Skip to main content

OFAC Extends Record Retention Requirements

Written by admin on . Posted in Advice, Blog, Compliance & Regulations, Consultation, News.

By Veronica Madsen; Consultant, Young & Associates

On March 21, 2025, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) published its final rule to adopt the interim final rule extending certain recordkeeping requirements from five to 10 years. This extension is consistent with the statute of limitations for violations of certain sanctions administered by OFAC and became effective on the date of publication in the Federal Register.

The final rule also extended the period during which civil monetary penalties may accrue for late filing of reports required to be submitted to OFAC (e.g., blocked property and reject reports or reporting required under specific licenses), from five years to 10 years. The potential penalty amounts did not change.

The changes stemmed from the 21st Century Peace through Strength Act (Public Law 118-50), signed into law on April 24, 2024, which extended the statute of limitations for civil and criminal violations of the International Emergency Economic Powers Act (50 U.S.C. 1701), and the Trading with the Enemy Act (50 U.S.C. 4301), from five years to 10 years.

OFAC published an interim final rule on September 13, 2024, and requested public comment. Despite the concern financial institutions needed more time to acquire additional resources and storage capacity, and to adjust their current recordkeeping practices to conform to the new recordkeeping requirements, OFAC finalized the rule as written due to the length of time provided since the law was passed.

What Records Must Be Retained Longer?

Under the Federal Financial Institutions Examination Council (FFIEC) BSA/AML Examination Manual, transactions subject to the extended record retention requirement relate to the full and accurate record of each rejected transaction, including all reports submitted to OFAC. For blocked property (including blocked transactions), records must be maintained for the period the property is blocked and for 10 years after the date the property is unblocked.

How Should Banks Prepare for this Change?

Because the rule became effective upon publication, banks that have not already prepared for this change should ensure their systems are updated to retain these documents longer; policies, procedures and the OFAC risk assessment are amended to reflect the new retention requirement and extended risk of penalties associated with late filings; prepare or amend training content; and prepare for potentially increased compliance costs.

Conclusion

Navigating this kind of regulatory shift can feel overwhelming, especially when it demands swift operational changes and long-term strategic planning. That’s where Young & Associates can help. Our compliance experts are ready to assist with updating your OFAC programs, reviewing risk assessments, and supporting your team in building a sustainable, compliant approach to record retention. Contact us today to ensure your institution is fully prepared for this new 10-year horizon.

Incorporating Core Competencies into Performance Reviews

Written by admin on . Posted in Advice, Blog, Consultation, Human Resources, News.

A Strategic Approach for Organizational Success

By Clarissa Sinchak, PHR; Director of HR, Young & Associates

It is widely known that performance reviews are key to how your organization can measure individual and, ultimately, company-wide growth and success. Performance reviews are not just about measuring what employees have accomplished throughout the year but are also created to identify opportunities to grow, develop, and achieve their full potential through meaningful and intentional conversations with their managers. Additionally, they offer a chance to recognize achievements, identify areas for improvement, and set future goals and objectives. However, the real power of performance reviews is evident when core competencies are strategically aligned with your company’s goals. In doing so, it ensures that individual employee contributions are recognized and directly tied to the mission and vision of the organization, ultimately fostering a purpose-driven workforce.

What Are Core Competencies?

In today’s competitive business world, organizations must possess specific strengths to separate themselves from the competition to guarantee long-term success. These strengths, also known as core competencies, are the organization’s established foundational knowledge, skills, defining products, services, and capabilities that give a business an advantage over its competitors, ultimately driving its growth. These are behaviors and skills that employees in your company often either inherently possess or aim to develop over time to achieve their personal goals and perform well in their roles.

When core competencies are clearly defined and communicated, it also helps ensure that all employees can see a direct connection to the organization’s mission, promoting a more significant commitment and greater individual contributions. By aligning core competencies with organizational goals, business leaders can ensure that employees prioritize the desired behaviors and work habits that contribute to them.

Some common examples of core competencies might include, but are not limited to:

  • Initiative
  • Decision-Making
  • Teamwork
  • Communication
  • Adaptability
  • Client Service
  • Technical Job Knowledge
  • Interpersonal Skills
  • Integrity

How To Develop Your Organization’s Core Competencies

Developing core competencies within your organization requires deliberate thought, strategic alignment with the company’s long-term goals, and a commitment to continuously improving. Business leaders should take a systematic approach when incorporating core competencies into the performance review processes.

Defining the Organization’s Mission & Goals

First, developing core competencies begins with understanding the organization’s purpose and aspirations, so business leaders should clearly define this in addition to their goals. Once this is achieved, they should openly communicate their strategy to the employees to create buy-in and to gain an overall understanding. A clearly articulated company vision is the basis for identifying the areas where the organization must excel. Transparency in communication by the leaders ensures that the core competencies are focused on capabilities that directly contribute to the company’s competitive positioning.

Identifying Strengths & Gaps in Current Capabilities

A second essential step in creating core competencies is identifying your company’s strengths and gaps. Leaders can evaluate and analyze current skills, resources, and processes by working with human resources to conduct an internal assessment. This analysis highlights areas of expertise within the organization and exposes any opportunities for improvement. Understanding your organization’s current state makes it easier to create development initiatives in the areas that guarantee the most significant value.

Fostering a Culture of Learning & Development

A third key step in developing core competencies is promoting a workplace culture that prioritizes learning and development for employees at all levels of the organization. Investing in their growth is imperative because employees are fundamental to any company’s success. When training programs, mentoring, and knowledge-sharing programs are offered, employees will be empowered to build expertise in the company’s defined core competencies. Promoting open and ongoing communication, recognizing achievements, and encouraging accountability ensures employees work towards the same objectives.

Continuously Evaluating & Adapting Competencies

Lastly, it is essential to note that core competencies require continuous modification and evaluation as your company’s goals progress over time. For example, the market might change, client expectations might evolve, and competitors undoubtedly will vary over time. Therefore, evaluating and monitoring your core competencies and considering these potential changes is critical. Continuously assessing the effectiveness of these core competencies within performance reviews while simultaneously benchmarking against your industry’s standards is essential to guarantee that they remain relevant and have a desired impact. This creates a consistent and ongoing framework for evaluating employee contributions, making reviews transparent and predictable while reinforcing the organization’s core values and priorities.

In summary, establishing core competencies within your organization is a significant undertaking that combines internal strategy and alignment while focusing on developing your employees to set them up for success. Companies that can build and maintain these core competencies position themselves to grow and thrive. By incorporating core competencies into performance reviews, companies will see an uptick in employee engagement and the desire to increase their productivity to enable the organization to propel forward.

2025 Begins with a Normal Yield Curve – But Where is the Risk?

Written by admin on . Posted in Advice, Blog, Consultation, Interest Rate Risk, Liquidity Management, Management & Planning, News, Risk Management.

By Michael Gerbick; President, Young & Associates

On Wednesday, January 29, 2025, Jerome Powell and the Federal Open Market Committee (FOMC) decided to maintain the target range for the federal funds rate at 4.25 – 4.50 percent after three successive cuts totaling 100 bps in September, November, and December. There continues to be heightened attention and focus on the yield curve, and for valid reasons, as the curve’s shift has been dramatic in recent years.

The chart below shows the yield curve at five different points in time from January 2022 to Tuesday, February 18, 2025. The shape of the curve has gone from normal to inverted and now back to normal. Looking at a few different US Treasury Bond maturities over the last 14 months, you can see the one month yield has decreased over 120 bps and the 20 year has increased over 60 bps! Each rate curve shape and elevation imply different opportunities for your balance sheet. A more asset-sensitive and positive gap on a balance sheet may be more attractive for earnings in the short term and helpful when the Fed was raising rates in 2022 and 2023.  A more liability-sensitive and negative gap on a balance sheet may be more attractive for earnings in the short term as the Fed reduces rates. Your ALCO is likely well-versed in these shifts and has been managing these drastic movements and their impact on the Bank’s overall strategy.

The normal yield curve indicates improved expectations for economic growth in the years ahead. That said, there is also caution for inflation. When the Fed began rate reductions, there were discussions regarding more cuts totaling 100 bps by year end 2025, then these ambitious views have shortened to perhaps two cuts of 25 bps each. The yield curve is still elevated from what it was several years ago and the Fed Funds rate is higher than the previous cycle’s peak of 2.25 – 2.50 percent in 2018-2019. The consumer is more savvy than they were at that time as well.

At the end of 2024, we spent time interviewing some of our community banker colleagues to gain a pulse on what they are talking internally about in their ALCO meetings concerning interest rate risk. As expected, there is an overall sense of relief to have a normal yield curve instead having to manage to the inverted one of recent years. There is still an overall sense of caution headed into 2025 for many reasons, with two key factors briefly discussed in the following sections.

Cost of Deposits

Community banks may not realize the full impact of the Fed’s rate reduction in their cost of deposits. Given the continued elevated competition for deposits and the more savvy consumer, community banks may find their deposit rate offering slower to adjust than the Fed’s rate movements and some may see their interest expense actually increase in 2025. There may also be migration to more longer term duration CDs (movement from less than 6 months to 1 year or more). Yes, longer term CDs will keep the deposit costs higher than non-maturity but will create welcomed funding stability for the bank. Continued focus on the bank’s deposit makeup and shifts are necessary. Staggering the CD maturities will be critical for community banks to manage this new environment so as to maintain adequate liquidity levels as CDs mature and consumers make a choice to reinvest, migrate to shorter term or perhaps withdraw their funds.

Investments

Many investments were made by community banks with PPP funds and other excess liquidity in a low rate environment back in 2021. The Fed raised rates 550 bps and many of those investments contributed to a significant amount of unrealized loss. Now, the Fed cut rates 100 bps and the yield curve is no longer inverted. The rates are still elevated and there are still a significant amount of investments on community banks’ balance sheets with unrealized losses. The chart below shows the fair value of investment portfolio expressed as a percent of the amortized cost of the investment portfolio over the last four years for commercial banks.

You can see all three asset sizes over the last four years have a similar trend line. Consider a bank having $100MM in their security portfolio, it is likely its portfolio is currently $7-$10MM underwater. This changes each day as these investments continue to reprice and mature over time.  As they do, bank management is faced with how best to serve its bank either in reinvesting short-term or long-term within their investment portfolio or funding higher yielding loan growth opportunities. Each has liquidity and capital implications that must be considered.

Conclusion

Community banking is resilient and the conversations with community bankers reveal their drive to prepare and plans for managing risk in 2025 and beyond. ALCO and Boards of Directors should continue their sharp focus on managing interest rate risk.  If the deposit competition is fierce for your Bank and interest expense in 2025 is expected to be elevated, then focus on what is within your bank’s control. On the asset side of the balance sheet, consider paying attention to the loan and investment portfolios and when they are repricing, what additional loan fee income can be generated, revisiting discussions and confirming the types of loans the bank is comfortable making.

When considering interest rate risk, confirm your bank’s risk profile and always remember to stay within the Board approved risk parameters. Your bank’s balance sheet may have experienced significant change away from a neutral risk position given the economic environment in recent years. If you have found your bank is outside the risk parameters, discuss strategies with your Board that are designed to get the bank back within acceptable risk thresholds.  Always be clear with the Board on expectations and inform them we may not be able to fix this overnight.  One banker said it best when providing advice for community bankers trying manage the interest rate risk of the bank, “Always manage the bank’s IRR to a better position, even if getting to that position takes years …don’t get ahead of your skis and try to do it all in one day.”

Lastly, thank you to those community bankers that spent their time discussion IRR and sharing their insights in the interest of helping other community bankers.

If you’d like to hear more about our ALM services, specifically interest rate risk and liquidity risk reviews, please reach out as we would be happy to discuss and assist.

Compliance – 2025 & Beyond

Written by admin on . Posted in Advice, Blog, Compliance & Regulations, Consultation, News.

By Bill Elliott, CRCM; Director of Compliance Education, Young & Associates

Over the last few years we have dealt with changes to regulation, followed by lawsuits, followed by resolution (in some cases).

The original intent of the CFPB was to have a governmental department that was independent of the rest of the federal government. The leader of the CFPB. would not be a political appointment. For good or ill, that has changed due to decisions by the Supreme Court. As a result, this agency has become part of each administration, and experiences changes in direction based on the results of elections.

Some of the discussion below includes other agencies, as they are part of the same trend.

CRA

The new CRA rule was published and was due to be implemented in part last year. However, there is a lawsuit  pending, challenging the regulation. That lawsuit still has not reached the resolution stage, and all federal regulators have said publicly that they are going to follow the old CRA regulation until resolution occurs.

The intent of the new CRA regulation was to try to take as much examiner judgment out of the rating system as possible, with the result of fairer reviews for banks. While an excellent goal, I am not sure that the pending regulation accomplishes this. In any event, all banks and regulators will follow the existing regulation until the court battles have concluded. The CFPB is not part of the new CRA rule, just the primary regulators, but this is part of the same trend.

Beneficial Ownership

Congress passed the Corporate Transparency Act requiring that beneficial ownership information be collected by the federal government. That process began in 2024, and required your smaller commercial customers to share a lot of information with the federal government.

The federal government said that compliance was actually going well. But late in 2024, once again in response to a lawsuit, everything ground to a halt. Your customers who have not yet complied may have to comply at some point in the future, and are welcome to comply now, but currently do not have to comply.

The lawsuit generally is regarding  the issue of whether a law such as this could be passed by Congress in the first place. We do not know where it will go from here, and because of the issue, we may have to wait for the Supreme Court to rule on it. Another example of the current environment.

1071

1071 (Regulation B, Subpart B)  is perhaps the regulation that will create the greatest problems for banks and their customers. Although implementation is a year or more in the future for many banks, the current regulation will be considered invasive by your customers. Amongst other things, the regulation requires banks to ask small business owners their sexual preferences, orientations, etc. Many of your customers will consider this none of the government’s business. And this particular information is not required under the Dodd Frank Act.

While a small business owner could be discriminated because of their LGBTQ+ status, we would hope that that would not happen. This is a rule with good intentions, however, the approach in  the regulation will create more difficulties for banks and their small commercial  customers than we would like. We will see what happens with the change in administration and CFPB leadership.

Conclusion

There are other rules pending. For instance, privacy is becoming a bigger and bigger issue as we get more and more electronic. These sorts of regulations are probably going to be useful. but we will have to wait and see how the final regulations read, and then maybe wait through lawsuits once again.

A regulatory environment that was less chaotic would be better for all of us, but that does not appear to be something that we can count on. Enjoy the ride.

In this ever-changing environment, having a knowledgeable compliance partner is essential. At Young & Associates, we specialize in helping financial institutions interpret, implement, and manage compliance requirements with confidence. Whether you need regulatory guidance, risk assessments, or compliance program reviews, our team is here to support you.

Reach out to Young & Associates today to discuss your compliance needs and ensure your institution is prepared for the road ahead.

Checking Your BSA Program Is More Important Than Ever

Written by admin on . Posted in Advice, Blog, BSA & AML, Compliance & Regulations, Consultation, Internal Audit, News.

By William J. Showalter, CRCM; Senior Consultant, Young & Associates

Over the past year, we have seen at least 27 Bank Secrecy Act (BSA) enforcement actions from an array of financial institution supervisory agencies.  Banks of all sizes, including community banks, continue to be hit with cease and desist (C&D) orders, formal agreements, consent orders, and even civil money penalties (CMP).  Five of these actions involved monetary penalties of some sort totaling nearly $4 billion – all but about $109 million coming from one case with four federal agency actions against one bank, and one $100,000 CMP imposed against an individual for BSA noncompliance.  These enforcement actions remind us that even community banks and thrifts must have thorough and well-managed BSA compliance programs.

The enforcement actions do not spell out specifics of what the agencies found at each institution, but they do give us important insights into what the regulators will expect during your next BSA compliance exam.

Community banks should evaluate their BSA compliance programs in light of the corrective actions that these institutions are required to take.

Another important issue that financial institution management should remember is that the USA PATRIOT Act made BSA compliance as important as Community Reinvestment Act (CRA) compliance in getting an application approved.  The act adds BSA as a factor for consideration in merger transactions. The agency must take into consideration “the effectiveness of any insured depository institution involved in the proposed merger transaction in combating money laundering activities.”  This means that banks and thrifts must have more than a written BSA program.  They must be able to demonstrate that the program works.

BSA Compliance Programs

All insured banks and thrifts are required to develop, administer, and maintain a program that assures and monitors compliance with the BSA and its implementing regulations, including recordkeeping and reporting requirements. Such a program can help protect a bank against possible criminal and civil penalties and asset forfeitures.

At a minimum, a bank’s internal compliance program must be written, approved by the board of directors, and noted as such in the board meeting minutes. The program must include at least the following elements:

  • A system of internal controls to assure ongoing compliance
  • Independent testing of compliance
  • Daily coordination and monitoring of compliance by a designated person
  • Training for appropriate personnel
  • Risk-based customer due diligence/beneficial ownership procedures

Internal Controls

Senior management is responsible for assuring an effective system of internal controls for the BSA, including suspicious activity reporting, and must demonstrate its commitment to compliance by:

  • Establishing a comprehensive program and set of controls, including account opening, monitoring, and currency reporting procedures
  • Requiring that senior management be kept informed of compliance efforts, audit reports, identified compliance deficiencies, and corrective action taken – to assure ongoing compliance
  • Making BSA compliance a condition of employment
  • Incorporating compliance with the BSA and its implementing regulations into job descriptions and performance evaluations of bank personnel

Independent Testing of Compliance

The bank’s internal or external auditors should be able to:

  • Attest to the overall integrity and effectiveness of management systems and controls, and BSA technical compliance
  • Test transactions in all areas of the bank with emphasis on high-risk areas, products, and services to assure the bank is following prescribed regulations
  • Assess employees’ knowledge of regulations and procedures
  • Assess adequacy, accuracy, and completeness of training programs
  • Assess adequacy of the bank’s process for identifying suspicious activity

Internal review or audit findings should be incorporated after each assessment into a board and senior management report and reviewed promptly.  Appropriate follow up should be assured.

Regulators increasingly expect the BSA audit or testing program to also include these elements:

  • Confirmation of the integrity and accuracy of management information reports used in the AML compliance program
  • Overall integrity and effectiveness of the program
  • Evaluation of management’s efforts to resolve violations deficiencies
  • Evaluation of the effectiveness of the suspicious activity monitoring systems
  • Review of the BSA risk assess­ment for reasonableness given the bank’s risk profile

BSA Compliance Officer

A bank or thrift must designate a qualified bank employee as its BSA compliance officer, who has day-to-day responsibility for managing all aspects of the BSA compliance program and compliance with all BSA regulations.  The BSA compliance officer may delegate certain BSA compliance duties to other employees, but not compliance responsibility.

The bank’s board of directors and senior management must assure that the BSA compliance officer has sufficient authority and resources – time, funding, staffing – to administer effectively a comprehensive BSA compliance program.  And, the BSA officer must have a direct reporting channel to the board of directors.

Board of Directors

The board must ensure that it exercises supervision and direction of the BSA/AML program.  This involves making sure that the institution develops sound BSA/AML policies, procedures, and processes that are approved by the board and implemented by management.  The board also has to ensure that the bank maintains a designated BSA officer with qualifications commensurate with the bank’s situation.  As noted above, the BSA officer must report directly to the board and be vested with sufficient authority, time, and resources.  The board must provide for an adequate independent testing of BSA/AML compliance.  The board should bear in mind that it has the ultimate responsibility for the institution’s BSA compliance.

Training

Financial institutions must ensure that appropriate bank personnel are trained in all aspects of the regulatory requirements of the BSA and the bank’s internal BSA compliance and anti-money laundering (AML) policies and procedures.

An effective training program includes provisions to assure that all bank personnel, including senior management, who have contact with customers (whether in person or by phone), who see customer transaction activity, or who handle cash in any way, receive appropriate training.  Board members also need to receive regular BSA/AML training, though at a much higher level with less detail than institution line employees.

The training needs to be ongoing and incorporate current developments and changes to the BSA, AML laws, and agency regulations.  New and different money laundering schemes involving customers and financial institutions should be addressed.  It also should include examples of money laundering schemes and cases, tailored to the audience, and the ways in which such activities can be detected or resolved.

Another focus of the training should be on the consequences of an employee’s failure to comply with established policy and procedures (e.g., fines or termination).  These programs also should provide personnel with guidance and direction in terms of bank policies and available resources.

Beneficial Ownership Procedures

The beneficial ownership rule contains three core requirements:

  • Identifying and verifying the identity of the beneficial owners of companies opening accounts
  • Understanding the nature and purpose of customer relationships to develop customer risk profiles, and
  • Conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information

A beneficial owner is an individual who owns more than 25 percent of the equity interest in a company or is the single individual who exercises control.  Also subject to these requirements is the one person who has control of each legal entity customer.

Beyond the Basics

BSA enforcement actions continue to raise the bar for all financial institutions.  BSA compliance programs must meet additional standards in order to be considered adequate to meet the ever-evolving challenges that arise over time.

  • Customer due diligence (CDD). Verifying a customer’s name, address, date of birth and identification number will satisfy the basic BSA customer identification requirements.  However, these four pieces of information will not be enough to help an institution deter­mine a customer’s typical account activity.  The recent C&D orders make clear that regulators expect community bank managers to use information collected as part of the institution’s CDD process to predict the type, dollar amount, and volume of transactions that a customer is likely to conduct.  This expectation goes beyond the new beneficial ownership rule to extend CDD expectations to the broader customer base.Several institutions subject to the recent round of enforcement actions were directed to develop specific procedures to describe how the institu­tion will conduct customer due diligence.  As computer and software technology has improved, regulators have come to expect small and large banks to gather and review information about the normal range of a customer’s banking activities.  They view the CDD processes and analysis as providing the framework that enables institutions to comply with suspicious activity reporting requirements.
  • Account & transaction monitoring. A number of institutions that received the most recent orders did not have adequate, or any, procedures for detecting and reporting suspi­cious activities. The enforcement actions make clear that community banks must specify in writing how the institu­tion will analyze and use customer information to detect suspicious activities.  As this area gets more complex, it becomes more difficult to try to maintain an adequate suspicious activity monitoring regimen without some form of automated monitoring.

Conclusion

The costs of being subject to an enforce­ment action go beyond extra regulatory scrutiny in subsequent examinations.  Institutions under the latest round of actions must report the enforcement action in communications with their shareholders and spend significant sums of money to hire outside consultants to train employees, audit the revised BSA programs and backfile required reports.  They also must submit planned actions to the regulators involved for prior approval, as well as report regularly (usually quarterly) on their progress in remediating the deficiencies that led to their particular enforcement action.

An interagency BSA enforcement policy statement clarifies that formal enforcement actions will not be issued for minor BSA infractions.  These enforcement actions are levied against financial institutions – including community banks – with significant breakdowns in their BSA compliance systems.  The consent and other orders illustrate that all banks are ex­pected to have very specific procedures for how they will collect customer information, predict customer account ac­tivity, utilize transaction monitoring reports, and train and manage employees with BSA-related responsibilities.

Be sure that you are not an object lesson for your banking fellows.  If we can help, contact us today.

The Future of Mortgage Loan Buybacks

Written by admin on . Posted in Advice, Blog, Compliance & Regulations, Consultation, Internal Audit, Mortgage Quality Control, News.

Mitigating Repurchase Risk Before It’s Too Late

By Donald Stimpert, Manager of Secondary Market QC, Young & Associates

Understanding the Rising Risk of Loan Buybacks

The secondary mortgage market is evolving rapidly, and with it, lenders face increasing pressure to maintain strict quality control (QC) standards. Loan buybacks—once considered an occasional risk—have become a growing concern as investors, government-sponsored enterprises (GSEs), and regulatory bodies scrutinize loan origination and underwriting processes more closely.

Recent economic uncertainty, fluctuating interest rates, and regulatory changes have only amplified repurchase risks, making it imperative for financial institutions to adopt proactive strategies to mitigate potential buybacks before they impact profitability.

Why Are Mortgage Buybacks Increasing?

Several factors contribute to the rise in loan repurchase demands, including:

1. Heightened Investor Scrutiny

With a more volatile lending environment, investors and GSEs such as Fannie Mae and Freddie Mac are intensifying post-closing reviews to identify underwriting errors, miscalculations, and misrepresentations.

2. Rising Interest Rates and Loan Performance Issues

As interest rates climb, borrowers with recent mortgages may be at a higher risk of delinquency. A worsening performance trend in loans increases investor caution, leading them to revisit underwriting quality and enforce buybacks when defects are found.

3. Evolving Regulatory Standards

The Consumer Financial Protection Bureau (CFPB) and other regulators continue to refine lending requirements, particularly around fair lending, borrower income verification, and compliance with TRID (TILA-RESPA Integrated Disclosure) rules. Lenders who fail to maintain strict adherence to these standards may see increased buyback requests.

4. Defect Trends in Loan Underwriting

Recent QC reports indicate a surge in defects related to:

  • Income calculation errors
  • Debt-to-income (DTI) miscalculations
  • Missing documentation
  • Undisclosed liabilities
  • Misrepresentation of borrower information

Even minor discrepancies can trigger a repurchase demand, highlighting the need for enhanced QC measures.

Strategies to Minimize Repurchase Risk

To reduce exposure to loan buybacks, lenders must strengthen their QC frameworks and proactively address risk areas before loans reach the secondary market.

1. Strengthen Pre-Funding and Post-Closing QC Reviews

Implementing a robust pre-funding QC process helps catch potential defects before loans are sold, significantly reducing repurchase risk. Post-closing audits should be conducted consistently, ensuring that any issues are corrected before investor scrutiny.

2. Enhance Data Validation and Borrower Verification

Investors are increasingly focused on data integrity. Lenders must adopt advanced verification tools to cross-check borrower information, income, employment history, and undisclosed debts, minimizing the risk of fraud and errors.

3. Implement Targeted Sampling for QC Reviews

Rather than relying solely on random sampling, lenders should integrate risk-based QC sampling that focuses on high-risk loan categories, such as self-employed borrowers, non-traditional income sources, or jumbo loans.

4. Maintain Open Communication with Investors and GSEs

Establishing proactive dialogue with investors, servicers, and GSEs can help lenders identify evolving QC expectations and regulatory shifts, allowing them to adjust policies before issues escalate into buyback requests.

5. Conduct Regular Staff Training and Compliance Refreshers

Underwriting and QC staff should receive continuous training on updated investor guidelines, industry best practices, and regulatory changes. Well-informed teams are less likely to overlook critical details that lead to defects.

A More Proactive Approach to Mortgage QC

The risk of loan buybacks is unlikely to disappear, but financial institutions that take a proactive approach to mortgage quality control will be better positioned to minimize losses, maintain strong investor relationships, and protect their bottom line.

By integrating technology-driven audits, enhanced borrower validation, and risk-based QC sampling, lenders can significantly reduce repurchase exposure and navigate the evolving secondary market with confidence.

Is your institution prepared to mitigate repurchase risk? Young & Associates offers customized Mortgage QC solutions designed to enhance your quality control processes and protect your loan portfolio. Contact us today to learn how we can help safeguard your secondary market loan sales.

Key Insights from CFPB Supervisory Highlights, Winter 2024

Written by admin on . Posted in Advice, Blog, Compliance & Regulations, Consultation, News.

As the regulatory environment continues to evolve, the CFPB’s latest Supervisory Highlights offer crucial insights for financial institutions navigating an increasingly complex landscape. Issue 37 shines a spotlight on deposit operations, credit furnishing practices, and the burgeoning short-term lending market, while also addressing significant enforcement actions and new rules. Here’s what community banks need to learn—and act on.

Overdraft Fees: A Continuing Challenge

For years, overdraft and non-sufficient funds (NSF) fees have drawn regulatory scrutiny. This issue of Supervisory Highlights confirms that some practices—such as re-presentment NSF fees and Authorize-Positive Settle-Negative (APSN) overdraft fees—remain problematic. Despite progress, core processors often set fee structures to charge these fees by default unless institutions actively intervene.

Takeaway for Community Banks
It’s time to re-evaluate fee structures. Ensure that your core processor’s systems are configured to align with updated regulatory expectations. Educate staff and consumers about these changes to build trust and avoid regulatory pitfalls.

Furnishing Data: Accuracy Matters

Banks that furnish data to credit reporting agencies are under the microscope. The CFPB found widespread failures to maintain procedures for identity theft notifications, conduct thorough investigations of disputes, and ensure data accuracy. This isn’t just about compliance—it’s about your reputation.

Actionable Insight
Community banks should strengthen internal controls and train employees on handling credit disputes. Investing in accurate, consumer-friendly data practices not only mitigates risk but also reinforces your institution’s credibility.

Short-Term Lending: Transparency is Key

The Supervisory Highlights also scrutinize the exploding popularity of Buy Now, Pay Later (BNPL) programs and paycheck advance products. Findings revealed deceptive marketing practices, delayed dispute resolutions, and loan denials tied to trivial payment processing errors.

Why It Matters
Even if your bank doesn’t offer these products, they’re reshaping consumer expectations. Transparency in terms and processes isn’t optional—it’s a competitive necessity.

Technology Pitfalls: Lessons from Enforcement Actions

This issue features notable enforcement actions, including a $1.5 million penalty against VyStar Credit Union for botching the launch of an online banking platform. Consumers faced months of restricted access to their accounts, incurring fees and frustration.

A Word of Caution
Digital transformation is critical for community banks to stay relevant, but poorly executed rollouts can damage trust. Rigorous testing and a solid contingency plan can safeguard against consumer harm and regulatory penalties.

New Rules to Watch

The CFPB issued a final rule governing overdraft practices at large institutions, capping fees unless they are minimal. Additionally, supervisory authority now extends to digital payment platforms processing over 50 million transactions annually.

What’s Next for Community Banks?
Stay proactive in monitoring new rules and adapting processes. Even if you’re not directly impacted by these changes, they signal the regulatory trends shaping the future.

Final Thoughts: Protecting Your Institution

The themes in this issue of Supervisory Highlights boil down to a central lesson: consumer protection is non-negotiable. Whether it’s ensuring accurate reporting, transparent lending, or seamless technology implementation, community banks must prioritize their customers’ experience.

By addressing these areas, you’re not just avoiding penalties—you’re fortifying your role as a trusted partner in your community. For tailored guidance, connect with Young & Associates, your partner in navigating the ever-changing regulatory landscape. Contact us for tailored solutions to support your institution’s goals.

U.S. Industrial Transition: Insights for Metro Areas and Community Banks

Written by admin on . Posted in Advice, Blog, Compliance & Regulations, Consultation, News.

The FDIC’s analysis of U.S. industrial transitions between 1970 and 2019 reveals the profound effects of economic shifts on metro areas and the community banks serving them. These transitions, driven by the decline of manufacturing and the rise of service-based economies, created challenges and opportunities for local economies and financial institutions. Below, we explore the key findings from this study and their implications for community banks.

The Decline of Manufacturing and Economic Shifts

Over five decades, the national economy moved away from manufacturing, with industries like steel, textiles, and machinery experiencing steep employment declines. Metro areas heavily reliant on these sectors, particularly in the Northeast and Midwest, faced significant economic stagnation. For example, cities like Youngstown, OH, and Flint, MI, struggled to replace lost industries, leading to slower population growth, aging demographics, and economic contraction. Meanwhile, metro areas in the South and West benefited from population inflows and economic diversification, fostering stronger economic growth.

Challenges for Community Banks in High-Transition Metros

Community banks in metros with high levels of industrial transition faced significant challenges. These banks experienced weaker deposit and branch growth compared to their counterparts in other regions. Their loan portfolios were heavily concentrated in single-family residential loans, with less exposure to business-related lending, which limited their growth potential. Despite these challenges, community banks in high-transition metros showed resilience during periods of economic stress, such as the Savings and Loan Crisis and the Great Financial Crisis, with lower failure rates than banks in other regions.

Strategies for Success: High-Performing Banks

Amid these challenges, a subset of high-performing community banks in high-transition metros found success through strategic adaptability. These banks diversified their loan portfolios, expanded operations beyond their local metro areas, and emphasized commercial lending. By focusing on growth opportunities outside their immediate regions and strengthening their balance sheets, these banks outperformed both their local peers and many banks in more stable metros. Their success underscores the importance of innovation and diversification in navigating economic transitions.

The Role of Metro Diversification

Larger, more industrially diversified metros, such as San Jose, CA, demonstrated the benefits of economic adaptability. San Jose successfully transitioned from computer manufacturing to a broader technology-driven economy, supported by high-paying jobs in professional, scientific, and technical services. This highlights the critical role of industrial diversity in building resilience during times of economic change. Smaller, less diversified metros struggled to recover, illustrating the importance of proactive economic planning and investment in diverse industries.

Lessons for Future Transitions

The FDIC study offers valuable lessons for navigating future economic shifts, including those driven by climate change and clean energy transitions. Metro areas and community banks that prioritize diversification, invest in high-growth industries, and adapt to changing market demands will be better equipped to manage these transitions. By learning from past challenges, financial institutions can position themselves as resilient and innovative partners in their communities.

Supporting Community Banks Through Transition

As community banks navigate the challenges of economic shifts, Young & Associates is here to help. Our expert guidance can assist financial institutions in diversifying portfolios, expanding operations, and developing strategies for resilience. Contact us today to learn more about our tailored services, and subscribe to our newsletter for the latest insights and updates.

Understanding NCUA’s Guidance on Overdraft and NSF Fees: Key Takeaways for Credit Unions

Written by admin on . Posted in Advice, Blog, Compliance & Regulations, Consultation, News.

The NCUA’s December 2024 Letter to Credit Unions (24-CU-03) sheds light on the risks and regulatory concerns surrounding overdraft and non-sufficient funds (NSF) fee practices. This guidance is crucial for federally insured credit unions aiming to mitigate compliance, reputation, and litigation risks while maintaining fair and transparent practices for their members. Below, we break down the essential points of the letter, tailored for credit union leaders.

The Problem with Unanticipated Fees

Credit unions may face significant risks if their overdraft or NSF fee policies result in fees that members cannot reasonably anticipate or avoid. These fees can lead to:

  • Substantial Member Harm: Unexpected fees strain members financially and undermine trust.
  • Regulatory Violations: Such practices may be deemed unfair or deceptive under the FTC Act and the Consumer Financial Protection Act (CFPA).
  • Heightened Risks: Credit unions expose themselves to reputational, consumer compliance, third-party, and litigation risks.

Key Risk Areas in Overdraft and NSF Fee Practices

The NCUA identified several problematic practices:

  1. Authorize Positive, Settle Negative (APSN) Fees:

    • Fees charged when a transaction is authorized with sufficient funds but settles with insufficient funds due to intervening transactions.
    • Such practices are likely unfair under federal regulations, especially if members cannot anticipate the fees.

  2. Multiple NSF Representment Fees:

    • Charging additional fees when a returned check or ACH item is presented multiple times without sufficient funds.
    • Members often cannot control or predict when items will be represented, making these fees unfair and deceptive.

  3. Returned Deposited Item (RDI) Fees:

    • Assessing fees on members for depositing checks that are returned unpaid.
    • Members typically have no way to foresee these occurrences, increasing compliance and reputational risks.

  4. Other High-Risk Practices:

    • High or No Limits on Fees: Charging excessive fees in a single day creates undue financial burdens on members.
    • Inaccurate Disclosures: Failing to clearly disclose fee practices or transaction cutoff times can mislead members and violate regulations.
    • Reordering Transactions: Prioritizing larger transactions to maximize overdraft fees is likely to be considered unfair.

Risk Management Best Practices

To address these risks, the NCUA recommends that credit unions:

  • Conduct Comprehensive Reviews:

    • Analyze all aspects of overdraft and NSF fee programs, including disclosures, processing systems, and member communications.
    • Evaluate member complaints and fee structures for fairness and transparency.

  • Mitigate Risks:

    • Eliminate fee practices that members cannot reasonably anticipate or avoid.
    • Self-identify and reimburse members for fees assessed under unfair practices.
    • Consult legal counsel to ensure compliance with applicable laws.

  • Enhance Member Support:

    • Offer alternatives such as linked savings accounts, affordable lines of credit, or short-term loans.
    • Provide educational resources to help members manage their accounts effectively.

NCUA’s Supervisory Approach

The NCUA will continue reviewing overdraft and NSF programs during examinations to ensure compliance and risk mitigation. Credit unions are encouraged to take proactive measures, as the agency will consider self-corrected violations and member reimbursements favorably during examinations. Enforcement actions may include restitution for harmed members and other penalties for non-compliance.

This guidance emphasizes the importance of transparency, fairness, and compliance in managing overdraft and NSF fee practices. By implementing the NCUA’s recommended best practices, credit unions can reduce risk exposure, enhance member trust, and align with regulatory expectations.

How We Can Help

At Young & Associates, we specialize in helping credit unions navigate complex compliance requirements. Contact us for tailored solutions to evaluate and improve your overdraft and NSF fee programs. Sign up for our newsletter to stay informed about the latest regulatory updates and best practices in the credit union industry.

The OCC 2024 Annual Report: A Summary for Financial Institutions

Written by admin on . Posted in Advice, Blog, Compliance & Regulations, Consultation, News.

The OCC 2024 Annual Report provides a comprehensive overview of the federal banking system, highlighting stability, strategic priorities, and regulatory advancements. This report underscores the importance of proactive risk management, fairness in banking practices, and adapting to evolving technology and environmental challenges.

The report reaffirms the strength of the federal banking system, noting that 99% of banks are well-capitalized and that 92% maintain strong capital adequacy, asset quality, and management. These metrics reflect the resilience of financial institutions in the face of economic uncertainties.

Strategic Priorities for the Federal Banking System

The OCC’s strategic priorities for 2024 focus on four critical areas:

  • Guarding Against Complacency: Banks are encouraged to remain vigilant and manage both traditional and emerging risks effectively.
  • Promoting Fairness: Efforts to reduce lending inequities and biases in financial practices continue to be a priority.
  • Adapting to Digitalization: The integration of financial technologies and artificial intelligence must be managed responsibly to ensure security and trust.
  • Addressing Climate Risks: Large banks are expected to develop frameworks to mitigate climate-related risks, both physical and transitional.

Key Focus Areas for Financial Institutions

  1. Fraud Prevention and Cybersecurity:
    • Rising threats, including AI-driven fraud, call for advanced detection systems and secure authentication processes.
    • The increasing reliance on fintech partnerships highlights the need for robust third-party risk management frameworks.
  2. Operational Resilience:
    • Operational resilience, including robust recovery planning, is critical to maintaining financial stability.
    • Recent regulatory updates require banks with over $100 billion in assets to expand recovery planning and testing.
  3. Regulatory Modernization:
    • Enhanced transparency in bank mergers aims to foster competition and benefit underserved communities.
    • Updates to the Community Reinvestment Act (CRA) strengthen fair lending practices and promote financial inclusion.
  4. Digital Innovation:
    • Artificial intelligence and automation are reshaping the banking landscape. The OCC emphasizes fairness, accountability, and transparency in AI applications.
    • Open banking and real-time payment systems present growth opportunities, but they must be implemented with customer trust and regulatory compliance in mind.

Financial System Resilience

The federal banking system demonstrated financial resilience in 2024, but challenges persist:

  • Revenue Growth: The OCC’s revenue increased by 2.8% in FY 2024, totaling $1.22 billion, driven by higher interest earnings and bank assessments.
  • Profitability Pressures: Declines in net interest margins and rising credit costs affected profitability, particularly for community banks.

Operational resilience remains a cornerstone of financial stability. The OCC highlights the importance of maintaining adequate liquidity, robust capital levels, and strategic recovery planning to mitigate risks.

The OCC’s 2024 Annual Report emphasizes the importance of adaptability, fairness, and resilience in navigating an increasingly complex financial landscape. Financial institutions must align their strategies with these priorities to ensure compliance, enhance customer trust, and foster long-term stability.

Learn More:
Young & Associates offers expert guidance in compliance, risk management, and operational resilience. Contact us for tailored solutions to support your institution’s goals. Sign up for our newsletter to stay informed about the latest industry trends and insights.

Key Insights from the OCC Semiannual Risk Perspective (Fall 2024)

Written by admin on . Posted in Advice, Blog, Compliance & Regulations, Consultation, Lending & Loan Review, News.

Top Trends in Banking Risks

The OCC’s report emphasizes maintaining sound risk management practices to address growing challenges:

  • Fraud Activity: External fraud schemes targeting consumers and banks are rising. Sophisticated tactics, including AI-driven fraud, demand enhanced detection and prevention measures.
  • Credit Risks: Commercial real estate (CRE) remains a focal point, with stress in office and luxury multifamily segments. Retail credit risks are stable but show signs of increased delinquencies in auto loans and credit cards.
  • Operational Risks: Cybersecurity and third-party risks are elevated, reflecting the increasing complexity of the banking environment.
  • Compliance Pressures: Adapting to dynamic regulatory changes and addressing data governance gaps are critical to ensuring compliance.

Fraud and Cybersecurity: A Call for Action

Fraudulent activities targeting the banking system have surged, driven by innovative schemes such as:

  • Wire Transfer Fraud: Fraudsters impersonate trusted entities to steal funds.
  • Check Fraud: Criminals manipulate stolen checks or sell them on dark web platforms.
  • AI-Driven Attacks: Deepfakes and AI-enhanced social engineering pose new threats.

What Banks Can Do:

  • Implement advanced fraud detection systems.
  • Educate customers about fraud prevention.
  • Strengthen authentication and transaction monitoring systems.

Credit Risk: Stabilizing but Uneven

The report identifies pockets of credit risk:

  • Commercial Real Estate (CRE): Stress is evident in the office sector, with rising costs and valuation declines. Multifamily CRE faces challenges from oversupply and increased regulatory expenses.
  • Retail Credit: Stable overall but experiencing increased delinquencies in credit cards and auto loans.

What Banks Can Do:

  • Conduct regular stress testing for CRE portfolios.
  • Enhance monitoring and adjust allowances for credit losses based on emerging risks.

Operational Resilience and Technology Adoption

The banking sector is rapidly digitizing, adopting new technologies to meet evolving customer needs. However, these advancements come with heightened risks:

  • Third-Party Risks: Increased reliance on fintech partnerships expands the cyberattack surface.
  • Legacy System Challenges: Aging infrastructure complicates modernization efforts.
  • AI Adoption: Compliance risks are significant as banks explore advanced AI applications.

What Banks Can Do:

  • Strengthen third-party risk management frameworks.
  • Invest in post-quantum encryption and legacy system upgrades.
  • Implement comprehensive governance for AI-based tools.

Market and Climate-Related Financial Risks

Banks face dual pressures from market dynamics and climate-related risks:

  • Net Interest Margins (NIM): Higher funding costs are compressing margins, requiring strategic adjustments.
  • Climate Impact: Increased natural disasters highlight the importance of climate risk management frameworks.

What Banks Can Do:

  • Focus on liquidity stress testing and modeling depositor behavior.
  • Engage with clients to manage climate-related transition risks effectively.

Economic Outlook: Challenges Ahead

The U.S. economy remains resilient but shows signs of slowing:

  • Housing Market: Affordability issues and “rate lock-in” effects are dampening demand.
  • Consumer Spending: Despite strong spending in 2024, rising costs and a cooling labor market could create headwinds.

Preparation Tips:

  • Monitor consumer credit health closely.
  • Adapt lending standards to evolving economic conditions.

Staying Ahead in a Dynamic Environment

The OCC’s Fall 2024 Semiannual Risk Perspective outlines a roadmap for navigating complex risks in the federal banking system. Financial institutions should prioritize robust fraud prevention, proactive credit risk management, and strategic technology adoption. By addressing these challenges, banks can safeguard their operations and thrive in an ever-changing economic landscape.

Explore More:
Discover how Young & Associates can help your institution mitigate risks, strengthen compliance, and enhance operational resilience. Contact us today for tailored solutions to navigate these challenges effectively. Sign up for our newsletter to stay informed about industry insights and updates.

2025 Rescission Calendar – Free Download Now Available

Written by admin on . Posted in Advice, Announcements, Blog, Compliance & Regulations, Consultation, Lending & Loan Review, News.

The right of rescission, governed by Regulation Z under the Truth in Lending Act (TILA), remains a cornerstone of consumer protection in the lending industry. For financial institutions, ensuring compliance with rescission rules is not only a regulatory requirement but also a reflection of their commitment to protecting borrowers’ rights. However, the intricacies of rescission—covering timing, disclosure requirements, and exceptions—can make this area of compliance challenging for many lenders.

To support your institution in navigating these complexities, Young & Associates is proud to offer a free downloadable Rescission Reference Chart, designed to simplify compliance with rescission rules.


Click Here to Get Your 2025 Rescission Calendar

 

What Is the 3 Day Right of Rescission?

The right of rescission provides consumers with the ability to cancel certain credit transactions that involve a lien on their principal dwelling. This cooling-off period, typically three business days, is intended to allow borrowers time to evaluate the terms of their transaction without pressure. While the concept is straightforward, compliance involves navigating strict rules related to timing, notification, and disclosure.

Does Presidential Inauguration Day Affect Rescission Periods?

No. While federal employees in the Washington, DC area are granted a holiday on Presidential Inauguration Day (January 20th), this holiday applies only to those “employed in” the designated Inauguration Day Area and does not affect rescission periods.

According to § 1026.2(a)(6) of Regulation Z, a “business day” for rescission purposes is defined as all calendar days except Sundays and the legal public holidays listed in 5 U.S.C. 6103(a), such as New Year’s Day, Martin Luther King Jr. Day, Washington’s Birthday, and others. Inauguration Day is not among these specified legal public holidays and therefore does not impact rescission timelines.

Common Challenges in Rescission Compliance

Despite its importance, rescission often presents challenges for financial institutions. Here are some common issues:

  1. Identifying Covered Transactions
    Not all transactions are subject to rescission. Determining whether a loan qualifies—such as refinances or home equity lines of credit—requires careful evaluation of loan terms and lien positions.
  2. Proper Timing of the Rescission Period
    The rescission period must be calculated accurately, taking into account business days and excluding holidays. Miscalculations can result in compliance violations.
  3. Providing Accurate and Timely Disclosures
    Borrowers must receive clear and complete rescission notices and required disclosures at the time of closing. Any inaccuracies can extend the rescission period or expose the lender to liability.

  4. Handling Rescission Notices
    If a borrower exercises their right to rescind, lenders must act swiftly to return funds and terminate the lien within 20 calendar days. Delays or errors in this process can lead to penalties.

How Do You Calculate a 3 Day Rescission Period?

The rescission period typically begins the business day following the signing of loan documents and ends at midnight on the third business day.

How the Rescission Calendar Can Help

Young & Associates’ Rescission Reference Chart is a comprehensive tool that simplifies the complexities of rescission compliance. This chart provides:

  • A clear breakdown of covered and exempt transactions.
  • Guidelines for accurately calculating the rescission period.
  • Tips for ensuring proper disclosure and handling rescission notices.

Whether you’re training new staff or refreshing your understanding of rescission rules, this chart offers a practical and easy-to-use resource to enhance your compliance program.

Why Rescission Matters

Non-compliance with rescission rules can result in extended rescission periods, regulatory scrutiny, or even legal action. By ensuring your institution has a solid grasp of rescission requirements, you not only avoid potential risks but also reinforce your reputation as a trusted and reliable lender.

Download Your Free Rescission Reference Chart Today

Young & Associates is dedicated to helping financial institutions like yours maintain compliance while streamlining operations. Our Rescission Reference Chart is just one of the many tools we offer to support your success. Equip your team with the knowledge and tools they need to navigate rescission with confidence. With Y&A by your side, you can focus on serving your customers while staying compliant with ease.

Connect with a Consultant

Contact us to learn more about our consulting services and how we can add value to your financial institution

Ask a Question