On January 24, 2024, the OCC issued a Consent Order to Blue Ridge Bank, finding that the bank failed to establish and maintain a reasonably designed BSA/AML Program. Deficiencies include systemic internal controls breakdowns, weak independent testing, and insufficient BSA staffing, stemming from risk management challenges related to third-party fintech partners.
This enforcement action follows the OCC’s earlier 2022 Written Agreement with the bank, which we wrote about previously here.
Together, these enforcement actions provide the clearest picture of regulatory expectations that partner banks face when working with fintech partners, with BSA/AML compliance posing the greatest challenge.
We’ve provided two resources to help compliance teams respond to this latest action:
Notably, some of the key new or expanded requirements mentioned in the Consent Order include:
Cable's automated assurance, automated risk assessment, and Partner Hub tools enable compliance teams to efficiently manage third-party partner risks, ensure end-to-end BSA/AML compliance through layers of partners all the way to end user accounts, and demonstrate the effectiveness of their risk management to regulators.
Clearly, this action signals 2024 will be a year of strict regulatory scrutiny over the entire BaaS landscape. Evidencing effective risk management to regulators is non-negotiable for compliance teams, and only the companies who go all-in on their compliance capabilities will survive, thrive, and grow to become the dominant players in BaaS.
Get in touch today to learn how Cable is helping partner banks and fintechs alike succeed in today’s regulatory environment.
On January 24, 2024, the OCC issued a Consent Order to Blue Ridge Bank, finding that the bank failed to establish and maintain a reasonably designed BSA/AML Program. Deficiencies include systemic internal controls breakdowns, weak independent testing, and insufficient BSA staffing, stemming from risk management challenges related to third-party fintech partners.
This enforcement action follows the OCC’s earlier 2022 Written Agreement with the bank, which we wrote about previously here.
Together, these enforcement actions provide the clearest picture of regulatory expectations that partner banks face when working with fintech partners, with BSA/AML compliance posing the greatest challenge.
We’ve provided two resources to help compliance teams respond to this latest action:
Notably, some of the key new or expanded requirements mentioned in the Consent Order include:
Cable's automated assurance, automated risk assessment, and Partner Hub tools enable compliance teams to efficiently manage third-party partner risks, ensure end-to-end BSA/AML compliance through layers of partners all the way to end user accounts, and demonstrate the effectiveness of their risk management to regulators.
Clearly, this action signals 2024 will be a year of strict regulatory scrutiny over the entire BaaS landscape. Evidencing effective risk management to regulators is non-negotiable for compliance teams, and only the companies who go all-in on their compliance capabilities will survive, thrive, and grow to become the dominant players in BaaS.
Get in touch today to learn how Cable is helping partner banks and fintechs alike succeed in today’s regulatory environment.