USAA's regulatory troubles now include OCC fine, CRA downgrade
WASHINGTON — The Office of the Comptroller of the Currency has ordered USAA Federal Savings Bank to pay an $85 million fine for shortcomings in its risk management and compliance with laws protecting service members.
The penalty announced Wednesday is another troubling sign for the San Antonio bank after a 2019 consent order by the OCC identified information technology and internal control failures related to alleged violations of the Military Lending Act and Servicemembers Civil Relief Act. The $100 billion-asset institution caters to members of the military and their families.
The OCC fine also comes weeks after the regulator disclosed on Oct. 1 that USAA Federal had received a “needs to improve” rating on its most recent Community Reinvestment Act evaluation, which is a rarity, especially for such a large institution. The evaluation, dated March 2019, cited evidence of 546 violations of the SCRA, including failing to provide protections to reservists and wrongful vehicle repossessions. The agency also pointed to evidence of over 50 violations of the Military Lending Act.
“Simply put, we have fallen short of our high standards and those of our members and our regulators,” said Wayne Peacock, the bank’s president and CEO, in a statement. “As we grew quickly over the last decade, we never wavered from our commitment to serve members. However, we did not sufficiently invest in the capabilities and expertise necessary to meet regulatory requirements and evolving business needs.”
The OCC’s action administering the fine said USAA Federal engaged “in unsafe or unsound practices related to the Bank’s compliance risk management program and IT risk governance program that resulted in numerous violations of law.” The agency said USAA Federal has consented to the order.
The SCRA provides protections to military service members on duty overseas and covers issues such as credit card interest rates and foreclosures. The MLA imposes a 36% interest rate cap on loan products for active-duty military service members as well as their spouses and dependents.
“The Bank has failed to implement and maintain an effective compliance risk management program and an effective IT risk governance program commensurate with the Bank’s size, complexity, and risk profile,” the order says. “The Bank has deficiencies in all three lines of defense (first-line business units, independent risk management and internal audit) in its compliance risk management program.”
The bank is in the process of remediating violations of the MLA and SCRA under the 2019 consent order.
Peacock said the bank “has been working diligently and investing substantial resources to address the gaps” identified by the OCC.
“This is our most urgent and fundamental priority and is essential to serve members with excellence, now and in the future,” he said.