Joint Statement By Top Regulators Addressing Bank-Fintech Arrangements

On July 25, 2024, the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation (FDIC), and Office of Comptroller of the Currency, issued a reminder to banks of potential risks associated with third-party deposit arrangements and an accompanying request for information (RFI) on bank fintech arrangements[1].   The Joint Statement highlights examples of risk management practices by banks to manage such risks.   The RFI seeks to collect information about bank-fintech arrangements and focuses on three categories–deposit taking activities, payment activities, and consumer and small lending.  While the regulators insist that it is simply reemphasizing existing guidance and not creating new requirements or establishing new supervisory expectations, commentators are pointing out that this Joint Statement and RFI are an indication of likely increased regulatory focus on the bank-fintech arrangements going forward.

‍

Among a number of aspects, the Joint Statement states that banks must have strong diligence and oversight procedures to properly monitor their fintech partners.  As elaborated in the statement, “Effective compliance management includes conducting active oversight of third-party relationships; ensuring effective complaint management, error investigation and resolution;  maintaining written policies and procedures; ensuring appropriate consumer protection-related disclosures; and managing a potential disruption in service.” In the accompanying RFI, the regulators are requesting information in 3 broad areas as it relates to all bank-fintech arrangements: 1) the nature of bank-fintech relationship, 2) risk and risk management, and 3) trends and financial stability.

‍

Synapse Collapse

It appears likely that the recent collapse surrounding middleware provider Synapse, which served as the link between consumer-facing fintechs such as Yotta and Juno and the banks that held customers’ money, was on regulators’ mind when issuing the statement.   In the case of Synapse, thousands of customers have been locked out of accounts with banks that partnered with Synapse and a potential pitfall of $65 to $96 million has been identified between what consumers are owed and the funds held on their behalf by Synapse partner banks[2].  Regulators have come down heavily on the bank that was working with Synapse for the alleged lack of proper oversight.  A number of other severe enforcement actions issued to banks for “Banking as a Service” arrangements in the last couple of years show accelerating focus on the space.

‍

Oversight Through Technology

It is clear that while the potential benefits of partnerships between banks and fintech are great for all stakeholders involved, it is more important than ever for banks to have effective tools for oversight of their partners.  Historically, that oversight has always been costly and human resource heavy.  In addition to creating proper policies and procedures, compliance officers need to accurately monitor and spot issues and escalate appropriately, which is very complicated to do consistently across many employees, timeframes, and programs.  Having technology that you can use as a tool to effectively analyze large amounts of information as another line of defense is critical.

‍

AI for Compliance Management

Recently, developments in artificial intelligence (AI) have shown great promise for making compliance more efficient.  AI can automate many compliance monitoring tasks, allowing companies to analyze data in real time and predict potential risks. It can help organizations develop data management systems that improve compliance data analysis, tracking, and reporting. This can facilitate a more structured approach to compliance monitoring.  Banks monitoring several fintech partners can rely on a consistent analysis across a number of programs for more effective oversight in areas such as complaints tracking and other compliance monitoring.

‍

References

[1] Joint Statement on Bank’s Arrangements With Third Parties to Deliver Deposit Products, Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, and Office of the Comptroller of the Currency (July 25, 2024).

[2]Did Regulators Send Warning Shot At Already Roiled BaaS Space? Banking Dive (July 31, 2024)