Blog

/

Compliance

Setting up the right fintech compliance program for the size and stage of your company

Fintechs must find a compliance solution that is custom fit to their product and services.
Nov 10, 2021
Headshot of Sheetal Parikh
Sheetal Parikh
Deputy General Counsel & Vice President of Compliance
,
November 10, 2021
Infographic showing various aspects of compliance navigation

Fintech companies must adhere to the same regulations as banks. You need to know who is using your app, prevent illegal activity such as money laundering, and be transparent with your customers about fees. Fintech compliance failures can result in regulatory action and harm to your reputation with customers. 

A strong compliance program facilitates fintech fraud prevention, protecting your customers, making your business a safe and trustworthy partner for banks, and help you build healthy relationships with regulators. 

This blog post will help you understand the relationship between your fintech compliance requirements, and the compliance program at your partner financial institution. We’ll go over questions to expect from your potential sponsor banks, and the best ways to work with a banking as a service (BaaS) provider and third-party compliance experts to efficiently build a compliance program that meets your unique needs.

Watch our on-demand seminar, "The 5 Critical Elements of Compliance for Fintechs."

How fintech could cause a revolution in compliance

Fintechs increasingly mediate the relationship between customers and banks. With more and more people relying primarily on mobile banking, consumers and businesses are seeking out a superior digital experience, which fintech apps can offer. All this means banks are increasingly operating in the background. So while the role of traditional financial institutions remains crucial, they are less visible, and more of the risks that come with banking are shifted to consumer-facing fintech apps. That’s why fintechs need to find a bespoke compliance solution that custom fits their product and services.

Digital banking regulatory compliance

There is no universally accepted fintech regulatory framework. When a fintech partners with a bank, it must align its practices with the bank’s compliance needs. That means not just following laws and fintech regulations, but communicating with your bank often and offering them full transparency into who your users are, what products they are consuming, and how those users are interacting with the partner bank’s service. 

Transparency with your bank partner is crucial because regulators don’t just look at whether a bank or its partners are actually violating the law. They also monitor bank operations to ensure that oversight functions are sound. Can the bank demonstrate it has the right processes in place for fraud detection? Banks need to be able to show regulators during an exam that it maintains adequate oversight over their fintech partners. The fintech must work hand in hand with the bank to provide proof of compliance. 

Key bank and fintech compliance regulations

Different laws will impact your fintech depending on the specifics of your use case, features, and customer base. For example, depending on the size of your partner bank, the interchange fees you pay on transactions may vary. Depending on your industry, you may face additional regulations – especially if you’re in an emerging industry like cannabis or cryptocurrency. Your BaaS provider or compliance specialist can help you understand exactly how these laws and others may impact your business and how to adjust to your business model. 

While nuances matter, some major laws and regulations apply universally to financial services. My previous fintech compliance post goes into detail on some of the basic laws you should know, such as the Bank Secrecy Act and Durbin Amendment, and my post on the know your customer (KYC) process gives an overview of how fintechs can balance customer convenience with risk management.

What questions to expect from banks when it comes to compliance

Banks conduct due diligence with potential partners before signing any contracts. As part of this process, the bank will want information about the potential partner’s principals, beneficial owners, their business model, and their customers. 

Here are some questions a bank may ask as part of the vetting process:

  • Who will be depositing money using your app?
  • What will you enable them to do with that money? For example, will you enable automated clearing house (ACH transfers) or debit card payments? 
  • What industries does your fintech company work with? 
  • Does your company work with emerging industries like cannabis or cryptocurrency?
  • Does your fintech work with non-financial industries with their own regulatory systems, like healthcare?
  • Who are your principals? In other words, who runs your company?
  • What other banks, financial institutions, or technology providers does your company partner with?
  • The bank will also do their research, looking at media reports about your company and your other partners such as your BaaS provider. 

Should you work with third-party compliance experts?

Our short answer is “yes.” Various third-party compliance experts provide specialized solutions to address unique needs.  

There is no one “fintech standard.” Needs vary. Compliance is complicated. If you’re a small- to medium-size startup, you probably don’t have the scale to justify devoting resources to an internal program. You may also encounter some BaaS providers who say they alone can handle the whole program for you, but those solutions tend to be one-size-fits-all. That means they won’t meet specialized needs or address risk appropriately to your use case and customer base. You will quickly grow out of a basic offering. 

The Goldilocks, just-right compliance process for the vast majority of fintechs starts by developing a baseline understanding of compliance as it applies to your business. Different firms may specialize in fintech customer due diligence needs like KYC, fraud detection, cybersecurity, or any number of fairly complex use cases. By working with specialists, you can customize a compliance framework that allows your company to adapt quickly as your unique risks change. While it may sound daunting in the early stages of your fintech’s journey, investing in a proper foundation from the outset will position your fintech to scale successfully down the road.

An experienced BaaS provider like Treasury Prime, which works closely with top compliance partners, can provide advice and serve as a single connection for both BaaS and compliance services to ensure smooth technology integration between all parties. This cost-effective method can save time by cutting down on ongoing requests and process audits.

However you put your program together, make sure that your staff is fully involved in designing and running it. If anything goes wrong, your company holds the bag. Most importantly, you know your customers and are in the best position to detect and mitigate nefarious conduct that could signal financial crime or fraud.

Treasury Prime’s fintech compliance partners

Treasury Prime integrates directly with multiple third-party providers to offer specialized solutions for your fintech’s compliance program. Our integrations enable unparalleled visibility and control to end users. 

  • Alloy: Global identity decisioning platform Alloy offers best-practice journeys for both commercial and consumer identity verification. Alloy offers access to more than 175 data sources, making it a powerful tool for fintech fraud detection and prevention. The KYC and KYB platform has helped hundreds of fintech and bank partners cut instances of fraud by 48 percent on average. 
  • Cable: Companies can leverage Cable, an all-in-one financial crime effectiveness testing platform, to ensure compliance with financial crime requirements as part of a fintech fraud prevention strategy. 
  • Unit 21: No-code platform Unit21 enables neobanks, fintechs and their partner banks to monitor suspicious behavior. The RegTech company enables fintechs to customize rule sets and models to detect and address suspicious activity, while partner banks retain transaction monitoring responsibilities.

How banking as a service providers can help

BaaS providers don’t just help fintechs connect with bank partners and integrate with bank systems, but can also help fintechs navigate compliance. They can act as an advisor as you develop your initial compliance processes, connect you with expert third parties, and help you build a closer relationship with your bank partner. 

The best BaaS partners will be transparent, enabling you to connect directly with your bank and compliance partners. The most trustworthy compliance partners will enable you to own your compliance process, and play a direct role in developing it. 

Treasury Prime enables fintechs and other companies to embed and build fully customizable flows for KYC, compliance, and transaction monitoring for their neobanks, applications, and services. We provide as much guidance as you need, while ensuring the process stays entirely under your command. 

To learn more about the fundamentals of compliance, watch our webinar, “The 5 Critical Elements of Compliance for Fintechs,” on demand.

Wondering how embedded banking could help your business? Contact Treasury Prime — we have a true multi-bank network, the deepest bank core integrations, and extensive compliance experience. Read more about our $40 million Series C Funding and why Tearsheet named us the Best Banking as a Service company for the second year in a row. Talk to the best embedded finance team in the industry.

Related fintech compliance articles:

Fintech Transaction Monitoring Behind the Scenes

Find a BaaS Provider That Empowers Your Compliance Management

How are Neobanks Regulated?

Stay on Top of Fraud and Risk Mitigation with Treasury Prime Partners

← Back to blog