Recordkeeping for Custodial Accounts

SUPPLEMENTARY INFORMATION:

Introduction

The business of deposit taking in the digital age has evolved, creating new opportunities for IDIs to gain access to deposits through third parties in increasingly complex relationships. This evolution has included the widespread use of digital channels, including websites and mobile applications, which created new opportunities and options to deliver financial products and services to consumers. However, it has also created risks for consumers, including confusion regarding the applicability and availability of deposit insurance to protect their money from loss.

Recent events have underscored issues that can be associated with some IDI arrangements with third parties to deliver IDI deposit products and services. For example, the bankruptcy of Synapse Financial Technologies, Inc. (Synapse), a technology company that worked with several IDIs and numerous financial technology (fintech) companies, has affected the ability of consumers to access funds placed at IDIs for a number of months, resulting in significant and ongoing harm to those consumers. In many cases, it was advertised that the funds were FDIC-insured, and consumers may have believed that their funds would remain safe and accessible due to representations made regarding placement of those funds in IDIs. Consumers have been unable to access their funds at IDIs for an extended period of time while the IDIs attempt to determine ownership of the funds deposited by fintechs. Since May 2024, the FDIC National Center for Consumer and Depositor Assistance has received more than a thousand inquiries, complaints, and concerns from consumers regarding the Synapse bankruptcy. Published reports further suggest that some of those consumers affected by the Synapse bankruptcy had placed the funds in accounts through a fintech that they used for day-to-day living expenses thereby intensifying the effect of their loss of access.

In the wake of Synapse's bankruptcy, including the fact that IDIs encountered significant difficulties in obtaining, reviewing, and reconciling Synapse's records, the FDIC believes these circumstances have raised concerns about the accuracy and integrity of those records. These circumstances also raise questions about the completeness, accuracy, and integrity of custodial deposit account records for other IDIs' arrangements with third parties to deliver deposit products and services.

Custodial deposit account records are critical when the FDIC makes deposit insurance determinations following the failure of an IDI that has custodial deposit account records. The FDIC generally relies upon a failed IDI's records to determine deposit insurance coverage, but in certain circumstances, the FDIC's regulations also provide for consideration of records of parties other than the failed IDI if such records are maintained in good faith and in the regular course of business. The events described above highlight substantial risks with respect to the FDIC fulfilling its statutory mandate to maintain public confidence in the banking system by ensuring the prompt and accurate payment of deposit insurance in the case of an IDI's failure. Specifically, if an IDI fails, and it has an arrangement with a third party where custodial deposit account recordkeeping is inadequate or unreliable, such a situation would impede the FDIC's ability to promptly make deposit insurance determinations for an IDI holding custodial deposit accounts, and if necessary, pay claims to depositors. The FDIC's mission is rooted in maintaining public confidence in the banking system, which heavily relies on the prompt and accurate payment of insured deposits. Any inaccuracies or discrepancies in the relevant records can delay a deposit insurance determination, leaving depositors in a state of uncertainty during a critical time.

In addition, recent events have exposed potential risks to current beneficial owners, including consumers, of deposits at IDIs, even in the absence of the failure of an IDI. These issues create uncertainty that could undermine the public confidence that underpins IDIs and our nation's broader financial system.

These events, along with the increased complexity of certain arrangements, demonstrate a need to strengthen IDIs' recordkeeping practices with respect to custodial deposit accounts, and in particular, those with transactional features. The FDIC believes that custodial deposit accounts with transactional features present unique challenges in resolving a failed IDI because making a deposit insurance determination requires the FDIC to not only gather and process records of beneficial ownership maintained by parties other than the failed IDI, but also to reconcile those records with a significant amount of payment activity taking place with respect to the accounts.

The FDIC neither prohibits nor discourages IDIs from providing banking services to customers of any specific class or type, as permitted by law or regulations. The FDIC notes that the Federal banking agencies have recently taken steps to address IDIs' management of the risks involved in arrangements with non-bank third parties, including fintech companies, as well as steps to address consumer confusion relating to the nature and application of deposit insurance coverage. In addition, the Federal banking agencies have addressed supervisory concerns, including concerns relating to consumer protection, at specific IDIs through enforcement actions. However, the FDIC believes rulemaking is also warranted to promote the prompt payment of deposit insurance in the event of the failure of an IDI holding custodial deposit accounts with transactional features.

The FDIC is accordingly seeking comment on all aspects of the proposed rule, including specific questions provided herein, that would strengthen IDIs' recordkeeping for custodial deposit accounts with transactional features. The proposed rule is also expected to result in depositor and consumer protection benefits even in the absence of the failure of an IDI.

Summary of Primary Provisions

The proposed rule would establish new recordkeeping requirements at IDIs for “custodial deposit accounts with transactional features,” subject to a list of specific exemptions. IDIs holding deposits within the scope of the proposed rule would be required to maintain records identifying the beneficial owners of those deposits, the balance attributable to each beneficial owner, and the ownership category in which the deposited funds are held. The IDI could maintain those records itself or, if certain additional requirements are satisfied, the IDI could maintain the records through an arrangement with a third party (which could include a vendor, processor, software or service provider, or a similar entity). The proposed rule provides a specific electronic file format for records on beneficial owners and their interests in the deposited funds. This standardized format would enable the FDIC to more quickly gather and use these records if a deposit insurance determination becomes necessary.

The proposed rule would provide that where IDIs choose to maintain the required records through a contractual relationship with a third party, additional requirements would need to be satisfied. These additional requirements are intended to promote the integrity of the records and ensure that the IDI has continued access to the records. Among other things, the IDI would be required to have direct, continuous, and unrestricted access to the records of the beneficial owners, including, but not limited to, in the event of the business interruption, insolvency, or bankruptcy of the third party. In addition, reconciliation of these records would be required, as would periodic validation of the third party's records by a person independent of the third party.

The proposal would require specific actions by IDIs to achieve and maintain compliance with the rule. IDIs that hold custodial deposit accounts with transactional features would be required to establish and maintain written policies and procedures to achieve compliance with the rule's requirements. IDIs would be required to complete an annual certification of compliance, signed by an executive officer, stating that the IDI has implemented and tested the recordkeeping requirements. IDIs would further be required to complete a report annually that (1) describes any material changes to their information technology systems relevant to compliance with the rule; (2) lists the account holders that maintain custodial deposit accounts with transactional features, the total balance of those custodial deposit accounts, and the total number of beneficial owners; (3) sets forth the results of the institution's testing of its recordkeeping requirements; and (4) provides the results of the required independent validation of any records maintained by third parties.

I. Background and Need for Rulemaking

FDIC, Its Mission, and Pass-Through Deposit Insurance

The FDIC is an independent Federal agency, and its mission is to maintain stability and public confidence in the nation's financial system by, among other things, insuring deposits at all IDIs. As of June 30, 2024, there are over 4,500 IDIs in the United States. Since 1933, the FDIC has taken action in accordance with its mission to restore public confidence in the banking system in times of financial turmoil. The FDIC has proactively sought to protect depositors and promote public confidence in insured deposits.

The FDIC only insures deposits of IDIs, and deposit insurance is only paid in the event of the failure of an IDI. Importantly, the FDIC's deposit insurance coverage does not provide consumers and businesses with general protection against the default, insolvency, or bankruptcy of any non-bank entities with which IDIs might do business, even if a non-bank entity has a relationship with, or deposits funds at, an IDI.

The FDIC has long recognized the significance of custodial deposit accounts in the banking system, and specifically accommodates these types of accounts in its deposit insurance regulations through the concept of pass-through deposit insurance. This concept, which dates back to the 1930s, provides a mechanism for recognizing the owners of deposited funds and insuring their interests in the deposit to the same extent as if the owners had deposited the funds directly at the bank, provided certain conditions are met. Under the pass-through insurance rules, the FDIC may rely on records of those other than a failed IDI to identify depositors and their insured deposits, if such records are maintained in good faith and in the regular course of business. If the regulatory pass-through insurance requirements are satisfied, each owner's interest in the deposit at the IDI is separately insured up to the statutory deposit insurance limit, currently $250,000 for deposits held in each deposit ownership category. If the pass-through insurance requirements are not satisfied, the deposit is insured to the person named on the IDI's records and aggregated with any other deposits that person holds at the same IDI in the same ownership category. The FDIC makes determinations with respect to pass-through deposit insurance coverage at the time an IDI fails.

Custodial Deposit Accounts and Technology Developments

Custodial deposit accounts have been a fixture of the U.S. banking system for decades. A “custodial deposit account” arrangement, for purposes of this proposal, is a relationship where one party is responsible for opening a deposit account at an IDI on behalf of others, who may own the funds but often lack a direct relationship with the bank. The term “custodial deposit account” may have different meanings in other banking contexts, and the FDIC does not intend to address or affect, through this rulemaking, any requirements that might apply in other contexts in which the term “custodial deposit account” is used.

Coupled with technology innovations and advancements, custodial deposit account arrangements have transformed the industry in many respects over the years, resulting in new business models for providing banking and financial services. For example, companies have been formed to meet the desire of investors to deposit their money at IDIs paying the highest interest rates on deposits. Other firms have been formed to meet the need of organizations and individuals to divide large deposits exceeding the statutory deposit insurance limit across multiple IDIs for the purpose of ensuring that the total is fully insured by the FDIC.

Custodial deposit accounts have also, in some cases, been utilized in the development of products intended to meet the needs of consumers. For example, prepaid cards and other similar products were developed to offer consumers new ways of accessing and spending money without maintaining a traditional deposit account at an IDI. Based on a national survey conducted by the FDIC in 2021, 6.9 percent of all households were using prepaid cards. The FDIC's experience is that prepaid cards generally utilize custodial deposit accounts at IDIs to hold consumers' funds until they are spent.

More recently, this evolution of banking and financial services has increasingly included non-bank fintech companies offering consumers new options and alternatives for accessing banking products and services. Increasingly many consumers are choosing to open deposit accounts indirectly through fintech companies, typically online or through mobile apps. FDIC survey results indicate that a significant number of consumers use non-bank ( e.g., fintech) online payment services to make purchases online and to send or receive money. Households also reported relying on this method to pay bills, make purchases in person, receive income or save or “keep money safe.” Nearly half of all households, or 46.4 percent, were using non-bank online payment services at the time of the survey. These fintech companies' accounts at IDIs frequently, though not always, depend upon custodial deposit accounts.

Alternatively, some IDIs are entering into and expanding business arrangements with fintech companies to deliver the IDI's deposit products and services. These arrangements can take many different forms, and they continue to evolve. For example, an IDI and a fintech company might enter into an arrangement where the fintech company offers the IDI's deposit products and services to the fintech company's customers. In other instances, fintech companies might simply deposit their customers' funds at an IDI. In such cases, the fintech company may open a custodial deposit account at an IDI as an agent or custodian. Fintech companies have sometimes represented to their customers that the customers' funds are FDIC-insured, or that they are insured by the FDIC on a “pass-through” basis.

Many custodial deposit account arrangements also increasingly rely on third parties that, depending on the context, might be referred to as, for example, “processors,” “middleware providers,” or “program managers,” to perform a range of critical functions. These third parties' functions have included accepting deposits, maintaining a transaction system of record, processing payments, performing regulatory compliance functions, providing customer-facing technology applications, servicing accounts, and directly interacting with customers. In this context, a customer may be a consumer or a business. Relationships between IDIs and these third parties can be quite complex. While this complexity can contribute to the development of novel and innovative products, in the absence of reliable recordkeeping this complexity adds to the operational challenges faced by the FDIC in the event of an IDI's failure, in particular when the FDIC is required to make deposit insurance determinations. Complex custodial deposit account arrangements also introduce significant potential for operational disruptions and other risks outside the context of an IDI's failure, as demonstrated by recent events.

Synapse Bankruptcy

Synapse was a so-called “middleware provider” for numerous fintech companies, meaning that its software bridged the information technology systems of fintech companies and IDIs. More specifically, Synapse provided application programming interfaces (APIs) and technological infrastructure that allowed businesses to integrate banking services into their own applications. This also included opening and managing deposit accounts, issuing debit and credit cards, and facilitating payments for customers. Synapse enabled fintech companies to quickly develop products and services that used deposit accounts at IDIs to hold customers' funds. Synapse had relationships with several IDIs. In these arrangements, fintech companies developed user interfaces and application logic, and importantly, maintained the ledgers of their customers, including the deposit amounts attributed to each individual customer.

Synapse filed for bankruptcy protection in late April 2024. The bankruptcy of Synapse resulted in severe hardship for consumers that is deeply troubling to the FDIC. In early May 2024, one of the IDIs that partnered with Synapse froze deposits that had been placed at the IDI through relationships with Synapse and the fintech companies that Synapse serviced. The IDI stated at the time that it froze the accounts because Synapse denied the IDI access to an essential system through which the IDI accessed information on end users, deposits, and transactions. As a result, consumers who had deposited funds through these fintech companies that partnered with Synapse were unable to access their funds held at the IDI.

The bankruptcy court appointed a trustee for Synapse on May 24, 2024, and both the bankruptcy court and the trustee have sought to facilitate the release of the fintech customers' funds that are being held at the IDIs as quickly as possible. Court filings state that the trustee had difficulty obtaining access to Synapse's data, due in part to Synapse's termination of its employees, including employees who held credentials necessary to access systems and databases where the relevant records were stored. Court filings also state that even after obtaining access to Synapse's data, the trustee and IDIs have experienced difficulties reviewing and reconciling this data against the IDIs' data. In addition, the trustee has indicated that the deposits at the IDIs appear to be insufficient to cover the amounts owed by the fintech companies to their customers. The trustee sent a letter to Federal banking regulators on June 20, 2024, seeking assistance in communicating with end users whose funds are affected by the Synapse bankruptcy, and noting that the bankruptcy's impact on end users of the fintechs has been devastating.

FDIC and Other Regulators' Responses

Synapse's bankruptcy illustrates a number of risks associated with these arrangements. While some of those issues fall outside the scope of this rulemaking, which is focused on strengthening IDIs' recordkeeping with respect to certain custodial deposit accounts, a brief discussion on regulatory responses to date provides helpful context and may serve as a reminder of regulators' broader efforts in this area.

Following the freeze of deposits at an IDI in the aftermath of the Synapse bankruptcy, many consumers have contacted the FDIC to ask questions, raise concerns, or seek the return of their funds, as evidenced by the more than 1,000 consumer inquiries that were referred to the FDIC since May 2024. It is clear that some consumers misunderstood the nature of the relationships they entered into, the nature of deposit insurance, or both.

Even prior to Synapse's bankruptcy, the FDIC has observed instances where consumers have been unable to access funds in custodial deposit accounts at IDIs. For example, in 2022, Voyager Digital claimed to hold customers' U.S. dollar funds at an IDI. Voyager falsely represented that customer funds held with Voyager were insured by the FDIC up to $250,000 in the event of Voyager's failure, not just the failure of the IDI where Voyager deposited customer funds. When Voyager declared bankruptcy in July 2022, many customers were unable to access the funds in their accounts for a period of time. This led to significant uncertainty and frustration for consumers who were unable to access the deposited funds, and underscored the importance of clear and accurate disclosures to consumers regarding deposit insurance coverage.

In recent years, the FDIC has observed an increasing number of instances where financial service providers, other entities, or individuals have engaged in false advertising or made misrepresentations about FDIC insurance coverage on the internet in violation of section 18(a)(4) of the Federal Deposit Insurance Act (FDI Act). For example, the FDIC has seen situations where companies in relationships with IDIs ( e.g., for the placement of customer deposits) have made false statements on the companies' websites stating or suggesting that the companies are FDIC-insured and/or that their uninsured financial products are insured by the FDIC. In other instances, companies have misused the FDIC logo or failed to identify an IDI with which they have a relationship. These types of misrepresentations and omissions would be false and misleading and have potential to harm consumers.

Consequently, the FDIC has proactively sought to protect depositors and consumers, promote public confidence in insured deposits, and prevent false and misleading representations about the manner and extent of FDIC deposit insurance. The FDIC has taken appropriate action when it becomes aware of prohibited conduct. For example, the FDIC has issued advisory letters pursuant to 12 CFR 328.106 in situations where the FDIC had reason to believe that these non-IDI third parties may be misusing an FDIC-Associated Image or FDIC-Associated Terms and/or making false or misleading representations regarding FDIC deposit insurance. In these actions, the FDIC requested appropriate corrective action to be taken so that consumers are not misled as to the non-IDI's insured status, or the extent or manner of deposit insurance offered to them.

The FDIC has taken other steps to address concerns that parties are misrepresenting the nature and extent of deposit insurance coverage. In December 2023, the FDIC issued a final rule on FDIC Official Signs and Advertising Requirements, False Advertising, Misrepresentation of Insured Status, and Misuse of the FDIC's Name or Logo (FDIC Signs and Misrepresentation Rule). This rule requires, among other things, disclosures differentiating deposits and non-deposit products and clarifies the FDIC's rules regarding misrepresentations of deposit insurance coverage to address specific scenarios where information provided to consumers may be misleading. For example, the rule clarifies that if a non- bank makes a statement regarding deposit insurance coverage, it is a material omission by the non-bank to fail to clearly and conspicuously disclose that it is not an IDI, and that FDIC insurance only covers the failure of the IDI. The FDIC has continued to engage with IDIs and others to help them understand their obligations under the FDIC Signs and Misrepresentation Rule.

The FDIC maintains public facing portals on its website where the public can submit questions or complaints to the FDIC about a number of topics. One portal, the FDIC Information and Support Center, allows the public to submit inquiries about deposit insurance coverage as well as complaints and inquiries about IDIs. A second portal, the FDIC Deposit Insurance Misrepresentation Form, provides an opportunity for the public to submit a complaint or concern regarding potential false statements about an entity or product claiming to be FDIC-insured or making false statements or casting doubt on whether FDIC insurance applies and is therefore paid in the event of an IDI failure.

In addition to communicating with IDIs and third parties regarding their FDIC Signs and Misrepresentation Rule obligations, the FDIC also conducts public outreach and education initiatives to promote public awareness of deposit insurance, including the launch of a national campaign entitled “Know Your Risk. Protect Your Money.” This consumer-focused campaign informs consumers on how deposit insurance protects their deposits in the event of an IDI's failure and features a piggy bank known as “Penny the Pig,” aimed at reaching people who have lower confidence in the U.S. banking system, the unbanked, and consumers who use mobile payment systems, alternative banking services and financial products that may appear to be FDIC-insured, but are not.

Another public education initiative is conducted through a publication entitled FDIC Consumer News, which is a series of monthly newsletters directed to the general public that provides practical guidance on how to become a smarter, safer user of financial services including helpful tips and common-sense strategies to protect consumer money. Through the various consumer news articles, the FDIC addresses consumer confusion related to digital banking, including regarding the emergence and use of third-party, non-bank apps. Some recent examples of the relevant articles include “Banking with Third Party Apps” (May 2024), which warns consumers of the risks in using non-bank companies for financial services; “Is My Money Insured by the FDIC?” (July 2023), which reminds consumers that FDIC deposit insurance does not apply if a non-bank company fails; “The Importance of Deposit Insurance and Understanding Your Coverage” (August 2022), which lists the top five things to know about deposit insurance coverage; “Banking with Apps” (November 2022), which provides an overview of the differences in deposit products offered by IDIs and non-bank companies; and “Is Digital Banking for Me?” (April 2020), which offers key considerations of using online and mobile banking technology. The FDIC will continue to consider further measures to address consumer confusion about deposit insurance coverage.

In addition, the FDIC and the other Federal banking agencies have recently published a number of issuances to IDIs concerning the risks involved in arrangements with non-bank third parties, including fintech companies. As recently explained in the Federal banking agencies' Joint Statement on Banks' Arrangements with Third Parties to Deliver Bank Deposit Products and Services, “the agencies have observed an evolution and expansion of these arrangements to include more complex arrangements that involve the reliance on third parties to deliver deposit products and services.” It also indicated that “[d]epending on the structure, third-party arrangements for the delivery of deposit products and services can involve elevated risk.” The Federal banking agencies also recently published a Request for Information soliciting input on the nature of bank-fintech arrangements, effective risk management practices regarding bank-fintech arrangements, and the implications of such arrangements, including whether enhancements to existing supervisory guidance might be helpful in addressing risk.

An IDI's use of a non-bank third party to perform activities related to its deposit-taking function does not diminish its responsibility to conduct those activities in a manner consistent with safe and sound practices and in compliance with applicable laws and regulations, including, but not limited to, those designed to protect consumers. As such, IDIs have also been subject to a number of consent orders and other actions by the Federal banking agencies related to these types of arrangements.

Need for Rulemaking

The FDIC neither prohibits nor discourages IDIs from providing banking services to customers of any specific class or type, as permitted by law or regulation. It has become apparent from the events described above that IDIs' recordkeeping practices should be enhanced with respect to certain custodial deposit account arrangements. The FDIC believes it would be beneficial to address these issues in a consistent manner across the industry through rulemaking, rather than rely solely on the supervisory and enforcement processes.

The events that occurred following Synapse's bankruptcy demonstrate the importance of strong recordkeeping practices in certain custodial account relationships. The trustee and IDIs encountered significant difficulties in obtaining, reviewing, and reconciling Synapse's records against the IDIs' records. While none of the IDIs that had business arrangements with Synapse have failed, the difficulties encountered by the parties obtaining, reviewing, and reconciling Synapse's records against the IDIs' records would likely also have hindered the FDIC's ability to make a prompt and accurate deposit insurance determination in the event one of the IDIs had failed. Depositors could have been affected by delays in obtaining their insured deposits, depending on the accuracy and completeness of account records and how long it would have taken to gather and review records.

Looking beyond the case of Synapse, these types of arrangements between IDIs and fintechs are becoming more prevalent in the market, and the FDIC believes the increased complexity of certain custodial deposit account arrangements warrants strengthened recordkeeping to support a prompt payment of deposit insurance in the event of an IDI's failure. Accurate and complete custodial deposit account records are absolutely critical in the event of an IDI's failure to ensure that the FDIC is able to make prompt and accurate payment of deposit insurance for all insured depositors. Prompt payment of deposit insurance is especially important where custodial deposit account arrangements are used to support day-to-day financial needs. For example, many consumers are increasingly choosing to open deposit accounts through fintech companies, typically online or though mobile apps. From a consumer's perspective, these fintechs offer financial services through such accounts that may resemble IDI deposit accounts, and consumers often rely on these accounts as substitutes for traditional demand deposit accounts. Specifically, consumers use these accounts to support the inflows and outflows of daily transactions and expenses, such as making purchases and sending or receiving money, including income. The transactional nature of these accounts, including high volumes of per customer transfers and digital payments, significantly increases the amount of activity compared to other types of custodial deposit accounts.

A lack of accurate and complete custodial deposit account records, as described in this proposal, would adversely affect the FDIC's ability to make a prompt and accurate deposit insurance determinations, and pay claims to depositors in the event of an IDI failure. In addition, these circumstances have exposed potential risks for current beneficial owners of deposits at IDIs, even in the absence of the failure of an IDI. These issues create uncertainty that undermines the confidence that underpins IDIs and our nation's broader financial system.

II. Legal Authority

The FDIC is authorized to prescribe rules and regulations as it may deem necessary to carry out the provisions of the FDI Act. The FDIC has previously used this authority to issue regulations providing specificity on deposit insurance coverage, including defining the recognized ownership categories and how deposit insurance is calculated. Under the FDI Act, the FDIC is responsible for paying deposit insurance “as soon as possible” following the failure of an IDI. To pay deposit insurance, the FDIC uses a failed IDI's records to aggregate the amounts of all deposits that are maintained by a depositor in the same right and capacity, and then applies the standard maximum deposit insurance amount of $250,000.

The FDIC generally relies upon a failed IDI's deposit account records to identify deposit owners and the right and capacity in which deposits are owned. In certain circumstances, if specific regulatory requirements are satisfied, the FDIC will consider the records of the depositor or another party when making a deposit insurance determination.

III. The Proposed Rule

Overview

The proposed rule would establish new recordkeeping requirements for IDIs with custodial deposit accounts with transactional features, subject to a list of defined exemptions. If IDIs hold custodial deposit accounts with transactional features that are subject to the rule, they would be required to maintain records identifying the beneficial owners of those deposits, the balance attributable to each beneficial owner, and the ownership category in which the deposited funds are held. The IDI could maintain those records itself or, if certain additional requirements are satisfied, the IDI could maintain the records through an arrangement with a third party (which could include a vendor, processor, software or service provider, or a similar entity). The proposed rule provides a specific electronic file format for records on beneficial owners and their interests in the deposited funds. This standardized format would enable the FDIC to more quickly gather and use these records when a deposit insurance determination becomes necessary.

For IDIs that choose to maintain the required records through a contractual relationship with a third party, certain additional requirements would need to be satisfied. These additional requirements are intended to promote the integrity of records and ensure that the IDI has continued access to the records. Among other things, the IDI would be required to have direct, continuous, and unrestricted access to the records of the beneficial owners, including in the event of the business interruption, insolvency, or bankruptcy of the third party. Reconciliation of these records would be required, as would periodic validation of the third party's records by a person independent of the third party.

The proposal also would require certain measures by IDIs to achieve and maintain compliance with the rule. IDIs that hold custodial deposit accounts with transactional features would be required to establish and maintain written policies and procedures to achieve compliance with the rule's requirements. IDIs would be required to complete an annual certification of compliance, signed by the chief executive officer, chief operating officer, or the highest-ranking official of the institution, stating that the IDI has implemented and tested the recordkeeping requirements. IDIs would further be required to complete a report annually that (1) describes any material changes to their information technology systems relevant to compliance with the rule; (2) lists the account holders that maintain custodial deposit accounts with transactional features, the total balance of those custodial deposit accounts, and the total number of beneficial owners; (3) sets forth the results of the institution's testing of its recordkeeping requirements; and (4) provides the results of the required independent validation of any records maintained by third parties. Both the compliance certification and report would be submitted to the FDIC and the IDI's primary Federal regulator.

Custodial Deposit Accounts With Transactional Features

The proposed rule's requirements would apply to IDIs that hold “custodial deposit accounts with transactional features,” other than custodial deposit accounts specifically exempted by the rule as described below. The term “custodial deposit accounts with transactional features” would be defined as a deposit account that meets three requirements: (1) the account is established for the benefit of beneficial owner(s); (2) the account holds commingled deposits of multiple beneficial owners; and (3) a beneficial owner may authorize or direct a transfer through the account holder from the account to a party other than the account holder or beneficial owner. “Beneficial owner” is defined as “a person or entity that owns, under applicable law, the funds in a custodial deposit account.”

The proposal distinguishes a “beneficial owner” from an “account holder,” with “account holder” defined as “the person or entity who opens or establishes a custodial deposit account with transactional features with an insured depository institution.” This definition does not require that the “account holder” is the titled owner of the account. For example, some businesses establish accounts at IDIs for the benefit of their customers, but the account is titled in the name of the IDI itself for benefit of the business's customers. In such instances, the FDIC would interpret the “account holder” under the proposed rule to be the business that contracted with the IDI to establish the custodial deposit account.

The proposed rule's scope is limited to custodial deposit accounts with transactional features that hold deposits, meaning that other types of custodial accounts, such as those holding non-deposit securities, would be excluded. The proposed rule would apply to custodial deposit accounts with transactional features, regardless of the date a particular custodial deposit account was established. Custodial deposit accounts with transactional features already in existence would be subject to the proposed rule's requirements.

As noted above, the definition of “custodial deposit account with transactional features” includes, as one of its criteria, that a beneficial owner may authorize or direct a transfer through the account holder from the account to a party other than the account holder or beneficial owner. By including this prong, the FDIC intends to apply the proposed recordkeeping requirements only to custodial deposit accounts that are established and used in a manner that allows beneficial owners to direct a transfer of funds from the account to another party—for example, to make purchases or pay bills.

The FDIC believes that, in some custodial deposit account arrangements, IDIs allow the account holder to submit payment instructions from beneficial owners to the IDI in order to make funds transfers. Such custodial deposit accounts would fall within the scope of the proposed rule and would be subject to its recordkeeping requirements. If, on the other hand, the IDI only returns the funds held in the custodial deposit account to the account holder or beneficial owner, the account activity would not be “transactional” in the sense that term is used under the proposed rule.

Exemptions

Where the FDIC believes its policy objectives would not be advanced by the additional recordkeeping requirements, the proposal would expressly exempt certain custodial deposit accounts from the new recordkeeping requirements even if they have transaction features. The proposal would accomplish this through a list of specific exemptions. As discussed below, given the FDIC's experience in managing these relationships, additional recordkeeping requirements for a number of custodial deposit accounts would not be required even if they have transactional features.

The proposed rule exempts from its scope custodial deposit accounts that hold only trust deposits, as described in the FDIC's deposit insurance regulations for trust accounts set forth at 12 CFR 330.10 and 330.12. These custodial deposit accounts are established in many cases by a trustee that already has a duty under State law to maintain records regarding the beneficial owners of the funds.

The proposal exempts from its recordkeeping requirements custodial deposit accounts established at an IDI by government depositors. There are a variety of circumstances in which government depositors establish deposit accounts that hold funds for others, such as accounts maintained for the payment of government benefits. In these cases, the FDIC believes that the safeguards and controls imposed by statute and regulation will generally be sufficient to ensure that accurate records are available on a regular basis, including in the event of an IDI's failure.

The proposal also would exempt custodial deposit accounts established by brokers or dealers under the Securities and Exchange Act of 1934, and investment advisers under the Investment Advisers Act of 1940. These entities are already subject to recordkeeping requirements under Federal and State laws in addition to regulatory supervision, and the FDIC believes these measures should generally mitigate the issues addressed through this proposal.

The proposed rule exempts custodial deposit accounts established by attorneys or law firms on behalf of clients, commonly known as interest on lawyers trust accounts (IOLTA accounts). The FDIC recognizes that attorneys and law firms maintaining IOLTA accounts are subject to independent recordkeeping requirements under State law, and IOLTA accounts generally would not be used for the sort of day-to-day transactions that introduce significant complexity into a potential deposit insurance determination in the event of an IDI's failure.

The proposal exempts custodial deposit accounts maintained in connection with employee benefit plans and retirement plans, as described in 12 CFR 330.14. These accounts could be maintained in the name of a trustee or plan administrator and used for defined benefit plans, defined contribution plans, and other employee benefit plans. The FDIC believes that these accounts are subject to independent recordkeeping requirements under Federal and State laws, and the accounts are not used for transactions in a manner that would add to the complexity of a potential deposit insurance determination.

The proposal would exempt accounts maintained by real estate brokers, real estate agents, title companies, and qualified intermediaries under the Internal Revenue Code. The FDIC believes these accounts generally hold an owner's funds for a limited period of time for the purposes of completing a specific real estate transaction. Historically, these types of accounts have not presented significant difficulty to the FDIC in making deposit insurance determinations in the event of an IDI's failure.

The proposal exempts custodial deposit accounts maintained by a mortgage servicer in a custodial or other fiduciary capacity. Mortgage servicers are subject to recordkeeping requirements by other laws and regulations, and funds are transferred from these deposit accounts on predictable dates corresponding to contractual deadlines. For this reason, the FDIC believes that the additional recordkeeping requirements imposed by the proposed rule are unnecessary to achieve its policy objectives.

The proposal exempts custodial deposit accounts where Federal or State law prohibits the disclosure of the identities of the beneficial owners of the deposits. The FDIC believes that such cases will be relatively rare but does not intend to impose any recordkeeping requirements through this proposal that directly conflict with other legal requirements.

The proposal exempts from its scope accounts maintained pursuant to an agreement to allocate or distribute deposits among participating IDIs in a network for purposes other than payment transactions of customers of the IDI or participating IDIs. Such networks are often referred to as deposit placement networks or reciprocal networks and are often administered by a firm that coordinates the depositing of funds across a group of institutions to ensure that no owner's funds at an individual IDI exceed the deposit insurance limit. If the network only allows clients to deposit and retrieve their funds from the network of IDIs, its activity should not present difficulty in making a deposit insurance determination. However, if the network purpose is to enable clients to make payment transactions using funds in the custodial deposit account at the network IDI(s), such as making purchases through a card network or transferring funds to another individual, then the custodial deposit accounts would not qualify for the exemption, and therefore would fall within the scope of the proposed rule.

Finally, the proposal would exempt accounts holding security deposits tied to property owners for a homeownership, condominium, or other similar housing association governed by State law, and accounts holding security deposits tied to residential or commercial leasehold interests. The FDIC believes such entities are generally subject to other recordkeeping requirements that would ensure that beneficial owners' interests are available if necessary. Moreover, although such custodial deposit accounts may exhibit some degree of transactional activity, this is expected to be relatively limited in nature and unlikely to present significant difficulty in making a deposit insurance determination.

Recordkeeping Requirements and Data Formatting

In general, the proposed rule would require IDIs that hold any custodial deposit accounts with transactional features subject to the rule to maintain records establishing the beneficial owners of those deposit accounts. These records would establish, for each custodial deposit account, the beneficial owners of the custodial deposit account, the balance attributable to each beneficial owner, and the ownership category in which the beneficial owner holds the deposited funds.

The proposed rule would provide a specific electronic file format for maintenance of records on beneficial owners and their interests in the deposited funds. This electronic file format is described in appendix A to the proposed rule, which provides, for each of the required fields: (1) the field's name; (2) a description of its contents; (3) the data format for the field; and (4) whether a null value is permitted for the field in the file. IDIs' records would be required to include the information set forth in these fields for each beneficial owner of the deposits in the custodial deposit account, with one row in the file per beneficial owner. The specified data file format would be required regardless of whether the IDI maintains the necessary records itself or maintains those records through an arrangement with a third party. The FDIC believes these records of beneficial ownership would be useful to the IDI in the event of a disruption affecting the account holder, as they would enable the IDI to determine the identity of the owners of the funds it is holding on deposit. Importantly, these records would also be useful to the FDIC in the event of the IDI's failure, as they would enable a prompt payment of deposit insurance.

Internal Controls

The proposed rule would require IDIs to maintain appropriate internal controls that include (1) maintaining accurate deposit account balances, including the respective individual beneficial ownership interests associated with the custodial deposit account, and (2) conducting reconciliations against the beneficial ownership records no less frequently than at the close of business daily, with the understanding that reconciling variances due to unposted transactions and timing of transactions occurs and should be addressed based on standard banking practices, which are sufficient to manage and resolve such variances. Reconciliations compare multiple data elements and, if differences are identified, actions are taken to bring the data elements into agreement. The reconciliation requirement is intended to address the completeness and accuracy of transaction processing. Appropriate internal controls should be designed to consider multi-layer relationships, where applicable, and the associated risks these relationships may present related to recordkeeping. For example, such controls may be appropriate where an account holder, such as an intermediary, collects and places deposits on behalf of other firms, which themselves collect deposits from individual depositors. The internal control requirements of the proposed rule are intended to enable the IDI to be able to accurately determine individual beneficial ownership interests for deposits held in custodial deposit accounts, and would expedite a deposit insurance determination in the event of the IDI's failure.

Recordkeeping by Third Parties

The FDIC recognizes that many IDIs, including community banks, regularly employ third parties such as vendors and technology service providers to assist them in carrying out a variety of banking functions. While the proposed rule generally would require that IDIs maintain records of beneficial ownership for custodial deposit accounts, it also would permit those records to be maintained by the IDI through a third party if certain requirements are satisfied. The rule mentions, as examples of third parties, vendors, software providers, and service providers, and other similar entities that regularly process deposit transaction data, but does not limit third parties to these categories of entities. Third parties also could include the account holder, for example, if the account holder regularly maintains beneficial ownership records.

The IDI would be required to have direct, continuous, and unrestricted access to records maintained by the third party in the standardized file format described in appendix A to the proposed rule, including access in the event of a business interruption, insolvency, or bankruptcy of the third party. This could be accomplished, for example, by the IDI and the third party implementing capabilities to enable secure real-time exchange of data, where authorized IDI personnel can access the records at any time.

The IDI also would be required to have continuity plans in place, including backup recordkeeping for the required beneficial ownership records and technical capabilities to ensure compliance with the proposal's requirements. When developing a contingency plan, an IDI may consider elements such as (1) storing copies of prior daily or weekly account balances and beneficial ownership balances internally at the IDI, or at another location independent of the third party; (2) establishing legal authority and technological capability for the IDI to access daily transaction records associated with the custodial deposit account directly from payment networks, processors, or service providers used by the third party; and (3) maintaining at the IDI sufficient trained staff, technical systems, and other resources to process transaction records necessary for the IDI to reconcile and establish accurate records for ownership interests in the custodial deposit account, in the event the third party is disrupted. Like other risk management practices, contingency plans for different IDIs would vary according to the scope and complexity of the businesses and the nature of the third-party relationships.

In addition, records of beneficial ownership maintained by a third party could only be used to satisfy the proposed rule's requirements if the IDI implements appropriate internal controls to (1) accurately determine the respective beneficial ownership interests associated with the custodial deposit account with transactional features, and (2) conduct reconciliations against the beneficial ownership records no less frequently than as of the close of business daily, with the understanding that reconciling variances due to unposted transactions and timing of transactions occurs and should be addressed based on standard banking practices, which are sufficient to manage and resolve such variances. Appropriate internal controls should be designed to consider multi-layer relationships, where applicable, and the associated risks these relationships may present related to recordkeeping. For example, such controls may be appropriate where an account holder, such as an intermediary, collects and places deposits on behalf of other firms, which themselves collect deposits from individual depositors. This requirement is intended to address the completeness and accuracy of transaction processing data maintained by the third party.

Contractual Requirements

Where records are maintained by a third party, the IDI would be required to have a direct contractual relationship with the third party that includes certain risk mitigation measures. For example, the contract between the IDI and the third party would need to clearly define roles and responsibilities for recordkeeping, including assigning to the IDI rights of the third party that are necessary to access data held by other parties. The contract would need to include an explicit provision requiring the third party to implement appropriate internal controls to be able to accurately determine the beneficial ownership interests represented in the custodial deposit account and to conduct reconciliations against the beneficial ownership records no less frequently than as of the close of business daily, with the understanding that reconciling variances due to unposted transactions and timing of transactions occurs and should be addressed based on standard banking practices, which are sufficient to manage and resolve such variances. Appropriate internal controls should be designed to consider multi-layer relationships, where applicable, and the associated risks these relationships may present related to recordkeeping. For example, such controls may be appropriate where an account holder, such as an intermediary, collects and places deposits on behalf of other firms, which themselves collect deposits from individual depositors.

In addition, the contract would need to provide for periodic validations, by a person independent of the third party, to verify that the third party is maintaining accurate and complete records and that reconciliations are being performed consistent with the proposed rule's recordkeeping requirement for beneficial ownership interests. If the validation is performed by a party other than the IDI, the results must be provided to the IDI. The proposed rule's approach of requiring an independent, unbiased opinion or assessment and validation of a third party's system of internal controls, operations, and compliance risk management framework for maintaining accurate and complete records is intended to proactively identify and address weaknesses. The independent validation could be performed by the IDI itself. The validation activities should be commensurate with the size, complexity, and risk profile of the third party.

An IDI would not be permitted, through any contract or agreement, to shift its responsibility for ensuring that the requirements of the proposed rule are satisfied. The proposed rule also would not limit, in any way, an IDI's ability to include further risk mitigation measures in contracts with third parties, and IDIs would be encouraged to include additional measures as they deem appropriate.

Effect on Other Recordkeeping Requirements

The proposed rule would not supersede or modify any requirements imposed by statute or regulation. For example, where IDIs are required to gather and maintain specific information about their customers under the Bank Secrecy Act and its implementing regulations, satisfying the proposed rule's recordkeeping requirements would not necessarily satisfy the IDI's obligation under the Bank Secrecy Act. Similarly, the fact that a custodial deposit account with transactional features qualifies for an exemption from the proposed rule's recordkeeping requirements would not exempt the account or the IDI from any other recordkeeping requirements imposed by law or regulation. Nothing in the proposed rule would prohibit or limit additional recordkeeping or reconciliation efforts by IDIs with respect to particular custodial deposit accounts with transactional features, and IDIs would be encouraged to consider such measures as they deem appropriate.

Compliance Measures

An IDI that holds custodial deposit accounts within the scope of the proposed rule would be required to establish and maintain written policies and procedures to achieve compliance with the proposed rule's requirements. To the extent an IDI maintains the relevant records through a third party, these policies and procedures would also need to address achieving compliance with the requirements specific to maintaining records through a third party. The policies and procedures requirement is intended to promote an appropriate level of due diligence on the part of IDIs that maintain custodial deposit accounts with transactional features within the scope of the rule.

The proposed rule would enhance compliance by implementing an annual certification and reporting process for IDIs holding custodial deposit accounts with transactional features that are subject to the rule's requirements. The chief executive officer, chief operating officer, or the highest ranking official of an IDI would be required to annually certify that the IDI (1) implemented the proposed recordkeeping requirements for the covered custodian accounts; (2) tested the implementation of the recordkeeping requirements within the preceding 12 months; and (3) is in compliance with all requirements of the proposed rule at the time of the annual certification. The certification would be required regardless of whether the records are maintained by the IDI itself or through a third party. The certification would be required within 1 year of the effective date of the final rule and annually thereafter, and submitted to both the FDIC and the IDI's primary Federal regulator.

In addition to the annual certification of compliance, an IDI would be required to prepare an annual report containing (1) a description of any material changes to the IDI's information technology systems since the prior annual report that are relevant to the requirements of the proposed rule; (2) a list of the account holders that maintain custodial deposit accounts with transactional features subject to the rule, as well as the total balance of those custodial deposit accounts, and the total number of beneficial owners; (3) the results of the IDI's testing of its implementation of the recordkeeping requirements; and (4) the results of any independent validation of records maintained by third parties as required by the proposed rule and discussed above. The report would be required within 1 year of the effective date of the final rule and annually thereafter, and submitted to both the FDIC and the IDI's primary Federal regulator.

If an IDI experiences a significant change in its deposit-taking operations, or the FDIC or the IDI's primary Federal regulator identifies aspects of the institution's operations that pose elevated risks of compliance with proposed 12 CFR part 375, the proposed rule provides that the FDIC or the IDI's primary Federal regulator may require that the IDI file the certification and report required by this section more frequently than annually, as requested.

Violations and Enforcement

As discussed above, the proposed rule would impose recordkeeping requirements with respect to certain custodial deposit accounts at IDIs. If an IDI does not satisfy the proposed rule's requirements, the violation could be addressed through the supervisory process, including examinations and in appropriate cases, through enforcement actions. In addition, certain circumstances may implicate misrepresentations of deposit insurance, which are covered under section 18(a)(4) of the FDI Act. The FDIC carries out its enforcement authorities primarily through section 8 of the FDI Act, which may include cease-and-desist orders and civil money penalties.

Relation to Existing Recordkeeping and Data Standard Requirements

The FDIC has previously issued regulations that include recordkeeping and data standard requirements to support timely determinations of deposit insurance coverage at IDIs. For example, § 360.9 of the FDIC's regulations includes data standards that apply to IDIs with at least 250,000 deposit accounts or $20 billion in assets. In addition, 12 CFR part 370 of the FDIC's regulations requires IDIs with more than 2 million deposit accounts to implement certain recordkeeping capabilities to calculate deposit insurance coverage in the event of the IDI's failure. These requirements are generally intended to address scenarios where the size of an IDI hinders the FDIC's ability to make a timely determination of deposit insurance.

The proposed rule, by contrast, is intended to address the difficulties that a particular set of deposit accounts—custodial deposit accounts with transactional features—present for the FDIC in making a deposit insurance determination, regardless of the size of the IDI holding the deposits. As noted above, custodial deposit accounts with transactional features present difficulties in making a timely and accurate deposit insurance determination due to their nature and usage. The FDIC believes many IDIs that fall below the size thresholds for § 360.9 and 12 CFR part 370 hold custodial deposit accounts with transactional features that would complicate a deposit insurance determination. Moreover, to the extent that recordkeeping on beneficial owners is performed by third parties rather than IDIs, the proposed rule includes measures intended to address the integrity and availability of third parties' records. Institutions subject to 12 CFR part 370 are not necessarily required to maintain records on the beneficial owners of deposits, and 12 CFR part 370 specifically contemplates that the FDIC may need to reach out in the event of the IDI's failure to obtain these records from third parties. As explained above, however, the FDIC believes that for custodial deposit accounts with transactional features it is critical that the IDI either maintain the records of beneficial owners of deposits or have continuous access to those records. In these respects, the proposed rule complements the requirements of § 360.9 and 12 CFR part 370 in promoting a timely deposit insurance determination by the FDIC. While the problems that the proposed rule is intended to address differ from those addressed by 12 CFR part 370, the FDIC nevertheless acknowledges that in a narrow set of circumstances, the benefits of 12 CFR part 370 may coincide with those of the proposed rule. With that in mind, the FDIC will continue to consider whether any amendments or modifications to 12 CFR part 370 are warranted.

IV. Expected Effects

The FDIC has considered the expected effects of the proposed rule on IDIs, consumers, the banking industry, and the U.S. economy. The proposed rule, if promulgated, would require IDIs with custodial deposit accounts that have transactional features to maintain records for such accounts in a format prescribed by the FDIC. This requirement would likely impose costs on all IDIs and particularly IDIs that hold, or plan to hold, significant amounts of insured deposits in these custodial deposit accounts. These costs may be shared with the account holders and beneficial owners of the custodial deposit accounts. The proposed rule would pose several benefits including (1) prompt and accurate determination of beneficial owners' deposit insurance coverage in the event of a failure of an IDI with custodial deposit accounts covered by the proposal, and (2) prompt determination of beneficial ownership in the event of a failure of an account holder. These outcomes would reduce the likelihood of a disruption to beneficial owners' access to their funds in the event of an IDI's or account holder's failure, reduce operational risk for IDIs, increase the stability of funds in custodial deposit accounts, and support consumer confidence in the banking system and financial services industry. Additionally, the FDIC believes the proposal could indirectly support growth in IDIs' partnering with non-bank companies to offer financial products through the proposal's standardization of enhanced recordkeeping and positive effect on consumer confidence.

Scope

The baseline for this analysis includes all statutes, regulations, and guidance applicable to IDIs, as well as all open and operating IDIs, as of March 31, 2024. The FDIC insures 4,577 IDIs as of March 31, 2024. The proposed rule would apply to all IDIs with custodial deposit accounts that are not explicitly exempt from the rule. The FDIC does not have the data available to estimate the number of IDIs that currently have or would potentially have custodial deposit accounts subject to the rule. However, as discussed in section I of this document, custodial deposit accounts have been a fixture of the U.S. banking system for decades and used widely throughout the industry; therefore, the FDIC believes that all IDIs would, at a minimum, review the nature of their relationships with non-bank companies to determine whether these non-bank companies have custodial deposit accounts at the IDI that fall under the scope of the proposed rule. In addition, the proposed rule would change the costs and benefits of accepting and maintaining custodial deposit account relationships with non-bank companies, which may affect the number of IDIs entering into such relationships in future periods.

IDIs with custodial deposit accounts covered by the proposed rule would be required to maintain records of beneficial ownership for each custodial deposit account. The FDIC does not have the data to accurately estimate the number of these IDIs. To assess the number of IDIs potentially affected the FDIC identified the number of IDIs who reported positive or non-zero values for non-managed custody and safekeeping accounts or brokered deposits, excluding brokered reciprocal deposits. The FDIC acknowledges that deposits obtained through third-party partnerships may or may not be reported in these items. According to a 2023 analyst report, as many as 24 percent of IDIs during the fourth quarter of 2022 indicated that they are either currently in a partnership with one or more non-bank companies, or may potentially form such a partnership in the near future, that could involve custodial deposit accounts covered by the proposal. The FDIC acknowledges that the prevalence of IDI-non-bank company partnerships that involve custodial deposit accounts subject to the proposed rule may be higher or lower than this information indicates. However, the FDIC believes that the information on the prevalence of IDI-non-bank company partnerships, coupled with the data on the volume of relevant deposit types, implies a range that likely captures the volume of covered IDIs. For purposes of this analysis, the FDIC estimates that between 600 and 1,100 IDIs (or between 13 and 24 percent of the current population of 4,577 IDIs) would have custodial deposit accounts covered by the proposed rule and therefore would be directly and immediately affected. The FDIC notes that the number of affected IDIs may be reduced by the ten account driven exemptions included in the proposed rule. The FDIC does not have data to estimate how many IDIs would be excluded due to these exemptions.

As previously discussed, the proposed rule may affect account holders or other non-bank entities, who may have to keep records or provide information to partner IDIs. In particular, these non-bank entities may have to provide information on beneficial owners and their interests in the deposited funds held in custodial deposit accounts. Further, to the extent that covered IDIs elect to comply with the proposed rule by maintaining the records through a contractual relationship with a third party, non-bank entities may be required to keep additional records to ensure that the IDI has continued access to the records. The FDIC does not have data on the exact number of non-bank entities that would be affected. Some data suggest that most IDIs partner with two fintechs.

In addition, the proposed rule would impact consumers whose deposits are held in custodial deposit accounts that are not exempt from the proposed rule. The remainder of the Expected Effects section of this document discusses the proposed rule's effects on covered IDIs, consumers, and non-bank entities.

Costs

As mentioned above, the FDIC estimates that between 600 and 1,100 IDIs would be directly and immediately affected by the proposed rule, if it were adopted. Specifically, IDIs with custodial deposit accounts that are not exempt from the proposed rule would be required, themselves or through a third party, to maintain records of beneficial ownership in the data format and layout specified in 12 CFR part 375, appendices A and B, for each custodial deposit account. In addition, these IDIs would be required to reconcile records for their custodial deposit accounts as of the end of each day in order to determine the respective individual beneficial ownership interests associated with the custodial deposit account and the reconciliation of such interests to the funds on deposit in the custodial deposit account. The FDIC believes it is likely that many IDIs currently engage in some form of reconciliation and maintain certain amounts of records in order to maintain custodial accounts. However, the FDIC believes it is unlikely that IDIs currently have all the records necessary to meet all the proposed rule's requirements. As such, IDIs would have to arrange to have the data transmitted to them from account holders and develop a recordkeeping system for maintaining those data. These arrangements may include revisions to IDIs' existing platform or core processing systems, as well as the development of data interface systems. Further, the proposed rule would require covered entities to incur costs associated with conducting, testing, and validating the daily reconciliation of records at the IDI. The FDIC also recognizes that the costs of these actions will vary by IDI based on the size, scope, and complexity of the IDI's custodial deposit accounts, as well as the capability and efficiency of the IDI's current system for managing deposit account data. The FDIC does not have data on the costs of these actions. For purposes of this analysis, the FDIC assumes that it would take IDIs and partner non-bank entities approximately 2,200 hours, on average, per IDI to set up, and approximately 1,100 hours, on average, per IDI per year to maintain, such a system. At an assumed labor compensation rate of $100 per hour, the FDIC estimates that these tasks would cost each IDI, on average, approximately $220,000 for the first year and $110,000 for each subsequent year after the proposed rule is enacted. The proposed rule would allow IDIs to arrange to have the data maintained through a third party—this analysis assumes that each IDI would choose the latter if it were more cost effective. For purposes of estimating the total cost to the industry, this analysis assumes all affected IDIs would incur the estimated average cost of developing an internal recordkeeping system. Assuming up to 1,100 IDIs are affected, the FDIC estimates that the proposed rule would impose a cost upwards of approximately $250 million on affected IDIs and their partner non-bank entities in the first year that the proposed rule is enacted and approximately $120 million in each subsequent year thereafter. These estimates may be lower if IDIs' existing systems are capable of maintaining beneficial ownership information as well as conducting daily reconciliations, as outlined in the proposed rule. Not every IDI will incur the same compliance costs. IDIs which do not currently retain beneficial ownership information nor reconcile their accounts or those with greater complexity in their business lines, accounts and operations would be expected to incur above-average compliance costs.

IDIs affected by the proposed rule would also be required to establish and maintain written policies and procedures to achieve compliance with the proposed rule. These IDIs would also be required to, on an annual basis, test the recordkeeping system required by the proposed rule, independently validate certain records maintained by third parties, document these actions in a report, and include in its records a certification of compliance with the proposed rule. Non-bank entities that partner with affected IDIs may incur costs associated with IDIs' compliance with the aforementioned requirements. The FDIC lacks the data necessary to quantify these costs, however it believes they would be modest compared to the costs of implementing and maintaining the recordkeeping system described above.

The proposed rule would also likely result in added costs, other than those described above, on custodial deposit account holders. Such non-bank companies may need to revise their internal systems, policies, or procedures, and potentially adjust their business arrangements with covered IDIs, in order to accommodate the proposed rule's requirements on covered IDIs. The FDIC does not believe that the proposed rule would impose material data collection costs on these non-banks, because the data required by the proposed rule would likely already be collected and maintained by the account holder in the ordinary course of business. As discussed above, the account holder or non-bank entity may share in the costs of developing and maintaining the systems required for the transmission of data. The FDIC does not have the data necessary to quantify this cost, but believes that these costs would be modest, given that the IDI and account holder would likely already have systems in place for the account holder to access its custodial deposit accounts.

As discussed in the previous Scope section of this document, the costs of the proposed rule may affect IDIs' and non-bank entities' decisions to enter into or maintain custodial deposit account relationships covered by the rule. Further, the proposed rule may increase or decrease the count or dollar volume of covered custodial deposit accounts held by IDIs. The FDIC does not have data to estimate the effects of the rule on the volume and usage of covered custodial deposit accounts.

To the extent that IDIs and non-bank entities pass the costs of complying with these requirements onto their customers through lower interest rates or higher fees, consumers could also bear some costs.

Benefits

A direct benefit of the proposed rule would be a reduction in the likelihood and duration of a disruption to consumers' access of their funds held in covered custodial deposit accounts, whether such disruption is because of an IDI failure, or failure or operational disruption experienced by an account holder. The proposal would benefit customers by requiring that records be maintained in a standard format identifying customers and their balances and by requiring reconciliation between the records of IDIs and their associated non-bank entities. The required records and reconciliation would allow customers to have uninterrupted or near-uninterrupted access to their underlying funds in the event of an IDI failure, or failure or operational disruption of an associated non-bank entity. As discussed in the context of the Synapse bankruptcy, there can be significant differences in information on beneficial owners and their interests in the deposited funds held in custodial deposit accounts at an IDI between the IDI and its partner non-bank entity. These differences can result in disruption to customers' access to funds in the event of a failure of the IDI or non-bank entity. Nearly half of all households use a fintech product with bank account-like features; therefore, as illustrated by the failure of Synapse, the potential benefits of avoiding consumer harm associated with disrupted access to funds, in concert with the frequent usage of such custodial deposit accounts at IDIs, are likely to be substantial.

Another direct benefit of the proposed rule would be prompt and accurate determination of beneficial owners' deposit insurance coverage in the event of a failure of an IDI with custodial deposit accounts covered by the proposal. As discussed above, records of custodial deposit account balances at IDIs can differ substantially from those at their partner non-bank entities. In the event of a failure of an IDI, such substantial differences can result in delays in determining the insured status of depositors as well as losses to the Deposit Insurance Fund (DIF). The increased accuracy of data on custodial deposit accounts provided by the proposed rule would prevent or mitigate such losses in the event of a failure of an IDI. The detailed account information would also facilitate the FDIC's resolution of the failed IDI, reduce the cost of the failure of the IDI, and ensure prompt determination of insured status, allowing the FDIC to meet its statutory mandate under the FDI Act to provide beneficial owners their insured deposits “as soon as possible” and at the lowest resolution cost.

The FDIC believes one of the indirect benefits of the proposed rule would be to reduce operational risk to IDIs and account holders. The proposed rule's requirement of daily reconciliation of records at the IDI would prevent or mitigate discrepancies in beneficial owners' account balances between the IDI and the account holder. In cases where the account holder has multiple partner IDIs, the daily reconciliation would also prevent or mitigate inaccurate recordkeeping at the account holder from spreading to IDIs—a mismatch in account balances between the account holder and a partner IDI could be resolved before the underlying issue causes mismatches at other of the account holder's partner IDIs.

The reduction in operational risk at affected IDIs and their partner non-bank entities could be partially offset by an increase in operational risk due to the additional operations required to comply with the proposed rule.

The FDIC believes the proposed rule would reduce the reputational risk to covered IDIs and non-bank entities. A (temporary) loss of access to their funds could conceivably reduce confidence among depositors of an IDI affected by a bankruptcy of a non-bank entity for which it provides custodial deposit accounts or operational disruption. By preventing or mitigating such disruptions, the proposed rule would bolster consumer confidence in non-bank companies providing such services and their partner IDIs. This bolstered confidence could increase the potential customer base of certain affected non-bank companies, as well as the amount of funds consumers feel comfortable depositing with IDIs through such entities. Finally, to the extent that an IDI affected by the bankruptcy or operational disruption of a non-bank company cannot determine beneficial ownership in a timely manner, it might reduce confidence among owners of all deposit classes at the IDI. This loss in confidence could lead to the rapid withdrawal of demand deposits or short-term funding. The proposed rule would reduce the likelihood, and mitigate the effects, of such a crisis of confidence by providing consumers continued access to their funds. While the FDIC does not have the data to quantify these benefits, they could potentially be material for covered IDIs and account holders.

The FDIC believes another indirect benefit of the proposal would result from the proposed rule's standardization of enhanced recordkeeping requirements for custodial deposit accounts. This benefit could affect both IDIs with covered custodial deposit accounts and IDIs that may wish to form partnerships with non-bank companies where such partnerships may lead to the creation of custodial deposit accounts. Adoption of standardized recordkeeping would reduce the IDI's costs of partnering with additional non-banks, and vice versa, since such a partnership would not require the development of a bespoke information management system for affected custodial deposit accounts. Once the IDI implements the deposit information management system required by the proposed rule, that system could potentially be used to manage custodial deposit accounts from multiple account holders, thereby reducing the average cost for the IDI.

Distributional Effects

Under the proposed rule, all IDIs that hold or plan to hold custodial deposit accounts with transactional features will be subject to the proposed requirements. To the extent that smaller IDIs are more likely to have accounts subject to the proposed rule, or have larger volumes of transactions move through such accounts relative to their assets, smaller IDIs will bear higher costs as a share of their assets than larger IDIs. In addition, smaller IDIs' existing recordkeeping systems may be less sophisticated than the systems at larger IDIs. Thus, the fixed costs of setting up new internal recordkeeping systems or enhancing existing systems in order to comply with the proposed rule may also be higher as a share of their assets for smaller IDIs. To the extent that these smaller IDIs are more likely to contract with third-party service providers to manage their deposit information system and/or general ledgers, these smaller IDIs would be more likely to increase the scope of their existing contracts, rather than build a system from scratch, to comply with the proposed rule. For these reasons, the FDIC expects smaller IDIs would more likely opt for third-party arrangements and pass those costs onto their account holders.

While smaller IDIs may bear a higher burden, relative to their assets, to comply with the proposed rule, they would also receive a disproportionately higher share of the benefits. Smaller IDIs, with their smaller capital or liquidity reserves, would not have as much capacity as larger IDIs to withstand the operational stress or reputational damage caused by an event such as the Synapse failure, as well as the deposit flight that may follow. As such, a mitigation or prevention of such an event would greatly benefit those smaller IDIs.

Summary

The FDIC does not have sufficient information available to quantify the potential benefits of the proposed rule because the benefits depend on the probability, breadth, and severity of future failures of an IDI or account holder. The FDIC also lacks sufficient data on the number of IDIs and non-bank entities affected, the scope of custodial deposit accounts covered, and the current capabilities of affected IDI's data information management systems to accurately estimate the costs of the proposed rule. These data limitations notwithstanding, the discussion above describes the clear, material, and prudential benefits that the prevention or mitigation of an event similar to the recent failure of Synapse would provide to IDIs that partner with fintechs and other third parties, as well as the financial industry as a whole.

V. Alternatives

The FDIC considered three alternatives to the proposed rule. First, the FDIC considered the status quo alternative. Second, the FDIC considered issuing a proposal in which certain custodial deposit accounts would be covered based on whether activity in the account met or exceeded certain thresholds, such as transaction volume. Third, the FDIC considered a proposal covering all custodial deposit accounts. However, the FDIC believes the proposed rule is preferable to each of the alternatives for the reasons discussed below.

One alternative the FDIC considered was the status quo. However, as discussed above, the recent bankruptcy of Synapse left many businesses and customers without access to millions of dollars of their funds. Such disruptions caused some customers of Synapse's fintech partners to question the insured status of their funds that were advertised as FDIC-insured. Some of the effects of this event have yet to be resolved, even months after Synapse's bankruptcy. The disruption of account access in the aftermath of Synapse's bankruptcy has shown that IDIs currently do not have the necessary data to provide access to funds in the status quo. The FDIC believes that the proposed rule would provide data to enable IDIs to provide ready access to funds. In addition, the proposed rule's recordkeeping requirements would enhance the FDIC's ability to achieve its statutory obligation to pay deposit insurance as soon as possible in the event an IDI fails by having information about the beneficial owners of custodial deposit accounts in the banks' records.

The second alternative the FDIC considered was to propose recordkeeping requirements be applied only to those custodial deposit accounts where the transaction volume and/or dollar volume of activity over a certain period met particular thresholds. However, the FDIC believes that, by using thresholds, the FDIC could potentially treat otherwise similarly situated depositors differently in the event of an IDI failure if one depositor's funds were in a custodial deposit account that did not meet the thresholds to be covered by the proposal while another's did meet the thresholds. For example, some financial technology products or intermediaries working on behalf of financial technology companies may deposit end-user funds across multiple custodial deposit accounts at a single IDI, while others may deposit funds from multiple end-users into a single custodial deposit account, and others may spread funds across more than one IDI. The FDIC felt that the straightforward approach, as provided in the proposed rule, would be to apply the requirements to all custodial deposit accounts, and exempt accounts that are not necessary to further the policy objectives of the proposed rule.

Finally, the FDIC considered an alternative with fewer exemptions that would have applied, if adopted, to many arrangements involving custodial deposit accounts. Although this alternative would have had exemptions for accounts established by or on behalf of brokers, dealers, and investment advisers as defined in the Securities and Exchange Act of 1934 and the Investment Advisers Act of 1940, the FDIC nevertheless believed the alternative could result in large costs for non-bank entities with certain sweep deposit, reciprocal deposit, and brokered deposit arrangements. The FDIC believes that these arrangements are dissimilar to the custodial deposit account arrangements involved the Synapse bankruptcy and would not pose the same heightened risk. The FDIC believes that the set of exemptions provided in the proposed rule would allow the FDIC to achieve its policy objectives, as discussed above, with less burden on IDIs and nonbank financial entities.

VI. Request for Comment

The FDIC invites comments on all aspects of this proposal. In particular, the FDIC requests comment on the following:

Custodial Deposit Accounts With Transactional Features

• The proposed definition of “custodial deposit account with transactional features” generally relies on three elements: (1) the account is established for the benefit of beneficial owners; (2) the account contains commingled deposits of multiple beneficial owners; and (3) the beneficial owners may authorize or direct a transfer from the custodial deposit account to a party other than the account holder or beneficial owner. The FDIC believes this definition would include the types of custodial deposit accounts that would present significant complexity in a deposit insurance determination. Should the FDIC consider alternative approaches to defining the “custodial deposit accounts with transactional features” that would generally be subject to the proposed rule?
• Should the rule's recordkeeping requirements instead apply to all custodial deposit accounts, not only to those with “transactional features” as described in the proposed rule? Why and what would be the benefits or challenges of applying the requirements to all custodial deposit accounts?
• Are there any other types of deposit accounts that should be included in the scope of the proposed rule? If so, why should they be addressed by the proposal?
• Are custodial deposit account arrangements becoming more complex in the industry to the point where it would not be clear who is an account holder in the case of an IDI's failure? If so, how can the proposal better add clarity to support the FDIC's policy objectives?
• Should there be a minimum threshold for applying the requirements of the rule? If so, what metric, and what threshold? For example, should an IDI only be subject to the rule if its number of unique beneficial owners with custodial deposit accounts with transaction features exceeds a certain threshold? If so, what should the minimum threshold be and why?

Exemptions

• Are there other categories of custodial deposit accounts with transactional features that should be expressly exempted from the proposed rule's recordkeeping requirements? If so, why should they be exempt, and what factors would tend to ensure that complete and accurate records of the beneficial owners of the deposits are readily available for the FDIC in the event of the failure of an IDI holding such custodial deposit accounts?
• The proposal would exempt custodial deposit accounts established by or on behalf of one or more brokers or dealers under the Securities and Exchange Act of 1934, and investment advisers under the Investment Advisers Act of 1940. Although these entities are already subject to recordkeeping requirements under Federal and State laws in addition to regulatory supervision, given the risks described in this proposal, should these entities entirely be exempted from the proposal's requirements? Are there circumstances where some brokers or dealers or related accounts should not be exempted from the proposal to ensure that the proposal's policy objectives are being satisfied? If so, why and how should this exemption be revised?
• Are there other categories of custodial deposit accounts with transactional features that should be revised or narrowed? If so, why and how should the exemption(s) be revised?

Recordkeeping Requirements

• What feedback or additional considerations should be included in the proposed rule in the situation where an IDI maintains records of beneficial ownership itself?
• Should the FDIC consider any additional measures where an IDI intends to rely on a third party for keeping the records required by the proposed rule? Should the rule specifically address scenarios where a third party is subject to examination under the Bank Service Company Act?
• What additional detail might be useful to IDIs in understanding the provisions of the proposed rule addressing reconciliations?
• What are obstacles that would prevent an IDI from being able to reconcile records daily as required by the proposed rule? Could those obstacles be addressed? If not, are there alternative measures that could be used to satisfy the FDIC's policy objectives of ensuring that IDIs have access to complete and accurate records of beneficial ownership of deposits on a daily basis?
• Are there any challenges to an IDI's abilities to align its internal records with those of the non-bank third party which whom the IDI has a business relationship? How have IDIs addressed these challenges?
• Are there legal or other obstacles the FDIC should be aware of with respect to meeting the proposed contractual requirements, where an IDI intends to rely on one or more third parties to maintain the records required by the rule?
• Should the rule specify a set of elements that would be required, at a minimum, as part of a contingency plan to address disruptions with respect to a third party that maintains records for custodial deposit accounts?
• Are there aspects of12 CFR part 370 or § 360.9 that the FDIC should give additional consideration to for purposes of this rulemaking?

Compliance Provisions

• The proposed rule would require IDIs to maintain written policies and procedures to achieve compliance. Are there any additional or specific criteria, factors, or situations that these policies and procedures should be required to address?
• The chief executive officer, chief operating officer, or the highest ranking official of an insured depository institution holding custodial deposit accounts with transactional features that are not specifically exempt from the proposal would be required to sign a certification attesting to the accuracy of the certification. Has the proposal identified the appropriate level of the official at an insured depository institution who should sign the certification? If not, which official(s) should sign a certification for the purposes of achieving the stated goals of the proposal?
• Should the compliance report and certification address any additional items, beyond those enumerated in the proposed rule?
• Given the proposal's annual certification and reporting requirements, please provide any feedback on what the potential format, structure, or content of materials should be for the purposes of complying with these requirements.
• What system, process or mechanism should be used to transmit such information to the FDIC and the appropriate federal banking agency?
• Given the recordkeeping, internal control, and compliance requirements addressed in the proposal, how long would it take to revise systems, processes, and contracts for the purposes of complying with a rule? What would be a reasonable amount of time to achieve compliance with the rule, and why?

Expected Effects

• Would the proposed rule have any costs, benefits, or other effects that the FDIC has not identified?

Alternatives

• Are there other recordkeeping requirements or approaches that are not reflected in the proposal that could be considered in ensuring the accuracy and availability of beneficial ownership records with respect to custodial deposit accounts with transactional features?

VII. Administrative Law Matters

Regulatory Flexibility Act

The Regulatory Flexibility Act (RFA) generally requires an agency, in connection with a proposed rule, to prepare and make available for public comment an initial regulatory flexibility analysis that describes the impact of the proposed rule on small entities. However, an initial regulatory flexibility analysis is not required if the agency certifies that the proposed rule will not, if promulgated, have a significant economic impact on a substantial number of small entities. The Small Business Administration (SBA) has defined “small entities” to include banking organizations with total assets of less than or equal to $850 million. Generally, the FDIC considers a significant economic impact to be a quantified effect in excess of 5 percent of total annual salaries and benefits or 2.5 percent of total noninterest expenses. The FDIC believes that effects in excess of one or more of these thresholds typically represent significant economic impacts for FDIC-insured institutions.

For the reasons described below, the FDIC believes that the proposed rule would, if promulgated, have a significant effect on the substantial number of FDIC-insured institutions that are small entities under the RFA (small IDIs). As such, the FDIC has prepared and is making available for public comment the following initial regulatory flexibility analysis.

(1) A description of the reasons why action by the agency is being considered.

As discussed in detail in section I of this document, Background and Need for Rulemaking, the recent events surrounding the bankruptcy of Synapse raised questions about the completeness, accuracy, and integrity of custodial deposit account records underlying arrangements with third parties at certain IDI. These events highlight substantial risks with respect to the prompt access to customers funds held in custodial deposit accounts. These issues create uncertainty that undermines the public confidence that underpins banks and our nation's broader financial system.

(2) A succinct statement of the objectives of, and legal basis for, the proposed rule.

As discussed in detail in section III of this document, The Proposed Rule, the FDIC is proposing requirements that would strengthen IDIs' recordkeeping for custodial deposit accounts with transactional features and preserve beneficial owners' and depositors' entitlement to the protections afforded by Federal deposit insurance. The proposed rule is authorized by the FDI Act, which requires the FDIC to determine the net amount due to any depositor in the event of the failure of an IDI and authorizes the FDIC to prescribe rules and regulations as it may deem necessary to carry out these responsibilities.

(3) A description of and, where feasible, an estimate of the number of small entities to which the proposed rule will apply.

The FDIC insures 4,577 IDIs as of March 31, 2024, and the proposed rule would apply to all IDIs with custodial deposit accounts that are not explicitly exempt from the rule. Of these 4,577 IDIs, the FDIC estimates that 3,259 (71 percent of) IDIs are small IDIs. The FDIC does not have the data available to estimate the number of small IDIs that currently have or would potentially have custodial deposit accounts subject to the rule. As discussed in detail in section IV of this document, Expected Effects, the FDIC estimates, based on Call Report data and analyst reports, that between 600 and 1,100 IDIs would be immediately and directly affected by the proposed rule. Applying the 71 percent proportion of small IDIs in the population of all IDIs, the FDIC estimates that between 426 and 781 small IDIs would be immediately and directly affected by the proposed rule.

(4) A description of the projected reporting, recordkeeping and other compliance requirements of the proposed rule, including an estimate of the classes of small entities which will be subject to the requirement and the type of professional skills necessary for preparation of the report or record.

As discussed in section IV of this document, Expected Effects, IDIs with custodial deposit accounts that are not exempt from the proposed rule would be required, themselves or through a third party, to maintain records of beneficial ownership in the data format and layout specified in proposed 12 CFR part 375, appendices A and B, for each custodial deposit account. In addition, these IDIs would be required to reconcile records for their custodial deposit accounts as of the end of each day in order to determine the respective individual beneficial ownership interests associated with the custodial deposit account and the reconciliation of such interests to the funds on deposit in the custodial deposit account. The FDIC believes it is unlikely that IDIs currently have these records. As such, IDIs would have to arrange to have the data transmitted to them from account holders and develop a recordkeeping system for maintaining those data. These arrangements may include revisions to IDIs' existing platform or core processing systems, as well as the development of data interface systems. Further, the proposed rule would require covered entities to incur costs associated with conducting, testing, and validating the daily reconciliation of records at the IDI. The FDIC also recognizes that the costs of these actions would vary by IDI based on the size, scope, and complexity of the IDI's custodial deposit accounts, as well as the capability and efficiency of the IDI's current system for managing deposit account data. The FDIC does not have data on the costs of these actions. For purposes of this analysis, the FDIC assumes that it would take IDIs and partner non-bank entities approximately 2,200 hours, on average, per IDI to set up, and approximately 1,100 hours, on average, per IDI per year to maintain such a system. The FDIC believes that actions required by small IDIs to comply with the proposed rule, described above, would require the skills of compliance officers, information technology specialists, clerical workers, lawyers, and executives and managers. At an assumed labor compensation rate of $100 per hour, the FDIC estimates that these tasks would cost each IDI, on average, approximately $220,000 for the first year and $110,000 for each subsequent year after the proposed rule is enacted. Although these costs may vary across small IDIs affected by the rule, an estimated increase in labor costs of $220,000 would be in excess of 5 percent of total annual salaries and benefits for approximately 61 percent of the 3,259 small IDIs. Given the estimate that between 426 and 781 small IDIs would be directly and immediately affected by the proposed rule, the FDIC estimates that the proposed rule would have significant effects on 61 percent of these affected small IDIs, or between 261 (8 percent) and 478 (15 percent) of all 3,259 small IDIs. The FDIC believes these numbers are substantial.

As discussed in section IV of this document, Expected Effects, small IDIs affected by the proposed rule would also be required to establish and maintain written policies and procedures to achieve compliance with the proposed rule. These IDIs would also be required to, on an annual basis, test the recordkeeping system required by the proposed rule, independently validate certain records maintained by third parties, document these actions in a report, and include in its records a certification of compliance with the proposed rule.

(5) An identification, to the extent practicable, of all relevant Federal rules which may duplicate, overlap or conflict with the proposed rule.

The FDIC has not identified any likely duplication, overlap, and/or potential conflict with this proposed rule and any other Federal rule.

(6) A description of any significant alternatives to the proposed rule which accomplish the stated objectives of applicable statutes and which minimize any significant economic impact of the proposed rule on small entities.

The FDIC considered several alternatives to the proposed rule, including keeping the status quo, adding minimum transaction volume thresholds, and allowing fewer custodial deposit accounts to be exempted from the proposed requirements. As discussed in detail in the Alternatives section of this document, the FDIC believes that the requirements in the proposed rule would, with minimal economic impact, best accomplish the stated objective of strengthening IDIs' recordkeeping for custodial deposit accounts with transactional features and preserve beneficial owners' and depositors' entitlement to the protections afforded by Federal deposit insurance.

The FDIC invites comments on all aspects of the supporting information provided in this RFA section. The FDIC is particularly interested in comments on any significant effects on small entities that the agency has not identified.

Paperwork Reduction Act

Certain provisions of the proposed rule contain “collections of information” within the meaning of the Paperwork Reduction Act of 1995 (PRA). In accordance with the requirements of the PRA, the FDIC may not conduct or sponsor, and the respondent is not required to respond to, an information collection unless it displays a currently valid Office of Management and Budget (OMB) control number. The FDIC plans to request a new OMB control number associated with this rulemaking.

The proposed rule would establish new recordkeeping requirements at IDIs for “custodial deposit accounts with transactional features,” subject to a list of specific exemptions. IDIs holding deposits within the scope of the proposed rule would be required to maintain records identifying the beneficial owners of those deposits, the balance attributable to each beneficial owner, and the ownership category in which the deposited funds are held. The IDI could maintain those records itself or, if certain additional requirements are satisfied, the IDI could maintain the records through an arrangement with a third party (which could include a vendor, processor, software or service provider, or a similar entity). The proposed rule provides a specific electronic file format for records on beneficial owners and their interests in the deposited funds.

The proposed rule would provide that where IDIs choose to maintain the required records through a contractual relationship with a third party, additional requirements would need to be satisfied. In addition, reconciliation of these records would be required, as would periodic validation of the third party's records by a person independent of the third party.

The proposal would require specific actions by IDIs to achieve and maintain compliance with the rule. IDIs that hold custodial deposit accounts with transactional features would be required to establish and maintain written policies and procedures to achieve compliance with the rule's requirements. IDIs would further be required to complete a report annually that (1) describes any material changes to their information technology systems relevant to compliance with the rule; (2) lists the account holders that maintain custodial deposit accounts with transactional features, the total balance of those custodial deposit accounts, and the total number of beneficial owners; (3) sets forth the results of the institution's testing of its recordkeeping requirements; and (4) provides the results of the required independent validation of any records maintained by third parties. IDIs would be required to complete an annual certification of compliance, signed by the chief executive officer, chief operating officer, or the highest-ranking official of the IDI, stating that the IDI has implemented and tested the recordkeeping requirements.

Current Actions: The FDIC's proposal contains recordkeeping and reporting burden categorized as follows:

Information Collection.

Title: Recordkeeping for Custodial Deposit Accounts.

OMB Number: 3064-NEW.

Affected Public: Businesses or other for-profit, all IDIs.