On January 19, the Federal Reserve Board (FRB) and New York Department of Financial Services (NYDFS) each issued orders settling an action against a large global bank for alleged BSA/AML violations and other compliance failures. The FRB issued a cease and desist order with a $2.4 million civil money penalty, while the NYDFS issued a consent order with a $30 million civil money penalty.Continue Reading Federal Reserve and NYDFS Penalize Large Global Bank for BSA/AML and Other Compliance Failures

On August 27, the Federal Reserve, FDIC, and OCC jointly published guidance on the types of due diligence community banks should engage in when contemplating arrangements with financial technology companies or FinTechs.  While the diligence guidance is voluntary, the banking agencies suggest that community banks should conduct due diligence with respect to FinTechs in six key areas:  (i) business experience and qualifications, (ii) financial condition, (iii) legal and regulatory compliance, (iv) risk management and controls, (v) information security, and (vi) operational resilience.  The guidance then provides subcategories for due diligence within each category, and provides relevant considerations for the bank for each subcategory, and potential sources of information.  The subcategories are as follows:
Continue Reading Banking Agencies Release Due Diligence Guidance on Community Bank-FinTech Relationships

On July 13, the Federal Reserve, FDIC, and OCC proposed risk management guidance to help banking organizations manage risks related to third-party relationships, including relationships with vendors, FinTech companies, affiliates, and the banking organizations’ holding companies.  The proposal is based on existing but disparate third-party risk management guidance from the three prudential regulators, and is intended to promote consistency across the banking agencies.  If finalized, it will replace the guidance that each agency has released independently.
Continue Reading Federal Agencies Request Comments on Risk Management Guidance for Third-Party Relationships