Building on his remarks to the Blockchain Association and the American Fintech Council earlier this month, the Acting Comptroller of the Currency, Michael J. Hsu, issued a statement on November 16 before the Federal Reserve Bank of Philadelphia Fifth Annual Fintech Conference (we discussed Hsu’s previous remarks in an earlier Consumer Finance & FinTech Blog post here).  As in his prior statement, Hsu points to concerns that the rapidly growing FinTech industry and crypto firms, which currently sit outside of the so-called bank regulatory perimeter, ought to be proactively regulated and supervised in order to avert another 2008-like financial crisis.  In particular, Hsu calls for the regulation of non-banks and fintechs that “provide seemingly the full suite of banking and investment services—including in cryptocurrencies—with the convenience of tech.”  Hsu states that “[t]hese fintechs are reassembling the three legs of banking [by taking deposits, making loans, and facilitating payments] synthetically, outside of the bank regulatory perimeter” or what he refers to as “synthetic banking.”

In his statement, Hsu also states that the regulatory perimeter must take into account not only activities, but also the nature of bank-FinTech partnerships “that enable fintechs to offer banking services to customers” where “often customers are unable to distinguish between providers.”  Hsu states that “to some these partnerships are simply ‘rent-a-charter’ arrangements, which allow fintechs to skirt a host of rules at the expense of customer protection and bank safety and soundness.”  Thus, Hsu states “that modernizing the bank regulatory perimeter cannot be accomplished by simply defining the activities that constitute ‘doing banking,’ but will also likely require determining what is acceptable in a bank-fintech relationship.”

Putting It Into Practice:  This week’s remarks continue to portend increased regulatory scrutiny of bank-FinTech partnerships.  A bank that is considering a FinTech partnership must be aware of the in-depth due diligence that regulators expect a bank to undertake prior to engaging a FinTech, along with the number of risks that such a partnership poses on the bank.  At a minimum, regulators may wish to verify that banks (i) conducted an assessment to identify risks inherent in the proposed activity and developed a plan to manage those risks; and (ii) ensured that each FinTech they seek to engage maintained the operational capacity, required infrastructure, financial viability, demonstrated commitment to regulatory compliance, and subject matter expertise to perform the outsourced banking services contemplated under the partnership.

Likewise, a FinTech company looking to partner with a bank ought to ensure that it has the risk-focused regulatory policies, procedures, programs, and information that banks and regulators will expect it to prepare and maintain.  As the regulatory framework continues to take shape for synthetic banking, in the interim, banks and FinTechs should not lose sight of their regulatory obligations (we discussed the increased focus on Fintech partnerships in an earlier Consumer Finance & FinTech Blog post here).