Dive Overview:
Evolve Bank & Trust was hit with enforcement action by the Federal Reserve on Friday for deficiencies in its anti-money laundering, risk management and consumer compliance programs.
An investigation last August found that West Memphis, Arkansas-based Evolve, the banking partner of the collapsed fintech middleware company Synapse, engaged in unsafe and sound banking practices with its fintech partners because it “did not have an effective risk management framework in place.” The Fed In an announcement on Friday.
The Fed noted that the enforcement action is unrelated to Synapse’s bankruptcy proceedings and instead requires Evolve to address potential compliance and fraud risks by increasing its oversight and monitoring of its relationships with fintechs, including through more stringent procedures regarding recordkeeping and consumer compliance programs, the Fed said. Arkansas Department of Banking.
Dive Insights:
Evolve is a banking-as-a-service provider that partners with fintech companies to Fintech companies provide these businesses with deposit accounts and payment processing services, which in turn provide end customers with access to banking products and services.
An Evolve spokesman said in an email that the order is “similar to those received by other companies in the industry” and will not affect the bank’s existing business, customers or deposits. Evolve “remains well capitalized” and the order reflects the bank’s agreement to “take certain steps to further enhance its compliance oversight and enterprise risk management capabilities.”
Under the 23-page cease and desist order, Evolve’s board is required to draft a plan to increase board oversight of the bank’s management and operations, compliance with Bank Secrecy Act/AML requirements and Office of Foreign Assets Control regulations.
The bank must also submit a plan to strengthen its risk management framework for its fintech alliances division, including policies and procedures for identifying risks associated with partners and programs, procedures for ensuring that staff have sufficient expertise and independence and that staffing levels are appropriate, procedures for promptly identifying and reporting risk exposures related to Evolve’s fintech alliances, programs or services, and measures to ensure that the bank’s board of directors provides written approval before Evolve undertakes new fintech alliances or adds products or programs with those partners.
Evolve has also been instructed to engage an independent third party to review its Fintech Partner Programme for compliance with consumer law and regulation, which will produce a report setting out its findings and recommendations.
Additionally, Evolve will be required to develop a written plan to improve its capital risk management, taking into account its fintech partnerships and activities. The plan should include measures to evaluate the bank’s capital adequacy and improve the bank’s capital planning framework to take into account its “high risk profile” and fintech partnerships, according to Tuesday’s order.
Evolve was also instructed to develop a plan to improve its liquidity risk management with respect to its fintech partners’ activities and “significant capital concentrations.”
The order included conditions requiring banks to improve their lending and credit risk management policies related to partnerships with fintechs, strengthen interest rate risk management practices, remediate IT and information security deficiencies, and enhance their internal audit programs.
The Fed said Evolve had failed to maintain a risk management program or controls sufficient to comply with AML and consumer protection laws. The order included several provisions requiring the bank to strengthen its BSA/AML compliance program and enhance its customer due diligence program.
“We are a leader in enterprise risk management, compliance, BSA/Acute myeloid leukemia “Divisions need to step up oversight and expand their risk frameworks,” an Evolve spokesman said on Friday.
Evolve joins a growing list of bank-as-a-service providers that have received orders requiring increased scrutiny of their partnerships with fintechs. Blue Ridge Bank, Cross River Bank and First Fed Bank have all been fined in the past two years as regulators pushed for increased scrutiny of their partnerships.
Lineage Bank, Piermont Bank and Sutton Bank have also been subject to consent orders over their relationships this year, with such orders becoming more frequent.
