A new presidential administration inevitably means changes in regulatory approaches and actions, which has a direct impact on fintech trends. In the world of fintech and digital compliance, the exact timing and nature of such changes will depend on a range of political and economic factors, as well as how fintech trends evolve. Regardless of what ultimately changes and when, InnReg does expect this one trend to have a significant impact.
Increased Scrutiny is the Fintech Regulatory Trend to Watch in 2021
Increased regulatory scrutiny and probability of regulatory actions is almost a guarantee for 2021 and beyond. Specifically, we expect to see regulators launching inquiries at an increased rate, whether in response to consumer and investor complaints or as part of their routine activity. Recent high-profile news such as the GameStop saga, which heavily involved retail investors using trading apps or suits against Robinhood, suggest end investors may be much more likely to speak up when fintech apps do not meet their expectations. It will also be prudent to keep an eye on SEC comment letters as well as inquiries from other regulators.
Regulatory inquiries rightfully come with a lot of anxiety on top of the steps required to respond. However, fintech compliance departments can help bring calm and focus to the process by being well prepared in advance.
InnReg recommends that companies follow a four-step process to carry out such preparation. These practices make sense as a general best practice to mitigate risks, but given today’s environment, such risks may turn out to be more likely.
Step 1. Develop Protocols for Responding to Informal Regulatory Inquiries
Some regulators, including the SEC, will begin investigations with “informal inquiries” before taking regulatory action. These inquiries can seem as simple as a letter or even a phone call from a regulatory staffer (often an attorney) asking a few questions. Companies must take these informal queries with full seriousness.
Everyone in your firm must understand how to respond. The best approach is for any staff to acknowledge the inquiry and politely explain that you will respond in due course without providing any comment on the substance of the query.
All inquiries should be immediately escalated to the Chief Compliance Officer, who in turn should engage other executives, appropriate legal resources, and additional fintech compliance expertise as needed. Only people with the proper expertise should engage, no matter how informal the question seems.
Step 2. Use Self-Audits and Spot Checks to Stay Ahead of Regulatory Trends
Companies should engage in regular monitoring to confirm that their existing practices comply. Depending on the area of business and governing regulations, common areas include:
- Account openings/user onboarding
- Credit approval decisions
- Data protection
- Fund deposit and withdrawal transactions
- Regulatory reporting submissions (quarterly and annual)
- Marketing and advertising
- Transaction activity (e.g., trading)
In addition to informal spot checks, fintech companies may also need to conduct formal audits to meet external regulatory requirements or satisfy internal requirements such as reports to company officers and the board of directors.
While these internal checks do not need to go as deep as doing a full dry run of responding to inquiries, they do help you determine any potential holes or weaknesses in your process.
Handle them proactively, and document actions that you have taken before regulators mandate them (often with additional penalties and fees).
Step 3. Tune-Up Your Existing Compliance Processes
Anticipating an inquiry can also be a great way to shed light on places where your existing compliance processes have fallen short. Many tasks end up getting deferred during the typical course of business. Some may even fall through the cracks entirely.
For example, if you have updated your Code of Conduct, you may have longer-tenure employees who have not yet signed it. Similarly, you may have holes in your records demonstrating whether employees have taken all relevant and required trainings within your organization.
Recordkeeping and document management are also common areas where fintech companies can easily fall behind. Many employees perceive these required activities as mere housekeeping, but from a fintech compliance perspective, disorganized documentation can mean a potential scramble to respond to regulatory requests. It is easier to spot and address any gaps in a routine compliance process check and then remediate them than to handle them under the added pressure of scrutiny from external parties.
The basic rule of thumb is that any processes that require people to take separate steps outside of their usual workflow offer greater risks that individuals or even entire groups slip out of compliance. As you review these processes in their current state, you should also consider ways to improve workflows.
Think about making compliance an integrated part of how people work, rather than an additional cumbersome and often unpleasant task (or at least, that’s how it may seem to people with sales, marketing, or client service responsibilities). Then, implement the process and tool changes needed to accomplish such process improvements.
Step 4: Regulatory Refresh for Fintech and Digital Compliance
The final area you can cover while improving your readiness to respond to inquiries is making sure that your compliance approach fits new ways of doing business. This review should happen at a couple of different levels.
First, make sure that you adjust all workflows and tasks to address new realities. COVID-19 has made this more essential than ever, with many staff working from home, and potentially for many more months to come. Some roles may never come back to in-office locations.
Changing the way people work, such as staff working remotely, shifts compliance needs in areas such as business continuity, cybersecurity, data protection, and recordkeeping for digital communications with clients. Many fintech companies responded quickly to the pandemic and cobbled together clever and effective pandemic-proof ways to remain in business. Now is an excellent time to make sure you have aligned your compliance processes with such new ways of working.
Second, make sure that your regulatory strategy covers any new services you offer so that you are not inappropriately engaging in regulated activity. Sometimes, offering new services can move your company into uncomfortable grey areas that regulators can notice.
For example, you might add educational information to a trading platform that could constitute advice, change your clearing firm or trading platform, allow clients to take lines of credits against their accounts, or add payment functionality that constitutes money transmission.
Now is also an excellent time to review current and planned service offerings and ensure that your regulatory strategy is aligned to them.
Conclusion: Anticipating Likely Fintech Compliance Trends
The purpose of robust compliance is to help fintech companies stay in line with governing regulations and industry norms. In an ideal world, it would also insulate such organizations from the time, effort, and costs associated with regulatory inquiries, more formal investigations, and penalties.
Using the potential for interactions with regulators to spot and cure potential issues before they emerge can help mitigate the risks. It can also improve the way you operate and help your business growth happen more smoothly within regulated markets.
Especially in a year when scrutiny is likely to increase, reviewing your practices is a smart investment and a safer way to do business.
If you have questions about how to update your strategy or make your compliance functions more robust, we’d be happy to discuss. Contact us for more information.
Note: Compliance Trends to Watch for 2021 and Beyond
While we have no specific predictions on which regulations may ultimately see an impact and when, we expect a few areas to see notable activity. Changes to advertising and marketing rules have long been needed to bring current regulation into the world of digital and social media. In addition, continued uptake of digital assets in the form of cryptocurrencies and other forms of digital assets will likely push regulators to take action.
We will continue to watch these areas and share updates as warranted.