OCC remains focused on bank/fintech partnerships | Ballard Spahr LLP


Since the start of Michael Hsu’s tenure as Acting Comptroller of the Currency, banking/fintech partnerships have been a focus of the OCC. Although bank lending partnerships with fintechs continue to capture the OCC’s attention, recent remarks from OCC officials indicate that the OCC’s scrutiny is now also directed at partnerships outside of the OCC. lending area.

In yesterday’s remarks At the Clearinghouse and Banking Policy Institute’s annual conference, Acting Comptroller Hsu discussed the growth of “banking as a service (BaaS)”, i.e. agreements in which a non-bank offers banking services to its customers as a means of adding value to its products and services. He observed that “[d]Digitization has emphasized online and mobile engagement, customer acquisition, personalization, big data, fraud detection, artificial intelligence, machine learning and cloud management” and that “these activities require expertise and economies of scale that most banks do not have. Noting that BaaS is not a problem limited to large banks, he said banks and fintechs, “in an effort to provide a ‘seamless’ customer experience, are partnering up in ways that make it more difficult for customers and regulators, and the industry to distinguish where banking stops and technology business begins.

Hsu said he was very concerned about the security and robustness implications of these developments. He referred to oversight concerns raised during Banking Technology Reviews, saying that a majority of them relate to “fundamental elements of risk management, e.g. board oversight, governance and internal controls” and that common issues involve insufficient information security controls, change management issues, especially with emerging products and services, and IT operational resilience. Hsu also raised concerns about unknown risks or “unpleasant surprises” arising from deals between banks and fintechs. He said that to mitigate this risk, the OCC is currently working on a process to subdivide bank-fintech deals into cohorts with similar security and soundness risk profiles and attributes. This approach should enable the CCO to focus more clearly on risks and risk management expectations.

According to a report by Law360, another OCC official who spoke at the annual conference also expressed concerns about bank/fintech partnerships. Kevin Greenfield, the OCC’s assistant supervisor for operational risks, has reportedly warned banks that they can be held liable for harm to customers resulting from fintech partnerships, such as violations of consumer protection laws and unfair practices. and misleading. He advised banks to closely monitor risk and compliance in these partnerships. Regarding lending partnerships, Mr Greenfield reportedly said that a bank’s responsibility to comply with consumer protection laws “does not disappear if [customers] click on a fintech application or if they enter the bank branch to obtain this loan” and that “[i]it is [the bank’s] charter granting this loan, [the bank needs to] understand what the risks are and how it works, because ultimately it will go back to [the bank] who provided the credit.

We think it should be noted that neither Mr. Hsu nor Mr. Greenfield mentioned concerns about a bank using its charter to avoid state interest rate limits on a partner. non-banking.

[View source.]


About Author

Comments are closed.