Enter your email address to receive new posts in your inbox:

Delivered by FeedBurner


Like what you see? Share!

Our Attorneys

Banking Agencies Propose Reporting Changes for OTS-Regulated Savings Associations

The federal banking regulators announced on February 3, 2011 a proposal to change the reporting requirements for savings associations and savings and loan holding companies regulated by OTS.  The proposed changes would begin with conversion by savings associations to the filing of Summary of Deposits with the FDIC on June 30, 2011.  Savings associations would file Call Reports in lieu of Thrift Financial Reports beginning March 31, 2012.  The net result of the proposed changes would be uniform reporting systems for FDIC-insured banks and savings institutions.  Similarly, savings association holding companies would have the same reporting obligations to the Federal Reserve as bank holding companies.  Under Dodd-Frank, the OCC, FDIC, Federal Reserve Board, and Bureau of Consumer Financial Protection will assume the functions of OTS on July 21, 2011.  Additional information on the proposed changes may be found here:


IOLTA Accounts Now Covered Under TAGP

The FDIC has issued a final rule that will revise the definition of “noninterest-bearing transaction account” to include Lawyer Trust Accounts (IOLTAs) under the Dodd-Frank Act.  Thus, IOLTAs will receive the same unlimited deposit insurance coverage that other noninterest-bearing transaction accounts receive under the FDIC’s Transaction Account Guarantee Program (TAGP).  Banks participating in TAGP are encouraged, but not required, to notify account holders that their IOLTAs will be fully insured through December 31, 2012.  Based on the original definition of noninterest-bearing transaction accounts under Dodd-Frank (which did not include IOLTAs), the FDIC required participating banks to notify account holders that their IOLTAs would no longer receive unlimited coverage after December 31, 2011.  A description of the final rule and a sample notice can be found here:


ABA Joins Others Against Department of Labor’s Classification of Mortgage Loan Officers

The American Bankers Association recently joined with other financial trade organizations to file an amicus brief in federal district court in opposition to the Department of Labor’s classification of most mortgage loan officers as non-exempt employees for wage and hour purposes.  Under the non-exempt classification, mortgage loan officers would be entitled to overtime pay if they work more than 40 hours during a work week.  Key to the Department’s classification is the view that most mortgage loan officers are essential inside sales employees, and not administrative employees.  For many banks, the limitations imposed by a non-exempt classification could result in significant changes in how mortgage loan officers are compensated.  A copy of Administrator’s Interpretation at issue from the Department of Labor may be found here:


"Maine's New Limited Liability Company Act" from the Maine Bar Journal

Verrill Dana Partner Christopher McLoon, in conjunction with Kevan Deckelmann and Aaron Pratt, authored an article that appears in the most recent issue of the Maine Bar Journal (Volume 25, No.4), titled, "Maine's New Limited Liability Company Act." The first in a series of three, the article addresses the formation of the committee that drafted Maine's new Limited Liability Company (LLC) Act, foundational principles of the Act, and the elements and mechanics of forming a LLC under the new Act. To read the article, please click here.

The Chair of Verrill Dana's Tax Group, Christopher served as the Co-Chair of the Maine Bar Association's Limited Liability Act Drafting Committee, which drafted the Maine Limited Liability Company Act, signed into law on April 9, 2010.


Business Law Alert: Massachusetts Data Security Regulations Now in Effect

Effective March 1, 2010, businesses that handle the “Personal Information” of Massachusetts residents are subject to a comprehensive scheme of data security regulations intended to protect these residents from data breaches and identity theft.  These regulations, promulgated by the Massachusetts Office of Consumer Affairs and Business Regulation and found at 201 C.M.R. § 17.00, apply broadly to persons “who own, license, store or maintain personal information about a resident of the Commonwealth of Massachusetts.”  The regulations are intended to apply to any business in possession of such Personal Information, including businesses that are not located in Massachusetts. 

Under the regulations, “Personal Information” is defined as a Massachusetts resident’s first name (or first initial) and last name, in combination with any of a Social Security number, driver’s license or state-issued ID number, or financial account, credit, or debit card number.  All Massachusetts residents are protected under the regulations, including employees, customers, contractors, and vendors, which means that the regulations are expected to cover a large number of businesses, including many that may not have previously considered the need to implement a data security program.

The new regulations require businesses that own or license Personal Information to implement and maintain a “written information security program” (a “WISP”), which must address several specific areas.  For example, the regulations mandate numerous technical safeguards, including encryption of Personal Information in certain circumstances (such as in the sending of emails and storage on laptops and other portable devices).  Businesses must also adopt various measures to safeguard physical records containing Personal Information.  Examples of such measures may include locking cabinets used to store these records and limiting employee access to such records.  Employee training is a key component of compliance with the new regulations.  The regulations also include certain requirements with respect to contracts with third-party service providers, and, in many cases, it will be necessary for businesses to update their existing contracts with such service providers. Businesses should consider a cross-functional team approach, involving human resources, information technology, and other advisors, in implementing and monitoring compliance with the new rules. 

The regulations require that a WISP be appropriate to the size, scope, and type of business, the amount of resources available to a business, and the amount and type of information a business handles and stores.  In this way, the regulations are intended to recognize that different businesses will take different approaches to their obligation to protect Personal Information.  Many businesses that have already taken steps to protect their employees’ and customers’ Personal Information may be able to make significant progress towards compliance with the new regulations by reviewing and updating already-existing policies, procedures, and technology.  The Massachusetts Office of Consumer Affairs and Business Regulation has published guidance on the new regulations, including a guide for small businesses, which may be found here.

With identity theft becoming an increasing concern in virtually all industries, businesses should carefully assess their policies and procedures for protecting customer and employee personal information.  In addition, businesses that operate in multiple states should be aware that most states, and many federal agencies, have statutes and regulations regarding identity theft and data security.  For example, over forty states, including Maine and Massachusetts, require businesses to notify customers and regulators when a data breach has compromised certain customer information. 

Businesses that use or maintain sensitive personal information susceptible to identity theft should be mindful of this rapidly evolving area of law, and should consider seeking assistance from legal counsel to determine how best to comply with state and federal requirements. 

If you have questions regarding the effect of laws related to identity theft on your business, such as the new Massachusetts regulations, please contact an attorney in the Business Law Group at Verrill Dana, LLP.