Best Practices for Maintaining a Ledger

Over the last few years, the banking and fintech community has seen active conversation on the need for better ledgering. Following the Synapse bankruptcy, the FDIC recently proposed a new recordkeeping rule for custodial deposit accounts designed to strengthen recordkeeping at insured depository institutions (IDIs) and protect fintech customers’ funds.

At Modern Treasury, we have a long history of successful ledger implementations. As the industry and regulatory conversation continues, we pulled together these best practices for maintaining a ledger to guide companies on this journey.

1. Single source of truth: Companies should maintain a single ledger that combines transactional data from IDIs and operational data to track and reconcile end-user balances.
2. Transaction reconciliation: Every transaction impacting a beneficial owner balance should have a reference in the ledger to a transaction reported by the IDI by close of day.
3. Account reconciliation: For a given custodial deposit account, the deposit account cash balance in the ledger should match the IDI’s reported deposit account balance, as of the last reported balance.
4. Double-entry balancing: Ledger records should be double-entry to ensure a beneficial owner balance in the ledger equals the sum of transactions involving the owner at all times. The cash balance in the ledger should always equal the sum of beneficial owner balances for a given custodial account.
5. Real-time access: To ensure that beneficial owners can be identified at all times, the IDI should be able to view beneficial ownership interests in the ledger on demand, either via secure access to a ledger dashboard or balance exports on a timetable determined by the IDI.
6. Immutability: To prevent erroneous or malicious record deletions, neither the IDI nor the fintech should be able to update transactions, beneficial owner data, or balances in the ledger without an audit trail. Any historical state of the ledger can be recovered.
7. Controls and validation: Access to the ledger should follow industry best practices (including compliance with SOC 1 and SOC 2) and be limited to authorized users at the IDI, fintech, and vendor.
8. Data completeness: The ledger should include all required beneficiary owner data in the FDIC-mandated format, including account holders and current account balances.
9. Disaster recovery: Data protection and disaster recovery for the ledger should follow industry best practices. In addition to backups kept by fintechs or vendors, IDIs should maintain access to a copy of the ledger in a data environment outside the fintech or vendor.

To learn more about Ledgers and best practices, reach out to us.