Alston & Bird Consumer Finance Blog

Fintech

FHFA Director Directs Fannie and Freddie to Consider Crypto Assets to Qualify for Mortgages

By ,

What Happened?

On June 26, Federal Housing Finance Agency (“FHFA”) Director William Pulte told Fannie Mae and Freddie Mac (the “government sponsored entities”) to draft policies that would consider a borrower’s cryptocurrency holdings as reserves or assets when qualifying for a mortgage, without requiring borrowers to convert those holdings into U.S. dollars, and cryptocurrencies under consideration would be those stored on a U.S.-regulated exchange.

Why It’s Important

Currently, cryptocurrency that has not been converted to U.S. currency cannot be considered when evaluating a borrower’s qualifications for a mortgage backed by the government sponsored entities. The Trump administration has expressed interest in bolstering and further legitimizing cryptocurrency in the U.S. financial system. Incorporating crypto assets into the housing industry would inextricably link crypto, a less established financial tool, to one of the most stable asset classes in America.

What To Do Next?

Fannie Mae and Freddie Mac are directed to develop proposals “as soon as reasonably practical.” Parties with an interest in housing finance should stay up to date with Fannie Mae and Freddie Mac announcements to see when proposals are published.

Financial Services Advisory | The (Bay) State of the Model Money Transmission Modernization Act

By ,

Executive Summary
7 Minute Read

Massachusetts has joined the growing list of states that have at least partially adopted the Model Money Transmission Modernization Act. Our Financial Services Group examines the model act, how the Bay State has adopted it, and the implications for money transmitters.

  • The Massachusetts act applies to any entity that transfers money within the United States
  • The act only applies to consumer transactions, a major difference from the national model
  • Requirements of the act take effect January 1, 2026

________________________________________________

Massachusetts is the first state of 2025 to sign its version of the Model Money Transmission Modernization Act into law. The model act is a set of nationwide standards for the supervision and regulation of money transmitters created by state and industry experts and approved by the Conference of State Bank Supervisors (CSBS) in 2021. Since then, 25 states have enacted legislation to adopt, in whole or in part, a version of the model act.

Both the governor and state commissioner of banks emphasized the need to protect consumers and pointed to the widespread use of peer-to-peer payment applications as an important reason for adopting the new law. While regulation of businesses offering peer-to-peer payment services may have been a goal, the new law is far more comprehensive than the current framework, which addresses cross-border money transmissions and the sale of checks or money orders.

Scope of the New Massachusetts Act

Historically, Massachusetts has only required entities engaging in the business of selling, issuing, or registering checks or engaging in foreign money transmission activities, such as facilitating cross-border transactions, to obtain licenses. The new law repeals the prior law and replaces it with a statutory framework influenced by the model act. The new law applies to any entity that provides transfers of money between individuals or entities within the United States if it does not otherwise qualify for an exemption.

Specifically, the new law regulates the following activities as “money transmission”: (1) the sale or issuance of payment instruments to a person in Massachusetts; (2) the sale or issuance of stored value to a person in Massachusetts; or (3) the receipt of money for transmission from a person in Massachusetts.

In addition to expanding the scope, the new law incorporates key provisions from the model act, including express exemptions for operators of payment systems providing processing, clearing, or settlement services and for entities acting as agents of payees in accordance with statutory requirements.

Comparison to Model Act

While closely modeled on the model act, the new law does differ from the model act in a few notable ways.

Expressly for consumer purposes only

The definition of “money transmission” in the new law refers to the provision of such services to individuals and corporate entities. At the same time, the definition is expressly limited to “transactions engaged in by a person for personal, family or household purposes.” This addition limits the scope of the new law to consumer purposes. In contrast, the model act does not specify the purpose of the transactions, implying that it applies to both consumer and commercial transactions.

Silent on payroll processing services

The new law did not adopt the model act’s explicit inclusion of “payroll processing services” in its definition of money transmission. However, it did not expressly exempt payroll services, as is the case in other states, such as California.

The Division of Banks has posted select opinions interpreting the current law, including one as recently as November 2024, providing guidance on the licensing requirements for payroll and employee benefit services. The division concluded the services provided by the payroll service provider were not licensable under the state’s laws on cross-border money transmissions because none of the services involved the “transfer of money to foreign countries,” although certain other check services were licensable under the state’s laws on the sale of checks or money orders.

In reaching this conclusion, the deputy commissioner of banks and general counsel cautioned that “legislation has been filed that would overhaul the licensing and regulation of money transmission and would include domestic money transmission within the licensure requirement.”

Although Massachusetts may interpret payroll processing services as falling under the category of commercial services exempted by the limitations on money transmission set forth in the new law, recent guidance has focused on the presence of foreign transmission activity as the determining factor in resolving the question of whether licensure is required.

Does not adopt virtual currency provisions

The new law did not adopt the virtual currency provisions of the model act. Opinions posted on the division’s website clarify that entities involved in virtual currency transactions, such as exchanges or kiosks, may not require a foreign transmittal agency license if their activities do not involve transmitting funds to foreign countries.

The division often concluded that these entities’ activities did not involve transmitting funds to foreign countries, which was the primary driver for requiring such a license. The division’s conclusions are based on the specific facts presented in each case, and different facts may lead to different outcomes. As Massachusetts begins regulating domestic transactions, it remains unclear whether the new law will be interpreted to apply to virtual currency transactions.

Impact on Current Licensees

Licenses obtained under the current law will remain in effect, but renewals for the year 2026 and after will need to be filed in accordance with the new law.

Existing licensees will need to comply with the requirements in the new law, including maintaining a surety bond, permissible investments, and meeting the tangible net worth requirements.

Effective Date

New laws take effect in Massachusetts 90 days after the governor signs the law, unless the new law is an emergency law or pertains to certain matters excluded under the Massachusetts Constitution, making the effective date of the new law April 1, 2025. The new law states that the majority of its requirements will take effect January 1, 2026. Persons engaged in money transmission in Massachusetts that are required under the new law to obtain licensure must file an application for licensure by June 1, 2026 and may continue their activities while their application is pending until the application has been approved, withdrawn, or denied.

Model Act Adoption Landscape

Many states have adopted the model act either wholly or in part since the CSBS approved the model act in 2021. These states include:

  • Arizona
  • Arkansas
  • California
  • Connecticut
  • Georgia
  • Hawaii
  • Illinois
  • Indiana
  • Iowa
  • Kansas
  • Maine
  • Maryland
  • Massachusetts
  • Minnesota
  • Missouri
  • Nevada
  • New Hampshire
  • North Dakota
  • South Carolina
  • South Dakota
  • Tennessee
  • Texas
  • Vermont
  • West Virginia
  • Wisconsin

States’ Partial Adoptions of the Model Act

The model act regulates money transmission by establishing licensing, financial security, and reporting requirements and includes exemptions for certain entity types. While the goal of the model act was harmonization in the money transmission industry, states have not uniformly adopted the model act, with some choosing to adopt only certain provisions and others choosing to exempt activities the model act defines as licensable.

One exemption that has seen inconsistent adoption is that of payroll processing services, with some states expressly exempting payroll processors, other states choosing to be silent on whether payroll processing services constitute money transmission, and a third approach, such as that taken in Iowa, where the state adopted an “agent of the payor” exemption that applies to payroll processing.

Additionally, the model act provides an option for states to impose uniform licensing and disclosure requirements on virtual currency business activity. Only a few states, including Maine and Minnesota, have opted to include the model act’s virtual currency provisions. Other states are continuing to regulate virtual currency activity either through new licensing regimes or through regulatory interpretations of their money transmission laws.

Despite improved alignment between the states, companies engaging or seeking to engage in money transmission activities must continue managing compliance individually for each state.

2025 Adoptions of the Model Act

Massachusetts is the latest state to regulate domestic money transmission. Nearly half the states that have adopted at least part of the model act did so in 2024. We anticipate momentum in adoption of the model act will continue this year. Some states, including Alaska, Idaho, and Virginia, have pending legislation to address whether the state will also adopt a form of the model act later in the year.

We further note that while states are continuing to consider adopting the model act, Kansas, South Carolina, and Wisconsin each have new money transmission laws based on the model act that went into effect January 1, 2025.

Originally published January 22, 2025.

You can subscribe to future advisories and other Alston & Bird publications by completing our publications subscription form.

If you have any questions, or would like additional information, please contact one of the attorneys on our Financial Services team.

CFPB Approves Financial Data Exchange to Set Standards for 1033

By

What Happened?

Last week the CFPB issued an Order recognizing the Financial Data Exchange, Inc. (“FDX”) as the first standard setting body (“SSO”) under the CFPB’s Personal Financial Data Rights Rule (the “Rule”).  The Rule requires financial institutions, credit card issuers, and other financial providers (“Subject Entities”) to make available consumers’ financial data and transfer it to third parties, at the consumer’s request, for no charge.   The final version of the Rule was released in October, and it is the subject of a lawsuit filed by the Bank Policy Institute and the Kentucky Bankers Association.

Why does it Matter?

Background:

FDX is a standard-setting organization with more than 200 member organizations in the United States and Canada, including depository and non-depository commercial entities; data providers and data recipients; and others.  FDX’s stated primary purpose is to develop, improve and maintain a common, interoperable standard for secure consumer and business access to financial records.

SSOs:

The Role of SSOs is to issue consensus standards to help entities comply with the Rule, including protocols for secure data sharing.  In June 2024, the CFPB finalized a rule outlining the qualifications to become a recognized industry standard setting body. The CFPB identified five key qualifications that standard setting bodies must demonstrate in order to be recognized by the CFPB, including openness, transparency, balanced decision-making, consensus, and due process and appeals.

The CFPB’s recognition of FDX as an SSO is subject to a number of conditions, including:

  • Ban on “pay-to-play” and other conflicts of interest:  FDX is to develop standards to promote open banking without regard to sponsorships or other financial incentives to give certain market participants an unfair advantage.  FDX must ensure that the organization and its staff do not have any side arrangements that would skew its financial incentives toward particular entities.
  • Mandatory reporting on market adoption:  FDX is required to report to the CFPB on market use of its consensus standards and/or maintain a publicly available resource where companies can disclose their use of standards as well as any certifications of adherence to standards, for the benefit of open banking participants, regulators, and the public.
  • Transparency and availability of standards: FDX must make available to the public any consensus standards that it adopts and maintains, subject to reasonable safeguards, and to ensure that non-members have the same access as members do. FDX must also make publicly available information about its standards development and issuance processes.

What’s Next?

Although FDX was recognized as the first SSO, the CFPB continues to evaluate other applications for SSO recognition.  As these organizations will have significant impact on the way Subject Entities comply with the Rule, those entities should monitor the issuance of consensus standards as they develop.

Financial Services Advisory: The UK Introduces a New Reimbursement and Compliance Monitoring Regime for Authorised Push Payment Scams

By ,

Our UK Financial Services Group examine the UK’s new mandatory reimbursement rules that will require payment service providers (PSPs) to reimburse victims of scam transactions.

  • The new rules will apply to all PSPs that participate in CHAPS and the Faster Payments Scheme and that operate ‘relevant accounts’
  • Consumers still have a responsibility to exercise caution before claiming a reimbursement, but PSPs will now have to be more vigilant when processing authorised push payments
  • Under the new requirements, PSPs could be required to reimburse consumers up to £85,000 per scam claim, consistent with the Financial Services Compensation Scheme reimbursement limit

___________________________________________________________________________

Payment service providers that participate in the Faster Payment Scheme in the UK and make payments on behalf of consumers from UK accounts will soon be subject to the Faster Payments Scheme Reimbursement Rules. The rules will require (subject to certain exceptions) payment services providers that send or receive funds on behalf of consumers to reimburse consumers when the payment was authorised by the consumer as a result of a scam.

The rules come into force on 7 October 2024, so payment service providers that participate in the Faster Payment Scheme must ensure that they are prepared. In addition to registering with the Faster Payments Operator, in-scope payment service providers must ensure that they have the relevant procedures and practices in place to monitor for scam transactions through the Faster Payments Scheme to avoid having to reimburse victims for scam transactions.

Authorised push payment (APP) scams happen when a person uses a fraudulent or dishonest course of conduct to manipulate, deceive, or persuade someone into sending money to an account outside their control.

With the aim of identifying and reducing the number of APP scams, the Financial Services and Markets Act 2023 (FSMA 2023) placed a statutory obligation on the UK Payment Systems Regulator (PSR) to introduce a Reimbursement Requirement for APP scam payments made over the Faster Payments Scheme (FPS) given that the PSR has oversight over payment systems in the UK (as opposed to payment services which are regulated by the Financial Conduct Authority).

The PSR decided to implement a policy that requires APP scam victims to be reimbursed by payment service providers (PSPs) because they provide services that enable the transfer of funds using the FPS. This is known as the FPS Reimbursement Requirement. The PSR decided to implement this policy by requiring the Faster Payments Operator to put the FPS Reimbursement Requirement into the Faster Payments Scheme rules. The resulting rules are known as the FPS Reimbursement Rules and will come into effect on 7 October 2024.

Application
The new FPS Reimbursement Requirement will apply to all PSPs that directly or indirectly participate in the Faster Payments Scheme and that operate ‘relevant accounts’, which are accounts that are held in the UK and can send or receive payments using the FPS, but they do not include accounts provided by credit unions, municipal banks, and national savings banks.
The FPS Reimbursement Requirements only apply to FPS APP scam payments, which are fraudulent or dishonest acts or courses of conduct to manipulate, deceive, or persuade a consumer into transferring funds from the consumer’s relevant account to a relevant account not controlled by the consumer, if:

  • The transfer is executed through the FPS.
  • The recipient is not who the consumer intended to pay.
  • The payment is not for the purpose the consumer intended.

A consumer who has made one or more FPS APP scam payments is defined as a ‘victim’. Note that for these purposes, consumer includes micro-enterprises and charities.

FPS Reimbursement Requirement
The FPS Reimbursement Requirement requires a ‘sending PSP’ (the PSP that operates the account from which the FPS APP scam payment was made) to reimburse the victim of an FPS APP scam payment, subject to certain exceptions.

Reimbursable FPS APP Scam
An FPS APP scam is only reimbursable if the sending PSP determines that:

  • The Consumer Standard of Caution Exception does not apply or the victim was a vulnerable consumer when the APP scam payment was authorised.
  • The victim is not party to the fraud.
  • The victim is not claiming fraudulently or dishonestly.
  • The victim is not claiming for an amount which is the subject of a private civil dispute.
  • The victim is not claiming for an amount which the victim paid for an unlawful purpose.

Exceptions to the Reimbursement Requirement
PSPs are not required to reimburse an FPS APP scam payment when the Consumer Standard of Caution applies. The Consumer Standard of Caution Exception applies when a sending PSP can demonstrate that a consumer who has made an FPS APP scam claim has, as a result of gross negligence, not complied with one or more of the following standards (the Consumer Standard of Caution):

  • The consumer should have regard to any intervention made by their sending PSP or a competent national authority (CNA).
  • The consumer should, upon learning or suspecting that they have fallen victim to an APP scam, report the FPS APP scam claim promptly to their sending PSP.
  • The consumer should respond to any reasonable and proportionate requests for information made by their sending PSP.
  • The consumer should, after making an FPS APP scam claim, consent to the sending PSP reporting to the police on the consumer’s behalf or request they directly report the details of an APP scam to a CNA.

Note that the Consumer Standard of Caution Exception does not apply if the victim was a vulnerable consumer when they made at least one of the FPS APP scam payments in the FPS APP scam claim and this had a material impact on their ability to protect themselves from the scam.

Guidance on what is a ‘vulnerable customer’ is set out in the Financial Conduct Authority ‘Guidance for firms on the fair treatment of vulnerable customers’, which states that all customers are at risk of becoming vulnerable and this risk is increased by characteristics of vulnerability related to four key drivers:

  • Health – health conditions or illnesses that affect the ability to carry out day-to-day tasks.
  • Life events – life events such as bereavement, job loss, or relationship breakdown.
  • Resilience – low ability to withstand financial or emotional shocks.
  • Capability – low knowledge of financial matters, low confidence in managing money (financial capability), or low capability in other relevant areas such as literacy or digital skills.

The guidance also provides specific examples.

In its consultation paper, the PSR describes ‘gross negligence’ as a ‘very high bar which will critically depend on the individual circumstances of each case’. It interprets gross negligence to be ‘a higher standard than the standard of negligence under common law’, with the consumer having to have shown a ‘very significant degree of carelessness’.

Time Limits to Claim Reimbursement
PSPs are not required to reimburse FPS APP scam payments reported more than 13 months after the date of the final FPS APP scam payment of the claim (consistent with the timeframes for reimbursement for unauthorised payments under the Payment Services Regulations 2017) or FPS APP scam payments that occurred before 7 October 2024.

Maximum Amount of Reimbursement
PSPs are not required to reimburse APP scam victims above the maximum level of reimbursement, even if the consumer was assessed as vulnerable. The PSR had previously set the maximum level at £415,000 in line with the Financial Ombudsman maximum reimbursement limit. However, after a brief consultation, the PSR recently decided to lower this amount to £85,000 per FPS APP scam claim, in line with the maximum level of reimbursement set under the Financial Services Compensation Scheme.

Assessment of FPS APP Scams
Once a sending PSP receives a reported FPS APP scam, the sending PSP must notify the receiving PSP (the PSP providing the relevant account into which APP scam payments are received) within two hours of the claim being reported. The receiving PSP then has the opportunity to respond to the sending PSP with any information it believes to be relevant to the FPS APP scam claim, up to a maximum of three business days after the notification from the sending PSP of the claim being raised.

The sending PSP cannot complete its assessment of the FPS APP scam claim until either the opportunity to respond has elapsed or all receiving PSPs have responded to the notification.

Payment of the Reimbursable Amount
If the sending PSP determines that the reported FPS APP scam payments are reimbursable, it must pay the reimbursable amount to the victim of the scam within five business days of the claim being raised.
Sending PSPs may pause the five-business-day reimbursement timescale by using the ‘stop the clock provision’ only when it has requested further information to assess the reported FPS APP scam claim. However, in any case, the sending PSP must complete the assessment, decide whether the FPS APP scam claim is to be reimbursed or not, and close the claim before the end of the thirty-fifth business day following the reporting of the FPS APP scam claim.

Excess
The sending PSP may apply a single claim excess to each FPS APP scam claim, up to the maximum claim excess value set by the PSR (£100). However, sending PSPs may not apply an excess if the victim was a vulnerable consumer.

Payment of the Reimbursable Contribution Amount
Once a sending PSP has paid the reimbursable amount to the victim of the FPS APP scam, then the reimbursable contribution amount shall become payable by the receiving PSP. The result is that both sending PSPs and receiving PSPs must be vigilant when processing payments through the Faster Payments Scheme.

The reimbursable contribution amount owed by the receiving PSP to the sending PSP is half the reimbursable amount and would be proportioned if there is more than one receiving PSP. The reimbursable contribution amount is payable within five business days following notice from the sending PSP.

Key Milestones
The FPS Reimbursement Rules set out certain key milestones:

  • By 20 August 2024, all in-scope PSPs must have registered with the Faster Payments Operator for the purposes of identification within the FPS reimbursement directory, reporting data, and compliance monitoring and management.
  • By 20 September 2024, all in-scope PSPs must have been onboarded to the Reimbursement Claims Management System (RCMS) Core for the purposes of accessing the FPS reimbursement directory, reporting data, and compliance monitoring and management.
  • From the proposed date of 1 May 2025, all in-scope PSPs must be onboarded to the RCMS Core + Claims and using the system to complete all actions required of them as defined by the FPS Reimbursement Rules to manage FPS APP scam claims, communicate with PSPs about FPS APP scam claims, and comply with the information collation, retention, and provision obligations.

Extension to CHAPS Payments
The Bank of England, as the operator of CHAPS, also published its draft of the CHAPS Reimbursement Rules in May 2024 and updated them in August 2024.

The intention of the new requirements is to mirror the protections set to be afforded to victims of APP scams who lose money via the FPS and to provide consistent outcomes, as well as consistent processes for firms, across both payment systems.

The PSR also published a policy statement and Specific Direction 21 on 6 September 2024. The Specific Direction requires banks and other PSPs participating in CHAPS to comply with the Bank of England’s new CHAPS Reimbursement Rules. It also confirmed that the CHAPS Reimbursement Rules will also come into force on 7 October 2024 in line with the FPS Reimbursement Requirements.

Originally published October 2, 2024.

You can subscribe to future advisories and other Alston & Bird publications by completing our publications subscription form.

If you have any questions, or would like additional information, please contact one of the attorneys on our Financial Services Team.

Financial Services / Antitrust Advisory: FDIC, OCC, and DOJ Update Guidance on Bank Merger Evaluations

By , , ,

Executive Summary
12 Minute Read
Last week, each of the Federal Deposit Insurance Corporation (FDIC), the Office of the Comptroller of the Currency (OCC), and the Department of Justice Antitrust Division (DOJ) revised how they will review bank mergers. Our Financial Services and Antitrust teams highlight what banks considering mergers should know about the changes.

  • Bank Merger Act (BMA) filers should anticipate increased scrutiny and a broader analysis from the FDIC, OCC, and DOJ
  • Competitive-effects considerations will extend beyond deposit concentrations to nontraditional sources of competition, although the FDIC stopped short of considering certain nonbank competition, such as fintechs
  • BMA filers should underscore their proposed merger’s net positive impact on the convenience and needs of the community
  • The FDIC has expanded its interpretation of the BMA to encompass transactions that would not have previously required a filing
  • The Board of Governors of the Federal Reserve System, the third primary federal banking regulator, did not release updated guidelines

______________________________________________________________________

On September 17, 2024, the Federal Deposit Insurance Corporation (FDIC), the Office of the Comptroller of the Currency (OCC), and the Department of Justice Antitrust Division (DOJ) each adopted revised approaches to their reviews of bank mergers.

In separate releases, the FDIC and OCC updated and expanded their existing guidance, signaling more in-depth, holistic strategies in evaluating mergers involving insured depository institutions (IDIs) under the Bank Merger Act (BMA). The OCC simultaneously adopted a final rule eliminating its expedited review and streamlined application processes for certain bank merger applications. The DOJ, which plays a complementary role in the banking regulators’ analysis of anticompetitive effects, likewise updated its competitive-effects guidelines for reviewing mergers under the BMA and the Bank Holding Company Act of 1956 (BHC Act).

The FDIC’s final policy statement on bank merger transactions supersedes its existing policy statement first published in 1997 and last revised in 2008. In a coordinated effort, the OCC’s final rule and policy statement on business combinations amended its procedures for reviewing applications under the BMA and provides guidance for its review process. Meanwhile, the DOJ withdrew from its 1995 bank merger guidelines, opting instead to evaluate bank mergers using the general 2023 merger guidelines applicable to other industries, as described in a newly issued 2024 banking addendum to the 2023 merger guidelines.

The Board of Governors of the Federal Reserve System, which also evaluates merger applications under the BMA and the BHC Act, did not participate in this coordinated undertaking or otherwise publicly alter its existing precedent-based approach.

The DOJ will apply its standard merger analysis to all transactions subject to the BMA and the BHC Act, whereas the banking regulators’ releases apply only to mergers under the BMA. The policy statement by the FDIC, the primary federal regulator for state-chartered IDIs that are not members of the Federal Reserve System, will apply only to such IDIs. Under the updated guidance, however, FDIC-regulated institutions will now need to notify the FDIC of a broader range of transactions, including acquisitions of nonbanking assets or entities that did not previously merit a filing. While not all such transactions will require a formal BMA application, the FDIC will now determine whether such transactions constitute a “merger in substance” on a case-by-case basis. The OCC’s final rule will apply only to those institutions under its supervision, i.e., national banks and federal savings associations.

The change to the DOJ’s process became effective upon its release. The FDIC’s policy statement will take effect 30 days after its publication in the Federal Register. The OCC’s final rule will become effective on January 1, 2025.

How Will the FDIC’s, OCC’s, and DOJ’s Revised Policies Impact Merger Reviews? 

In assessing an application under the BMA, federal banking regulators have long had to consider, among other things: (1) the transaction’s monopolistic or anticompetitive effects; (2) the institutions’ financial and managerial resources and future prospects; (3) the convenience and needs of the community to be served; (4) the risk to the stability of the U.S. banking or financial system; and (5) the effectiveness of combating money laundering activities. However, banking regulators have discretion in interpreting and applying the factors. In the FDIC’s policy statement and the OCC’s final rule, the regulators clarified how they intend to construe those factors going forward.

While the DOJ technically retains the ability to independently challenge bank mergers, it has rarely done so. However, banking regulators are required to consider the DOJ’s assessment of the monopolistic or anticompetitive effects. Following its review, the DOJ’s views are provided to bank regulators in a nonpublic competitive-factors report. For many years, the DOJ conducted this analysis under the 1995 bank merger guidelines. After withdrawing from those guidelines, the DOJ will now use the same standards and theories of harm it applies to other industries, as explained by a clarifying banking-specific addendum.

Monopolistic or anticompetitive effects

Under the 1995 bank merger guidelines, the DOJ and the federal banking regulators focused primarily on commercial bank deposit concentrations of the geographic markets in which the transaction parties operated and how the proposed combination would affect the same. The DOJ, FDIC, and OCC have each indicated a move to a more multifactored approach, considering additional products and sources of competition, including nontraditional sources of competition. In prior public statements discussing the need to revisit its guidance on bank merger reviews, the DOJ had cited changes in the banking system, including “the popularization of interstate banking, financial conglomeration, online and mobile banking, and the digital transformation of the economy.”

Issued in late 2023 and substantially broader and more complex than the 1995 bank merger guidelines, the DOJ’s 2023 merger guidelines provide a robust framework with which to assess proposed mergers. The DOJ’s 2024 banking addendum highlights a number of 2023 guidelines that the DOJ views as particularly relevant to IDI mergers. For example, the addendum emphasizes those guidelines that describe the DOJ’s approach to transactions involving vertical integration, a pattern or series of acquisitions by the same buyer, and deals involving multisided platforms.

The FDIC stated that it will look at all relevant geographic markets (local, regional, and national) based on where the merging entities operate, consider all relevant market participants and their total deposits, and consider the size and competitive effects of the resulting IDI. Both the FDIC and OCC clarified that this factor is considered in combination with the convenience and needs of the community. The FDIC elaborated that this balancing may be particularly relevant in rural communities, where the needs of the community may outweigh interests in increased competition. The FDIC also expanded its competition analysis to consider credit unions, thrifts, and Farm Credit System institutions, though it declined industry participants’ requests to include fintechs and other nonbank financial services companies.

The OCC did not provide further detail on how it will evaluate competition factors, citing the complexity of the competition factor review and the involvement of the DOJ in its deliberations.

Financial resources, managerial resources, and future prospects

The FDIC separately addresses the considerations relevant to the BMA’s financial-resources, managerial-resources, and future-prospects criteria. In addition to an individual review of each of the foregoing factors, the OCC also considers all three in combination, noting their relatedness. In particular, the OCC looks at these factors in the context of the economic and operating environment and in light of the size, complexity, and risk of the institutions (a sentiment echoed by the FDIC). The OCC is less likely to approve a transaction when the resulting IDI would be less than adequate in any of these three categories. Moreover, the OCC will consider whether the acquiring institution has experienced rapid growth, a factor also considered by the FDIC, or has engaged in multiple acquisitions with overlapping integration periods, and how that may impact these factors.

Financial Resources. Achieving a resulting IDI with less financial risk than that posed by the institutions individually underpins the FDIC’s financial resources considerations. The FDIC walked back its original use of “weaker” in response to comments so as not to dissuade financially sound IDIs from acquiring less-stable institutions. Unsurprisingly, both the FDIC and OCC emphasized the resulting institution’s ability to meet capital standards. Notably, the FDIC also reiterated its ability to condition approval upon entry into written agreements specifying enhanced capital requirements.

Managerial Resources. The FDIC and OCC each dedicated substantial attention to the managerial-resources factor. Both regulators will look to management’s perceived ability to integrate the IDIs and, at a structural level, the IDIs’ compliance management systems. Among other considerations, the FDIC will evaluate the proposed management’s existing responsiveness to regulatory questions, its record of managing and overseeing rapid growth, and individuals’ backgrounds and experience (including the performance and supervisory records of IDIs in which they’ve played a role). The FDIC will also specifically consider consumer compliance ratings and Community Reinvestment Act (CRA) ratings, along with the performance of parent companies and their ability to provide support. The OCC emphasized due diligence to assess the target’s weaknesses and an analysis of the acquirer’s ability to offset such weaknesses.

Future Prospects. The FDIC and OCC will consider both internal and external factors. The FDIC will look closely at any changes being made to the resulting IDI, including to its operations, products, and services, whereas the OCC cited management’s ability to implement the resulting institution’s business plan as an important consideration. Both regulators will study the acquirer’s historical performance integrating merger targets. Both regulators will also evaluate the existing economic environment and competitive landscape.

Convenience and needs of the community

The FDIC and OCC provided additional insight into how they expect applicants to address the proposed merger’s impact on the convenience and needs of the community. Perhaps the most significant development is the FDIC’s analysis of whether an application can demonstrate that the resulting institution will better meet the convenience and needs of the community, including the filer’s commitment to doing so. While the OCC focused less on the resulting institution’s improvement in meeting the convenience and needs of the community, it notes a net positive impact is likely to satisfy this factor. Both the FDIC and OCC expect filers to provide specific examples of how the transaction will benefit the community, such as greater access to products and services, and reduced prices and fees. Both regulators emphasized consideration of the transaction’s impact on low- and moderate-income communities and will evaluate historical CRA ratings. Branch expansions, closings, and consolidations during the three years following the merger will play a role in the FDIC’s and the OCC’s analyses. The OCC also independently considers factors such as job losses and opportunities and efforts to support affordable housing initiatives.

Public input remains important because both regulators recognized the potential for public hearings and the need to consider public commentary when evaluating whether to hold a hearing. The FDIC will now presumptively require public hearings for transactions resulting in an institution with $50 billion or more in consolidated assets. Unlike the FDIC, the OCC did not adopt deal-size thresholds for presumptive hearings; instead, the OCC “will balance the public’s interest in the transaction with the value or harm of a public meeting to the decision-making process.”

Financial stability

When considering a post-merger institution’s risk to the stability of the market, the FDIC and OCC evaluate the size of the entities involved, the availability of substitute providers, the post-merger institution’s contributions to the complexity of the financial system, and the extent of cross-border activities. Both regulators will continue to analyze the institutions’ interconnectedness with the U.S. banking system. The OCC separately emphasized its consideration of the degree of difficulty of winding up the post-merger institution’s business in the event of failure or insolvency.

While the FDIC was careful to note that size alone is not dispositive, it adopted a $100 billion threshold, above which institutions will receive heightened scrutiny and can expect greater processing times. The FDIC stopped short of defining “additional scrutiny,” but noted such transactions are likely to involve additional information requests and more frequent communications with both regulators and community members. The OCC retained existing heightened standards for transactions resulting in an institution with consolidated assets of $50 billion or more and elected to not alter that threshold. The OCC also reinforced its ability to impose conditions on the approval of a merger posing financial stability risks, such as requiring asset divestitures or setting minimum capital requirements.

Combating money laundering activities

The FDIC expects that post-merger IDIs will implement effective programs to combat money laundering and the financing of terrorism. To determine this, the FDIC evaluates each institution’s general policies, procedures, and processes; anti-money laundering and counter-the-financing-of-terrorism programs; risk management programs; compliance with the Bank Secrecy Act; and remediation efforts pursuant to an outstanding corrective program. The OCC did not expand upon its policies for combating money laundering activities in its policy statement but did state that any open or pending anti-money laundering actions raised concerns for approving the merger.

How Will the OCC’s Final Rule Affect BMA Filers?

The OCC’s final rule and policy statement eliminated the streamlined application and expedited review provisions under Part 5 of Title 12 of the Code of Federal Regulations. The OCC historically accepted a “streamlined” BMA application under Section 5.33(j), which avoided open-ended prompts in favor of discrete questions. Filers eligible to file a streamlined application, along with transactions deemed a business reorganization, were subject to expedited review under Section 5.33(i), which deemed a filing approved on the fifteenth day after the applicable comment period expires (absent action to the contrary). The OCC does not expect this change to significantly alter the filing burden or timeline because, inter alia, it historically takes action on eligible filings within the 15-day expedited-review period.

The FDIC, which did not previously have a streamlined application option, has retained its unique expedited processing mechanism.

Final Thoughts and Key Takeaways

  • Though not an overhaul of its existing approach, filers should expect heightened scrutiny of proposed mergers from the FDIC, OCC, and DOJ.
  • The FDIC and OCC’s “new” considerations are consistent with our experience in seeking approval of transactions under the BMA.
  • Potential BMA filers should be cautious to infer a lack of interagency coordination from the Federal Reserve, which often prefers to rely on precedent than to issue guidance and is responsible for reviewing mergers under the BMA and BHC Act.
  • By announcing that it will apply its general 2023 merger guidelines to banking transactions, the DOJ has signaled that it intends to consider a broader range of competition theories and concerns when performing its competition review of bank deals.

Originally published September 26, 2024.

You can subscribe to future advisories and other Alston & Bird publications by completing our publications subscription form.

If you have any questions, or would like additional information, please contact one of the attorneys on our Financial Services Team or one of the attorneys on our Antitrust Team.