On January 30, a Tennessee-based community bank entered into a consent order with the Federal Deposit Insurance Corp. following the agency’s allegations that the Bank engaged in unsafe or unsound banking practices relating to its third-party risk management practices with its fintech partners. While the order does not list the FDIC’s concerns with the bank’s third-party partnerships, the order requires it to come up with a plan within 60 days to end its relationship with its “significant third-party fintech partners.” In addition, the bank must implement a program to evaluate and manage the risks associated with the fintechs it directly works with, and fintechs with whom its direct partners work. Continue Reading FDIC Issues Consent Order Against Tennessee Bank

On February 5, several trade groups, including the American Bankers Association, the Independent Community Bankers of America, and the U.S. Chamber of Commerce, filed suit against the Federal Reserve Board, the FDIC, and the OCC accusing the regulators of exceeding their authority under federal law when promulgating new rules under the Community Reinvestment Act (CRA). Continue Reading Bank Groups Sue to Overturn New Community Lending Rules

California has recently proposed legislation that, if enacted, would impose a new licensing requirement for any person providing “commercial brokerage” services to a borrower in connection with a commercial loan of $5,000 or more. The legislation, Senate Bill 869, would expand the current commercial loan broker licensing requirements under the California Financing Law, which, as of now, does not require a license to broker non-real estate secured commercial loans.Continue Reading California Bill Proposes to License All Commercial Loan Brokers

On December 21, the Office of Inspector General (OIG) of the FDIC issued its audit memorandum on the FDIC’s Regional Service Provider (RSP) Examination Program. The OIG’s objective was to assess the effectiveness of the FDIC’s RSP Examination Program related to third-party risks to banks, including for compliance with interagency service provider guidance (we discussed this final guidance in a previous blog post here).Continue Reading OIG Issues Audit Memorandum to FDIC’s Regional Service Provider Examination Program, Impacts Fintechs

The Federal Reserve Board recently issued two Supervision and Regulation Letters that provide guidance on the agency’s supervision of novel activities and the process such as fintech partnerships, crypto-related activities, and activities using distributed ledger or blockchain technology. Continue Reading Federal Reserve Issues Guidance on Supervision of “Novel Activities” by Banks, Impacts Bank-Fintech Partnerships

On June 16, Michael Hsu, the Acting Comptroller of the Currency gave remarks at the American Bankers Association’s Risk and Compliance Conference about the risks of tokenization and AI on the banking industry. While reiterating his skepticism of cryptocurrency (see our previous blog post here), Hsu cautions that the decentralization and “trustlessness” associated with public blockchains will impose severe limitations on the scalability of tokenization, and its associated benefits. Rather, Hsu advocates for the development of centralized and regulated “trusted blockchains” that, due to the security and safety they offer, are better positioned to facilitate the growth of tokenization at scale in a safe, sound, and fair manner.Continue Reading Hsu Suggests Caution in Rollout of AI and Tokenization in Banking

On June 6, the FDIC, FRB & OCC issued final interagency guidance intended to assist their respective supervised banking organizations in identifying and managing risks associated with third-party relationships and in complying with applicable laws and regulations. The final guidance replaces and supersedes each agency’s existing third-party guidance “and promotes consistency in the agencies’ supervisory approaches toward third-party risk management,” and incorporates changes based on comments on the proposed guidance from July 2021 (see our previous blog post on the proposed guidance here). The prior sets of guidance from each of the agencies the final guidance rescinds and replaces includes the FDIC’s FIL-44-2008, FRB’s SR Letter 13-19 and CA Letter 13-21, and OCC’s Bulletins 2013-29, 2020-10. The final guidance is effective immediately.Continue Reading FDIC, FRB & OCC Issue Final Guidance on Risk Management for Third-Party Relationships

Over the last several years, the Securities and Exchange Commission (the “SEC”) and the Commodities Futures Trading Commission (“CFTC”) have been laser-focused on the use of so called “off-channel communications” in the financial services industry. On the theory that employees’ use of personal devices to communicate about business matters violates the “books and records” rules as these communications are not saved in company systems, regulators have conducted intrusive and extensive investigations requiring employees to turn over their personal devices for review. SEC Chairperson Gary Gensler recently stated that “bookkeeping sweeps are ongoing,” having resulted in well over $1 billion in fines so far. While the first round of investigations focused on the large banks, this “sweep” has since spread to hedge funds, credit rating agencies, online banking platforms, and now, to regional banks.Continue Reading SEC Off-Channel Communications Sweep

Recently, CFPB Director Rohit Chopra spoke at a joint meeting of the CFPB’s Community Bank Advisory Council and Credit Union Advisory Council in which he expressed concerns that core service providers that many small banks and credit unions rely on “have too much power in the system.”  Despite providing core banking functions such as deposit taking, payment facilitation, and loan origination, the Director notes that local banks and credit unions report dissatisfaction with providers in their innovation speeds, product roll-outs and third-party compatibility, and tech sophistication.
Continue Reading CFPB Director Critical of Small Bank Core Service Providers