THE 1920s brought dramatic social, economic and political change to the U.S., along with an evolution of fun things like cars, music and dance styles. The upcoming decade promises continuing, transformational changes within our financial services ecosystem driven by the massive role of technology. Compliance officers will likely need to develop a few new
moves to keep pace with the 21st century’s rendition of the Roaring 20s.
The basic steps that we all are familiar with should still work:
■ ■ ■ Build out a robust Compliance Management System (CMS)
to assess risk;
■ ■ ■ Apply controls; and
■ ■ ■ Develop policies, procedures, training, monitoring and reporting protocols on a risk-based approach.
However, these steps will need to be jazzed up with some insight into all the potential newfangled ways to do business in this
new digital age, so you have a solid foundation under your feet
to conduct due diligence and mitigate risks.
Financial technology, often shortened to fintech, is the technology and innovation that aims to compete with traditional financial
methods in the delivery of financial services. As we approach the
next decade, fintech is an emerging industry that uses technology
to improve activities in finance, and we should all be prepared.
Consider this scenario: you are pulled into a meeting and asked to
give an opinion about a strategic new opportunity with a fintech
for your financial institution (“FI”). Where do you start? This
overview will cover some of the basic preliminary questions that
you want to ask that are common to almost any type of fintech, and
some specific questions for business models that you are likely to
encounter, relating to either digital banking (including payments)
or digital lending. Once you gain a basic understanding of how
these entities generally work, you will be able to anticipate the new
types of risk that can emerge when your FI partners with a fintech.
The Party List
When being introduced to a fintech for the first time, it is important
to figure out “who’s who.” Start at the top—is the CEO a serial
entrepreneur who has led several successful financial startups?
Who is on the working team, and what are their backgrounds?
It’s great to recognize familiar faces on the Board or leadership
team from regulatory agencies or brick-and-mortar banking.
Specifically, who is guiding on compliance issues? Often there
is a single individual handling legal, compliance and risk issues.
Ask if you will have an opportunity to meet to gain insight into
regulatory expertise, and don’t be afraid to use the internet to do
research—LinkedIn is especially useful.
Next, drill down to determine whether the fintech’s experience
is relevant for the particular product or service that your FI is
interested in pursuing. There is a current trend where fintechs
that originally launched with a specific focus are expanding into
adjacent areas. For example, successful student lenders like Sofi
are expanding into personal loans and mortgages; and personal
loan-focused fintechs like Lending Club, are now offering busi-
ness loan products. Success in one area may not translate directly
into expertise in another, as we recently saw when the successful
investment banking disrupter Robinhood launched a high-yield
deposit product without having taken into account fundamental
regulatory considerations, such as FDIC insurance.
Filling Your Dance Card
Look around the table during the meeting and check to confirm
that all of the key internal stakeholders are present and contributing
to the active discussion. For example, you will want to provide your
attorneys insight into what terms you need at the time the contract
is negotiated, to ensure you will have meaningful access to data and
information to conduct due diligence, and to provide compliance
oversight and monitoring during the course of the fintech relationship.
Generally, fintechs are highly protective of their intellectual
property (“IP”), which may be a key differentiator for their success in the competitive marketplace. Be sure you understand the
consumer’s journey with the fintech, as you will likely want to
focus your inquiry on access to these interfaces to help protect
consumers from harm.
For example, will you have the ability to review solicitations and
advertising, or provide input on their website flow or content? How
will you conduct call monitoring, or ensure that complaints are
properly escalated? Will they provide transparency into their late
fee structure or use of alternative data in their underwriting? Who
will pay for root cause analysis, remediation, or changes that may
be requested by your regulator as part of your regulatory exam?
And consider the end of the relationship–what protections can
you build into the contract to protect your FI and allow you to
maintain access to data you may need for a future exam? Some of
these considerations may be taken for granted when working with
third parties that routinely work with financial institutions. Terms
may need to be negotiated specifically before a contract is signed so
that your fintech partner fully anticipates your regulatory concerns.
Financial technology, often shortened
to fintech, is the technology and
innovation that aims to compete
with traditional financial methods
in the delivery of financial services.