Fintechs Struggle To Meet Compliance Requirements
August 31, 2023
Fintechs and Compliance
A large majority of fintech companies are finding it challenging to meet compliance requirements, according to Alloy’s 2023 State of Compliance Benchmark Report. Specifically, the study, which surveyed over 200 fintech professionals, found that a whopping 93% of respondents feel that meeting Bank Secrecy Act (BSA) compliance requirements, including anti-money-laundering (AML) and know-your-customer (KYC) obligations, in their organizations is at least somewhat challenging.
On its own, this data isn’t all that concerning. Compliance is hard, for everyone. But, in the context of the difficulties the fintech industry has faced of late when it comes to compliance and fraud issues, it is more worrisome. That’s because, together, these dynamics suggest that not only do fintechs find meeting their requirements challenging, but they are also struggling to overcome those challenges. This is likely down to a couple of things — first, fintech providers are focused on crafting enjoyable and functional user experiences, and that is where their expertise lies. They do not necessarily have the compliance acumen in house in order to stay on top of things most effectively. And second, their main goal is to reduce friction and make their offerings seamless — the more they increase controls, the more friction they introduce, which means they’re constantly trying to find the right balance. Ironically, it’s also likely the lack of friction involved that makes these organizations such targets on the fraud side.
How difficulties manifest can also vary depending on the kind of company involved. According to Alloy’s general counsel, Gizelle Barany, “The challenges fintechs face when it comes to meeting compliance requirements really come down to the size of the fintech that we are talking about. A larger, well established fintech will likely have a more developed compliance team, so their challenges may center more around changes in regulatory requirements, reporting requirements, or in managing the tools they use to manage their compliance program. On the other hand, we also work with earlier stage fintechs who don’t yet have a compliance officer on staff, so their challenges might center more on the interpretation of various regulations.” Additionally, she stressed the importance of leveraging better tools and better data to ensure that an organization is getting the identity of a user right, so that they can manage all of the risk around identity, which includes compliance and also fraud.
So, why does all of this matter for traditional banks? Well, if you are a bank that provides sponsorship to fintechs in a Banking-as-a-Service (BaaS) arrangement, it’s a compliance issue for you, as well. But, moreover, it’s an opportunity. And why is that? Because, you know who is really good at compliance — banks. We’ve talked about this idea before — by leaning on their own compliance expertise to provide greater support to fintech clients, banks have a real opportunity to add more value and de-risk their own operations simultaneously. Such support could perhaps even rise to the level of creating something that looks like a Compliance-as-a-Service (CaaS) offering by which the bank acts as a fintech’s compliance arm, moving the bank from overseer to operator on the compliance side of the house. (That could be especially valuable for some of the smaller players Barany refers to above.) Regardless of how exactly it manifests, though, beefing up their compliance support and offerings would allow banks to kill two birds with one stone, helping to keep their fintech relationships aligned with regulators while also making their own propositions more competitive.
At the end of the day, even as fintechs make greater use of advanced toolsets to help them meet compliance requirements — 84% of respondents are using or exploring artificial intelligence (AI)/machine learning (ML) — they are still going to require the expertise that banks are so well positioned to provide.