ARTICLE | April 04, 2023
Authored by RSM US LLP
The Office of the Comptroller of the Currency, Federal Deposit Insurance Corporation and Federal Reserve have zeroed in on numerous regulatory changes for 2023. While some existing rules will see modernization, others will likely be replaced by new regulatory guidance altogether.
The big themes
Capital, climate, CRA, M&A, digital assets and fintech partnerships
The new vice chair for supervision at the Federal Reserve, Michael Barr, wasted no time pointing to capital at the nation’s largest banks as an immediate action item. In a September speech, Barr noted that the Fed was undertaking a “holistic” review of bank capital requirements. During a separate speech in December, he went a step further when he described the current requirements for capital levels of banks in the United States as “toward the low end of the range described in most of the research literature.”
While the industry waits for clarity on proposed changes to capital requirements—reportedly expected early this year—one area where Barr has moved to assert his supervisory authority is stress testing. On Feb. 9, the Fed released its annual stress test scenarios, the hypothetical strains used to test the nation’s economy. The scenarios included a new component—the “exploratory market shock” for the country’s eight largest banks.
Fed authorities are quick to point out that this shock will not contribute to the capital requirements set by the test; but in our estimation, the outcomes from this year’s stress testing will be analyzed closely by the Fed and likely will provide a meaningful data point as the Fed looks to adjust capital requirements for big banks.
The national banks with assets over $100 billion will be the first to see the impact from any changes to capital requirements. In time, institutions with assets below this threshold may likely see the trickle-down effects.
All three primary bank regulators spent considerable time in 2022 discussing climate-related financial risks. While the OCC and FDIC have both published principles for climate-related financial risk management targeted initially at large institutions, the Fed has been slower to release climate-related guidance. Fed Vice Chair Barr has indicated that assessment of climate-related financial risks presents a priority that requires further analysis.
The Fed is expected to launch a pilot program in early 2023 to conduct scenario analyses targeting the six largest U.S. banks to better understand the risk posed by climate change. This assessment will be done carefully, as both Barr and Fed Chair Jerome Powell have publicly commented that the Fed is not a climate regulator.
The outcomes from the evaluation of climate on the banking system will likely have broader implications. The Fed, OCC and FDIC are anticipated to work together on supervision efforts, initially focused on climate risk at large banks. To date, the collective commentary from FDIC Chair Martin Gruenberg and Acting OCC Chair Michael Hsu points to climate risk as an issue that will affect all banks; further, it implies an increasing focus on climate at all banks. Gruenberg has indicated in his remarks that smaller and midsize banks should plan wisely to prepare for climate-related risk requirements.
It is worth noting that no regulator has indicated it plans to say which businesses banks should or should not do business with; however, the commentary from the agencies points to greater emphasis on understanding how climate-related financial risks—whether physical or transition-related—will affect the bank and what the bank is doing to monitor these risks to mitigate future losses.
As FDIC Chair Martin J. Gruenberg said in December, “…while the U.S. government may provide assistance with the costs associated with many severe weather events, financial institutions should not be wholly dependent on this assistance, whether directly or indirectly.”
“While the U.S. government may provide assistance with the costs associated with many severe weather events, financial institutions should not be wholly dependent on this assistance, whether directly or indirectly”
Martin J. Gruenberg, FDIC Chair
Community Reinvestment Act (CRA)
The often talked-about modernization of the Community Reinvestment Act, known as CRA, will see a final rule released in 2023—possibly as early as the first half of the year—and will likely result in a significant uplift in compliance for all institutions.
With more than 650 comments submitted on the joint proposal released in May 2022, the list of concerns from the industry is long. Some of the more prominent ones address the complexity of evaluation methods, the timelines for implementation (is the proposed 12 months enough?), how retail lending is defined and how the agencies will use significantly more granular information submitted by banks for compliance.
The final rule will shed light on those concerns and provide greater clarity around the asset thresholds that dictate the overall level of compliance required for banks of varying sizes. However, the fact remains that modernization will result in a substantial reform to the 45-year-old law originally put in place for a nondigital banking landscape.
Once a final rule is published, the impact on compliance teams, bank technology used in the compliance function and the overall effort to report data will result in considerable resource strains.
Further, given the scope of a proposed rule on providing insight into how banks serve low- to moderate-income communities, CRA compliance will be a bigger factor in merger reviews going forward.
Mergers and Acquisitions (M&A)
The current macroeconomic and regulatory environment has created a one-two punch to the gut of banking mergers and acquisitions. January 2023 saw only six deals announced, amounting to the slowest January in 14 years, according to S&P Global Market Intelligence data.
Yet even when the economy moves beyond current macroeconomic headwinds, the crux of the matter remains: Bank regulators are already looking more closely at deals, even without a change to existing regulation, a trend directly attributable to President Biden’s July 2021 Executive Order on Promoting Competition in the American Economy.
The most recent data from the Fed shows the processing time to review M&A proposals has increased. For M&A proposals that did not receive adverse public comments, average processing time in the first half of 2022 was 65 days, up from 62 days in 2021 and 53 days in 2018. More onerous were proposals that received adverse public feedback; the average processing time in the same period climbed to 197 days, compared to 186 days in 2021 and 113 days in 2018.
And it wasn’t just the largest banks that saw the length of review increase. Community banking organizations with $1 billion to $10 billion in assets also saw their approval times increase. Processing took an average of 90 days in the first half of 2022, compared to 51 days a year earlier.
The regulatory leaders at the primary banking agencies are all on record characterizing the current measures for reviewing bank mergers as outdated. Yet clear commentary on how the reviews should be handled has not been presented.
Speculation and commentary on how merger reform may take place continues to build. During the OCC’s bank merger symposium on Feb. 10, OCC Senior Deputy Comptroller Benjamin McDonough pointed to his agency’s contention that the merger review process deserves renewed consideration. He said the Herfindahl-Hirschman Index, a commonly accepted measure of market concentration, is a poor proxy for measuring bank market share.
Since late 2022, the landscape for digital assets has been defined by volatility. Uncertainty—combined with public commentary from banking regulators culminating in a joint statement on the risks to conventional banks related to crypto-assets by the Federal Reserve, the FDIC and the OCC—has driven a clear narrative: Digital assets represent a significant risk to the banking ecosystem.
The regulators’ public commentary reveals myriad concerns around digital assets and digital asset companies—fraud and scams, price volatility, risk management and governance practices, to name a few. Allowing digital asset companies greater access to the banking system (directly or indirectly) would be “inconsistent with safe and sound banking practices,” their joint statement said.
With ramped-up scrutiny, existing partnerships and relationships between banks and digital asset firms are certain to attract closer attention, while banks looking to enter new partnerships with digital asset firms will have a higher bar to clear in order to receive regulatory consent.
The increasing number of partnerships between banks and consumer-focused fintech organizations through banking as a service is also drawing increased scrutiny from the OCC and FDIC.
In a September 2022 speech, Acting OCC Comptroller Hsu stated: “The growth of the fintech industry, of banking-as-a-service (BaaS), and of big tech forays into payments and lending is changing banking, and its risk profile, in profound ways.” Core to the concern is the blurring line between banks and fintech companies, he noted, adding: “(When) do customers go from being the client to becoming the product and how are consumer protections maintained?”
A large portion of BaaS partnerships exist at banks that have under $10 billion in assets, with nearly one-fifth at banks with total assets under $1 billion. The risk to institutions of this size rapidly expanding into such partnership focuses on four primary areas—people, policy, process and technology.
Each of these four areas deserves a detailed and thorough discussion. But simply put, without adequate technology to handle the volume of transaction and account activity, along with commensurate processes, detailed policies for monitoring compliance, and knowledgeable people to support these complex arrangements, blind spots will surface. These could lead to regulatory noncompliance or worse, including financial penalties and losses.
In 2022, the OCC stepped up its regulatory review of fintech partnerships and even took formal action against one institution for failures in its monitoring of fintech partners. The primary focus of both the OCC and the FDIC includes monitoring of programs, staffing levels, and compliance with the Bank Secrecy Act, the Anti-Money Laundering Act and the regulations of the Office of Foreign Assets Control.
With less than two years left in President Biden’s first term, we expect 2023 to be a do-or-die year for the financial regulatory agencies ahead of the next presidential election cycle. The favorable regulatory environment created by the prior administration and record government stimulus injected into the economy are now in the rearview mirror, and regulatory refocus has come to light. Appropriate monitoring of these themes will be critical for banking institutions over the near- to moderate-term.
Do you have questions or want to talk to a LaPorte professional?
Fill out the form below and we’ll contact you to discuss your situation.
This article was written by Brandon Koeser and originally appeared on 2023-04-04.
2022 RSM US LLP. All rights reserved.
RSM US Alliance provides its members with access to resources of RSM US LLP. RSM US Alliance member firms are separate and independent businesses and legal entities that are responsible for their own acts and omissions, and each is separate and independent from RSM US LLP. RSM US LLP is the U.S. member firm of RSM International, a global network of independent audit, tax, and consulting firms. Members of RSM US Alliance have access to RSM International resources through RSM US LLP but are not member firms of RSM International. Visit rsmus.com/about us for more information regarding RSM US LLP and RSM International. The RSM logo is used under license by RSM US LLP. RSM US Alliance products and services are proprietary to RSM US LLP.
LaPorte CPAs & Business Advisors is a proud member of the RSM US Alliance, a premier affiliation of independent accounting and consulting firms in the United States. RSM US Alliance provides our firm with access to resources of RSM US LLP, the leading provider of audit, tax and consulting services focused on the middle market. RSM US LLP is a licensed CPA firm and the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with more than 43,000 people in over 120 countries.
Our membership in RSM US Alliance has elevated our capabilities in the marketplace, helping to differentiate our firm from the competition while allowing us to maintain our independence and entrepreneurial culture. We have access to a valuable peer network of like-sized firms as well as a broad range of tools, expertise, and technical resources.
For more information on how LaPorte CPAs & Business Advisors can assist you, please call 713.548.2034.