FDIC Sets a New Standard for Custodial Account Reporting

Proposed Recordkeeping Rules Could Impact Fintech Partnerships and Third-Party Relationships

Digital channels such as websites and mobile apps have revolutionized how financial products and services reach consumers, offering greater convenience and choice. Nowadays, insured depository institutions (IDIs) commonly access deposits through innovative partnerships with third parties, including fintech firms. However, a recent fintech bankruptcy unveiled some inherent risks in these arrangements.

The FDIC has responded by proposing Part 375 – new rules pertaining to custodial deposit accounts with transactional features. The move is designed to strengthen FDIC Part 370, which facilitates prompt payment of insured deposits in the event that an IDI fails.

The Back Story

Synapse Financial Technologies, Inc. was a banking-as-a-service company that acted as a middleman between fintech startups and licensed banks. Its platform allowed fintech companies to offer banking services without holding banking licenses themselves. In many cases, it was advertised that consumers’ funds were FDIC insured.

However, when Synapse went bankrupt in April 2024, thousands of consumers were unable to access their funds placed at IDIs for several months while the IDIs attempted to determine ownership of the funds deposited by fintech companies. After the bankruptcy, IDIs encountered significant difficulties in obtaining, reviewing and reconciling Synapse’s records.

These circumstances raise questions about the completeness, accuracy and integrity of custodial deposit account records for other IDIs’ arrangements with third parties to deliver deposit products and services.

The Proposed Rule

The FDIC’s proposed rule introduces recordkeeping requirements for IDIs managing custodial deposit accounts with transactional features that meet specific requirements:

• the account is established for the benefit of beneficial owner(s);
• the account holds commingled deposits of multiple beneficial owners; and
• a beneficial owner may authorize or direct a transfer through the account holder.

Under the proposal, IDIs will be required to identify and maintain records of each beneficial owner, their respective balances and ownership categories. Records must adhere to a specific electronic format to facilitate the FDIC's access during deposit insurance determinations.

Appendix A to FDIC Part 375 outlines a standard electronic file format and data structure that IDIs must use to record information, including beneficial owners’ identities and the amount of funds attributable to each owner. If an IDI fails, the FDIC can quickly identify custodial account holders and facilitate deposit insurance payouts.

Sometimes IDIs hold funds in a custodial account where the beneficial owner (the person who actually owns the money) may differ from the account holder. Appendix B to FDIC Part 375 is a list of codes that define the ownership rights and capacities (ORCs) of individuals or entities holding funds in a custodial deposit account with transactional features. It details who owns the money in the account and in what capacity they hold it. These codes are used primarily for accurate recordkeeping when determining deposit insurance coverage in case of a bank failure and acts as a standardized way to categorize ownership types within these accounts. They are largely based on the existing ORC codes found in Part 370 of FDIC regulations, which covers standard deposit account recordkeeping.

IDIs can either maintain these records internally or delegate the task to third parties, such as vendors or service providers, under strict conditions. These conditions ensure IDIs have continuous access to the records, even during third-party disruptions such as insolvency, and include mandatory reconciliation and independent validation of records.

They must establish written policies, conduct periodic testing and submit annual certifications signed by senior officials, confirming compliance with the rule. Additionally, an annual report detailing material IT changes, account balances, beneficial owner data and testing results must be submitted to the FDIC and the institution's primary regulator.

The Scope

The proposed requirements apply to both existing and new custodial deposit accounts. Accounts where funds are merely returned to the owner or account holder without third-party transfers are excluded from the rule’s scope.

Further, the proposal exempts certain custodial deposit accounts from the new recordkeeping requirements even if they have transaction features including those:

• that hold only trust deposits
• established at an IDI by government depositors
• established by brokers or dealers under the Securities and Exchange Act of 1934, and investment advisers under the Investment Advisers Act of 1940
• established by attorneys or law firms on behalf of clients, commonly known as interest on lawyers trust accounts (IOLTA accounts)
• maintained in connection with employee benefit plans and retirement plans
• exempt accounts maintained by real estate brokers, real estate agents, title companies, and qualified intermediaries under the Internal Revenue Code
• maintained by a mortgage servicer in a custodial or other fiduciary capacity
• where Federal or State law prohibits the disclosure of the identities of the beneficial owners of the deposits
• accounts maintained pursuant to an agreement to allocate or distribute deposits among participating IDIs in a network for purposes other than payment transactions of customers of the IDI or participating IDIs (deposit placement or reciprocal networks)
• accounts holding security deposits tied to property owners for a homeownership, condominium, or other similar housing association governed by state law, and accounts holding security deposits tied to residential or commercial leasehold interests

Conclusion

The FDIC’s proposed rule is intended to enhance transparency and ensure accurate recordkeeping for bank deposits received from third parties. It seeks to address the risks related to these arrangements, protect depositors and promote public confidence in insured deposits. Moreover, it aims to ensure that IDIs know the real owner of deposits placed in a bank by a third party.

Going forward, IDIs will be scrutinized to ensure that they are complying with FDIC Part 375. Best practice is to ensure access to all third-party partners’ databases and implement rigorous systems and processes for maintaining, validating and reconciling account data.