Skip to main content

State Model Language for Examining Technology Service Providers

Read the Full Document [PDF]

MSL XX.010 TITLE – This Act may be cited as the [insert name of model law]

MSL XX.020 PURPOSE OF THIS ACT – The connections between banks and technology service providers create risks to the financial system, as banks are increasingly reliant on third parties to provide or enable key banking functions and everyday services. Because of the vital role technology service providers play in the safety and soundness of banks and the stability of the financial system, it is imperative for banking agencies to examine technology service providers. A significant disruption affecting a single technology service provider could have an adverse impact on a large number of banks; understanding the interconnectivity between banks and non-banks is crucial to avoiding such a situation. The purpose of this Act is to provide the requisite legal authority for banking agencies to examine technology service providers that provide services to banks.

MSL XX.030 DEFINITIONS - For purposes of this Act, the following definitions shall apply:

(A) Depository institution - The term ‘‘depository institution’’ has the same meaning as in section 3 of the Federal Deposit Insurance Act.

(B)Technology Service Provider – The term “technology service provider” means any person, company, corporation, or other legal entity that provides a service listed in MSL XX.040 to a depository institution.


(A)Whenever a depository institution, or any subsidiary or affiliate of such depository institution that is subject to examination by the Commissioner, causes to be performed for itself, by contract or otherwise, any of the services listed in subsection (B), 

     (1) Such performance shall be subject to regulation and examination by Commissioner to the same extent as if such services were being performed by the depository institution itself.

(B)  - Covered Services 

     (1) Data processing services;

     (2) activities that support financial services, including but not limited to, lending, funds transfer, fiduciary activities, trading activities, and deposit taking

     (3) internet related services, including but not limited to web services and electronic bill payments, mobile applications, system and software development and maintenance, and security monitoring; and

     (4) activities related to the business of banking.

MSL XX.050 ACCEPTANCE OF EXAMINATIONS FROM OTHER EXAMINERS - The Commissioner may, in his discretion, accept examinations authorized or required to be conducted by this title, which are made by bank regulatory agencies, in lieu of any examination authorized or required under the laws of this state.



(A) Examination reports of technology service providers obtained by the Commissioner or the Department are confidential.

[Comment: The intent of this language is to indicate a preference that TSP examinations receive the same treatment as examinations of depository institutions under state law.  Please modify as appropriate to conform to any applicable public records law requirements/terminology in your state.]

(B) Notwithstanding subsection (A), the Commissioner may furnish a copy of a report of any examination performed by the Commissioner of the condition and affairs of any technology service provider to the depository institutions serviced by the technology service provider.


(A) The Commissioner may enter into agreements with any depository institution supervisory agency that has concurrent jurisdiction over a Technology Service Provider to: (1) engage the services of the agency's examiners at a reasonable rate of compensation; or (2) provide the services of the Commissioner’s agency’s examiners to the agency at a reasonable rate of compensation. 

(B) The Commissioner may take enforcement actions against the Technology Service Provider pursuant to [State Citation] if the Commissioner considers the actions to be necessary or appropriate to carry out its responsibilities under this chapter or to ensure compliance with the laws of the State.

(C) The Commissioner may enter into joint examinations or joint enforcement actions with other bank supervisory agencies having concurrent jurisdiction over a Technology Service Provider.

Recent Posts

Read the full letter [PDF] The Honorable James Inhofe Chairman, Committee on Armed Services
Jul 1, 2020
May 4th, 2020 Office of the Comptroller of the Currency Chief Counsel’s Office 400 7th Street, SW, Suite 3E-218 Washington, DC 20219 Docket ID OCC-2019-0024 Re: Licensing Amendments.
May 4, 2020
State Regulators have cooperative agreements with one another, with federal agencies, and with other state representative agencies. You can find all of these agreements here.
May 1, 2020