Charlottesville, Virginia-based Blue Ridge Bank has agreed to bolster its anti-money laundering program and improve its oversight of fintech partners in response to concerns from federal regulators.
An agreement with the Office of the Comptroller of the Currency, whose concerns helped scuttle a previously planned merger, would require Blue Ridge to make several improvements to “manage the risks posed by” its fintech partnerships, the bank said Thursday in a securities filing.
The agreement, which took effect Monday, requires the bank to get a non-objection from the OCC before it signs any contracts with new fintech partners or adds new products with its existing partners.
The bank said in the filing that it “continues to cooperate with the OCC, and to work to bring the Bank’s fintech policies, procedures and operations into conformity with OCC directives.”
“The Bank’s board of directors and management are committed to fully addressing the provisions of the Agreement within the required timeframes, and believe the Bank has made progress in addressing the requirements to date,” the bank stated.
Blue Ridge CEO Brian Plum declined to comment further. An OCC spokesperson also declined to comment, saying the agency does not comment on specific banks or enforcement actions.
The bank’s securities filing did not detail the OCC’s specific concerns, but Blue Ridge has faced scrutiny from consumer advocates over an income-share agreement product that it has offered to students. Critics say the product could lead to abuses.
Under the income share agreements, which the bank has financed with the fintech MentorWorks, students get financing that they agree to repay with a portion of their future income.
Last year, Blue Ridge Bank’s parent company said that the OCC had raised “certain regulatory concerns” that were delaying its merger with another Virginia bank, FVCBankcorp. The two banks called off the deal in January.
Several parts of the OCC enforcement action revolve around improvements to how Blue Ridge complies with the Bank Secrecy Act. The agreement requires the bank to “adopt, implement and adhere to an effective written” Bank Secrecy Act risk program that also covers any activities that its fintech partners conduct, according to the securities filing.
The bank also must develop a new Bank Secrecy Act audit program with an “expanded scope” that covers its fintech partners, and it must ensure that its Bank Secrecy Act department is “appropriately staffed with personnel that have requisite expertise, training, skills and authority,” according to its filing.
Bank officials said they agreed to submit an “action plan” to the OCC, explaining how Blue Ridge will improve its monitoring of suspicious activity, including “high risk customer activity involving the Bank’s third-party fintech partners.”
The regulatory agreement did not say whether Blue Ridge will face any monetary penalties.