First Fed Bank must implement a sweeping set of actions to enhance its compliance management related to banking as a service practices, following a consent order from the Federal Deposit Insurance Corporation.
The FDIC hit the Port Angeles, Washington-based bank, a subsidiary of First Northwest Bancorp, with the order last week, alleging unsafe or unsound banking practices, primarily regarding a specific fintech relationship, the bank announced on Friday in a public filing. The action against First Fed marks the latest example of increasing scrutiny from federal regulators of banking as a service [BaaS].
"First Fed's leadership is committed to strengthening compliance controls and has invested significant resources into resolving the matter, including implementing substantial internal control improvements to prevent any similar future occurrences," the bank wrote in a prepared statement. "First Fed remains in full cooperation with the FDIC surrounding this matter. Our team is dedicated to serving the financial needs of our customers with integrity and excellence."
Details on the bank's assumed malpractice are sparse, but, per the order, the violation stemmed from products offered through fintech partner Quin Ventures, which First Fed established through a joint venture in 2021 to "develop a digital financial wellness platform." The bank wrote in a prepared statement that it self-reported "an issue" to the FDIC last year, and ended the partnership in 2022 and provided "full remediation for all affected customers."
The FDIC said the bank engaged in deceptive and unfair acts and practices by implying that certain credit products with non-optional debt cancellation features were unemployment insurance, and approving consumers who did not qualify for the debt cancellation feature, while misrepresenting the fees for those products.
First Fed, which has $2.1 billion of assets, also said that "the issue" was unrelated to its traditional banking customers and business, and announced it doesn't anticipate "material effect on earnings and capital" due to the consent order.
The FDIC declined to comment because it doesn't comment on enforcement actions. First Fed's CEO Matt Deines declined to comment further than the company's public statement.
As part of the consent order, the bank is required to obtain written non-objection from the FDIC before onboarding new fintech partners. It also has to review, revise, develop and/or implement policies, procedures and training to enhance compliance with consumer protection laws and complete regular internal reviews and independent audits.
Fintech partnerships have been part of the bank's strategy for several years. First Fed's parent company, First Northwest, has invested in several fintech-related funds, such as BankTech Ventures and JAM Fintop Blockchain. In 2022, First Fed also partnered with Torpago, a corporate credit card fintech, and partnered with Splash Financial to develop consumer loan products.
Regulator pressure on BaaS has
At the American Fintech Council's 2024 policy summit, banking-as-a-service was the talk of the town as experts shared how to avoid missteps in the business.
In June, the FDIC, the Federal Reserve and the Office of the Comptroller of the Currency
"The message to banks that are in this space is that if you want to be providing banking as a service, you need to have first-class compliance and risk management," Alt said. "That's a message the regulators have been communicating pretty consistently, this enforcement action just reinforces it."
Earlier this year, Cross River Bank, a major player in the BaaS space,
Arlen Gelbard, general counsel at Cross River,
"[First Fed's consent order] is not a mirror image, but I think what you're seeing is the FDIC thought process," Alt said. "Here's how these companies ought to be managing their risks and it's getting a little bit refined with each successive order, but it's settling into an approach."
