Home/Cases/Community Banks / Credit Unions/Piermont Bank

Piermont Bank

New York City, NY 2020--2024 Community Banks / Credit Unions
FDIC NYDFS Bsa Aml Third Party Risk Unsafe Unsound Practices
Penalty
$0

Outcome

Piermont Bank entered a dual FDIC and NYDFS consent order in February 2024 for unsafe and unsound banking practices, including failure to maintain adequate BSA/AML controls and third-party fintech partner oversight, requiring a 35-page remediation plan covering suspicious activity lookbacks to 2020 and customer identification reviews to 2020.

Details

Piermont Bank — BSA/AML and Third-Party Fintech Risk (2024)

Outcome: Piermont Bank received dual consent orders from the FDIC and NYDFS in February 2024 for unsafe and unsound banking practices arising from its banking-as-a-service (BaaS) fintech partnerships, with no stated financial penalty but extensive remediation requirements.

Piermont Bank, a New York City-based community bank, engaged in what the FDIC characterized as "unsafe and unsound banking practices" by failing to maintain the internal controls, information systems, and oversight mechanisms appropriate for its size and the risk profile of its third-party fintech relationships. The FDIC's consent order (FDIC-23-0038b), dated February 26, 2024, ran 35 pages and addressed systematic deficiencies across BSA/AML compliance, customer identification program (CIP) completeness, third-party risk management, and board governance.

The core violations centered on the bank's failure to know the true identities of prepaid card customers acquired through fintech partners. The FDIC directed Piermont to collect all required customer identification information for prepaid card customers dating back to July 2020 — a nearly four-year lookback — and to review all electronic funds transfer dispute records since August 2020. The order also required review of all transactions since September 2022 to ensure suspicious activity had been properly identified and reported to FinCEN.

The bank's board was directed to increase active supervision of management, strengthen oversight of the bank's risk profile and third-party relationships, and ensure that board committee members possessed appropriate compliance expertise. Within 90 days, the bank was required to conduct a comprehensive data, document, and records review across all operations, bank activities, and fintech relationships. The New York Department of Financial Services issued a companion consent order on February 23, 2024, reflecting the dual-regulator nature of the enforcement.

Primary Source: NYDFS Consent Order — Piermont Bank (February 23, 2024)

How Crucible Prevents This

Crucible's pre-tool-check and session-init hooks would enforce third-party vendor due diligence review protocols. The instinct-observer hook would flag repeated edge cases in fintech partner transaction monitoring. A policy enforcement ceiling check would have flagged the gap between the bank's stated AML policy and its actual monitoring scope for prepaid card customers since 2020.

Source: NYDFS Consent Order — Piermont Bank (February 23, 2024)

Don't let this happen to your organization. See how Crucible works.

See How Crucible Works