Global: Regulators’ Joint Statement Highlights Concerns Over Bank/FinTech Partnerships

Late last month, several regulatory agencies issued a joint statement and request for information addressing the “potential risks” associated with bank/FinTech partnerships. This move underscores regulators’ concerns about the diminished control and oversight banks may have over critical financial functions when collaborating with FinTech firms.

The statement outlines potential areas for increased regulation, particularly in light of ongoing developments related to the Synapse bankruptcy. While the bankruptcy itself is not explicitly mentioned, it has drawn attention to issues surrounding account oversight and accessibility.

The joint statement, released by the Federal Reserve Board, the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC), highlights that banks are increasingly engaging third parties to provide deposit products and services, such as checking and savings accounts, to end users. These arrangements can help banks achieve strategic goals like revenue growth, deposit increases, and geographic expansion by leveraging new technology or innovative services. However, in these setups, third parties often handle marketing, distribution, and direct provision of these services to customers.

Concerns About Deposit Risks

When banks depend on third parties for managing deposit operations, it can undermine the bank’s existing controls and management of these functions. Without thorough initial due diligence and ongoing monitoring, this reliance raises risks to the integrity of the deposit function, according to the regulators.

Additionally, the involvement of multiple third parties in managing deposit services can lead to fragmented operational functions, complicating the bank’s ability to assess risks effectively. Banks might also face challenges accessing records and transaction systems maintained by third parties, potentially resulting in delays for end-users and exposing banks to legal and compliance risks.

The request for information highlights that some non-bank FinTech companies offer deposit products and services but are not Federally insured depository institutions. As FinTechs expand their offerings, including loans, various payment types, and digital wallets, banks’ existing risk and compliance management systems may need significant upgrades to match the risk profile of these new business models.

The request for comment invites financial institutions and the public to provide feedback on data use structures and agreements for risk monitoring and control, as well as on the associated costs. Specific questions include:

• How are deposit accounts typically titled?
• What practices are used to reconcile bank deposit account records with those of FinTechs?
• Who holds and maintains the account records?
• What additional controls are in place to ensure accurate reconciliations?

This inquiry aims to gather insights on how these partnerships affect risk management and regulatory compliance.