Cadwalader Logo Cabinet News & Views - Informed analysis for the financial services industry
Banking Agencies Finalize Interagency Guidance on Third-Party Risk Management 
Profile photo of contributor Daniel Meade
Partner | Financial Regulation

On June 6, the three Federal bank regulatory agencies (the Federal Reserve Board (“FRB”), Federal Deposit Insurance Corporation (“FDIC”) and Office of the Comptroller of the Currency (“OCC”)), issued final interagency guidance on risk management associated with third-party relationships (the “Guidance”). The Guidance is effective immediately. 

The Guidance replaces and supersedes each agency’s existing third-party guidance “and promotes consistency in the agencies’ supervisory approaches toward third-party risk management,” and incorporates changes based on comments on the July 2021 proposed guidance.

In comparison to the July 2021 proposed guidance, the Guidance emphasizes a tailored approach to third-party risk management and a banking organization’s size, level of risk, complexity, and the nature of risks presented by each third-party relationship. In reviewing each banking organization’s third-party risk management risk framework, the agencies stated that they would also be instituting similar tailoring. 

The Guidance also explicitly notes the benefits and risks in bank-fintech partnerships. The Guidance especially noted the heightened risk that may be present in arrangements where the fintech interacts directly with the end customer.

FRB Governor Michelle Bowman was the sole dissenting vote on issuing the guidance at the FRB. In her statement, Gov. Bowman stated that she did not think the Guidance went far enough in mitigating regulatory burden on smaller institutions, calling it “a troubling pattern of the agencies' deviation from the risk-based, tailored approach to supervising and regulating banks.”    


June 8, 2023
© 2024 | Notices | Manage Subscription | Contacts