The federal bank regulatory agencies last last month released a guide intended to help community banks assess risks when considering relationships with financial technology (fintech) companies.
This guide, “Conducting Due Diligence On Financial Technology Companies,” is intended to be a resource for community banks when performing due diligence on prospective relationships with fintech companies.
It is available on the Federal Reserve, the FDIC and the Office of the Comptroller of the Currency websites.
Use of this guide is voluntary and it does not anticipate all types of third-party relationships and risks. Therefore, a community bank can tailor how it uses relevant information in the guide, based on its specific circumstances, the risks posed by each third-party relationship, and the related product, service or activity (herein, activities) offered by the fintech company.
While the guide is written from a community bank perspective, the fundamental concepts may be useful for banks of varying size and for other types of third-party relationships. Banks should reference federal banking agencies’ relevant guidance.
Community banks are entering into business arrangements with fintech companies to offer enhanced products and services to their customers, increase efficiency, and reduce internal costs. This guide is intended to serve as a resource for community banks when performing due diligence on prospective relationships with fintech companies.
Due diligence is an important component of an effective third-party risk management process. The guide covers six key areas of due diligence that community banks can consider when exploring arrangements with fintech companies: business experience and qualifications, financial condition, legal and regulatory compliance, risk management and control processes, information security, and operational resilience. The guide highlights practical sources of information that may be useful when evaluating fintech companies.