How Are Neobanks Regulated?

As the digitization of financial services grows at record pace, the outlook for neobanks is promising, with market value estimated at $300 billion. In 2021, neobanks nabbed $12 billion in venture capital funding, springing up a new cohort of these fintechs. And yet there are risks. As consumers flock to neobanks, federal regulators are keeping a closer eye on consumer protection and the lack of direct oversight of these fintechs, with some, such as the Consumer Financial Protection Bureau (CFPB), already advocating for stricter oversight. 

This article examines how regulatory compliance is evolving for neobanks and what they can do to keep up with future legislative changes, with support from your banking as a service (BaaS) provider and third party compliance companies. 

What is a neobank?

Neobanks are fintechs that offer banking products through a digital platform, whether it be online or in the form of an app. Because neobanks also lack any kind of physical branch or location, consumers only interact with the neobank over the internet. While neobanks tend to offer a more limited suite of services than traditional banks, they are more nimble.

Neobanks focus on more digital features that empower consumers to have more control and real-time visibility into their finances while interacting with the digital-payment environment that is becoming more popular among small and medium-sized businesses. By accessing financial services products through the internet, neobanks are also able to reach different segments of the population who have specific interests, or may not have the time or resources to visit banks in person to control their finances, and those who are underbanked or unbanked.

Significantly, while these fintechs are called neobanks, they aren’t actual banks — they generally lack a bank charter, and therefore must partner with an established chartered bank to provide their financial offerings to their customers.

Why are neobanks popular?

Because neobanks don’t operate physical locations, neobanks can often offer lower fees. And because every interaction with a neobank is done via a computer or smartphone, neobanks can offer convenience for the consumer, allowing anyone to open an account, deposit a check, or transfer money without ever leaving home.

The appetite for digital-only interfacing was made even more apparent at the height of the COVID-19 pandemic, when neobanks provided consumers a safe and easy way to manage their finances.

As neobanks grab a larger market share and amass new customers, governmental regulatory bodies are recalibrating an appropriate “regulatory perimeter” that regulates these fintechs just like the banks that they partner with.  

“At what point do fintech and crypto firms begin to function like banks? Banks need to be safe and sound because a loss of trust and unexpected failure can infect healthy peers and impact the broader economy. At what point might the same be said for certain fintech and crypto firms?” questioned Michael Hsu, the acting comptroller of the Office of the Comptroller of the Currency (OCC) in a November 2021 speech. “Modernizing the bank regulatory perimeter cannot be accomplished by simply defining the activities that constitute “doing banking,” but will also likely require determining what is acceptable in a bank-fintech relationship.”

How are neobanks and other fintechs regulated?

Before we go into what the future of neobank regulation might look like, let’s assess how neobanks are currently being monitored.

Importantly, neobanks today are typically not directly regulated. Instead, it is the bank with which the neobank is partnering with that is the regulated entity. The partner banks are regulated by its examiners whether that is the FDIC, the Federal Reserve or the Comptroller of Currency (OCC) for all deposits held by a fintech’s end users.  During the course or routine audits and regulatory exams, these partner banks will need to prove to its regulators that it has a certain level of oversight and control over the fintechs in its portfolio.  

Because neobanks and fintechs need to adhere to the standards and practices of the banks they work with, a partner bank can be considered a quasi-regulator for a neobank or fintech.  Fintechs often experience this level of oversight at the onboarding phase with the Bank where it is required to submit substantive information and documents as part of the Bank’s due diligence requirements.

In light of the rapid growth of fintechs and the neobanking industry, the lack of direct fintech regulation, however, is likely fleeting. With the growing popularity of fintechs, regulators are noticing that neobanks operate similarly to legacy banks without being treated like one. More specifically, the size and complexity of its operations often parallels and in certain instances dwarf small community banks.

‍Learn more about Treasury Prime's compliance solution and transaction monitoring and how to harness them to mitigate risk and elevate the safety of your business, watch our webinar.

The Consumer Financial Protection Bureau (CFPB) has recently invoked its dormant authority to examine non-bank entities, like neobanks, to level the playing field between chartered banks and fintechs. Under the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, the CFPB has the authority to use traditional law enforcement to stop companies from engaging in potentially dangerous consumer activity. 

“This authority gives us critical agility to move as quickly as the market, allowing us to conduct examinations of financial companies posing risks to consumers and stop harm before it spreads.” CFPB Director Rohit Chopra said in an April 2022 press release.

Similarly, the OCC has also pushed for neobanks and fintechs to adhere to the same regulatory standards of the banks that they work with. 

Where we’ll likely see the beginnings of these regulatory changes is not only the larger fintechs with a sizable customer base, but those that work in what are considered to be riskier industries that may have more predatory dangers like mortgages, payday loans, and student loans.

How can neobanks keep up with regulatory changes?

In order to proactively set itself up to scale and to stay relevant, a neobank should lean into its compliance journey instead of shying away from it. Neobanks should be taking more ownership over their compliance programs and investing in internal teams that can manage those processes.  Not only does this precipitate better foundational behavior from a regulatory lens, but it will create greater confidence for the bank partner while fostering a better customer journey for a fintech’s customers. 

While early stage fintechs generally lack the resources of a traditional bank to staff and operate internal compliance systems, it can scale and establish a compliance culture in attenuated forms.  Significantly, an early state fintech with only 5 full time employees likely does not need a dedicated compliance team of multiple employees right at the outset.  Instead, it can scale its program and team as it conducts more transactions and has a changing risk profile.

As regulations become more applicable to non-bank companies like neobanks, having an internal compliance philosophy may also make it easier to find partner banks to work with. Banks want to work with fintechs that they can trust and that they feel confident will identify and mitigate risks that arise through its platform. Having an in-house team can be a strong indicator to a bank that the fintech not only understands what’s best for its business but also what’s best for its consumers and their financial safety.

For support, you can work with a BaaS provider like Treasury Prime, who can support you and provide a tool kit to help build out a top notch compliance program, in conjunction with third-party compliance experts. 

Assessing risk and preventing fintech fraud

At the heart of an effective compliance culture for both fintechs and banks is understanding specific risk that products, use cases, customers and geographies pose.  While the term risk is often weaponized, risk is not always a bad thing.  The very nature of the financial services ecosystem poses certain inherent risks;  nothing is ever risk-free. The key to managing risk is to mitigate it through effective controls and to better understand it. A neobank that fully comprehends the complexities and behaviors of its risk profile is only setting itself up for success and only makes working with its banking partners that much easier. 

Examples of risk criteria could include monitoring the dollar volume that a neobank is  processing, what products it is currently offering (certain products will present more risk than others), who the end consumer is, and what industry they’re operating in (crypto and cannabis tend to be viewed as riskier by banks). 

After assessing risk, neobanks should put controls into place to limit that risk — and thereby protect itself. Cash withdrawal limits or card transaction limits are automated methods to mitigate risk, for instance. 

How do neobanks work with BaaS providers?

BaaS providers like Treasury Prime can bridge the gap between neobanks and banks because we understand the nuanced vernacular and use cases for each type of entity.  Specifically, we not only help with the “translation” but we also facilitate a strong, trusting relationship that is critical between a neobank and its bank partner.. 

Being able to shepherd a relationship between a neobank and banking partner is so important because neobanks can often be unaware of what a bank needs to feel comfortable to form a partnership, and a bank may not know how to regulate and oversee a neobank properly.

The right compliance offering

Treasury Prime as a BaaS provider understands the technological needs of neobanks to get to market while simultaneously understanding the regulatory burden that banks face.

With Treasury Prime’s compliance offering, neobanks can grow and scale their own internal program and remain in good standing with their partner banks. Competitors in the BaaS space tend to take the position that compliance is not core to a neobank’s offering, but Treasury Prime considers it a core service. We provide advice and serve as a single connection for both BaaS and compliance services to ensure smooth technology integration between all parties. This cost-effective method can save time by cutting down on ongoing requests and process audits.

Most successful and growing fintechs own their compliance framework. Treasury Prime’s compliance solution helps lay that foundation and enables neobanks to scale that framework as they grow. This is incredibly important, because outsourcing compliance is difficult to do — and it isn’t sustainable — neobanks know their business operations better than a third-party, they know what suspicious behavior looks like, and they know what risks their businesses face. By owning their own compliance framework, it also enables neobanks to more readily work with their partner banks. 

In a recent webinar on transaction monitoring and compliance hosted by Treasury Prime in partnership with Unit 21 that I moderated, Treasury Prime Compliance Manager Tanya Corder mentions that it’s important for all parties involved to fully understand the business operations of a fintech.

“It’s important to really understand that activity is going to look different and evaluate whether your monitoring tool…is going to account for that activity,” Corder said. “What will really help banks is their understanding that the very nature of fintech business is very different from regular banking activity…and the types of risk that a traditional tool isn’t able to monitor.”

Treasury Prime integrates directly  with Alloy, Cable, and Unit 21 to provide specialized compliance solutions. By integrating these solutions into our BaaS platform, we can enable unparalleled visibility and control to end users. 

Treasury Prime’s compliance partners

• Alloy: Global identity decisioning platform Alloy offers best-practice journeys for both commercial and consumer identity verification. The KYC and KYB platform offers access to more than 175 data sources, making it a powerful tool for fintech fraud detection and prevention. Alloy’s solutions have helped hundreds of fintech and bank partners cut instances of fraud by 48 percent on average. 
• Cable: Treasury Prime’s new partner Cable provides an innovative all-in-one financial crime effectiveness testing platform. Companies can leverage Cable to ensure compliance with financial crime requirements as part of a fintech fraud prevention strategy. 
• Unit 21: RegTech platform Unit21 is a no-code platform that enables neobanks, fintechs and their partner banks to monitor suspicious behavior. Fintechs can customize rule sets and models provided by Unit 21 to detect and address suspicious activity, while the bank retains transaction monitoring responsibilities.

Newer territory like cryptocurrency

As neobanks continue to grow, they also stretch into newer territory like cannabis and blockchain for which banks have no knowledge or experience regulating. This unprecedented regulatory scheme makes it especially important for neobanks and fintechs to pair with banking partners who truly understand their industry, the inherent risks, and the business operations. 

At Treasury Prime, neobanks have access to a network of banks that are committed to innovating responsibly, providing opportunities for neobanks to find the appropriate partner to grow with. 

How should neobanks prepare for fintech regulations?

While there is no exact timeline on when the shifting regulatory framework will be effectuated to include non-bank entities like neobanks, it is important that neobanks start preparing now. Begin investing in a team to handle compliance, assess your risk profile, and find a BaaS partner like Treasury Prime that can support you end-to-end.

Interested in learning more about how Treasury Prime works with fintechs? We’re happy to answer your questions. Contact us here.

Related fintech fraud protection content:

Automating Financial Crime Effectiveness Testing with Cable

Fintech Transaction Monitoring Behind the Scenes

Setting up the Right Fintech Compliance Program for the Size and Stage of Your Company

Find a BaaS Provider That Empowers Your Compliance Management