Banking-as-a-Service FinTechs Tread New Regulatory Waters

In a policy letter that read like part announcement and part warning, the Consumer Financial Protection Bureau (CFPB) put FinTechs on notice in April, with CFPB Director Rohit Chopra saying a little-used provision of the Dodd-Frank Act is now being employed to scrutinize nonbanks more tightly.

“Given the rapid growth of consumer offerings by nonbanks, the CFPB is now utilizing a dormant authority to hold nonbanks to the same standards that banks are held to,” Chopra wrote in the notice. This authority gives us critical agility to move as quickly as the market, allowing us to conduct examinations of financial companies posing risks to consumers and stop harm before it spreads.”

In a conversation with PYMNTS, Treasury Prime Associate General Counsel and Vice President of Compliance Solutions Sheetal Parikh discussed the impact of these recent trends: “We’re seeing a lot more regulatory activism where we have the OCC [Office of the Comptroller of the Currency], the CFPB and a lot of state banking departments that have come out and said we may need to look at this a little bit closer.”

Why the crackdown now after years of unregulated FinTech activity? Parikh said the increased market share of FinTechs and nonbanks, combined with pandemic disruptions to usage of traditional banks and financial institutions (FIs), is now a trend too big to ignore. And that has     precipitated regulatory action as banking-as-a-service (BaaS) platforms like Treasury Prime press further into the marketplace, powering financial solutions for nonbanks.

Until now, some FinTechs and nonbanks have skirted regulators, leveraging the banking licenses of regulated FIs and leaving them holding the bag on regulatory exposure.

How this impacts BaaS firms like Treasury Prime — that provide a technology layer and APIs for FinTechs to plug into antiquated bank technology cores to enable embedded finance     experiences — remains to be seen. No matter how regulations change, Parikh says there is an opportunity for FinTechs, banks and BaaS companies to work together to do things right. This can be done by creating compliance programs that follow the law and set up both FinTechs and partner banks for long-term flexibility and growth.

See also: Banking-as-a-Service Key to Fast-Tracking Embedded Finance for FIs

Culture Shock

Wondering at what a regulated FinTech landscape would look like, she said, “We’ve put a lot of thought and observed how these trends are shifting. I think that the question is, as FinTechs start to have more users and their customer base grows, what role should they play?”

She said it’s a “natural inclination” for FinTechs that have operated for years without this oversight to recoil from a new focus on compliance, as it isn’t exactly familiar territory for early-stage companies run by software engineers that don’t have deep benches of experienced financial and banking leaders.

That’s largely what the CFPB finds problematic, as what are essentially technology companies go where the money is and behave like banks.

Parikh told PYMNTS that in an industry so highly regulated post-Dodd-Frank and given the meteoric growth in FinTech and finance app use since 2020 alone, “[FinTechs] can’t get away with not having any insight or any role in managing their regulatory framework. If there is an ACH that doesn’t get processed, the FinTechs have to be the first touchpoint for end users.”

Noting that the FDIC was formed during the Great Depression of the 1930s, she added, “We’re trying to understand how do these bodies of law and regs apply to this new technology and new space, where you have different players playing different roles. How do we apply the universe of laws and regs to this growing and changing landscape?”

See also: How ‘Invisible’ Tech Is Revolutionizing the U.S. Banking System

Speaking Both Languages

Going back to the ACH example, The Clearinghouse (TCH) raised ACH one-day limits to $1 million earlier this year. As a key FinTech offering, ACH brings nonbank entities in the risk-compliance circle.

Parikh said, “If you’re offering a product like ACH, you’re dealing with people’s money and people’s data, which in this environment are probably two of the most important regulated pieces of someone’s identity. There is a lot of pressure on FinTech to have some kind of fraud- and risk-management platforms to understand, are these users who they say they are?”

The know-your-customer aspect of regulating FinTechs and nonbanks is at the intersection of compliance and commerce in 2022, and players are still figuring out how to assign risk and responsibility, although it seems clear that the unregulated days are sunsetting quickly.

BaaS providers like Treasury Prime that connect FinTechs and banks through API software see opportunity in regulatory change, as Parikh noted that it becomes a technology enabler to surf what looks like an oncoming wave of regulation.

“We like to think that we help the FinTechs and the bank partner better,” she said. “We speak both languages and we understand the pressures that the FinTech is under and what their forte is from a technology standpoint, and then all the regulatory pressure that the banks face. It’s really having a lens into how to create tools and processes to help the FinTech and the bank really leverage this synergy.”

Timing to is optimal to tap such expertise, as she said CFPB and “the OCC, and a lot of state banking departments are investing in innovation offices so they can better understand how to regulate this space. It’s clear that FinTechs are not going away nor should they. But there is a little bit of education for all kind of traditional financial legacy institutions to really ramp up.”