Mark Westmoreland, Eric Reusch, and Jason P. Boova
Say hello to your new regulator: the Office of the Comptroller of the Currency (OCC). At least that's what some financial technology (FinTech) companies are starting to consider in light of the OCC's introduction of a national charter for non-bank financial institutions. The OCC plans to use its authority to grant special purpose national bank charters to companies that conduct at least one core banking function.
The charter has the potential to address the longstanding uncertainty of regulatory authority for the FinTech space, but opens the door to a host of new questions and considerations.
The OCC issued a white paper describing the plan in December, was receiving comments in January, and is now expected to finalize the charter regime in the coming months. Special purpose national bank charters would be applicable to FinTech companies conducting one or more of three core banking functions: receiving deposits, paying checks, and lending money The special purpose charter could be appealing to many FinTech companies since the OCC's preemption authority would allow them to conduct business activities such as lending on a national basis, without the need to account for the differences in many state-specific lending laws. Additionally, the charter itself does not require any company to accept deposits but does present this as an option
As the OCC notes in its paper, the most common type of special purpose charters issued in the past have been to trust banks and credit card banks. Any special purpose national bank would be subject to the same laws, regulations, examination, reporting requirements, and ongoing supervision as other national banks, the regulator says.
Regulatory Compliance Management
By their nature as startups, many founding teams follow the entrepreneurial pattern of building a product or service, gaining traction, and worrying about compliance later. History has shown this can be a dangerous choice. Compliance issues with a regulator can be an extinction-level risk for early-stage companies. Regulatory compliance and working relationships with the regulatory community are truly sine qua non for financial services industry participants of all shapes and sizes, regardless of business model. Compliance is neither a waste of time nor money, two precious resources. Rather, it is a foundation for future success.
Under the new charter, the OCC would expect a FinTech national bank to maintain a compliance management system that is appropriate for its size, risk, and complexity- just like a traditional bank. Generally, the Consumer Financial Protection Bureau (CFPB) currently maintains federal supervision and enforcement authority over non-depository lenders. FinTechs considering the special purpose charter should already have developed and staffed a compliance management program for applicable federal regulations, even if they are licensed on a state-by-state basis, given the possibility of examination by the CFPB. This should also include a program and governance structure for Bank Secrecy Act/Anti-Money Laundering (BSA/AML) and Office of Foreign Assets Control (OFAC) requirements.
Regardless of which agency performs regulatory oversight, FinTech companies should formally include, at a minimum, the following components in any compliance management system:
• policies and procedures;
• monitoring and testing;
• risk assessment;
• change management processes, for both regulatory changes and product/business changes;
• compliance training;
• corrective action processes;
• third-party oversight; and
• complaint handling and response processes.
Additionally, chartered FinTech companies would be expected to instill a culture of compliance at the board level and throughout the organization. Combining the cultural component with the fully developed, risk-appropriate functions noted above would aid FinTech companies in meeting the examination and supervision requirements of any of the prudential regulators.
The Traditional Role of the OCC and Prudential Regulators
It's important to understand that the traditional role of the OCC in its supervision mission is to ensure the safety and soundness of the national bank system. In practical terms, supervision by the OCC entails both safety and soundness and regulatory compliance components, meaning FinTech companies choosing this path need to be prepared for the rigors of a CAMELS-based (for Capital Adequacy, Asset Quality, Management, Earnings, Liquidity, and Sensitivity to Interest Rate Risk) examination process. This includes how FinTechs are funded, the cost of those funds, asset allocation and sale strategies, capital management, earnings potential (in particular in a changing rate environment), and how the company is managed by its executives. These factors would be assessed in addition to compliance with all applicable federal regulations, such as BSA, Equal Credit Opportunity Act, Fair Credit Reporting Act, Servicemembers Civil Relief Act, and others.
FinTechs that choose the special purpose national bank charter open themselves to supervision from other prudential regulators that may have oversight of a FinTech chartered as a special purpose. As the OCC notes in its paper, all national banks are required to be members of the Federal Reserve System. In terms of supervision this could result in examinations of a holding company of a FinTech special purpose national bank (should requirements of the Bank Holding Company Act apply), in addition to the examination of the organization that received the charter. This could impact how a FinTech special purpose national bank is structured, managed, and ultimately assessed. Similar to the OCC, the Fed's primary mission in supervision is to maintain the safety and soundness of the national bank system.
Ultimately, any FinTech company must weigh both the benefits and drawbacks of a special purpose national charter. Each individual organization must ask broadly whether the certainty of regulatory authority and the potential mitigation of some state requirements and examinations are worth the additional federal scrutiny and oversight regarding the company's day-to-day management and operation.
In its paper the OCC states that it intends to consider adapting capital requirements for a FinTech special purpose national bank, rather than using the standards set forth for traditional national banks. No matter the requirements, the OCC will analyze the strength of capital by assessing that individual bank as well as its impact on the overall banking system. Essentially the OCC will consider the risk and complexity of both on- and off-balance sheet activities when considering capital levels.
FinTech companies, by and large, do not hold assets on their balance sheet at anywhere near the same amount or duration that a traditional bank does. For example, the "marketplace lending" ecosystem relies heavily on secondary market activities including whole loan sales, forward flow arrangements, and asset-backed securitization. Since the OCC will consider off balance sheet activities when assessing capital, it is possible that capital requirements for a FinTech chartered national bank could be higher than the minimum standards for a traditional bank. This raises key questions for a FinTech considering the charter:
• Are we large enough to shoulder the capital burden?
• Can we raise capital to meet the expected requirements?
• Do we need to adjust business activities to account for increased capital levels?
The answers to these questions are inherently complex and in all likelihood will act as a filter for many FinTechs considering the charter.
The OCC delivered on its promise to provide a national charter to the FinTech community. The prospect of nationally streamlined supervision and regulatory oversight is an appealing offer and may provide the incentive for many to adopt the charter. Even so, the federal compliance and governance obligations that come along with the charter, regarding capital requirements, on- and off- balance sheet activities, and corporate structure, are all items that must be carefully discussed and evaluated internally before deciding to apply for the charter.
View as PDF
Treliant Risk Advisors
, Compliance, Risk Management, and Strategic Advisors to the Financial Services Industry, brings to you New Coordinates, a quarterly newsletter offering insights and information regarding pertinent issues affecting the financial services industry. This article appeared in its entirety in the Outlook 2017 issue. To subscribe to our quarterly newsletter, please Contact Us.