Dallas-based Comerica Bank entered into a governance agreement with the Office of the Comptroller of the Currency to address internal governance shortcomings related to a range of areas, including wealth management, technology and third-party risk.
Bloomberg News
WASHINGTON — Dallas-based Comerica Bank & Trust Thursday entered into an enforcement action with the Office of the Comptroller of the Currency following the agency's findings of unsafe and unsound practices at the bank, particularly in its risk governance framework and internal controls.
The bank is required to establish plans to enhance financial data collection and regulatory reporting, with independent reviews to ensure accuracy and compliance. Comerica must also develop an effective program managing third-party risks, strengthen its internal controls, revise its internal audit program to ensure comprehensive, independent evaluations of its operations and provide the board and management with insights into the sufficiency of its internal control systems.
Additionally, Comerica will implement a program to mitigate risks associated with end-of-life IT assets, which includes policies for managing existing and new technology assets, conducting risk assessments and planning for upgrading or replacing outdated systems.
This agreement comes as Comerica was reportedly under investigation by the OCC late last year after it overdrew its own accounts by millions of dollars due to a technological update gone awry. The incident triggered significant disruptions and highlighted deficiencies in the bank's technology management, an episode the agreement mentions as illustrative of the challenges at the bank.
OCC indicated that Comerica's board of directors is responsible for ensuring the timely adoption and implementation of all corrective actions in the agreement, including authorizing necessary measures, ensuring adequate staffing and training and holding management accountable for compliance.
Not long before the technological error, Comerica was found to have mismanaged the Treasury Department's Direct Express program, which provides federal benefits to millions of unbanked Americans. Internal documents revealed compliance failures including that the bank outsourced sensitive data handling to a vendor's office in Pakistan, a violation of contractual obligations.
A spokesperson from Comerica expressed the bank is taking steps to adhere to the agreed actions.
"We take this agreement very seriously," they wrote in an email. "This effort is a top priority,"
Federal Reserve Chair Jerome Powell says crushing inflation is the most important thing the Fed can do to reduce costs in the housing market. Some economists and policy specialists say higher rates are not the only tool at its disposal.
Statewide Federal Credit Union in Flowood used its partnerships with Bankjoy and Strum Platforms to identify untapped communities in its field of membership and aggressively market its inaugural high-yield savings account.
The threat actor Sp1d3r posted an ad for the stolen data on Wednesday. Truist said the October breach is not related to a campaign by the same criminal group.
BNY, the country's oldest bank, drops "Mellon" from its branding; Apple FCU announces plans to merge with NextMark Credit Union; Moelis probes incident after a video circulated online shows one of its senior bankers appearing to punch a woman; and more in this week's banking news roundup.
The Federal Reserve Board and the bank itself say the enforcement action is the result of a routine inspection, but it comes amid the fintech's complicated high-profile bankruptcy.
The card network has developed a digital approach to delivering disbursements for disaster relief and other purposes via mobile devices, without requiring a separately downloaded app.