In recent advice, US regulators said they would monitor bank-fintech relations. The top US regulatorsthe Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currencyhave issued final guidelines to help banks manage third-party relationship risks.

Experts say regulators' emphasis on bank-fintech connections is the most notable aspect of the guidance. Over the past decade, non-bank fintech startups delivering innovative solutions alongside regulated financial institutions have grown rapidly. This includes Personal Capital, Lending Club, Kabbage, and Wealthfront. The expansion has pushed banks and regulators to debate how to manage fintech connections to comply with regulations and reduce risks. However, the agencies agreed that banks have flexibility in analyzing relationship risks.

Fintech-Bank Partnership Implications

Overview of New Guidance

Recent regulations have illuminated bank-fintech relations. This advisory discusses the benefits and hazards of the bank-fintech relationship. The regulatory agencies recognize that banks are forging new and unorthodox partnerships with fintech startups. These ties can benefit banks but also increase dangers.

Enhanced Supervision

The warning suggests regulatory monitoring would increase, especially for major companies and new fintech alliances. When these collaborations entail vital activities or services, the agencies will actively supervise them. This increased oversight helps banking risks and fintech firms manage collaboration risks.

Fintech Company Impact

Fintech companies that cooperate with banks or are considering doing so should be aware of the new regulations. Though aimed at banks, fintechs must anticipate that banks will use this framework for due diligence, contract negotiations, and continual monitoring. Fintech enterprises must navigate the legislation to meet their banking risks and partners' compliance and risk management standards.

Wide Range Relationships

The new criteria cover more bank-fintech relations than prior Federal Reserve recommendations, which focused on outsourcing with service providers. Previous guidance was more limited, but the new regulations cover bank-fintech partnerships. This larger scope ensures that more bank-fintech transactions are regulated, reflecting their expanding importance in the financial system.

Required Accreditation and Standardization

Despite the new recommendations, some industry participants say more is needed to codify and standardize banks' and fintech firms' relationships. To improve banking risks, a nationwide fintech accreditation system is proposed. This system would set explicit rules and procedures that satisfy regulatory expectations, ensuring fintech firms comply.

Risk Management Certification

A certification system for third-party partners and risk management compliance could streamline procurement and boost bank-fintech confidence. Standards bodies or self-regulatory organizations may issue this certification. It would reassure banks that their fintech partners follow risk management standards, aligning fintech operations with regulatory expectations.

Governance and Risk Management

The Joint Statement updates and extends third-party risk management guidance in the following areas:

Internal Controls of Organizational Structures

Banks need strong organizational structures and clear lines of accountability to address third-party risks. It can provide specialized teams or positions to manage third-party interactions. Your expertise and workforce should match the complexity and volume of third-party engagements. Internal controls and audits are essential to keep the operations running. Banking risks with comprehensive internal controls should monitor and manage third-party risks. Regular audits should ensure that these controls are working properly and that errors are addressed quickly.

Due Care and Risk Monitoring

The Joint Statement stresses the significance of proper third-party contact and due diligence before signing agreements. The third party's financial stability, operational competence, and regulatory compliance are assessed. Banks should also get into relevant contracts that explicitly state partnership conditions and expectations. Risk monitoring techniques are also needed to monitor third-party performance. Set up methods to track and review third-party actions regularly to ensure they meet standards and identify hazards.

Handling Compliance and Operations

Banking regs should understand their management information systems, including obligations and contractual reporting. These tools help banks manage third-party risk by monitoring contractual and regulatory compliance. Management information systems should deliver timely and reliable third-party performance and risk exposure data.

Emergency Plans Based on Risk

Another idea is to create and manage risk-based contingency plans. These plans should address third-party disruptions or failures. Contracts should describe banking risk measures in the case of third-party failure or other disruptions. Risk-based contingency plans help banks handle unanticipated challenges and continue operations.

Deposit Risks and Controls

Dual control systems, which separate roles and responsibilities, can help banks manage deposit risks. Deposit data should be verified to guarantee accuracy and integrity. Issue resolution methods should be established to resolve any discrepancies or difficulties. Banking regs must develop and implement third-party interaction policies, processes, and oversight systems to comply with consumer protection legislation.

Risk Management Strategies for Growth

Banks should limit concentration and diversify to manage growth, liquidity, and capital concerns. Concentration limits over-reliance on a single third party or service, while diversification mitigates failures. Effective liquidity risk management requires adequate money for operating and unanticipated needs. Banking regs should also have exit strategies for third-party relationships. Capital is needed to absorb losses and sustain financial stability.

Brokered Deposit Report

Banks should examine their third-party partnerships to find deposit brokers. Regulatory regulations require banking regs to record brokered deposits. Transparency lets regulators analyze deposit broker risks and protect banks against brokered deposit arrangements.

Dealing with Deposit Insurance Misrepresentations

Banks should establish third-party deposit policies to address deposit insurance misrepresentations. These banking risk policies should enforce deposit insurance requirements and avoid deception. Additionally, banks should implement monitoring and assessment provisions to evaluate these policies and practices. This protects consumers and ensures regulatory compliance while making deposit-related services and products more accessible and reliable.

Monitoring/Evaluation

Keeping deposit-related arrangements safe requires ongoing monitoring and review. Banks should regularly examine their policies for banking risks and processes to maintain efficacy and regulatory compliance. This includes monitoring third-party connections and making adjustments to handle risks and compliance issues.