Overview
Last Friday, the Board of Governors of the Federal Reserve System and the Arkansas State Bank Department issued a cease-and-desist order to Evolve Bank & Trust (“Evolve”), one of the most active partner banks in the banking-as-a-service (“BaaS”) space. Similar in scope to the orders issued against other partner banks, the regulators cite insufficient risk management policies and procedures, deficiencies in Evolve’s BSA/AML and OFAC compliance, and concerns over staffing, training, and recordkeeping. Among other remedial measures, Evolve cannot add new partners without the regulators’ approval.
Synapse Bankruptcy. For months, moreover, Evolve and other banks, fintechs, and counsel (BFKN is currently representing a party in the case) have been involved in the Synapse Financial Technologies, Inc. (“Synapse”) bankruptcy. Synapse was a middleware provider that facilitated bank-fintech partnerships. There, the appointed bankruptcy trustee cited Evolve’s failure to reconcile program deposits due to a lack of understanding of Synapse’s ledgering system. Currently, an estimated $85 million in customer deposits (primarily at Evolve) cannot be reconciled.
Action items. The Synapse bankruptcy continues, and there is no end in sight to the fallout from failed partnerships, but banks and fintechs alike should heed this recent order. Specifically, banks should:
- Devote time to understanding the novel BSA risks partnerships present—who is responsible for customer due diligence (both initial and ongoing), how is transaction monitoring conducted, and how is information necessary for suspicious activity reporting collected and shared;
- Mind the ledger—understanding who keeps the ledger, using what software or tools, when the bank has access to the same, and how the parties will reconcile transactions and balances;
- Appreciate regulators’ renewed focus on third-party and fourth-party oversight—recognizing how service providers and subcontractors are used, overseen, and audited. This effort should include a careful review of the Evolve cease-and-desist order and any subsequent similar orders that are likely to be issued in the future;
- Document, test, and refine due diligence standards, compliance and operational policies, and related disclosures and agreements;
- Devote sufficient resources—be they outside professionals, internal hires, software, or other tools—to maintaining strong partnerships;
- Educate key internal stakeholders about the risks and controls your business will utilize;
- Always have contingency plans and exit strategies prepared and tested for partner transitions, exits, and cessations of business; and
- Communicate early and often with your partners.
We Can Help You
BFKN Financial Institutions Group attorneys have helped architect, negotiate, manage, and transition well over a hundred partnerships, including over seventy-five in the past year. Whether it's advising your institution about the risks and approaches inherent in partnerships, preparing program agreements designed to satisfy your regulators, protecting clients from failed partnerships by terminating relationships, pursuing recovery of program assets, and transitioning partners, or interfacing with your regulators and addressing the impact of partner problems, our multi-faceted team has the experience, knowledge, and insights to help protect your financial institution or fintech.