OIG Issues Audit Memorandum to FDIC’s Regional Service Provider Examination Program, Impacts Fintechs

A.J.S. Dhaliwal, Moorari Shah
Sheppard Mullin Richter & Hampton LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Sheppard Mullin Richter & Hampton LLP

On December 21, the Office of Inspector General (OIG) of the FDIC issued its audit memorandum on the FDIC’s Regional Service Provider (RSP) Examination Program. The OIG’s objective was to assess the effectiveness of the FDIC’s RSP Examination Program related to third-party risks to banks, including for compliance with interagency service provider guidance (we discussed this final guidance in a previous blog post here).

Under its RSP Examination Program, the FDIC examines RSPs to evaluate their overall risk exposure and risk management performance, and determine the degree of supervisory attention needed to ensure weaknesses are addressed and risks are properly managed by the banks using these RSPs. Here, RSPs are smaller in size, less complex, and provide services to banks within a local region.

Overall, the OIG found that the FDIC has not formally established performance goals, metrics, and indicators to measure overall program effectiveness and efficiency. As a result, the OIG was unable to conclude on the program’s effectiveness; however, it identified opportunities to improve the RSP examination program: (1) monitor reports of examination distribution timeliness; (2) comply with examination frequency guidelines; (3) provide additional guidance on how to use RSP examinations in support of the FDIC’s IT Risk Examination program; and (4) establish a comprehensive inventory of FDIC‑supervised bank service providers and the financial institutions serviced. The OIG recommended that the FDIC conduct a formal assessment of the RSP examination program to establish program-level goals, metrics, and indicators and determine whether additional resources and controls are needed to improve the effectiveness of the program, as identified in the memorandum. The FDIC agreed to take action on the recommendation by December 31, 2024.

Putting It Into Practice: In light of this recent audit calling attention to the FDIC’s RSP Examination Program, we are likely to see an uptick in service provider examinations, specifically of fintechs partnering with banks. We have already seen increasing enforcement from bank regulators based on bank and fintech partnerships with additional requirements for banks to implement stricter oversight of their fintech partners (see herehere, and here). Fintechs and other non-bank companies should be aware of the potential of increased oversight on their bank-fintech relationships, and diligently address the points in recent interagency guidance.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Sheppard Mullin Richter & Hampton LLP | Attorney Advertising

Written by:

Sheppard Mullin Richter & Hampton LLP
Sheppard Mullin Richter & Hampton LLP
Contact
more
less

Sheppard Mullin Richter & Hampton LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide