Page 26 - GS240701
P. 26
Insights and Expertise
Fintech compliance • Beenz.com
• Boo.com
By Ken Musante • Wonga
Napa Payments and Consulting • Powa Technologies
successful fintech aspires to arm a technology • Clinkle
company with the requisite financial trust to • Habito
disrupt federally insured banks and invest- • Monitise
A ment houses or to provide traditional financial
institutions with the requisite technology and agility • Earthport
to outmaneuver a Silicon Valley startup (see https://t.ly/
TAS0f). Oh sure, there is the occasional Wirecard, but by and
large, fintechs start, take in investor money, and go big or
But every fintech needs a partner bank. Every card go broke.
network and ACH transaction has an associated bank
sponsor. Only a bank may hold Federal Deposit Insurance Banks, on the other hand, are too systematically
Corp. (FDIC)-insured deposits, and unless the fintech important, too big or too socially responsible to fail. When
holds a money transmitter license, a bank is necessary to one does fail, there are major implications far beyond
pay out the end merchants and customers. the impact on investors. Depositor money is at risk. The
‘I’ in FDIC stands for insurance, which insures deposits
Regardless of the payment processor’s (ISO, ISV, payfac) up to $250,000. Regulators are called to task and board of
size—a bank is involved in every transaction. director members may be personally liable.
Enter the cronut
Nobody cares when a fintech fails. Did any of these carry
a headline? Hence the dichotomy between how fintechs and banks
view risk. A fintech looks at the upside. If it is successful,
it will be worth many multiples of its initial investment.
A bank looks at the downside, as its multiple, even when
successful, is pedestrian. A bank’s probability for success is
many times greater than that of a fintech, but the upside is
muted. Consequently, while most fintechs are not directly
regulated, many have partnerships with regulated banks,
which require their fintech partners to adhere to the same
compliance obligations as the banks.
Typically, this is done contractually; however, as I just
shared, a bank is financially incentivized to be risk averse
while a fintech is financially incentivized to embrace risk.
Additionally, fintechs typically have much less capital and
ability to absorb catastrophic losses.
This imbalance explains, in part, why, according to
Alloy’s 2023 State of Compliance Benchmark Report, 93
percent of FinTechs find it challenging to meet compliance
requirements (see https://t.ly/IqGm5). Even more curious,
55 percent noted that "lack of automation" is one of their
biggest barriers to meeting BSA compliance requirements.
The fact that fintechs are struggling with automation,
which, at the core, is what fintechs do, belies a deeper
issue: they do not prioritize compliance.
What does this all mean?
Bank regulators are coming down hard on banks that are
not managing their third-party risk. From a the FDIC's
perspective: "Engaging a third party does not diminish
or remove a bank’s responsibility to operate in a safe and
sound manner and to comply with applicable legal and
regulatory requirements, including consumer protection
26
