1. The Four Banking Regulatory Frameworks Every Institution Must Satisfy
Bank regulatory compliance spans four frameworks that generate the most examination findings under current regulatory standards. The table below maps each to its primary regulator, covered institutions, and key compliance obligation.
| Regulatory Framework | Primary Regulator | Covered Institutions | Key Compliance Obligation |
|---|---|---|---|
| Capital Adequacy (Basel III/IV) | Federal Reserve; OCC; FDIC | All FDIC-insured depository institutions | Maintain minimum CET1, Tier 1, and Total Capital ratios; LCR and NSFR liquidity requirements |
| Consumer Protection | CFPB; state regulators | Banks with assets over $10 billion; all consumer lenders | UDAAP prohibitions; fair lending; Truth in Lending; RESPA; ECOA |
| Banking as a Service | OCC; FDIC; state banking regulators | Banks offering BaaS to fintech partners | Third-party risk management; partner bank due diligence; end-customer compliance |
| SIFI Enhanced Standards | Federal Reserve | Bank holding companies with assets over $100 billion | Living will; capital surcharge; enhanced liquidity; single-counterparty credit limits |
Banking and finance and financial regulatory counsel can evaluate the federal and state regulatory obligations applicable to the institution, assess whether the compliance program satisfies current examination priorities, and advise on the most effective integrated banking regulatory strategy.
Federal Vs. State Charters and Basel Iv Capital Adequacy Requirements
The charter choice determines which regulator examines the bank and which preemption doctrines apply to state consumer laws. Basel IV's revised capital and liquidity standards add a separate layer of obligations every institution must now plan for regardless of charter type.
What Are the Key Differences between a Federal and State Banking Charter?
A national bank chartered by the OCC benefits from National Bank Act preemption of most state consumer protection laws and is examined exclusively by the OCC, while a state-chartered member bank is examined by both its state regulator and the Federal Reserve and is subject to state consumer laws in each state where it lends. The charter choice affects permissible activities, examination authority, and whether the institution must comply with state-specific interest rate caps and disclosure requirements stricter than federal standards.
Bank laws and banking laws counsel can advise on the regulatory advantages of the institution's charter, assess whether a charter conversion would reduce regulatory burden or expand permissible activities, and develop the charter selection or conversion strategy.
What Do Basel Iv Capital Requirements Mean for U.S. Banks?
Basel IV, finalized as the Basel III Endgame rule, replaces internal models for credit and operational risk with standardized approaches, and the Federal Reserve and OCC estimate this will increase aggregate capital requirements for the largest U.S. .anks by approximately nine to nineteen percent when fully phased in. The rule applies to banks and bank holding companies with assets of one hundred billion dollars or more and eliminates the internal model shortcuts that larger banks previously used to reduce their stated capital requirements.
Financial institutions and financial services regulatory counsel can advise on Basel IV requirements applicable to the institution's risk profile, assess whether capital ratios satisfy current thresholds, and develop the capital planning and Basel compliance strategy.
2. Banking As a Service, Fintech Partnerships, and Cfpb Enforcement
Banking as a service has created a new regulatory risk category for banks that partner with fintechs under the bank's charter. The CFPB's supervisory authority and expanded enforcement agenda make consumer compliance the highest-priority regulatory issue for institutions above the ten-billion-dollar threshold.
What Regulatory Risks Does a Banking As a Service Partnership Create for the Sponsor Bank?
A banking as a service arrangement creates regulatory risk for the sponsor bank because the OCC and FDIC hold the bank responsible for all compliance obligations attached to products delivered under its charter, including BSA/AML, fair lending, and UDAAP, regardless of whether those obligations are violated by the fintech partner. OCC third-party risk management guidance requires sponsor banks to conduct pre-engagement due diligence on the fintech's compliance program, include audit and examination rights in the partnership agreement, and terminate the relationship if required standards are not maintained.
Fintech and consumer financial protection bureau counsel can advise on the compliance obligations in a BaaS arrangement, assess whether the program satisfies OCC and FDIC third-party risk management guidance, and develop the BaaS documentation and monitoring strategy.
How Does the Cfpb Conduct Supervisory Examinations and Enforce Consumer Protection Laws?
The CFPB has examination authority over banks with assets exceeding ten billion dollars and identifies unfair, deceptive, or abusive acts or practices subject to civil money penalties of up to one million dollars per day per violation. A bank receiving a supervisory letter identifying deficiencies typically has sixty to ninety days to remediate, and failure to do so can result in a consent order requiring consumer restitution and civil penalties that in recent enforcement actions have reached hundreds of millions of dollars.
Dodd-Frank and consumer protection counsel can advise on CFPB examination and enforcement procedures, assess whether the consumer compliance program satisfies current supervisory priorities, and develop the examination preparation and enforcement defense strategy.
3. Stress Testing, Liquidity Risk Management, and Sifi Enhanced Standards
Stress testing and liquidity risk management are the Federal Reserve oversight mechanisms most likely to produce enforcement actions for larger bank holding companies. The SIFI designation under Dodd-Frank Section 165 imposes an additional tier of enhanced prudential standards on the largest institutions.
What Are the Federal Reserve'S Stress Testing Requirements for Large Bank Holding Companies?
The Federal Reserve requires bank holding companies with assets of one hundred billion dollars or more to demonstrate through annual stress testing that they can maintain minimum capital ratios under a severely adverse scenario projected over a nine-quarter horizon. The stress capital buffer framework sets each institution's effective minimum CET1 ratio for the year, and a failure to maintain the required buffer triggers automatic restrictions on dividends and share repurchases.
AML compliance and SEC compliance counsel can advise on Federal Reserve stress testing requirements, assess whether the liquidity risk framework satisfies LCR and NSFR standards, and develop the stress testing and liquidity compliance strategy.
What Enhanced Prudential Standards Apply to Systemically Important Financial Institutions?
SIFIs under Dodd-Frank Section 165 are subject to a capital surcharge of one to three and a half percent of risk-weighted assets, a resolution plan requirement, enhanced intraday liquidity monitoring, and single-counterparty credit limits of fifteen percent of Tier 1 capital. A failure to submit an acceptable resolution plan results in a deficiency finding and can require the institution to divest assets to reduce its systemic footprint.
Capital markets and financial services law counsel can advise on the enhanced prudential standards applicable to SIFIs, assess whether resolution planning and capital surcharge requirements satisfy Federal Reserve standards, and develop the SIFI compliance and resolution planning strategy.
26 Mar, 2026
