Regulatory Tracker

Regulatory Tracker — Page 7 of 7

Archive of enforcement actions, consent orders, and supervisory guidance impacting the BaaS and embedded finance ecosystem.

Subscribe to alerts
NYDFS

Unknown Sponsor Bank

Legislation/Disclosure Law

New York enacted S.B. 5470, a TILA-like disclosure law for commercial financing that explicitly applies to fintech platforms using bank partner arrangements. Civil penalties up to $10,000 per willful violation are enforceable by the NY Department of Financial Services.

CFPB

The CFPB fined Santander $4.75 million in December 2020 for inaccurate auto loan data reporting under the Fair Credit Reporting Act. The action was not BaaS-related but involved consumer lending compliance.

FDIC

The FDIC finalized a new brokered deposits rule on December 15, 2020, that excluded certain fintech-bank arrangements from brokered deposit restrictions. The rule was supportive of BaaS partnerships rather than punitive.

FinCEN

FinCEN issued guidance in December 2020 encouraging broader use of Section 314(b) voluntary information sharing among financial institutions for AML/CTF purposes. The guidance emphasized legal protections and benefits, potentially encompassing fintech entities in partnership with banks.

OCC

Citibank, N.A.

Consent Order

The OCC issued a consent order against Citibank, N.A. in October 2020 addressing deficiencies in risk management, internal controls, and data governance that led to violations of law. No suspension was imposed but corrective actions were required.

CFPB

The CFPB issued a consent order against Washington Federal, N.A. in October 2020. The specific details of violations are not fully described in the source data but the action is documented in official CFPB records.

FinCEN

FinCEN issued a final rule extending BSA/AML, CIP, and beneficial ownership requirements to approximately 567 banks lacking federal functional regulators. The rule became effective November 16, 2020, with a compliance deadline of March 15, 2021.

FCA

Unknown Sponsor Bank

Finalised Guidance

The FCA published finalised guidance FG20/3 on branch and ATM closures or conversions, setting expectations for how firms should manage access to banking services.

FDIC

The FDIC issued a request for information under its FDiTech initiative to reduce regulatory uncertainty for community banks partnering with fintechs. The RFI proposed a standards-setting organization and voluntary certification program for fintech partners.

OCC

The OCC proposed a rule in July 2020 clarifying the 'true lender' doctrine in bank-fintech lending partnerships. The rule aimed to provide uniform standards on whether the bank or its non-bank partner is the true lender of a loan.

NYDFS

First American Title Insurance Company

Statement of Charges and Notice of Hearing

The New York Department of Financial Services filed a Statement of Charges against First American Title Insurance Co. in its first enforcement action under the state's cybersecurity regulation (23 NYCRR 500). The action addressed cybersecurity deficiencies at the company.

FCA

The UK FCA issued finalised guidance in July 2020 for payment institutions and electronic money institutions on safeguarding customer funds during the COVID-19 pandemic. The guidance focused on prudential risk management to prevent insolvency harm.

NYDFS

NYDFS issued a consent order against Industrial Bank of Korea for BSA/AML and recordkeeping violations, imposing a $35 million penalty. The action was not fintech-specific but reflects heightened regulatory scrutiny of bank compliance programs.

Showing 145158 of 158