How to avoid compliance pitfalls in bank-fintech relationships
A recent survey found that 40% of all bank partnerships fail, despite the rapid growth and increased focus on bank-fintech partnership strategies.
In fact, the survey results showed that the vast majority of banks struggle significantly with managing their fintech relationships:
78% of banks have difficulty establishing internal partnership governance frameworks
75% of banks struggle matching operational and commercial needs with partnerships
53% of banks have difficulty onboarding new partners
50% of banks have difficulty overseeing and maintaining partner relationships
Among these challenges, getting financial crime compliance right is one of the biggest pain points for operationalizing bank-fintech partnerships and BaaS programs.
Already this year, notable BaaS providers, including Solaris in Germany and Railsr in Lithuania, are facing restrictions on entering new partnerships until they get their AML compliance programs in order. The banking turmoil fueled by the collapse of Silicon Valley Bank and Signature Bank is also driving more regulatory scrutiny. As a result, banks are concerned about regulatory risk, tightening compliance and risk management practices, and re-thinking higher-risk relationships.
These trends mean that the banks, fintechs, and BaaS providers that will come out on top in this space are those prioritizing compliance infrastructure and investments.
Compliance and BaaS leaders can set up their bank-fintech compliance framework for success and avoid pitfalls by focusing on three key areas.
Improve partner onboarding
Partnering with fintechs can radically impact a bank’s risk profile and appetite. Banks need a close understanding of each fintech partner’s risks, plus a firm grasp on how those risks affect the bank.
Banks should improve risk assessment measures at onboarding from both a process and substantive perspective by addressing the following:
- What information and documentation will you require from every partner, and how will you collect and review this information efficiently?
- How will you do standardized risk assessments for each fintech and assess the individual and aggregate impact to your risk profile for each new partner?
- What arrangements need to be agreed to ensure partners communicate changes to activities or risk profiles timely?
Expand partner oversight and monitoring capabilities
As regulatory pressure grows, banks’ demands on fintechs must also increase. Banks cannot turn a blind eye to partners’ activities. Rather, they need to find resource-efficient ways to ensure they continuously monitor all fintech partners.
Banks and their partners can head off compliance issues by addressing the following considerations:
- What controls are put in place by each partner and how do those controls address their key risks?
- What data will each partner send to the bank about their controls performance, how and when will this data be transmitted, and how will the bank review this data efficiently?
- What arrangements will be agreed in advance for fixing and reporting compliance issues at the partner timely?
Show, don’t tell
Regulators are increasingly demanding that banks show they have effective compliance programs, rather than produce paper or tick-box programs. BaaS banks need to demonstrate their compliance programs are fit for purpose to manage the new risks and challenges, including ensuring compliance controls are operating as expected at each partner.
To best prepare for regulatory scrutiny, banks and fintechs should consider the following:
- For banks, what additional or expanded testing at the bank or fintech level is needed to ensure your compliance program continues to work effectively as you take on more partners?
- What risk and compliance metrics or data are needed to show your compliance program is working effectively to regulators or stakeholders?
- For fintechs, similarly, what testing or metrics will you show to your partner banks to demonstrate your compliance controls are working effectively?
Compliance teams are adopting automated tools and technology like Cable to build scalable BaaS programs in a resource efficient manner.
