You can imagine the brouhaha many bank CEOs are cursing at this very moment. They have more than 300 new servicing standards as part of that massive $25 billion mortgage settlement and they’re in the spotlight. Apparently, folks are saying they’re annihilating the standards. Another new report says it’s up to banks to step up to the plate and shore up their cybercrime reduction efforts. Let’s delve into just how bleak things up for the nation’s big banks.
Litany of Complaints
First, we learned from the monitor of the National Mortgage Settlement, Joseph A. Smith, that a new report is being compiled that includes “a litany of complaints about lenders, robo signing, wrongdoing, foul ups and general dissatisfaction in the foreclosures nationwide”. Turns out, Smith has received a lot of feedback from consumer advocates, housing counselors and lawmakers – and the one consistency is the frustration because consumers are still being raked over the coals.
Up until recently, the banks (as they’ve grown accustomed to) were left to police themselves. That was the first big mistake as part of the settlement. If the CEOs haven’t proven by now just how much greed, politics and disgust for the financial laws drive their efforts, then perhaps it’s time we rethink those who are making the laws. Fortunately, (and whether or not it’s too late, time will tell), each bank now has an “internal review group” (IRG). This is made up of employees, independent contractors and consultants and their role is to grade the actions of the banks and perform reviews of the compliance with the settlement. They are required to maintain distance and must be “separate and independent from the line of business being reviewed”, Smith said. There are already concerns about just how “independent” these groups are.
It has to do with the review being labeled as “independent”. It probably has more to do with the proof bankers provided that they have no concept of how to work fairly and independently at the same time. And because employees are part of the IRG, well, you can understand why there’s concern. And it’s precisely why the lawsuit happened in the first place. For his part, though, Smith reiterates his confidence in understanding how the banks did what they did and why consumers feel what they feel. He says both his office and the National Mortgage Settlement has created layers of protection in the form of prominent consultants and law firms.
We intend to issue a report on our initial testing of that performance in May,
Smith testified at a Senate hearing late last week.
I say intent only because…we’re doing a very thorough job, and if I’ve learned one thing from what I’ve heard today, it’s don’t rush to judgment. We’re going to be sure we do a thorough job before we issue a report to the court and to the public.
The five major mortgage servicing organizations are: Bank of America, CitiMortgage, JP Morgan Chase Bank, Residential Capitaland and Wells Fargo.
But there’s more going on that bankers are having to address this week, as well. That “more” is cyber security.
The financial sector has a message for the Obama administration, in response to a question to the public on what “inducements might spur companies to adopt a cybersecurity framework being proposed by the White House?” And by the way – do you recall hearing anything about a question posed to the public? No one else “in the public” did either. At any rate, the bankers did and they say the best incentive is to strengthen customer trust.
The chairman of the Financial Services Sector Coordinating Council, or FSSCC, Charles Blauner penned a letter to the White House that includes this sentence,
Financial services is built upon trust with our clients, trust between our firms and the trust to ensure the proper functioning of markets, the execution of transactions and the protection of information. It is the cornerstone of everything we do.
Of course, the banks also say they need monetary incentives to “reduce compliance costs and to minimize risks of being sued”. In other words, they’re saying,
We think trust from our customers is the best way to go, but we’re going to need you to pay us to do that.
And the “you” they need money from is the “you” that is the taxpayer. The incentives, they say, should be “sufficiently significant to influence private investment, to reduce companies’ compliance costs and to minimize the risk of legal action,” and it’s signed by the CEOs of the nations’ biggest banks (surprise, right?), including JPMorgan Chase, Bank of America, Citigroup, Wells Fargo, Goldman Sachs, Morgan Stanley and the big credit card companies as well, including Visa, MasterCard, PayPal and others.
But Blauner wasn’t finished. He says financial firms, like those listed above, would be more “likely to adopt the framework if the government were to shield them from liability for sharing information with one another, immunize them from the provisions of the Freedom of Information Act for information they hand over to the federal government, shield companies from lawsuits by the Federal Trade Commission or state attorneys general for alleged breaches of information security that flow from companies adoption of the framework and from liability for harm that may arise from the adoption of cutting-edge technology”. So, they want money to put it into place (what should have been in place from day one – and by the way, if it’s not in place now, doesn’t it make sense that these same institutions are the ones being hacked time and again with denial of service attacks?)
Playing by Different Rules
Then, after they have the money to put the dynamics into place and after they’ve been given permission to bypass the laws, they then want telecommunications and technology companies to be required to filter Internet traffic thought to be harmful and to install capabilities to screen threats from the networks that connect financial firms, the group says.
If we are to stand a change of defending critical infrastructure within the financial sector we need incentives that will motivate these two partner sectors to increase the protections embedded in their networks,
Blauner wrote. These sectors will need to be “motivated” according to the banks.
Will it fly? Time will tell. Consumers aren’t going to be happy though when they realize their security is being held for ransom. And if this is a bad week to be a bank, imagine the week they’re going to have when this goes mainstream.