FIRM Act Bans Regulators from Considering 'Reputational Risk' in Bank Oversight, Starting Immediately

The Financial Integrity and Regulation Management Act, or the FIRM Act, is a straight shot at changing how federal regulators—think the FDIC, the Fed, and the National Credit Union Administration—do their jobs. The bill’s core purpose is to completely eliminate "reputational risk" as a factor in bank supervision. This means when an agency examines, rates, or decides whether to take enforcement action against a bank or credit union, they cannot consider whether the institution’s actions might cause bad press, public backlash, or a loss of public confidence, even if that controversy could eventually hurt the bank financially (SEC. 4, SEC. 5).

The Scrutiny of Reputational Risk

Congress states that the primary job of banking regulators is to ensure the financial safety and soundness of institutions, not to police public opinion. The bill’s findings specifically call out past instances, like the 2018 "Operation Choke Point," where agencies allegedly used "reputational risk reviews" to pressure banks into cutting off services to certain legal, but controversial, industries or groups (SEC. 2). The FIRM Act argues that using reputational risk is an improper way for supervisors to act because it allows them to push political goals rather than focusing on the bank’s actual balance sheet health. To enforce this, the bill requires every federal banking agency to scrub all existing rules, guidance, and examination manuals of any reference to reputational risk within 180 days of the Act becoming law and report back to Congress on the changes (SEC. 4, SEC. 6).

What This Means for Your Money and Your Bank

For everyday people, this legislation cuts both ways. The clear benefit is that it protects legal businesses and law-abiding citizens from being denied essential banking services—like opening an account or getting a loan—simply because their industry or political views are unpopular or controversial. For example, if you run a legal but currently unpopular business, your bank can no longer be pressured by regulators to drop you because of a potential media storm. The bill aims to ensure that access to finance is based on financial merit, not political pressure (SEC. 2).

However, the removal of reputational risk also strips regulators of a crucial tool for holistic risk assessment. Reputation often acts as an early warning system. If a bank engages in highly questionable or unethical practices—say, aggressively predatory lending or questionable environmental investments—that generate massive public outrage, that outrage can quickly turn into lost customers, lawsuits, and a run on the bank. Under the FIRM Act, regulators must wait until these issues show up as a quantifiable financial risk on the balance sheet before they can intervene with supervisory action (SEC. 5). This means that banks could engage in controversial activities that erode public trust, and regulators would be prevented from stepping in until the problem is already causing a direct financial hit, potentially increasing the risk of systemic instability down the road.

The Implementation Challenge

This bill is clear and low on vagueness, which means implementation should be swift but significant. Federal banking agencies will have to undertake a massive effort to review and rewrite their entire supervisory playbook, focusing exclusively on financial metrics like capital adequacy and liquidity. The challenge lies in drawing a clear line: when does a "reputational" issue become a "financial" issue? For instance, a major data breach is both a reputational disaster and a massive financial liability. Regulators will have to navigate this new landscape, ensuring they don't overstep the ban on reputational factors while still fulfilling their primary mission of maintaining a safe and sound financial system.