Bills seeking annual testimony from regulators, cyber ‘resilience’ move forward after panel votes

Semiannual testimony would be required by the four federal financial institution regulators before Congress under legislation approved by a House committee Thursday.

The Prudential Regulator Oversight Act (H.R. 4841), sponsored by Reps. Dean Phillips (D-Minn.) and Barry Loudermilk (R-Ga.), is aimed at requiring the Federal Deposit Insurance Corp. (FDIC), Federal Reserve, National Credit Union Administration (NCUA), and Office of the Comptroller of the Currency (OCC) to semiannually report to and annually testify before Congress on their supervisory and regulatory activities. It was approved by the House Financial Services Committee on a unanimous vote of 55-0.

In nearly all cases, the top appointed leader of each agency would be required to appear (chairs of the FDIC Board, NCUA Board, Comptroller of the Currency). In the case of the Federal Reserve, the board’s vice chairman for supervision would be required to provide input.

The committee memo points out that the Fed’s vice chairman for supervision is already required under the 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank) to testify at semiannual hearings. However, it notes that FDIC, NCUA and OCC do not have such mandatory testimony requirements. “Receiving testimony from all four agencies would allow for a comprehensive examination of the state of prudential regulation, supervision, and enforcement with respect to megabanks and other depository institutions,” the memo states.

The memo also asserts that, before a May 16, 2019, committee hearing with prudential regulators, “it had been more than three years since any official from the FDIC or the NCUA testified before the committee.”

The committee memo notes that financial institution regulation “has evolved into a system with multiple regulators” and that, even if state-chartered, “virtually all depository institutions are federally insured, and are subject to at least one federal primary regulator that examines the institution for safety and soundness, as well as compliance with federal banking laws.”

Each “prudential regulator” would be required to provide testimony on topics including: safety and soundness of supervised institutions; emerging risks that may affect depository institutions and potential threats to the financial stability of the country; implementation of the regulator’s diversity and inclusion efforts; implementation of the Community Reinvestment Act (CRA); overview of the mergers and acquisitions process, including data and descriptions of any mergers and acquisitions approved during the reporting period; examinations for Bank Secrecy Act (BSA) and anti-money laundering compliance; use of financial technology as it relates to depository institution holding companies, depository institutions, and credit unions; and more.

In other action, the committee also passed (by voice vote) H.R. 4458, the Cybersecurity and Financial System Resilience Act, which would require the federal financial regulators to each issue an annual report to Congress describing measures each has taken to strengthen cybersecurity with respect to its functions as a regulator, including the supervision and regulation of financial institutions and, where applicable, third-party service providers.

The report must include steps each agency is taking to address any cybersecurity concerns identified by the annual independent evaluations conducted under the Federal Information Security Modernization Act (FISMA) of 2014. The bill sunsets after seven years; it was sponsored by committee Ranking Member Patrick McHenry (R-N.C.).

Committee Passes Legislation to Increase Regulator Accountability and Protect American Workers and Businesses