectations contained within existing FFIEC information technology handbooks and other regulatory guidance. The FFIEC's Cybersecurity Assessment General Observations, released on November 3, suggests questions that chief executive officers and boards of directors may wish to consider when assessing their institutions' cybersecurity preparedness. The federal banking agencies expect banks to understand their cybersecurity risks and consider current practices and overall preparedness, focusing on risk management and oversight, threat intelligence and collaboration, cybersecurity controls, external dependency management, and cyber incident management and resilience. The agencies said that they view information sharing as an important element of a bank's cybersecurity risk management processes which should include the ability to identify, respond to, and mitigate cybersecurity threats and incidents.

4. Federal Banking Agencies Provide Guidance on Leveraged Lending

The federal banking agencies have published guidance in the form of answers to frequently asked questions ("FAQs") on the Interagency Guidance on Leveraged Lending jointly issued by the agencies on March 22, 2013. According to the FAQs released on November 13, it is not acceptable for a bank to articulate a leveraged loan definition that requires a loan to meet a "purpose test," such as buyout, acquisition, or capital distribution, in addition to other criteria. The agencies said that they expect banks to establish sound underwriting and risk management processes for a broad range of credits to leveraged borrowers, and that management should consider each of the common characteristics discussed in the leveraged lending guidance individually to identify leveraged loans for purposes of the institution's internal definition. The FAQs clarify that excluding loans from the leveraged lending category solely because they do not meet a purpose test is inconsistent with a comprehensive risk management framework for leveraged lending. The FAQs also discuss how a bank should classify a loan as leveraged lending and how to determine whether an asset-based loan may be excluded from leveraged lending. According to the FAQs, the asset-based loan exclusion under the leveraged lending guidance is meant to allow exclusion of asset-based loan facilities when they are the dominant source of ongoing funding for a borrower.

     Nutter Notes: According to the federal banking agencies, the leveraged lending guidance is intended to help banks strengthen risk management frameworks to ensure that leveraged lending activities do not increase risk in the banking system through the origination and distribution of poorly underwritten and low-quality loans. The guidance contained in the FAQs is intended by the agencies to promote consistent application and implementation of the leveraged lending guidance, particularly with respect to loans with non-pass risk ratings, trading desk activities, underwriting standards, and examinations. The FAQs also address differences between the leveraged lending guidance and the FDIC's deposit insurance assessment rule. The FDIC defines higher-risk commercial and industrial loans differently than leveraged loans defined under the leveraged lending guidance. The FDIC assessment rule contains several specific tests to determine whether a C&I loan is considered higher risk for deposit insurance assessment purposes (which is generally applicable to the risk-based assessment rate of institutions with total assets over $10 billion), whereas the leveraged lending guidance does not establish a uniform definition for leveraged loans. The FAQs apply to all banks, including community institutions, though the agencies recognize that only a limited number of community institutions have exposure to leveraged loans.

5. Other Developments: Money Services Businesses, Deposit Insurance and Sick Time 

  • FinCEN Clarifies Expectations for Banks Serving Money Services Businesses

The Financial Crimes Enforcement Network ("FinCEN") issued a statement on November 10 clarifying that banks should not terminate the accounts of money transmitters indiscriminately in an effort to comply with the Bank Secrecy Act ("BSA"). According to the statement, which was issued in response to concerns that banks are denying services to money transmitters as a class, banks should assess the risk of serving a money services business based on customer due diligence reviews conducted to establish the risk that each potential customer poses.

     Nutter Notes: According to the statement, banks should conduct due diligence commensurate with the risk each potential money services business poses and should understand the customer's business model and general nature of the customer's own customer base. FinCEN also stated that banks do not need to know the business's individual customers to comply with the BSA. The OCC also issued a Statement on Risk Management Associated with Money Services Businesses on November 19, which provides similar guidance to national banks and federal savings associations on supervisory expectations for serving money services businesses. 

  • FDIC Amends Assessment Rule to Reflect Regulatory Capital Rules

The FDIC announced on November 24 the adoption of amendments to its risked-based deposit insurance assessment rule that revise the assessment system to incorporate changes in the regulatory capital rules that go into effect in 2015 and 2018. For deposit insurance assessment purposes, the amended rule will revise the ratios and ratio thresholds relating to capital evaluations, revise the assessment base calculation for custodial banks, and require that all highly complex institutions measure counterparty exposure for assessment purposes using the Basel III standardized approach in the new regulatory capital rules.

     Nutter Notes: The revised ratios and ratio thresholds relating to capital evaluations will become effective on January 1, 2018, and generally apply to all institutions with less than $10 billion in assets. The revised assessment base calculation for custodial banks will become effective on January 1, 2015, and applies to all custodial banks, including those institutions with under $1 billion in total assets. The changes to counterparty exposure measurement will also become effective on January 1, 2015, and do not apply to institutions under $1 billion in total assets. 

  • Massachusetts Voters Approve Sick Time Law

On November 4, Massachusetts voters approved Ballot Question 4, which makes Massachusetts the third state in the nation to guarantee paid sick time to employees. Under the new law, Massachusetts employers, including banks, must allow employees to accrue one hour of sick time for every 30 hours worked, up to a maximum of 40 hours of sick time per calendar year. The new law will be effective July 1, 2015.

     Nutter Notes: Employers with 11 or more employees (including both part-time and full-time employees) must treat this sick time as paid time off; employers with 10 or fewer employees can provide the sick time as unpaid time off. An employee may carry over up to 40 hours of unused sick time to the next calendar year, but employers may limit an employee's use of sick time to 40 hours in a calendar year. Employers are not required to pay employees for any accrued but unused paid sick time at the termination of an employee's employment.


Nutter Bank Report

Nutter Bank Report is a monthly electronic publication of the Banking and Financial Services Group of the law firm of Nutter McClennen & Fish LLP. Chambers and Partners, the international law firm rating service, after interviewing our clients and our peers in the profession, has ranked Nutter's Banking and Financial Services practice among the top banking practices in the nation. The 2012 Chambers and Partners review says that a "broad platform" of legal expertise in the practice "helps clients manage challenges and balance risks while delivering strategic solutions," while the 2013 Chamber and Partners review reports that Nutter's bank clients describe Nutter banking lawyers as "proactive" in their thinking, "creative" in structuring agreements, and "forward-thinking in terms of making us aware of regulation and how it may impact us," which the clients went on to describe as "indicative of a true partner." The 2014 Chamber and Partners review describes us as "great – very knowledgeable, very responsive and very nice." Visit the U.S. rankings at ChambersandPartners.com. The Nutter Bank Report is edited by Matthew D. Hanaghan. Assistance in the preparation of this issue was provided by Liam T. O'Connell and Lisa M. Jentzen.

The information in this publication is not legal advice.