Regulatory Developments

CFPB Affirms Banks Risk UDAAP for Unilaterally Re-Opening Consumer Accounts After Account Closure

On May 10, the CFPB issued a Consumer Financial Protection Circular warning that a bank risks violating the Consumer Financial Protection Act's prohibition on unfair acts or practices if it unilaterally reopens a closed consumer account, on the basis that consumers often cannot reasonably avoid resulting overdraft, nonsufficient funds, or monthly maintenance fees (i.e., "the harvesting of illegal junk fees"). In addition, the unilateral re-opening of consumer accounts by a bank can result in consumer funds becoming vulnerable to third parties, including creditors, or the bank furnishing negative information to consumer reporting agencies in the event of a negative balance.

"When a bank unilaterally chooses to open an account in someone's name after they have already closed it, this is a fake account."

- CFPB Director Rohit Chopra

SEC's EXAMS Issues Risk Alert on Safeguarding Customer Records and Information at Branch Offices

On April 26, the SEC's EXAMS issued a risk alert to emphasize the importance of establishing and maintaining written policies and procedures for the safeguarding of customer records and information at branch offices. The Safeguards Rule of Regulation S-P requires broker-dealers and investment advisers (firms) to adopt and implement written policies and procedures that address administrative, technical and physical safeguards for the protection of customer records and information. The risk alert is in response to EXAMS staff identifying scenarios where firms implemented policies and procedures at main offices but failed to replicate those practices for branch offices.

According to the risk alert, staff identified particular areas of concern regarding vendor management, email configuration, data classification, access management and technology risk. The risk alert noted that, as compared to main offices, branch offices featured weak or inconsistent access controls, insufficient data encryption, an absence of ongoing employee training regarding information security and insufficient supervision of third-party vendors responsible for customer records and information. EXAMS encourages all firms to consider their entire organization, especially branch offices, when implementing written policies and procedures to ensure compliance with Regulation S-P.

Enforcement and Litigation Updates

SEC Files First Enforcement Complaint Under Liquidity Rule

On May 5, the SEC filed its first enforcement complaint under Rule 22e-4 of the Investment Company Act of 1940, 17 C.F.R. § 270.22e-4 (the Liquidity Rule). The complaint was brought against a mutual fund's investment adviser, two fund officers, and its two independent trustees for willfully aiding and abetting the fund's violations of the Liquidity Rule. Simultaneously with the filing of the complaint, the SEC announced a related administrative settlement with the fund's interested trustee, also for willfully aiding and abetting the fund's violations. Although the complaint's filing and the related administrative settlement demonstrate that the SEC is prepared to bring enforcement actions for violations of the Liquidity Rule, the underlying allegations suggest that the SEC's focus, at least initially, is on situations involving intentional and, seemingly, egregious misconduct.

Learn more about this enforcement complaint in a recent client alert.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.