The Fair Access to Banking Act conditions access to taxpayer-supported lending programs and critical payment infrastructure on financial firms’ treatment of customers who are complying with the law. It directs regulators to block or restrict use of certain public or network services when a provider refuses to do business with lawful customers for reasons other than quantified, impartial, risk-based analysis, and it gives harmed parties a new private cause of action.
For compliance officers and legal teams, the bill rewrites incentives: banks and card/ACH networks would face direct infrastructure penalties and litigation exposure if they engage in category- or reputation-based denials. That creates immediate questions about how institutions document risk, handle reputational risk, and reconcile existing safety-and-soundness or sanctions obligations with nondiscrimination mandates.
At a Glance
What It Does
The bill bars covered financial firms from accessing certain federal liquidity facilities and payment infrastructure if they refuse to serve persons who are lawfully operating. It also prohibits card networks from contractually blocking lawful customers and establishes a civil cause of action for aggrieved parties.
Who It Affects
Large national and state banks, insured depository institutions, credit unions, payment card networks, ACH processors, and their subsidiaries—plus customers in lawful but politically contentious industries that have experienced ‘‘de‑risking.’’
Why It Matters
By linking public tools and core network access to nondiscriminatory access standards, the bill forces institutions to convert reputational and category-based decisions into quantified, documentable risk judgments—or face operational restrictions and litigation.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
The bill creates a statutory definition of ‘‘fair access to financial services’’ and then makes access to several critical pieces of financial plumbing contingent on compliance with that standard. It draws a line between lawful denials (e.g., safety-and-soundness or compliance with a separate legal requirement) and denials based on categorical or reputational judgments, and it requires covered banks to use individualized, quantitative, impartial risk assessments.
Covered banks face three kinds of restrictions in the text. First, large member and nonmember banks are blocked from using certain Federal Reserve facilities if they refuse to do business with a lawfully operating person.
Second, the Automated Clearing House (ACH) infrastructure and large insured depository privileges are similarly conditioned on banks and credit unions not denying service to lawful customers. Third, payment card networks are prohibited from contractually prohibiting or discouraging lawful customers from accessing network services.Operationally, the bill requires covered banks to offer the financial services they provide ‘‘on proportionally equal terms’’ across the geographic market they serve and prohibits coordinated denials at the request of third parties.
If a bank denies services, it must give the customer a written justification that identifies the quantitative, documentable basis for the decision and, where applicable, the specific laws or regulations the bank believes the customer is violating. The bill expressly says reputational risk alone cannot justify a denial.Enforcement is both regulatory and private.
The bill gives regulators authority to restrict use of certain facilities and directs the appropriate agencies to assess penalties on networks that contravene the prohibition. At the same time it creates a federal private cause of action with damages and fee-shifting for customers who were denied service in violation of the statute—and it waives the need to exhaust administrative remedies before suing.
The Five Things You Need to Know
The bill presumes a bank is ‘‘covered’’ if it has $50 billion or more in consolidated assets; covered banks are subject to the Act’s access and conduct rules unless they rebut that presumption to the OCC.
Member banks and large nonmember banks that refuse to do business with lawful customers would be barred from using certain Federal Reserve lending programs; covered credit unions and large banks can lose ACH access for similar refusals.
Payment card networks are forbidden from contractually blocking lawful customers; the Comptroller may assess penalties up to 10% of the value of the services or products at issue, with a per‑violation cap of $10,000.
A covered bank may not deny a service unless the denial is justified by pre-established, quantified, impartial risk-based standards documented in advance, and any denial must be accompanied by a written justification to the customer; reputational risk alone is not an acceptable basis.
The bill creates a private federal cause of action with treble damages, recovery of reasonable attorney’s fees and costs, and no requirement to exhaust administrative remedies before filing suit.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Short title
Establishes the Act’s citation as the ‘‘Fair Access to Banking Act.’
Findings
Lays out Congress’s rationale: concern about government-driven and private ‘‘de‑risking,’’ taxpayer support for banks, and the need for impartial, data-driven risk decisions. These findings frame the statute’s policy purpose but do not themselves create obligations; they will be the lens regulators and courts use when interpreting ambiguous provisions.
Limit access to Federal Reserve lending for banks that refuse lawful customers
Amends the Federal Reserve Act to bar member banks (and subsidiaries) meeting the covered-bank criteria from using discount window lending programs if they refuse to do business with persons complying with the law. Practically this weaponizes access to an emergency/standing liquidity facility as a compliance lever. Banks that rely on the discount window will need clear, documented rationales for denials or risk operational exclusion.
Prohibit card networks from contractual exclusion and set penalties
Defines ‘payment card network’ by reference to the Electronic Fund Transfer Act and bars networks from contracting to prohibit lawful persons from obtaining network services because of political or reputational risk considerations. The Comptroller of the Currency gains authority to impose civil penalties tied to the value of affected services, with a statutory per‑violation cap, creating a direct financial deterrent to wide-scale network de‑risking.
ACH access conditioned on nondiscrimination
Prevents covered credit unions and large banks (including certain State‑chartered nonmember banks) from using the Automated Clearing House Network if they refuse to serve lawful persons. Because ACH is an essential payments rail for payroll and merchant settlement, this provision targets a practical chokepoint for firms that have historically been subject to de‑risking.
Credit union enforcement
Amends the Federal Credit Union Act to subject insured credit unions that refuse to do business with lawful persons to the Act’s consequences. This brings credit unions within the nondiscrimination enforcement net and ties their access to federal privileges to compliance with the new standard.
Definitions, conduct requirements, and private cause of action
Contains the operational core: definitions (bank, covered bank, covered credit union, deny, fair access), the presumption that banks with specified asset levels are covered and the OCC’s role in rebuttal, the requirement that covered banks offer services on proportionally equal terms and use individualized quantitative standards for denials, the prohibition on coordinated denials, the written-justification requirement, the prohibition on reliance solely on reputational risk, and the private federal cause of action with treble damages and fee recovery without administrative exhaustion.
This bill is one of many.
Codify tracks hundreds of bills on Finance across all five countries.
Explore Finance in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Businesses in lawful but politically sensitive industries (e.g., certain online marketplaces, legal but stigmatized commerce): They gain a statutory shield against category‑based de‑banking and a new private remedy if denied service.
- Customers and counterparties who rely on uninterrupted ACH and card rails (merchants, payroll customers): By restricting denial-based disconnection from payment systems, the bill reduces the risk of sudden payment-service interruptions.
- Smaller banks and community-focused institutions that compete for customers the larger firms might avoid: If large institutions cannot broadly refuse certain categories, smaller firms may capture more predictable business volume.
Who Bears the Cost
- Large banks and their compliance teams: They must document quantitative, impartial risk criteria and produce written denials, overhaul onboarding and monitoring frameworks, and face litigation and potential loss of access to Fed facilities or ACH.
- Payment card networks and processors: They face new contractual caps on network controls, potential penalties, and the operational burden of defending whether restrictions address legitimate safety or reputational concerns.
- Regulators and the Office of the Comptroller of the Currency: The OCC is given rebuttal and penalty roles that will require fact-intensive assessments, hearings, and resource allocation to resolve presumption disputes and adjudicate network penalties.
Key Issues
The Core Tension
The central dilemma is balancing two legitimate aims that pull institutions in opposite directions: preventing private, category‑based de‑banking of lawful actors versus preserving banks’ discretion to act on safety, soundness, and legal‑compliance grounds; the bill demands data-driven denials but leaves the standards and enforcement judgments sufficiently open-ended that any solution will either constrain prudent risk management or invite regulatory and judicial micro‑management of commercial decisions.
The bill forces practical tradeoffs between nondiscrimination objectives and banks’ existing legal obligations to manage safety‑and‑soundness and compliance risk. The statute requires quantitative, documented risk standards but does not prescribe what level of documentation suffices; that gap gives regulators wide discretion to judge whether a bank’s risk assessment is sufficiently empirical.
That will produce compliance uncertainty and potentially inconsistent outcomes across institutions and regions.
Another implementation tension lies in the treatment of reputational risk. The Act bars relying solely on reputational risk but does not specify how reputational considerations that correlate with measurable compliance indicators should be weighed.
Similarly, the interplay with anti‑money‑laundering, sanctions, and consumer protection law is murky: banks will still have to restrict service to meet those obligations, but the bill’s ‘‘in compliance with the law’’ line will create frequent factual disputes that invite litigation and regulatory intervention. Finally, tying access to public facilities and private networks to a statutory nondiscrimination rule creates perverse incentives—institutions may refuse a marginally risky but lawful customer to avoid litigation, or alternatively incur elevated risk to avoid losing access to infrastructure.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.