OCC, FDIC Ban Reputation Risk in Bank Supervision

April 21, 2026

US Banking Regulators Finalize Rule Eliminating Use of Reputation Risk

Deric Behar, Betty Huber, Arthur Long, Pia Naib, Parag Patel Latham & Watkins LLP + Follow Contact LinkedIn Facebook X ;) Embed

The OCC and FDIC’s jointly codified rule prohibits regulators from using reputational risk as a basis for criticisms, adverse actions, or pressure on banks’ customer relationships.

Key Points

• The Final Rule prohibits the OCC and FDIC from taking any “adverse action” against a bank on the basis of reputation risk, defined as risks to public perception “not clearly and directly related to the financial or operational condition of the institution.”
• The Final Rule constrains only the two agencies, and includes an anti-evasion framework that prohibits supervisors from using traditional risk categories such as credit, operational, or compliance risk as a pretext to supervise for reputation risk.
• All existing safety and soundness, BSA/AML, OFAC, and consumer protection obligations on supervised financial institutions remain in force. On April 7, 2026, the Office of the Comptroller of the Currency (OCC) and the Federal Deposit Insurance Corporation (FDIC) (collectively, the agencies) issued a final rule to eliminate reputation risk as a factor in bank supervision, while focusing supervisory program efforts on data-driven and measurable risks such as credit and liquidity risks (the Final Rule). The Final Rule follows six months after the October 7, 2025, Proposal (see this Latham blog post), and is responsive to key directives in the August 7, 2025, executive order titled “Guaranteeing Fair Banking for All Americans” (the Order) (see this Latham blog post).

The Final Rule generally adopts the Proposal with two noteworthy modifications (described below), and takes effect June 9, 2026, which is 60 days after publication in the Federal Register.

The Final Rule also includes conforming amendments to remove references to reputation risk from various agency regulations and manuals.

The Reputation Risk Rule

The Final Rule formally eliminates reputation risk as a standalone supervisory risk category in order to refocus agency supervision on “concrete risks and objective criteria” related to institutional safety and soundness, compliance with laws and regulations, and fair access to financial services. Arguing that reputation risk “increases subjectivity in banking supervision without adding material value from a safety and soundness perspective,” the agencies found “no clear evidence that supervisory interference in banks’ activities or relationships in the interest of protecting the banks’ reputations has protected banks from losses or improved banks’ performance.”

The Final Rule also prohibits the agencies from criticizing or taking “adverse action” against an institution on the basis of reputation risk. The definition of adverse action is broad: It includes negative feedback, negative examination findings, rating downgrades under CAMELS or any other rating system, enforcement actions, denials of licensing applications, conditions on approvals, adjustments of the institution’s capital requirement, and a catch-all covering “any action that negatively impacts the institution, or an institution-affiliated party, or treats the institution differently than similarly situated peers.”

The Final Rule bars the agencies from requiring, instructing, or encouraging institutions to close accounts or terminate business relationships based on a customer’s “political, social, cultural, or religious views or beliefs, constitutionally protected speech, or solely on the basis of the person’s or entity’s involvement in politically disfavored but lawful business activities perceived to present reputation risk.” However, the agencies make it clear that these prohibitions do not affect requirements intended to prohibit or reject transactions or accounts associated with Office of Foreign Assets Control-sanctioned persons, entities, or jurisdictions.

Third Party Contract and Business Relationship Prohibitions

Similarly, the Final Rule bars the agencies from requiring, instructing, or encouraging institutions to refrain from contracting with, terminating or modifying contracts with, or initiating business relationships with third parties (including institution-affiliated parties) on the basis of reputation risk. These prohibitions are critical to banks’ relationships with fintechs, vendors, and other service providers that may have been subject to informal supervisory pressure under the prior framework. The Final Rule defines “doing business with” broadly to encompass any product, service, contract, charitable activity, or employment relationship.

Two Key Modifications from the Proposal

The agencies made two targeted changes from the October 2025 Proposal:

• Updated Definition of Reputation Risk: The Proposal defined reputation risk as “any risk, regardless of how the risk is labeled by the institution or regulators, that an action or activity, or combination of actions or activities, or lack of actions or activities, of an institution could negatively impact public perception of the institution for reasons not clearly and directly related to the financial condition of the institution.” The Final Rule adds “or operational” to the final clause (“for reasons not clearly and directly related to the financial or operational condition of the institution”). This change responds to commenters who argued that operational risks, including cyberattacks and natural disasters, can directly affect public confidence in an institution and, by extension, its financial solvency. By carving out operational risks alongside financial risks, the agencies have preserved their authority to supervise for genuine operational resilience concerns while still eliminating the subjective concept of reputation risk.
• Broadened Personnel Coverage: The Proposal’s prohibition on punitive supervisory actions covered actions that “the supervisor disagrees with or disfavors.” The Final Rule replaces “supervisor” with “the [agency] or any of its personnel.” As the agencies explained, the original wording risked being read too narrowly to cover only the views of supervisory staff. The revised language is intended to clarify that bias is not an acceptable basis for action at any level of the agencies, whether from the head of the agency or from an individual examiner.

The Anti-Evasion Framework

The Final Rule does not prevent the agencies from addressing traditional risk categories, including credit, market, operational, and compliance risk. But like the Proposal, the Final Rule prohibits supervisors from using those categories as “a pretext designed to covertly continue supervision for reputation risk.” The agencies addressed this directly in the context of Bank Secrecy Act (BSA) and anti-money laundering (AML) supervision, acknowledging that, due to the broad nature of BSA/AML supervision, there may be a risk that related supervisory actions could indirectly implicate reputation risk.

Similarly, the agencies may continue to consider statutory factors required for certain applications, but supervisors may not use these provisions as a pretext for addressing reputation risk when making determinations regarding such applications.

The Federal Reserve Board’s Parallel Proposal

On February 23, 2026, the Federal Reserve Board (FRB) issued its own proposed rule to codify the elimination of reputation risk from its supervisory framework (see this Latham blog post). At the time, FRB Vice Chair for Supervision Michelle Bowman referenced “troubling cases of debanking” and characterized supervisory pressure based on reputation risk as “unlawful and [without] a role in the Federal Reserve’s supervisory framework.” The FRB’s proposal generally mirrors the OCC and FDIC approach, though it has not yet been finalized. Once it is, all three major federal banking regulators will have formally aligned on the removal of reputation risk from supervision.

Conclusion

In accompanying statements, the agency heads reiterated their support for the elimination of reputation risk as a supervisory factor. FDIC Chairman Travis Hill stated that supervisory focus on reputation risk outside of traditional risk channels (such as credit risk or market risk) “adds little value to promoting safety and soundness” and may be conducive to the debanking of law-abiding customers.

Comptroller Jonathan V. Gould issued a similar statement, emphasizing that “Reputation risk is not a sound basis for supervision,” and may have been used as a pretext for decisions unrelated to safety and soundness, financial risk, and BSA/AML compliance.

The Final Rule converts what began as a Trump administration policy directive into binding agency regulation. Banks that avoided relationships with lawful but reputationally sensitive industries now operate under a framework in which the agencies have formally committed not to criticize or penalize those relationships. General supervisory standards still apply, however, including BSA/AML, OFAC, consumer protection, and core safety and soundness obligations.

;) ;) Report

Related Posts

• FRB Proposes to Eliminate Reputation Risk from Banking Supervision
• US Banking Regulators Propose to Refocus Supervision on Material Risks and Eliminate Use of Reputation Risk
• President Trump Issues Executive Order on Fair Banking

Latest Posts

• US Banking Regulators Finalize Rule Eliminating Use of Reputation Risk
• SEC Staff Issues Statement on Broker-Dealer Registration for Cryptoasset Securities Interfaces See more »

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.
Attorney Advertising.

©
Latham & Watkins LLP

Written by:

Latham & Watkins LLP Contact + Follow Deric Behar + Follow Betty Huber + Follow Arthur Long + Follow Pia Naib + Follow Parag Patel + Follow more less

PUBLISH YOUR CONTENT ON JD SUPRA

• ✔ Increased readership
• ✔ Actionable analytics
• ✔ Ongoing writing guidance Join more than 70,000 authors publishing their insights on JD Supra

Start Publishing »

Published In:

Bank Secrecy Act + Follow Banking Regulators + Follow Banking Sector + Follow BSA/AML + Follow FDIC + Follow Federal Reserve + Follow Final Rules + Follow Financial Institutions + Follow OCC + Follow Office of Foreign Assets Control (OFAC) + Follow Regulatory Oversight + Follow Regulatory Reform + Follow Reputation Management + Follow Risk Management + Follow Finance & Banking + Follow more less

Latham & Watkins LLP on:

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra: Sign Up Log in ** By using the service, you signify your acceptance of JD Supra's Privacy Policy.* - hide - hide