In 2007, as the Bush administration was beginning to wind down, the Office of Management and Budget issued a "final bulletin for agency good governance practices." The OMB, part of whose job is to measure the quality of regulatory policies, worried that agency guidance practices should be more "transparent, consistent and accountable."
Specifically, the OMB stated: "Concern about whether agencies are properly observing the notice and comment requirements of the [Administrative Procedures Act] has received significant attention." The bypassing of the APA, as well as of other executive orders and requirements for issuance of regulation, to issue "guidance" that would have the effect of regulation, was part of the focus of the OMB bulletin.
At this point we can legitimately ask, are regulatory agencies acting in compliance with the bulletin? This is a particularly acute question in banking.
Since the economic downturn, banking agencies have responded with more supervisory and enforcement muscle. Since 2010 alone, there have been over 20 significant pieces of interagency guidance. This does not even include standalone guidance in the form of financial institution letters (Federal Deposit Insurance Corp.), bulletins (Office of the Comptroller of the Currency) and supervision and regulation letters (Federal Reserve Board). In a speech this month, Comptroller Thomas Curry spoke with pride regarding the four guidance documents the OCC issued on consumer protection in November alone. Of course, those do not even include all of the 34 issuances listed as guidance on the website of the Consumer Financial Protection Bureau (an agency that did not even exist prior to 2010).
The independence requirement of the interagency appraisal and evaluation guidelines; the use of regression testing and disparate treatment in fair lending enforcement in the policy statement on discrimination in lending; and the virtual entirety of the proposed guidance on deposit advance products and elder abuse legitimately raise the question whether the guidance that is being issued is, at least in part, back-end regulation.
The OMB bulletin recognized these risks back in 2007. The OMB bulletin stated that "significant guidance documents" should include certain standard elements and give the public an opportunity to comment. Unfortunately, the OMB bulletin does not go far enough.
What we have seen from the bank regulatory agencies is a simply unsustainable proliferation of rules. Big banks are taking on water in their efforts to keep up, while community banks are being swamped. A 2013 Thomson Reuters survey of 800 compliance officers indicated that 81% of them expected regulatory "information" to be slightly or significantly more over the next 12 months, resulting in compliance costs jumping from already high levels.
So what should be done? Beyond a stricter adherence to the OMB bulletin, regulatory agencies should reconsider what issues are significant enough to be worthy of issuance as a "significant guidance document." Moreover, agencies should establish internal screening groups whose responsibility will be to test proposed guidance on a cost/benefit basis. The current groups that may exist (such as the OCCs National Risk Committee) do not appear to evaluate bank or customer cost or customer access to banking products.
Moreover, regulators need to take to heart input from bankers rather than having an advisory board whose banker participants have no idea whether their comments are resonating. Bankers should be part of the process. Community groups can be as well. The more input, the merrier.
Now this effort to elicit public comment is sounding like the process for regulation.
Regulators should look to rebalance the allocation between regulation and guidance because regulation is subject to more checks and balances.
Significantly, it is time to return to the dual banking system. The Fed and the FDIC should invite the Conference of State Bank Supervisors to participate in their guidance activities as full partners, rather than the little brother who is ignored unless he acts up too much.
Perhaps most of all, real thought should be given to limiting the sheer volume of activity. If the heads of the agencies do not have time to consider what procedures would be needed to implement guidance, rather than just reading the guidance that their staff members prepare, then the output needs to be cut back.
In short, we need a Hippocratic Oath for the issuance of new guidance. First, do no harm.
Peter G. Weinstock leads the Financial Institutions Corporate and Regulatory practice at Hunton & Williams LLP.