Financial Institutions In Focus Newsletter - Winter 2017

March 2017


Download PDF Version

Table of Contents

Lenders Face NIM Squeeze as Fed’s Rate Increase Plan Gets Underway
Every Basis Point Matters
2017 Anti-Money Laundering Regulatory Priorities 
The Broad Reach of N.Y.’s Cyber Regulation; Act Now to Achieve Timely Compliance
BDO Spotlight: Q&A with Sanjay Marwaha 
Federal Tax Reform

Lenders Face NIM Squeeze as Fed’s Rate Increase Plan Gets Underway

By Barry M. Pelagatti               

With the Federal Reserve committed to a slow but steady rate hike program in 2017, lenders face a net interest margin (NIM) squeeze that may exacerbate recent years’ long thinning of the margin and increase funding challenges for many middle-market and regional banking institutions. Though the Fed elected to hold rates steady at its February 2017 meeting, it reconfirmed its intention to institute three rate hikes this year, after having raised rates only twice in the last decade. Any additional demand-side pressure—for example the new administration’s proposed $1 trillion-plus infrastructure spending plan—could potentially drive up inflation and trigger additional rate hikes.

Taken together, these moving pieces are putting banks’ asset liability management (ALM) programs under scrutiny by senior banking executives and regulatory bodies to ensure banks are able to navigate this transition and to adjust to the new environment with minimal impact on profitability.

At the heart of the issue for banks is the potential for an asset liability mismatch to emerge that could force them to take deliberate steps to protect margins. This is likely to disproportionately impact banks outside of the top 50 in the U.S., and those that have assets of between $1 billion and $3 billion, according to research done by the Corporate Division of CenterState Bank.

The origin of this risk is that banks in this segment of the market have slowly been increasing loan durations, and many hold over 50 percent of their loan portfolio in durations that are three years or longer, according to CenterState. At the same time, non-maturity account deposits have ballooned since the 2008 downturn, leaving banks exposed to short-term interest rate moves. These could be further exacerbated by consumers moving money out of non-maturity accounts or to competing accounts in pursuit of higher yield in a rising rates environment.

By contrast, the top 50 banks have allocated more than half of their loan portfolio to terms that are less than three months, according to CenterState Bank. This affords them much greater flexibility to pivot and adjust NIM levels as rates steadily rise.

So what can banking institutions that are heavy on longer term loan durations do to prepare for the road ahead?

Running repricing scenarios is something that banks typically do on a quarterly basis but, in the current environment, banks with high risk exposure should consider more frequent and in-depth ALM stress testing. These tests should address a number of issues, including repricing, maturities, yield curve, basis and optionality risk exposures. Where assets and liabilities are mismatched, the bank is exposed to risks, which are heightened by the dynamics of the current environment.

Banks should consider expanding their use of derivatives to manage financial risk in a shifting rates environment. While there was a large pullback on the use of derivatives after the 2008 downturn, when used responsibly, derivatives are a powerful tool for managing risk exposure. Senior banking executives and business line leaders should be aware of what appetite their institution, board members, creditors and other key stakeholders have for the use of derivatives strategies to manage financial risk. Any expanded use of interest rate derivatives should trigger a full review and update to firm policies surrounding their use.

Firms looking to expand derivatives usage will need to put programs in place to educate board members and management teams on the institution’s goals in making that move. They will also need to prepare and maintain the appropriate documentation to comply with applicable accounting and regulatory requirements. Finally, banks will need to ensure that the appropriate compliance and accounting policies and procedures are in place as well as implement a system to ensure appropriate levels of internal oversight.

Years of increased competition and slimming NIMs among banks have organically chipped away at profitability, forcing many institutions to pursue revenues by extending their loan durations. This has set the stage for a challenging 2017. It has also helped ensure issues surrounding ALM will be on the minds of the executive suite on a weekly, if not daily, basis.

While there should be a sense of urgency for banks with a high exposure to interest rate risk, they should be able to manage that risk by taking the appropriate steps now.

Barry M. Pelagatti is an assurance partner and the national practice leader of BDO’s Financial Institutions & Specialty Finance practice. He can be reached at [email protected].


2017 Anti-Money Laundering Regulatory Priorities

By Chuck Pine

As the new presidential administration transitions into leadership, uncertainty around the direction the regulatory landscape will take is a concern for organizations in all regulated industries.

For financial institutions governed by the Bank Secrecy Act (BSA), though, at least one thing is certain: regulators are continuing to make anti-money laundering (AML) compliance a top priority, so knowing how to prepare should require less guesswork.

Regulatory departments and bureaus with the authority and responsibility to safeguard the U.S. financial system have recently enacted several requirements designed to close AML compliance gaps and eliminate methods used to launder funds, hide criminal proceeds or fund terrorist activity. To that end, they have made several key updates to satisfy the expectations and needs for BSA/AML compliance, highlighted below by department: 

New York Department of Financial Services Regulation (NYDFS)
On Jan. 1, 2017, the NYDFS landmark anti-terrorism transaction monitoring and watch list filtering regulation came into effect to combat terrorist financing and money laundering activities. This newly implemented regulation sets forth minimum standards of demonstrating that a regulated institution doing business in New York maintains adequate programs to (1) “monitor transactions after their execution for potential BSA/AML violations and suspicious activity reporting” and (2) “interdict transactions, before their execution, that are prohibited by applicable sanctions, which includes Office of Foreign Assets Control (OFAC) and other sanctions lists.”

A certification requirement is also now in effect requiring regulated entities to certify compliance with the regulation annually to NYDFS. Institutions must adopt either an annual board resolution or senior officer compliance finding to certify compliance with the DFS regulation beginning April 15, 2018. The resolution or finding must state that documents, reports, certifications and opinions of officers and other relevant parties have been reviewed by the board of directors or senior officials to certify compliance with the regulations.

Financial Crimes Enforcement Network (FinCEN) (Geographic Targeting Order)
FinCEN announced on July 27, 2016, the expansion of its Real Estate Geographic Targeting Order (GTO) beyond Manhattan and Miami to include six major metropolitan areas in the United States. The GTO will temporarily require U.S. title insurance companies to identify the natural persons behind shell companies used to pay “all cash” for high-end residential real estate in the following major U.S. geographic areas: (1) all boroughs of New York City; (2) Miami-Dade County and the two counties immediately north (Broward and Palm Beach); (3) Los Angeles County; (4) three counties comprising part of the San Francisco area (San Francisco, San Mateo and Santa Clara); (5) San Diego County; and (6) the county that includes San Antonio (Bexar County).

The monetary thresholds for each geographic area range from $3 million in Manhattan and $1.5 million in the other New York boroughs, to $2 million in California, $1 million in Florida and $500,000 in Bexar County, Texas. FinCEN remains concerned that all cash purchases may be conducted by individuals attempting to hide their assets and identity by purchasing residential properties through limited liability companies or other cloaked entities. According to FinCEN, information provided from the GTO will help law enforcement identify possible illicit activity and will assist in informing future regulatory approaches. In particular, a significant portion of covered transactions have indicated possible criminal activity associated with the individuals reported to be the beneficial owners behind shell company purchasers. Because title insurance is a common feature in the vast majority of real estate transactions, title insurance companies have come to play a central role in providing FinCEN with valuable information about real estate transactions.

GTO was renewed on Feb. 23 for 180 days. Law enforcement officials have indicated that the information obtained from the GTO has streamlined their process for determining true owners of real estate purchased with cash.

FinCEN (Customer Due Diligence and Beneficial Ownership Requirements)
On May 11, 2016, FinCEN issued a final rule under the BSA that “clarifies and enhances” customer due diligence and beneficial ownership requirements (CDD Final Rule). The CDD Final Rule also urges Congress to pass beneficial ownership legislation that would require companies formed in the United States to file beneficial ownership information with the Treasury Department or otherwise be subject to penalties. Not only does the CDD Final Rule amend existing BSA regulations, it also strengthens the obligations of covered financial institutions. Covered financial institutions—banks, brokers or dealers in securities, mutual funds, futures commission merchants and introducing brokers in commodities—must be in full compliance with the CDD Final Rule by May 11, 2018.

Among other requirements prescribed by the CDD Final Rule is a mandate for covered financial institutions to identify and verify the identities of the natural persons who own, control and profit from the legal entities to which the financial institution provides services. Additionally, the CDD Final Rule attempts to harmonize BSA program rules with those of the global community to make it cost-prohibitive to launder proceeds in the United States from activities committed in other countries. Further, the CDD Final Rule clarifies several components of CDD that will enhance financial transparency and safeguard the financial system against illicit use.

The impact of the CDD Final Rule is immediate and profound, and will require covered financial institutions to implement and maintain the so-called “fifth pillar” of AML compliance to meet their regulatory obligations. The “fifth pillar” mandate obligates covered financial institutions to develop processes and controls of obtaining and monitoring the identification and verification of beneficial owners of legal entities, the maintenance of customer risk profiles, and the detection and reporting of any potential and actual suspicious activities. The expectation to incorporate the “fifth pillar” for an effective AML program expands upon the four core and traditional pillars that have been in place for many years: (1) development of internal policies, procedures and related AML controls; (2) designation of a compliance officer; (3) a thorough and ongoing training program; and (4) independent review and compliance.

Naturally, these updates raise an important question: What do these new requirements mean? For financial institutions, it means you can expect regulators and examiners to closely scrutinize your processes and controls for detecting and reporting suspicious activities. They will seek assurance and confirmation that your firm’s program satisfies the ever-increasing expectations of an effective and adequate AML program. Regulators will also expect a high level of cooperation from covered financial institutions in sharing information and intelligence gained from these new requirements to assist in the investigation and prosecution of money launderers and individuals financing terrorist activities.

Chuck Pine is a managing director in BDO’s Financial Services Advisory practice. He can be reached at [email protected].

The Broad Reach of N.Y.’s Cyber Regulation; Act Now to Achieve Timely Compliance

By Judy Selby

Last month the New York State Department of Financial Services (NYDFS) issued the first-in-the-nation cybersecurity regulation, which became effective on March 1, 2017.

The press release accompanying the regulation states that it is intended to require banks, insurance companies and other regulated entities “to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of New York state’s financial services industry.”

While the regulation in and of itself is of critical importance, the extensive reach of the regulation to regulated and non-regulated entities both in and outside of New York merits particular attention. Companies across the country, and even outside of the US, will be affected—either directly or indirectly—by the new regulation.

History of the NYDFS
Founded in October 2011, NYDFS is one of the most important financial regulators in the country. It regulates more than 3,900 banks, insurance companies, credit unions, mortgage brokers and other financial institutions doing business in New York state. The agency was created to “modernize regulation by allowing the agency to oversee a broader array of financial products and services, rather than the previous system of limiting regulation to services provided by only certain types of institutions.” Generally speaking, the NYDFS supervises a wide range of financial institutions including banks, bank and trust companies, charitable foundations, foreign bank branches, holding companies, mortgage bankers and brokers, insurance agents and brokers, and health, accident, life, property and casualty insurance companies that do business in New York state, even if they are not based in the state. Consequently, NYDFS’s regulatory reach extends well beyond the borders of New York state.

Direct Regulation by the NYDFS
Broadly speaking, financial institutions that are New York state-chartered or -licensed are directly regulated by NYDFS. Although the proposed NYDFS cybersecurity regulation contains certain exemptions from enforcement, including for covered entities that do not exceed certain thresholds regarding number of employees, gross annual revenue and year-end assets, NYDFS’s regulatory scope extends to financial institutions domiciled outside of New York state, and even outside of the U.S. NYDFS maintains a publicly available database of entities it regulates, which is accessible here. Unless a covered entity falls within an exception, it will be covered by the new cybersecurity regulation and will have to certify compliance beginning in 2018.

Indirect Regulation by the NYDFS
Among the most groundbreaking of the requirements in the new regulation are those related to third-party service providers doing business with regulated companies. By requiring covered entities to implement policies and procedures to enforce cybersecurity standards for their third-party service providers, the NYDFS is exponentially extending its reach well beyond the covered entities themselves.

The current proposed regulation contains rigorous requirements related to the cybersecurity risk profile of third parties, and mandates that covered entities develop written policies and procedures, identify risks, conduct period risk assessments and implement due diligence processes to guard against third-party cyber risks. The proposal states:

Section 500.11 Third-Party Service Provider Security Policy
(a) Third-Party Service Provider Policy. Each Covered Entity shall implement written policies and procedures designed to ensure the security of Information Systems and Nonpublic Information that are accessible to, or held by, Third-Party Service Providers. Such policies and procedures shall be based on the Risk Assessment of the Covered Entity and shall address to the extent applicable:
   (1) the identification and risk assessment of Third-Party Service Providers;
   (2) minimum cybersecurity practices required to be met by such Third-Party Service Providers in order for them to do business with the Covered Entity;
   (3) due diligence processes used to evaluate the adequacy of cybersecurity practices of such Third-Party Service Providers; and
   (4) periodic assessment of such Third-Party Service Providers based on the risk they present and the continued adequacy of their cybersecurity practices.

(b) Such policies and procedures shall include relevant guidelines for due diligence and/or contractual protections relating to Third-Party Service Providers including to the extent applicable:
   (1) the Third-Party Service Provider’s policies and procedures for access controls including its use of Multi-Factor Authentication as defined by section 500.12[1] to limit access to sensitive systems and Nonpublic Information;
   (2) the Third-Party Service Provider’s policies and procedures for use of encryption as defined by section 500.15[2] to protect Nonpublic Information in transit and at rest;
   (3) notice to be provided to the Covered Entity in the event of a Cybersecurity Event directly impacting the Covered Entity’s Information Systems or Non-public Information being held by the Third‑Party Service Provider; and
   (4) representations and warranties addressing the Third-Party Service Provider’s cybersecurity policies and procedures that relate to the security of the Covered Entity’s Information Systems.

(c) Limited Exception. An agent, employee, representative or designee of a Covered Entity who is itself a Covered Entity need not develop its own Third-Party Information Security Policy pursuant to this section if the agent, employee, representative or designee follows the policy of the Covered Entity that is required to comply with this Part. (Emphasis added)

For many covered entities, identifying all relevant third-party service providers, developing written policies and procedures, and conducting an initial risk assessment of each service provider will be a major and time-consuming undertaking. Although the deadline for compliance with Section 500.11 is two years from the March 1, 2017, effective date of the regulation, given the stringent requirements of the regulation and the sheer number of third-party service providers utilized by many covered entities, taking immediate steps to comply with this section is highly recommended in order to meet the upcoming deadline.

BDO Spotlight: Q&A with Sanjay Marwaha

Sanjay Marwaha recently joined BDO as managing director and practice leader in the Risk Advisory Financial Services practice. Based in New York City, he joins BDO from a Big Four accounting firm where he served in various roles, including chief of staff and director of the Governance, Risk and Compliance practice. He has deep industry experience in leading complex engagements in performance improvement (PI), Enterprise Risk Management (ERM), internal audit (IA) and business process management (BPM). He has also led teams in analysis of emerging global risk guidelines and regulations for senior management client groups, as well as prepare firms for applications or reviews of risk and compliance activities.

Can you tell us about your background and experience prior to joining BDO?

I’ve had several unique roles throughout my career. Prior to joining BDO, I spent several years as both the chief of staff and director for the Governance, Risk and Compliance practice at a Big Four accounting firm. In those roles, I developed and built out risk and compliance programs for financial institutions seeking to implement transformational initiatives. While my primary focus was on providing services to the financial services sector, insurance companies and regulators, I also served multinational conglomerates. Prior to that, I spent some time at General Motors Asset Management and JPMorgan Chase.

I developed a keen interest in financial services at a very early stage in my career. I was especially interested in the way things were unfolding with emerging risks during the dot-com boom, particularly in regards to the financial markets. For my MBA, I focused on my interest in Finance and Competitive & Organizational Strategy. Combining those two interests, financial markets and organizational strategy, is what led me to the career path I’m currently on.

What drew me to BDO was the opportunity to help build out our financial services offerings within the Risk Advisory Services practice. My colleagues and I are building upon the risk, controls, internal audit, Sarbanes Oxley and business process capabilities of the practice, while developing solutions for financial services institutions. 

What compliance and regulatory changes do you see coming down the pipe as a result of the new administration? How do you expect firms will react to these changes?

We can expect several changes to the overall regulatory landscape in the years ahead—many of which will depend on the presidential picks for several government positions. These positions have terms expiring or are yet to be filled, including the U.S. Securities and Exchange Commission chairman, Commodity Futures Trading Commission chairman and Department of Labor secretary. The administration will also have a role in picking the new leaders of the Federal Deposit Insurance Corporation (FDIC) and the Office of the Comptroller of the Currency (OCC), with both terms set to expire in 2017, and the Consumer Financial Protection Bureau (CFPB) director and Federal Reserve Board (FRB) chair, with both terms ending in 2018.

We can expect several regulatory changes in the year ahead. One significant change would involve modifications to the Dodd–Frank Wall Street Reform and Consumer Protection Act and/or the rulemaking process, with the Financial CHOICE Act (2.0) positioned as a potential alternative in several areas. Many regulatory changes that could happen will also take place within specific bureaus. We anticipate that these changes will lead to a greater overall need for risk advisory services.

Overall, I believe regulatory changes should go hand-in-hand with driving value for the business. Some regulations are implemented to bolster confidence in the marketplace. Others drive change and add value to what institutions already have in place. From any organization’s perspective, it’s important to see how changes to regulations can add value. A revision of bank capital standards, for example, could benefit banks, which have long grown accustomed to the current standards.

What new technology and data risks are the industry facing in 2017?

Cyber risk is becoming more prevalent across the industry—especially with the number of emerging technologies, including blockchain, set to become multibillion dollar markets over the next few years. The New York State Department of Financial Services (NYDFS) recently finalized cybersecurity regulations, which will require financial institutions, insurance companies and other DFS-regulated financial services institutions to implement a cybersecurity program and review and update that program on an annual basis (see page 5). The regulation has many provisions that will impact several organizations, including the required designation of a Chief Information Security Officer (CISO) by every institution with more than 10 employees, $5 million in annual gross revenue and $10 million in year-end total assets.

Recently, the FRB, OCC and FDIC have also issued advanced notice of proposed rulemaking (ANPR) on enhanced cyber risk management standards for large banking organizations. Given these developments, we can expect more emphasis on cyber risks. Cybersecurity as a focus will not be going away anytime soon.

What leading practices should companies employ when developing governance, risk and compliance frameworks to meet regulatory expectations?

With the guidance provided by the OCC on heightened standards (HS) and the FRB on the enhanced prudential standards (EPS), institutions are enhancing their frameworks to meet regulatory expectations. Implementing sufficient governance frameworks begins with understanding the company’s broader enterprise risk management strategy. There are two main areas companies should consider. First, they must have several clear lines of defense. In the first line of defense, risk is owned and managed in the business. The second line of defense includes risk oversight owned by risk and compliance. Finally, the third line of defense involves internal audits, which provides assurance. The second area that companies should consider is whether their current risk management programs are consistent with their business risk appetite and threshold for taking risks.

At the end of the day, companies must have a good understanding of how to best meet both the rules and guidance issued by regulatory bodies. They must also be responsible for managing their own risk in a way that drives revenue in the most efficient and effective way possible. That is where we can be of assistance, by helping organizations determine their growth plans based on their unique risk appetite and future goals.

What market issues and services will your practice be focused on in the year ahead?

In the year ahead, our Risk Advisory Financial Services team will focus heavily on performance improvement through internal audit, enterprise risk management, and process and control design and execution. We help organizations manage each step of the process—from the initial design through execution.

Another area we’ll be focused on is helping organizations implement the proper controls for monitoring, process management and risk reduction, along with tracking key metrics—the goal of which is to optimize current business processes and drive value. To build out our capabilities in these areas, we plan to continue building upon the foundational skills of our own professionals, push our innovative thinking further and maximize our collaboration across several industry lines. 

Sanjay Marwaha is a managing director and leader of BDO’s Risk Advisory Financial Services practice. He can be reached at [email protected].

Federal Tax Reform

What are we likely to see in 2017?

By Glenn James

One might very well define tax reform as the alteration of an existing system of taxation that results in a fairer distribution of the tax burden among those subject to tax. The “need for tax reform” has been an abiding issue for decades, on both sides of the political spectrum, and it seems that nearly everyone on each side of that spectrum earnestly believes that tax reform means “I will pay less.” Invariably, reform, when it comes as it has periodically, results in some paying significantly more and others paying somewhat less. It never happens that everyone pays less and the government somehow receives more.

In what might reasonably be regarded as the most stunning swing in presidential politics since Ronald Reagan deprived Jimmy Carter of a second term, we are once again at the threshold of the possibility of sweeping tax reform. One party has control of both houses of Congress and the executive branch, but how aligned are their plans when you scrutinize the details?

Both the president and the majority party in Congress have separately signaled, in broad principle, the changes they would like to make in federal tax policy. The changes proposed would affect three federal tax regimes: individual income taxation, estate taxation and corporate income taxation.

The central principle of both proposals with respect to individual and corporation income tax reform is the reduction in rates of taxation. Both the president and the congressional majority have proposed a top tax rate of 33 percent on individual income, compared to the current top rate of 43.4 percent (39.6 percent regular income tax plus 3.8 percent net investment income tax). Each proposal, however, incorporates tax base expansion, which will offset some of the rate relief.

The congressional majority has proposed a reduction in the tax rates on dividends, interest and long-term capital gains income from the current rates of 23.8 percent, 43.4 percent and 23.8 percent, respectively, to 16.5 percent across the board. The president’s proposal does not propose changes in the tax rates on dividends, interest or capital gains. The theory in support of rate reduction is twofold: first, it results in increased investment that results in GDP growth and, second, lower rates reduce the incentive to engage in tax planning, which reduces erosion of the tax base.

Each of the two proposals incorporate repeal of the alternative minimum tax (AMT), and each proposal includes further AMT-like reductions of allowable itemized deductions through income level phaseouts. The net effect would transform the regular income tax into the AMT but with higher rates. Each proposal, however, excludes charitable contributions and home mortgage interest deductions from phaseout.

The president’s proposal includes repeal of the Net Investment Income Tax but makes no mention of the companion Medicare surtax. The congressional majority proposal is silent on both the Net Investment Income Tax and the Medicare surtax. This may be simply because the clear aim of the congressional majority is the repeal of the ACA, which would in turn repeal all aspects of its tax provisions.

Each proposal includes child subsidies, but only the congressional majority addresses education subsidies in its proposal, which seeks simplification and increased reliance upon savings incentives for education.
Not surprisingly, each proposal calls for repeal of the federal estate tax, referred to disdainfully as the death tax, which has always been regarded by conservatives as repugnant to American values. A temporary state tax repeal was achieved during the previous decade but ultimately failed to become permanent because proponents of the repeal were in the minority party when the vote to extend resurfaced in Congress.

By far the most radical aspect of each proposal for tax reform is with respect to corporate income tax policy. Central to each proposal is a substantial reduction in the corporate income tax rate and an expansion of corporate income subject to tax. There are significant differences in approach, however. The president’s proposal would reduce the top corporate income tax rate to 15 percent from 35 percent.  It would also broaden the tax base by requiring U.S. companies to pay tax on the earnings of their foreign subsidiaries when they are earned, as opposed to when they are received back in the U.S. as is now the rule.

The congressional majority proposal reduces the corporate income tax rate to 20 percent but eliminates the deduction for interest expense (except for banks) and calls for changing from the present system of taxation on worldwide income to one of territorial income taxation. The latter option is somewhat similar to the way corporate income is now apportioned to the various state jurisdictions. The congressional majority proposal also calls for the expansion of immediate deductions of capital expenditure.

Ironically, the immediate impact of tax rate reduction on many corporations (especially banks) will be a substantial charge against income for devaluation of their deferred tax assets.

Now, how likely is it that all of this tax reform will become law?

As the term implies, the congressional majority does indeed have a majority of seats in both the House of Representatives and the Senate. The lead in the Senate, however, is not enough to enable the majority to achieve the 60 votes needed to pass a tax bill without the concurrence of at least eight members of the minority. This is because of Senate Rule 22, often referred to as either the cloture rule, or the filibuster rule.

Rule 22 is not required by the U.S. Constitution, but it was adopted by the Senate under the constitutional grant of authority in section 5 of Article I to “determine the Rules of its Proceedings.” Thus, Rule 22 can be changed by a simple majority vote of the Senate to render other bills also passable by a simple majority.

The importance of Rule 22 is that it provides a protection against the potential for “tyranny of a slim majority” of senators. Accordingly, while its existence has at times infuriated each side of the aisle, depending upon which party is in the majority, each side has been loath to repeal the rule, knowing that it will one day be in the minority again and thus dependent upon the rule for protection.

Nevertheless, in 2013 the then-Senate majority, by a vote of 52 to 48, changed the rule for presidential nominations to fill agency and judicial appointments (below those of Supreme Court justices), to end debate on those appointees and to pass them by a simple majority. The current president has made clear that he favors repeal of the rule in respect of appointments to the U.S. Supreme Court as well. It is not, however, clear that a majority of senators would agree to repeal the rule in that respect.

What is even less likely than a repeal of the cloture rule is getting eight senators in the minority to vote in favor of the majority’s tax reform proposal, which is a second option for passing a new tax bill. On its face, a reduction of corporate income tax rates and the rates of tax applied to high income earners is antithetical to the minority’s manifesto, which proposed higher rates of tax on a broader tax base. Approval by the minority would seem possible only if irresistible concessions are achieved in other policy areas.

Given the number of long-tenured majority senators who have experienced both frustration and elation in the application of Rule 22, combined with the level of controversy coming in the opening weeks of the new administration, the probability of a repeal of Rule 22 seems low. But then again, the probability of the president’s election was also regarded as quite low; 2017 will, no doubt, be an exciting year.

Glenn James is a partner and tax practice leader in BDO’s Financial Institutions & Specialty Finance practice. He can be reached at [email protected]

For any questions regarding this publication, or the BDO FI&SF practice, please feel free to contact one of the individuals noted below:

Jim Carter
  Glenn James


Tim Mohr
  Rick Baab


Paul Bridge
  Brian Kirkpatrick


Imran Makda
  Barry M. Pelagatti


Ernie Saumell
  Laurence Talley


[1] Section 500.12 Multi-Factor Authentication: Based on its Risk Assessment, each Covered Entity shall use effective controls, which may include Multi-Factor Authentication or Risk-Based Authentication, to protect against unauthorized access to Nonpublic Information or Information Systems.
[2] Section 500.15 Encryption of Nonpublic Information: As part of its cybersecurity program, based on its Risk Assessment, each Covered Entity shall implement controls, including encryption, to protect Nonpublic Information held or transmitted by the Covered Entity both in transit over external networks and at rest.