Sunday, January 30, 2022

                                                                 Banking as a Service

Implications for Community Banks

Part Three Choose Your Partner Wisely

 


 

For a community bank that is considering developing banking as s service, there are several issues to consider.  While the overall public impression of banks and financial institutions took a major hit during the 2008 financial crisis, in large part, the damage was being slowly repaired.   However, it is obvious that the relationship between financial institutions and the public has changed forever.  Even before the coronavirus hit the economy, a broad wave of consumer distrust buffeted the banking industry's reputation.   Let's face it, the current times are not exactly the best for the image of banks.   In addition to the mortgage crisis, there have been several highly publicized scandals involving some of the larger and best-known banks. 

 

As pointed out in Bankshot[1] banking journal- “What’s at stake? Customers have more choice than ever when it comes to where they do their banking, including from an increasing array of fintech competitors with arguably less cultural and emotional baggage than the traditional banking industry.   Now, more than ever before, there are real alternatives to banking.   

 

The need for nontraditional banking services is one of the main drivers of the financial technical “fintech” industry.  Many bankers seem to understand that fintech companies present the possibilities for significant change in the industry.  According to a survey conducted by PWC:

 

  • FinTech is a driver of disruption in the market. Financial Institutions are increasingly likely to lose revenue to innovators, with 88% believing this already is occurring. The perceived business at risk trend has continued to rise, to 24% on average this year among all sectors.
  • Incumbents are becoming more aware of the disruptive nature of FinTech, shown well by the fact that, in 2017, 82% of North American participants believe that business is at risk, up from 69% in 2016. Insights from PwC’s DeNovo also indicate that 30% of consumers plan to increase usage of non-traditional Financial Services providers and only 39% plan to continue to use only traditional Financial Services provider.  In addition, asset backed lenders have largely increased their share of lending (the lending club and other peer-to- peer business).  
  •  

Fintech companies have been in the business of designing products that address some of the concerns raised by the unbanked or underbanked.  For example, speed of delivery, consideration of alternative means for credit underwriting and ease of delivery.

 

Despite the idea that fintech equals disruption, it doesn’t have to be a negative thing.  Disruption often results in improvement in efficient and better service.   In fact, there are several places where fintech companies and financial institutions, especially community banks have converging interests.

Community banks and credit unions have overall higher levels of trust and a better public image than their larger brethren.   Because community banks are smaller, they are nimbler and making changes to products lines can happen quickly and in response to customer needs.   The independent bankers association published the “Fintech strategy Roadmap in 2017” as a guide for the many opportunities that fintech companies can present.   A summary of these opportunities includes;  

    • Increased Operational Efficiency and Scale
    • Increased Access to Customers with a Younger Age Demographic
    • Increased Access to Loan Customers in New Markets
    • Enhanced Brand Reputation
    • Enhanced Customer Experience

 

Disruption is simply that- it doesn’t necessarily have to be a bad thing.   In fact, disruption can result in greater efficiencies and more effective.  Some good news, these companies have done all of the research and development work with venture capital funds!   They have worked out a lot of the bugs that are usually part of delivery of a new product.   Some more good news, these companies are burdened by a regulatory scheme that really limits them.  That is that they are considered MSB’s and must get state licenses to operate in each state.  Because of this, many FinTechs are looking for a partnership with a bank- in this way they get around the need for licenses.  

 

Successful collaboration means having a risk assessment, strategic plan and most importantly, strong vendor management.    The FDIC, the OCC and the FRB have all issued guidance on the proper way to administer vendor management.   While the published guidance from each of these regulators its own idiosyncrasies, there are clear basic themes that appear in each.   All of the guidance has similar statements that address the types of risk involved with third party relationships and all discuss steps for mitigating risks.  

 

One of the considerations that are necessary is about what level of due diligence is required for a third-party contract.  The level of due diligence is heavily impacted by determination of whether the activity being considered is a critical activity.  The OCC guidance defines a critical activity as:

      Critical activities—significant bank functions (e.g., payments, clearing, settlements, custody) or significant shared services (e.g., information technology), or other activities that could cause a bank to face significant risk if the third party fails to meet expectations;

      Could have significant customer impacts require significant investment in resources to implement the third-party relationship and manage the risk; 

      Could have a major impact on bank operations if the bank has to find an alternate third party or if the outsourced activity has to be brought in-house.[2]

 

 

 

 

The steps that are necessary for the proper engagement of a third party for a critical activity are discussed in each of the regulatory guidance documents that have been released.  The OCC bulletin provides the most comprehensive list that includes: 

 

 

      Relationship Plan:  Management should develop a full plan for the type of relationship it seeks to engage.  The plan should consider the overall potential risks, the manner in which the results will be monitored and a backup plan in case the vendor fails in its duties. 

      Due Diligence:   The bank should conduct a comprehensive search on the background  of the vendor, obtain references, information on its principals, financial condition and technical capabilities.   It is during this process that a financial institution can ask a vendor for copies of the results of independent audits of the vendor.    There has recently been a great deal of attention given to the due diligence process for vendors.  Several commenters and several banks have interpreted the guidance to require that bank research a vendor and all of its subcontractors in all cases.  We do not believe that this is the intention of the guidance.  It is not at all unusual for a third-party provider to use subcontractors.   We believe that a financial institution should get a full understanding of how the subcontracting process works and consider that as part of the due diligence, however, it impractical to expect a bank to research the backgrounds of all potential subcontractors before engaging a provider.  

      Risk Assessment:  Management should prepare a risk assessment based upon the specific information gathered for each potential vendor.  The risk assessment should compare the characteristics of the firms in a uniform manner that allows the Board to fully understand the risk associated with each vendor.  [3]

      Contract Negotiation:  The contract should include all of the details of the work to be performed and the expectations of management.  The contract should also include a system of reports that will allow the bank to monitor performance with the specifics of the contract.   Expectations such as compliance with applicable regulations must be spelled out.   

      Ongoing Monitoring:   Banks must develop a program for ongoing monitoring of the performance of the vendor.   We recommend that the monitoring program should include not only information provided by the vendor, but also internal monitoring including

      Customer complaints:  Customer complaints are a direct indication of issues or problems within a program or product offering.  A system that tracks complaints and their resolution is a critical component of evaluating the overall effectiveness of a program.

 

      Oversight and Evaluation:  There should be a fixed period for evaluating the overall success and efficacy of the vendor relationship.  The Board should, on a regular basis evaluate whether the relationship with the vendor is on balance a relationship with keeping.  

 


[2] OCC BULLETIN 2013-29

[3] Ibid. 

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)