Carlin McCrory, Melissa Sneed, and James Stevens explore Merchant Acquirer Limited Purpose Bank (MALPB) charters.
In this episode of Payments Pros, Carlin McCrory welcomes Melissa Sneed from the Georgia Department of Banking and Finance and James Stevens, co-leader of Troutman Pepper Locke's Financial Services Industry Group, to explore Merchant Acquirer Limited Purpose Bank (MALPB) charters.
Melissa, the deputy commissioner for supervision, outlines the application process for obtaining a MALPB charter, emphasizing the importance of a comprehensive review of financials, management, IT systems, and compliance. She explains the timeline for the process, noting a six-month review period followed by a 90-day decision window after accepting the application, with conditional approvals extending through a three-year de novo period. James also provides insights from the applicant's perspective, stressing the need for thorough preparation and collaboration with legal and consulting experts before engaging with the Department of Banking and Finance.
The episode also covers ongoing examination and oversight, highlighting the role of card networks and the unique regulatory requirements involved. The group's discussion emphasizes the collaborative effort required among applicants, card networks, and regulatory bodies to ensure successful charter implementation.
Payments Pros – The Payments Law Podcast— Understanding MALPB Charters: A Collaborative Approach to Banking Innovation
Host: Carlin McCrory
Guests: Melissa Sneed and James Stevens
Aired: June 4, 2025
Carlin McCrory:
Welcome to another episode of Payments Pros, a Troutman Pepper Locke Podcast, focusing on the highly regulated and ever-evolving payment processing industry. This podcast features insights from members of our FinTech and payments practice, as well as guest commentary from business leaders and regulatory experts in the payments industry. I'm Carlin McCrory, one of the hosts of the podcast.
Before we jump into today's episode, let me remind you to visit and subscribe to our blog, TroutmanFinancialServices.com. And don't forget to check out our other podcasts on troutman.com/podcasts. We have episodes that focus on trends that drive enforcement activity, digital assets, consumer financial services, and more. Make sure to subscribe to hear the latest episodes.
Today, I'm joined Melissa Sneed from the Georgia Department of Banking and James Stevens, co-leader of the firm's Financial Services Industry Group to discuss Merchant Acquirer Limited Purpose Bank charters or MALPB, as we like to call them around here. Melissa, the Deputy Commissioner for Supervision at the Georgia Department of Banking and Finance has held the role since 2016 and has been with the department for over two decades. In her role, Melissa oversees all Georgia State chartered financial institutions, including banks, credit unions, holding companies, and non-depository trust companies. James and Melissa, thanks so much for joining me today.
Melissa Sneed:
Thank you.
Carlin McCrory:
Okay, Melissa, I'll start it off with you. Can you describe the application process to obtain the MALPB charter?
Melissa Sneed:
Yes, thank you so much. I think everyone has a different view on how to say the name. So, it's a mouthful. In our department, we call it the MALPB. So, that's what I'll go with for our use of the term. But when you step back and you think about what the department does, we are very familiar with the de novo bank charters. So, our MALPB charting process is really based off that foundation. Our full application and the procedures and guidelines for applying are on our website. So, they can be pulled at any time by anybody. The application itself is very expansive. It does cover all facets of financials, merchant processing, BSA, IT, management, audit, compliance, the whole gamut of areas that we want to review.
We have to find favorable on the following factors when we are looking at an application. We have to find favorable on financial structure and business plan, capital structure and safeguards, management. Management is very inclusive to also include compliant structures like BSA audit. Also, from a regulatory standpoint, there's three officers that have to be identified in roles that have to be met. They are the role of chief executive officer, chief risk officer, and chief information officer. The only caveat with those is that, our CEO cannot be the chief risk officer.
We also have to find favorable on information technology systems and data security on affiliates and organizers. So, when we look at the entity, we look up and down, and side to side for a holding company, for affiliates. Anything that would touch this entity, we look into all of that. Then, the final one is the number of Georgia employees because that's baked into the law.
Just to kind of walk through the timeline for that, for the two applications that we've accepted, we took about six months in the review period to get to a place to accept those applications. In that six-month period, we are sending back and having considerable questions, conversations, collaboration with the applicant to truly understand their business model, their policies and oversight, their management holding company board structures, their capitalization plans, and their compliance with laws and rules that go along with this entity.
By rule, once we've accepted it, we have 90 days to make a decision on that application. Now, we can extend that 90 days if we do need further information. There's no automatic approval or denial at the end of that 90-day period, but we do try very hard to meet those 90 days. After that 90 day, if we do decide to grant approval for those applicants, it would be a conditional approval. So, we would issue a lot of things that they would have to meet in order to be able to begin operations. Then, some of those conditions would also extend through the life of the three -year de novo period.
Those three years are going to have conditions on those such as minimum capital levels, pre-approval for any changes on shareholders, directors of those entities, and that MALPB would have to operate within the parameters of the business model that was proposed and approved for the first three years of operations and have any prior approval for significant change in plans. It's very much like we do in a de novo bank scenario.
Carlin McCrory:
Thanks, Melissa. James, do you want to describe the application process from the applicant standpoint as well?
James Stevens:
I am happy to do that. Before I do that though, let me say that there's another, yet a third pronunciation that's in the market and MALPB. So, we've got the MALPB, which is the DBF, very long-winded way of referring to this. There's the MALPB, which has two consonants for some reason. Then, there's our preferred approach, which I'm going to use, which is the silent B, MALP, with the silent B. So, I'm just going to call it a MALPB as well.
Yes, the big thing that I would say is that, the thing that we recommend to people that we are talking to about these charters is really to spend a lot of time on the front end before we even get to the stage of sending a package to Melissa and her staff at the DBF. When you create a bank, a state bank like this, even if you are in the payments business, which everybody that is applying for these charters is already very substantial payments companies, they have not created. Necessarily may have, but they probably have not created, and certainly not at this new bank, proposed bank level, all of the policies and procedures that need to be had under the statute, the regulation, and the guidelines here in Georgia.
Preparing those policies and procedures, thinking through the organizational structure, the personnel, any kind of inner company relationships that are going to be in place between the new bank charter and the rest of the existing payments companies' organization. All of that stuff, in our opinion, should be done way before we get in front of the DBF. I think what we've seen with the DBF so far is they are going to stick to that 90-day time limit that Melissa described. The way that they do that is they are going to take a long period of time to accept the application so that they can meet that objective.
What we've seen, I think, anecdotally from the sidelines is, we've seen people trying to do some of that work on policies, and procedures, and personnel, and org charts during that process where they have an application on file with the DBF. I think that, my suggestion would be, to do more of that before you get on file, so that you can shrink the period of time between sending that package to the DBF, and it being accepted, and then ultimately approved. So, that would be one thing that we stress.
A lot of that is consulting work. Maybe not consulting work is the right way to describe it, but it's not legal. We may have a role from a legal standpoint and helping think through issues, but drafting capital policies, and liquidity policies, and risk policies, and thinking about staffing, and how you're going to utilize expertise throughout an existing organization to provide support. You know, a lot of that is work that has to be done inside the business or by getting the expertise of outside consultants.
So, we think that that's a critical part of this as well, is to not only engage your lawyer, engage Troutman or whoever might be your lawyer to work on the project, but also, to get really good help as needed on the consulting front, so you can spend months working on a project before you get in front of the DBF with an application. Once you get that application on file, my experience having formed a number of banks with the DBF is they absolutely are going to hit the deadlines that they have, and they're going to work with the applicant back and forth, lots of communication. So, there's going to be a lot of discussion.
It needs to be a priority for our clients that are applying. This can't be something that somebody's doing as a side gig to their normal job. We need somebody that's really focused and responsive to the regulator, because that's the expectation. That's how we can keep the project on file. But yes, I think that at the end of the day, we've only seen one go all the way through. So, I think that the process is still getting developed, both by the department, as well as the people like us that are seeking to have charters. So, there's going to continue to be a process that evolves and every project is going to continue to be a little unique forever, but also, those processes get refined and defined. I think that that would be the biggest thing that we would stress, is to really make a substantial investment in time and planning before you get in front of Melissa and her staff.
Carlin McCrory:
Thanks, James. Melissa, I'll kind of kick it back over to you for this one. Can you describe the ongoing examination oversight of the MALPB?
Melissa Sneed:
Sure, sure. I'll start by really agreeing with James that, this is new, and we're learning, and developing, and streamlining, and refining as we go along as well. So, it is definitely a two-way street, and that engagement with both parties is so important. It's been a really effective process so far. So, I take it from application, acceptance, and approval, and everything conditionally gets addressed. Then, we give the permit to begin business. So, that would take us into the process of ongoing examination and oversight. So, how this entity lives once it's up on its legs and operational.
So, from a regulatory standpoint, we have developed a program that is going to combine on-site monitoring and off-site monitoring. Again, it goes back to our foundational approach in being primarily bank regulators, credit union regulators as well, but we kind of put that hat on as we developed our examination program. So, to talk about those two areas specifically, our offsite monitoring work is going to include an ongoing review.
What we're really going to be looking at is quarterly call report submissions. Just a quick comment on that. Per our rules, there is a quarterly call report. We have customized and developed that for this specific charter. Those reports have to come to the department, be filed on a quarterly basis. In addition, the rules also call for an annual attestation report. We've developed that customized annual report as well. So, that gets reported in from the entity.
Then, as part of those ongoing requirements, at least for the first three years of operations, we'll will also look at those monthly board reports and packages, and be watching those offsite. Then, the other part of ongoing supervision is our on-site approach. Really, for our on-site examination modeling, we have taken a page out of our large bank program oversight. So, what we'll have is a dedicated central point of contact for each of these MALPBs, especially the larger ones. We will develop annually a risk-focused examination program.
So, on a quarterly basis per the program that we've spilled out at the end of one year to begin the beginning of next, quarterly, we will do targeted reviews. Those could be anything from a BSA target, an IT target, an onboarding, financial analysis, complaints, as we see targeted risks throughout the entities. So, quarterly, we will be on site doing a targeted review of a defined area. Then we will put together a letter, each of those targeted reviews, so, ongoing communication really being key. At the end of each year, we will do a roll-up annual report. So, we'll take everything that we looked at from the whole year, and also look each year at financials and other areas, so that we can assign ratings.
Just a comment on ratings is that, we have also developed a customized rating system for the MALPB. So, we really leaned into this thinking about rating systems that already exist in CAMELS, MOECA, ROCA, RFI ratings. We've customized it for the areas that should cover the MALPB, which would cover areas like financial condition, management in the board, affiliates, subsidiaries, holding companies, compliance, and then, of course, operations, internal controls, protection of merchant funds, audits. So, it covers those areas. We would issue those component ratings as well as a composite. That really models off the existing rating system of one to five. We also will assign a BSA rating in an IT rating, just like we would do in our banking world.
A note on here too that, FinCEN did confirm that this charter qualifies under their definition of a bank. So, all BSA-related regulations fall to these entities, just as they would to an FDIC-insured bank. So, that's how we would look at the on-site portion of ongoing monitoring for these institutions.
Carlin McCrory:
Well, thanks, Melissa, for that. James, Melissa, any other thoughts on the charter?
James Stevens:
I'll just add another piece that we have been spending some time on lately, and it's just another thing for applicants to get in front of and think about. Obviously, interacting with the card networks is critical. If you don't have that interaction going, and you're not getting good signs, there may not be a purpose of going forward with this charter. But I'll just highlight that, with this charter type, the regulators, they do have some unique requirements. One of which is that the bank is supposed to establish a special purpose entity that's a subsidiary of the bank to hold merchant funds and deliver to the card networks a non-consolidation opinion from legal counsel that gives comfort to the network that in the event that the bank were to go and solve it, that those merchant funds would be made available to the merchant.
It's a unique charter. There are some unique rules and some guidelines that the card networks have put out. So, I would say that in that planning phase that I described earlier, it's really important that you learn about what's required from the card networks, and get in front of that, and make sure that there's not any impediments to your ability to operate not only in compliance with the law and the regulations applicable to the MALPB under Georgia law, but also, those critical card network rules.
Melissa Sneed:
I think that's an excellent point, and we have really been working closely with the card networks now for several years as the initial entities started to express interest. We agree 100%, the only way that this whole charter works is to have the card networks on board with the department. We've worked, we have sharing agreements both between us and the card network, and then, tri-party sharing agreement with the entities that are applying in the card network, so that we can all be engaged and as lockstep as we possibly can. But it is critical that the card networks buy into the applicant's desire to be in the space, or the charter will not be able to be used to actually process if the processors on the backend aren't open and willing to also make some conditional approvals for this charter as well. So, it is very much three parties coming together, the applicant themselves, the card networks, and the department together to make this a successful project.
Carlin McCrory:
Well, Melissa, I think that's a really nice way to round this out. Thank you, and James, for joining me today. Thanks to our audience for listening to days episode. Don't forget to visit our blog, TroutmanFinancialServices.com, and subscribe so you can get the latest updates. Please make sure to also subscribe to this podcast via Apple Podcast, Google Play, or Stitcher, or whatever platform you use. We look forward to next time.
Copyright, Troutman Pepper Locke LLP. These recorded materials are designed for educational purposes only. This podcast is not legal advice and does not create an attorney-client relationship. The views and opinions expressed in this podcast are solely those of the individual participants. Troutman does not make any representations or warranties, express or implied, regarding the contents of this podcast. Information on previous case results does not guarantee a similar future result. Users of this podcast may save and use the podcast only for personal or other non-commercial, educational purposes. No other use, including, without limitation, reproduction, retransmission or editing of this podcast may be made without the prior written permission of Troutman Pepper Locke. If you have any questions, please contact us at troutman.com.