OCC Reduces Regulatory Mandate Covering Citi’s Risk Management Systems

By  |  December 18, 2025
 | 
Citi building

The Office of the Comptroller of the Currency terminated a July 2024 amendment to an October 2020 consent order with Citi having to do with deficiencies in the bank’s risk management systems.

    Get the Full Story

    Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content — no additional logins required.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

    The OCC’s amendment mandated that Citi implement a quarterly process to ensure it was allocating sufficient resources to meet the milestones included in the 2020 consent order.

    The regulator said at the time that the bank had failed to make “sufficient and sustainable progress” toward compliance with the consent order.

    The OCC said in its Thursday (Dec. 18) order terminating the amendment that “the OCC believes that the safety and soundness of the bank and its compliance with laws and regulations does not require the continued existence of the amendment.”

    Citi said in a Thursday statement: “Our Transformation has been our number one priority, and we are dedicating the resources necessary to modernize our systems and strengthen our risk and control environment. Most of our programs are at or nearly at target state, and we are seeing the benefits of improved, standardized, automated and digitized controls.”

    The October 2020 consent order chastised Citi for failing in various areas of risk management and internal controls and ordered the bank to fix “significant ongoing deficiencies” in its risk management systems.

    Advertisement: Scroll to Continue

    The consent order said that Citi failed at data management, regulatory reporting and capital planning. The risk management systems included an expansive, complex network of procedures to track risky trades, problematic transactions and other things that could harm the bank.

    Citi said in an October 2020 statement that it was “disappointed that we have fallen short of our regulators’ expectations, and we are fully committed to thoroughly addressing the issues identified in the consent orders.”

    When the amendment to the consent order was added in July 2024, Citi was also fined $136 million by bank regulators for failing to make sufficient progress in addressing data management issues identified in 2020.

    Citi embarked on a major restructuring of its organization in September 2023, with Citi Chair and CEO Jane Fraser saying she was “determined that our bank will deliver to our full potential.”


    Recommended

    PayPal Insider on Unlocking Contactless Payment Ecosystem

    PayPal Extends Role of Stablecoin Into Funding AI Projects

    ADI, BlackRock, Mastercard

    Mastercard, BlackRock Join Middle East-Focused Blockchain Effort

    AI assistant

    Everyday Planning and Shopping Lead Consumer Shift to AI Assistants

    Instacart Settles FTC Lawsuit Alleging Deceptive Advertising and Subscription Enrollments

    See More In: , , , , , , , ,