September 13, 2019

Fintech Compliance and Regulation - Why More Collaboration and Engagement Is Needed

For over a decade, financial firms have been collaborating with financial technology (fintech) companies on developing options to offer customers quick and convenient access to an array of financial products and services. A primary objective of these partnerships is using technology to deliver cost-efficient services to new customers (particularly tech-savvy ones).

Financial firms engaging with fintech companies have found themselves facing companies at various levels of maturity (from startups to some of the world’s largest corporations). Many fintech companies are technology and data business companies, but others may be banks, asset management companies, and other financial institutions. These collaborations are often financed through a variety of sources leveraging alliances with financial institutions spanning all sectors.

Leveraging new technologies for these collaborations may create more convenience for the customer, but increasingly trigger legal, regulatory, reputational, and other risks.  For some time, there was little to no oversight of these engagements. Fintech collaborations were left on their own with most financial regulators unsure about how to regulate them. Fintech products also moved at a pace well beyond what regulators and regulations could address. This imbalance left regulators with limited options other than to oversee these relationships for compliance against traditional regulations (e.g., anti-money laundering, privacy).

Recent developments suggest the regulatory community is stepping up its oversight measures. While existing regulations have not yet fully factored in fintech products they are becoming a focus of rulemaking and enforcement actions. These actions include applying: 1) consumer protection laws regulating credit and debit products; 2) licensing requirements for non-bank entities holding or moving funds; 3) anti-money laundering and know your customer rules and regulations designed to protect our financial system against money laundering and terrorist financing; 4) privacy and data security regulations designed to protect personal information by regulating the handling, storage, transmission, and use of data as well as responses to security breaches; and 5) special considerations involving Blockchain and cryptocurrency.

The increasing focus at both the federal and state level in the United States has created a patchwork of state and federal requirements. The regulatory landscape overseeing fintech relationships is further complicated by the fact that many of these relationships are positioned to provide their products and services to a global consumer base. The global nature of such engagements may trigger a whole host of additional regulations, including complex and often restrictive data protection laws, such as the European Union’s General Data Protection Regulations.

In response, fintech partnerships would be prudent to establish and maintain a strong compliance foundation in preparation for the inevitable increased scrutiny from regulators. They must recognize they can no longer ignore these risks, and must better position themselves to manage them. In facing these challenges, fintech partnerships must establish and maintain robust compliance programs that are responsive to evolving regulatory developments.

Below is an outline of what the panel will cover during this session.

1.     The current regulatory environment, risks, and challenges posed by these collaborations, while outlining practical strategies to establish and maintain compliance controls.

2.     The panel will also discuss minimum expectations and best practices to help design and implement strong internal controls and

3.     How to build a compliance culture around fintech relationships.

The panel will cover the current regulatory environment, risks and challenges posed by these collaborations while outlining practical strategies to establish and maintain compliance controls. The panel will offer best practices for establishing and maintaining compliance programs that are robust and responsive to emerging regulatory developments.