Bank regulators vow more flexibility in vetting fintech partnerships

Register now

Officials of three federal bank regulatory agencies said Monday that they would be more flexible in applying third-party risk management guidance as more banks partner with fintech firms.

Senior leaders at the Federal Reserve, the Office of the Comptroller of the Currency and the Consumer Financial Protection Bureau, who all spoke at a banking conference in Orlando, Fla., said they have been working with examiners to be more understanding of the budding partnerships forming between banks and fintech firms — and how to examine those relationships going forward.

“We need to do a better job of educating our supervision staff, in some cases, in terms of interpretation of the guidance,” Dan Quan, who leads the CFPB’s Project Catalyst, said at the Consumer Bankers Association's annual conference. “There’s no such thing that’s called bright lines, so there’s a lot of flexibility, latitude that can be exercised.”

Kelvin Chen, who works on fintech issues for the Fed, agreed but also reminded bankers at the conference of the massive data breach at Target in 2013 that left banks on the hook.

“This isn’t meant to make people paranoid but it is an indication that I think both sides — regulators and the private sector — are sort of rethinking . . . what it means to be risky in a digital environment,” he said.

“Most of our guidance, particularly our third-party risk management guidance, really focuses on weighted risk,” he added. “That’s not always carried out that way by exam staff . . . so examiner education is a big part of this.”

An official from the Office of the Comptroller of the Currency said the agency would be meeting next week with interested parties to talk about regulators' third-party risk management guidance and fintech partnerships.

The meeting is “to get a better understanding if there are additional barriers or misunderstandings that we need to clarify about the guidance,” said Beth Knickerbocker, chief innovation officer at the OCC.

The OCC already issued a “frequently asked questions,” or FAQ, document in June to address some of the concerns banks were raising in partnering with fintech firms.

“There was a myth out there somehow that if you were engaging with a startup that the OCC’s guidance would not allow you to engage with a third-party startup. And that’s not the case at all,” Knickerbocker said. “We clarified that in our FAQs.”

The regulators on the panel also agreed that they were trying to coordinate more with each other so there is consistent interpretation of how partnerships between firms and banks are examined.

“One of the bigger changes from this year is just that if you touch one of us" — regulators — there’s a bigger likelihood that you will be having a meeting with some or all of us,” Chen said.

For reprint and licensing requests for this article, click here.
Fintech regulations Vendor management Risk management OCC Federal Reserve CFPB