Internal CFPB report finds workplace challenges
Consumer Financial Protection (CFPB) internal report outlines employee concerns ranging from a perceived lack of diversity and a lack of clarity around processes, according to Politico (Aug. 12)
The CFPB's Office of Minority and Women Inclusion prepared the report, which is based on 48 listening sessions conducted by the bureau between April and June.
The report "frequently mentioned frustrations with insufficiency in infrastructure, lack of transparency and communication, and perceived unfairness in application of practices and procedures which permeated throughout the various areas of concern they mentioned," according to Politico.
According to an Aug. 12 Reuters article, the report also found that staff believed their supervisors micro-managed projects, were unclear about priorities, lacked uniform standards for employee performance and had misunderstandings concerning the bureau's hiring, promotion and pay practices, which contributed to the impression those decisions were unfair.
The CFPB announced in May it would remove its performance system after lower scores and bonuses were given to older employees and minorities, an action that led to the series of listening sessions.
According to Reuters , the report said the bureau's rapid expansion and pressure to churn out rules "fostered a culture of aggressiveness and a pace that could not be sustained long-term."
The report recommends additional internal communications mechanisms, additional training and creation of a forum to assess workplace trends.
CFPB Director Richard Cordray said he "embraces the recommendations" made in the report, and would work to ensure they are implemented, according to Politico.
Source: CUNA News Now
EMV task force update: 575M chip cards issued by 2015
A group of electronic payment industry organizations have predicted more than 575 million chip-enabled credit and debit cards will be issued by the end of 2015.
The Payments Security Task Force (PST), made up of more than a dozen companies and organizations including the Credit Union National Association, announced this forecast Wednesday.
"The shift to EMV cards clearly has big momentum now within the financial community," said Eric Richard, CUNA general counsel/executive vice president for regulatory affairs. "There is still an issue about whether the merchant community will be prepared to facilitate the change on a full and timely basis. And both sides will need to continue working on other security strategies to counteract the growing problem of data breaches."
Nine of the country's largest payment card issuers who participate in the task force developed the current forecast. The PST is focused on continuing the momentum of payment cards with Europay- MasterCard-Visa (EMV) technology.
EMV is a global standard that uses chips embedded within the card to authenticate purchases, similar to the current magnetic strip on payment cards. EMV cards are considered more secure against fraud with authentication provided by the use of a PIN and cryptographic algorithms.
In October 2015, parties that deploy EMV cards will be protected from financial liability from card-present counterfeit fraud losses.
The task force plans to update the issuer forecast regularly and expand it to include acquirer and merchant perspectives on EMV chip terminalization. Javelin Strategy and Research estimates that 52% of point-of-sale terminals will be EMV-enabled by the end of 2015.
Priorities include identifying a long-term roadmap to deliver a consistent level of security for payments in the digital and physical environments.
Source: CUNA News Now
Credit Unions Lag as EMV Chip Deadline Slowly Approaches
By David Morrison
As the October 2015 implementation deadline approaches, some leaders who helped credit unions launch EMV chip-equipped payment cards estimated that fewer than 50% of card-issuing cooperatives would have both EMV-equipped credit and debit cards ready in time.
Oct. 15 next year marks the point when the cards’ brands have said liability for fraud losses will shift to the party that has not put EMV cards in place. This means that the party, either the issuer or merchant, that does not support EMV assumes liability for counterfeit card transactions, possibly costing or saving credit unions significant amounts of money.
“Credit unions are definitely gearing up and picking up the pace,” said Barney Moore, manager of card consulting services for Card Services for Credit Unions, the association of credit unions that use the services of payment processor FIS. “But it seems unlikely that they will have gotten it done by next October.”
Moore cited concerns about the costs of issuing the chip-enabled cards among credit unions, as well as delays in ironing out technical details with EMV-equipped debit cards. Another hurdle includes bottlenecks among plastic card suppliers, he added.
“We are urging credit unions that might not be ready to pull the trigger to at least get the project started and get into a queue for a chance to get EMV cards,” Moore advised.
He also said the costs of EMV-embedded cards were running double or more than double the costs of payment cards with only a magnetic stripe. The costs are higher for cards with contactless technology included on their chips.
Roughly 2% of CSCU's 2,600 member credit unions had either completed their switch over to EMV credit cards or were well along in the process, Moore said.
Some executives with other card processing CUSOs reported a larger percentage of their member credit unions have progressed toward issuing EMV-equipped credit cards. However, those organizations also work with fewer institutions.
CO-OP Financial Services, the Rancho Cucamonga, Calif.-based payments network CUSO, did not say what percentage of its 3,500 client credit unions use its debit processing services. However, Michelle Thornton, manager for core products, said the pace has been picking up since the technical challenges have been worked out.
While the path to issuing EMV-enabled credit cards has been straightforward, Thornton explained, issuing EMV-enabled debit cards has been complicated because the industry has had to program debit EMV chips to include the Durbin amendment's transaction routing requirements.
Developing programs to meet those requirements slowed progress on issuing EMV-enabled debit cards, Thornton said. However, adoption has begun to move more quickly now that there are common application identifiers in place for Visa and MasterCard that allow the cards to meet the Durbin regulation requirements.
Still, she estimated some credit unions will not roll out debit cards by October 2015, preferring to move into this space more slowly and to see how the market develops.
Brandon Kuehl, senior product manager for payments processor The Members Group in Des Moines, Iowa, also declined to say how many credit unions process card payments with the CUSO, but said that 50% of its clients were already issuing EMV-enabled credit cards. The other 50% are on track to have them issued by next year's deadline, he said.
Kuehl attributed the relatively rapid adoption to a streamlined process First Data put into place that took many of the complications out of the decision making process on EMV. Card processor First Data developed the approach in conjunction with PSCU, which processes transactions on its platform. TMG also processes on the First Data platform.
Kuehl said TMG was surprised to see how many of its credit unions had opted to issue cards with both the EMV chips and contactless technology. Seventy-five percent of them that issued cards or were close to doing so had decided for the so-called dual interface.
Cards with both the EMV chips and contactless technology are significantly more expensive, sometimes as much as a dollar more, than cards with only the EMV chip, according to some experts. But these cards will also be well-positioned if contactless point of sale terminals become more common, Kuehl said.
Jon Sarvis, CEO of TMG Financial Services, TMG's agent issuing subsidiary, said most of the CUSO's 100,000-account portfolio will have EMV cards on the way if not actually in hand in time for October.
The CUSO is expected to roll out the EMV cards first to credit union members who travel or work overseas and then to credit unions located in geographic areas with the highest incidence of fraud, Sarvis said.
“Mostly, that means credit unions on the coasts will get the cards first, since their fraud incidence tends to be higher,” Sarvis explained. “Credit unions in the Midwest will likely get them second.”
Arthur Harper, director of card payment solutions at PSCU, was the one executive to report that all 500 of the CUSO's credit issuing credit unions would have EMV credit cards issued in time for the October 2015 deadline, though he acknowledged only 5% had already issued EMV-equipped cards.
Harper noted that a large amount of work remained to issue EMV debit cards due to the technical problems that programmers had to work out. He steadfastly predicted that PSCU credit unions would have their debit cards ready on time as well, but acknowledged there may be a traffic jam trying to get so many credit unions certified for EMV debit in the days leading up to the deadline.
“Despite the delay, I think getting debit cards to EMV is more important than credit,” Harper said. “Debit cards are used much more often and therefore, have a much higher incidence of fraud.”
None of the processing executives CU Times spoke to reported large numbers of credit unions transitioning to EMV-equipped cards en masse. Instead, almost all were moving toward a staged rollout that targets overseas travelling or working members first, then planned to issue the rest as part of the natural expiration and reissue process.
Source: CU Times August 20, 2014 issue
BSA/AML compliance needs to be part of CU culture: FinCEN
Recent anti-money laundering (AML) enforcement actions have led the U.S. Treasury's Financial Crimes Enforcement Network (FinCEN) this week to issue an advisory identifying common compliance shortcomings.
The advisory is meant to highlight principles that can strengthen a financial institution's Bank Secrecy Act (BSA) compliance program.
The advisory lays out the following guidance for financial institutions:
- Leadership, including board of directors, senior and executive management, owners and operators, should be engaged with the financial institution's BSA/AML compliance program. Leaders should receive training tailored to their roles and should remain informed of BSA/AML compliance practices within the institution;
- Compliance, including submission of appropriate and accurate reports, should not be compromised by revenue interests. BSA/AML compliance should function independently within a financial institution, in order to be prepared to take action to address and mitigate risks from the business side of the institution;
- BSA/AML compliance staff should have access to all relevant information. According to FinCEN, several recent enforcement actions noted that compliance staff was not given information, possibly due to the lack of an information-sharing mechanism. Fraud prevention and legal departments should be sharing information with compliance staff;
- Adequate human and technological resources should always be accessible. An individual should be designated as the person responsible for coordinating and monitoring day-to-day compliance, and appropriate support staff should be assigned to a BSA/AML compliance program based on an organization's risk profile;
- Compliance programs should be commensurate with an institution's risk level, and should always include a proper ongoing risk assessment, sound risk-based customer due diligence and appropriate detection and reporting of suspicious activity. This should also include independent program testing from an independent, qualified, unbiased and non-conflicting entity; and
- Staff at all levels should understand the purpose of BSA reports. FinCEN considers the information provided among the most important information available for law enforcement and other security entities. Information provided can help initiate investigations, expand existing investigations, promote international information exchange and identify significant relationships, trends and patterns.
FinCEN Advisory to U.S. Financial Institutions on Promoting a Culture of Compliance (PDF)
CUNA Bank Secrecy Act Conference
Source: CUNA News Now
CFPB slaps $19.3M penalty on Amerisave for mortgage tactics
The Consumer Financial Protection Bureau (CFPB) has ordered Atlanta-based online mortgage lender Amerisave Mortgage Corp. and its affiliate to pay $19.3 million for "deceptive bait-and-switch" lending practices.
Amerisave and Novo Appraisal Management Co. will pay $14.8 million to affected consumers and a $4.5 million penalty. The companies' owner, Patrick Markert, was fined an additional $1.5 million. Fines will go to the CFPB's Civil Penalty Fund.
"Amerisave lured consumers in with deceptive advertising, trapped them with costly upfront fees, and then illegally overcharged them for services from an undisclosed affiliate," said CFPB Director Richard Cordray. "By the time consumers could have discovered the advertised low rates were too good to be true, they had already committed to pay hundreds of dollars to Amerisave."
Amerisave drew in consumers nationwide with online ads that teased rates that did not match the consumers' credit scores or did not exist. "Through use of these inaccurate rates and terms, Amerisave lured consumers into pursuing a mortgage with the company," the CFPB said, which found this practice deceptive under the Consumer Financial Protection Act and the Mortgage Acts and Practices Rule.
The CFPB also alleged that Amerisave required consumers to schedule appraisals that cost between $375 and $500 before obtaining an official estimate of mortgage costs, in violation of the Truth in Lending Act and the Real Estate Settlement Procedures Act.
The company also referred customers to Novo without disclosing its affiliate relationship with the appraisal company.
The CFPB order also requires Amerisave, Novo and Markert to stop advertising unavailable mortgage rates and stop charging illegal fees.
CFPB-Amerisave consent order (PDF)
Source: CUNA News Now
Would you like your own copy of the InfoSight newsletter? If you'd like to be added to, or removed from, the distribution list, click here