Build vs. buy.
The eternal debate. No, not just in homeownership, but in business, too – and especially when it comes to upstart FinTech firms grappling with an ever-onerous compliance landscape.
Here’s the drill: Young firm gets off the ground, with fundraising or bootstrapping in hand. Young firm gets going, with staffers wearing various hats. Young firm – if it is lucky – gets some real traction, where revenues roll in.
And there’s the rub. When it comes to transaction monitoring, there’s only so much the young firm can do with what’s in hand, and in the coffers, and who’s behind the desk.
In an interview with PYMNTS, IdentityMind Global CEO Garrett Gafke stated that there’s a typical progression that takes shape when firms find the rubber meeting the proverbial road. In the IdentityMind client landscape, the loose roadmap that leads to “build vs. buy” starts out as a company deploys a simple solution to track any number of functions – including transactions and compliance.
“These are the tools with which we are all familiar,” he said – key among them the old standby of the Excel spreadsheet, with simple rules in place that help alert decision makers to how things are running, and if certain corporate events need immediate attention. In the world of transaction monitoring for compliance, the spreadsheet becomes the all in all: a ledger, analytics, tracking, case management and auditing tool.
Simple Never Lasts Long
Ah, but simple becomes less so as time goes on.
“There’s a scaling problem,” Gafke told PYMNTS. Growth, especially transaction growth, can be sudden. For the firm, there’s a direct relationship between the number of customers and the transactions, and the transaction alerts that will be triggered. The limitations of the software and hardware tools in place, and the staff who will navigate those tools, become apparent. Risk also scales higher, as there exists the danger of missing the red flags that mean companies can run afoul of regulators and their compliance mandates.
There also is the issue of dimension, stated Gafke, as FinTechs find demand, and secure presence, in multiple jurisdictions or geographies. Each far-flung location might have different regulatory requirements in place, said the executive.
Think off-the-shelf point solutions are going to cut it? Think again. Gafke noted that “the assumption that companies understand regulation well is not true” – certainly not all do, especially in a world where KYC and compliance are intricately interconnected. In many locations, the regulatory frameworks are not well-specified. In other cases, the FinTechs are themselves constrained by limited resources, in terms of dollars.
Beyond the Excel spreadsheet, then, come other off-the-shelf point tools, where a company might buy geolocation software or data verification services. Cobbled together, such strategies again run into the aforementioned issues of scale, Gafke said.
And so begins a dance in the corporate halls that may be familiar to anyone in the C-suite.
Gafke said that the risk professionals go to the CEO and say they need resources to move compliance efforts beyond the vagaries of half-baked tools.
“But the reality is that those resources are never going to be dedicated to those compliance functions … they are going to be dedicated to the main part of the product that makes money,” he said. Take the example of the risk officer who determines that the company needs a dashboard in place to track marketing efforts.
Gafke noted that the chances are slim that a company would have access to a software developer (let alone a team) who can create, maintain and improve a non-revenue-related function, like compliance, through the various demands and growth stages of that firm. They may get the resources to build the first phase of such a project, but new iterations will not be in the offing, leaving compliance and risk officers stranded with half-baked solutions.
“Technology keeps advancing and automation keeps happening,” he said, adding that the mentality is that people in the FinTech world expect things to be automated. There is a tipping point where the company cannot keep throwing bodies and money at the new issues tied to transaction monitoring that keep cropping up.
Thus: The move toward vendors who can provide a range of solutions, holistically and concurrently. The vendors (with a nod toward IdentityMind among them), and ultimately the firms, said the CEO benefits from the vendors’ relationship with the regulators, both as these inform the solutions and with the regulators becoming familiar with the solutions, too.
Measuring the Costs
Gafke noted that often, executives faced with a build/buy decision focus on the upfront costs. But additionally, he stated, there is a potential cost and risk of missing something that is later flagged by an audit or regulators.
This type of analysis should take place in a context where the fines are becoming more frequent, more varied and with higher price tags. The compliance officers must understand how to put that risk analysis into the equation and convey that information to other decision makers.
There’s another aspect to the build vs. buy debate that is, as Gafke termed it, “softer … and has to do with the exploration of technology in general.” Transaction monitoring technology is advancing quickly, and getting cheaper, amid offerings that take advantage of AI and machine learning.
“As your volume of transactions grows, yes, you are going to need those analytics to help you be more accurate and to prioritize the work,” he told PYMNTS. “When you buy, you are also taking advantage of the insights of that vendor” gleaned across various industries. Think of it as cross-pollination. Those “soft” benefits turn into bottom line and strategic boosts down the line, he said.
Consider the fact that companies are able to get through their regulatory exams with greater speed. “If I was getting 1,000 alerts before, and now I am getting 100, that is a huge savings,” Gafke told PYMNTS. “That opens the door to other efficiencies where the compliance and risk operations can better deploy their resources.”