As we close out 2024, it makes sense to look back on the year and the most important developments that we've seen with respect to banks working and partnering with financial technology companies.
For another year, we've seen numerous speeches and indications from the federal banking agencies that they are putting research, people and time into reviewing how banks are best equipped to deal and partner with fintechs in a safe and sound manner, and in a way that complies with applicable laws and regulations.
A major focus this year was on third-party risk and vendor management. This summer, the federal banking agencies issued a number of important pieces of guidance that reiterate and update previous guidance in the area of third-party risk management — much of which focused on bank-fintech partnerships.
In addition to the guidance on banks working with fintech companies and third-party risk management, 2024 also saw a material advancement, both domestically and globally, with respect to cryptocurrencies and digital assets.
While the U.S. has been slow to adopt guidance and certainly regulation in the area of cryptocurrency or digital assets, it does remain a hot topic for discussion in the federal banking agency context as well as the financial markets regulatory context.
Importantly, however, on a global scale, the U.S. appears to be lagging in its attention to cryptocurrencies and digital assets. We expect more on these topics in 2025. Focusing on bank-fintech partnerships, while there's too much activity to discuss in just one article, there are a few particularly noteworthy updates from 2024 that are critical to review.
FDIC Advertising Rule
The Federal Deposit Insurance Corp. kicked off 2024 when it published a final rule in the Federal Register to amend its regulations that govern the use of the official FDIC logo and banks' advertising statements "to reflect how depositors conduct business with [banks] today, including through digital and mobile channels."[1]
The final rule also sought to clarify "the FDIC's regulations regarding misrepresentations of deposit insurance coverage by addressing specific scenarios where consumers may be misled as to whether they are conducting business with an [insured depository institution] and whether their funds are protected by federal deposit insurance." This final rule is important in the bank-fintech ecosystem because, as the FDIC acknowledges, consumers are more frequently using online and mobile options for accessing their money, and using financial technologies for alternative ways to access bank products and services. With this increased use of financial technology, the FDIC has expressed concern that consumers could be confused or even misled about the availability of FDIC insurance in certain contexts.
Thus, the final rule "requires clear disclosures that will better inform consumers as to when their funds are protected by FDIC deposit insurance."
Interagency Guide
In May, the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System and the FDIC published a guide titled "Third-Party Risk Management: A Guide for Community Banks."[2]
The purpose of the guide is to assist community banks in developing and implementing appropriate third-party risk management practices, and provide community banks with additional resources on third-party risk management. While generally applicable to all bank vendors, the guide is particularly important in the bank-fintech partnership context because third-party risk has been the gateway through which much guidance has been issued by the federal banking agencies on bank-fintech partnerships.
Interagency Statement
The federal banking agencies followed up shortly after publishing the guide by issuing an interagency statement on arrangements with third parties to provide deposit products to "note potential risks related to arrangements between banks and third parties to deliver bank deposit products and services to end users."[3]
The interagency statement does not change any established legal or regulatory requirements or establish new expectations, but rather it provides examples of practices banks implement to manage the risks — with a focus on operational, compliance and growth risks — associated with these arrangements.
As with previous guidance, the interagency statement reiterates that the federal banking agencies "support responsible innovation and support banks in pursuing third-party arrangements in a manner consistent with safe and sound practices and in compliance with applicable laws and regulations." Federal banking agencies appreciate that banks typically look to these arrangements in order to support revenue and deposit growth, expand geographic reach, or for other strategic objectives, such as leveraging new technology or offering innovative products and services.
However, the federal banking agencies are the first to remind banks that the "use of third parties to perform certain activities does not diminish its responsibility to comply with all applicable laws and regulations."
Importantly, the interagency statement calls out consumer protection laws, such as fair lending laws and prohibitions against unfair, deceptive, or abusive acts or practices, as well as laws addressing financial crimes like fraud and money laundering. Calling out specific laws and regulations in guidance typically follows experiences — i.e., supervisory issues — of the examination and enforcement staff of the agencies, and should be used as a tool for banks to learn from the shortcomings of others.
Interagency RFI
Third, also in July, the federal banking agencies published a request for information in the Federal Register seeking information and stakeholder perspectives on bank-fintech arrangements involving banking products and services.[4]
The agencies indicated that "supervisory experience has highlighted a range of risks with these bank-fintech arrangements," while reiterating the common refrain that "[t]he agencies support responsible innovation and support banks in pursuing bank-fintech arrangements in a manner consistent with safe and sound practices and applicable laws and regulations, including but not limited to, consumer protection requirements and those addressing financial crimes."
The request for information solicits input on the nature of bank-fintech arrangements, the benefits and risks, effective risk management practices, and the implications of bank-fintech arrangements, including "whether enhancements to existing supervisory guidance may be helpful in addressing risks associated with these arrangements." It will likely be the case that the responses to this request for information will inform future guidance and/or regulatory enhancements focused on specific risks in bank-fintech arrangements.
Takeaways
So, what do these 2024 developments mean for bank-fintech partnerships? It seems that there are several key takeaways.
First, the federal banking agencies clearly understand and acknowledge the growing ecosystem of bank-fintech partnerships, and the expanding suite of products and services being offered through these arrangements.
Second, the federal banking agencies will continue to apply enhanced scrutiny to bank-fintech arrangements to ensure safe and sound operations and compliance by all parties with applicable laws and regulations. We expect to see this enhanced scrutiny applied especially in the context of consumer protection and the offering of novel products or services.
Finally, these developments indicate that there is more to come and that there is a real opportunity for the bank and fintech ecosystem to play a meaningful role in the evolving regulatory framework.
Perhaps the following quote from Federal Reserve Board Gov. Michelle Bowman from a speech in June would be a very helpful posture for all the federal banking agencies to take moving forward:
Financial innovation must be a core regulatory priority, in the sense that we must devote regulatory and supervisory resources and attention to building a framework that permits responsible innovation to flourish. Our approach must shift from reactive to active and one that facilitates innovation. Regulators must also promote innovation through transparency and open communication, ideally demonstrating a willingness to engage during the development process and within a restricted environment for experimentation.
The use of financial technology to enhance customer acquisition, onboarding, relationship building and monitoring, among other uses, will only continue to grow. Technologies will get smarter, better, faster and stronger with respect to facilitating banking products and services in all facets of the industry.
The result is continued innovation, enhanced scrutiny, and an enduring regulatory commitment to identify and address risks in bank-fintech arrangements.
References
[2] https://www.occ.gov/news-issuances/bulletins/2024/bulletin-2024-11.html.
[3] https://www.federalreserve.gov/newsevents/pressreleases/bcreg20240725c.htm.
Reprinted with permission of Law360.