Photo of Sarah Hanna

Sarah is an associate in the firm’s Corporate practice. She works with public and private companies on a wide range of corporate matters, including equity and debt offerings, SEC reporting, corporate governance, and financial services matters.

The Federal Deposit Insurance Corporation (FDIC) recently announced a consent order with Tennessee-based Lineage Bank containing orders relating to the bank’s third-party risk management program and its financial technology (fintech) partners.

In June, the Consumer Financial Protection Bureau’s (CFPB) Office of Competition and Innovation and Office of Markets issued an analysis of deposit insurance coverage on funds stored through popular payment companies, finding that such funds are often not stored in an account at a bank or credit union and thus lack individual insurance coverage. As a result, such funds can be at risk of loss in the event of financial distress or failure of the entity operating the nonbank payment platform.

On June 6, the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, and Office of the Comptroller of the Currency (collectively, the agencies) issued guidance to banking organizations on managing the risks associated with third party relationships. This final guidance reflects the 82 comment letters the agencies received from banking organizations, financial technology (fintech) companies and other third party providers on the proposed guidance released in July 2021 and replaces each agency’s existing guidance to ensure consistency in supervisory enforcement. While the agencies acknowledge that “[t]he use of third parties can offer banking organizations significant benefits, such as quicker and more efficient access to technologies, human capital, delivery channels, products, services, and markets,” they caution that the use of third parties “does not remove the need for sound risk management.” The agencies emphasize, however, that supervisory guidance does not have the force and effect of law and does not impose any new requirements on banking organizations.