FDIC Issues Consent Order Against Tennessee Bank

A.J.S. Dhaliwal, Mehul Madia, Moorari Shah, Beineng Zhang
Sheppard Mullin Richter & Hampton LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Sheppard Mullin Richter & Hampton LLP

On January 30, a Tennessee-based community bank entered into a consent order with the Federal Deposit Insurance Corp. following the agency’s allegations that the Bank engaged in unsafe or unsound banking practices relating to its third-party risk management practices with its fintech partners. While the order does not list the FDIC’s concerns with the bank’s third-party partnerships, the order requires it to come up with a plan within 60 days to end its relationship with its “significant third-party fintech partners.” In addition, the bank must implement a program to evaluate and manage the risks associated with the fintechs it directly works with, and fintechs with whom its direct partners work. 

The consent order mandates a comprehensive set of actions and corrective measures aimed at addressing various aspects of the Bank’s operations, management, and regulatory compliance. Some of the key actions demanded include:

  • Enhanced Internal Audit Functions. Develop and implement a plan to bolster audit functions, focusing on high-risk areas (“on boarding deposits obtained through third parties, processing payments obtained through third parties, and sweeping deposits”) with independent audit reporting.
  • Restricted Growth. The bank needs the FDIC’s approval for any growth by more than 10% during any calendar quarter period in total assets or liabilities, or for expanding or adding business lines that would result in annual 10% growth in total assets or liabilities.
  • Manage Third-Party FinTech Risks.
    • Conduct Risk Assessments and Formalize the Onboard Process. Evaluate risks from direct and indirect fintech partners, ensuring due diligence, compliance oversight, and effective internal controls, and mandate external assessments of the bank’s fintech relationships. Moreover, the bank should establish a process for vetting new fintech partners. 
    • Develop Contingency Plans. Create strategies for terminating significant fintech partnerships, ensuring orderly processes.

Putting It Into Practice: The consent order highlights once again (we blogged about a similar consent order here) the intensified scrutiny by federal regulators on fintech partnerships, emphasizing the need for banks to comply with interagency guidance on third-party relationships. Notably, this reflects a broader regulatory focus on ensuring that banks effectively manage third-party risks, especially within fintech collaborations. Banks are advised to reevaluate their fintech partnerships, assess their current risk management programs against the final guidance, identify necessary enhancements, and develop plans to enhance control effectiveness, thereby aligning with regulatory expectations and strengthening compliance frameworks.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Sheppard Mullin Richter & Hampton LLP | Attorney Advertising

Written by:

Sheppard Mullin Richter & Hampton LLP
Sheppard Mullin Richter & Hampton LLP
Contact
more
less

Sheppard Mullin Richter & Hampton LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide