Lessons Learned From The FDIC’s Guidance For Fintechs Partnering With Banks
Last month, the FDIC issued a guide designed to help fintechs looking to offer financial products and services better understand the expectations of their bank partners. Reviewing the FDIC’s guide, one finds helpful insights for anyone involved in the financial services value chain. Below are a couple of the key take-aways or lessons to be learned from the FDIC’s latest guidance.
Will the Real Service Provider Please Stand Up?
A recurring question that arises in fintech / bank partnerships is how the relationship between the parties should be characterized (e.g. who provides services to whom). From the fintech’s perspective, The FDIC’s guide notes that third parties utilized by banks in their operations are generally subject to the banks’ risk management program, since, at the end of the day, each bank remains liable for activities conducted by or through it. This is an important note of caution for both fintechs and their bank partners. Often, it is tempting for fintechs partnering with banks to view the banks as the fintech’s service provider. This categorization makes sense from the fintech’s perspective. It has developed a platform or service for its customers and to bring this service to market it needs the banking function offered by the bank partner. Such a view, however, does not adequately reflect the reality of the banks’ operating environment, which, as illustrated by the FDIC’s guide requires the bank to exercise oversight for products offered through its services and to account for this oversight as part of a bank’s risk management program. A better approach for both the fintech and the bank is consider each a service provider of the other, taking into consideration each parties unique attributes and requirements, including their separate relationships with any end-user.
The Bank is asking for what?
Another common frustration for fintechs partnering with banks, especially those that are new to the financial services industry, is the sheer amount of information the bank asks for with respect to the fintech and its principals. Requested information often includes sensitive and proprietary business data such as financials and personal background information on the fintech’s leaders. The FDIC’s guide provides some helpful clarity to fintechs on why a bank partner may ask for this information. Specifically, the reasons a bank may ask for this type of sensitive data include that the bank may need this information under its risk management program. In addition, as a third party seeking to do business with a bank, the FDIC notes that there is an expectation that the fintech will be a well-managed and financially strong business. Knowing that this is a point of emphasis for prudential regulators like the FDIC should help fintech’s by showing that a bank’s request for data is spurred from real regulatory concerns and not just bureaucratic paper work.
In addition to the take-aways described above, the FDIC’s guide includes some helpful lists of information banks may request from their fintech partners along with some other tips for fintechs to consider before partnering with a bank. The guide is available at: https://www.fdic.gov/fditech/guide.pdf.