Setting up the right fintech compliance program for the size and stage of your company
Fintech companies must adhere to the same regulations as banks. You need to know who is using your app, prevent illegal activity such as money laundering, and be transparent with your customers about fees. Compliance failures can result in regulatory action and harm to your reputation with customers.
A strong fintech compliance program will protect your customers, make your business a safe and trustworthy partner for banks, and help you build healthy relationships with regulators.
This blog post will help you understand the relationship between your fintech and compliance requirements. We’ll go over questions to expect from your potential sponsor banks, and the best ways to work with a banking as a service (BaaS) provider and third-party compliance experts to efficiently build a compliance program that meets your unique needs.
Watch our on-demand seminar, "The 5 Critical Elements of Compliance for Fintechs."
How fintech could cause a revolution in compliance
Fintechs increasingly mediate the relationship between customers and banks. With more and more people relying primarily on mobile banking, consumers and businesses are seeking out a superior digital experience, which fintech apps can offer. All this means banks are increasingly operating in the background. So while the role of traditional financial institutions remains crucial, they are less visible, and more of the risks that come with banking are shifted to consumer-facing fintech apps. That’s why fintechs need to find a bespoke compliance solution that custom fits their product and services.
Digital banking regulatory compliance
There is no universally accepted fintech regulatory framework. When a fintech partners with a bank, it must align its practices with the bank’s compliance needs. That means not just following laws and regulations, but communicating with your bank often and offering them full transparency into who your users are, what products they are consuming, and how those users are interacting with the partner bank’s service.
Transparency with your bank partner is crucial because regulators don’t just look at whether a bank or its partners are actually violating the law. They also monitor bank operations to ensure that oversight functions are sound. Can the bank demonstrate it has the right processes in place to detect hypothetical wrongdoing? Banks need to be able to show regulators during an exam that it maintains adequate oversight over their fintech partners. The fintech must work hand in hand with the bank to provide proof of compliance.
Key bank and fintech compliance regulations
Different laws will impact your fintech depending on the specifics of your use case, features, and customer base. For example, depending on the size of your partner bank, the interchange fees you pay on transactions may vary. Depending on your industry, you may face additional regulations – especially if you’re in an emerging industry like cannabis or cryptocurrency. Your BaaS provider or compliance specialist can help you understand exactly how these laws and others may impact your business and how to adjust to your business model.
While nuances matter, some major laws and regulations apply universally to financial services. My previous fintech compliance post goes into detail on some of the basic laws you should know, such as the Bank Secrecy Act and Durbin Amendment, and my post on the know your customer (KYC) process gives an overview of how fintechs can balance customer convenience with risk management.
What questions to expect from banks when it comes to compliance
Banks conduct due diligence with potential partners before signing any contracts. As part of this process, the bank will want information about the potential partner’s principals, beneficial owners, their business model, and their customers.
Here are some questions a bank may ask as part of the vetting process:
- Who will be depositing money using your app?
- What will you enable them to do with that money? For example, will you enable automated clearing house (ACH transfers) or debit card payments?
- What industries does your fintech company work with?
- Does your company work with emerging industries like cannabis or cryptocurrency?
- Does your fintech work with non-financial industries with their own regulatory systems, like healthcare?
- Who are your principals? In other words, who runs your company?
- What other banks, financial institutions, or technology providers does your company partner with?
- The bank will also do their research, looking at media reports about your company and your other partners such as your BaaS provider.
Should you work with third-party compliance experts?
Our short answer is “yes.” Various third-party compliance experts provide specialized solutions to address unique needs.
There is no one “fintech standard.” Needs vary. Compliance is complicated. If you’re a small- to medium-size startup, you probably don’t have the scale to justify devoting resources to an internal program. You may also encounter some BaaS providers who say they alone can handle the whole program for you, but those solutions tend to be one-size-fits-all. That means they won’t meet specialized needs or address risk appropriately to your use case and customer base. You will quickly grow out of a basic offering.
The Goldilocks, just-right compliance process for the vast majority of fintechs starts by developing a baseline understanding of compliance as it applies to your business. Different firms may specialize in fintech customer due diligence needs like KYC, fraud detection, cybersecurity, or any number of fairly complex use cases. By working with specialists, you can customize a compliance framework that allows your company to adapt quickly as your unique risks change. While it may sound daunting in the early stages of your fintech’s journey, investing in a proper foundation from the outset will position your fintech to scale successfully down the road.
An experienced BaaS provider like Treasury Prime, which works closely with top compliance partners such as Alloy and Unit21, can provide advice and serve as a single connection for both BaaS and compliance services to ensure smooth technology integration between all parties. This cost-effective method can save time by cutting down on ongoing requests and process audits.
However you put your program together, make sure that your staff is fully involved in designing and running it. If anything goes wrong, your company holds the bag. Most importantly, you know your customers and are in the best position to detect and mitigate nefarious conduct that could signal financial crime or fraud.
How banking as a service providers can help
BaaS providers don’t just help fintechs connect with bank partners and integrate with bank systems, but can also help fintechs navigate compliance. They can act as an advisor as you develop your initial compliance processes, connect you with expert third parties, and help you build a closer relationship with your bank partner.
The best BaaS partners will be transparent, enabling you to connect directly with your bank and compliance partners. The most trustworthy compliance partners will enable you to own your compliance process, and play a direct role in developing it.
Treasury Prime enables fintechs and other companies to embed and build fully customizable flows for KYC, compliance, and transaction monitoring for their neobanks, applications, and services. We provide as much guidance as you need, while ensuring the process stays entirely under your command.
To learn more about the fundamentals of compliance, watch our webinar, “The 5 Critical Elements of Compliance for Fintechs,” on demand.
Want more guidance? Treasury Prime can help. We foster direct relationships between fintechs and banks. To learn more about how Treasury Prime can help your bank or fintech grow through collaboration, get in touch with our team.