On August 27, the Federal Reserve, FDIC, and OCC jointly published guidance on the types of due diligence community banks should engage in when contemplating arrangements with financial technology companies or FinTechs.  While the diligence guidance is voluntary, the banking agencies suggest that community banks should conduct due diligence with respect to FinTechs in six key areas:  (i) business experience and qualifications, (ii) financial condition, (iii) legal and regulatory compliance, (iv) risk management and controls, (v) information security, and (vi) operational resilience.  The guidance then provides subcategories for due diligence within each category, and provides relevant considerations for the bank for each subcategory, and potential sources of information.  The subcategories are as follows:

Continue Reading Banking Agencies Release Due Diligence Guidance on Community Bank-FinTech Relationships

On July 13, the Federal Reserve, FDIC, and OCC proposed risk management guidance to help banking organizations manage risks related to third-party relationships, including relationships with vendors, FinTech companies, affiliates, and the banking organizations’ holding companies.  The proposal is based on existing but disparate third-party risk management guidance from the three prudential regulators, and is intended to promote consistency across the banking agencies.  If finalized, it will replace the guidance that each agency has released independently.

Continue Reading Federal Agencies Request Comments on Risk Management Guidance for Third-Party Relationships