May 2022 financial reporting, governance, and risk management

Message from John Epperson, Managing Principal, Financial Services

Dear FIEB readers,

May is often the month when the annual “best beach reads” lists start to proliferate, so let us offer you a “best summer 2022 financial reporting, governance, and risk management reads” list. Inside this report, you will discover:

A more than-600-page read from the federal financial institution regulators covering reform and modernization of the Community Reinvestment Act
Supervisory updates from the Federal Reserve and the Consumer Financial Protection Bureau
A three-page extension announcement from the Securities and Exchange Commission (SEC) to allow more time to read the almost-500-page climate disclosure rule proposal
Multiple speeches from SEC commissioners addressing various topics including climate, cybersecurity, and the financial markets
Guidance from the SEC’s Division of Corporation Finance on disclosures related to geopolitical risks
SEC activity related to crypto assets and, not to be outdone, Financial Accounting Standards Board work on reference rate reform and goodwill amortization

Readers are likely to agree that it is quite the reading list, and, as generally is the case with “best reads” lists, there is never a dull moment on the financial reporting, governance, and risk management front. We will continue to keep you informed.

Subscribe now

Matters of importance from the federal financial institution regulators

Agencies propose comprehensive reforms to Community Reinvestment Act

The Federal Reserve (Fed), Federal Deposit Insurance Corp. (FDIC), and Office of the Comptroller of the Currency (OCC) on May 5, 2022, issued a long-anticipated joint notice of proposed rulemaking to reform and modernize regulations implementing the Community Reinvestment Act (CRA). The agencies proposed changes to how CRA activities qualify for consideration, where activities are considered, and how they are evaluated. The CRA was initially enacted in 1977, and the regulations were last amended in 1995. In the joint proposal, the agencies identified five key elements:

“Expand access to credit, investment, and basic banking services in low- and moderate-income communities. Under the proposal, the agencies would evaluate bank performance across the varied activities they conduct and communities in which they operate so that CRA is a strong and effective tool to address inequities in access to credit. The proposal would promote community engagement and financial inclusion. It would also emphasize smaller value loans and investments that can have high impact and be more responsive to the needs of [low- and moderate-income (LMI)] communities.
“Adapt to changes in the banking industry, including internet and mobile banking. The proposal would update CRA assessment areas to include activities associated with online and mobile banking, branchless banking, and hybrid models.
“Provide greater clarity, consistency, and transparency. The proposal would adopt a metrics-based approach to CRA evaluations of retail lending and community development financing, which includes public benchmarks, for greater clarity and consistency. It also would clarify eligible CRA activities, such as affordable housing, that are focused on LMI, underserved, and rural communities.
“Tailor CRA evaluations and data collection to bank size and type. The proposal recognizes differences in bank size and business models. It provides that smaller banks would continue to be evaluated under the existing CRA regulatory framework with the option to be evaluated under aspects of the new proposed framework.
“Maintain a unified approach. The proposal reflects a unified approach from the bank regulatory agencies and incorporates extensive feedback from stakeholders.”

The comprehensive (670-plus pages) CRA modernization proposal would establish a new framework for the agencies in evaluating CRA performance for banks. The proposal creates three assessment tiers: large banks ($2 billion or more in assets), intermediate banks ($600 million to $2 billion in assets), and small banks (less than $600 million in assets).

Under this tiered framework, large banks would be subject to a retail lending test, a retail services and products test, a community development financing test, and a community development services test. Intermediate-sized banks would be subject to the retail lending test and a status quo community development test, unless they choose to opt into the community development financing test. Small banks would be evaluated under the status quo small-bank lending test, unless they choose the retail lending test.

We are evaluating the proposal closely and will provide additional perspectives on the proposed framework.

Comments are due Aug. 5, 2022.

Fed issues “Supervision and Regulation Report”

The Fed on May 6, 2022, published its semiannual “Supervision and Regulation Report” for spring 2022, which provides an update on its supervisory and regulatory policies and actions as well as current banking conditions. According to the report, “the banking system remains strong overall, with robust capital and liquidity and improved asset quality.”

The report highlights a continued focus on firms’ management of capital and liquidity, as well as cybersecurity risk. It also emphasizes the continuing interagency efforts to review the risks and benefits associated with the increasing use of financial technology (fintech) by financial institutions and the related due diligence required on fintech providers and other third-party relationships.

Some additional supervisory developments outlined in the report include:

Geopolitics. Supervisors are monitoring geopolitical events, including ongoing sanctions associated with the Russian invasion of Ukraine.
Cybersecurity. As ransomware attacks increase at banks of all sizes, cybersecurity remains a top supervisory priority.
Credit risk. While credit conditions generally have recovered since the onset of the pandemic, credit risk is an elevated concern, especially in community and regional bank sectors.

CFPB issues supervisory highlights report for second half of 2021

The Consumer Financial Protection Bureau (CFPB) on May 2, 2022, issued its “Supervisory Highlights” report on recent examiner observations and legal violations reported during the second half of 2021. Examiners flagged violations related to auto loan servicing, consumer reporting, credit card account management, debt collection, and mortgage origination.

Issues related to auto loan servicing included wrongful repossession, providing misleading information regarding final payment amounts after a deferral, and overcharging for add-on products. Many of these exam findings and related enforcement actions were outlined in a February 2022 compliance bulletin in which the CFPB noted actions the bureau is taking to thwart illegal repossession activities.

With regard to consumer reporting, the CFPB cited instances of credit reporting companies (as well as banks and servicers that furnish credit information) failing to conduct reasonable investigations of indirect disputes, report the results of direct dispute investigations to consumers, correct and update credit report information, and establish and implement reasonable policies and procedures concerning the accuracy and integrity of furnished information.

CFPB continues heavy focus on overdraft fees

As a follow-up to a February 2022 blog post outlining a number of initiatives regarding financial institutions’ overdraft programs, the CFPB on April 13, 2022, issued an additional blog post on its research of overdraft/nonsufficient funds (NSF) fees. The post listed banks that have announced they are eliminating NSF fees and banks that had not made an announcement as of April 1. The CFPB also updated a tracking report listing the top 20 banks based on overdraft/NSF fees reported for 2021.

The CFPB continues to closely scrutinize overdraft and other NSF fees and evaluate whether charging these fees might be unlawful. All financial institutions should pay particular attention to these CFPB initiatives and its ongoing monitoring and reporting of overdraft/NSF fees.

From the Financial Accounting Standards Board (FASB)

FASB proposes updates to reference rate reform guidance

On April 20, 2022, the FASB issued a proposed Accounting Standards Update (ASU), “Reference Rate Reform (Topic 848) and Derivatives and Hedging (Topic 815): Deferral of the Sunset Date of Topic 848 and Amendments to the Definition of the Secured Overnight Financing Rate (SOFR) Overnight Index Swap Rate.” The proposed ASU would extend the period of time preparers can use the reference rate reform relief guidance under Accounting Standards Codification (ASC) Topic 848 from Dec. 31, 2022, to Dec. 31, 2024, to address the fact that all London Interbank Offered Rate (LIBOR) tenors were not discontinued as of Dec. 31, 2021, and some tenors will be published until June 2023. The ASU also would amend the FASB Master Glossary to include a new definition of an accepted benchmark rate for the Secured Overnight Financing Rate, using term considerations. This also would flow into the language in ASC 815, “Derivatives and Hedging.”

Comments are due June 6, 2022.

FASB discusses presentation of goodwill amortization

At its meeting on May 4, 2022, the board noted its preference to present goodwill amortization in the same location as goodwill impairment in the income statement and not in other comprehensive income. While no decisions were made, the board directed staff to continue to evaluate other income statement presentation alternatives.

From the Securities and Exchange Commission (SEC)

SEC extends climate-related disclosures comment period and reopens comment period for private fund advisers and Regulation ATS proposed rules

On May 9, 2022, the SEC announced that it has extended the public comment period from May 20, 2022, until June 17, 2022, on the proposed rulemaking to enhance and standardize climate-related disclosures for investors.

A recent report from Crowe, “SEC Proposes Climate-Related Disclosures: A Closer Look,” provides considerations for management and boards and for those who choose to comment on the proposal.

Additionally, the SEC announced the reopening of the comment periods for 30 days on the proposed rulemaking to enhance private fund investor protection and on the proposed rulemaking to include significant Treasury markets platforms within Regulation ATS. The comment periods will reopen following publication in the Federal Register.

Small-business committee discusses proposed rules on climate disclosures and SPACs

On May 6, 2022, the SEC’s Small Business Capital Formation Advisory Committee met to examine the SEC’s proposed rules on climate-related disclosures and proposed rules on special purpose acquisition companies (SPACs), shell companies, and projections.

Chair Gary Gensler provided remarks to the committee on both proposals. He said he believes the climate-related disclosures proposal will help ensure that investors receive consistent, comparable, and decision-useful information and will establish clear and consistent reporting obligations for issuers. Gensler said that the SPACs proposal would strengthen the disclosures, marketing practices, and gatekeeper and issuer obligations for SPACs.

Commissioner Hester M. Peirce also provided remarks on the proposals’ potential effects on small businesses. She noted that the climate change proposal would vastly expand the disclosure requirements and compliance burdens for all public companies, and she shared concerns that she provided when the rules were proposed. She posed several questions about the unique challenges that small companies might face. She also noted that the SPAC proposal would require significant changes to the operations, economics, and timeline of SPACs.

SEC chair remarks on cybersecurity

Gensler on April 14, 2022, gave a speech before the joint meeting of the Financial and Banking Information Infrastructure Committee and the Financial Services Sector Coordinating Council, addressing the SEC’s important roles as part of “Team Cyber” and as a regulator.

Gensler said he thinks about the evolving cybersecurity risk landscape in three ways: cyberhygiene and preparedness, cyber incident reporting to the government, and disclosure to the public. He discussed the SEC’s cybersecurity policy work related to financial sector registrants, public companies, service providers, and the SEC itself.

Related to financial sector SEC registrants, Gensler discussed proposed changes to and expansion of Regulation Systems Compliance and Integrity (Reg SCI) and said that he believes additional opportunities exist to expand Reg SCI to further strengthen the cyberhygiene of important financial entities, including and beyond the Treasury market. He highlighted the rules proposed in February 2022 that would require registered investment advisers, registered investment companies, and business development companies to bolster their cybersecurity practices focusing on adopting written plans to address cybersecurity risks, disclosing certain cybersecurity incidents to the public, reporting certain cybersecurity incidents to the SEC, and meeting specific recordkeeping obligations. He said such reforms could reduce the risk that these registrants would not be able to maintain critical operational capability during a significant cybersecurity incident.

For public companies, Gensler discussed the March 2022 proposal to enhance cybersecurity disclosures, which would require ongoing disclosures on companies’ governance, risk management, and strategy with respect to cybersecurity risks and would mandate material cybersecurity incident reporting.

Gensler noted that the SEC is not immune to cyberattacks and said the staff continues to work to protect SEC data and information technology. He concluded with a reminder that cyber risks have implications across the financial sector, investors, issuers, and the economy and the SEC has a role to play, along with the rest of Team Cyber.

SEC chair and commissioner remark on financial markets

Recently, both Gensler and Commissioner Caroline A. Crenshaw spoke about regulating various aspects of the financial markets:

On May 6, 2022, Gensler presented a speech on enhancing the efficiency, resiliency, and transparency of the U.S. markets, including consideration of disclosures. He highlighted the importance of new rules to meet the needs of the current and future markets and to help the U.S. maintain its competitiveness in the world market.
On April 26, 2022, Gensler spoke virtually about the fixed income markets, noting their importance to individuals, companies, and governments in the U.S. and around the world. He discussed some of the policy work at the SEC with respect to strengthening and increasing transparency, modernizing rule sets for electronic platforms, and enhancing financial resiliency.
On April 28, 2022, Crenshaw presented a speech discussing SPACs and SPAC IPOs. She noted that the SEC has identified several areas of concern with SPACs, including misaligned incentives, several points of dilution that might disproportionately affect retail investors, and a lack of liability that could create an unjustified advantage in this path to the public markets over the traditional IPO. She encouraged all “to think about the ever-growing divide between the public and private markets and how the paths to public markets can be improved and made more efficient while preserving key investor and market integrity protections.”
On April 14, 2022, Crenshaw presented a speech addressing private markets and their important role in the economy. She said that private markets are growing at record rates and companies are staying private for longer periods of time, and she discussed whether adequate protection exists for investors in private markets. She noted the debate on the balance between public and private markets and posed multiple questions to help define recommendations from the SEC.

SEC provides guidance on consideration of geopolitical risk

The staff in the SEC’s Division of Corporation Finance (Corp Fin) published “Sample Letter to Companies Regarding Disclosures Pertaining to Russia’s Invasion of Ukraine and Related Supply Chain Issues” to provide guidance on disclosures. While the letter was created to specifically address the current conflict, the comments could be applied more broadly across similar situations. The letter indicates that Corp Fin believes that companies should provide detailed disclosure, to the extent material or otherwise required, regarding:

“Direct or indirect exposure to Russia, Belarus, or Ukraine through their operations, employee base, investments in Russia, Belarus, or Ukraine, securities traded in Russia, sanctions against Russian or Belarusian individuals or entities, or legal or regulatory uncertainty associated with operating in or exiting Russia or Belarus”
“Direct or indirect reliance on goods or services sourced in Russia or Ukraine or, in some cases, in countries supportive of Russia”
“Actual or potential disruptions in the company’s supply chain”
“Business relationships, connections to, or assets in, Russia, Belarus, or Ukraine”

The financial statements also might need to reflect and disclose:

Impairment of assets
Changes in inventory valuation
Deferred tax asset valuation allowance
Disposal or exiting of a business
Deconsolidation
Changes in exchange rates
Changes in contracts with customers or the ability to collect contract considerations

Additionally, Corp Fin notes that “many companies have experienced heightened cybersecurity risks, increased or ongoing supply chain challenges, and volatility related to the trading prices of commodities regardless of whether they have operations in Russia, Belarus, or Ukraine that warrant disclosure.” Also, Corp Fin requests that companies should “consider how these matters affect management’s evaluation of disclosure controls and procedures, management’s assessment of the effectiveness of internal control over financial reporting, and the role of the board of directors in risk oversight of any action or inaction related to Russia’s invasion of Ukraine, including consideration of whether to continue or to halt operations or investments in Russia and/or Belarus.”

SEC expands Crypto Assets and Cyber Unit

On May 3, 2022, the SEC announced the addition of 20 positions to the newly renamed Crypto Assets and Cyber Unit in the Division of Enforcement, which will increase the unit to 50 positions. The Crypto Assets and Cyber Unit is responsible for protecting investors in crypto markets and from cyber-related threats.

Since 2017, when it was created, “the unit has brought more than 80 enforcement actions related to fraudulent and unregistered crypto asset offerings and platforms, resulting in monetary relief totaling more than $2 billion.” The unit has brought numerous actions against SEC registrants and public companies for failing to maintain adequate cybersecurity controls and for failing to appropriately disclose cyber-related risks and incidents. To continue to address the ever-growing crypto markets and ensure investors are protected, the expanded unit will focus on investigating securities law violations related to:

Crypto asset offerings
Crypto asset exchanges
Crypto asset lending and staking products
Decentralized finance platforms
Nonfungible tokens
Stablecoins

SEC issues guidance on crypto assets

As reported in the April issue of Financial Institutions Executive Briefing, the SEC, on March 31, 2022, issued Staff Accounting Bulletin (SAB) 121, providing guidance on filing financial statements with the SEC for entities that provide crypto asset custody services for platform users.

Crowe released on April 22, 2022, an article taking an in-depth look at SAB 121. As significant judgment might be required to determine the applicability of SAB 121, the article provides a decision tree to help entities decide if the SAB’s accounting and disclosure guidance applies to them.

From the Public Company Accounting Oversight Board (PCAOB)

PCAOB announces members, meeting dates of new advisory groups

The PCAOB has completed its selection process and announced, on May 9, 2022, the members of its two new advisory groups – the Investor Advisory Group (IAG) and the Standards and Emerging Issues Advisory Group (SEIAG). The members’ service will begin immediately.

Board member Kara M. Stein will serve as the acting IAG co-chair. Barbara Vanich, acting chief auditor, will serve as the chair of the SEIAG. The first meeting of the IAG is scheduled for June 8, and the first meeting of the SEIAG is scheduled for June 15.

PCAOB updates standard-setting and research agendas

On May 4, 2022, the Office of the Chief Auditor (OCA) of the PCAOB released updated standard-setting and research agendas. The agendas are designed to further the PCAOB’s objective of advancing audit quality to protect the interests of investors and to further the public interest in the preparation of informative, accurate, and independent audit reports.

The agendas are the result of the PCAOB’s assessment of priorities that support the board’s goals. The standard-setting agenda includes six short-term projects where the OCA expects PCAOB action during the coming 12 months. These six projects include other auditors, quality control, noncompliance with laws and regulations, an attestation standards update, going concern, and confirmations. The agenda also includes four short midterm projects on substantive analytical procedures, fraud, interim ethics and independence standards, and interim standards. The research agenda includes a project on data and technology and a project on audit evidence.

PCAOB requests comments on auditing requirements related to estimates and specialists

On April 12, 2022, the PCAOB issued a request for comment on the initial impact of new requirements for auditing accounting estimates and using the work of specialists. Comments and other information obtained will be evaluated to determine whether additional guidance or other steps are appropriate.

Comments are due June 10, 2022.