Build a Better Fintech: Invest in Compliance
Updated: Apr 19
The US doesn’t have an overarching compliance regime for its fintechs, making it difficult to determine which regulations and licences they need to follow at any given time.
The more a fintech grows, expanding its marketing, increasing its profile and attracting press attention (both positive and negative), the more likely it is to be exposed to state and federal scrutiny of its compliance status. Non-compliance can quickly lead to huge fines, jail time, and reputational damage. US fintechs have seen an increase in the scrutiny of their compliance status in 2022. If you’re one of the 73 per cent of fintechs without a dedicated compliance officer, now is the time to get an idea of what you need to know.
Five compliance factors US fintechs need to know, right now
Whether US-based or working with US clients, fintechs need to know what they want to achieve and have the necessary regulatory cover to ensure they can operate and fulfil their goals.
1. Know the compliance laws
There’s a whole alphabet soup of compliance laws on both state and federal levels that every fintech operating in the US needs to be aware of and follow. These laws ensure that financial transactions proceed smoothly, with safety and security at every stage. They should be a non-negotiable element of every fintech’s business.
Three key federal regulations for fintechs to be aligned with:
Financial Crimes Enforcement Network (FinCEN) – gathers information about financial transactions to help prevent and mitigate financial crimes.
Commodities Future Trading Commission (CFTC) – regulates US derivatives markets.
The Office of the Comptroller of Currency (OCC) – one of the primary banking regulators in the United States overseeing, regulating, and examining chartered banks.
Other key Federal regulators:
The Securities and Exchange Commission (SEC)
Federal Deposit Insurance Corporation (FDIC)
The Federal Trade Commission (FTC)
Consumer Financial Protection Bureau (CFPB)
Financial Industry Regulatory Authority (FINRA)
But it doesn’t stop there. Fintechs must stay up to date and compliant with a whole range of regulations that cover data privacy, security, and chartered banking laws. To add even more complexity, these laws vary from state to state.
Each state can have several industry regulators as well as the State Attorney General’s Offices who oversee often overlapping portions of the fintech industry. Banking, mortgages, loans, credit cards, insurance, money transfer, checks, consumer protection and privacy are all subject to an individual state’s regulatory authority.
2. Know about AML
Just as bricks and mortar banks have had to comply with strict anti-money laundering (AML) regulations, so do fintechs. In the US, AML compliance is both federal and state regulated so fintechs need to be up to speed with AML regulations. Money laundering causes around $2trillion to be lost to governments and companies annually. As a result, countries worldwide have developed AML policies which fintechs are expected to comply with. Having the right programme in place to detect and eliminate money laundering is essential.
3. There are penalties for non compliance
Non-compliance can land a fintech with hefty fines. These have the knock on effect of negatively impacting revenue, share price and future profits. State regulators and State Attorney Generals are often very active in going after smaller companies like fintechs. In 2021 a US-based fintech company was fined $6million by the Consumer Finance Protection Bureau (CFPB) because its lending practices had violated CFPB consumer protection guidelines.
Fintechs, as financial businesses, need to have a strong AML programme embedded in their strategy from Day One. In 2015, FinCEN levied a $700,000 penalty against a digital currency operator because it didn’t have an adequate AML programme. There are many instances where fintechs were fined either for their inability to adopt consumer security compliance or provide user data protection.
In 2021, the San Francisco-based neobank Chime was ordered by the California Department of Financial Protection and Innovation (CADFI) to pay a fine and to cease and desist language that the regulator says falsely portrayed the fintech as a bank, specifically to stop using chimebank.com, and to stop using the word ‘bank’ or ‘banking.’ This finding has rippled across the industry as a shot across the bow putting fintechs on notice.
There are non compliance penalties that can’t be wiped away with a checkbook. Reputational damage can last for years and negatively impact a fintech’s ability to attract investors and consumers.
NON-COMPLIANCE CAN LAND A FINTECH WITH HEFTY FINES. THESE HAVE THE KNOCK ON EFFECT OF NEGATIVELY IMPACTING REVENUE, SHARE PRICE AND FUTURE PROFITS.
4. Know about KYC
Fintechs are subject to increasingly punitive fines in cases of know your customer (KYC) negligence. That’s why it’s vital that all fintechs apply due diligence and have KYC compliance processes that are embedded and impeccable. Due diligence must be applied when onboarding customers in order to root out fraud, close off possible terrorist funding, and help mitigate AML risks.
Fintechs are expected to adopt and comply with US laws and regulations, which includes the Bank Secrecy Act (BSA), Office of Foreign Assets Control (OFAC), and individual state requirements. Fintechs have a duty to maintain AML-related procedures and controls designed to comply with these laws and regulations, to combat financial crime.
Read More at The FinTech Times
Need help with Compliance?
Here at UGR, we will help you navigate with success regulations, compliance and AML/KYC requirements needed in your growth journey. Our team is composed of some of the finest FinTech industry experts covering multiple jurisdictions. We have a unique approach into the world of emerging technology and work with the best compliance solutions with years of experience helping Crypto Exchanges, DeFi, Payment Processors, MSBs, RegTechs, Web3 and BaaS to meet all your regulatory requirements. Our Compliance As a Service (CaaS) allows you to plan, prioritize, and execute against strategic compliance projects and technology initiatives while matching your budget and pay only as you need.