US banking regulators' severe enforcement action issuance hits 7-year high

The number of severe enforcement actions issued to US banks in 2023 reached its highest level since 2016 as the banking industry faced heightened regulatory supervision.

US banking regulators executed 42 severe enforcement actions in 2023, compared with 29 actions in the previous year and 58 actions in 2016, according to S&P Global Market Intelligence data. Of the 2023 count, 20 actions were handed out in the fourth quarter alone, versus 12 actions in the prior quarter.

Regulators intensified their supervision of banks after the collapses of Silicon Valley Bank, Signature Bank and First Republic Bank, representing the third-, fourth- and second-largest bank failures in US history, respectively. In 2010, during the fallout from the housing market crash, regulators issued 767 severe enforcement actions.

S&P Global Market Intelligence defines severe enforcement actions as cease and desist orders, prompt corrective action directives, and formal agreements/consent orders handed to a bank or thrift by a federal regulator. This analysis does not include severe enforcement actions issued to holding companies or credit unions.

Regulatory websites may refer to certain cease and desist orders issued by federal regulators as consent agreements. However, cease and desist and consent orders are derived from the same section of law 12 U.S.C. 1818(b) and have the same structure, articulating both the areas of concern and the corrective actions. To maintain consistency with previous years, this analysis refers to these actions as cease and desist orders.

Q4 2023 actions

In the last quarter of 2023, the Federal Reserve issued two severe enforcement actions, the Federal Deposit Insurance Corp. issued 10, and the Office of the Comptroller of the Currency (OCC) issued eight.

The last severe enforcement action against a bank in 2023 was a consent order issued to First & Peoples Bank and Trust Co. by the FDIC due to the bank's alleged unsafe or unsound banking practices and violations of law or regulation, including those related to the Bank Secrecy Act (BSA).

The Russell, Ky.-based bank was required to, among other things, develop and implement a written plan to recover losses resulting from its relationship with a certain third-party loan program and reduce its risk position in the program.

Some of the other actions handed out by the FDIC were consent orders with Choice Financial Group and Royal Business Bank over alleged violations of the BSA.

Choice Financial Group's board was required to immediately improve its oversight of the bank's Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) program. Royal Business Bank was required to make certain enhancements and take certain actions concerning its AML/CFT compliance program and correct certain alleged violations of the BSA program.

– Access an Excel file containing every bank or thrift operating under a severe enforcement action issued since 2010. – Access severe enforcement action issuance data under the "Industries" tab at the top of the S&P Capital IQ Pro website.

New York-based Metropolitan Commercial Bank is the largest bank to face a severe enforcement action in the quarter.

The Fed assessed a civil money penalty of about $14.5 million against the Metropolitan Bank Holding Corp. subsidiary due to its alleged violation of the customer identification rules of the BSA. The bank opened prepaid card accounts through a third-party program manager without having adequate procedures for verifying each applicant's true identity, the Fed claimed.

The remaining severe enforcement actions handed out by the Fed involved Ohio-based Marblehead Bancorp and unit Marblehead Bank. The company, the bank, the Ohio Division of Financial Institutions and the Federal Reserve Bank of Cleveland entered into a written agreement, in which the Cleveland Fed found certain deficiencies at Marblehead Bank.

United Fidelity Bank FSB was the largest bank to which the OCC handed out a severe enforcement action.

Per a consent order, the Evansville, Ind.-based bank engaged in unsafe or unsound practices, including those tied to board and management oversight, strategic planning, capital planning, stress testing, policy development and approval, management and board reporting, contingency funding planning, model risk management, concentration risk management, credit review, credit analysis, risk assessment, allowance for credit losses methodology, data management, internal audit and internal controls.