Home Bank Banks and fintechs ought to carry out ‘belief workout routines’ amid OCC scrutiny of BaaS

Banks and fintechs ought to carry out ‘belief workout routines’ amid OCC scrutiny of BaaS

Banks and fintechs ought to carry out ‘belief workout routines’ amid OCC scrutiny of BaaS


It could simply be that banking-as-a-service (BaaS) suppliers and fintechs have grown into distinctive and now mature collaborators that justify up to date and revised necessities from regulators. Earlier this month, Performing Comptroller of the Foreign money Michael J. Hsu spoke at The Clearing Home and Financial institution Coverage Institute’s Annual Convention, outlining the Workplace of the Comptroller of the Foreign money’s (OCC) official steerage for maturing necessities on financial institution and fintech partnerships.  

Clint Heyworth, director of compliance, Alloy

The OCC’s actions might seem to impose new necessities, but when previous guidelines might be relied on, they may probably solely impose finest practices all through an business which can power immature corporations out of the house, rising the potential power of these remaining however subjecting the hurt that may circulation from their market energy to the federal regulatory construction. All that to say, typically you simply have to maneuver as much as the following weight class.

In any case, we must always keep in mind that regulators are chargeable for defending shoppers who get hold of and use monetary companies merchandise, even after we disagree on the main points. Fairly than shrink back from these partnerships out of concern of extra regulation, banks and fintechs alike ought to see this as a possibility to strengthen their relationships with one another, regulators and their prospects. 

Present regulatory panorama  

Put merely, the chartered financial institution holds the first accountability and threat for compliance in financial institution and fintech partnerships. Nevertheless, that is an actively evolving house within the regulatory panorama. It’s vital to level out that the OCC is only one regulator, and since it regulates bigger nationwide banks, it doesn’t really oversee nearly all of banks within the U.S. In our estimation, the U.S. federal prudential banking regulators will probably be joined by the FTC and state regulators to have probably the most significant affect on this house.  Following is a abstract of the place some key gamers on this regulatory house at the moment stand on financial institution and fintech partnerships:  


In August 2021, the OCC printed a 20-page information directing neighborhood banks to conduct due diligence on their third-party fintech companions. Alongside Hsu’s latest remarks, the OCC notably ordered Blue Ridge Financial institution to extend its due diligence and its oversight of third-party fintech partnerships.  

Federal Deposit Insurance coverage Company (FDIC) 

Though all banks are insured by the FDIC, many companion banks are neighborhood banks or mid-size banks, which are sometimes straight regulated by the FDIC. The FDIC has a information of its personal on how banks ought to oversee third-party fintech partnerships. And, because the OCC and CFPB proceed to be aggressive on this challenge, we anticipate the FDIC to comply with go well with.  

Shopper Monetary Safety Bureau (CFPB) 

Since being confirmed in 2021, CFPB Director Rohit Chopra has been outspoken in regards to the shut eye he’s protecting on nonbanks in monetary companies. “To the extent that large tech corporations are utilizing the treasure troves of knowledge, there must be some parity with native banks and different monetary establishments which are following the regulation,” he mentioned shortly after being confirmed.  

Federal Commerce Fee (FTC) 

The FTC, a long-time consumer-focused regulatory physique, participates in federal enforcement of quite a lot of shopper finance legal guidelines, together with the Gramm-Leach-Bliley Act (GLBA), which regulates the remedy of nonpublic private info of shoppers by monetary establishments. The FTC will proceed to affect public coverage — particularly because it pertains to privateness necessities at banks — which requires banks and fintech companions to stage set this federal regulatory physique in opposition to state and worldwide privateness necessities. 

State regulators 

Within the U.S., the monetary companies business is topic to each federal and state rules. Traditionally, states have by no means had a lot of an curiosity in regulating financial institution and fintech partnerships, probably as a result of they hold corporations from acquiring state licenses and lowering income alternatives for states. State rules differ on a state-by-state foundation, with many states already starting to extend their oversight of bank-fintech partnerships. State attorneys normal have not too long ago challenged financial institution partnerships as “rent-a-bank” to allow fintechs to keep away from complying with state legal guidelines, notably state usury legal guidelines. For that reason, states at the moment are aligning with present federal company challenges to the financial institution partnership mannequin. 

Way forward for financial institution, fintech partnerships 

Companion banks will face deeper questions from examiners about their vital service suppliers to ascertain that they’ve acceptable oversight and management over their applications provided by fintech partnerships. Banks will want to have the ability to set up the integrity of their very own third-party vendor administration methods to reveal their companions are, the truth is, in good situation and wholesome sufficient to supply the companies the financial institution is contracting. Banks don’t should be fearful of this or decelerate their plans to companion with fintechs. They need to assess their present vendor administration program and be sure that it’s enough. It’s all the time higher to determine an issue your self earlier than regulators are at your door, and companion banks will more and more must show to regulators that they’re performing the correct due diligence on third-party distributors.  

For fintechs that have already got a deep understanding of the extremely regulated monetary companies house, it’s enterprise as common. A key accountability of fintechs in financial institution partnerships has all the time been to allow their companion financial institution to satisfy their regulatory necessities — together with compliance with the BSA and KYC/AML necessities, transaction monitoring and information safety — and that is extra vital now than ever. 

For each banks and fintechs, this implies they will should strengthen belief with one another.  

Constructing a “belief partnership” 

I’m certain many people have been at some kind of team-building retreat the place we needed to do a belief fall with a crew member. To a sure extent, banks are doing a belief fall into their fintech partnerships. All they will actually do is clearly talk their regulatory necessities to their fintech companions and hold a detailed eye on them, however additionally they should belief the fintech companions will comply with the rules.  

The onus is basically on the fintech to point out the financial institution that they are often trusted with this vital activity. However belief doesn’t imply a scarcity of oversight over the fintech companions and their applications. Belief means establishing a working relationship and course of that each meet the banks’ regulatory and threat necessities and helps the launch and enlargement of the fintech program. 

Listed here are some tangible ways in which fintechs and companion banks can nurture a trusting relationship: 

  1. Rent competent compliance folks. Fintechs should level-up their information of the regulatory panorama. It begins with accepting and embracing that there’s a “fin” part in fintech. There’s going to be elevated oversight, there must be folks on the fintech that perceive rules and might defend their applications. Search for folks with confirmed expertise on this extremely regulated house who know the dangers related to it; 
  2. Repeatedly talk. The compliance and threat groups at banks and fintechs must be assembly weekly. Holding the strains of communication open is vital, particularly as a result of rules continuously evolve; 
  3. Reply shortly. Responsiveness in fintech and financial institution partnerships is essential — non-compliance can have main monetary and reputational implications for companion banks, so fintechs must deal with compliance issues as a excessive precedence; and 
  4. Get on a aircraft! Banking remains to be a really in-person, face-to-face business. Leaping on a aircraft and having in-person conferences (and when you may’t meet in individual, hitting the dreaded video-on button in your Zoom) will go a protracted strategy to construct belief. 

Wanting forward 

The OCC’s latest remarks and enforcement in opposition to Blue Ridge Financial institution are simply the tip of the iceberg. If you take a look at the OCC’s latest statements and couple that with an aggressive regulator just like the CFPB, it’s only a matter of time till different regulators comply with go well with and proceed tightening rules on financial institution and fintech partnerships. This might trickle right down to third-party infrastructure suppliers as effectively. These suppliers also needs to be watching this house, hiring folks which are outfitted to navigate it and constructing belief partnerships with their financial institution and fintech companions.  

Clint Heyworth is the director of compliance at Alloy and brings nearly 20 years of expertise within the subject to the corporate.  



Please enter your comment!
Please enter your name here