Regulatory Compliance Digest | July 2023

calendar iconJuly 27, 2023

The July issue of the Regulatory Compliance Digest features a summary of the latest updates from the Consumer Financial Protection Bureau (CFPB) on Section 1071, the clarification of guidance on multiple re-presentment fees, interagency guidance on the risk management of third-party relationships and a reminder to file Office of Foreign Assets Control’s (OFAC) annual report on blocked property by September 30.

The Regulatory Compliance Digest is intended to keep you informed of regulatory changes in advance of their effective date so your institution can evaluate changes or necessary updates to policies, procedures and processes to be compliant at the time of enactment.

Industry Trends & Insights

FDIC Clarifying Supervisory Approach Regarding Supervisory Guidance on Multiple Re-Presentment NSF Fees

On June 16, 2023, the FDIC updated its Supervisory Guidance on Multiple Re-Presentment NSF Fees (FIL-40-2022) to clarify its supervisory approach for corrective action when a violation of law is identified.  Highlights:

  • Since the issuance of the Supervisory Guidance on Multiple Re-Presentment NSF Fees (FIL-40-2022), steps financial institutions have taken to remediate consumer harm associated with re-presentment fees have provided the FDIC with additional data about the amount of consumer harm associated with the issue at particular institutions and on-going and extensive challenges in accurately identifying harmed parties.
  • Based on this additional data and experience, the FDIC is updating and reissuing its Supervisory Guidance on Multiple Re-Presentment NSF Fees (FIL-40-2022) to reflect our current supervisory approach to not request an institution to conduct a lookback review absent a likelihood of substantial consumer harm.

Interagency Guidance on Third-Party Relationships: Risk Management

On June 6, 2023, the joint agencies issued final guidance on managing risks associated with third-party relationships. The guidance provides sound principles that support a risk-based approach to third-party risk management that banking organizations may consider when developing and implementing risk management practices for all stages in the life cycle of third-party relationships.  Highlights include:

  • On July 19, 2021, the agencies published in the Federal Register Proposed Interagency Guidance on Third-Party Relationships: Risk Management. The proposed guidance offered a framework based on sound risk management principles for banking organizations to consider in developing risk management practices for all stages in the life cycle of third-party relationships.
  • After careful consideration of comments received, the agencies are issuing final guidance that will replace each agency’s existing guidance on this topic, providing a consistent approach to managing risks associated with all third-party relationships.
  • A banking organization’s use of third parties can increase its risk, but the use of third parties does not diminish or remove a banking organization’s responsibility to perform all activities in a safe and sound manner, in compliance with applicable laws and regulations, including those related to consumer protection and security of customer information.
  • The guidance serves as a useful resource to assist banking organizations implementing third-party risk management practices by providing examples of considerations in the planning, due diligence, contract negotiation, ongoing monitoring, and termination stages of managing third-party relationships.
  • The guidance notes that sound third-party risk management takes into account the level of risk, complexity, and size of the banking organization, as well as the nature of the specific third-party relationship.
  • Business relationships with third parties engaged in lending, payment, or deposit activities for the benefit of the bank or through the bank should be evaluated by banks using both the third-party risk management guidance and the various risk management processes and rules that apply to traditional lending and deposit relationships.
  • Relationships that are only between banks and their direct customers of traditional bank products and services (such as deposit accounts or retail or commercial loans) would not be addressed in a third-party risk management framework and are covered by the various risk management processes and rules that apply to traditional lending and deposit relationships.

Small Business Lending Rule CFPB FAQs

On June 29, 2023, the CFPB posted an FAQ on the small business lending rule. The FAQ addresses questions on Institutional coverage as well as covered transactions and small businesses.

2023 List of Distressed or Underserved Nonmetropolitan Middle-Income Geographies

On June 23, 2023, the Federal bank regulatory agencies made available the 2023 list of distressed or underserved nonmetropolitan middle-income geographies.

The Community Reinvestment Act (CRA) encourages banks to help meet the credit needs of their local communities, including low- and moderate- income communities, in a safe and sound manner. Distressed or underserved nonmetropolitan middle-income geographies are census tracts where revitalization or stabilization activities are eligible to receive CRA consideration. The designations reflect local economic conditions, including unemployment, poverty, and population changes.

Revitalization or stabilization activities in these geographies are eligible to receive CRA consideration under the community development definition for 12 months after publication of the current list. As with past lists, the agencies apply a one-year lag period for geographies that were included in 2022 but are no longer designated as distressed or underserved in the current list.

Reminder to file the 2023 Annual Report of Blocked Property

31 C.F.R. § 501.603 of the Reporting, Procedures and Penalties Regulations (RPPR) requires holders of blocked property to provide the Office of Foreign Assets Control (OFAC) with a comprehensive list of all blocked property held as of June 30 of the current year by September 30. Persons that do not hold blocked property as of June 30 do not need to file an Annual Report of Blocked Property (ARBP). Please note that the term blocked property only applies to property that is blocked pursuant to OFAC regulations. Property that was unblocked by an OFAC general or specific license or was previously blocked pursuant to a sanctions program that was terminated on or before June 30, 2023, is not considered blocked property, and should not be reported in the ARBP. Similarly, a restricted account of a person ordinarily resident in Iran is not blocked and should not be reported to OFAC in the ARBP, unless there is an interest in the account of a person whose property and interests in property are blocked pursuant to an applicable sanction’s authority.

Have Questions?

If you would like to discuss any compliance matters for your institution, please contact your Cherry Bekaert Advisor or reach out to the Firm’s Risk Advisory regulatory compliance team today.

Questions? Contact Us


External links to other websites outside of are being provided as a convenience and for informational purposes only. The links do not constitute an endorsement or an approval by Cherry Bekaert of any of the information, products, services or opinions of the organization or individual. Cherry Bekaert bears no responsibility for the accuracy, legality or content of the external websites or for that of subsequent links. Contact the external website for answers to questions regarding its content.