The Federal Reserve issued a cease-and-desist order against Evolve Bancorp and Evolve Bank & Trust on June 14, 2024 for deficiencies in AML/BSA compliance, OFAC compliance, risk management, and consumer protection related to its fintech partnerships, imposing a moratorium on new fintech partnerships and requiring an independent monitorship plan.

Evolve Bancorp / Evolve Bank & Trust — Federal Reserve AML and Fintech Risk Cease-and-Desist (2024)

Outcome: The Federal Reserve Board issued a cease-and-desist order on June 14, 2024 against West Memphis, Arkansas-based Evolve Bancorp, Inc. and Evolve Bank & Trust for unsafe and unsound practices in AML/BSA compliance, OFAC compliance, risk management, and consumer protection arising from its banking-as-a-service fintech partnerships, prohibiting new fintech partnerships without prior regulatory approval.

Evolve Bank & Trust had built one of the most extensive banking-as-a-service platforms in the country, serving as a partner bank for numerous fintech companies including the now-bankrupt middleware firm Synapse Financial Technologies. Federal Reserve examinations conducted in 2023 found that Evolve had engaged in unsafe and unsound banking practices by failing to implement an effective risk management framework for its fintech partnerships — a deficiency that had allowed AML and consumer compliance risks to accumulate unchecked.

The Federal Reserve's cease-and-desist order (issued June 14, 2024) identified four primary areas of deficiency: failure to maintain an effective AML program meeting BSA requirements, inadequate OFAC compliance controls, insufficient risk management for its fintech relationships, and failure to comply with consumer protection laws and regulations applicable to its partner-managed products. The bank did not maintain effective risk management or controls sufficient to comply with anti-money laundering laws and consumer protections despite its fintech business growing to encompass dozens of partner platforms.

The order imposed immediate operational restrictions, including a moratorium on Evolve establishing any new fintech partnerships, business lines, or products without prior written regulatory approval. Within 90 days, the bank's board was required to submit a written remediation plan to strengthen board oversight and ensure compliance with BSA/AML and OFAC regulations. The action was directly connected to the Synapse collapse — Synapse's bankruptcy trustee found that customers of Synapse's partner banks were owed between $65 million and $96 million more than was being held in partner bank accounts.

Primary Source: Federal Reserve Press Release — Evolve Bancorp Enforcement Action (June 14, 2024)