FDIC Proposed Recordkeeping Rule for Custodial Deposit Accounts

FDIC Proposed Recordkeeping Rule for Custodial Deposit Accounts

Four Things Banks and Fintechs Need to Know

September 19, 2024, Covington Alert

On September 17, 2024, the Federal Deposit Insurance Corporation ("FDIC") Board of Directors approved a proposal that would impose recordkeeping and other compliance requirements on custodial deposit accounts with transactional features (the "Proposed Rule" or "Proposal"). The Proposed Rule is intended to ensure that an insured depository institution ("IDI") has updated and accurate records reflecting the beneficial owners and ownership interests in a custodial account held by the IDI.

The Proposal is the FDIC's reaction to recent developments involving banking-as-a-service ("BaaS") technologies and concerns that the increasing complexities of relationships between third parties and banks present unique challenges in resolving failed IDIs. In particular, the Proposed Rule is motivated by the concern that IDIs do not have up-to-date and accurate records of beneficial owners in custodial deposit accounts, thereby potentially preventing the FDIC from timely making deposit insurance determinations and paying deposit insurance claims in the event of an IDI's receivership.

If the Proposed Rule is adopted, IDIs would be subject to a new, bespoke compliance regime for custodial deposit accounts. The Proposal would apply to many different types of custodial deposit accounts, including accounts without any connection to fintech customers or BaaS technologies, and would require IDIs to adopt policies and procedures, file annual certifications of compliance from senior executive officers, and prepare and submit annual reports. While it is difficult to predict the Proposed Rule's impact if it is adopted, the Proposal could reduce the efficiencies gained in many bank-fintech deposit arrangements that help reduce the costs to banks in gathering deposits. This Proposal, coupled with the FDIC's proposed revisions to its brokered deposit rule, could put substantial pressure on the cost structures for bank-fintech partnerships.

The Proposal requests comment on all aspects of the Proposed Rule, and also includes requests for comments on specific aspects of the Proposal, including the definition of "custodial deposit accounts with transactional features," exemptions, recordkeeping requirements, and compliance requirements. Comments on the Proposed Rule are due within 60 days of its publication in the Federal Register.

Here are four things for banks and fintechs to know about the Proposed Rule:

1. The Proposed Rule's recordkeeping and other compliance requirements would apply to a "custodial deposit account with transactional features," subject to certain exemptions.

The Proposal would define the term "custodial deposit account with transactional features" as "a deposit account: (1) established for the benefit of beneficial owners; (2) in which the deposits of multiple beneficial owners are commingled; and (3) through which beneficial owner(s) may authorize or direct a transfer through the account holder from the custodial deposit account to a party other than the account holder or beneficial owner."[1]The FDIC noted that it only intends to apply the proposed recordkeeping requirements of the Proposal to custodial deposit accounts that are established and used in a manner that allows beneficial owners to direct a transfer of funds from the account to another party or account (e.g., to make purchases or pay bills), and not custodial deposit account arrangements for which IDIs merely return the funds held in the account to the account holder or beneficial owner.

The FDIC specifically notes that the term "custodial deposit account' may have different meanings in other banking contexts, but the Proposal is not intended to address or affect any requirements that apply in other contexts in which the term "custodial deposit account" is used.

Certain types of custodial accounts that satisfy the definition of a "custodial deposit account with transactional features" would be exempt from the Proposed Rule's requirements:

1. Accounts only holding trust deposits, as described in 12 C.F.R. §§ 330.10 or 330.12,
2. Accounts established by a government depositor;
3. Accounts established by or on behalf of one or more brokers, as defined in section 3(4) of the Securities and Exchange Act of 1934; dealers, as defined in section 3(5) of the Securities and Exchange Act of 1934; or investment advisers, as defined in section 202 of the Investment Advisers Act of 1940;
4. Accounts established by an attorney or law firm on behalf of clients, commonly known as an Interest on Lawyers Trust Accounts, or functionally equivalent accounts;
5. Accounts held in connection with an employee benefit plan or retirement plan described in 12 CFR 330.14;
6. Accounts maintained by real estate brokers, real estate agents, title companies, or qualified intermediaries under the Internal Revenue Code of 1986, in which funds from multiple clients are deposited and held in connection with a real estate transaction;
7. Accounts maintained by a mortgage servicer in a custodial or other fiduciary capacity;
8. Accounts where Federal or State law prohibits the disclosure of the identities of the beneficial owners of the deposits;
9. Accounts maintained pursuant to an agreement to allocate or distribute deposits among participating insured depository institutions in a network for purposes other than payment transactions of customers of the insured depository institution or participating insured depository institutions; and
10. Accounts exclusively holding security deposits tied to property owners for a homeownership, condominium, or other similar housing association governed by State law, or holding security deposits tied to residential or commercial leasehold interests.

Although there are 10 exceptions in all, the exceptions cover relatively narrow and isolated types of deposit accounts. Given that the definition of "custodial deposit account with transactional features" is broad, there are many types of custodial or third-party accounts that would be subject to the Proposed Rule.

2. An IDI would be required to maintain records in a standardized format and with certain data fields either in its own systems or through an arrangement with a third-party.

IDIs would be required to maintain records of beneficial ownership in custodial deposit accounts in a specified data format and layout that is described in Appendix A to the Proposed Rule. These records may be maintained by the IDI or "through a third party, including but not limited to any vendor, software provider, service provider, or similar entity in the business of maintaining or processing deposit transaction data…," including the account owner.

If the records are maintained by the IDI, the IDI would be required to implement internal controls "appropriate to its size and the nature, scope, and risk of its activities that include: (1) maintaining accurate balances of custodial deposit accounts with transactional features at the beneficial ownership level; and (2) conducting reconciliations against the beneficial ownership records no less frequently than at the close of business daily."

If the records are maintained by a third-party, such as the account holder, the IDI would be required to:

1. Have direct, continuous, and unrestricted access to the records in the data format specified in Appendix A to the Proposed Rule, maintained by the third party, including in the event of business interruption, insolvency, or bankruptcy of the third party;
2. Have continuity plans, including backup recordkeeping, and technical capabilities to ensure compliance with this section;
3. Implement appropriate internal controls to: (i) accurately determine the respective beneficial ownership interests associated with custodial deposit accounts with transactional features; and (ii) conduct reconciliations against the beneficial ownership records no less frequently than as of the close of business daily; and
4. Have a contractual arrangement with the third party that: (i) clearly defines roles and responsibilities for recordkeeping, including assigning to the institution the rights of the third party to access data held by other parties; (ii) requires the third party to implement appropriate internal controls as required under paragraph (c)(3); (iii) requires a periodic, but no less than annual, validation by a person independent of the third party to assess and verify that the third party is maintaining accurate and complete records consistent with the provisions in paragraphs (a)(2), (b), and (c)(3) of this section, with the results of the independent validation provided to the insured depository institution; and (iv) does not relieve the insured depository institution of its responsibility under the Proposed Rule.

3. The Proposed Rule would establish a bespoke compliance regime for custodial deposit accounts that are in scope.

All IDIs with even a single custodial deposit account with transactional features would be subject to a new compliance regime established in the Proposed Rule that includes:[2]

• Policies and Procedures - the IDI would be required to establish and maintain written policies and procedures to comply with the Proposed Rule's requirements.
• Annual Certification - the IDI would be required, within 1 year of the effective date of the rule being finalized and annually thereafter (or more frequently if directed by the FDIC), to complete a certification that includes: (1) confirmation that the IDI has implemented the recordkeeping requirements described in the Proposed Rule, and tested its implementation of such requirements during the preceding 12 months; (2) confirmation that the IDI is in compliance with the Proposed Rule's requirements, and (3) the signature of the chief executive officer, chief operating officer, or the highest-ranking official of the institution attesting to the accuracy of the certification, made after due inquiry.The IDI would be required to file the certification with the appropriate FDIC regional office and the IDI's primary federal banking agency.
• Annual Report - the IDI would be required, within 1 year of the effective date of the rule being finalized and annually thereafter (or more frequently if directed by the FDIC), to generate a report that contains the following: (1) a description of any material changes to the institution's information technology systems since the prior annual report that are relevant to compliance with the Proposed Rule, (2) a list of the account holders that maintain custodial deposit accounts with transactional features that are not exempt from the recordkeeping requirements of the rule, the total balance of those custodial deposit accounts, and the total number of beneficial owners; (3) results of the institution's periodic testing of its compliance with the recordkeeping requirements in the Proposed Rule, and (4) results of the independent validation of any records maintained by third parties required by paragraph (c)(4)(iii) of this section.The IDI would be required to file the report with the appropriate FDIC regional office and the IDI's primary federal banking agency.
• Enforcement - the Proposed Rule states that "violating the requirements set forth in [the Proposed Rule] constitutes a violation of a regulation and may subject the insured depository institution to enforcement actions under section 8 of the Federal Deposit Insurance Act (12 U.S.C. § 1818)."

4. The Proposed Rule's preamble and staff memorandum reference pass-through deposit insurance as an important consideration for custodial accounts but do not clarify the extent to which pass-through deposit insurance is dependent on an IDI's compliance with the Proposed Rule's requirements.

The Proposal notes that in order to accommodate the custodial deposit system, the FDIC makes available pass-through deposit insurance, which provides a mechanism for recognizing the owners of deposited funds and insuring their interests in the deposit to the same extent as if the owners had deposited the funds directly at the bank, provided certain conditions are met. The Proposed Rule does not state that an IDI is required to comply with its requirements in order for pass-through deposit insurance to be available, although it would be natural to assume this is the case.

* * *

For more information about the Proposed Rule, please contact the following members of Covington's financial services practice.

Public link

Please use the above public link if you want to share this noodl on another website.