Reflecting expected heightened regulatory scrutiny of fintech-bank partnerships, the Federal Deposit Insurance Corporation (FDIC) issued a consent order for a bank that is deep in the bank-fintech sponsorship space over alleged "unsafe or unsound banking practices" relating to its compliance with fair lending laws and regulations. The bank often partners with fintech and digital asset companies to offer banking services to consumers. According to the FDIC, the bank allegedly failed to establish and maintain internal controls, information systems, and prudent underwriting practices, but the FDIC did not delve into the specific practices that caused it to issue the order.

Key Consent Order Requirements

Although the consent order does not detail the specific unsafe or unsound banking practices that the bank allegedly engaged in, the consent order details the remediation requirements that the bank must undertake to comply with the order. Among other things, the consent order requires the bank's board of directors to immediately increase supervision and direction of management and the internal controls and systems to ensure that the bank complies with applicable fair lending laws and regulations.

More specifically, the consent order also requires the bank to provide the FDIC with a list of all current credit products and all third-party partners that offer credit products. That list will be subject to the FDIC Regional Director's review and comment or non-objection. In addition, any new credit products or new third-party partners offering credit products will require notice to the FDIC Regional Director and the Director's non-objection prior to offering a new credit product. The consent order outlines specific requirements that must be included in the non-objection request, which include a third-party risk assessment, the proposed agreement with a third-party partner, and detailed descriptions of procedures and processes to ensure compliance with laws and regulations and monitoring and oversight of third parties.

The bank must also conduct an internal risk assessment of all of its credit products and third parties to identify fair lending risks, and any non-compliance with applicable fair lending laws and regulations. These internal assessments must also be supplemented by independent third-party assessments of the bank's fair lending resources and historical compliance with fair lending laws and regulations. The bank must use these assessments to develop a fair lending compliance plan and fair lending internal controls that, among other things, must include policies and procedures to address and mitigate previously identified risks.

In addition, the bank must develop internal controls to ensure third-party partners' compliance with fair lending laws. At a minimum, these must include policies and procedures to address corrective action that must be taken by the third parties for failure to comply with fair lending laws.

Key Takeaways

This consent order sits at the nexus of several areas that are of increased focus by the federal banking regulators.

Regulators are increasingly focused on bank and fintech partnerships, particularly with regard to banks exercising proper oversight over fintech partners. In September 2022, the Office of the Comptroller of the Currency undertook an enforcement action against another bank related to the bank's oversight of its fintech partnerships. Banks that partner with fintechs should ensure that they have proper controls in place to conduct appropriate due diligence, monitor their fintech partners, and take corrective actions if fintech partners do not comply with applicable law or contractual commitments. Similarly, fintechs that have or are considering partnerships with banks should be aware of the increasing scrutiny by federal regulators that may impact the relationship, particularly where the bank has a right to terminate the relationship at the direction of its regulators and where a bank must obtain regulator consents or approvals in connection with its partnerships.

In addition, federal regulators have been particularly focused on fair lending issues and creditors should ensure that they have proper fair lending compliance programs in place to comply with applicable fair lending laws.

Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Morrison & Foerster LLP. All rights reserved