On July 12, 2021, the Board of Governors of the Federal Reserve System (Board), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC) proposed interagency guidance on how banks should manage third-party relationships, including partnerships with fintech companies. The proposal would offer a framework for banks when developing risk management practices for their third-party relationships, taking into account the level of risk, complexity, size of the organization, and the nature of the third-party relationship.
Banks routinely partner with third-parties and fintech companies to offer an expanded array of innovative products and services. These third-party relationships allow banks to offer products or services that would otherwise be too difficult, cost-prohibitive, or time-consuming to develop internally. Partnerships with fintech companies can also allow banks to meet the banking needs of underbanked or underserved consumers. The proposed guidance identifies a number of such partnerships, including marketplace lending arrangements with nonbank entities, networking arrangements, merchant payment processing services, fraud detection services, anti-money laundering services, and data aggregation services.
The proposed guidance would broadly apply to all third-party relationships with a focus on those involving what the agencies consider “critical activities.” These activities include significant banking functions (e.g., payments, clearing, settlements, and custody), significant shared services (e.g., information technology) and other activities that could cause a bank to face significant risk or customer impacts.
The Board is seeking public comment on the guidance within 60 days of its publication in the Federal Register.