FinTech startups are changing the financial services landscape as we know it. As FinTech enters the mainstream, federal and state regulation, cybersecurity, money laundering, and artificial intelligence (AI) will shape its future.
Federal and State Regulation
Evolving regulatory trends will transform FinTechs’ business models. In the US, the federal financial regulatory framework will undergo a series of radical changes. Congress is exploring ways to repeal provisions of the Dodd-Frank Act and federal financial regulatory agencies have received instructions to relax regulatory requirements.
This trend toward federal deregulation will level the regulatory playing field between FinTechs and financial institutions as banks will be subject to less federal regulation, and FinTechs will enjoy fewer federal regulatory arbitrage opportunities relative to their traditional bank counterparts.
At the same time, state financial regulatory agencies are exploring new avenues to increase direct regulation of FinTech companies. In the U.S., FinTechs are currently required to comply with state requirements of each jurisdiction in which they operate. FinTechs, however, are often confronted with inconsistent legal requirements and duplicative burdens across different states.
This is one of the key factors driving partnerships between FinTechs and financial institutions. For example, state licensing laws have varying requirements for activities requiring licensure. Enhanced state regulation will exacerbate challenges facing FinTechs by increasing regulatory uncertainty and complexity.
The Office of the Comptroller of the Currency (OCC) has proposed offering a special purpose national bank charter to FinTechs satisfying certain requirements. While this proposed charter would exempt FinTechs from certain state requirements, it will require a significant capital outlay. This will likely negate benefits afforded by the charter. As a result, most FinTechs will likely not apply for this charter.
Cybersecurity risks similarly present compliance challenges that threaten the growth and momentum of the FinTech sector.
Federal and state regulators have outlined rigorous cyber security requirements for financial institutions to protect customer data and defend against cyber attacks. Regulators and customers expect FinTechs to comply with these evolving standards.
As regulatory agencies tend to focus on written policies and procedures, FinTech firms should develop and implement policies and processes to deter and remediate unauthorised breaches.
Compliance, however, is only the first step. A comprehensive cybersecurity plan should address additional measures such as vendor management and a response plan for reporting breaches to appropriate authorities.
Anti-money laundering (AML) will remain a strong regulatory focus and continue to shape the FinTech landscape. FinTechs and financial institutions are subject to many of the same AML laws and regulations. These requirements, among other things, mandate development of a written compliance program, robust internal controls and testing procedures.
As FinTech gains a more central role in financial services, firms should anticipate heightened scrutiny of compliance with AML requirements. Lack of compliance with AML standards can have devastating reputational and monetary consequences. For example, lack of AML compliance cost one FinTech firm $700,000. As new regulations are introduced and implemented in 2018, FinTechs should carefully monitor agency guidance to identify system gaps and ensure compliance.
Integration of AI by FinTechs and financial institutions will be a leading trend in 2017. In addition to reducing costs, AI has tremendous potential to provide consumers with tailored financial services and improved financial management tools.
A central concern, however, is the regulators’ response to the use of AI in financial services. While regulators have issued general supervisory guidance regarding the use of information technology, agencies have said very little regarding AI.
As AI becomes more prevalent in financial services, regulators will seek to identify deficiencies in controls and develop standards focused on privacy and consumer protection. FinTechs capable of integrating AI with these regulatory standards in mind will be those firms best positioned for long-term success.