On September 8, 2025, the Office of the Comptroller of the Currency ("OCC") released a press release and two bulletins aimed at curbing so-called debanking activities, and reminding banks of their obligations to protect customer financial records. These actions from the OCC seem to closely follow Executive Order 14331, "Guaranteeing Fair Banking for All Americans" issued on August 8.
In OCC Bulletin 2025-22, the OCC announced that the OCC would consider improper debanking activities in licensing applications, as well as in a bank's Community Reinvestment Act performance evaluation. The order takes the definition of politicized or unlawful banking from EO 14331, which "refers to an act by a bank, savings association, credit union, or other financial services provider to directly or indirectly adversely restrict access to, or adversely modify the conditions of, accounts, loans, or other banking products or financial services of any customer or potential customer on the basis of the customer's or potential customer's political or religious beliefs, or on the basis of the customer's or potential customer's lawful business activities that the financial service provider disagrees with or disfavors for political reasons." As noted by a Congressional Research Service Report issued in January of this year, "[w]hether bank regulators are incentivizing de-risking to discriminate against certain types of businesses on ideological grounds or banks are unable to properly manage risk in some areas and thus limit services to those companies is a debated question." The Bank Policy Institute noted last year that the banking industry's desire is generally to serve as many customers as possible and that much or purported debanking is really driven by outdated Bank Secrecy Act requirements and that Suspicious Activity Reporting ("SARs") and currency transaction reporting often lead to bank examiner pressure to list an account as "high risk" which brings additional compliance burden to the bank.
Banking institutions may be well served by being able to document past examiner influence on high risk accounts in order to answer questions that may now be raised in the licensing or CRA.
In OCC Bulletin 2025-23, the OCC reminds institutions that that they have legal obligations to protect the privacy of customer financial information under, among other requirements, the Right to Financial Privacy Act ("RFPA"). The Bulleting notes that "[s]pecifically, a financial institution generally may not release a customer's financial records unless the government authority certifies in writing that it has complied with its obligations under the RFPA. To secure those records, the government authority must obtain one of the following: (1) an authorization by the customer, (2) an administrative subpoena or summons, (3) a search warrant, (4) a judicial subpoena, or (5) a formal written request from a government agency if no administrative summons or subpoena authority is available." The Bulletin also suggested possible adjustments to institutions' approach to filing SARs and suggested that "[a] bank should only submit a voluntary SAR where it identifies concrete suspicious activity, such as activity that could form the basis for filing a SAR except that it is under the applicable threshold."
The two bulletins together show that the OCC is taking the messaging from the President seriously, and banks may have to make some adjustments in their risk management approach to help defend against accusations that any account closures are politically motivated.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
