specific activities that will be performed by the fintech partner,
and then ensure that the fintech has a working knowledge of the
For example, if the fintech is only generating leads or referrals,
is there a clear understanding of regulatory boundaries, such as
what constitutes an “Application,” and why it is critical to know
that? Are there controls in place to avoid inadvertently triggering
the disclosures and other requirements of “taking” an application?
A fintech with a knowledgeable compliance officer on board, along
with a risk assessment outlining legal and regulatory obligations,
is a great start; however, such resources are not always at hand.
It may also be important to know how the digital lender is
funded. Fintechs arriving on the scene in the past 10 years in a
largely benign credit environment have not yet experienced a
down credit cycle—you will want to know what stress testing has
been done to anticipate changes in the economic environment.
Another critical element to understand is the digital consumer
experience, and the focus on controls that are in place for any
consumer interface. In addition to evaluating transparency about
loan terms, conditions, fees, the potential for high interest rates
and repayment terms, you should also spend some time on the
fintech’s website. Does the consumer clearly understand their
current status within a particular banking process while on the
site? Could they trigger a hard credit inquiry or apply for a loan
without realizing it? Alternatively, a frequent complaint of consumers is that they think they have been approved for a loan, only to
be transferred to a bank where the process seems to start all over
again. You should have the ability to walk through the customer
experience, and when doing so, be alert for any communications
that could inadvertently signal approval, such as “welcome” or
“congratulations.” It helps for a website to have a progress bar, so
the consumer can visually see that the actual approval step has
or has not yet been reached.
Additionally, how is data transferred? And, is the consumer
required to repeat the input of information? The millennial consumer expects this to be seamless and wants to avoid unnecessary
keystrokes. Check with your IT department to anticipate any
system issues that could cause problems in connection points
with the fintech, or the potential for system surges that could
tax your system and slow communications or produce outages.
Fair lending and Unfair, Deceptive or Abusive Acts or Prac-
tices (UDAAP) issues are primary concerns for any relationship
with a fintech, especially if they are using untested underwrit-
ing models, and any algorithms involving a potential black box
that enables artificial intelligence and machine learning. You will
want to evaluate inputs to the data, run test cases and carefully
monitor data to detect any discrimination on a prohibited basis.
Of course, your risk assessment also needs to run through all
applicable compliance regulations, from A to Z.
If the fintech will be involved in servicing, especially loss mitigation and collections, it is critical that you spend some time to
evaluate how the consumer will be treated. Will customers be able
to have a live interface with a knowledgeable customer service representative? Reviewing training materials and complaint histories
may not be enough. You may want to go onsite, listen and observe
how customers are actually being treated. Obtain as much data and
metrics on the fintech as possible and go beyond traditional Better
Business Bureau sites to all available sources. This includes sites
such as Glassdoor, that discuss workplace conditions, so you’ll be
able to gain better insight into an organization’s overall operations.
Congratulations! Being an active participant in the strategic decisions that help your FI remain competitive in the coming decade
means you can play a key role in the massive, transformational
changes we are expecting in our financial ecosystem. Fire up your
search bar, find new ways to do due diligence, and be sure to wear
comfortable shoes—it promises to be quite a party! ■
ABOUT THE AUTHOR
BARBARA BOCCIA, CRCM, MBA, JD, is a senior director and manages the Advisory Services and Regulatory Relations team at Wolters
Kluwer across a wide range of consulting engagements, including
fair lending, CRA, HMDA and UDAAP. She brings more than 30
years of professional experience to strategic and technical regulatory compliance engagements relating to consumer protection
regulations, including reviews of Compliance Management Systems
(CMS), Compliance Risk Assessments (including fair lending,
UDAAP), Complaint Management Programs, and Third Party Vendor
Management Programs. Her work includes helping clients with
regulatory change management, preparing for exams, resolving regulatory enforcement actions, assisting with remediation efforts and
Board training. She is a frequent speaker at industry events. Barbara
can be reached at firstname.lastname@example.org.
Another critical element
to understand is the
digital consumer experience,
and the focus on controls
that are in place for
any consumer interface.