Blue Ridge Bank
The OCC entered into a formal agreement with Blue Ridge Bancorp in 2022 requiring the bank to improve its BSA/AML compliance and third-party risk management programs. Under the agreement, Blue Ridge was required to obtain OCC non-objection before onboarding any new fintech partners or offering new products through existing third-party relationships. These restrictions remained in effect even after the bank completed a $150 million capital raise. The action reflects the OCC's concern with how sponsor banks manage compliance risks arising from fintech partnerships. As of early 2024, Blue Ridge continued to face these restrictions, highlighting the long-lasting impact of such enforcement actions on BaaS operations.
Verified from source: Blue Ridge Bank received an enforcement action (formal agreement) from the OCC in September 2022, requiring improvements to BSA/AML compliance and third-party risk management, and requiring OCC non-objection before onboarding new fintech partners or offering new products through existing third-party relationships.
- OCC non-objection requirements can effectively freeze a sponsor bank's ability to grow its BaaS business
- Capital adequacy alone is insufficient to resolve regulatory concerns about third-party risk management
- Long-duration restrictions signal that regulators expect sustained compliance improvements before allowing BaaS expansion
- BlogFintech Takes