Here are some of the latest thoughts on the Dodd-Frank Act.
It’s not that the industry isn’t already under a magnifying glass of regulatory focus, but experts say: Expect more soon, especially in the wake of the Dodd-Frank act.
We know about Regulation Z, risk-based pricing, privacy and interchange, but an active Consumer Financial Protection Bureau could create a large amount of new guidance for banking institutions. The big unanswered question is the role and rule-making plans of the new agency. Head of the CFPB Elizabeth Warren has announced that credit cards will be the CFPB’s top priority. What other issues will the new agency tackle?
“Will they take advantage of their role as steward for consumer protection regulations to crack open Truth-in Savings or Regulation E? Only time will tell,” says Anthony Demangone, director of regulatory compliance at the National Association of Federal Credit Unions.
The landscape is already a rocky one, yet the industry will have a harder climb out of the financial crisis/recession says Borge. “Banks will be facing pervasive regulatory complexity and uncertainty in 2011.” The sprawling Dodd-Frank act and multiple initiatives launched by banking regulators “will have a massive impact on banks over many years to come,” Borge says. The problem facing many institutions is the question of what action to take. Many of the specific requirements are left to regulators to determine in 2011 and beyond.
In the meantime, banking/security leaders must make business decisions without knowing for sure what the new rules of the road will be. Which products and businesses must be fine-tuned, overhauled or even abandoned? What new business opportunities will arise from the current upheaval? Is it better to act now or wait until the regulations are clarified?
Without question, the resources required to meet the new regulatory requirements of the Dodd-Frank act will be a major factor in the coming months. The vast number of regulations required by DFA will require significant regulatory and bank resources.
“Many of these regulations will require the installation of new or the refinement of existing information systems,” says Doug Johnson, vice president of risk management policy at the American Bankers Association. While privacy regulations will now be the responsibility of the CFPB, information security regulations will remain a part of safety and soundness examinations. Johnson says it will be interesting to see how that plays out.
Institutions will need to put forth more time and resources to address how the DFA impacts the Fair Credit Reporting Act and the Gramm Leach Bliley Act. Specifically, institutions need to look at how to implement more protections for personal information in all forms, and throughout the entire lifecycle. Expect that there will be more FCRA & GLBA audits. Regardless of push-back from Republicans in Congress, “changes to the FCTA and GLBA will stick,” says security and privacy expert Rebecca Herrold.