Registry — Vantage Bank Texas (US) added to the registry
Enforcement — Fine issued against Dinosaur Merchant Bank Limited · FCA · Mar 24, 2026
Partnership — Paymentology Partners with Bank Zero for Digital Banking in South Africa · Apr 6, 2026
Product — efood Launches Embedded Lending for 21,000 Greek Restaurant Partners · Apr 5, 2026
M&A — Mercury Acquires AI Payroll Platform Central to Expand Financial Operations · Apr 6, 2026
Funding — Qover Raises $12M Growth Facility from CIBC Innovation Banking · Apr 5, 2026
Regulatory Tracker
Archive of enforcement actions, consent orders, and supervisory guidance impacting the BaaS and embedded finance ecosystem.
Subscribe to alertsThe OCC issued a consent order against Citibank, N.A. in October 2020 addressing deficiencies in risk management, internal controls, and data governance that led to violations of law. No suspension was imposed but corrective actions were required.
The CFPB issued a consent order against Washington Federal, N.A. in October 2020. The specific details of violations are not fully described in the source data but the action is documented in official CFPB records.
FinCEN issued a final rule extending BSA/AML, CIP, and beneficial ownership requirements to approximately 567 banks lacking federal functional regulators. The rule became effective November 16, 2020, with a compliance deadline of March 15, 2021.
The FCA published finalised guidance FG20/3 on branch and ATM closures or conversions, setting expectations for how firms should manage access to banking services.
The FDIC issued a request for information under its FDiTech initiative to reduce regulatory uncertainty for community banks partnering with fintechs. The RFI proposed a standards-setting organization and voluntary certification program for fintech partners.
The OCC proposed a rule in July 2020 clarifying the 'true lender' doctrine in bank-fintech lending partnerships. The rule aimed to provide uniform standards on whether the bank or its non-bank partner is the true lender of a loan.
The New York Department of Financial Services filed a Statement of Charges against First American Title Insurance Co. in its first enforcement action under the state's cybersecurity regulation (23 NYCRR 500). The action addressed cybersecurity deficiencies at the company.
The UK FCA issued finalised guidance in July 2020 for payment institutions and electronic money institutions on safeguarding customer funds during the COVID-19 pandemic. The guidance focused on prudential risk management to prevent insolvency harm.
NYDFS issued a consent order against Industrial Bank of Korea for BSA/AML and recordkeeping violations, imposing a $35 million penalty. The action was not fintech-specific but reflects heightened regulatory scrutiny of bank compliance programs.
The FDIC issued a proposed rule for consolidated supervision of ILC parent companies ('Covered Companies'), requiring written agreements on capital, liquidity, and risk management, with restrictions on affiliate service contracts.