US Regulatory Enforcement Trends through July 2024

In today's edition of our newsletter, I'm going to give you all a peek behind the curtain which is to say we'll do a high level overview of the 167 enforcement actions issued by the major US and state regulators since the beginning of the year, with a focus on trends. For our purposes, major US and state regulators includes the CFPB, FDIC, OCC, FRB, OFAC, CFTC, FinCEN, SEC, FINRA, FTC, and the state regulators for New York (NYDFS) and California (DFPI). If you want to get access to the full database, you can subscribe to our premium edition which not only gets you the full database of US enforcement actions (in 2024) but also global enforcement, a new regulation tracker, and recent fintech funding recipient compliance assessments; as well as lifetime access to all of our events (in-person and virtual).

Most Active Regulator: SEC - 39 enforcement actions. A good chunk of their enforcement came in February of this past year, with a series of actions taken against institutions for off-channel communications, something that has been in the news more and more with some banks trying to proactive.

Biggest Penalty: JP Morgan Chase - $250,000,000 - Market Misconduct/Trade Surveillance Consent Order - In March of this past year, the OCC called out the banking giant for being unable to keep tabs on its trading activities in billions of instances of trading activity across at least 30 trading venues globally. Despite market misconduct enforcement being something that is more up the alley of the CFTC, it's interesting to see the OCC throw their full weight behind this type of call-out.

Repeat Offender: JP Morgan Chase - 4 Enforcement Actions - JPM also takes the crown for most enforcement actions, with the aforementioned OCC action, which was done in concert with a FRB enforcement order for the same issue (and a separate $98.2 million penalty), along with two other enforcement actions, one of which had the CFTC hitting them in May for another $200 million also for market misconduct and another with the SEC issuing their own action on a completely different topic, with an $18 million fine for violating whistleblower protection elements of the SEC Act of 1934 - specifically, they misused confidentiality agreements related to credits/settlements associated with potential regulatory violations - an NDA of sorts for their screwup. We're barely halfway through the year, so there could be more bad news in store for Jamie Dimon and co.

Most Frequent Violation/Topic: BSA/AML - 21 Enforcement Actions - The story for most of the year has been around Third Party Risk Management/Banking-as-a-Service, driven by horror stories like Evolve/Synapse. But outside of this most egregious example, it's what the orders are asking the banks to monitor about their fintechs which doesn't get as much coverage - and most of the time, it's AML. It's mystifying how a topic that has been in the spotlight for over 20 years now and hasn't really had much evolution from a regulatory complexity perspective, continues to evade financial institutions large and small, but here we are as apparently companies still can't get this right. There are more tools, vendors, and techniques than ever before to build a strong financial crime approach for any organization out there.

Strangest Consent Order - CFPB - NOVAD Management Consulting - This order just came out a few weeks ago, so fairly recent news here. The story is that the company, which plays in the home equity/mortgage servicing space, sent out false loan default notices/letters to a customer base that was by design intended to be 62 and over, along with having a bad servicing response and handling time particularly with relation to reverse mortgages. This seems pretty straightforward enough, but what makes this weird is the penalty - they charge NOVAD $1! I can't make heads or tails as to the purpose or reasoning behind such a small amount, while the CFPB says NOVAD has declared an inability to pay; there have been plenty of consent orders/enforcement actions without penalties (48 to be exact in 2024). It appears that by making NOVAD pay, consumers can be eligible for relief from the CFPB's victim relief fund - if that's what it takes, it seems like unnecessary administrative red tape that someone should resolve.

We'll continue to update you as we hear about and add new enforcement actions to our database. If you have any suggestions on information you'd like to see in the database or what might make it more valuable, reach out! Thanks for your time.

~

Please register for our next event on Thursday, July 18 at 5:30 PM EST where I'll be talking to Harris Qureshi , formerly of the CFPB, on the future of fintech and much more!