Skip to Main Content

New Guidance for Banks Engaging with FinTechs

On August 27, 2021, the Board of Governors of the Federal Reserve, the Federal Deposit Insurance Corporation and the Office of the Comptroller of the Currency issued new guidance to community banks for conducting due diligence on financial technology companies (the Guide). The Guide comes while the regulators' new interagency guidance on managing risks in third party relationships (the Proposed Guidance) is still in its comment period. The Guide is consistent with the regulators' existing vendor management guidance as well as the Proposed Guidance. (To read more about the Proposed Guidance, see this recent Baker Donelson alert.) While the Guide is directed to community banks, the concepts and resources discussed are relevant to banks of all sizes.

The Guide sets out six nonexclusive areas of due diligence that community banks should consider when engaging with a financial technology company (FinTech), which are summarized below. It also provides direction on potential sources of information under each of the six steps and includes illustrative examples.

  1. Business Experience and Qualifications. Consider the FinTech's operational history, client references and complaints and legal or regulatory actions, business plans and strategies, as well as the experience and expertise of the company's executive leadership, directors and management.
  2. Financial Condition. Review the FinTech's financial reports, funding sources and market information.
  3. Legal and Regulatory Compliance. Ensure the FinTech's operations are compliant, responsibilities are clear and legal/regulatory obligations are addressed appropriately.
  4. Risk Management and Controls. Review the FinTech's policies and procedures governing the applicable activity, control/audit procedures, remedial requirements, staffing and training.
  5. Information Security. Evaluate the Fintech's information security measures to assess the integrity of their processes for handling sensitive information.
  6. Operational Resilience. Evaluate the FinTech's ability to continue operations through a disruption.

Given the regulators' recent and recurring emphasis on vendor management, the board of directors and senior management of all banking organizations should consider whether their vendor management policies and procedures comply with the Proposed Guidance and include the areas addressed in the Guide when engaging FinTechs.

If you have any questions, contact any member of Baker Donelson's Financial Services Team.

Subscribe to

Related Practice

Related Industry

Have Questions?
Let's Talk!

To discuss how this topic could affect
your company, click above to email us.

Email Disclaimer

NOTICE: The mailing of this email is not intended to create, and receipt of it does not constitute an attorney-client relationship. Anything that you send to anyone at our Firm will not be confidential or privileged unless we have agreed to represent you. If you send this email, you confirm that you have read and understand this notice.
Cancel Accept