Maryland Legal Alert for Financial Services

In This Issue

FDIC Action on FinTech Bank Partnerships

CFPB Releases 2024 Supervisory Highlights on Furnisher Deficiencies  

FinCEN Proposes Changes to Customer Identification Requirements  

FDIC Action on FinTech Bank Partnerships

On March 29, 2024, the Federal Deposit Insurance Corporation (FDIC) released two recent consent orders it entered with an Ohio bank and a New York bank, highlighting the obligation of banks to monitor their fintech partners for compliance with consumer protection requirements and applicable financial laws and regulations. 

In connection with the consent order involving the bank in New York, the FDIC determined that the bank violated the Bank Secrecy Act, the Electronic Funds Transfer Act and the Truth in Savings Act. As a result, the consent order required the bank to increase supervision of its third-party partners and their compliance with data collection and risk assessment rules, update its anti-money laundering program, and address consumer law violations, including those by third party fintech partners.   

In connection with the consent order involving the bank in Ohio, the FDIC targeted the bank’s prepaid credit card partnerships. Similar to the New York case, the order required this bank to update its anti-money laundering and anti-terrorist program to better monitor the bank’s third-party partners and to improve the detection and reporting of suspicious activity. 

Practice Pointer: With growing utilization of, and scrutiny on fintech partnerships, banks should evaluate these partnerships for compliance with consumer protection, data collection, and anti-money laundering laws. To prevent regulatory action, banks should update their internal protocols to ensure adequate supervision over these partners and continued compliance with applicable laws and regulations.  

For more information, contact Christopher R. Rahl or Natalie C. Gibson.

CONTACT CHRISTOPHER R. RAHL | 410-576-4222

CONTACT NATALIE C. GIBSON | 410-576-4029

CFPB Releases 2024 Supervisory Highlights on Furnisher Deficiencies  

The Consumer Financial Protection Bureau (CFPB) recently released its Spring 2024 “Supervisory Highlights”. This edition highlights several deficiencies by furnishers of credit data to credit reporting agencies (CRAs), including the failure to comply with provisions of the Fair Credit Reporting Act (FCRA) and its implementing of Regulation V. These deficiencies involve the accuracy of information furnished to CRAs, the duty to conduct reasonable investigations of direct disputes, the duty to notify CRAs of direct disputes and delinquent accounts, and the duty to obtain consumer consent prior to submitting identity theft reports.  Additional CFPB guidance concerning conducting investigations of consumer disputes is available here and here. 

The CFPB recommended that furnishers of consumer credit data update their policies to:

1. Ensure that CRAs are promptly notified of fraudulent accounts;
2. Address how furnishers will notify CRAs of direct disputes;
3. Enable reasonable investigations of direct disputes;
4. Ensure that furnishers accurately report dates of first delinquencies to CRAs; and
5. Ensure that information relating to identifying theft reports is furnished after the completion of an investigation

Additionally, the CFPB urged furnishers to review existing consumer accounts to ensure that reporting and dispute investigation have been compliant with the FCRA and Regulation V.  

Practice Pointer: Furnishers should review previous CFPB guidance on establishing reasonable policies and procedures regarding the accuracy and integrity of information, conducting investigations, and investigating disputes to ensure compliance with FCRA and Regulation V. 

For more information, contact Christopher R. Rahl or Tamia J. Morris.

Contact Christopher R. Rahl | 410-576-4222

Contact Tamia J. Morris | 410-576-4021

FinCEN Proposes Changes to Customer Identification Requirements  

On March 29, 2024, the Federal Crimes Enforcement Network (FinCEN), along with other federal agencies, issued a Notice and Request concerning a proposed amendment to the Customer Identification Program (CIP) Rule requiring banks to collect taxpayers’ identification number (TIN) information before opening any account – typically a Social Security number for U.S. citizens.  The proposed changes would adjust requirements of Section 326 of the USA PATRIOT Act (CIP Rule), which requires that each bank implement a written CIP containing identity verification procedures that enable the bank to reasonably identify its customers.  FinCEN and other agencies found the CIP Rule necessary to protect against money laundering and other illegal activities. The proposed change would allow banks to collect partial Social Security number information and then subsequently obtain the full Social Security number from a reputable third-party source.

FinCEN is inviting comments on the proposed change to evaluate and assess the potential risks and benefits associated with changing the CIP Rule, specifically for providers of buy-now, pay-later products that rely on bank partners.

FinCEN is accepting comments related to the Notice and Request until May 28, 2024. 

For more information, contact Christopher R. Rahl or Tamia J. Morris.

Contact Christopher R. Rahl | 410-576-4222

Contact Tamia J. Morris | 410-576-4021