At first glance, financial technology companies and banks are competitors with similar products but different business models. Fintech companies need fast growth to survive. They must exercise quick marketing strategies and adaptive technologies. And they excel at reaching customers in new ways and providing more personalized customer service. Banks, on the other hand, rely on well-established customer networks, deep pockets and industry experience for their success. However, if they want to preserve their customer base and continue to grow, banks will have to adapt to what’s happening in the financial technology space.
Fintech companies and banks both face many unique challenges. Fintech companies must often decide how to allocate limited resources between marketing, intellectual property, compliance and cybersecurity concerns. Banks depend on legacy technology, lack market speed and must continue to keep pace with new banking regulations and technologies. Although both fintech companies and banks face significant legal barriers, they have different needs and strengths. Fintech companies need the deep regulatory experience that banks have developed over many decades. Banks need flexibility to adapt new technologies to changes in the compliance landscape. These differing but not incompatible needs present an opportune cross point for partnership.
The following laws and regulations exemplify a small portion of the regulatory challenges and business relationship opportunities for fintech companies and banks. Please be aware that all financial products—especially new financial technology products with uncharted regulatory profiles–may implicate many other laws not discussed below.
- Money transmission laws: In order for a fintech company to transfer money between two individuals, it must be licensed under federal and state money transmission laws. State money transmitter laws vary greatly and this creates a considerable barrier to entering the market on a national scale. Banks are generally exempt from state money transmitter laws. Fintech companies can meet money transmitter compliance requirements by strategically structuring the flow of money with banks. Alternatively, fintech companies can act as an authorized agent of a licensed money transmitter service provider.
- Lending and brokerage laws: State law may require a lender, buyer, servicer or loan broker to be licensed to engage in its respective activity. A fintech company may face severe consequences for unlicensed lending or brokerage practices. Banks in many cases are able to engage in these types of activities. Fintech companies and banks can structure a business relationship to ensure that appropriate legal precautions are in place. Even if a fintech company is licensed, it does not have the ability to use and apply the interest rates of its home state, a power that is afforded to national banks. Fintech companies may be stuck with interest rate limitations set by the state where the borrower lives. Thus, a strategically structured relationship between a bank and fintech company may provide other non-compliance advantages for lending and brokerage products.
- UDAP/UDAAP laws: Unfair, deceptive or abusive acts or practices affecting commerce are prohibited by law. Both fintech companies and banks face exposure to penalties for engaging in unfair, deceptive or abusive acts. Taking advantage of fintech companies’ adaptive technologies may help banks minimize the risk of committing the prohibited practices. For example, fintech companies may help banks design software that utilizes pop up warnings on a customer’s phones before the customer makes an overdraft.
- Financial data law: Financial data is a growing industry that has seen increasing regulatory oversight. Both fintech companies and banks collect enormous amounts of data and may use it for various legal purposes. Data is the core part of the fintech business; fintech companies collect data and rely on data. However, fintech startups do not have the legal and technical resources of traditional banks to resolve a variety of regulatory and cybersecurity concerns related to the use of data. Fintech companies can partner with banks, particularly with respect to cybersecurity issues. A bank offering products through or with a third party is responsible for assessing the cybersecurity risk related to that third party and mitigating it, and thus parties should consider some important questions upfront, including where the data is located, who owns it and how it is protected.
Despite the many issues and concerns that may arise from the partnership between fintech companies and banks, cooperation colors the future. Fintech companies can take advantage of the industry knowledge that bankers possess, certain regulatory advantages that banks enjoy and the industry’s cybersecurity infrastructure. Banks can take advantage of fintech companies’ ability to create new products, certain regulatory advantages and adaptability to regulations. With an understanding of the legal and regulatory framework of fintech companies and banks, their different business models can be used as an opportunity rather than a barrier to business.