Regulatory Details – What Fintech Startups Need to Know
Fintech is among the most heavily regulated sectors a startup can enter. Regulators and banks are constantly dealing with new rules around the changes that technology brings. As a fintech entrepreneur, how do you grow your startup while being mindful of the risks and regulations?
At a recent Envestnet | Yodlee Incubator Bootcamp, Maria Potapov, a partner in Stratis Advisory with two decades of experience in risk management and startups, provided tips to help fintech entrepreneurs forge ahead.
Here are Maria’s words of advice:
To be truly successful as a fintech startup, you can’t just be a risk taker. You have to be a calculated risk taker, reducing risk with every step you take.
Sure, the fintech regulatory environment is complicated, but it doesn’t need to be THAT complicated.
To succeed, you need to understand who the key players are – your partners, your investors, and the banks – and how they’re looking at you.
There’s a financial services system, and banks are the gatekeepers. Banks are beholden to their own regulators to ensure their customers are not bringing unwanted additional risks. If a company wants to do anything through a bank, the bank will look at the company as a high-risk business.
This means that fintech startups, as a rule, will automatically be held to a higher standard than other startups.
If your business holds, transmits, or does anything else with money, you’re linking to the bank and bringing risk to them. This is how banks see it.
Even if, by the letter of the law, you don’t have to register your fintech company as a money services business, banks still want you to bring a certain level of control to your risk. This is because banks are legally obligated to make sure that everyone who passes through their doors is in control of the risks that they bring with them.
So what does this mean for your startup? And how should you approach banks?
If you are very early stage – say you have an idea and are fundraising without much to show – the best way to approach a bank is to say, “Here’s where I am and here’s my plan. I’m going to bring in X amount of customers, Y amount of volume, and these are my goals.” Most banks are going to be more comfortable with this than with a general statement like, “I’m going to open up this spigot and ride the J-curve to the top.”
You’re basically starting a dialogue with the bank. You’ll want to approach the bank relationship as a partnership with transparency and keep communication open and frequent. Because at some point, you’ll probably need to pivot, evolving your strategy so you don’t become extinct. And you don’t want this to be a surprise.
Before you add something to your business model, you’ll need to analyze the risk impact of adding it. If you know which laws apply to you, and when, this will help guide your pivot.
Don’t be the startup that suddenly pivots and has the bank pull the rug because you no longer are banking under the profile the bank has put you under. You don’t want them to feel that you’re subjecting them to unforeseen risks.
“Know who the players are and the letter of the law – the law that applies to you, and the laws that don’t, and why, and this will make you go faster when you’re scaling.”
Understand the key players and the lens they’re looking at you through.
When it comes to managing risk and complying with regulations, here’s what investors and banks zero in on:
Your partners will look at your technology, your business plan, your team, your customers, your blueprint, and your strategy. They’ll want to know how you’re going to build the processes that will enable you to manage risk.
By all means, create a blueprint and know where you’re going to be at scale, but understand that your risk develops as you grow. So if you’re early on, you need to demonstrate to the bank and your investors that you’re cognizant of the risks that may kill you.
Risks are ok – you don’t have to fear them! You can say to your key players, “Here are our risks. We know them and we’ve got them.” You can also say, “Here’s a big portion that I’ve mitigated, and here’s the bit I haven’t, but I’m watching it.”
Communicate clearly that you know what the risks are so that they can feel confident that you’re minding your business.
What are you doing about the risks? That’s the million-dollar question.
Your investors will ask you what’s in your log, where your alerts are… be ready to answer these questions. As you’re designing your process, do it in a smart way so you’ll be able to say, “Here’s your report, here’s how we’re monitoring it,” etc., to show them you’ve got it covered. Document and maintain key compliance information.
The deeper into regulatory waters you go, the more risk governance you’ll need. Governance is from above. It’s not the CEO. It’s somebody who has the vantage point and the expertise to help founders guide their process from the risk.
Governance may be an advisory board member or whoever is training you in the specific domains. But the sooner you pull in the governance piece, the better off you’ll be. So, you really need someone who is knowledgeable and invested in your success, who can advise you accordingly with what you need to do based on the context of your business model.
You need to understand what risks you’re subjecting your venture to and how you’re going to mitigate these risks. And then you need to explain it to the banks and make them believe and understand that you know what you are doing.
With proper governance, you can demonstrate that you’ve got the knowledge to handle anything that comes your way.
“Even if you’re not legally required to be in a certain place, banks and institutional investors may still require you to act as if you are. Understanding the regulations is key, even though they may not apply, because chances are you’ll be asked about them.”
Are you a fintech startup looking to launch a disruptive product? Check out our Incubator.
Start the application on our F6S page HERE. Applications for Cohort 4 to be submitted by August 31st, 2017 extended deadline to Friday, September 8th, 2017.