Over the past week, the financial services regulatory agencies have continued to take actions to support the economy and markets in response to heightened volatility and uncertainty. Specifically:
10/8 - SBA & Treasury - The Small Business Administration and Treasury Department released a simplified Paycheck Protection Program (PPP) loan forgiveness application for loans under $50,000. Notably, it provides such loan recipients with a new exemption under which they will not have to reduce their forgiveness amounts due to layoffs or wage cuts.
10/8 - FDIC - Federal Deposit Insurance Corporation chair Jelena McWilliams gave a speech highlighting resolution planning lessons learned from the crisis. She discussed the importance of flexibility as scenario planning, firm capabilities and technologies did not account for the unique circumstances of the current crisis.
10/7 - FRBNY - The Federal Reserve Bank of New York (FRBNY) released updated FAQs for the PPP.
10/6 - Fed - Fed Chair Jerome Powell gave a speech explaining that the Fed identified three ways it could assist in response to the crisis: 1) providing stability and relief during the acute phase of the crisis; 2) supporting the expansion of the economy and 3) limiting longer-run damage to the economy. He also praised the fiscal response so far but highlighted that there are risks of a second wave of the pandemic and that a slowing of the pace of recovery could lead to recessionary dynamics. In response, he expressed support for a strong stimulus, explaining that “the risks of overdoing it” are small and “even if policy actions prove to be greater than needed, they will not go to waste.”
10/5 - SEC - The Securities and Exchange Commission (SEC) published a report detailing the impact of the crisis on global credit markets. The report provides an overview of various sectors of the credit markets and highlights how the crisis has contributed to short-term funding stress, liquidity-driven stress and long-term credit stress.
10/5 - FRBNY - The FRBNY released updated FAQs for the Municipal Liquidity Facility.
The state of fiscal stimulus became further complicated this week, to say the least. After sending markets tumbling on Tuesday with a tweet that he had cut off stimulus negotiations until after the election, President Trump has since episodically called for both a larger and a smaller agreement to be reached before that time. House Speaker Nancy Pelosi (D-CA) has indicated that talks with Treasury Secretary Steven Mnuchin have resumed but that she would not support carve-outs from a comprehensive bill. While negotiators may be refocusing on setting a topline figure of $1.8-$2T, significant policy disagreements on the size and scope of the package would still need to be resolved in order to finalize a bill. An important voice missing from the conversation is Senate Majority Leader Mitch McConnell (R-KY), who has indicated that there may not be time to consider an agreement before the election, especially given the anticipated battle over the filling of the Supreme Court vacancy. With just 25 days until the election, it remains difficult to see how a deal can come together before November 3rd.
Last Thursday, the Treasury Department’s Financial Crime Enforcement Network (FinCEN) and Office of Foreign Asset Control (OFAC) issued advisories for financial institutions regarding how they may be inadvertently used to facilitate criminal payments resulting from “ransomware,” malicious software designed to block access to a computer or certain data unless the targeted individual or business makes ransom payments.
FinCEN highlighted the increasing frequency, severity and sophistication of ransomware attacks, the associated typologies, and related financial red flags. It also identified entity types that may present an increased risk of facilitating ransomware payments, including certain third party service providers such as cyber insurance companies and digital forensic incident response companies. Certain money service businesses (MSBs) also face increased risk as they are often used to purchase digital currencies for ransoms that are then transferred to the perpetrator(s) through a series of intermediary digital wallets. The advisory reminds financial institutions of their obligations under the Bank Secrecy Act to file suspicious activity reports (SARs), including for ransomware payments that may be conducted “by, at, or through” their institution.
The OFAC advisory stresses that facilitating ransomware payments may result in violations of its cyber-related and other sanctions programs, potentially triggering fines and other civil penalties. It explained that OFAC will continue to add malicious cyber actors, including perpetrators of ransomware attacks and those who facilitate ransomware transactions, to its specially designated nationals and blocked persons list (SDN List). For victims that wish to pay ransoms to retrieve their data, it explained that it will review applications to do so on a case-by-case basis but “with a strong presumption of denial.”
For National Cybersecurity Awareness Month, FinCEN and OFAC have put financial institutions - and their third party service providers - on notice that even inadvertent participation in ransomware payments could result in significant penalties. By identifying common methods that cyber criminals use to pass these payments through the financial system and associated red flags, they are leaving firms with no excuse to claim ignorance. As a result, financial institutions should carefully assess their exposure to ransomware-related risks taking into consideration these typologies and red flags. For many firms, this exposure will most likely come through business with MSBs, a customer type that is generally pre-determined to be high risk. In order to reduce risk, firms should enhance staff awareness of OFAC’s cyber-related sanctions program as well as how to detect and prevent ransomware payments. In addition, they should assess their customer due diligence and transaction monitoring controls to ensure they account for the red flags identified by FinCEN, including the collection of wallet and IP addresses in applicable transactions. Going forward, many firms are likely to find themselves in the position of having to explain to clients wishing to make ransomware payments why their transactions are being blocked; accordingly, they should begin developing communication strategies around doing so.
These notable developments hit our radar over the past week:
Subscribe to PwC’s LIBOR Transition Market Update here to read more about these and other developments.
Financial Services Leader, PwC US