An Updated SoFi Crypto Disclosure
Plus: First Horizon gets straight to the point, an interesting Metropolitan Commercial Bank BaaS disclosure, and Nelnet Bank plans to expand its lending activities
As previously discussed on this blog and elsewhere, the securities filings of SoFi Technologies, Inc. have in prior periods disclosed that, as a condition to SoFi acquiring Golden Pacific Bank and thereby becoming a bank holding company, SoFi will eventually be required to cease certain of its cryptocurrency activities.
For example, in its most recent 10-Q, SoFi disclosed:
[…] SoFi Bank’s activities with respect to digital assets may be restricted. The conditional approval of the bank charter by the OCC was conditioned on SoFi Bank not engaging in any crypto-related activities or services unless it has received a prior written determination of no supervisory objection from the OCC. In addition, in connection with our approval as a bank holding company, the Federal Reserve determined that SoFi Digital Assets, LLC is engaged in certain crypto-related activities that the Federal Reserve has not found to be permissible for a bank holding company under the Bank Holding Company Act and Regulation Y. However, Section 4(a)(2) of the Bank Holding Company Act permits us to continue our current digital assets related offering for a two-year conformance period from the date we became a bank holding company, with the possibility for three one-year extensions, provided that we do not expand such activities, except as authorized by the Bank Holding Company Act and Regulation Y, or increase our established risk limits for total customer digital assets maintained in wallets that are accessible online, referred to as “hot wallets”, or held on our balance sheet.
Substantially the same disclosure appears in the 10-K filed by SoFi this afternoon, but with a new paragraph added about how SoFi’s efforts to find a path forward are going, and what the consequences might be if such a path cannot be found.
While we are engaging with the Federal Reserve to determine whether there is a path to conform our crypto-related activities to the requirements of the Bank Holding Company Act, there can be no assurance that such attempts will be successful or that we will receive any extensions from the Federal Reserve to continue our current crypto-related activities beyond the two-year conformance period from the date we became a bank holding company, and we may ultimately be forced to wind-down such activities in a short period of time. A wind-down of our crypto-related activities could result in the transfer of members’ positions to alternative custodians who may have inferior or more costly services. In addition, a wind-down could result in forced liquidations of our members’ positions during adverse market conditions, any of which could have a material adverse effect on our business, results of operations and reputation.
Elsewhere in a different risk factor, the company also provides a sort of non-update update on its correspondence with U.S. Senators (previously discussed here and here):
Even if we do not face regulatory action or penalties, we have in the past and may in the future face heightened scrutiny due to our cryptocurrency offerings. Although our cryptocurrency assets are held by third party custodians, we believe recent bankruptcies and financial distress among crypto asset market participants has led and may continue to lead to greater scrutiny of our cryptocurrency related services and could result in reputational harm. For example, on November 21, 2022, we received a letter from Senators on the Committee on Banking, Housing, and Urban Affairs regarding the activities of our digital asset exchange, SoFi Digital Assets, LLC. The letter inquired about certain crypto-related activities and concluded with various questions and requests to which we subsequently responded. While we believe our practices are consistent with applicable law and our commitment to our federal regulators, if we are not considered to be in compliance or we receive increased attention regarding SoFi Digital Assets, LLC, our reputation or business may be perceived differently by our members and our business may be harmed. In addition, in the future we may be subject to the risk of additional inquiries, legal proceedings and government investigations due to the public’s and regulators’ focus on cryptocurrency industry.
First Horizon
As already covered elsewhere today, the big news in the First Horizon 10-K filed this morning was the company’s announcement that it recently learned from its merger partner TD that their deal, first announced in February 2022 and for which the outside date has already been extended once to May 27, may not gain regulatory approval by May 27, and that the parties may therefore need to agree on another extension.
Bloomberg quotes an analyst as saying, “Although we believe that this is simply a required regulatory disclosure … The likelihood of the deal not being completed has increased based on this disclosure.” TD reports earnings tomorrow morning and said today that it is still committed to the deal, so we may get more clarity soon.
For now, there were two other disclosures in the First Horizon 10-K that I thought were notable for putting things more plainly than is often the case for banks in their regulatory filings.
Cybersecurity
Many banks have added to their cybersecurity disclosures this year, mentioning among other things the banking regulators’ incident notification rule that took effect in 2022, the SEC’s proposed rules on cybersecurity risk management and the fact that, due to geopolitical and other circumstances, cyberattacks are likely to become increasingly more common.
What is different about First Horizon’s disclosure is that, getting straight to the point, they say that “the question is not whether we will experience a significant and costly incursion, but when.”
Iberiabank Merger Integration
Keeping with their straightforward approach, First Horizon also updated its risk factor regarding its 2020 Iberiabank acquisition to include a discussion of a previously delayed systems integration. The root cause of this delay had to do with severe weather, but First Horizon also notes frankly that the integration likely would have been easier if its merger partner had been smaller.
Metropolitan Commercial Bank Discusses its BaaS Offering
Metropolitan Bank Holding Corp. and its subsidiary Metropolitan Commercial Bank have been in the news recently for their decision in early 2023 to exit a crypto-asset related vertical. The latest 10-K includes a bit of discussion about that, but what I found more interesting as someone without much background about the company other than in relation to its crypto exit was what the 10-K had to say about Banking-as-a-Service.
For example, this new risk factor indicates BaaS is a bigger part of Metropolitan Commercial Bank’s business than I, a person with no background, would have guessed.1
We derive a percentage of our deposits from deposit accounts generated through our BaaS relationships.
Deposit accounts acquired through these relationships totaled $1.2 billion, or 23.5% of total deposits, at December 31, 2022. We provide oversight over these relationships, which must meet all internal and regulatory requirements. We may exit relationships where such requirements are not met or be required by our regulators to exit such relationships. Also, our partner(s) could terminate a relationship with us for many reasons, including being able to obtain better terms from another provider or dissatisfaction with the level or quality of our services. If a relationship were to be terminated, it could materially reduce our deposits and impact our liquidity. If we cannot replace such deposits, we may be required to seek alternative and potentially higher rate funding sources as compared to the existing relationship resulting in an increase in interest expense. We may also find it necessary to sell securities or other assets to meet funding needs, which could result in realized losses.
Elsewhere in the 10-K, another new risk factor discusses the issues that other banks with BaaS offerings have “allegedly” encountered.2
Regulatory scrutiny of BaaS solutions and related technology considerations has recently increased.
We provide global payments infrastructure access to our fintech partners, which includes serving as an issuing bank for third-party managed prepaid and debit card programs nationwide and providing other financial services infrastructure, including cash settlement and custodian deposit services. Recently, federal bank regulators have increasingly focused on the risks related to bank and fintech company partnerships, raising concerns regarding risk management, oversight, internal controls, information security, change management, and information technology operational resilience. This focus is demonstrated by recent regulatory enforcement actions against other banks that have allegedly not adequately addressed these concerns while growing their BaaS offerings. […]
Nelnet Bank Expanding Its Business Model
Nelnet Bank is a Utah ILC that opened for business a couple years ago. Its parent company is a student loan servicer, and as described in the company’s 10-K Nelnet Bank serves “a niche market.” Of the bank’s $419.8 million loan portfolio as of year-end 2022, $353.9 million were private education loans with the remaining $65.9 million consisting of FFELP loans.
Nelnet Bank offers student loan refinancing, but that business has been tough lately:
Currently, Nelnet Bank offers refinance private education loan options to borrowers that have higher priced private education and/or federal student loan debt and in-school private education loans to students attending higher education institutions. The recent increase of interest rates has negatively impacted and will continue to negatively impact the origination of refinanced private education loans.
Perhaps relatedly, Nelnet then in the next sentence states that the bank plans to expand its lending activity in 2023:
Nelnet Bank plans to begin offering unsecured consumer loans, primarily refinance loans, in 2023 for consumers to consolidate credit card and other general-purpose debt as well as financing home improvements.
Sometimes an expansion in business model by a de novo requires prior regulatory approval, but I think this may have already been in the business plan. Expansion to this sort of consumer lending is consistent with what the FDIC said about Nelnet Bank when it approved the bank’s deposit insurance application in 2020, and is also consistent with the draft CRA strategic plan filed by Nelnet in late December 2022.
Thanks for reading! Thoughts, challenges, criticisms are always welcome at bankregblog@gmail.com
The emphasis added in bold to this disclosure and the next one is emphasis that I have added.
I’ve cut the rest of the risk factor for space, but it also includes a reference to the previously disclosed Federal Reserve Board/NYDFS investigation into a prepaid debit card program, for which the company reserved $35 million in Q4 2022.