In an unexpected move earlier this week, the FDIC issued a Financial Institution Letter (FIL) announcing that it was withdrawing the list of “risky” merchant categories that was included in prior guidance on account relationships with third-party payment processors (TPPPs). Among the listed categories were payday loans and money transfer networks. The FIL’s practical impact will depend on how it influences future FDIC examination activity.
A staff report recently issued by the House Oversight and Government Reform Committee identified the FDIC's list as the primary source for the categories of businesses targeted by “Operation Choke Point,” the coordinated federal multiagency enforcement initiative targeting banks serving online payday lenders and other companies that have raised regulatory concerns. At the House Financial Services Committee hearing last week on “Operation Choke Point,” committee members voiced industry charges that FDIC examiners have been using the list to intimidate banks into terminating relationships with companies in the listed categories regardless of whether such companies were engaged in legitimate activities and operating lawfully.
In the FIL, the FDIC states that it is “clarifying its supervisory approach to institutions establishing account relationships with [TPPPs].” It describes the list as containing “examples of telemarketing or Internet merchant categories that had been associated by the payments industry with higher-risk activity.” According to the FDIC, the categories “included activities that could be subject to complex or varying legal and regulatory environments, such as those that may be legal only in certain states; those that may be prohibited for certain consumers, such as minors; those that may be subject to varying state and federal licensing and reporting regimes; and those that may result in higher levels of complaints, returns, or chargebacks.”
The FDIC characterizes the list as “incidental to the primary purpose of the guidance, which was to describe the risks associated with financial institutions’ relationships with TPPPs, and to provide guidance to insured institutions on appropriate risk management for relationships with TPPPs.” Without conceding any overreaching by its examiners, the FDIC states that the list has “led to misunderstandings regarding the FDIC's supervisory approach” and resulted “in the misperception that the listed examples of merchant categories were prohibited or discouraged.” It then explains, in wording that tracks its October 2013 FIL on TPPP relationships, that “[i]n fact, it is the FDIC's policy that insured institutions that properly manage customer relationships are neither prohibited nor discouraged from providing services to customers operating in compliance with applicable federal and state law.”
While the FDIC has removed the list from its guidance and an article in its Summer 2011 Supervisory Insights, the practical impact of the FIL will depend on how FDIC examiners approach banks that do business directly or through TPPPs with payday lenders and other listed businesses. The FIL states that the FDIC will not criticize an institution that “is following the outstanding guidance” for “establishing and maintaining account relationships with TPPPs.”
However, the potential remains for FDIC examiners to apply unduly restrictive standards in determining whether a bank is following FDIC guidance. Given that banks continued to feel the effects of “Operation Choke Point” despite the FDIC's clarification in its October 2013 FIL that banks were neither prohibited nor discouraged from providing services to merchants operating lawfully, and given industry concerns about the FDIC’s attitude to the businesses on the removed list, we are concerned that the new FIL may be insufficient to protect listed businesses that are operating lawfully.