Fintech Compliance

All Fintech

Outsourcing is a Cost-Effective Way to Meet CCO Staffing Requirements

Aug 17, 2023




5 min read

With hundreds of new fintech companies going into business each year, finding the right compliance talent in a cost-effective way is a significant challenge. Demand for both staff and leadership is high.

An outsourced Chief Compliance Officer (CCO) can offer enormous advantages to help meet such demand. The right outsourced CCO provides instant access to expertise in the unique nuances of compliance in the world of fintech. While it might seem that outsourcing this role is primarily a means to cut costs, it also offers significant strategic benefits.

As an outsourced CCO service provider since 2013, we’ve been working with fintechs and we’re now sharing our practical knowledge in this Guide.

In this blog, we will define the role and point out potential cost-savings. Most important, we will also show how compliance officer outsourcing can boost a fintech’s growth strategy and streamline operations at the same time.

InnReg Compliance Consulting and Outsourcing
InnReg Compliance Consulting and Outsourcing
InnReg Compliance Consulting and Outsourcing

Responsibilities of an Outsourced CCO

The most common reason for hiring a CCO is meeting compliance requirements imposed by regulatory bodies, thereby managing regulatory risks. To ensure that the compliance programs throughout the organization are effective and efficient in identifying, preventing, detecting, and correcting noncompliance with applicable laws and regulations, the executive-level role is responsible for establishing standards and implementing procedures.

In the context of fintech, meeting this responsibility requires expertise with regulators and regulatory bodies, including the SEC, FINRA, OCC, and CFPB, as well as state financial regulators. In addition, a highly experienced CCO has deep knowledge of all aspects of finance and accounting.

The CCO must also work closely with company founders, legal counsel, and potentially audit teams (for more mature companies) to identify risks or issues within a company’s operations. This oversight includes ensuring adequate ongoing risk assessment across different business units and functions.

In addition, the CCO must play an active role in developing policies and processes around data security and privacy, anti-money laundering (AML), Know Your Customer / Customer Due Diligence (KYC / CDD) requirements, and more.

The CCO will have responsibility for:

  • Ensuring that the firm's systems and controls meet financial regulatory standards;

  • Developing and maintaining appropriate documentation related to the implementation of these systems and controls;

  • Leading compliance operations; and

  • Ensuring that all company staff receive the appropriate compliance training on an ongoing basis

What are the Potential Cost-Savings versus an In-House Executive?

While there are many reasons why firms choose to outsource their CCO, one key benefit is reduced overhead expenses. By reducing headcount, these organizations save money by not paying salaries, insurance premiums, office space, etc. Additionally, they avoid paying payroll taxes.

The U.S. median cost of a CCO, including salary, benefits, and other compensation in 2020 was $336,892, according to data from Robert Half. That figure increases to over $400,000 in major financial and tech centers such as New York City and San Francisco. Carrying this cost can be quite burdensome until a startup’s revenue can support it.

In fact, according to Globalscape, the average cost of compliance for financial services companies is more than $30 million, and those costs are growing rapidly. Globalscape also states that it can be 2.71 times more costly for an organization to not comply with mandates.

In the early stages leading up to launch and as user, customer, or client numbers increase, this leadership role may only require a part-time resource. A fully-loaded salary for an executive-level member of the team can be hard to justify.

Why Hire an Outsourced Chief Compliance Officer?

Outsourcing your CCO position allows you to reduce costs without sacrificing quality. Companies who outsource this role can tap into an irreplaceable and unique guide to help them navigate through the process of registering as a regulated entity, if needed.

As they grow and mature, they may ultimately bring the CCO role in-house, although as we discuss below, the decision doesn’t always lead to an internal hire.

Before making any decision regarding whether to bring someone internally or outsource, here are some considerations to keep in mind:

In House or Outsourced CCO

Fintech expertise provides the most fundamental rationale for seeking an outside resource. Many senior professionals in this area come from the world of traditional finance and do not have in-depth experience with the subtleties of fintech.

By contrast, an appropriately licensed professional with startup experience understands the nuances of launching and operating as a digital broker-dealer, a robo-advisor, a cryptocurrency platform, or any other common fintech models.

SEC Outsourced CCO Considerations

The Securities and Exchange Commission does allow regulated companies to appoint an external resource to the CCO role. In 2015, however, the SEC published explicit guidance that companies must not “set it and forget it” when outsourcing compliance functions.

In practice, such guidance means that outside officers cannot be left to operate in the dark without detailed visibility into a firm's practices and without clear governance that allows them to act if risks emerge or violations occur.

Rule 206(4)-7 of the Investment Advisers Act of 1940 establishes the basic requirements. Per additional guidance published in 2004:

"An adviser's chief compliance officer should be competent and knowledgeable regarding the Advisers Act and should be empowered with full responsibility and authority to develop and enforce appropriate policies and procedures for the firm. Thus, the compliance officer should have a position of sufficient seniority and authority within the organization to compel others to adhere to the compliance policies and procedures."

While regulation does not weigh in on in-house or outsourced CCO requirements explicitly, it strongly indicates the expected responsibility and authority.

When setting up governance and reporting processes, the most important factor for regulators is that the CCO be a qualified professional with competent experience managing the relevant regulatory requirements regardless of who ultimately pays their salary.

What to expect when outsourcing chief compliance officer?

When outsourcing the role of Chief Compliance Officer to a seasoned fractional CCO, SMBs and startups utilize and benefit from the expertise and know-how of an external expert to meet their compliance and regulatory obligations. This cost-effective strategy to manage financial and non-financial risks also helps build a strong reputation and trust with customers, partners, and regulators.

InnReg Compliance Consulting and Outsourcing
InnReg Compliance Consulting and Outsourcing
InnReg Compliance Consulting and Outsourcing

Thinking About Longer-Term Growth

Once a fintech company reaches a certain revenue level, it may make financial sense to consider bringing a full-time C-level executive to lead compliance activities. But the answer to that question is not always obvious.

In many cases, outsourced providers such as InnReg can take on the entire compliance function from end-to-end, from leadership to managing complex tasks to deploying cost-effective resources that help build more robust capabilities quickly, without lengthy ramp-up or learning curves.

Such teams can provide complete workflows with operational staff who have prior experience handling tasks for similar companies. As a result, beyond leadership, they also have support for:

  • Customer onboarding (e.g., KYC/CIP, account applications review, and due diligence);

  • Back-office operations (e.g., application processing, personal data gathering, AML compliance, funds transfer, payments processing, and data management);

  • Surveillance, anti-manipulation, and suspicious activity monitoring;

  • Marketing and advertising compliance (e.g., review of strategic plans, review of online and offline communications); and

  • Integration of affiliate marketing programs and strategic partners

As a result, they deliver efficiencies and strategic value simultaneously, as a complete operating team.

If you have questions about the need to fill in the CCO role and the best way to get traction and results with outsourcing, we’d be happy to discuss with you further. Send us an email to start the conversation:

InnReg Compliance Consulting and Outsourcing
InnReg Compliance Consulting and Outsourcing
InnReg Compliance Consulting and Outsourcing

Subscribe for Compliance Insights

Subscribe for Compliance Insights

Subscribe for Compliance Insights

Latest LinkedIn Posts