-

Kiah Haslett

May 5th, 2026

{cta_url_read_in_browser = community_base_url + "/library/" + article_id + "?utm_source=newsletter&utm_medium=email&utm_campaign=" + edition_slug + "&utm_content=read_in_browser"}{cta_url_read_in_app = community_base_url + "/library/" + article_id + "?utm_source=newsletter&utm_medium=email&utm_campaign=" + edition_slug + "&utm_content=read_in_app"}{cta_url_join_conversation = community_base_url + "/library/" + article_id + "?utm_source=newsletter&utm_medium=email&utm_campaign=" + edition_slug + "&utm_content=join_conversation" + "#comments"} {if profile.vars.member_status == "lead" || profile.vars.member_status == "unfit"} Read in browser {else}{if profile.vars.member_status == "fit"} Read in Fintech Takes {else}{if profile.vars.member_status == "member"} Join the convo {else} Read in browser {/if}{/if}{/if}

Hello! Kiah here. Welcome to Fintech Takes Banking, my weekly newsletter where I highlight things I think are interesting or important for bankers and the surrounding environs.

It was wonderful to meet and chat with so many readers of this newsletter in New York last week. I had a wonderful time and want to offer special thanks to Team8, Fin Capital, Caliber Corporate Advisors and F-Prime for hosting the Fintech Takes crew for two excellent events.

Was this email forwarded to you?

Subscribe Here

Jury’s Out on Enforcement Actions, Terminations

Last summer, I had jury duty.

The charges in the case involved assault with a deadly weapon and false imprisonment. The prosecution had a member of law enforcement who responded to the call that night testify to the scene and some evidence collected at the scene: bullet shells.

The law enforcement office testified that they had firearms experience and frequent training. They testified that the bullets were fired and that police collected them from the defendant's vehicle. These shells were in a sealed evidence bag and were part of the state’s argument that the defendant was guilty.

During the trial, these evidence bags are sealed, with documentation about their possession and handling. But during deliberations, the jury can inspect the evidence. One juror decided to open this bag of bullets and declared something that stunned us: these bullets hadn’t been fired.

We weren't allowed to use our phones, so he had to explain that fired bullets should have an indentation from the firing pin on their flat end. These didn't. Other jurors confirmed that they didn’t think the bullets had been fired. Then we looked at the label on the evidence bag, which read (formatting consistent with label):

2 UN

USED BULLETS

Two unused bullets.

I was the foreperson, so the jurors asked me to write a note to the judge. The prosecution told us the bullets were fired, but they’re unused. Can they explain this? How are we supposed to reconcile this difference?

The judge wrote: No. You have to decide with the information that you have.

We ended up with a hung jury. The incongruency between the testimony and evidence introduced insurmountable doubt for too many of my fellow jurors. When I told a friend about my experience with jury duty and this surprising turn of events, they asked, “Well, what really happened that night? Who was right?”

I could only say, “I don’t know who was right. But the prosecution’s story didn’t make sense if the bullets weren’t fired.”

I’ve been thinking about that nebulous ambiguity recently as it relates to enforcement action data. There is a set of facts, sourced to a February analysis from S&P Global Market Intelligence, that I see as being open to interpretation.

In 2025, federal bank regulators awarded 23 severe enforcement actions, down from 73 the year prior and the lowest figure since 2013.
Terminations of severe enforcement actions hit 62 last year, the highest figure since 2019.

source

There are at least two ways to interpret this year-over-year shift that I want to explore. The first is the argument that today’s agency heads are making: They are recalibrating and refocusing supervision following overzealous expansion in the past. The second is the argument their critics make: These actions are dismantling the supervision framework and incurring needless risk. Today, we will explore the first argument.

Your Honor, We Needed a Course Correct

The failure of Silicon Valley Bank in 2023 looms large in the “right-size supervision” framing. During the administration of President Joe Biden, the banking industry’s interest rate risk changed dramatically as interest rates plummeted and then skyrocketed. But regulators at the time appeared to focus on political priorities that their critics said had little to do with material financial risks — and didn’t appear to put much focus on interest rate risk until a deposit run sparked by a balance sheet restructuring took down SVB.

“The failure of the supervisory leadership to focus supervisory staff on interest rate risk beginning in 2022 was a generational failure,” said Margaret “Meg” Tahyar, a financial institutions partner at Davis Polk.

In her experience, agency heads could miss major risks like fatal interest rate risk if they instructed supervision staff to focus on many small risks or on processes, leading to an approach centered on checklists and documentation. Rather than focus on efficacy, some examiners wanted to see certain clauses in policies or whether minutes were kept of management committee meetings.

It’s not just bank attorneys that share this view. Raj Date, who served as the first deputy director of the Consumer Financial Protection Bureau, argued that banks were not over-regulated, but “they are — quite dramatically — over-supervised” in an Open Banker op-ed.

“This lack of focus is compounded by a monomaniacal obsession on process as opposed to substance,” wrote Date, who is now the managing partner of Fenway Summer.

Silicon Valley Bank’s failure was recent and salient. But in October 2025, Comptroller Jonathan Gould at the Office of the Comptroller of the Currency indicated he felt that this approach had older, deeper roots in banking. He described the regulatory response to banks post-2008 as “wildly inappropriate” “broad-brush vilification” that “led to bad supervision and regulatory policy over the following 17 years.”

“So one of the most important things that I can do is reset that risk tolerance and take a much more thoughtful approach, rather than a merely reactionary approach, to regulation and supervision,” he said.

Acting on Enforcement (Actions)

In response to this and other actions and approaches of their predecessors, agency heads got to work last year in reorienting, recalibrating and refocusing their examination forces. In October 2025, the Federal Deposit Insurance Corp.’s board voted unanimously on proposals that would establish a definition for "unsafe and unsound practices" to codify risks that would result in matters requiring attention (MRA) communications or the more formal enforcement actions. The proposal “would focus examiners' attention on supervisory issues that are material to a bank's safety and soundness,” said Travis Hill, then-acting chairman of the FDIC during the meeting, but still allow supervisors to “proactively identify, and require remediation of, material issues.”

“Today, too often, examiners focus on a litany of process-related items that are unrelated to a bank's current or future financial condition,” Hill said.

In May, the Federal Reserve released a revised statement of supervisory operating principles that expounded on “the significant shift in direction” that Vice Chair of Supervision Michelle Bowman expected the supervision and regulation division to take. The memo was an update of the one issued in August 2025 and made public in November that year.

“The goal of these changes is to strengthen supervision by focusing it on identifying and taking timely proportionate action as early as possible to eliminate the most important risks threatening the safety and soundness of banking organizations,” the new memo read. Later, it added: “[Examiners] should not become distracted from this priority by devoting excessive attention to processes, procedures, and documentation that do not pose a material risk to a firm’s safety and soundness.”

It added that nonpublic supervisory communications, including MRAs or MRIAs — or immediate attention — should be communicated in plain language and describe deficiencies with sufficient specificity so that a typical bank employee would “readily know” what the deficient and non-deficient state is.

The “rapid reshaping” of enforcement action activity from the federal regulators to the state and private investors surprised Elaine Duffus, senior specialized consultant with the financial services compliance program management solutions team at Wolters Kluwer. It wasn’t unexpected, of course, but it wasn’t “a slow tapering of federal influence.”

“Federal enforcement is no longer that primary early warning system. Banks and fintechs need their own intelligence about where risk might be surfacing in their shop,” she said, later adding: “It's more about the quality of their decisions and the reality of the real financial risks over that process or documentation or other non-financial risks.”

The Terminators

Consent order data is messier than you might expect, and three federal banking agencies means three different data sets. I tried to get a sense of the change by looking at individual issuances and releases for one agency, the FDIC. I applied a torturous amount of filters to identify enforcement actions that were issued and subsequently terminated between 2020 and 2025. With the assistance of Claude, I calculated the duration between the order’s issuance and its termination. Here are some facts from this data set, which totaled 50 banks:

Twenty banks were released from enforcement actions in 2025.
The average period under a consent order was 750 days, or a little over two years.
Thirteen banks were under enforcement actions for 1,000 days or longer; four banks were released from their 2020 orders in 2025.

Of the 50 banks in this data set, 13 were under their enforcement action for less than 365 days.
Seven banks that were released from their enforcement actions in 2025 went under their action in 2024.

One factor at play when it comes to terminations is the types of deficiencies examiners identified. Meg said the risk and governance enforcement orders could be broad-reaching and tended to carry longer compliance periods. They might take some time to fix, and then some more time to prove they’re working and sustainable, and then they would need to be validated by regulators during an exam cycle. An acute material order might be more concretely addressed, with a quicker validation, which she said means the enforcement period is shorter.

But in researching this piece, one did not have to look too hard for evidence that may explain why terminations doubled in 2025. Agency heads have also shifted instruction and priorities when it comes to validating a bank’s progress. In September 2025, the FDIC modified its enforcement policy to allow examiners to terminate enforcement orders “when an institution has achieved ‘substantial compliance.’”

The Federal Reserve memo said that in cases where the underlying deficiency has been fully remediated, examiners should rely on an institution’s internal audit function to validate the identified deficiency if the audit function is rated satisfactory. They should also not delay the termination to test whether remediation is sustainable, and should not perform duplication validations of an entity’s remediation unless the audit function is rated unsatisfactory.

“Swings, Not Stability”

Federal banking agency heads have argued for the past year that the approach to supervision needs to be refocused. It’s no surprise that the change in approach has led to certain downstream effects, which could include fewer new enforcement actions and more terminations.

If they haven’t already, financial institutions should shift their focus to demonstrating responsible design of their products and services, and how they exercise oversight, Elaine said. It’s less about being technically compliant and, instead, using cross-functional groups to identify and address risk, especially as it relates to adding new products or services that carry different risk profiles.

“I would design for the swings, not for stability,” Elaine said. “Stability is out the window now.”

Banks may feel less stable, torn between the shifts in their federal banking regulator and the reactive response from states. But are these changes serving to dismantle essential supervision frameworks and incur needless risk? That’s the other side of the argument, and one we’ll explore next week.

PAY ATTENTION

The banks that are winning on treasury management are delivering products and capabilities to their commercial customers that their competitors can't.

I'm hosting a live conversation on May 20 about what they’re building, how they’re doing it and what that means for everyone else.

Don’t get left behind!

FROM THE VAULT

What’s on my mind and filling my time:

🐟 It’s tinned fish girl summer: and two recipes I have come across that I have made multiple times are kimchi tuna melt and a salmon rice bowl. I’ve already commenced research on different brands, but let me know if there’s one you love! (I will say, I am a little suspicious of sardines, but maybe we’ll get there this year.)

😱 Still screaming: from seeing Florence and the Machine this weekend in Nashville as part of the “Everybody Scream” tour. Recommend spending a week listening to her discography and catching her if she’s coming anywhere near you!

🎙️ On Bank Nerd Corner: Cornell Law Professor Dan Awrey and Jason Mikula join me to discuss Dan’s latest paper, “Banking, Technology, and Instability,” and what regulators get wrong about banking as a service.

🛫 Catch me at: the Open Banker Salon on June 5 in Washington. Apparently, if you write a three-part newsletter on DIDMCA, you will be asked to referee a DIDMCA debate.

Thanks for reading! Let me know your thoughts.

– Kiah