FDIC Takes Action Against Banks with Risky Fintech Partners

The Federal Deposit Insurance Corporation (FDIC) took action against a bank for a banking-as-a-service relationship (BaaS). Banks are held accountable for the actions of their BaaS and financial technology (fintech) partners, as explained in an article from Adams and Reese LLP.

There has been an increase in the number of consent orders issued by the FDIC claiming unsafe or unsound business practices involving third parties. The FDIC asks that banks review and revise their compliance strategies and take a look at their recently updated Interagency Guidance on Third-Party Relationships.

BaaS and fintech relationships can be beneficial to a bank’s marketing strategy and give access to new technology as long as they do not interfere with compliance regulations. To ensure the security of third-party relationships and avoid FDIC scrutiny, here are three suggestions:

1. Update third-party risk management policies and procedures.
2. Increase due diligence and review the Interagency Guidance on auditing vendors.
3. Introduce fintech partners to banking compliance regulations and the Interagency Guidance to make sure fintechs understand the expectations placed on them. Fintech companies are not held responsible for the same regulations as banks so they need to understand the standard banks are held to.

To stay proactive in managing risks, banks should follow these suggestions and keep their compliance programs current when involving third parties.