Bank Reputation Management

Enforcement of the FDIC’s New Digital Sign Starts January 1, 2025. Are You Ready?

Home» Blog» Enforcement of the FDIC’s New Digital Sign Starts January 1, 2025. Are You Ready?

July 31, 2024, Tim Davis, MBA  

The FDIC finalized their rule changes to part 328 in December 2023. The new guidance notes required changes for FDIC-insured deposit institution (IDI) digital spaces where “where the customer may transact with deposits.” A few of our clients – and non-clients – have contacted us for insights on the rule change and for how to execute toward being in compliance. Herein, we will provide our primary takeaways and related suggested action items.

The New FDIC Official Digital Sign

The FDIC has required what it calls the official FDIC sign-in advertising for as long as this bank marketer can remember. You know them well: the gold Member FDIC plaques that sit at physical teller windows, the in-branch desk where transactions may take place, and the Member FDIC logo or wordmark that adorns bank ads and websites. The FDIC Official Digital Sign is new and required.

What does the FDIC Official Digital Sign look like?

The final rule requires in the FDIC official digital sign to be displayed with a wordmark size of 37.36 x 15.74px in navy blue (hexadecimal color code #003256), with “FDIC-Insured—Backed by the full faith and credit of the U.S. Government” in Source Sans Pro Web font (regular 400 italic), 12.8px, displayed in black (hexadecimal color code #000000) lettering. If the official FDIC digital sign in these colors would be illegible due to the color of the background, the final rule requires the “FDIC” and the one line of smaller type to the right of “FDIC” to both be displayed in white (hexadecimal color code #FFFFFF).

The last line of the above statement is important. It provides for much-needed flexibility in adding the digital sign in a way that accommodates website designs and other online platforms. Here are two examples where the first follows the preferred design and the second makes use of the caveat clause (as I’ll call it) to the preferred design:

Example #1: Preferred design

example of new FDIC logo rules.

 

Example #2: Also acceptable via the caveat language.

example of another FDIC compliant logo

 

Notice that in both examples, the digital signs are justified left so that they appear directly above the bank logo/name. This is not a coincidence. The final rule also states that the “display the FDIC official digital sign ‘clearly and conspicuously’ in a continuous manner, near the top of the relevant page or screen, and in close proximity to the IDI’s name.” Because of this we advise against centering or right-justifying the FDIC digital sign.

We have seen instances where a bank has placed a digital sign in the footer of a website. This positioning does not satisfy the language in the rule. The FDIC does have some rules about what cannot go in the footer (more on this later).

On which website pages should the official digital sign appear?

The rule now states that the sign should appear “where the customer may transact with deposits.” We advise taking a comprehensive approach by adding the sign to the top of every page of your website, account opening platforms, online banking platforms, and mobile apps. You should then append each page, as necessary, to call out products and services that are not FDIC-insured. Language for non-insured deposit products is covered in more detail below.

Where the FDIC digital sign should be placed:

  • Homepage of website – but let’s just say every page of your bank website, to be safe.
  • Homepage of online applications
  • Product pages, such as those promoting deposit accounts or related services
  • Login pages
  • Landing pages – which may include pages used exclusively for PPC ad campaigns.
  • In mobile apps where customers transact with deposits
  • In mobile apps or wherever customers deposit applications remotely
  • ATMs

As the FDIC explains:

The final rule requires an IDI to clearly, continuously, and conspicuously display the official digital sign on the IDI’s homepage, landing and login pages or screens, and transactional pages or screens involving insured deposits, to the extent applicable. The official digital sign prominently bears the name of the FDIC and states that insured deposits are backed by the full faith and credit of the U.S. Government.

Let’s consider login pages, online applications, and mobile apps for a moment. These locations are typically on platforms outside of your bank’s primary website domain, and managed by outside vendors. We suggest connecting with your platform vendors as soon as possible to begin the process of integrating the new logo requirements. There is no guarantee that they will update your platform without submitting an official request.

Non-Compliance By Material Omission

It is just as important to note when a product or service is not FDIC-insured. If your financial brand offers non-deposit products of services, you are required to provide proper on-screen notification that they are not FDIC-insured. Let’s look at applicable rule statement, 12 CFR § 328.5(g)(1):

Continuous Display of Non-deposit signage. If a digital deposit-taking channel offers both access to deposits at an insured depository institution and non-deposit products, the insured depository institution must clearly and conspicuously display signage indicating that the non-deposit products: are not insured by the FDIC; are not deposits; and may lose value. This signage must be displayed continuously on each page relating to non-deposit products. This non-deposit signage may not be displayed in close proximity to the digital sign required by paragraph (d) of this section.

There are two important parts of the above statement that need further exploration. First, the concept of “clearly and conspicuously display signage.” We’ve seen many bank websites take an easy approach and place the notice in the footer of a website. This approach may be a function of modern website CMSs. An example of that sign could look like this:

Insurance Products: Not FDIC Insured | Not a Deposit | May Lose Value

Unfortunately, we now see a possible issue with placing the above sign in the footer of a webpage promoting an insurance product. Recently, the FDIC published a Questions and Answers page related to the Part 328 Final Rule. The FDIC overtly states that “placing the non-deposit sign in a footer of an IDI’s webpage would generally not meet the clear, conspicuous, and continuous display requirement.” Yes, you read that correctly: placing a not-not-may sign in the footer of a page would most likely not meet the requirement. This suggests to us that the non-deposit sign – you may call it a disclosure – should likely be placed higher on the product page, safely out of confusing proximity to the Member FDIC wordmark. Stick a pin in this item for a future discussion with your compliance team. We will defer to our clients’ preferences and interpretation on this topic.

Products and services that are not FDIC-insured:

• Stock Investments
• Bond Investments
• Mutual Funds
• Crypto Assets
• Life Insurance Policies
• Annuities
• Municipal Securities
• Safe Deposit Boxes or their contents
• U.S. Treasury Bills, Bonds or Notes*
*These investments are backed by the full faith and credit of the U.S. government.

Additional Note Regarding Uninsured Investment Product Disclosures

The non-deposit sign example used in the Omission section above references non-deposit insurance products. In our research, we found additional useful instructions about non-deposit investment products. Disclosure or signage for this product type was not covered in explicit detail in the Part 328 Final Rule.

In 1997, the FDIC published the Uninsured Investment Products: A Pocket Guide for Financial Institutions. The guide references their 1994 issuance of an “Interagency Statement on Retail Sales of Nondeposit Investment Products.” The statement was developed by the FDIC, the Federal Reserve Board of Governors, the Comptroller of the Currency, and the Office of Thrift Supervision.
Referring to the guide, “What disclosures does the Interagency Statement require insured institutions to make to customers who are interested in purchasing nondeposit investment products?”, the answer reads similarly to the disclosure language in the Part 328 Final Rule, but with a greater emphasis on financial risk to consumers.

As the guide explains:

The Federal banking agencies decided that one of the best ways to eliminate customer confusion was to require that the following three disclosures be made: (1) nondeposit investment products are not insured by the FDIC; (2) nondeposit investment products are not obligations of, or guaranteed by, the financial institution; and (3) nondeposit investments will subject the purchaser to investment risk, including possible loss of the principal amount invested.

Here are two real-world examples of non-deposit disclosures for investment-related pages. The first example is by WSFS Bank, which operates in the Greater Philadelphia region and offers wealth management services through subsidiaries. The not-not-may language follows the Interagency Statement guidance nicely. We are conflicted about how low on the page they placed the disclosure. Also, the website does not display the FDIC Digital Sign, at least as of the date of this article. But they have time.

Wells Fargo also offers a nice example of non-deposit disclosures for wealth and investing services. We appreciate Well’s effort to make the disclosure highly visible by enlarging the notice and placing it in a box, which appears similar to the disclosure logo used in printed materials.

Notification When Users Leave Your Bank Website

The final item we will discuss here is the scenario of a logged-in website user who clicks a hyperlink on your website that takes them to another website that your bank does not control.

The final rule requires a one-time notification if a bank customer who has logged into their account at the IDI’s website (rather than all consumers, who were the focus on the proposed rule) can access an IDI’s deposit products offered by the IDI as well as a third party’s non-deposit products via a hyperlink (or similar weblinking feature) on an IDI’s digital deposit taking channel. In this situation, a customer clicks a hyperlink to, in effect, leave the IDI’s digital deposit taking channel and interact with a third party that may sell non-deposit products. The final rule requires IDIs to display the one-time notification after a customer clicks on such a hyperlink, but before the customer leaves the IDI’s digital deposit taking channel.

Most banks we work with provide a “speed bump” or interstitial popup that communicates that users are leaving their site. If your FI does this, then the adjustment should be straightforward. In the aforementioned case, you are now required to inform users that the site they are going to visit may sell non-deposit products and are, therefore, not FDIC insured. If your bank doesn’t already do this, it’s time to start, otherwise you risk missing this crucial FDIC requirement. Contact BankBound to discuss how we can help update your website.

Is Your Bank Website Enforcement-Ready?

BankBound works with small and mid-sized banks throughout the U.S. on all matters of digital marketing. Please contact us if you need help building and executing a plan to position your bank website for passing audits. BankBound can also serve as an independent audit vendor to review your website for potential areas of non-compliance to the FDIC’s sign and advertising requirements, especially as in matters related to Part 328 Final Rule.