Keeping the bad guys out

No wiggle room for fintechs: The challenges of risk and compliance management

  • Complying with financial regulations is now a vital aspect of fintech operations. Fintechs are working on striking a balance between internal controls and external regulations.
  • Meeting compliance requirements can be challenging, however, given the complex and constantly evolving regulatory landscape.

Email a Friend

No wiggle room for fintechs: The challenges of risk and compliance management

Compliance and regulation have always been of significant importance for the financial services industry since 1791, when the first operating bank was founded in the U.S. Fast forward to this year, the banking crisis has raised deeper questions around regulatory failures and poor risk management. 

The string of mishaps beginning with SVB has pushed regulators, who have already been zeroing in on fintech operations and bank-fintech partnerships over the past few years, to become stricter and implement tighter oversight. 93% of fintechs say they are struggling to meet increased regulatory requirements. In fact, 86% of them paid more than $50,000 in compliance fines last year, according to a new report by Alloy.

Key challenges facing fintechs in terms of compliance

Different fintechs have different sets of compliance challenges and there is no-one-size-fits-all approach to it.

While a larger, well-established fintech may have a more developed compliance team, its challenges may center more around changes in regulatory requirements, reporting requirements, or managing the tools they use to manage their compliance program. Whereas, earlier-stage fintechs that don’t yet have a compliance officer on staff or a complete team may struggle in the interpretation of various laws and regulations. The Alloy report identifies that lack of access to experts who can understand and implement practices in alignment with laws, external regulations, guidelines, and specifications relevant to a specific business process is one of the key barriers to meeting compliance requirements.

A horizontal bar chart showing the top reasons why fintechs find compliance process difficult

55% of fintechs also say that lack of automation is a roadblock when it comes to following a systematic approach to compliance. In particular, fintechs ranked Suspicious Activity Report (SAR) filings – a document that financial institutions must file with the Financial Crimes Enforcement Network (FinCEN) whenever there is a suspected case of money laundering or fraud – as the most time-consuming part of their compliance process. 

“What is required is not often more work (usually meaning more personnel), but better tools and better data to ensure that an organization is getting the identity of a user right so that they can then manage all of the risks around identity which includes compliance and also fraud,” said Gizelle Barany, general counsel at Alloy.

The financial sector is increasingly investing in technology to keep pace with rules, regulations, and systems to fight financial crime, yet compliance and fraud are two issues that take a lion’s share when it comes to fintech investments. This boils down to the fact that as fraud prevention technology is evolving, so are fraudsters’ tactics. For example, fintechs are using AI/ML tools to create better fraud detection models, but fraudsters are also using them to create more convincing synthetic identities. Additionally, regulators are constantly evaluating and determining new regulations and policies to protect both businesses and consumers. This in turn requires compliance officers to stay up-to-date on regulatory changes, industry standards, and technological advances to manage their compliance programs effectively.

These rapid developments indicate that compliance and fraud prevention issues will likely never go away and new solutions will always be required as technology evolves. According to Barany, having a wide array of data at their disposal is critical to fintechs for the same reason, so that they can always add more tools to their fraud-fighting arsenal.

“Financial institutions with a flexible fraud tech stack will be uniquely positioned to fight the fraudsters of today while deciphering the techniques of fraudsters of tomorrow,” she said.

Smoothing the rough edges

Remaining compliant to avoid fines, maintaining a good reputation in the market, while preventing financial crime, and working toward scaling business in a competitive market – all constitute a significant set of challenges for fintechs, many of which are still not profitable and have a constant need for capital.

80% of fintechs are going above and beyond the basic requirements in preventing fraud

The report highlights that around 80% of organizations are putting efforts into place to go above and beyond the minimum requirements in preventing criminal activity, given that the pace of criminal activity outstrips the pace of regulation. 

One way fintechs are actively working on striking a balance between internal controls and external regulations is through automation. Going forward, many fintechs are incorporating AI/ML into their compliance workflows, which can save time in BSA, AML, and KYC processes and eliminate the need for manual reviews. Although manual reviews are still an essential part of the fraud prevention process when it comes to particularly risky transactions, automating a portion of them can save FIs time and money to focus on other business priorities.

Fintechs are increasingly turning toward third-party risk management solutions for compliance, too. 93% of fintechs are using at least one third-party platform. These platforms like BitSight, OneTrust, and Alloy offer products and services that help in tracking specific legislative and regulatory analysis, keeping track of changes to compliance policies, ongoing vendor and partner management, and portfolio analytics. The platforms also enable fintechs to pull and analyze information from data sources to have a holistic view of each applicant and verify KYC, KYB, AML monitoring, sanctions screening, and case management.

Fintechs that use one of the third-party platforms for compliance activities are more likely to be able to identify and prevent criminal activities

Organizations that use one of these third-party platforms for compliance activities are more likely to be able to identify and prevent criminal activities by following the Bank Secrecy Act (BSA) regulations than organizations that use multiple or no third-party platforms.

As new rules and priorities continue to emerge, the compliance landscape is also expected to evolve, too. In addition, financial institutions are anticipated to double down the use of AI/ML in the next 12 months to detect and prevent fraud, according to the report.

Still, fraud and compliance can’t be orchestrated in silos. Compliance, fraud, product, and leadership teams will likely have to work in tandem to build a compliance ecosystem in line with the dynamic landscape of regulation, risk, and fraud.

“It’s less about streamlining processes and more about educating yourself on compliance,” said Barany.

0 comments on “No wiggle room for fintechs: The challenges of risk and compliance management”

Keeping the bad guys out, Partner

Why ‘know your business’ is critical for FIs everywhere — and how banks, fintechs, and marketplaces can benefit from emerging solutions

  • Bad actors are continuing to improve their technology and tactics to commit financial fraud.
  • FIs can use Know Your Business (KYB) compliance as a competitive advantage if they're willing to invest in business verification data.
Enigma | November 29, 2023
Banking, Keeping the bad guys out

Banks having to monitor Politically Exposed Persons is the thirteenth Herculean labor

  • An integral part of a bank's KYC and AML work is focused on ensuring that Politically Exposed Persons (PEPs) cannot abuse the bank’s services for their own gain. Things slip through, though.
  • But oversight overeagerness on the part of FIs can create issues for those associated to PEPs as well as prevent the FI from focusing on genuine detection.
Rabab Ahsan | November 28, 2023
Keeping the bad guys out

A first-party fraud epidemic?

  • More than one in three Americans admit to committing first-party financial fraud themselves.
  • Among those who don't deem first-party fraud as problematic, Gen Z is the most comfortable. 50% of the young age cohort report they would be okay with committing fraud if there are no negative consequences.
Rabab Ahsan | October 26, 2023
Keeping the bad guys out

Check fraud vs ML, Computer Vision, and UX: A solution by Q2

  • Check fraud impacted 6 out of 10 companies last year, and check fraud tactics are continuing to evolve.
  • Fighting check fraud requires a mix of technologies and a network approach. Q2 is working on a product that targets the full stack of complexities within the space.
Rabab Ahsan | August 29, 2023
Data, Keeping the bad guys out

The network approach to fighting fraud

  • With fraud evolving, prevention and detection mechanisms are changing as well.
  • FIs and technology providers are turning towards approaches where critical data about fraudulent activities can be shared with FIs and businesses in the ecosystem via a network approach.
Rabab Ahsan | July 05, 2023
More Articles