Table of Contents >> Show >> Hide
- The headline, translated: What “termination” actually means
- Consent orders 101: Why the OCC uses them
- What typically triggers a consent order
- So how does a consent order get terminated?
- What changes after termination (and what doesn’t)
- Case-style examples: What “termination” looks like in the wild
- Why this matters to customers (yes, even if you don’t read enforcement orders for fun)
- What it says about regulators and the banking moment we’re in
- Practical takeaways for bank leaders (and compliance teams who deserve snacks)
- FAQ
- Conclusion: The win is realbut it’s also a responsibility
- Field Notes: of “Experience” From the Consent-Order Reality
If you’ve ever read a headline like “OCC Terminates Consent Order Against National Bank” and thought,
“Cool, but… is that good? bad? does it affect my checking account?”you’re in the right place.
A consent order is basically a regulator’s version of a very serious “we need to talk,” and termination is the part
where the bank can finally exhale and stop living in spreadsheet purgatory.
[1]
In late 2025, the Office of the Comptroller of the Currency (OCC) publicly documented multiple enforcement-action
terminations, including termination orders styled as “ORDER TERMINATING THE CONSENT ORDER.” In plain English:
the OCC decided continued existence of a particular order was no longer necessary for that bank’s safety and soundness
and compliance posture.
[2]
The headline, translated: What “termination” actually means
“Termination” doesn’t mean the bank is being shut down, sold, or banished to a remote island where only bankers and
compliance officers roam. It means the OCC has ended a specific enforcement action (the consent order) because the bank
has either:
- Demonstrated compliance with the order’s requirements, or
- Reached a point where parts of the order are outdated or irrelevant to its current circumstances, or
- Seen those requirements folded into a newer supervisory action.
The OCC describes this termination logic in its monthly enforcement action releases, which routinely include this
“why terminations happen” language.
[3]
Practically, termination removes the legal obligation to keep checking off the consent order’s articlesthose specific,
written demands that can include staffing fixes, audits, governance changes, risk program upgrades, capital planning,
and more. And yes, it also removes a reputational weight that can make a bank feel like it’s wearing a bright orange vest
that says “Under Extra SupervisionAsk Me About My Remediation Plan.”
[4]
Consent orders 101: Why the OCC uses them
The OCC supervises national banks and federal savings associations and can take enforcement actions for violations of law,
unsafe or unsound practices, and certain breaches of fiduciary duty by institution-affiliated parties.
[5]
A “consent order” is a formal enforcement action issued with the bank’s consent (typically via its board of directors).
In other words, instead of litigating every detail, the bank agrees to the order and commits to corrective actions.
Other regulators use similar terminology; for example, the FDIC’s enforcement manual explains that cease-and-desist orders
are titled “Consent Order” when the respondent stipulates to issuance (versus orders issued through litigation).
[6]
Consent order vs. cease-and-desist vs. formal agreement
The terminology can be confusing because different agenciesand even different articlesuse overlapping phrases.
Here’s the clean way to think about it:
-
Cease-and-Desist Order (C&D): A final order (often under federal banking law) that can require a bank to stop
an unsafe/unsound practice or violation, and to take affirmative corrective action.
[7] -
Consent Order: Often a C&D order (or similar formal order) issued after the bank consentstypically by board action
rather than being imposed after a contested process.
[6] -
Formal Agreement: A written agreement signed by the OCC and the bank’s board that requires corrective steps.
[7]
The important point is not the label; it’s the effect. These are formal tools used when regulators want measurable,
enforceable remediationnot just “please do better next quarter.”
[7]
What typically triggers a consent order
Consent orders often show up when a bank’s weaknesses are serious, persistent, or broad enough that the regulator wants
the fix to be both documented and deadline-driven. Common themes include:
1) BSA/AML weaknesses (a recurring star of the show)
Many consent ordersand terminationstie back to Bank Secrecy Act/anti-money laundering (BSA/AML) issues.
In the OCC’s public documentation of termination orders, BSA/AML-related concerns may include internal controls breakdowns,
weak independent testing, and staffing deficiencies.
[4]
Regulators evaluate BSA/AML programs using core building blocks: internal controls, independent testing, a qualified
BSA officer, and training. OCC examination procedures for community banks lay out these pillars and how examiners check
whether the program is written, board-approved, and tailored to the bank’s risk profile.
[8]
The FFIEC BSA/AML Manual reinforces two of the big ones regulators love to ask about:
internal controls (board responsibility, risk-based design, IT oversight) and independent testing
(qualified, independent parties assessing adequacy relative to the bank’s risk profile).
[9] [10]
Meanwhile, Treasury’s FinCEN has emphasized that AML/CFT program rules live in Bank Secrecy Act authorities and implementing
regulations (including the bank AML program rule at 31 CFR 1020.210), and has pushed modernization efforts to improve
effectiveness and risk-based design.
[11]
2) Capital, liquidity, strategic planning, and IT controls
Another frequent cluster: capital and liquidity risk management, strategic planning, and information technology controls.
Those may sound like separate issues, but in a modern bank they’re basically siblings living in the same house:
strategy drives growth, growth stresses liquidity and capital, and everything runs through IT systems that must be controlled,
monitored, and audited.
[4]
In publicly described termination actions, orders may have imposed requirements related to capital ratios, risk assessment,
and other governance expectationsmeaning the bank had to demonstrate not just “we fixed a process,” but “we can sustain
the fix and prove it.”
[4]
So how does a consent order get terminated?
Termination is not a gold star given out for “good vibes.” It is typically earned through evidencelots of it.
The OCC’s enforcement action releases explain that terminations occur when a bank shows compliance with all articles,
when issues have become outdated or irrelevant, or when requirements are incorporated into a new action.
[3]
And the termination orders themselves are usually short, direct, and very “governmental.”
They often include language stating that, to assure safety and soundness and compliance, the OCC issued the original
consent order, and now believes those goals do not require the order’s continued existencetherefore it is terminated.
[2] [12]
The bank’s “termination binder,” metaphorically speaking
Banks that successfully exit a consent order typically demonstrate four things:
- Corrective actions are complete: Not half-done, not “in progress,” but implemented with documentation.
-
Controls are sustainable: Policies exist, are followed, and are monitored; the fix survives staff turnover.
[9] -
Independent validation exists: Internal audit or qualified independent reviewers confirm the controls work.
[10] -
Governance is real: Board oversight isn’t ceremonial; it’s informed, documented, and accountable.
[8]
If that sounds like a lot, it is. But it’s also the point: regulators want banks to be resilient institutions, not fragile
machines held together by heroic effort and caffeine.
What changes after termination (and what doesn’t)
Once a consent order is terminated, the specific requirements in that order are no longer in effect.
That can mean fewer mandated reports, fewer formal milestones, and (often) more flexibility in business decisions
that were constrained by the order.
[4]
That said, termination doesn’t mean the OCC stops supervising the bank. The bank still undergoes examinations,
and it still must comply with the same laws and regulations as before. Think of it like graduating from a class:
you’re done with that syllabus, but you still have to show up to school.
[5]
Real-world ripple effects banks care about
-
Reputation: A terminated order can reduce headline risk and restore confidence among customers,
counterparties, and prospective hires.
[13] -
Management bandwidth: Leaders can spend less time on remediation check-ins and more time on strategy
(a polite way to say: fewer meetings that could’ve been an email).
[13] -
Capital and growth flexibility: Some orders affect capital requirements or growth activities; termination
may expand options depending on the bank’s situation.
[13]
Case-style examples: What “termination” looks like in the wild
Publicly available examples in 2025 show that termination orders can apply to very different banks, from community-scale
institutions to large national players.
Example A: A community bank termination order
In a termination order involving a national bank in New York, the document states the OCC issued a consent order in 2023
to assure safety and soundness and compliance, and later terminated it with a signed order dated December 18, 2025.
[12]
Example B: BSA/AML and broader risk management remediation
Another termination order (dated November 13, 2025) ended a January 24, 2024 consent order against a national bank in
Virginia. The termination order uses the same basic structure: original order issued by consent, and the OCC no longer
believes the order needs to continue.
[2]
Media coverage of that termination described the earlier order as focused on BSA/AML program weaknesses and remediation
steps, including staffing and controls, and noted the bank’s leadership emphasized getting “back to the banking business.”
[13]
Example C: Large-bank multi-year cleanup arcs
Terminations also occur in high-profile, multi-consent-order environments. For instance, Wells Fargo publicly confirmed
that the OCC terminated a 2018 consent order related to its compliance risk management program and framed it as part of
a multi-year effort to close multiple regulatory actions.
[14]
Reuters also reported on the OCC terminating a 2021 consent order tied to home lending loss mitigation deficiencies,
describing it as part of a longer arc of regulatory remediation and ongoing oversight.
[15]
Why this matters to customers (yes, even if you don’t read enforcement orders for fun)
For most customers, a consent order termination won’t change your daily banking experience overnight. Your debit card
still works, your direct deposit still shows up (usually), and your mobile app will still ask you to update it at the
least convenient time possible.
But terminations can matter indirectly:
-
Operational stability: Stronger internal controls and independent testing can reduce operational mishaps.
[9] [10] -
Better risk governance: Improved board oversight and documented programs often translate into fewer surprises.
[8] -
Long-term trust: The public nature of termination actions can signal that a regulator has verified meaningful progress.
[3]
What it says about regulators and the banking moment we’re in
The steady cadence of monthly OCC enforcement releasesand the explicit explanation of why actions are terminatedreflects
a system trying to be more transparent about supervision outcomes.
[3] [16]
It also highlights what regulators keep emphasizing:
banks must maintain risk-based programs that are effective, not just “present.”
That’s especially true in BSA/AML, where program expectations include written policies, board approval, risk-based design,
independent testing, and trainingplus the operational muscle to keep it all current as products and customer risk profiles evolve.
[8] [11]
Practical takeaways for bank leaders (and compliance teams who deserve snacks)
1) Build controls that survive real life
Regulators look for continuity: controls that keep working when systems change, when teams change, and when business lines expand.
The FFIEC BSA/AML Manual explicitly calls out program continuity, IT oversight, and timely updates in response to regulatory change.
[9]
2) Treat independent testing like a safety net, not a performance
Independent testing is supposed to be independent. That means qualified reviewers, credible scope, and reports that actually inform
the board and senior management about weaknesses.
[10]
3) Governance is not a meetingit’s evidence
Boards can’t outsource accountability. Examination procedures emphasize board approval, documented oversight, and clear lines of reporting.
If your minutes read like a movie recap instead of a governance record, you’re doing it wrong (and your future self will be sad).
[8]
FAQ
Does termination mean the bank “did nothing wrong”?
Not necessarily. It means the OCC no longer believes the order must continue for safety and soundness and compliance reasons.
The original supervisory concerns existed, and termination reflects completion or changed circumstancesnot retroactive innocence.
[2] [3]
Can a bank get another consent order later?
Yes. Termination ends a specific enforcement action, but banks remain subject to ongoing supervision and enforcement authority.
If new issues arise, regulators can take new actions.
[5] [7]
Is a consent order always public?
Formal enforcement actions frequently are public, and the OCC maintains a searchable enforcement action database and related updates.
[16]
Conclusion: The win is realbut it’s also a responsibility
When the OCC terminates a consent order, it’s a meaningful milestone. It typically signals that a bank has demonstrated
sustained remediation, credible controls, and governance that can hold the line after the spotlight moves on.
But the real victory isn’t the termination order itselfit’s building a system that doesn’t need a new one next year.
[3] [9]
For customers, termination is usually quiet reassurance: a sign that regulatory pressure achieved something tangible.
For banks, it’s permission to stop living in remediation modeand start proving that the improvements weren’t just temporary
“exam season” studying, but the new normal.
Field Notes: of “Experience” From the Consent-Order Reality
Ask anyone who’s lived through a consent orderrisk managers, auditors, BSA officers, line-of-business leadersand you’ll hear
the same theme: the hardest part isn’t writing a policy. It’s making the policy real on a Tuesday afternoon when the inbox is on fire.
The first “experience” most banks describe is the calendar takeover. Remediation turns time into a resource with a budget.
Meetings multiply: steering committees, working groups, board updates, examiner check-ins, internal audit readouts, and the
infamous “evidence walkthrough,” where someone explainsagainwhy a document proves a control exists. The bank learns quickly
that regulators don’t run on vibes. They run on evidence.
The second experience is culture shock. A consent order can expose the difference between “we have a program” and
“we have a program that is effective, risk-based, and resilient.” Teams discover that a control that works in one department
quietly fails in another, especially when technology systems don’t talk to each other or when responsibilities are spread across
people who are already wearing three hats. Sometimes the fix is technical. Often it’s organizational: clearer ownership, better training,
and a board that actually asks uncomfortable questions (the good kind of uncomfortable).
Then comes the hiring and resourcing experience. Orders tied to BSA/AML and operational risk frequently drive a talent hunt for
specialized experiencepeople who know how to build risk assessments, design suspicious activity workflows, validate monitoring systems,
and run independent testing without conflicts. Banks that succeed tend to do two things at once: bring in expertise and build internal
depth, so knowledge doesn’t leave when a consultant’s engagement ends. It’s like learning to cook instead of only ordering takeout:
satisfying, but it takes effort (and you will make a mess at first).
Another recurring experience is the “documentation glow-up.” Teams learn to write policies that are not just accurate but usable,
procedures that match what staff actually do, and records that survive scrutiny. The hidden skill here is storytellingcompliance storytelling.
Not fiction, but clarity: here’s the control, here’s who owns it, here’s how it operates, here’s how it’s tested, and here’s what happens
when it fails. When that story is coherent, remediation accelerates.
Finally, there’s the post-termination experience: relief mixed with responsibility. Termination removes the order’s formal obligations,
but the bank now has a reputation to protectinternally and externally. The best banks treat termination as a graduation, not a vacation.
They keep the best routines: independent testing that informs management, board oversight that’s engaged, and controls that keep working
when the business changes. Because the real goal isn’t just to close an order. It’s to become the kind of bank that never needs one again.
Close