The Bancorp Steps up BSA Compliance Efforts, Following FDIC Consent Order (June 13, 2014)
The Bancorp Bank, a wholly owned subsidiary of The Bancorp Inc., this week revealed in an 8K filing with the SEC that it’s stepping up its Bank Secrecy Act (BSA) compliance efforts in accordance with an FDIC consent order that went into effect June 5. The bank, the sixth largest debit issuer in the U.S., took this action without admitting or denying any charges of unsafe or unsound banking practices or violations of law or regulation relating to weaknesses in its BSA compliance program, according to the filing.
The Bancorp’s President Frank Mastrangelo tells Paybefore that the FDIC’s consent order, resulting from a targeted year-end 2013 BSA exam for the agency’s largest and most complex financial institutions, “gives us a new perspective on where our BSA infrastructure has to be, given our size.” Although the consent order was recently announced, the bank has been working on its remediation efforts for six months.
The order requires the bank to take certain affirmative actions to comply with its BSA obligations:
- Appoint a qualified BSA/OFAC officer, revise the written BSA compliance program, and develop and implement additional policies and procedures for suspicious activity monitoring and reporting;
- Review and enhance customer due diligence and risk assessment processes;
- Review past account activity to determine whether suspicious activity was properly identified and reported;
- Strengthen internal controls, including augmenting board oversight regarding BSA activities, and establish an independent testing program and develop policies and procedures to govern staffing and training for BSA compliance.
Until the FDIC approves a BSA Report for which The Bancorp already has engaged a third party, the order restricts the bank from several activities aimed at reducing its BSA risk exposure: signing and boarding new ISOs (i.e., expanding merchant acquiring); originating ACH transactions for new merchant-related payments; and issuing new “non-benefit related” reloadable prepaid card programs.
Although the first two restricted activities represent an inconsequential part of The Bancorp’s payments-related business, the third restriction temporarily will limit the bank’s ability to support certain new GPR prepaid programs, excluding some payroll programs and all corporate-funded programs. “During this period, our growth in the GPR category will be organic, and we expect that growth to reflect the growth of the category in general,” adds Jeremy Kuiper, managing director of The Bancorp’s Payment Solutions group. “Our current clients’ existing programs will not be affected.”
Mastrangelo and Kuiper say they’re hopeful the restrictions will be removed during the first half of 2015.
Does the consent order have broader implications for issuers and the industry? Kuiper suggests the answer is yes: “[The consent order] shows that the bar for the infrastructure expectations to support third-party relationships continues to rise,” he says. “And, you can’t meet that expectation without being fully vested and having scale and revenue.”
Although the stock of the Wilmington, Del.-based bank took a drubbing following the release of its 8K filing, the bank indicates that business growth should cover the expense of new compliance measures, and the FDIC’s restriction on its ability to sign and board new business should not have a material impact on revenue.
The consent order is not expected to be available publicly until next month.
See related stories:
- Survey: AML, OFAC Compliance Costs Rising for FIs Worldwide
- FDIC Consent Orders for FCB, Achieve Card are ‘Wake-Up Call’ for Issuers on Third-Party Oversight
- Attention Banks and Vendors: Don’t Forget the Contract