USAA’s regulatory troubles now include an $85K OCC fine

 Things are just getting worse and worse for USAA Federal Savings Bank compliance.

 This week, the Office of the Comptroller of the Currency (OCC) ordered the bank to pay an $85 million fine for shortcomings in its risk management and compliance with laws protecting service members.

 The penalty is another troubling sign for the San Antonio bank after a 2019 consent order by the OCC identified information technology and internal control failures related to alleged violations of the Military Lending Act and Servicemembers Civil Relief Act. According to reporting by American Banker Reporter Joe Adler, the $100 billion-asset institution caters to members of the military and their families.

 In the February 2019 action, banking regulators identified a range of operational shortcomings at USAA, criticizing its risk management program, its systems for complying with various laws and regulations, and its information security efforts. And at that time, the OCC ordered the San Antonio bank to develop plans to fix what ails it.

 USAA says it will fix its problems, but…

According to USAA Spokesperson Matt Hartwig, the bank acknowledged its work to address its issues and the need to do more. “We already have been proactively addressing these issues,” he said, “and (we have) made progress enhancing our systems and processes. But we have more to do to continue delivering the service members deserve.”

 The February 2019 issue was unrelated to an early Consumer Financial Protection Bureau (CFPB) issue announced a month earlier on January 3^rd. In that misstep, the CFPB alleged the bank reopened deposit accounts without customers’ consent and neglected stop-payment requests. For this oversight, the bank agreed to pay a $3.5 million fine and $12 million in restitution to 66,000 customers.

 USAA faults rapid growth for noncompliance

The answer, according to this series of alleged regulatory missteps, is unclear. The most recent OCC fine comes weeks after the regulator disclosed on Oct. 1st that the bank had received a “needs to improve” rating on its most recent Community Reinvestment Act evaluation (SCRA), which is a rarity, especially for such a large institution. The review, dated March 2019, cited evidence of 546 violations of the SCRA, including failing to provide protections to reservists and wrongful vehicle repossessions. The agency also pointed to evidence of over 50 violations of the Military Lending Act.

 Again, USAA apologized. “Simply put, we have fallen short of our high standards and those of our members and our regulators,” Wayne Peacock, the bank’s president and CEO, said in a statement. He cited rapid growth and underinvestment in the capabilities and expertise necessary to meet regulatory requirements and evolving business needs.”

 The OCC’s action administering the fine said USAA Federal engaged “in unsafe or unsound practices related to the Bank’s compliance risk management program and IT risk governance program that resulted in numerous violations of law.” The agency said USAA Federal has consented to the order.

 The OCC continued, “The Bank has failed to implement and maintain an effective compliance risk management program and an effective IT risk governance program commensurate with the Bank’s size, complexity, and risk profile. (It) has deficiencies in all three lines of defense (first-line business units, independent risk management, and internal audit) in its compliance risk management program.”

 The bank said it is in the process of remediating violations of the MLA and SCRA under the 2019 consent order.

 Where was compliance?

Unclear. And where was management? Busy doing other things? That’s where Patrina could have helped for a lot less than $85 million. For more than 25 years, Patrina has been helping compliance professionals like you stay on the “straight and narrow” efficiently and cost-effectively. So, let’s talk.