Ga. Banking Brief: All The Notable Legal Updates In Q4

Law 360

Authored Article

Author(s) ,

In the fourth quarter of 2023, Sen. Raphael Warnock, D-Ga., made industry news, important banking and financial rule changes were implemented, and Georgia's Department of Banking and Finance quietly issued important new regulatory guidance on a handful of topics.

Warnock Addresses Banking Committee, Introduces Legislation

First, during a three-plus hour U.S. Senate Committee on Banking, Housing and Urban Affairs hearing titled "Annual Oversight of Wall Street Firms," Warnock questioned CEOs at eight of the country's largest banks regarding their commitment to both proposed and existing federal law.[1]

Specifically, Warnock raised concerns regarding the Secure and Fair Enforcement Regulation Banking Act.[2] The proposed legislation would provide protections for federally regulated financial institutions that serve state-sanctioned cannabis businesses, regardless of its federal classification as a Schedule I controlled substance.

Warnock focused attention on the legislation's impact on reducing the wealth gap and whether the act would have a positive impact on equity goals.[3] The proposed legislation awaits Senate Majority Leader Chuck Schumer's, D-N.Y., call for a floor vote.

During the same hearing, Warnock questioned industry leaders' commitment to the Community Reinvestment Act, a federal law designed to encourage commercial banks and savings associations to help meet the needs of borrowers in all segments of their communities, including low- and moderate-income neighborhoods.[4]

Warnock expressed support for the act and challenged industry leaders to act as "good corporate responsible citizens" and otherwise to devote adequate resources to marginalized communities in accordance with the act.[5]

Warnock also joined Senate colleagues in introducing bipartisan legislation to increase awareness of the Veterans Administration's home loan program. The VA Home Loan Awareness Act would add a disclosure to the standard mortgage prequalification application

— Uniform Residential Loan Application — to inform veterans that they may qualify for a VA home loan.

Warnock said that the bill would better equip veterans with the information and resources needed to become homeowners.

Georgia Banking Department Updates

In other news, the state's banking department issued a bulletin on capital adequacy requirements, as well as one on marijuana banking; addressed cybersecurity; and enacted rule changes.

Capital Adequacy Requirements

Baseline capital requirements for Georgia financial institutions are governed by statute[6] and more technically within departmental rules and guidelines.[7]

On Oct. 30, 2023, the Georgia banking department issued a memorandum to supervision staff addressing "Capital Adequacy and Considerations" of regulated entities.[8]

The memorandum does not purport to institute any formal statutory or rule changes and generally sets forth widely known criteria considered by regulators in reviewing capital adequacy.[9]

Examples include requirements that financial institutions:

  • Maintain capital commensurate with risk;
  • Implement processes for periodically assessing overall capital adequacy; and
  • Align dividend distributions with sound banking practices, requirements regarding holding companies and subsidiaries, and servicing debt.[10]


That said, the new guidance may indicate more rigorous application of the existing standards, if not a raising of the bar.[11]

Notably, the department instructed supervision staff that "minimum capital levels may not be appropriate even for financial institutions that meet minimum required capital levels, and as a result, higher levels of capital may be required based upon subjective and objective variables, concepts, and guidelines."[12]

Regulated entities should be prepared to articulate positions on capital adequacy in accordance with the guidance. Per the memorandum, factors to be considered in determining "appropriate capital levels" include:

  • Quality, type and diversification of assets;
  • Current and historical earnings;
  • Liquidity positions;
  • Sensitivity to market risk;
  • The quality of management; and
  • The existence of other activities that may expose the institution to risk, including the degree of leverage and risk undertaken by the financial institution or affiliates.[13]

Marijuana Banking Reference Tool

The state's banking department also published a reference tool for its examiners for the purpose of "providing federal regulatory insight as well as Georgia-specific information such as legalization status, risk management considerations, and related topics on marijuana banking."[14]

The guidance provides a good reminder that regulated entities are responsible for assessing the cost of providing services, the risk of administrative or criminal sanction, reputational risk, and for developing policies and procedures to "ensure that accounts will not implicate enforcement priorities."[15]

The section titled "Job Aid" includes answers to 43 marijuana banking and marijuana business- related questions and topics, including the state banking department's expectations regarding institutional staffing, policies and procedures, disclosures, risk management, and due diligence.[16]

Specific references to Financial Crimes Enforcement Network guidance, the Official Code of Georgia and other relevant authorities are included.[17]

Cybersecurity Updates

In its October newsletter, the department reminded regulated entities of their responsibilities on the ever-important topic of cybersecurity.[18]

In keeping with its focus on cybersecurity in the 2023 calendar year — the topic has been referenced or incorporated into seven of the department's 11 published newsletters — the department noted that it encourages financial institutions to incorporate the Conference of State Bank Supervisors' ransomware self-assessment toolkit into oversight programs.

The newsletter noted that doing so will "provide executive management and the board of directors with an overview of the institution's preparedness towards identifying, protecting, detecting, responding, and recovering from a ransomware attack."[19]

The toolkit is available to the public and can be found on the department's publications and guidance website and the Conference of State Bank Supervisors website.[20]

Rule Updates

Finally, a number of changes to the department's official rules were enacted in the third quarter that affected regulated entities in the fourth quarter and will continue to do so.

Extensive rule changes can be found at Chapter 80-1 (Banks), 80-2 (Credit Unions), 80-3 (Money Transmission), 80-4 (Check Cashiers), 80-5 (Financial Institutions), 80-8 (Agency Organization and Procedures), 80-11 (Residential Mortgage Brokers, Lenders and Originators), 80-13 (Trust Companies), and 80-14 (Installment Loans).[21]

Too numerous to detail here, the changes are in some cases technical and others substantive, depending on practitioners' focus and subject matter expertise.[22]

Consistent with the department's ongoing focus on data security, there are new credit union requirements for reporting cyber incidents — all in accordance with federal guidelines for safeguarding member information under Title 12 of the Code of Federal Regulations, Section

As we plan for 2024, industry stakeholders should monitor these developments and adjust compliance controls accordingly.

Republished with permission. The full article "Ga. Banking Brief: All The Notable Legal Updates In Q4" was published by Law360 on January 8 ,2024.