As a newly hired or promoted Chief Compliance Officer or CCO within an early-stage fintech firm, you may find your new job requirements somewhat disorienting. Often, CCOs have extensive compliance experience in other types of organizations, such as more traditional banks, RIAs, broker-dealers, etc., or larger companies that already have robust, well-resourced compliance teams. More mature organizations typically have more familiar compliance needs and challenges as well.
When starting in a fintech firm, especially a fast-paced, smaller, and early-stage company, you face several adjustments from Day 1 on your new role as a career compliance professional.
From our experience at InnReg working as a partner with fintech CCOs and carrying out the CCO’s role on a temporary or outsourced basis, we have developed a set of five survival tips that we believe will help you overcome the initial shock and thrive in your new role.
Tip 1. Change Your Mindset: A Fintech’s CCO’s Wide Duties
Chief Compliance Officer qualifications include prior executive or leadership experience in a compliance role. If your experience is with a larger organization, you will have to change your mindset from delegating everything down through your reporting structure.
In a leaner fintech, you frequently find yourself rolling up your sleeves to complete compliance tasks. Your activities will include developing operational workflows for a regulatory change, negotiating with technology providers, and working on responses to regulatory information requests — often within the same week, if not even on the same day.
Tip 2. Get the Lay of the Land: Fintech Compliance Review
As a new Chief Compliance Officer, you have to take a programmatic and holistic approach to your new firm’s compliance needs. Starting from your very first week on the job, you should do extensive due diligence on your own firm, far more detailed than was possible during the recruitment process.
First, of course, make sure you have a detailed understanding of every regulated business process and activity conducted by your firm. As you dig deeper, you should also be prepared to ask tough questions about processes and activities that do not have any associated compliance processes.
Addressing potential blind spots in a firm’s compliance processes will be essential to your future success, as well as defining critical steps that you need to take to make compliance more robust.
Second, you should evaluate current compliance practices from end-to-end. Recent CFTC Guidance on the Evaluation of Compliance Programs can provide you with a useful model for doing this important discovery work. InnReg supports firms in carrying out this process internally before regulators take interest.
At this stage, you should develop a detailed understanding of how your firm prevents, detects, and remediates regulatory violations. Here’s an actionable blueprint for doing just that:
- Take inventory of your internal and third-party compliance resources
- Map out oversight and escalation functions for Suspicious Activity Reporting as required by regulators
- Gather any documented policies and procedures and identify potential gaps
- Assess existing Codes of Conduct and enforcement mechanisms
- Identify current compliance training programs and approaches and unmet training needs
- Review any past deficiencies, their impact, and how they were addressed
- In parallel to all the above steps, carry out gap analysis and capture all ideas for improvement
Tip 3. Be Radically Digital: Technology Choices and Fintech Compliance
In a digital business environment such as fintech, Chief Compliance Officers with prior experience at more traditional financial services firms can face a steep learning curve. You have to become conversant with all of the technology that supports your firm’s business model, as well as areas such as digital document management, digital records retention, data protection, and cybersecurity.
Developing information security procedures and mitigating the underlying risks can seem incredibly daunting. Regulations in these areas are evolving quickly, and new threats emerge every day.
On the positive side, technologies that support compliance operations are changing quickly, too. These technologies help you automate critical elements such as fraud prevention or money laundering detection — essential when all of your business activity from account openings to trades to payments takes place via digital channels.
While there is no magic solution that will help you understand all digital threats and opportunities at once, committing to learning and exploring these areas will play an integral part in your ability to thrive as a new fintech CCO for any sustained period.
Put simply, be ready to learn — constantly!
Tip 4. Become a Jack of All Trades: New and Old Skills for a Fintech CCO
The inventory of hard and soft skills you need as a fintech Chief Compliance Officer turns into a long and intimidating list very quickly. Understanding how to build and run a compliance program is essential but not sufficient.
At the same time as you must be a compliance professional, maintain appropriate licenses and credentials, and function as a senior leader, you need to be able to do the following equally well:
- Plan and manage change. In many cases, you will be the first person to hold this role because your firm has only now grown to the point where it needs a full-time internal CCO.
- Advocate constantly. Many fintechs believe that moving fast and being disruptive is their strategic advantage. They also see compliance as counter to speed and innovation. You’ll have to become very nimble at making your C-level peers believers and showing that compliance both mitigates risk and creates new opportunities for both cost savings and growth.
- Think holistically. Unlike large traditional financial institutions, compliance cannot function like a mysterious black box within a fintech. It has to become an integral part of how the business runs, which means adding new compliance processes and new elements to other business processes. Functions subject to compliance include marketing, sales, account opening, customer onboarding, transaction and order management, etc. Compliance can become an indispensable ingredient in the connecting glue that holds front-, middle-, and back-office activities together.
Tip 5. Extend Your Reach: Remote Compliance Resources and Outsourced Providers
InnReg has partnered with dozens of innovative fintech firms to help them build or supplement their compliance capabilities. In some cases, we also provide an outsourced or fractional Chief Compliance Officer to support a client’s current size and needs.
The option to outsource compliance offers significant advantages to new CCOs as well. An outsourcing provider with deep expertise in fintech can act as a coach and partner to a new CCO. For example, InnReg can conduct initial program evaluations in a detailed and objective manner, serving as extensions of your eyes, ears, and hands while you get up to speed in your new role.
In addition, because we have teams of experienced and licensed professionals who are experts in handling fintech compliance tasks, you don’t have to source, hire, and train a new team from scratch. Outsourced providers such as InnReg can help a new CCO take on complex tasks and deploy cost-effective resources that help build more robust compliance capabilities quickly, without lengthy ramp-up or learning curves.
Taking on the role of a new Chief Compliance Officer at a fintech firm can seem like you’ve woken up at the start of a superhero action movie. A lot will be asked of you. Even more challenging — your company may not know what it doesn’t know about compliance.
As a result, you’ll have to educate or even sell your role internally at the same time that you rapidly reinforce your firm’s compliance capabilities. It’s as if you have to leap from standing to flying in less than one second while at the same time handling much more than just your new “superpowers.”
There’s help, however. If you have questions about your new CCO role and the best way to get traction and results quickly, we’d be happy to discuss with you further. Send us an email to start the conversation: email@example.com.