The Office of the Comptroller of the Currency issued frequently asked questions on Wednesday to supplement a bulletin published in October 2013 regarding how financial institutions manage risk in relationships with third parties, with some implications for fintech firms that provide services for banks.
The 2013 bulletin defined a third-party relationship as any business arrangement between a bank and another entity. Increasingly, that includes fintech companies.
“Recently, many banks have developed relationships with financial technology (fintech) companies that involve some of these activities, including performing services or delivering products to a bank’s customer base,” OCC noted in the FAQs published Wednesday.
The FAQ makes clear that banks that do partner with fintechs are expected to include the provider in their risk management process.
Fintech firms that provide services to multiple financial institutions may have an opportunity to better serve those customers by helping them collaborate to meet their risk management obligations. The OCC stated in the FAQs that banks that use the same fintech provider for similar services “may collaborate to meet certain expectations, such as performing the due diligence, contract negotiation, and ongoing monitoring responsibilities.”