Issue 8, 2022


Welcome to our eighth Promissory Notes issue of 2022.

We are pleased to announce that 60 of the firm's attorneys were selected by their peers for inclusion on the 2023 Best Lawyers list, 10 were selected as Best Lawyers "Lawyers of the Year," and nine others were selected as Best Lawyers "Ones to Watch." Many attorneys were recognized for their specific banking and finance law focus and related fields of practice.

Recognition by Best Lawyers is based entirely on peer review. Its methodology is designed to capture the consensus opinion of leading lawyers about the professional abilities of their colleagues within the same geographical area and legal practice area. You can learn more by clicking here.

As always, thank you for reading.

F. B. Webster Day, Chair, Banking & Finance Practice Group, and Co-Editor, Promissory Notes


Paul G. Papadopoulos, Co-Chair, State & Local Taxation Practice Group, and Co-Editor, Promissory Notes

"Money speaks in a language all nations understand." --- Aphra Behn

Biden Signs Bills Aimed at Catching Pandemic Business Loan Cheats

"President Joe Biden signed a pair of bills that will give the Justice Department more time to investigate and prosecute people accused of fraudulently collecting government payments aimed at helping small businesses during the COVID-19 pandemic."

Why this is important: In recent issues of Promissory Notes, we have been tracking developments in the prosecution of alleged fraud in the various economic relief programs that emerged during the COVID-19 pandemic. The Paycheck Protection Program ("PPP") and the Economic Injury Disaster Loan ("EIDL") were two of the main programs targeted by fraudsters, with an estimated $80 billion in fraudulent loans and grants between the two programs. This month, the President signed the PPP and Bank Fraud Enforcement Act and the COVID-19 EIDL Fraud Statute of Limitations Act with bipartisan support. At their core, the two laws extend the statute of limitations for criminal charges and civil enforcement in prosecuting fraud to 10 years. Without these two laws, the statute of limitations would have expired after only six years. Both lenders and borrowers should take steps to protect themselves and their customers from any pandemic related fraud. In addition to conducting their own internal analysis of any PPP or EIDL loans, company document retention practices should be adjusted as well. Lenders and borrowers should hold and maintain all records related to these programs for a minimum of 10 years from when the loan application was received, processed or forgiven. In addition, the lessons learned through this process should be applied to future relief programs to help prevent fraud on the front end as well. --- Brian H. Richardson

Breach Rule Would Give Credit Unions Longer Reporting Window than Banks 

"The 72-hour time frame falls in line with the Critical Infrastructure Act that President Joe Biden signed in March, but is twice as long as the reporting window banks have had to comply with since May."

Why this is important: The National Credit Union Administration ("NCUA") recently issued a proposed rule regarding a change to the reporting period for credit unions to report cybersecurity incidents. The proposed rule would require credit unions to report cybersecurity incidents to the NCUA within three days of reasonably believing a reportable cyber incident has occurred. This proposed rule change is in conformance with the Critical Infrastructure Act that was signed into law in March 2022, which requires companies to notify the Cybersecurity and Infrastructure Security Agency within 72 hours of learning of a cyberattack. This proposed rule change is less strict than the rule instituted by the Federal Deposit Insurance Corp. ("FDIC") for covered banks. Banks regulated by the FDIC are required to report cybersecurity incidents within 36 hours of discovery. The proposed NCUA rule is likely more lenient because smaller institutions, which most credit unions are, may have difficulty complying with a 36-hour reporting period. --- Alexander L. Turner

How Diversified Lending can Buoy Black-Owned Banks

"'Corporate loans like the one given to SAIC are a relatively safe source of income for banks, because they’re among the first liabilities that corporations settle in their debt stack.'"

Why this is important: This is an interesting article in the American Banker. This is no argument for “white privilege” or any other controversial terms. Common sense suggests this point. Certain large corporate loans have lower risk profiles than other loans. Many times, large banks want to participate these loans out to smaller (especially regional or local) banks. Our tendency as humans is to call who we know. Often, there is a local “minority-owned bank” that might benefit from such a participation. Many minority banks were formed with a mission to provide loans to groups that have more difficulty getting loans. Often these borrowers are smaller businesses, which means that they are almost inherently more risky than larger, established businesses. A larger bank that remembers to include minority-owned banks when offering such participations also helps to even the playing field. That’s good for everyone. --- Hugh B. Wellons

Delaware Court Decision Draws Attention on Overdraft Fees 

"A recent decision in the Federal District Court in Delaware should draw the attention for banks that charge overdraft fees for overdraft protection."

Why this is important: On July 19, the U.S. District Court for the District of Delaware issued a decision that should draw the attention for banks charging overdraft fees for overdraft protection. In Miller v. Del-One Federal Credit Union, the court's opinion: (1) validated a fraud claim based on allegedly inaccurate disclosure of overdraft policies (rather than a simple breach of contract); and (2) found that the official overdraft fee opt-in form included in Regulation E, promulgated under the Electronic Fund Transfers Act, and administered by the Consumer Financial Protection Bureau, must not only adapt to the institution's policies, but also state all associated overdraft procedures. The credit union had argued that its policy was accurately explained by the federally mandated overdraft opt-in form in combination with two other documents provided to customers.

Financial institutions should be aware of the two major compliance concerns in the Court's opinion. As regulators continue to crack down on overdraft fees and compliance issues, financial institutions now face additional pressure from federal courts. --- Bryce J. Hunter

FDIC Signals Greater Scrutiny of Commercial Real Estate Loans

"Examiners will increase their focus on CRE transaction testing in the upcoming examination cycle."

Why this is important: This article recaps the FDIC’s recent decision to focus on commercial real estate loans in its upcoming examination cycle, given the long-term effects of changes in work and commerce due to the COVID-19 pandemic and measures taken to protect against it. Per the FDIC, dollar volume in CRE loans is at an all-time high, which adds dimensions of risk necessitating more attention from banks in the context of uncertainties remaining from the pandemic. Accordingly, the FDIC intends to take a closer look at banks with significant exposure to CRE loans. The testing will include review of risk analysis by the banks, especially in connection with some sectors such as hotel and office and hard-hit geographical areas. The economic fallout from the COVID-19 pandemic keeps on coming. --- F. B. Webster Day

Why Banking as a Service may be Best Community Bank Survival Strategy

"As both banks and fintechs face economic headwinds they may find mutual advantage in partnerships that link the power of a bank charter with fintechs' niche strategies and algorithms."

Why this is important: Is it possible to disrupt the disruptors? Community banks (defined here as banks with less than $10 billion in total assets) currently account for approximately 95 percent of the total U.S. banking market. While the number of banks nationwide is currently only one-third of what it was back in the 1980s, community banks remain the lifeblood of much of the nation’s financial service infrastructure. The emergence of Fintech companies has quickly become a disruptor in the market, as consumers shift their financial practices towards the niche strategies and algorithms provided. Fintechs, for their part, have already begun to see the added value of a banking charter (see SoFi and Varo who announced progress towards securing their own charters earlier this year). Industry thought leaders are proposing that community banks should look to banking as a service ("BaaS") as a means to ride out the storm and come out on top. Banks that strategically position themselves to be attractive as potential Fintech partners will have the best opportunities to capitalize on these new areas of growth, which will result in better services for their customers and markets. Keys to preparing for that growth include securing buy-in from the current board, developing relationships with regulators, and clearing any legacy disadvantages and systems to prepare for the level of scale-ability that a Fintech partnership will demand. Industry critics argue that BaaS is not a viable option for every community bank. Some estimates suggest that only about one-third of banks have the type of internal infrastructure and goals necessary for a successful partnership with Fintech. One thing is certain: for any community bank to survive through the next few years, a unified strategy with full board buy-in will be critical, regardless of whether that translates into a Fintech partnership. --- Brian H. Richardson

AML and UDAAP: Secrecy vs. Transparency

"Recent regulatory focus on customer service at large banks suggest that a lack of responsiveness and transparency in managing customer service issues could have UDAAP implications."

Why this is important: Banks and their customers sometimes are placed in a regulatory “no man’s land” between requirements to identify and act on suspicious activity without “tipping off” the customer, and the regulatory clear expectation that banks deal transparently with consumers and their complaints. Complicating this expectation—and the risk of getting it wrong—is the regulatory authorities' ability to determine what constitutes an unfair, abusive or deceptive act or practice ("UDAAP"). Recent regulatory reviews of customer service at large banks suggest that a lack of responsiveness and transparency in managing customer service issues could implicate UDAAP. Further complicating this problem is that anti-money laundering ("AML") monitoring programs rely more on automation (machine learning and artificial intelligence). The need to maintain suspicious activity report ("SAR") confidentiality requires that AML-related systems, processes and decisions be appropriately segregated and protected to mitigate the risk of tipping or employee disclosure. New risks and challenges may arise, however, if a customer challenges a bank’s account restriction or closure activity through a bank’s customer complaint process—or if there are other competing regulatory issues handled in a bank process outside the line-of-sight of the AML team. While impossible to completely eliminate uncertain risks, having documented processes and procedures will help increase bank and regulatory confidence reasonably and responsibly balancing AML and customer fairness risk. --- Bryce J. Hunter

Fair Lending Compliance isn’t Just a Bank Problem 

"The 5 most common fair lending mistakes by credit unions & how to prevent them."

Why this is important: Regulators are taking a closer look at fair lending issues in all types of financial institutions. Credit unions aren’t immune from that scrutiny. Last year, the National Credit Union Administration ("NCUA") found that almost 15 percent of federal credit unions it examined had violated some consumer compliance rules. Fair lending examinations yielded violations that involved 64,000 credit union members. Those violations included things like discrimination based on marital status or age, violations of Reg E, Truth in Lending Act violations, Fair Credit Reporting Act violations, and violations related to small-dollar and Payday Alternative Loans. At bottom, credit unions should not think they are immune from potential fair lending mistakes or scrutiny by regulators. Credit unions who want to avoid potential problems on this front can use the common violations discussed in this article to audit their own procedures and guard against potential future fair lending issues. --- Nicholas P. Mooney II

The Future of Community Banks in a Global Economy

"Community banks provide essential services to the SME marketplace."

Why this is important: As Fintech’s offering of services expands in a world where the transactional space is increasingly dynamic, competitive, and frictionless, community banks must evaluate opportunities to generate new streams of income while enhancing their digital capabilities to compete with larger financial institutions and non-bank providers competing for market share within their consumer and business client bases. Technology offers a benefit to the community banking sector to keep costs down and deliver the service their market segment requires (“clicks and bricks”). However, technology costs, including the staffing to support it, can challenge community banks. Nonetheless, community banks will have an advantage over Fintech in communities where consumers may not be willing to or capable of making the digital change. --- Bryce J. Hunter

LinkedIn Share This Email
This is an attorney advertisement. Your receipt and/or use of this material does not constitute or create an attorney-client relationship between you and Spilman Thomas & Battle, PLLC or any attorney associated with the firm. This e-mail publication is distributed with the understanding that the author, publisher and distributor are not rendering legal or other professional advice on specific facts or matters and, accordingly, assume no liability whatsoever in connection with its use.

Responsible Attorney: Michael J. Basile, 800-967-8251