Resources | AML RightSource

FinTechs and Regulatory Compliance

Written by Amy Petric | February 27, 2020

The entrance of financial technology companies (FinTechs) into the economy and their impact on customer-facing and back-end processes is well documented.  Many of these entities have brought new ways to reduce the drag in existing systems and processes and to increase the speed and through-put of data and transactions.
Some FinTechs have existed for many years (such as the major providers of core processing systems to financial institutions) or have grown out of traditional financial services companies;[1] others have appeared more recently and have no historical connection to the financial services sector.  This latter group often enters the marketplace without a full understanding of the regulated nature of the business.  This repeatedly causes challenges for FinTechs and their financial institution (FI) partners in allocating and carrying out compliance responsibilities.
So as a FinTech what are some things to contemplate when thinking about regulatory compliance? When considering compliance issues prepare yourself to answer these questions:


  • Have you built compliance processes into your product as a foundational element?
    Often FinTechs have designed their products without full consideration of the compliance environment in which the product will operate, the compliance processes in place at the FIs to which the product is being sold, or the compliance requirements the FinTech has agreed to in its contract with its FI partner. Taking these issues into account during product design and development will make products more desirable and easier to sell to FI partners.
  • Does your core product and its related processes capture the customer information you will need to support a compliance program, or just the information required to use the product?
    Many FinTech products require some form of customer credentials to be used.  Understanding what customer information will be needed to support regulatory compliance and building that level of customer credential requirement into the product will make integration of your product with those of your FI partner much easier.
  • As part of your product development process have you included a risk assessment step that supports compliance?
    The use of every product includes various elements and levels of risk; determining what those elements and levels are and their magnitude can be done through a risk assessment.  One of the elements that can be evaluated in the risk assessment is regulatory risk.  The process can help highlight risks that can be mitigated through the design and implementation process.
  • In establishing your desired level of “customer friction” have you considered the balance between initial friction and friction created by compliance intervention during the customer transaction process?
    Some FinTech product deployments have been done with the approach “we will deal with any compliance issues later; we want to make this easy for the customer in their first experience.”  This low friction launch approach can result in much higher friction later when compliance activity is turned on and customer transactions or other activity is impacted, or even suspended, while compliance functions “catch-up” to customer transaction/activity volume.  Planning for compliance activity before launch and considering how best to recognize that compliance may add some friction may lead to a better customer experience.
  • Have you integrated a case management system into your product to support compliance processes?
    Once a compliance issue is identified, managing the related investigation and disposition increases the through-put in the process.  Initially designing your product to capture and store the information to support and manage investigations, either through an internal process or integration with a third-party product, will support effective compliance.
  • Have you considered how the compliance requirements of your product will integrate with those of your financial institution partners?
    Some FinTechs and some FIs don’t speak each other’s language.  As a FinTech, one of the skill sets that will help you work smoothly with FI partners is an understanding of their regulatory compliance obligations.  Whether through a staff or outside resource, having a deep understanding of your partner’s needs will make your relationship smoother and stronger.
  • Have you considered how ineffective compliance may adversely impact the customer experience and lead to bad customer events and negative publicity through traditional and social media channels?
    Negative publicity is always something to avoid.  Whether it is in the business press or on social media, articles or posts which speak to general compliance failures, bad actors exploiting your product, or break-up of a partnership, reflect poorly on the parties involved.  Recognizing and planning for the compliance obligations inherent in your product can mitigate this risk to your reputation.

This list is not comprehensive, but it does set out a basic framework for product design and effective integration with FI partners. Considering the compliance implications of your product early can help avoid unintended consequence later.

[1] For example, the part of Fidelity National Information Services Inc. (FIS) which was Metavante Corporation originally a division of Marshall & Ilsley Corporation, at the time a Midwest-based Bank Holding Company.