- with readers working within the Aerospace & Defence and Banking & Credit industries
- within Law Department Performance topic(s)
On June 6, the three Federal bank regulatory agencies (the Federal Reserve Board ("FRB"), Federal Deposit Insurance Corporation ("FDIC") and Office of the Comptroller of the Currency ("OCC")), issued final interagency guidance on risk management associated with third-party relationships (the "Guidance"). The Guidance is effective immediately.
The Guidance replaces and supersedes each agency's existing third-party guidance "and promotes consistency in the agencies' supervisory approaches toward third-party risk management," and incorporates changes based on comments on the July 2021 proposed guidance.
In comparison to the July 2021 proposed guidance, the Guidance emphasizes a tailored approach to third-party risk management and a banking organization's size, level of risk, complexity, and the nature of risks presented by each third-party relationship. In reviewing each banking organization's third-party risk management risk framework, the agencies stated that they would also be instituting similar tailoring.
The Guidance also explicitly notes the benefits and risks in bank-fintech partnerships. The Guidance especially noted the heightened risk that may be present in arrangements where the fintech interacts directly with the end customer.
FRB Governor Michelle Bowman was the sole dissenting vote on issuing the guidance at the FRB. In her statement, Gov. Bowman stated that she did not think the Guidance went far enough in mitigating regulatory burden on smaller institutions, calling it "a troubling pattern of the agencies' deviation from the risk-based, tailored approach to supervising and regulating banks."
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
